miasma-aws 0.1.16 → 0.1.18
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +15 -9
- data/README.md +11 -1
- data/lib/miasma/contrib/aws/storage.rb +2 -0
- data/lib/miasma/contrib/aws.rb +87 -11
- data/lib/miasma-aws/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: dec42282eff92d4366b4b357da8d9cd85b47d649
|
|
4
|
+
data.tar.gz: e1ae8523f2b7dcbf098cd0f51b0907e9242c549a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c5d8fec672a5f427edd2bdda8153b1a0c81672beca3edd10396946dda37467c7459625f28d2540affddc77f7e1e2e8091970d4629bc12df90e5825909838031d
|
|
7
|
+
data.tar.gz: a67cfa892b58da3dfa4dbf16096b4531ebf9eb33979ba2709f3eb4986a038f13b84c314c48b3488b59cff2d2c910eae0ec5328b47f3b3e96b0f55cf7aeaedde8
|
data/CHANGELOG.md
CHANGED
|
@@ -1,40 +1,46 @@
|
|
|
1
|
-
|
|
1
|
+
# v0.1.18
|
|
2
|
+
* Make aws file parsing more robust
|
|
3
|
+
* Fix aws config file parsing section name generation (#10)
|
|
4
|
+
* Add support for instance profile credentials
|
|
5
|
+
* Add proxy support for eucalyptus endpoints
|
|
6
|
+
|
|
7
|
+
# v0.1.16
|
|
2
8
|
* Add new `aws_sts_token` attribute for credentials
|
|
3
9
|
* Automatically include STS token on requests if available
|
|
4
10
|
* Add support for assuming roles via STS
|
|
5
11
|
|
|
6
|
-
|
|
12
|
+
# v0.1.14
|
|
7
13
|
* Fix checksum generation on multi-part uploads
|
|
8
14
|
* Fix paginated fetching of bucket objects
|
|
9
15
|
|
|
10
|
-
|
|
16
|
+
# v0.1.12
|
|
11
17
|
* Update default file paths to use `Dir.home` instead of ~ expansion
|
|
12
18
|
* Fix bug reading .aws/credentials when whitespace is used
|
|
13
19
|
* Add support for .aws/config
|
|
14
20
|
* Auto detect us-east-1 region and do not use custom s3 endpoint
|
|
15
21
|
|
|
16
|
-
|
|
22
|
+
# v0.1.10
|
|
17
23
|
* Fix disable rollback mapping value to on failure
|
|
18
24
|
|
|
19
|
-
|
|
25
|
+
# v0.1.8
|
|
20
26
|
* Include resource mapping for Stack
|
|
21
27
|
* Add support for aws credentials file
|
|
22
28
|
* Add stack tagging support
|
|
23
29
|
* Enable on failure option for stack creation
|
|
24
30
|
* Update list requests to use post + form to prevent param limitations via get
|
|
25
31
|
|
|
26
|
-
|
|
32
|
+
# v0.1.6
|
|
27
33
|
* Fix state assignment when undefined within orchestration stacks
|
|
28
34
|
* Fix multi-part S3 uploads
|
|
29
35
|
|
|
30
|
-
|
|
36
|
+
# v0.1.4
|
|
31
37
|
* Fix values set within load balancer reload
|
|
32
38
|
* Ensure state is valid for orchestration stack prior to set
|
|
33
39
|
* Load health status of instances attached to load balancers
|
|
34
40
|
|
|
35
|
-
|
|
41
|
+
# v0.1.2
|
|
36
42
|
* Migrate spec coverage
|
|
37
43
|
* Update storage behavior to use streamable helper
|
|
38
44
|
|
|
39
|
-
|
|
45
|
+
# v0.1.0
|
|
40
46
|
* Initial release
|
data/README.md
CHANGED
|
@@ -29,6 +29,10 @@ Miasma.api(
|
|
|
29
29
|
* `aws_credentials_file` - Specify custom credentials file
|
|
30
30
|
* `aws_config_file` - Specify custom configuration file
|
|
31
31
|
|
|
32
|
+
### Instance related attributes
|
|
33
|
+
|
|
34
|
+
* `aws_iam_instance_profile` - Extract and use instance IAM credentials
|
|
35
|
+
|
|
32
36
|
### Secure Token Service related:
|
|
33
37
|
|
|
34
38
|
* `aws_sts_token` - Set STS token to use with current key ID and secret
|
|
@@ -42,7 +46,13 @@ Miasma.api(
|
|
|
42
46
|
|
|
43
47
|
### Other attributes
|
|
44
48
|
|
|
45
|
-
* `aws_host` -
|
|
49
|
+
* `aws_host` - Provide customized full endpoint (without http/https) for API requests
|
|
50
|
+
* `api_endpoint` - Use custom endpoint when constructing (defaults to 'amazonaws.com')
|
|
51
|
+
* `euca_compat`- Enable compatibility mode for eucalyptus. Allowed values:
