lsst-git-lfs-s3 0.3.5 → 0.3.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5161e54903d6e7da6c0f0c8475932d8bcc31c4f8
-  data.tar.gz: 2624d100c5546788369dc4af299f1c0acead497f
+  metadata.gz: 71878bf6966f50b7f5f3000dd16f4c309f885ff6
+  data.tar.gz: 4b73e19c8cbccc032efa5f8b845fd0eb733345c2
 SHA512:
-  metadata.gz: e55c51b0549723e4d3e0954ada1ff5797d8ef2faae88b96d7e9419c65b419cd4c509617a5faf411b3c5e32d11de0ed0493dd56a2b102d66bd6987500fc8a68c7
-  data.tar.gz: a0f6567ca9203e337d5f1122ee8eef1be1f333936a7c39979527f2a355b9ad797f249f58993ac6206b56d15be3a60d7e5d3f38a34600371031b85d506225980b
+  metadata.gz: 83b172cb17cc167133baa0dd04169c8266a294026b45faa49aeb46fa3c9839f0d9518f6635e20a727f7d09478571adef8175a174b4c4a6c59e7cb29c3816c1b8
+  data.tar.gz: a2293c788540582f2a2015b4b93e3eed7656659174b91fe45085ecf6e7dbb8f5f991db824fe08b800a678ed3fae65007b93f84d5d2e676c1c79e38dbac82a56a

data/.rubocop.yml

@@ -0,0 +1,44 @@
+AllCops:
+  TargetRubyVersion: '2.4'
+
+Metrics/BlockLength:
+  Enabled: false
+
+Style/TrailingCommaInArguments:
+  Enabled: false
+
+Style/BracesAroundHashParameters:
+  Enabled: false
+
+# trailing commas after last item in array/hash
+Style/TrailingCommaInArrayLiteral:
+  Enabled: false
+Style/TrailingCommaInHashLiteral:
+  Enabled: false
+
+# no, I really don't want to put //'s around %r{}s
+Style/RegexpLiteral:
+  Enabled: false
+
+Metrics/MethodLength:
+  Enabled: false
+
+Style/Documentation:
+  Enabled: false
+
+Metrics/AbcSize:
+  Enabled: false
+
+Style/DateTime:
+  Enabled: false
+
+Metrics/ClassLength:
+  Enabled: false
+
+Naming/FileName:
+  Enabled: false
+
+Lint/HandleExceptions:
+  Enabled: false
+Lint/RescueException:
+  Enabled: false

data/.travis.yml

@@ -0,0 +1,5 @@
+---
+language: ruby
+script: bundle install && bundle exec rubocop
+notifications:
+  email: false

data/Gemfile

@@ -1,2 +1,4 @@
+# frozen_string_literal: true
+
 source 'https://rubygems.org'
 gemspec

data/README.md

@@ -1,5 +1,8 @@
 # LSST's Git LFS S3
 
+[![Build Status](https://travis-ci.org/lsst-sqre/git-lfs-s3.svg?branch=master)](https://travis-ci.org/lsst-sqre/git-lfs-s3)
+
+
 A [Git LFS](https://git-lfs.github.com/) server that stores your large Git files on S3.
 
 It works by generating a presigned URL that the Git LFS client can use to upload directly to S3. It also provides download URLs that allow Git clients to download directly from S3. No data is proxied through the Git LFS server.

data/Rakefile

@@ -1 +1,3 @@
-require "bundler/gem_tasks"
+# frozen_string_literal: true
+
+require 'bundler/gem_tasks'

data/bin/git-lfs-s3

@@ -1,8 +1,9 @@
 #!/usr/bin/env ruby
+# frozen_string_literal: true
 
-require "rubygems"
-require "logger"
-require "git-lfs-s3"
+require 'rubygems'
+require 'logger'
+require 'git-lfs-s3'
 
