reyes 0.2.4 → 0.3.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,15 +1,15 @@
1
1
  ---
2
2
  !binary "U0hBMQ==":
3
3
  metadata.gz: !binary |-
4
- NmVjNDViYWE0OTViNWYwNTkzZWFlZjE2MjA1YzA3ZTQwM2RjZDU2Yg==
4
+ NzRmNzQ2MDEyZGUzZDZlNDZmNzlkMTM5MDkxN2UwZGYwYWI2MjFmOA==
5
5
  data.tar.gz: !binary |-
6
- YTcxMGIwMDU4NWJlNzljMmE5MmYyNTdmZjY5YmFlMmQ3YzM2NjY2Yw==
6
+ YjFkZTIyM2JhNTM4ODgxMDgwN2JjYjNlZWEyYjM1OWQxN2E3ZmRlOA==
7
7
  SHA512:
8
8
  metadata.gz: !binary |-
9
- ZjFiNWI1NDg4MGFhYjAzOTJjZTI4M2MxYTNhYTExYzgzOWVlNGNmYWY1OTM4
10
- NjdlZGRjZTdiYTM0YmZmZDY2ZjYwMWE2NGNkMmJmOWRiZjA4ODAzM2E3MGUx
11
- OTVhYzY0OGFlY2VhMjNhMDMyOTEwNGZkMGVhODFiY2Y2NWVjZjc=
9
+ MzYzNGY5ZThkMTJjYTI5NDM0ODgwZThlZGQwNTJlMDFjNzkwZjU3ZDM5Mjkw
10
+ NjE4ZGJlOTE0MGM4NmI0NjIyNjFkZDE5ZDY3YzBlOWY3Y2RkNGQxMDliMDdi
11
+ NDk3MDlkYmM1YzYxOWU3NGUxODNiYjc0YWFkNGIzMThiMzAwM2U=
12
12
  data.tar.gz: !binary |-
13
- YmFkMGZlZWZjOTg1NWU0MmNlNDBkMTI2MzIxNmZmYTJlODVkOTBlYWUzYzIz
14
- NzkzNjI4NzI3ODNlNDNjNjM4ZjNhMDdiNDQ4YzE3ZGIwNTExZjZkMjRlMTUw
15
- YjQwYmQ5MWY1ZjU3ZjdhYjA1NDViOTMzMzVjNmJhODIzNzUxOTY=
13
+ NDVjZGM1NWFlODI2YzE4OTI2YjgwMDBiNTg1Yjg0MzY4YTc4NmFlOTRhODEy
14
+ Yjk3MWQyZmQ4YjkyMTk0OGUwZjczZTRhNGYyMjJkNDU0M2MyN2VkZmQxMDZk
15
+ ZGE3OTY0MjQxNjczYzRiMjkyNDA2YjgzMDUwNjVhMGRjMDc4M2U=
data/bin/reyes CHANGED
@@ -7,8 +7,7 @@ def command_dump(output_file, options)
7
7
  aws.dump_fake_data(output_file)
8
8
  end
9
9
 
10
- def command_fetch(instance_id, options)
11
- region = options.fetch(:region)
10
+ def command_fetch(region, instance_id, options)
12
11
  aws = Reyes::AwsManager.new(options[:config])
13
12
  s3 = Reyes::S3Loader.new(aws, options[:config])
14
13
  wrapper = Reyes::PgpWrapper.new(options[:config])
@@ -28,9 +27,7 @@ def command_fetch(instance_id, options)
28
27
  end
29
28
  end
30
29
 
31
- def command_install(json_file, instance_id, options)
32
- region = options.fetch(:region)
33
-
30
+ def command_install(json_file, region, instance_id, options)
34
31
  if options[:splay]
35
32
  Reyes::Utils.sleep_random(options[:splay])
36
33
  end
@@ -75,7 +72,6 @@ end
75
72
 
