pg-aws_rds_iam 0.7.0 → 0.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -1
- data/README.md +22 -2
- data/lib/pg/aws_rds_iam/active_record_postgresql_database_tasks.rb +7 -6
- data/lib/pg/aws_rds_iam/connection_info/parse_error.rb +2 -1
- data/lib/pg/aws_rds_iam/connection_info/uri.rb +1 -8
- data/lib/pg/aws_rds_iam/version.rb +1 -1
- data/lib/pg/aws_rds_iam.rb +1 -1
- data/pg-aws_rds_iam.gemspec +2 -2
- metadata +7 -12
- data/lib/pg/aws_rds_iam/active_record_postgresql_database_tasks/psql_env.rb +0 -15
- data/lib/pg/aws_rds_iam/active_record_postgresql_database_tasks/set_psql_env.rb +0 -14
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 033ab6c71e67b76950791800722751b6f00ac7403c0269f19a9b135875d17fec
|
|
4
|
+
data.tar.gz: c8e53189801821043e80c7a692c81b140ac29ad337c250434c8a00ec6f8b6464
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: '097fcef5922b2485a79e26a608c546711bbcf7d6a4ee129db557b6324bb280cf06944f9008336e14c84699f99e440d7f2c300baa90b4e113b334c33fc8f58cf7'
|
|
7
|
+
data.tar.gz: 0ad4fa689960fc2e4f0587743033d842b6e2faf8248051877339f134cd77176ddc4379c60d7b5aec0befcd59d5c6ae7ccb169ed8500399a315846ce9743e5d1e
|
data/CHANGELOG.md
CHANGED
|
@@ -8,6 +8,14 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
|
|
8
8
|
|
|
9
9
|
No notable changes.
|
|
10
10
|
|
|
11
|
+
## [0.8.0] - 2026-03-27
|
|
12
|
+
|
|
13
|
+
### Changed
|
|
14
|
+
* Test against Ruby 3.4 ([#697](https://github.com/haines/pg-aws_rds_iam/pull/697))
|
|
15
|
+
* Test against Ruby 4.0 ([#779](https://github.com/haines/pg-aws_rds_iam/pull/779))
|
|
16
|
+
* Require Ruby ≥ 3.2, Active Record ≥ 7.0, and PG ≥ 1.3 ([#726](https://github.com/haines/pg-aws_rds_iam/pull/726))
|
|
17
|
+
* Test against Sequel ([#756](https://github.com/haines/pg-aws_rds_iam/pull/756))
|
|
18
|
+
|
|
11
19
|
## [0.7.0] - 2024-12-04
|
|
12
20
|
|
|
13
21
|
### Changed
|
|
@@ -101,7 +109,8 @@ No notable changes.
|
|
|
101
109
|
* A plugin for the [`pg` gem](https://rubygems.org/gems/pg) that adds support for [IAM authentication](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html) when connecting to PostgreSQL databases hosted in Amazon RDS. ([#1](https://github.com/haines/pg-aws_rds_iam/pull/1))
|
|
102
110
|
* ActiveRecord support. ([#3](https://github.com/haines/pg-aws_rds_iam/pull/3))
|
|
103
111
|
|
|
104
|
-
[Unreleased]: https://github.com/haines/pg-aws_rds_iam/compare/v0.
|
|
112
|
+
[Unreleased]: https://github.com/haines/pg-aws_rds_iam/compare/v0.8.0...HEAD
|
|
113
|
+
[0.8.0]: https://github.com/haines/pg-aws_rds_iam/compare/v0.7.0...v0.8.0
|
|
105
114
|
[0.7.0]: https://github.com/haines/pg-aws_rds_iam/compare/v0.6.2...v0.7.0
|
|
106
115
|
[0.6.2]: https://github.com/haines/pg-aws_rds_iam/compare/v0.6.1...v0.6.2
|
|
107
116
|
[0.6.1]: https://github.com/haines/pg-aws_rds_iam/compare/v0.6.0...v0.6.1
|
data/README.md
CHANGED
|
@@ -99,6 +99,14 @@ You can set this parameter in
|
|
|
99
99
|
aws_rds_iam_auth_token_generator: default
|
|
100
100
|
```
|
|
101
101
|
|
|
102
|
+
* `driver_options`, if you're using Sequel:
|
|
103
|
+
|
|
104
|
+
```ruby
|
|
105
|
+
Sequel.connect("postgresql://andrew@postgresql.example.com:5432/blog", driver_options: {
|
|
106
|
+
aws_rds_iam_auth_token_generator: "default"
|
|
107
|
+
})
|
|
108
|
+
```
|
|
109
|
+
|
|
102
110
|
If the default authentication token generator doesn't meet your needs, you can register an alternative with
|
|
103
111
|
|
|
104
112
|
```ruby
|
|
@@ -112,14 +120,26 @@ To use this alternative authentication token generator, set the `aws_rds_iam_aut
|
|
|
112
120
|
The block you give to `add` must construct and return the authentication token generator, which can either be an instance of `PG::AWS_RDS_IAM::AuthTokenGenerator` or another object that returns a string token in response to `call(host:, port:, user:)`.