|
|
52
|
+
* `path` - Construct using `services/SERVICE_NAME`
|
|
53
|
+
* `dns` - Construct using DNS subdomains (`SERVICE_NAME.REGION.API_ENDPOINT` by default)
|
|
54
|
+
* `euca_dns_map` - Map services to custom DNS subdomains
|
|
55
|
+
* `ssl_enabled` - Use SSL for API connections
|
|
46
56
|
|
|
47
57
|
## Current support matrix
|
|
48
58
|
|
data/lib/miasma/contrib/aws.rb
CHANGED
|
@@ -330,7 +330,7 @@ module Miasma
|
|
|
330
330
|
|
|
331
331
|
def self.included(klass)
|
|
332
332
|
klass.class_eval do
|
|
333
|
-
attribute :aws_profile_name, String, :default => 'default'
|
|
333
|
+
attribute :aws_profile_name, [FalseClass, String], :default => 'default'
|
|
334
334
|
attribute :aws_sts_token, String
|
|
335
335
|
attribute :aws_sts_role_arn, String
|
|
336
336
|
attribute :aws_sts_external_id, String
|
|
@@ -339,13 +339,27 @@ module Miasma
|
|
|
339
339
|
attribute :aws_config_file, String, :required => true, :default => File.join(Dir.home, '.aws/config')
|
|
340
340
|
attribute :aws_access_key_id, String, :required => true
|
|
341
341
|
attribute :aws_secret_access_key, String, :required => true
|
|
342
|
+
attribute :aws_iam_instance_profile, [TrueClass, FalseClass], :default => true
|
|
342
343
|
attribute :aws_region, String, :required => true
|
|
343
344
|
attribute :aws_host, String
|
|
344
345
|
attribute :aws_bucket_region, String
|
|
346
|
+
attribute :api_endpoint, String, :required => true, :default => 'amazonaws.com'
|
|
347
|
+
attribute :euca_compat, [String, Symbol], :allowed_values => [:path, :dns], :coerce => lambda{|v| v.to_sym}
|
|
348
|
+
attribute :euca_dns_map, Smash, :coerce => lambda{|v| v.to_smash}, :default => Smash.new
|
|
349
|
+
attribute :ssl_enabled, [TrueClass, FalseClass], :default => true
|
|
345
350
|
|
|
346
351
|
# @return [Contrib::AwsApiCore::SignatureV4]
|
|
347
352
|
attr_reader :signer
|
|
348
353
|
end
|
|
354
|
+
|
|
355
|
+
# AWS config file key remapping
|
|
356
|
+
klass.const_set(:CONFIG_FILE_REMAP,
|
|
357
|
+
Smash.new(
|
|
358
|
+
'region' => 'aws_region'
|
|
359
|
+
)
|
|
360
|
+
)
|
|
361
|
+
klass.const_set(:INSTANCE_PROFILE_HOST, 'http://169.254.169.254')
|
|
362
|
+
klass.const_set(:INSTANCE_PROFILE_PATH, 'latest/meta-data/iam/security-credentials')
|
|
349
363
|
end
|
|
350
364
|
|
|
351
365
|
# Build new API for specified type using current provider / creds
|
|
@@ -387,6 +401,29 @@ module Miasma
|
|
|
387
401
|
if(creds[:aws_sts_role_arn])
|
|
388
402
|
sts_assume_role!(creds)
|
|
389
403
|
end
|
|
404
|
+
if(creds[:aws_iam_instance_profile])
|
|
405
|
+
load_instance_credentials!(creds)
|
|
406
|
+
end
|
|
407
|
+
true
|
|
408
|
+
end
|
|
409
|
+
|
|
410
|
+
# Attempt to load credentials from instance metadata
|
|
411
|
+
#
|
|
412
|
+
# @param creds [Hash]
|
|
413
|
+
# @return [TrueClass]
|
|
414
|
+
def load_instance_credentials!(creds)
|
|
415
|
+
role = HTTP.get(self.const_get(:INSTANCE_PROFILE_HOST)).body.to_s.strip
|
|
416
|
+
data = HTTP.get(
|
|
417
|
+
[
|
|
418
|
+
self.const_get(:INSTANCE_PROFILE_HOST),
|
|
419
|
+
self.const_get(:INSTANCE_PROFILE_PATH),
|
|
420
|
+
role
|
|
421
|
+
].join('/')
|
|
422
|
+
).body
|
|
423
|
+
creds[:aws_access_key_id] = data['AccessKeyId']
|
|
424
|
+
creds[:aws_secret_access_key] = data['SecretAccessKey']
|
|
425
|
+
creds[:aws_sts_token] = data['Token']
|
|
426
|
+
creds[:aws_sts_token_expires] = Time.xmlschema(data['Expiration'])
|
|
390
427
|
true
|
|
391
428
|
end
|
|
392
429
|
|
|
@@ -422,13 +459,30 @@ module Miasma
|
|
|
422
459
|
if(File.exists?(file_path))
|
|
423
460
|
l_config = Smash.new.tap do |creds|
|
|
424
461
|
key = nil
|
|
425
|
-
File.readlines(file_path).