76
73
  def parse_args
77
74
  options = {
78
- :region => 'us-west-1', # TODO: make required
79
75
  :gen_options => {},
80
76
  :apply_options => {},
81
77
  :fetch_options => {},
@@ -91,7 +87,7 @@ Commands:
91
87
 
92
88
  install: load AWS data from JSON_FILE and install rules for INSTANCE_ID
93
89
 
94
- #{File.basename($0)} [options] install JSON_FILE INSTANCE_ID
90
+ #{File.basename($0)} [options] install JSON_FILE EC2_REGION INSTANCE_ID
95
91
 
96
92
  dump: generate JSON from AWS and serialize data to JSON_FILE
97
93
 
@@ -99,20 +95,16 @@ Commands:
99
95
 
100
96
  fetch: load new rules from s3 and install them on the local system
101
97
 
102
- #{File.basename($0)} [options] fetch INSTANCE_ID
98
+ #{File.basename($0)} [options] fetch EC2_REGION INSTANCE_ID
103
99
 
104
100
  upload: generate and sign a full dump of the rule inputs and upload them to s3
105
101
 
106
102
  #{File.basename($0)} [options] upload
107
103
 
108
104
 
109
- Defaults:
110
- region: #{options.fetch(:region)}
111
-
112
-
113
105
  For example:
114
106
 
115
- #{File.basename($0)} --prune install data.json $(facter -p ec2_instance_id)
107
+ #{File.basename($0)} --prune install data.json us-west-1 $(facter -p ec2_instance_id)
116
108
 
117
109
 
118
110
  Options:
@@ -122,10 +114,6 @@ Options:
122
114
  options[:config] = config
123
115
  end
124
116
 
125
- opts.on('--region REGION', 'Set EC2 region') do |region|
126
- options[:region] = region
127
- end
128
-
129
117
  opts.on('--env ENV', 'Set SRFC4 env for dump') do |env|
130
118
  options[:tag_filters] = {'env' => env}
131
119
  end
@@ -163,6 +151,11 @@ Options:
163
151
  options[:apply_options][:log_drop] = arg
164
152
  end
165
153
 
154
+ opts.on('-v', '--version', 'Display version number and exit') do
155
+ puts "reyes version #{Reyes::VERSION}"
156
+ exit 0
157
+ end
158
+
166
159
  opts.on('-h', '--help', 'Display this help message') do
167
160
  STDERR.puts opts
168
161
  exit 0
@@ -180,18 +173,18 @@ Options:
180
173
  end
181
174
  command_dump(ARGV.fetch(0), options)
182
175
  when 'install'
183
- unless ARGV.length == 2
176
+ unless ARGV.length == 3
184
177
  STDERR.puts optparse
185
178
  exit 2
186
179
  end
187
- command_install(ARGV.fetch(0), ARGV.fetch(1), options)
180
+ command_install(ARGV.fetch(0), ARGV.fetch(1), ARGV.fetch(2), options)
188
181
  when 'fetch'
189
- unless ARGV.length == 1
182
+ unless ARGV.length == 2
190
183
  STDERR.puts optparse
191
184
  exit 2
192
185
  end
193
186
 
194
- command_fetch(ARGV.fetch(0), options)
187
+ command_fetch(ARGV.fetch(0), ARGV.fetch(1), options)
195
188
  when 'upload'
196
189
  unless ARGV.length == 0
197
190
  STDERR.puts optparse
data/config.yaml.example CHANGED
@@ -11,10 +11,18 @@ aws:
11
11
  vpcs:
12
12
  - [us-west-2, vpc-abcdef12]
13
13
 
14
+ classic_cidr_blocks:
15
+ - 10.160.0.0/11
16
+ - 10.192.0.0/10
17
+
14
18
  s3:
15
19
  bucket: reyes-config
16
20
  path: rules.json
17
21
 