|
|
113
121
|
The block will be called once, when the first token is generated, and the returned authentication token generator will be re-used to generate all future tokens.
|
|
114
122
|
|
|
123
|
+
### 4. Set `sslmode` to `verify-full` (recommended)
|
|
124
|
+
|
|
125
|
+
Although not required to use IAM authentication, to further improve security when connecting to your database, you should consider setting the `sslmode` connection parameter to `verify-full`.
|
|
126
|
+
This ensures that your application is connecting to an RDS instance, preventing man-in-the-middle attacks.
|
|
127
|
+
|
|
128
|
+
You'll need to [download the RDS certificate bundle from AWS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) and set the `sslrootcert` connection parameter to the path to the downloaded file.
|
|
129
|
+
|
|
115
130
|
## Development
|
|
116
131
|
|
|
117
132
|
After checking out the repo, run `bin/setup` to install dependencies.
|
|
118
133
|
Then, run `bin/rake` to run the tests.
|
|
119
134
|
You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
|
120
135
|
|
|
121
|
-
To
|
|
122
|
-
|
|
136
|
+
To release a new version:
|
|
137
|
+
|
|
138
|
+
1. Update the version number in [version.rb](lib/pg/aws_rds_iam/version.rb), and run `bundle install` to update [Gemfile.lock](Gemfile.lock).
|
|
139
|
+
2. Update [CHANGELOG.md](CHANGELOG.md).
|
|
140
|
+
3. Submit the changes as a pull request.
|
|
141
|
+
4. Once merged, run `bin/rake release:tag` to tag the release and push the tag to GitHub.
|
|
142
|
+
The gem is published to [rubygems.org](https://rubygems.org/gems/pg-aws_rds_iam) using [trusted publishing](https://guides.rubygems.org/trusted-publishing/) via GitHub Actions.
|
|
123
143
|
|
|
124
144
|
## Contributing
|
|
125
145
|
|
|
@@ -3,14 +3,15 @@
|
|
|
3
3
|
module PG
|
|
4
4
|
module AWS_RDS_IAM
|
|
5
5
|
module ActiveRecordPostgreSQLDatabaseTasks
|
|
6
|
+
private
|
|
7
|
+
|
|
8
|
+
def psql_env
|
|
9
|
+
super.tap do |psql_env|
|
|
10
|
+
AuthTokenInjector.new.inject_into_psql_env! configuration_hash, psql_env
|
|
11
|
+
end
|
|
12
|
+
end
|
|
6
13
|
end
|
|
7
14
|
|
|
8
15
|
private_constant :ActiveRecordPostgreSQLDatabaseTasks
|
|
9
16
|
end
|
|
10
17
|
end
|
|
11
|
-
|
|
12
|
-
if ActiveRecord::Tasks::PostgreSQLDatabaseTasks.private_instance_methods.include?(:psql_env)
|
|
13
|
-
require_relative "active_record_postgresql_database_tasks/psql_env"
|
|
14
|
-
else
|
|
15
|
-
require_relative "active_record_postgresql_database_tasks/set_psql_env"
|
|
16
|
-
end
|
|
@@ -5,14 +5,7 @@ module PG
|
|
|
5
5
|
module ConnectionInfo
|
|
6
6
|
class URI
|
|
7
7
|
def self.match?(connection_string)
|
|
8
|
-
regexp
|
|
9
|
-
if defined?(::URI::RFC2396_PARSER)
|
|
10
|
-
::URI::RFC2396_PARSER.regexp[:ABS_URI_REF]
|
|
11
|
-
else
|
|
12
|
-
::URI::ABS_URI_REF
|
|
13
|
-
end
|
|
14
|
-
|
|
15
|
-
/\A#{regexp}\z/.match?(connection_string)
|
|
8
|
+
/\A#{::URI::RFC2396_PARSER.regexp[:ABS_URI_REF]}\z/.match?(connection_string)
|
|
16
9
|
end
|
|
17
10
|
|
|
18
11
|
attr_reader :auth_token_generator_name
|
data/lib/pg/aws_rds_iam.rb
CHANGED
|
@@ -42,7 +42,7 @@ module PG
|
|
|
42
42
|
ActiveRecord::Tasks::PostgreSQLDatabaseTasks.prepend ActiveRecordPostgreSQLDatabaseTasks
|
|
43
43
|
end
|
|
44
44
|
|
|
45
|
-
if defined?(Rails::DBConsole) && Rails::DBConsole.
|
|
45
|
+
if defined?(Rails::DBConsole) && Rails::DBConsole.private_method_defined?(:find_cmd_and_exec)
|
|
46
46
|
require_relative "aws_rds_iam/rails_dbconsole"
|
|
47
47
|
|
|
48
48
|
Rails::DBConsole.prepend RailsDBConsole
|
data/pg-aws_rds_iam.gemspec
CHANGED
|
@@ -34,8 +34,8 @@ Gem::Specification.new do |spec|
|
|
|
34
34
|
|
|
35
35
|
spec.require_paths = ["lib"]
|
|
36
36
|
|
|
37
|
-
spec.required_ruby_version = ">= 3.