 GitLfsS3::Application.set :aws_region, ENV['AWS_REGION']
 GitLfsS3::Application.set :aws_access_key_id, ENV['AWS_ACCESS_KEY_ID']
@@ -21,7 +22,8 @@ if GitLfsS3::Application.settings.ceph_s3
     secret_access_key: ENV['AWS_SECRET_ACCESS_KEY'],
     force_path_style: true,
     region: 'us-east-1',
-    # ssl_ca_bundle: '/usr/local/etc/openssl/cert.pem' # Required for brew install on a mac.
+    # ssl_ca_bundle: '/usr/local/etc/openssl/cert.pem' # Required for brew
+    # install on a mac.
   )
 end
 

data/git-lfs-s3.gemspec

@@ -1,26 +1,29 @@
-# -*- encoding: utf-8 -*-
-lib = File.expand_path('../lib', __FILE__)
+
+# frozen_string_literal: true
+
+lib = File.expand_path('lib', __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'git-lfs-s3/version'
 
 Gem::Specification.new do |gem|
-  gem.name          = "lsst-git-lfs-s3"
+  gem.name          = 'lsst-git-lfs-s3'
   gem.version       = GitLfsS3::VERSION
-  gem.authors       = ["Ryan LeFevre", "J. Matt Peterson"]
-  gem.email         = ["meltingice8917@gmail.com", "jmatt@lsst.org"]
-  gem.description   = %q{LSST's Git LFS server that uses S3 for the storage backend.}
-  gem.summary       = %q{LSST's Git LFS server that uses S3 for the storage backend by providing presigned S3 URLs.}
-  gem.homepage      = "https://github.com/lsst-sqre/git-lfs-s3"
+  gem.authors       = ['Ryan LeFevre', 'J. Matt Peterson']
+  gem.email         = ['meltingice8917@gmail.com', 'jmatt@lsst.org']
+  gem.description   = "LSST's Git LFS server"
+  gem.summary       = "LSST's Git LFS server"
+  gem.homepage      = 'https://github.com/lsst-sqre/git-lfs-s3'
   gem.license       = 'MIT'
 
-  gem.files         = `git ls-files`.split($/)
-  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.files         = `git ls-files`.split($INPUT_RECORD_SEPARATOR)
+  gem.executables   = gem.files.grep(%r{^bin/}).map { |f| File.basename(f) }
   gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
-  gem.require_paths = ["lib"]
+  gem.require_paths = ['lib']
 
   gem.add_dependency 'aws-sdk', '~> 2'
-  gem.add_dependency 'sinatra', '~> 2'
   gem.add_dependency 'multi_json', '~> 1'
+  gem.add_dependency 'sinatra', '~> 2'
 
   gem.add_development_dependency 'rake', '~> 10'
+  gem.add_development_dependency 'rubocop', '~> 0.53.0'
 end

data/lib/git-lfs-s3.rb

@@ -1,7 +1,9 @@
+# frozen_string_literal: true
+
 require 'sinatra/base'
 require 'aws-sdk'
 require 'multi_json'
 
-require "git-lfs-s3/aws"
-require "git-lfs-s3/services/upload"
-require "git-lfs-s3/application"
+require 'git-lfs-s3/aws'
+require 'git-lfs-s3/services/upload'
+require 'git-lfs-s3/application'

data/lib/git-lfs-s3/application.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'date'
 
 module GitLfsS3
@@ -32,34 +34,35 @@ module GitLfsS3
     end
 
     def authorized?
-      @auth ||=  Rack::Auth::Basic::Request.new(request.env)
-      @auth.provided? && @auth.basic? && @auth.credentials && self.class.auth_callback.call(
-        @auth.credentials[0], @auth.credentials[1], request.safe?
-      )
+      @auth ||= Rack::Auth::Basic::Request.new(request.env)
+      @auth.provided? &&
+        @auth.basic? &&
+        @auth.credentials &&
+        self.class.auth_callback.call(
+          @auth.credentials[0], @auth.credentials[1], request.safe?
+        )
     end
 
     def protected!
-      unless authorized?
-        response['WWW-Authenticate'] = %(Basic realm="Restricted Area")
-        throw(:halt, [401, "Invalid username or password"])
-      end
+      return unless authorized?
+      response['WWW-Authenticate'] = %(Basic realm="Restricted Area")
+      throw(:halt, [401, 'Invalid username or password'])
     end
 
     get '/' do
-      "Git LFS S3 is online."
+      'Git LFS S3 is online.'
     end
 
     def valid_obj?(obj)
       # Validate that size >= 0 and oid is a SHA256 hash.
-      begin
-        if obj[:size] >= 0
-          oid = obj[:oid]
-          valid = (oid.hex.size <= 32) and (oid.size == 64) and (oid =~ /^[0-9a-f]+$/)
-        end
-      end
+      oid = obj[:oid]
+      return unless obj[:size] >= 0
+      (oid.hex.size <= 32) && (oid.size == 64) && (oid =~ /^[0-9a-f]+$/)
+      # XXX what exception needs to be ignored here?
+    rescue Exception
     end
 