22
+ excluded_group_names:
23
+ - reyes
24
+ - qa-reyes
25
+
18
26
  reyes:
19
27
  pgp:
20
28
  signing_key: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
@@ -8,6 +8,21 @@ module Reyes
8
8
 
9
9
  include Chalk::Log
10
10
 
11
+ # Short names for AWS regions to save space in ipset names
12
+ RegionShortNames = {
13
+ 'us-east-1' => 'VA',
14
+ 'us-west-2' => 'OR',
15
+ 'us-west-1' => 'CA',
16
+ 'eu-west-1' => 'IE',
17
+ 'eu-central-1' => 'DE',
18
+ 'ap-southeast-1' => 'SG',
19
+ 'ap-southeast-2' => 'AU',
20
+ 'ap-northeast-1' => 'JP',
21
+ 'sa-east-1' => 'BR',
22
+ 'us-gov-west-1' => 'GV',
23
+ 'cn-north-1' => 'CN',
24
+ }
25
+
11
26
  def self.with_retries(retries=5, delay=2)
12
27
  raise ArgumentError.new('Block is required') unless block_given?
13
28
  begin
@@ -115,21 +130,107 @@ module Reyes
115
130
  end
116
131
  end
117
132
 
133
+ # Generate AWS data suitable for offline rule processing.
134
+ #
135
+ # The data will include EC2 instance and security group information for
136
+ # each region. (see `#regions`)
137
+ #
138
+ # Generated DATA will be a hash including these keys:
139
+ #
140
+ # DATA:
141
+ #
142
+ # 'metadata' => hash including information about the generation process
143
+ # 'vpcs' => A mapping of VPC ID => VPC_DATA
144
+ # 'classic_cidr_blocks' => from config: list of EC2 classic CIDR blocks
145
+ # 'excluded_group_names' => from config: list of security group names
146
+ # to ignore
147
+ # 'security_groups_by_name' => An index of global security groups by
148
+ # name. See SG_GROUPS_BY_NAME below.
149
+ # 'regions' => A hash of {region_name => REGION_DATA}
150
+ #
151
+ #
152
+ # VPC_DATA: information about a VPC, including:
153
+ #
154
+ # - region
155
+ # - cidr_block
156
+ #
157
+ #
158
+ # SG_GROUPS_BY_NAME: a mapping of {security_group_name => SG_REFS}
159
+ #
160
+ # some_group_name:
161
+ # - region: us-east-1
162
+ # group_id: sg-1234eeee
163
+ # vpc: vpc-eeeeeeee
164
+ # - region: us-west-1
165
+ # group_id: sg-1234cccc
166
+ # vpc: null
167
+ #
168
+ #
169
+ # REGION_DATA
170
+ #
171
+ # 'instances' => mapping of {instance_id => INSTANCE_DATA}
172
+ # 'security_groups' => mapping of {group_id => SG_DATA}
173
+ #
174
+ #
175
+ # INSTANCE_DATA: information about an instance, including:
176
+ #
177
+ # - tags
178
+ # - region
179
+ # - vpc (ID)
180
+ # - availability_zone
181
+ # - private_ip_address
182
+ # - public_ip_address
183
+ # - security_groups (IDs)
184
+ # - security_group_names
185
+ #
186
+ #
187
+ # SG_DATA: information about a security group, including:
188
+ #
189
+ # - name
190
+ # - description
191
+ # - vpc (ID)
192
+ # - region
193
+ # - ipset_suffix (a name appropriate for an IPset)
194
+ # - ingress_ip_permissions => list of IP_PERMISSION_DATA
195
+ # - instances (IDs)
196
+ #
197
+ #
198
+ # IP_PERMISSION_DATA: information about an IP Permission, including:
199
+ #
200
+ # - protocol
201
+ # - port_start
202
+ # - port_end
203
+ # - ip_ranges => list of CIDR block strings
204
+ # - group_names => list of security group names
205
+ #
206
+ #
207
+ # @return [Hash]
208
+ #
118
209
  def generate_fake_data
119
210
  log.info('Generating AWS data for serialization')
120
211
  start = Time.now.utc
121
212
  data = {
122
213
  'metadata' => {
214
+ 'format_version' => Reyes::JSON_FORMAT_VERSION,
123
215
  'generated' => start,
124
216
  'generated_stamp' => start.to_i,
125
217
  'hostname' => Socket.gethostname,
126
218
  'pid' => Process.pid,
127
219
  },
128
- 'vpcs' => vpcs.map(&:id),
220
+ 'vpcs' => {},
221
+ 'classic_cidr_blocks' => aws_config.fetch('classic_cidr_blocks'),
222
+ 'excluded_group_names' => aws_config.fetch('excluded_group_names'),
129
223
  'security_groups_by_name' => {},
130
224
  'regions' => {},
131
225
  }
132
226
 