|
|
37
|
+
spec.required_ruby_version = ">= 3.2"
|
|
38
38
|
|
|
39
39
|
spec.add_dependency "aws-sdk-rds", "~> 1.0"
|
|
40
|
-
spec.add_dependency "pg", "~> 1.
|
|
40
|
+
spec.add_dependency "pg", "~> 1.3"
|
|
41
41
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pg-aws_rds_iam
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.8.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andrew Haines
|
|
8
|
-
autorequire:
|
|
9
8
|
bindir: bin
|
|
10
9
|
cert_chain: []
|
|
11
|
-
date:
|
|
10
|
+
date: 1980-01-02 00:00:00.000000000 Z
|
|
12
11
|
dependencies:
|
|
13
12
|
- !ruby/object:Gem::Dependency
|
|
14
13
|
name: aws-sdk-rds
|
|
@@ -30,14 +29,14 @@ dependencies:
|
|
|
30
29
|
requirements:
|
|
31
30
|
- - "~>"
|
|
32
31
|
- !ruby/object:Gem::Version
|
|
33
|
-
version: '1.
|
|
32
|
+
version: '1.3'
|
|
34
33
|
type: :runtime
|
|
35
34
|
prerelease: false
|
|
36
35
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
36
|
requirements:
|
|
38
37
|
- - "~>"
|
|
39
38
|
- !ruby/object:Gem::Version
|
|
40
|
-
version: '1.
|
|
39
|
+
version: '1.3'
|
|
41
40
|
description: PG::AWS_RDS_IAM is a plugin for the pg gem that adds support for IAM
|
|
42
41
|
authentication when connecting to PostgreSQL databases hosted in Amazon RDS.
|
|
43
42
|
email:
|
|
@@ -53,8 +52,6 @@ files:
|
|
|
53
52
|
- lib/pg/aws_rds_iam.rb
|
|
54
53
|
- lib/pg/aws_rds_iam/active_record_postgresql_adapter.rb
|
|
55
54
|
- lib/pg/aws_rds_iam/active_record_postgresql_database_tasks.rb
|
|
56
|
-
- lib/pg/aws_rds_iam/active_record_postgresql_database_tasks/psql_env.rb
|
|
57
|
-
- lib/pg/aws_rds_iam/active_record_postgresql_database_tasks/set_psql_env.rb
|
|
58
55
|
- lib/pg/aws_rds_iam/auth_token.rb
|
|
59
56
|
- lib/pg/aws_rds_iam/auth_token_generator.rb
|
|
60
57
|
- lib/pg/aws_rds_iam/auth_token_generator_registry.rb
|
|
@@ -74,11 +71,10 @@ licenses:
|
|
|
74
71
|
metadata:
|
|
75
72
|
bug_tracker_uri: https://github.com/haines/pg-aws_rds_iam/issues
|
|
76
73
|
changelog_uri: https://github.com/haines/pg-aws_rds_iam/blob/main/CHANGELOG.md
|
|
77
|
-
documentation_uri: https://rubydoc.info/gems/pg-aws_rds_iam/0.
|
|
74
|
+
documentation_uri: https://rubydoc.info/gems/pg-aws_rds_iam/0.8.0
|
|
78
75
|
homepage_uri: https://github.com/haines/pg-aws_rds_iam
|
|
79
76
|
source_code_uri: https://github.com/haines/pg-aws_rds_iam
|
|
80
77
|
rubygems_mfa_required: 'true'
|
|
81
|
-
post_install_message:
|
|
82
78
|
rdoc_options: []
|
|
83
79
|
require_paths:
|
|
84
80
|
- lib
|
|
@@ -86,15 +82,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
86
82
|
requirements:
|
|
87
83
|
- - ">="
|
|
88
84
|
- !ruby/object:Gem::Version
|
|
89
|
-
version: '3.
|
|
85
|
+
version: '3.2'
|
|
90
86
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
91
87
|
requirements:
|
|
92
88
|
- - ">="
|
|
93
89
|
- !ruby/object:Gem::Version
|
|
94
90
|
version: '0'
|
|
95
91
|
requirements: []
|
|
96
|
-
rubygems_version:
|
|
97
|
-
signing_key:
|
|
92
|
+
rubygems_version: 4.0.9
|
|
98
93
|
specification_version: 4
|
|
99
94
|
summary: IAM authentication for PostgreSQL on Amazon RDS
|
|
100
95
|
test_files: []
|
|
@@ -1,15 +0,0 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
module PG
|
|
4
|
-
module AWS_RDS_IAM
|
|
5
|
-
module ActiveRecordPostgreSQLDatabaseTasks
|
|
6
|
-
private
|
|
7
|
-
|
|
8
|
-
def psql_env
|
|
9
|
-
super.tap do |psql_env|
|
|
10
|
-
AuthTokenInjector.new.inject_into_psql_env! configuration_hash, psql_env
|
|
11
|
-
end
|
|
12
|
-
end
|
|
13
|
-
end
|
|
14
|
-
end
|
|
15
|
-
end
|