-    def expire_at()
+    def expire_at
       DateTime.now.next_day.to_time.utc.iso8601
     end
 
@@ -72,9 +75,9 @@ module GitLfsS3
         'size'          => size,
         'authenticated' => authenticated,
         'actions'       => {
-          'download'      => {
+          'download' => {
             'href'          => obj.presigned_url(:get,
-                                                 :expires_in => 86400),
+                                                 expires_in: 86_400),
             'expires_at'    => expire_at,
           },
         },
@@ -90,10 +93,10 @@ module GitLfsS3
         'size'          => size,
         'authenticated' => authenticated,
         'actions'       => {
-          'upload'        => {
+          'upload' => {
             'href'          => obj.presigned_url(:put,
                                                  acl: 'public-read',
-                                                 :expires_in => 86400),
+                                                 expires_in: 86_400),
             'expires_at'    => expire_at,
           },
         },
@@ -116,7 +119,7 @@ module GitLfsS3
       # Handle git-lfs batch downloads.
       objects = []
       params[:objects].each do |obj_json|
-        obj_json = indifferent_params(obj_json)
+        obj_json = IndifferentHash(obj_json)
         obj = object_data(obj_json[:oid])
         if valid_obj?(obj_json)
           if obj.exists?
@@ -135,7 +138,7 @@ module GitLfsS3
       # Handle git-lfs batch uploads.
       objects = []
       params[:objects].each do |obj_json|
-        obj_json = indifferent_params(obj_json)
+        obj_json = IndifferentHash(obj_json)
         obj = object_data(obj_json[:oid])
         if valid_obj?(obj_json)
           if obj.exists?
@@ -148,7 +151,7 @@ module GitLfsS3
         end
       end
       objects
-      end
+    end
 
     def lfs_resp(objects)
       # Successful git-lfs batch response.
@@ -159,21 +162,21 @@ module GitLfsS3
       }
       body MultiJson.dump(resp)
     end
-    
+
     def error_resp(status_code, message)
       # Error git-lfs batch response.
       status(status_code)
       resp = {
         'message' => message,
-        'request_id' => SecureRandom::uuid
+        'request_id' => SecureRandom.uuid
       }
       body MultiJson.dump(resp)
     end
-    
+
     post '/objects/batch', provides: 'application/vnd.git-lfs+json' do
       # git-lfs batch API
       authenticated = authorized?
-      params = indifferent_params(JSON.parse(request.body.read))
+      params = IndifferentHash(JSON.parse(request.body.read))
       logger.debug params
       if params[:operation] == 'download'
         if settings.public_server
@@ -196,7 +199,7 @@ module GitLfsS3
       end
     end
 
-    get "/objects/:oid", provides: 'application/vnd.git-lfs+json' do
+    get '/objects/:oid', provides: 'application/vnd.git-lfs+json' do
       if settings.public_server
         object = object_data(params[:oid])
         if object.exists?
@@ -206,7 +209,9 @@ module GitLfsS3
             'size' => object.size,
             '_links' => {
               'self' => {
-                'href' => File.join(settings.server_url, 'objects', params[:oid])
+                'href' => File.join(
+                  settings.server_url, 'objects', params[:oid]
+                )
               },
               'download' => {
                 'href' => object_data(params[:oid]).presigned_url(:get)
@@ -216,53 +221,50 @@ module GitLfsS3
           body MultiJson.dump(resp)
         else
           status 404
-          body MultiJson.dump({message: 'Object not found'})
+          body MultiJson.dump({ message: 'Object not found' })
         end
       else
         status 401
-        body MultiJson.dump({message: 'Invalid username or password'})
+        body MultiJson.dump({ message: 'Invalid username or password' })
       end
     end
 
     def public_read_grant
       grantee = Aws::S3::Types::Grantee.new(
         display_name: nil, email_address: nil, id: nil, type: nil,
-        uri: "http://acs.amazonaws.com/groups/global/AllUsers")
-      Aws::S3::Types::Grant.new(grantee: grantee, permission: "READ")
+        uri: 'http://acs.amazonaws.com/groups/global/AllUsers'
+      )
+      Aws::S3::Types::Grant.new(grantee: grantee, permission: 'READ')
     end
 