227
+ vpcs.each do |vpc|
228
+ data['vpcs'][vpc.vpc_id] = {
229
+ 'region' => vpc.client.config.ec2_region,
230
+ 'cidr_block' => vpc.cidr_block,
231
+ }
232
+ end
233
+
133
234
  regions.each do |region|
134
235
  data['regions'][region] = fake_data_for_region(region)
135
236
  end
@@ -189,6 +290,7 @@ module Reyes
189
290
  data['instances'][i.instance_id] = {
190
291
  'tags' => i.tags.to_h.to_hash,
191
292
  'region' => region,
293
+ 'vpc' => i.vpc_id,
192
294
  'availability_zone' => i.availability_zone,
193
295
  'private_ip_address' => i.private_ip_address,
194
296
  'public_ip_address' => i.public_ip_address,
@@ -248,7 +350,7 @@ module Reyes
248
350
  #
249
351
  def ipset_suffix_for_group(region, group)
250
352
  [
251
- Reyes::GroupManager::RegionShortNames.fetch(region),
353
+ RegionShortNames.fetch(region),
252
354
  group.group_id,
253
355
  group.name,
254
356
  ].join(':')[0...31]
@@ -1,5 +1,4 @@
1
1
  require 'json'
2
- require 'set'
3
2
 
4
3
  module Reyes
5
4
  class FakeAws
@@ -9,6 +8,13 @@ module Reyes
9
8
  def initialize(data)
10
9
  @data = data
11
10
  log.info("Initialized FakeAws with metadata: #{metadata.inspect}")
11
+
12
+ version = metadata['format_version']
13
+ if version != Reyes::JSON_FORMAT_VERSION
14
+ log.error("WARNING: JSON format_version #{version.inspect} " \
15
+ "differs from our version #{Reyes::JSON_FORMAT_VERSION}")
16
+ log.error('Proceeding anyway...')
17
+ end
12
18
  end
13
19
 
14
20
  def region_data(region)
@@ -47,11 +53,31 @@ module Reyes
47
53
  security_group(region, security_group_id).fetch('instances')
48
54
  end
49
55
 
50
- def foreign_groups_by_name(group_name)
56
+ # Look up remote security group data. If `vpc_id` is nil, all VPC security
57
+ # groups will be returned. If `vpc_id` is given, all EC2 classic and all
58
+ # VPC security groups that aren't in the given VPC will be returned.
59
+ #
60
+ # @param group_name [String] The name of the groups to fetch.
61
+ # @param vpc_id [String, nil] The String VPC ID or nil if EC2 classic of
62
+ # the current cluster.
63
+ #
64
+ # @return [Hash<Hash>] A mapping of group_id => group_data for relevant
65
+ # security groups.
66
+ #
67
+ def foreign_groups_by_name(group_name, vpc_id)
51
68
  vpc_set = vpc_ids.to_set
52
69
  groups = {}
53
70
  @data.fetch('security_groups_by_name').fetch(group_name).each do |g|
54
- next unless vpc_set.include?(g.fetch('vpc'))
71
+
72
+ group_vpc_id = g.fetch('vpc')
73
+
74
+ # skip local groups that are not foreign
75
+ # (groups with same VPC ID / VPCness)
76
+ next if group_vpc_id == vpc_id
77
+
78
+ # skip VPC groups that are not listed in our config
79
+ next if group_vpc_id && !vpc_set.include?(group_vpc_id)
80
+
55
81
  groups[g.fetch('group_id')] = security_group(g.fetch('region'),
56
82
  g.fetch('group_id'))
57
83
  end
@@ -59,12 +85,45 @@ module Reyes
59
85
  groups
60
86
  end
61
87
 
