s3_website 3.2.0 → 3.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +12 -0
- data/build.sbt +1 -1
- data/changelog.md +7 -0
- data/lib/s3_website/version.rb +1 -1
- data/s3_website.gemspec +1 -1
- data/src/main/scala/s3/website/model/Config.scala +22 -11
- data/src/main/scala/s3/website/model/Site.scala +5 -1
- data/src/test/scala/s3/website/ConfigSpec.scala +70 -7
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d2d86efb2bc83642857893a73ac42a0ff82146a3
|
4
|
+
data.tar.gz: b748923cfed9efdd95a8d90ab9f9f6e425ada01b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 84d74230f742a5e8bbb8c2092919dca117515e5e958247d950a4d88f51aff86f9c3acb8e2c4cac6b8136f551b32f821c8112a09375a6f86e1e21d9eb7802306a
|
7
|
+
data.tar.gz: cf69eff43b25595b3a9fb73521cd43c6ff8356f47772ff7a930dbc058cd5279b2bece559272c0684438130bcac9bca2b1bb1e7742ba0e152623449abc5123815
|
data/README.md
CHANGED
@@ -56,6 +56,18 @@ the project's root you can specify the directory like so:
|
|
56
56
|
|
57
57
|
If you omit `s3_id` from your `s3_website.yml`, S3_website will fall back to reading from the [default AWS SDK locations](http://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html). For instance, if you've used `aws configure` to set up credentials in `~/.aws/credentials`, S3_website can use these.
|
58
58
|
|
59
|
+
### Using an AWS profile or a profile that assumes a role
|
60
|
+
|
61
|
+
If you omit `s3_id`, `s3_secret`, and `session_token` you can specify an AWS credentials profile to use via the `profile` configuration variable, eg:
|
62
|
+
|
63
|
+
profile: name_of_aws_profile
|
64
|
+
|
65
|
+
In addition, if you want this profile to assume a role before executing against S3, use the `profile_assume_role_arn` variable, eg:
|
66
|
+
|
67
|
+
profile_assume_role_arn: arn_of_role_to_assume
|
68
|
+
|
69
|
+
(Note: you have to use a regular profile with an ID and SECRET and specify the role ARN via a variable like this instead of a profile that specifies a `role_arn` as documented [here](http://docs.aws.amazon.com/cli/latest/userguide/cli-roles.html) since it does not look like the Java SDK supports that format, yet...)
|
70
|
+
|
59
71
|
### Using environment variables
|
60
72
|
|
61
73
|
You can use ERB in your `s3_website.yml` file which incorporates environment variables:
|
data/build.sbt
CHANGED
@@ -18,7 +18,7 @@ libraryDependencies += "org.yaml" % "snakeyaml" % "1.13"
|
|
18
18
|
|
19
19
|
libraryDependencies += "org.jruby" % "jruby" % "1.7.11"
|
20
20
|
|
21
|
-
libraryDependencies += "com.amazonaws" % "aws-java-sdk" % "1.11.
|
21
|
+
libraryDependencies += "com.amazonaws" % "aws-java-sdk" % "1.11.172"
|
22
22
|
|
23
23
|
libraryDependencies += "log4j" % "log4j" % "1.2.17"
|
24
24
|
|
data/changelog.md
CHANGED
@@ -2,6 +2,13 @@
|
|
2
2
|
|
3
3
|
This project uses [Semantic Versioning](http://semver.org).
|
4
4
|
|
5
|
+
## 3.3.0
|
6
|
+
|
7
|
+
* Support `http_error_code_returned_equals` in redirect rules
|
8
|
+
|
9
|
+
See <https://github.com/laurilehmijoki/configure-s3-website/pull/21> for
|
10
|
+
discussion
|
11
|
+
|
5
12
|
## 3.2.0
|
6
13
|
|
7
14
|
* Fall back to [the default credentials sources](http://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html) if `s3_id` is not provided in `s3_website.yml`
|
data/lib/s3_website/version.rb
CHANGED
data/s3_website.gemspec
CHANGED
@@ -18,7 +18,7 @@ Gem::Specification.new do |s|
|
|
18
18
|
s.default_executable = %q{s3_website}
|
19
19
|
|
20
20
|
s.add_dependency 'thor', '~> 0.18'
|
21
|
-
s.add_dependency 'configure-s3-website', '= 2.