-    post "/objects", provides: 'application/vnd.git-lfs+json' do
+    post '/objects', provides: 'application/vnd.git-lfs+json' do
       if authorized?
         logger.debug headers.inspect
         service = UploadService.service_for(request.body)
         logger.debug service.response
-        
+
         status service.status
         body MultiJson.dump(service.response)
       else
         status 401
-        body MultiJson.dump({message: 'Invalid username or password'})
+        body MultiJson.dump({ message: 'Invalid username or password' })
       end
     end
 
     post '/verify', provides: 'application/vnd.git-lfs+json' do
       if authorized?
-        data = MultiJson.load(request.body.tap { |b| b.rewind }.read)
+        data = MultiJson.load(request.body.tap(&:rewind).read)
         object = object_data(data['oid'])
-        if not object.exists?
-          status 404
-        end
-        if settings.public_server and settings.ceph_s3
-          if not object.acl.grants.include?(public_read_grant)
-            object.acl.put(acl: "public-read")
+        status 404 unless object.exists?
+        if settings.public_server && settings.ceph_s3
+          unless object.acl.grants.include?(public_read_grant)
+            object.acl.put(acl: 'public-read')
           end
         end
-        if object.size == data['size']
-          status 200
-        end
+        status 200 if object.size == data['size']
       else
         status 401
-        body MultiJson.dump({message: 'Invalid username or password'})
+        body MultiJson.dump({ message: 'Invalid username or password' })
       end
     end
   end

data/lib/git-lfs-s3/aws.rb

@@ -1,11 +1,13 @@
+# frozen_string_literal: true
+
 module GitLfsS3
   module AwsHelpers
     def s3
       @s3 ||= Aws::S3::Client.new({
-        region: aws_region,
-        access_key_id: aws_access_key_id,
-        secret_access_key: aws_secret_access_key
-      })
+                                    region: aws_region,
+                                    access_key_id: aws_access_key_id,
+                                    secret_access_key: aws_secret_access_key
+                                  })
     end
 
     def bucket_name

data/lib/git-lfs-s3/services/ceph_presigner.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'base64'
 require 'date'
 require 'digest/sha1'
@@ -6,19 +8,26 @@ require 'uri'
 
 module GitLfsS3
   module CephPresignerService
-    extend self
+    module_function
+
     extend AwsHelpers
-    
+
     def signed_url(obj)
-      expire_at = (DateTime.now + 1).strftime("%s")
+      expire_at = (DateTime.now + 1).strftime('%s')
       secret_access_key = GitLfsS3::Application.settings.aws_secret_access_key
       access_key_id = GitLfsS3::Application.settings.aws_access_key_id
       endpoint = GitLfsS3::Application.settings.endpoint
       digest = OpenSSL::Digest.new('sha1')
-      can_string = "PUT\n\napplication/octet-stream\n#{expire_at}\n/#{obj.bucket_name}/#{obj.key}"
+      can_string = "PUT\n\napplication/octet-stream\n" \
+                   "#{expire_at}\n/#{obj.bucket_name}/#{obj.key}"
       hmac = OpenSSL::HMAC.digest(digest, secret_access_key, can_string)
-      signature = URI.escape(Base64.encode64(hmac).strip, /[\+=?@$&,\/:;\?]/)
-      "#{endpoint}/#{obj.bucket_name}/#{obj.key}?Signature=#{signature}&AWSAccessKeyId=#{access_key_id}&Expires=#{expire_at}"
+      signature = URI.encode_www_form(
+        Base64.encode64(hmac).strip, /[\+=?@$&,\/:;\?]/
+      )
+      "#{endpoint}/#{obj.bucket_name}/#{obj.key}?" \
+      "Signature=#{signature}" \
+      "&AWSAccessKeyId=#{access_key_id}" \
+      "&Expires=#{expire_at}"
     end
   end
 end

data/lib/git-lfs-s3/services/upload.rb

@@ -1,19 +1,22 @@
-require "git-lfs-s3/services/upload/base"
-require "git-lfs-s3/services/upload/object_exists"
-require "git-lfs-s3/services/upload/upload_required"
+# frozen_string_literal: true
+
+require 'git-lfs-s3/services/upload/base'
+require 'git-lfs-s3/services/upload/object_exists'
+require 'git-lfs-s3/services/upload/upload_required'
 
 module GitLfsS3
   module UploadService
-    extend self
+    module_function
+
     extend AwsHelpers
 