62
- def vpc_ids
88
+ def vpcs
63
89
  @data.fetch('vpcs')
64
90
  end
65
91
 
92
+ def vpcs_except(vpc_id)
93
+ unless vpc_id.is_a?(String)
94
+ raise ArgumentError.new("#{vpc_id.inspect} must be a String")
95
+ end
96
+ vpcs.find_all {|v, _| v != vpc_id }
97
+ end
98
+
99
+ def vpc_ids
100
+ @data.fetch('vpcs').keys
101
+ end
102
+
103
+ # We could actually calculate this data, but it makes assigning security
104
+ # group rules a little bit trickier, so these will be generated statically
105
+ # from config.
106
+ def ec2_classic_cidr_blocks
107
+ @data.fetch('classic_cidr_blocks')
108
+ end
109
+
110
+ # Return all EC2 classic and VPC CIDR blocks that are not in `self_vpc_id`.
111
+ #
112
+ # @param [String] self_vpc_id
113
+ #
114
+ # @return [Array<String>] A list of CIDR block strings.
115
+ #
116
+ def remote_cidr_blocks(self_vpc_id)
117
+ nets = vpcs_except(self_vpc_id).map {|v, data| data.fetch('cidr_block') }
118
+ return nets + ec2_classic_cidr_blocks
119
+ end
120
+
66
121
  def metadata
67
122
  @data.fetch('metadata')
68
123
  end
124
+
125
+ def excluded_group_names
126
+ @data.fetch('excluded_group_names')
127
+ end
69
128
  end
70
129
  end
@@ -1,24 +1,11 @@
1
+ require 'ipaddr'
2
+
1
3
  module Reyes
2
4
 
3
5
  # TODO: use a more precise name
4
6
  class GroupManager
5
7
  include Chalk::Log
6
8
 
7
- # Short names for AWS regions to save space in ipset names
8
- RegionShortNames = {
9
- 'us-east-1' => 'VA',
10
- 'us-west-2' => 'OR',
11
- 'us-west-1' => 'CA',
12
- 'eu-west-1' => 'IE',
13
- 'eu-central-1' => 'DE',
14
- 'ap-southeast-1' => 'SG',
15
- 'ap-southeast-2' => 'AU',
16
- 'ap-northeast-1' => 'JP',
17
- 'sa-east-1' => 'BR',
18
- 'us-gov-west-1' => 'GV',
19
- 'cn-north-1' => 'CN',
20
- }
21
-
22
9
  ReyesInputChain = 'reyes-ipsec-input'
23
10
 
24
11
  attr_reader :fake_aws, :instance_id
@@ -36,9 +23,39 @@ module Reyes
36
23
  @instance_id = instance_id
37
24
  end
38
25
 