|
21
|
+
s.add_dependency 'configure-s3-website', '= 2.2.0'
|
22
22
|
s.add_dependency 'colored', '1.2'
|
23
23
|
s.add_dependency 'dotenv', '~> 1.0'
|
24
24
|
|
@@ -8,12 +8,15 @@ import scala.util.{Failure, Try}
|
|
8
8
|
import scala.collection.JavaConversions._
|
9
9
|
import s3.website.Ruby.rubyRuntime
|
10
10
|
import s3.website._
|
11
|
-
import com.amazonaws.auth.{AWSCredentialsProvider, BasicAWSCredentials, BasicSessionCredentials, AWSStaticCredentialsProvider, DefaultAWSCredentialsProviderChain}
|
11
|
+
import com.amazonaws.auth.{AWSCredentialsProvider, BasicAWSCredentials, BasicSessionCredentials, AWSStaticCredentialsProvider, DefaultAWSCredentialsProviderChain, STSAssumeRoleSessionCredentialsProvider}
|
12
|
+
import com.amazonaws.auth.profile.ProfileCredentialsProvider
|
12
13
|
|
13
14
|
case class Config(
|
14
15
|
s3_id: Option[String], // If undefined, use IAM Roles (http://docs.aws.amazon.com/AWSSdkDocsJava/latest/DeveloperGuide/java-dg-roles.html)
|
15
16
|
s3_secret: Option[String], // If undefined, use IAM Roles (http://docs.aws.amazon.com/AWSSdkDocsJava/latest/DeveloperGuide/java-dg-roles.html)
|
16
17
|
session_token: Option[String], // If defined, the AWS Security Token Service session token (http://docs.aws.amazon.com/STS/latest/APIReference/Welcome.html)
|
18
|
+
profile: Option[String], // If defined, the AWS profile to use for credentials
|
19
|
+
profile_assume_role_arn: Option[String], // If defined, the ARN of the role to assume
|
17
20
|
s3_bucket: String,
|
18
21
|
s3_endpoint: S3Endpoint,
|
19
22
|
site: Option[String],
|
@@ -37,21 +40,29 @@ case class Config(
|
|
37
40
|
object Config {
|
38
41
|
|
39
42
|
def awsCredentials(config: Config): AWSCredentialsProvider = {
|
40
|
-
val credentialsFromConfigFile: Option[
|
41
|
-
|
42
|
-
None
|
43
|
-
} else if (config.session_token.isEmpty) {
|
43
|
+
val credentialsFromConfigFile: Option[AWSCredentialsProvider] =
|
44
|
+
(
|
44
45
|
for {
|
45
46
|
s3_id <- config.s3_id
|
46
47
|
s3_secret <- config.s3_secret
|
47
|
-
|
48
|
-
|
48
|
+
session_token <- config.session_token
|
49
|
+
} yield new AWSStaticCredentialsProvider(new BasicSessionCredentials(s3_id, s3_secret, session_token))
|
50
|
+
) orElse (
|
49
51
|
for {
|
50
52
|
s3_id <- config.s3_id
|
51
53
|
s3_secret <- config.s3_secret
|
52
|
-
|
53
|
-
|
54
|
-
|
54
|
+
} yield new AWSStaticCredentialsProvider(new BasicAWSCredentials(s3_id, s3_secret))
|
55
|
+
) orElse (
|
56
|
+
for {
|
57
|
+
profile <- config.profile
|
58
|
+
profile_assume_role_arn <- config.profile_assume_role_arn
|
59
|
+
} yield new STSAssumeRoleSessionCredentialsProvider.Builder(profile_assume_role_arn, "s3_website_assume_role_session")
|
60
|
+
.withLongLivedCredentialsProvider(new ProfileCredentialsProvider(profile)).build()
|
61
|
+
) orElse (
|
62
|
+
for {
|
63
|
+
profile <- config.profile
|
64
|
+
} yield new ProfileCredentialsProvider(profile)
|
65
|
+
)
|
55
66
|
credentialsFromConfigFile getOrElse new DefaultAWSCredentialsProviderChain
|
56
67
|
}
|
57
68
|
|
@@ -235,4 +246,4 @@ object Config {
|
|
235
246
|
case class S3_website_yml(file: File) {
|
236
247
|
override def toString = file.getPath
|
237
248
|
}
|
238
|
-
}
|
249
|
+
}
|
@@ -36,6 +36,8 @@ object Site {
|
|
36
36
|
s3_id <- loadOptionalString("s3_id").right
|
37
37
|
s3_secret <- loadOptionalString("s3_secret").right
|
38
38
|
session_token <- loadOptionalString("session_token").right
|
39
|
+
profile <- loadOptionalString("profile").right
|
40
|
+
profile_assume_role_arn <- loadOptionalString("profile_assume_role_arn").right
|
39
41
|
s3_bucket <- loadRequiredString("s3_bucket").right
|
40
42
|
s3_endpoint <- loadEndpoint.right
|
41
43
|
site <- loadOptionalString("site").right
|
@@ -67,6 +69,8 @@ object Site {
|
|
67
69
|
s3_id,
|
68
70
|
s3_secret,
|
69
71
|
session_token,
|
72
|
+
profile,
|
73
|
+
profile_assume_role_arn,
|
70
74
|
s3_bucket,
|
71
75
|
s3_endpoint getOrElse S3Endpoint.defaultEndpoint,
|
72
76
|
site,
|
@@ -152,4 +156,4 @@ object Site {
|
|
152
156
|
Right(None)
|
153
157
|
}
|
154
158
|
}
|
155
|
-
}
|
159
|
+
}
|
@@ -1,16 +1,47 @@
|
|
1
1
|
package s3.website
|
2
|
-
import com.amazonaws.auth.
