RubyGems - opsicle - Versions diffs - 1.1.1 → 2.0.0 - Mend

opsicle 1.1.1 → 2.0.0

Files changed (6) hide show

checksums.yaml +4 -4
data/lib/opsicle/client.rb +3 -2
data/lib/opsicle/config.rb +40 -33
data/lib/opsicle/version.rb +1 -1
data/spec/opsicle/config_spec.rb +11 -31
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 8a8d0c6948774c70b2662bc2d7e9cc99a284aa0f
-  data.tar.gz: 6dc3f1887fdcf0a7ddbb79a6ee514fbf6b4b788c
+  metadata.gz: 022fdb3799154ce60b7e5b84cd83142ca8644024
+  data.tar.gz: a12d87d36f1ad4e317cd96fd5cc03e990652ee27
 SHA512:
-  metadata.gz: 8fd1ab7e363e8078657845b42926321bee866398dde1317bccccaf5f30c45db3c443a9a1ad2cc407348a45bed19bf91aef925457ad3f88ac82be562f876adf07
-  data.tar.gz: c111d7ce6a6c47daac25c1b3349004688e7766e1c0e3e792a3488d043706f6bfdf8642c3c731f2e96cc60944c1c8dcb1b906e27e8248d4d326f06e1c9c459ef3
+  metadata.gz: eaeab2fa154ddd9099e45a229f4e83f9f1335f3c2ee77fa30a9d53f9f50b8a2e83f05354acba47c95d225e55b86c36fbe6484d1d69187af4ddedf7fef8cee805
+  data.tar.gz: da9e1b62d77b28b76733000234a8193ed788ed2e7060e5d17796c9c81223c32dc00b37af5c262daacc49b36006da54ed27337fedc51cbe8f1d5dbdac9091cceb

data/lib/opsicle/client.rb CHANGED Viewed

@@ -9,8 +9,9 @@ module Opsicle
     def initialize(environment)
       @config = Config.instance
       @config.configure_aws_environment!(environment)
-      @opsworks = Aws::OpsWorks::Client.new(region: 'us-east-1', credentials: @config.aws_credentials)
-      @s3 = Aws::S3::Client.new(region: 'us-east-1', credentials: @config.aws_credentials)
+      credentials = @config.aws_credentials
+      @opsworks = Aws::OpsWorks::Client.new(region: 'us-east-1', credentials: credentials)
+      @s3 = Aws::S3::Client.new(region: 'us-east-1', credentials: credentials)
     end
     def run_command(command, command_args={}, options={})

data/lib/opsicle/config.rb CHANGED Viewed

@@ -3,7 +3,6 @@ require 'aws-sdk'
 module Opsicle
   class Config
-    FOG_CONFIG_PATH = '~/.fog'
     OPSICLE_CONFIG_PATH = './.opsicle'
     SESSION_DURATION = 3600
@@ -14,22 +13,7 @@ module Opsicle
     end
     def aws_credentials
-      Aws::Credentials.new(aws_config[:access_key_id], aws_config[:secret_access_key], aws_config[:session_token])
-    end
-    def aws_config
-      return @aws_config if @aws_config
-      if fog_config[:mfa_serial_number]
-        creds = get_session.credentials
-        @aws_config = { access_key_id: creds.access_key_id, secret_access_key: creds.secret_access_key, session_token: creds.session_token }
-      else
-        @aws_config = { access_key_id: fog_config[:aws_access_key_id], secret_access_key: fog_config[:aws_secret_access_key] }
-      end
-    end
-    def fog_config
-      return @fog_config if @fog_config
-      @fog_config = load_config(File.expand_path(FOG_CONFIG_PATH))
+      authenticate_with_credentials
     end
     def opsworks_config
@@ -38,7 +22,7 @@ module Opsicle
     def configure_aws_environment!(environment)
       @environment = environment.to_sym
-      end
+    end
     def load_config(file)
       raise MissingConfig, "Missing configuration file: #{file}  Run 'opsicle help'" unless File.exist?(file)
@@ -53,21 +37,6 @@ module Opsicle
       @token = Output.ask("Enter MFA token: "){ |q|  q.validate = /^\d{6}$/ }
     end
-    def get_session
-      return @session if @session
-      sts = Aws::STS::Client.new(access_key_id: fog_config[:aws_access_key_id],
-                                 secret_access_key: fog_config[:aws_secret_access_key],
-                                 region: 'us-east-1')
-      @session = sts.get_session_token(duration_seconds: session_duration,
-                                       serial_number: fog_config[:mfa_serial_number],
-                                       token_code: get_mfa_token)
-    end
-    def session_duration
-      fog_config = load_config(File.expand_path(FOG_CONFIG_PATH))
-      fog_config[:session_duration] || SESSION_DURATION
-    end
     # We want all ouf our YAML loaded keys to be symbols
     # taken from http://devblog.avdi.org/2009/07/14/recursively-symbolize-keys/
     def symbolize_keys(hash)
@@ -85,6 +54,44 @@ module Opsicle
       }
     end
+    def authenticate_with_credentials
+      credentials = Aws::SharedCredentials.new(profile_name: @environment.to_s)
+      unless credentials.set?
+        abort('Opsicle can no longer authenticate through your ~/.fog file. Please run `opsicle legacy-credential-converter` before proceeding.')
+      end
+      Aws.config.update({region: 'us-east-1', credentials: credentials})
+      iam = Aws::IAM::Client.new
+       # this will be an array of 0 or 1 because iam.list_mfa_devices.mfa_devices will only return 0 or 1 device per user;
+       # if user doesn't have MFA enabled, then this loop won't even execute
+      iam.list_mfa_devices.mfa_devices.each do |mfadevice|
+        mfa_serial_number = mfadevice.serial_number
+        get_mfa_token
+        session_credentials_hash = get_session(mfa_serial_number,
+                                               credentials.credentials.access_key_id,
+                                               credentials.credentials.secret_access_key).credentials
+        credentials = Aws::Credentials.new(session_credentials_hash.access_key_id,
+                                                   session_credentials_hash.secret_access_key,
+                                                   session_credentials_hash.session_token)
+      end
+      return credentials
+    end
+    def get_session(mfa_serial_number, access_key_id, secret_access_key)
+      return @session if @session
+      sts = Aws::STS::Client.new(access_key_id: access_key_id,
+                                 secret_access_key: secret_access_key,
+                                 region: 'us-east-1')
+      @session = sts.get_session_token(duration_seconds: SESSION_DURATION,
+                                       serial_number: mfa_serial_number,
+                                       token_code: @token)
+    end
     MissingConfig = Class.new(StandardError)
     MissingEnvironment = Class.new(StandardError)