26
+ # Whether the self EC2 instance is in VPC.
27
+ #
28
+ # @return [Boolean]
29
+ #
30
+ def vpc?
31
+ !!vpc_id
32
+ end
33
+
34
+ # The VPC ID (or nil) of the self EC2 instance.
35
+ #
36
+ # @return [String, nil]
37
+ #
38
+ def vpc_id
39
+ our_instance.fetch('vpc')
40
+ end
41
+
42
+ # Look up data for this instance from FakeAws data.
43
+ #
39
44
  # @return [Hash]
40
- def our_groups
41
- fake_aws.security_groups_for_instance(@region, @instance_id)
45
+ #
46
+ def our_instance
47
+ fake_aws.instance(@region, @instance_id)
48
+ end
49
+
50
+ # @return [Hash]
51
+ def our_groups(skip_excluded=true)
52
+ data = fake_aws.security_groups_for_instance(@region, @instance_id)
53
+ if skip_excluded
54
+ exclude = fake_aws.excluded_group_names.to_set
55
+ data.reject {|g_id, g_data| exclude.include?(g_data.fetch('name')) }
56
+ else
57
+ data
58
+ end
42
59
  end
43
60
 
44
61
  def generate_rules_empty
@@ -50,7 +67,7 @@ module Reyes
50
67
 
51
68
  def load_from_s3(aws, config)
52
69
  s3 = S3Loader.new(aws, config)
53
- data = s3.latest
70
+ s3.latest
54
71
  end
55
72
 
56
73
  # Given our instance ID and security group rules, generate IPTables rules
@@ -133,20 +150,6 @@ module Reyes
133
150
  end
134
151
  end
135
152
 
136
- # TODO: delurk
137
- def create_iptables_rules(data)
138
- data.fetch(:groups).each do |cluster, items|
139
- log.info "Creating rules for #{cluster}"
140
- items.each do |item|
141
- rules = Reyes::IPTables.generate_rules_from_hash(item)
142
- rules.each do |rule|
143
- log.info(" #{rule.cmd.join(" ")}")
144
- rule.materialize
145
- end
146
- end
147
- end
148
- end
149
-
150
153
  # @return [Integer]
151
154
  def run_generation
152
155
  @generation.value
@@ -162,20 +165,6 @@ module Reyes
162
165
  @generation.increment!
163
166
  end
164
167
 
165
- # TODO: delurk
166
- # @param group [AWS::EC2::SecurityGroup]
167
- #
168
- # @return [String] A string title, at most 31 characters long
169
- #
170
- def ipset_name_for_group(group)
171
- [
172
- run_generation.to_s,
173
- RegionShortNames.fetch(group.client.instance_variable_get(:@region)),
174
- group.group_id,
175
- group.name,
176
- ].join(':')[0...31]
177
- end
178
-
179
168
  # @param group_hash [Hash]
180
169
  #
181
170
  # @return [String] A string title, at most 31 characters long
@@ -209,17 +198,56 @@ module Reyes
209
198
  # @return [Array<String>] A list of private instance IP addresses
210
199
  #
211
200
  def addresses_for_group(region, group_id)
212
- fake_aws.addresses_for_security_group(region, group_id)
201
+ fake_aws.addresses_for_security_group(region, group_id).reject(&:nil?)
213
202
  end
214
203
 
215
- # Look up remote VPC security groups by name.
204
+ # Look up remote VPC / EC2 classic security groups by name.
216
205
  #
217
206
  # @param name [String]
218
207
  #
219
208
  # @return [Hash]
220
209
  #
210
+ # @see FakeAws#foreign_groups_by_name
211
+ #
221
212
  def foreign_groups_by_name(name)
222
- fake_aws.foreign_groups_by_name(name)
213
+ fake_aws.foreign_groups_by_name(name, vpc_id)
214
+ end
215
+
216
+ # Generate a list of IPTables script lines that will inject traffic into
217
+ # the Reyes processing chain.
218
+ #
219
+ # In EC2 classic, traffic relevant to Reyes will be arriving directly
220
+ # through IPsec, so these rules will filter all IPsec traffic.
221
+ #
222
+ # In VPC, traffic relevant to Reyes may be forwarded by VPN servers and
223
+ # arrive from VPC CIDR blocks or EC2 classic CIDR blocks. All of this CIDR
224
+ # block information will be fetched from FakeAws data.
225
+ #
226
+ # @return [Array<String>]
227
+ #
228
+ def input_chain_rules
229
+ if vpc?
230
+ # filter all remote CIDR blocks through reyes
231
+ fake_aws.remote_cidr_blocks(vpc_id).map do |cidr|
232
+
233
+ # make sure cidr block can be parsed as an IPAddr
234
+ IPAddr.new(cidr)
235
+
236
+ # safeguard against accidentally including our own CIDR block
237
+ if cidr == fake_aws.vpcs.fetch(vpc_id).fetch('cidr_block')
238
+ log.error('Somehow remote_cidr_blocks includes our cidr_block')
239
+ log.error("Our VPC: #{vpc_id.inspect}")
240
+ log.error("Our CIDR block: #{cidr.inspect}")
241
+ raise ArgumentError.new(
242
+ "Refusing to filter CIDR block for self VPC")
243
+ end
244
+
245
+ "-A INPUT -s #{cidr} -j #{ReyesInputChain}"
246
+ end
247
+ else
248
+ # filter all ipsec tunneled traffic through reyes
249
+ ["-A INPUT -m policy --pol ipsec --dir in -j #{ReyesInputChain}"]
250
+ end
223
251
  end
224
252
 
225
253
  # @param [Hash] data
@@ -269,8 +297,13 @@ module Reyes
269
297
  lines << '-A reyes-accept -j reyes-log-accept' if log_accept
270
298
  lines << '-A reyes-accept -j ACCEPT'
271
299
 
272
- # filter all ipsec tunneled traffic through reyes
273
- lines << "-A INPUT -m policy --pol ipsec --dir in -j #{ReyesInputChain}"
300
+ # add rules to direct appropriate traffic into reyes
301
+ lines << ''
302
+ lines << '# input chain rules'
303
+ lines.concat(input_chain_rules)
304
+
305
+ lines << ''
306
+ lines << '# static global rules'
274
307
 
275
308
  # allow normal ICMP traffic
276
309
  IPTables.innocuous_icmp_rules(ReyesInputChain).each do |r|
@@ -102,10 +102,7 @@ module Reyes
102
102
 
103
103
  def keyring_args
104
104
  [
105
- '--no-default-keyring',
106
- '--keyring', keyring_file('pubring.gpg'),
107
- '--secret-keyring', keyring_file('secring.gpg'),
108
- '--trustdb-name', keyring_file('trustdb.gpg'),
105
+ '--homedir', @keyring_directory
109
106
  ]
110
107
  end
111
108
 
data/lib/reyes/version.rb CHANGED
@@ -1,3 +1,7 @@
1
1
  module Reyes
2
- VERSION = '0.2.4' unless defined?(self::VERSION)
2
+ # The Reyes version number
3
+ VERSION = '0.3.1' unless defined?(self::VERSION)
4
+
5
+ # Number defining the JSON serialization format
6
+ JSON_FORMAT_VERSION = 2 unless defined?(self::JSON_FORMAT_VERSION)
3
7
  end
data/reyes.gemspec CHANGED
@@ -41,4 +41,6 @@ Gem::Specification.new do |gem|
41
41
  gem.add_development_dependency 'pry'
42
42
  gem.add_development_dependency 'rake'
43
43
  gem.add_development_dependency 'rubocop'
44
+
45
+ gem.required_ruby_version = '>= 1.9.3'
44
46
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: reyes
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.4
4
+ version: 0.3.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andy Brody
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2015-02-26 00:00:00.000000000 Z
12
+ date: 2015-03-03 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: aws-sdk
@@ -142,7 +142,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
142
142
  requirements:
143
143
  - - ! '>='
144
144
  - !ruby/object:Gem::Version
145
- version: '0'
145
+ version: 1.9.3
146
146
  required_rubygems_version: !ruby/object:Gem::Requirement
147
147
  requirements:
148
148
  - - ! '>='