|
|
462
|
+
File.readlines(file_path).each_with_index do |line, idx|
|
|
426
463
|
line.strip!
|
|
427
|
-
if
|
|
428
|
-
|
|
464
|
+
next if line.empty? || line.start_with?('#')
|
|
465
|
+
if(line.start_with?('['))
|
|
466
|
+
unless(line.end_with?(']'))
|
|
467
|
+
raise ArgumentError.new("Failed to parse aws file! (#{file_path} line #{idx + 1})")
|
|
468
|
+
end
|
|
469
|
+
key = line.tr('[]', '').strip.sub(/^profile /, '')
|
|
429
470
|
creds[key] = Smash.new
|
|
430
471
|
else
|
|
431
|
-
|
|
472
|
+
unless(key)
|
|
473
|
+
raise ArgumentError.new("Failed to parse aws file! (#{file_path} line #{idx + 1}) - No section defined!")
|
|
474
|
+
end
|
|
475
|
+
line_args = line.split('=', 2).map(&:strip)
|
|
476
|
+
line_args.first.replace(
|
|
477
|
+
self.class.const_get(:CONFIG_FILE_REMAP).fetch(
|
|
478
|
+
line_args.first, line_args.first
|
|
479
|
+
)
|
|
480
|
+
)
|
|
481
|
+
begin
|
|
482
|
+
creds[key].merge!(Smash[*line_args])
|
|
483
|
+
rescue => e
|
|
484
|
+
raise ArgumentError.new("Failed to parse aws file! (#{file_path} line #{idx + 1})")
|
|
485
|
+
end
|
|
432
486
|
end
|
|
433
487
|
end
|
|
434
488
|
end
|
|
@@ -447,11 +501,33 @@ module Miasma
|
|
|
447
501
|
# Setup for API connections
|
|
448
502
|
def connect
|
|
449
503
|
unless(aws_host)
|
|
450
|
-
|
|
451
|
-
|
|
452
|
-
|
|
453
|
-
|
|
454
|
-
|
|
504
|
+
if(euca_compat)
|
|
505
|
+
service_name = (
|
|
506
|
+
self.class.const_defined?(:EUCA_API_SERVICE) ?
|
|
507
|
+
self.class::EUCA_API_SERVICE :
|
|
508
|
+
self.class::API_SERVICE
|
|
509
|
+
).downcase
|
|
510
|
+
else
|
|
511
|
+
service_name = self.class::API_SERVICE.downcase
|
|
512
|
+
end
|
|
513
|
+
if(euca_compat == :path)
|
|
514
|
+
self.aws_host = [
|
|
515
|
+
api_endpoint,
|
|
516
|
+
'services',
|
|
517
|
+
service_name
|
|
518
|
+
].join('/')
|
|
519
|
+
elsif(euca_compat == :dns && euca_dns_map[service_name])
|
|
520
|
+
self.aws_host = [
|
|
521
|
+
euca_dns_map[service_name],
|
|
522
|
+
api_endpoint
|
|
523
|
+
].join('.')
|
|
524
|
+
else
|
|
525
|
+
self.aws_host = [
|
|
526
|
+
service_name,
|
|
527
|
+
aws_region,
|
|
528
|
+
api_endpoint
|
|
529
|
+
].join('.')
|
|
530
|
+
end
|
|
455
531
|
end
|
|
456
532
|
@signer = Contrib::AwsApiCore::SignatureV4.new(
|
|
457
533
|
aws_access_key_id, aws_secret_access_key, aws_region, self.class::API_SERVICE
|
|
@@ -473,7 +549,7 @@ module Miasma
|
|
|
473
549
|
|
|
474
550
|
# @return [String] endpoint for request
|
|
475
551
|
def endpoint
|
|
476
|
-
"
|
|
552
|
+
"http#{'s' if ssl_enabled}://#{aws_host}"
|
|
477
553
|
end
|
|
478
554
|
|
|
479
555
|
# Override to inject signature
|
data/lib/miasma-aws/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: miasma-aws
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.18
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Chris Roberts
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-
|
|
11
|
+
date: 2015-08-25 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: miasma
|
|
@@ -139,3 +139,4 @@ signing_key:
|
|
|
139
139
|
specification_version: 4
|
|
140
140
|
summary: Smoggy AWS API
|
|
141
141
|
test_files: []
|
|
142
|
+
has_rdoc:
|