data/lib/opsicle/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Opsicle
-  VERSION = "1.1.1"
+  VERSION = "2.0.0"
 end

data/spec/opsicle/config_spec.rb CHANGED Viewed

@@ -6,27 +6,15 @@ module Opsicle
     subject { Config.new }
     context "with a valid config" do
       before do
-        allow(File).to receive(:exist?).with(File.expand_path '~/.fog').and_return(true)
+        allow(File).to receive(:exist?).with(File.expand_path '~/.aws/credentials').and_return(true)
         allow(File).to receive(:exist?).with('./.opsicle').and_return(true)
-        allow(YAML).to receive(:load_file).with(File.expand_path '~/.fog').and_return({'derp' => { 'aws_access_key_id' => 'key', 'aws_secret_access_key' => 'secret'}})
-        allow(YAML).to receive(:load_file).with('./.opsicle').and_return({'derp' => { 'app_id' => 'app', 'stack_id' => 'stack'}})
+        allow(File).to receive(:exist?).and_return(true)
+        allow(YAML).to receive(:load_file).with('./.opsicle').and_return({'derp' => { 'app_id' => 'app', 'stack_id' => 'stack' }})
       end
       before :each do
         subject.configure_aws_environment!('derp')
       end
-      context "#aws_config" do
-        it "should contain access_key_id" do
-          expect(subject.aws_config).to have_key(:access_key_id)
-          expect(subject.aws_config).to eq({ :access_key_id => 'key', :secret_access_key => 'secret'})
-        end
-        it "should contain secret_access_key" do
-          expect(subject.aws_config).to have_key(:secret_access_key)
-          expect(subject.aws_config).to eq({ :access_key_id => 'key', :secret_access_key => 'secret'})
-        end
-      end
       context "#opsworks_config" do
         it "should contain stack_id" do
           expect(subject.opsworks_config).to have_key(:stack_id)
@@ -39,9 +27,14 @@ module Opsicle
       context "#aws_credentials" do
         it "should return aws credentials" do
-          credentials = double
-          allow(Aws::Credentials).to receive(:new).and_return(credentials)
-          expect(subject.aws_credentials).to eq(credentials)
+          mfa_devices = double('mfa_devices', mfa_devices: [])
+          client = double('iam_client', list_mfa_devices: mfa_devices)
+          allow(Aws::IAM::Client).to receive(:new).and_return(client)
+          coffee_types = {:coffee => "cappuccino", :beans => "arabica"}
+          allow(coffee_types).to receive('set?').and_return(true)
+          allow(Aws.config).to receive(:update).with({region: 'us-east-1', credentials: coffee_types})
+          allow(Aws::SharedCredentials).to receive(:new).and_return(coffee_types)
+          expect(subject.aws_credentials).to eq(coffee_types)
         end
       end
@@ -54,22 +47,9 @@ module Opsicle
     context "missing configs" do
       before do
-        allow(File).to receive(:exist?).with(File.expand_path '~/.fog').and_return(false)
         allow(File).to receive(:exist?).with('./.opsicle').and_return(false)
       end
-      context "#aws_config" do
-        it "should gracefully raise an exception if no .fog file was found" do
-          expect {subject.aws_config}.to raise_exception(Config::MissingConfig)
-        end
-      end
-      context "#fog_config" do
-        it "should gracefully raise an exception if no .fog file was found" do
-          expect {subject.aws_config}.to raise_exception(Config::MissingConfig)
-        end
-      end
       context "#opsworks_config" do
         it "should gracefully raise an exception if no .fog file was found" do
           expect {subject.opsworks_config}.to raise_exception(Config::MissingConfig)

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: opsicle
 version: !ruby/object:Gem::Version
-  version: 1.1.1
+  version: 2.0.0
 platform: ruby
 authors:
 - Andy Fleener
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-07-19 00:00:00.000000000 Z
+date: 2016-07-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk