opensearch-aws-sigv4 1.0.0 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data/CHANGELOG.md +18 -0
  4. data/README.md +40 -1
  5. data/lib/opensearch-aws-sigv4/version.rb +1 -1
  6. data/lib/opensearch-aws-sigv4.rb +6 -3
  7. data/opensearch-aws-sigv4.gemspec +2 -2
  8. data/spec/unit/sigv4_client_spec.rb +11 -7
  9. data.tar.gz.sig +0 -0
  10. metadata +5 -2
  11. metadata.gz.sig +0 -0
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 43ed10e26e1b3308e4a19d3d479269c36d27b2244d4d688852afbf80d7fb16c9
4
- data.tar.gz: 7c53006f740126f7f3a19fbc7b9a83f0096484c0240a514c8ff7c843fd8b5c2b
3
+ metadata.gz: 0c18c127380978f8f6c155763004c09c2f47f8fe510060f78f5e2dd22dfda7d9
4
+ data.tar.gz: 1bf9b1df47af0b02f6e95950aab3bd51aa107e0d1b70dad9b210c894bcc5074f
5
5
  SHA512:
6
- metadata.gz: f93669b3c6e92edad450f72aab6a53cfe1f0dd80bc2e63dfe4da8b2e9f78f7788933a45092d077d1df0926b9e20c53677529853b36ce6f56541781dba14358d0
7
- data.tar.gz: 6951cf5f5f3da63dc30df598b21cb798945670055db39b8312b78bfd296bb33eea0538940b54cbfd255af9dd78ae49be2cbe11f41802d49320eafc14852f1ae1
6
+ metadata.gz: 6425d6f4b4925292cca4d1ab444643b40399ce6728b865715537df1c061c776bcb759b9fbd1f5d891a72e78ebf457ec601f4d3e0bb106e151d274a9aadb0e81c
7
+ data.tar.gz: 0376e3c9a1b67e4885335ecd1a751cd2db67725242f5a09f84cfa905dcbed18b2cbe64043e8ffcbb1b638bc5b71917982be13da6186c6f04cbb9f10f73c18d1f
checksums.yaml.gz.sig CHANGED
Binary file
data/CHANGELOG.md ADDED
@@ -0,0 +1,18 @@
1
+ # CHANGELOG
2
+ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
3
+
4
+ ## [Unreleased]
5
+ ### Added
6
+ - Added support for Amazon OpenSearch Serverless ([#131](https://github.com/opensearch-project/opensearch-ruby/issues/131))
7
+
8
+ ### Changed
9
+ ### Deprecated
10
+ ### Removed
11
+ ### Fixed
12
+ - Sign validation requests when using AWS Sigv4 ([#134](https://github.com/opensearch-project/opensearch-ruby/pull/134))
13
+
14
+ ### Security
15
+
16
+ ## 1.0.0
17
+ ### Added
18
+ - Added `OpenSearch::AWS::Sigv4Client` ([#110](https://github.com/opensearch-project/opensearch-ruby/pull/110))
data/README.md CHANGED
@@ -34,6 +34,9 @@ This library is an AWS Sigv4 wrapper for
34
34
  which is a Ruby client for OpenSearch. The `OpenSearch::Aws::Sigv4Client` is, therefore, has all features of `OpenSearch::Client`.
35
35
  And since `opensearch-ruby` is a dependency of `opensearch-aws-sigv4`, you only need to install `opensearch-aws-sigv4`.
36
36
 
37
+ ### Amazon Managed OpenSearch
38
+ Via the Sigv4 Client, you can interact with an Amazon Managed OpenSearch cluster just like would with a self-managed cluster:
39
+
37
40
  ```ruby
38
41
  require 'opensearch-aws-sigv4'
39
42
  require 'aws-sigv4'
@@ -43,7 +46,10 @@ signer = Aws::Sigv4::Signer.new(service: 'es',
43
46
  access_key_id: 'key_id',
44
47
  secret_access_key: 'secret')
45
48
 
46
- client = OpenSearch::Aws::Sigv4Client.new({ log: true }, signer)
49
+ client = OpenSearch::Aws::Sigv4Client.new(
50
+ { host: 'https://your.amz-managed-opensearch.domain',
51
+ log: true },
52
+ signer)
47
53
 
48
54
  client.cluster.health
49
55
 
@@ -54,6 +60,39 @@ client.search q: 'test'
54
60
 
55
61
  Please refer to [opensearch-ruby](https://github.com/opensearch-project/opensearch-ruby/blob/main/opensearch-ruby/README.md) documentation for further details.