     MODULES = [
       ObjectExists,
       UploadRequired
-    ]
+    ].freeze
 
     def service_for(data)
-      req = MultiJson.load data.tap { |d| d.rewind }.read
+      req = MultiJson.load data.tap(&:rewind).read
       object = object_data(req['oid'])
 
       MODULES.each do |mod|

data/lib/git-lfs-s3/services/upload/base.rb

@@ -1,8 +1,10 @@
+# frozen_string_literal: true
+
 module GitLfsS3
   module UploadService
     class Base
       include AwsHelpers
-      
+
       attr_reader :req, :object
 
       def initialize(req, object)
@@ -11,11 +13,11 @@ module GitLfsS3
       end
 
       def response
-        raise "Override"
+        raise 'Override'
       end
 
       def status
-        raise "Override"
+        raise 'Override'
       end
 
       private

data/lib/git-lfs-s3/services/upload/object_exists.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module GitLfsS3
   module UploadService
     class ObjectExists < Base
@@ -9,7 +11,7 @@ module GitLfsS3
         {
           '_links' => {
             'download' => {
-              'href' => object.presigned_url(:get, :expires_in => 86400)
+              'href' => object.presigned_url(:get, expires_in: 86_400)
             }
           }
         }

data/lib/git-lfs-s3/services/upload/upload_required.rb

@@ -1,4 +1,6 @@
-require "git-lfs-s3/services/ceph_presigner"
+# frozen_string_literal: true
+
+require 'git-lfs-s3/services/ceph_presigner'
 
 module GitLfsS3
   module UploadService
@@ -29,18 +31,16 @@ module GitLfsS3
 
       def upload_destination
         if ceph_s3
-          GitLfsS3::CephPresignerService::signed_url(object)
+          GitLfsS3::CephPresignerService.signed_url(object)
+        elsif GitLfsS3::Application.settings.public_server
+          object.presigned_url(:put, acl: 'public-read', expires_in: 86_400)
         else
-          if GitLfsS3::Application.settings.public_server
-            object.presigned_url(:put, acl: 'public-read', :expires_in => 86400)
-          else
-            object.presigned_url(:put, :expires_in => 86400)
-          end
+          object.presigned_url(:put, expires_in: 86_400)
         end
       end
 
       def upload_headers
-        {'content-type' => ''}
+        { 'content-type' => '' }
       end
     end
   end

data/lib/git-lfs-s3/version.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module GitLfsS3
-  VERSION = '0.3.5'
+  VERSION = '0.3.6'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: lsst-git-lfs-s3
 version: !ruby/object:Gem::Version
-  version: 0.3.5
+  version: 0.3.6
 platform: ruby
 authors:
 - Ryan LeFevre
@@ -26,33 +26,33 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '2'
 - !ruby/object:Gem::Dependency
-  name: sinatra
+  name: multi_json
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2'
+        version: '1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2'
+        version: '1'
 - !ruby/object:Gem::Dependency
-  name: multi_json
+  name: sinatra
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1'
+        version: '2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1'
+        version: '2'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -67,7 +67,21 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '10'
-description: LSST's Git LFS server that uses S3 for the storage backend.
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.53.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.53.0
+description: LSST's Git LFS server
 email:
 - meltingice8917@gmail.com
 - jmatt@lsst.org
@@ -77,6 +91,8 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".gitignore"
+- ".rubocop.yml"
+- ".travis.yml"
 - Gemfile
 - README.md
 - Rakefile
@@ -114,6 +130,5 @@ rubyforge_project:
 rubygems_version: 2.6.14
 signing_key: 
 specification_version: 4
-summary: LSST's Git LFS server that uses S3 for the storage backend by providing presigned
-  S3 URLs.
+summary: LSST's Git LFS server
 test_files: []