kubes_aws 0.2.0 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/kubes_aws.gemspec +2 -0
- data/lib/kubes_aws.rb +19 -0
- data/lib/kubes_aws/config.rb +20 -0
- data/lib/kubes_aws/secrets/fetcher.rb +6 -2
- data/lib/kubes_aws/ssm/fetcher.rb +14 -5
- data/lib/kubes_aws/version.rb +1 -1
- metadata +17 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5a00a2ad4b20a5e60f9a74a0c622262ebc28ce370c41576cc732030151fd7a79
|
|
4
|
+
data.tar.gz: b6022d326ecac506d57d74964d7f31e770550cbc2bf1cd303a14bb7a89a88d9e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 161da6b9c641f61d2dbdd30af1c6539f110e118e51b2efa6301f15586a6cbedb383cbf48861c47ad9b55a4a1dcf7ab32f63cd8affc1fb49037ab9a12c77d5496
|
|
7
|
+
data.tar.gz: ef8e6bedb40c1af9529fb0928c024fa1259cf0236c18afaf8a116590a6d292f7f981fc289e69ae96123d8a8d25e72fd5bc999e318e33fd90a3aa7ef4d0f54f2c
|
data/CHANGELOG.md
CHANGED
|
@@ -3,6 +3,11 @@
|
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
|
4
4
|
This project *loosely tries* to adhere to [Semantic Versioning](http://semver.org/), even before v1.0.
|
|
5
5
|
|
|
6
|
+
## [0.3.0] - 2020-11-11
|
|
7
|
+
- [#2](https://github.com/boltops-tools/kubes_aws/pull/2) Config interface and base64_secrets setting
|
|
8
|
+
- fix specs
|
|
9
|
+
- smarter base64 option
|
|
10
|
+
|
|
6
11
|
## [0.2.0]
|
|
7
12
|
- #1 helpers: aws_secret, aws_ssm
|
|
8
13
|
|
data/kubes_aws.gemspec
CHANGED
data/lib/kubes_aws.rb
CHANGED
|
@@ -16,6 +16,25 @@ module KubesAws
|
|
|
16
16
|
@@logger = v
|
|
17
17
|
end
|
|
18
18
|
|
|
19
|
+
# Friendlier method configure.
|
|
20
|
+
#
|
|
21
|
+
# .kubes/config/env/dev.rb
|
|
22
|
+
# .kubes/config/plugins/google.rb # also works
|
|
23
|
+
#
|
|
24
|
+
# Example:
|
|
25
|
+
#
|
|
26
|
+
# KubesGoogle.configure do |config|
|
|
27
|
+
# config.hooks.gke_whitelist = true
|
|
28
|
+
# end
|
|
29
|
+
#
|
|
30
|
+
def configure(&block)
|
|
31
|
+
Config.instance.configure(&block)
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
def config
|
|
35
|
+
Config.instance.config
|
|
36
|
+
end
|
|
37
|
+
|
|
19
38
|
extend self
|
|
20
39
|
end
|
|
21
40
|
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
module KubesAws
|
|
2
|
+
class Config
|
|
3
|
+
include Singleton
|
|
4
|
+
|
|
5
|
+
def defaults
|
|
6
|
+
c = ActiveSupport::OrderedOptions.new
|
|
7
|
+
c.base64_secrets = true
|
|
8
|
+
c
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
@@config = nil
|
|
12
|
+
def config
|
|
13
|
+
@@config ||= defaults
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def configure
|
|
17
|
+
yield(config)
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
end
|
|
@@ -5,15 +5,19 @@ class KubesAws::Secrets
|
|
|
5
5
|
|
|
6
6
|
def initialize(options={})
|
|
7
7
|
@options = options
|
|
8
|
-
@base64 = options[:base64]
|
|
8
|
+
@base64 = options[:base64]
|
|
9
9
|
end
|
|
10
10
|
|
|
11
11
|
def fetch(secret_id)
|
|
12
12
|
value = fetch_value(secret_id)
|
|
13
|
-
value = Base64.strict_encode64(value).strip if
|
|
13
|
+
value = Base64.strict_encode64(value).strip if base64?
|
|
14
14
|
value
|
|
15
15
|
end
|
|
16
16
|
|
|
17
|
+
def base64?
|
|
18
|
+
@base64.nil? ? KubesAws.config.base64_secrets : @base64
|
|
19
|
+
end
|
|
20
|
+
|
|
17
21
|
def fetch_value(secret_id)
|
|
18
22
|
secret_value = secrets.get_secret_value(secret_id: secret_id)
|
|
19
23
|
secret_value.secret_string
|
|
@@ -5,18 +5,27 @@ class KubesAws::SSM
|
|
|
5
5
|
|
|
6
6
|
def initialize(options={})
|
|
7
7
|
@options = options
|
|
8
|
-
@base64 = options[:base64]
|
|
8
|
+
@base64 = options[:base64]
|
|
9
9
|
end
|
|
10
10
|
|
|
11
11
|
def fetch(name)
|
|
12
|
-
|
|
13
|
-
value =
|
|
12
|
+
parameter = fetch_parameter(name)
|
|
13
|
+
value = parameter.value
|
|
14
|
+
value = Base64.strict_encode64(value).strip if base64?(parameter.type)
|
|
14
15
|
value
|
|
15
16
|
end
|
|
16
17
|
|
|
17
|
-
def
|
|
18
|
+
def base64?(type)
|
|
19
|
+
if @base64.nil?
|
|
20
|
+
type == "SecureString"
|
|
21
|
+
else
|
|
22
|
+
@base64
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
def fetch_parameter(name)
|
|
18
27
|
resp = ssm.get_parameter(name: name, with_decryption: true)
|
|
19
|
-
resp.parameter
|
|
28
|
+
resp.parameter
|
|
20
29
|
rescue Aws::SSM::Errors::ParameterNotFound => e
|
|
21
30
|
logger.info "WARN: name #{name} not found".color(:yellow)
|
|
22
31
|
logger.info e.message
|
data/lib/kubes_aws/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: kubes_aws
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tung Nguyen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-11-
|
|
11
|
+
date: 2020-11-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|
|
@@ -136,6 +136,20 @@ dependencies:
|
|
|
136
136
|
- - ">="
|
|
137
137
|
- !ruby/object:Gem::Version
|
|
138
138
|
version: '0'
|
|
139
|
+
- !ruby/object:Gem::Dependency
|
|
140
|
+
name: kubes
|
|
141
|
+
requirement: !ruby/object:Gem::Requirement
|
|
142
|
+
requirements:
|
|
143
|
+
- - ">="
|
|
144
|
+
- !ruby/object:Gem::Version
|
|
145
|
+
version: '0'
|
|
146
|
+
type: :development
|
|
147
|
+
prerelease: false
|
|
148
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
149
|
+
requirements:
|
|
150
|
+
- - ">="
|
|
151
|
+
- !ruby/object:Gem::Version
|
|
152
|
+
version: '0'
|
|
139
153
|
description:
|
|
140
154
|
email:
|
|
141
155
|
- tung@boltops.com
|
|
@@ -153,6 +167,7 @@ files:
|
|
|
153
167
|
- kubes_aws.gemspec
|
|
154
168
|
- lib/kubes_aws.rb
|
|
155
169
|
- lib/kubes_aws/autoloader.rb
|
|
170
|
+
- lib/kubes_aws/config.rb
|
|
156
171
|
- lib/kubes_aws/helpers.rb
|
|
157
172
|
- lib/kubes_aws/iam_role.rb
|
|
158
173
|
- lib/kubes_aws/iam_role/prebaked.rb
|