56
62
 
63
+ ### Amazon OpenSearch Serverless
64
+ You can also use this client to connect to Amazon OpenSearch Serverless (AOSS). Remember to change the service for the signer to `aoss`:
65
+
66
+ ```ruby
67
+ require 'opensearch-aws-sigv4'
68
+ require 'aws-sigv4'
69
+
70
+ signer = Aws::Sigv4::Signer.new(service: 'aoss',
71
+ region: 'us-west-2',
72
+ access_key_id: 'key_id',
73
+ secret_access_key: 'secret')
74
+
75
+ client = OpenSearch::Aws::Sigv4Client.new(
76
+ { host: 'https://your.amz-opensearch-serverless.endpoint',
77
+ log: true },
78
+ signer)
79
+
80
+ index = 'prime'
81
+ client.indices.create(index: index)
82
+ client.index(index: index, id: '1', body: { name: 'Amazon Echo',
83
+ msrp: '5999',
84
+ year: 2011 })
85
+ client.search(body: { query: { match: { name: 'Echo' } } })
86
+ client.delete(index: index, id: '1')
87
+ client.indices.delete(index: index)
88
+
89
+ # Most administrative commands like the ones below will result in a 404 error for AOSS
90
+ client.cluster.stats
91
+ client.cat.health
92
+ ```
93
+
94
+ *NOTES:* AOSS does NOT support all API endpoints provided by a standard OpenSearch cluster. Refer to [AOSS Developer's Guide](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-genref.html) for more detail.
95
+
57
96
  ## Development
58
97
 
59
98
  You can run `rake -T` to check the test tasks. Use `COVERAGE=true` before running a test task to check the coverage with Simplecov.
data/lib/opensearch-aws-sigv4/version.rb CHANGED
@@ -10,7 +10,7 @@
10
10
  module OpenSearch
11
11
  module Aws
12
12
  module Sigv4
13
- VERSION = '1.0.0'.freeze
13
+ VERSION = '1.1.0'.freeze
14
14
  end
15
15
  end
16
16
  end
data/lib/opensearch-aws-sigv4.rb CHANGED
@@ -45,12 +45,11 @@ module OpenSearch
45
45
  end
46
46
 
47
47
  @sigv4_signer = sigv4_signer
48
- super transport_args, &block
48
+ super(transport_args, &block)
49
49
  end
50
50
 
51
51
  # @see OpenSearch::Transport::Transport::Base::perform_request
52
52
  def perform_request(method, path, params = {}, body = nil, headers = nil)
53
- verify_open_search unless @verified
54
53
  signature_body = body.is_a?(Hash) ? body.to_json : body.to_s
55
54
  signature = sigv4_signer.sign_request(
56
55
  http_method: method,
@@ -58,11 +57,15 @@ module OpenSearch
58
57
  headers: headers,
59
58
  body: signature_body)
60
59
  headers = (headers || {}).merge(signature.headers)
61
- @transport.perform_request(method, path, params, body, headers)
60
+ super(method, path, params, body, headers)
62
61
  end
63
62
 
64
63
  private
65
64
 
65
+ def verify_open_search
66
+ @verified = true
67
+ end
68
+
66
69
  def signature_url(path, params)
67
70
  host = @transport.transport.hosts.dig(0, :host)
68
71
  path = '/' + path unless path.start_with?('/')
data/opensearch-aws-sigv4.gemspec CHANGED
@@ -16,8 +16,8 @@ signing_key_path = File.expand_path("../gem-private_key.pem")
16
16
  Gem::Specification.new do |s|
17
17
  s.name = 'opensearch-aws-sigv4'
18
18
  s.version = OpenSearch::Aws::Sigv4::VERSION
19
- s.authors = ['Theo Truong']
20
- s.email = ['theo.nam.truong@gmail.com']
19
+ s.authors = ['Theo Truong', 'Robin Roestenburg']
20
+ s.email = ['theo.nam.truong@gmail.com', 'robin.roestenburg@4me.com']
21
21
  s.summary = 'Ruby AWS Sigv4 Client for OpenSearch'
22
22
  s.homepage = 'https://opensearch.org/docs/latest'
23
23
  s.license = 'Apache-2.0'
data/spec/unit/sigv4_client_spec.rb CHANGED
@@ -13,7 +13,7 @@ require 'timecop'
13
13
 
14
14
  describe OpenSearch::Aws::Sigv4Client do
15
15
  subject(:client) do
16
- OpenSearch::Aws::Sigv4Client.new(
16
+ described_class.new(
17
17
  { host: 'http://localhost:9200',
18
18
  transport_options: { ssl: { verify: false } } },
19
19
  signer)
@@ -50,17 +50,16 @@ describe OpenSearch::Aws::Sigv4Client do
50
50
  _double
51
51
  end
52
52
  let(:signed_headers) do
53
- { 'authorization' => 'AWS4-HMAC-SHA256 Credential=key_id/20220101/us-west-2/es/aws4_request, '\
53
+ { 'authorization' => 'AWS4-HMAC-SHA256 Credential=key_id/20220101/us-west-2/es/aws4_request, '\
54
54
  'SignedHeaders=host;x-amz-content-sha256;x-amz-date, ' \
55
55
  'Signature=9c4c690110483308f62a91c2ca873857750bca2607ba1aabdae0d2303950310a',
56
- 'host' => 'localhost',
57
- 'x-amz-content-sha256' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855',
58
- 'x-amz-date' => '20220101T000000Z' }
56
+ 'host' => 'localhost',
57
+ 'x-amz-content-sha256' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855',
58
+ 'x-amz-date' => '20220101T000000Z' }
59
59
  end
60
-
60
+
61
61
  before(:each) do
62
62
  Timecop.freeze(Time.utc(2022))
63
- allow(client).to receive(:verify_open_search) { true }
64
63
  client.transport = transport_double
65
64
  end
66
65
 
@@ -71,5 +70,10 @@ describe OpenSearch::Aws::Sigv4Client do
71
70
  expect(output).to eq(response)
72
71
  expect(transport_double).to have_received(:perform_request).with('GET', '/', {}, '', signed_headers)
73
72
  end
73
+
74
+ it 'skips the opensearch verification' do
75
+ expect(client).to_not receive(:open_search_validation_request)
76
+ client.perform_request('GET', '/_stats', {}, '', {})
77
+ end
74
78
  end
75
79
  end
data.tar.gz.sig CHANGED
Binary file
metadata CHANGED
@@ -1,10 +1,11 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: opensearch-aws-sigv4
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Theo Truong
8
+ - Robin Roestenburg
8
9
  autorequire:
9
10
  bindir: bin
10
11
  cert_chain:
@@ -30,7 +31,7 @@ cert_chain:
30
31
  r+j7FLyKuk5DzIxiCp8QN5dU71BbGUmsHf/C5UV76WLPOFX/szeaHhPwpjR3sK7r
31
32
  5zLgCV1KP7cgDdCYMlmZGeSViU8NV+Yy8/ghrzGpqVw=
32
33
  -----END CERTIFICATE-----
33
- date: 2022-11-30 00:00:00.000000000 Z
34
+ date: 2023-01-20 00:00:00.000000000 Z
34
35
  dependencies:
35
36
  - !ruby/object:Gem::Dependency
36
37
  name: aws-sigv4
@@ -205,6 +206,7 @@ description: 'Ruby AWS Sigv4 Client for OpenSearch
205
206
  '
206
207
  email:
207
208
  - theo.nam.truong@gmail.com
209
+ - robin.roestenburg@4me.com
208
210
  executables:
209
211
  - opensearch_sigv4_console
210
212
  extensions: []
@@ -213,6 +215,7 @@ extra_rdoc_files:
213
215
  - LICENSE
214
216
  files:
215
217
  - ".gitignore"
218
+ - CHANGELOG.md
216
219
  - Gemfile
217
220
  - LICENSE
218
221
  - README.md
metadata.gz.sig CHANGED
Binary file