|
2
|
+
import com.amazonaws.auth.profile.ProfileCredentialsProvider
|
3
|
+
import com.amazonaws.auth.{BasicAWSCredentials, BasicSessionCredentials, DefaultAWSCredentialsProviderChain, STSAssumeRoleSessionCredentialsProvider}
|
3
4
|
import org.specs2.mutable.Specification
|
4
5
|
import s3.website.model.{Config, S3Endpoint}
|
5
6
|
|
6
7
|
class ConfigSpec extends Specification {
|
7
8
|
|
8
9
|
"Config#awsCredentials" should {
|
10
|
+
s"return ${classOf[BasicSessionCredentials]} when s3_id, s3_secret and session_token are defined in the config" in {
|
11
|
+
Config.awsCredentials(Config(
|
12
|
+
s3_id = Some("test"),
|
13
|
+
s3_secret = Some("secret"),
|
14
|
+
session_token = Some("Token"),
|
15
|
+
profile = None,
|
16
|
+
profile_assume_role_arn = None,
|
17
|
+
s3_bucket = "foo",
|
18
|
+
s3_endpoint = S3Endpoint.defaultEndpoint,
|
19
|
+
site = None,
|
20
|
+
max_age = None,
|
21
|
+
cache_control = None,
|
22
|
+
gzip = None,
|
23
|
+
gzip_zopfli = None,
|
24
|
+
s3_key_prefix = None,
|
25
|
+
ignore_on_server = None,
|
26
|
+
exclude_from_upload = None,
|
27
|
+
s3_reduced_redundancy = None,
|
28
|
+
cloudfront_distribution_id = None,
|
29
|
+
cloudfront_invalidate_root = None,
|
30
|
+
content_type = None,
|
31
|
+
redirects = None,
|
32
|
+
concurrency_level = 1,
|
33
|
+
cloudfront_wildcard_invalidation = None,
|
34
|
+
treat_zero_length_objects_as_redirects = None
|
35
|
+
)).getCredentials must beAnInstanceOf[BasicSessionCredentials]
|
36
|
+
}
|
37
|
+
|
9
38
|
s"return ${classOf[BasicAWSCredentials]} when s3_id and s3_secret are defined in the config" in {
|
10
39
|
Config.awsCredentials(Config(
|
11
40
|
s3_id = Some("test"),
|
12
41
|
s3_secret = Some("secret"),
|
13
42
|
session_token = None,
|
43
|
+
profile = None,
|
44
|
+
profile_assume_role_arn = None,
|
14
45
|
s3_bucket = "foo",
|
15
46
|
s3_endpoint = S3Endpoint.defaultEndpoint,
|
16
47
|
site = None,
|
@@ -32,11 +63,13 @@ class ConfigSpec extends Specification {
|
|
32
63
|
)).getCredentials must beAnInstanceOf[BasicAWSCredentials]
|
33
64
|
}
|
34
65
|
|
35
|
-
s"return ${classOf[
|
66
|
+
s"return ${classOf[STSAssumeRoleSessionCredentialsProvider]} when profile and profile_assume_role_arn are defined in the config" in {
|
36
67
|
Config.awsCredentials(Config(
|
37
|
-
s3_id =
|
38
|
-
s3_secret =
|
39
|
-
session_token =
|
68
|
+
s3_id = None,
|
69
|
+
s3_secret = None,
|
70
|
+
session_token = None,
|
71
|
+
profile = Some("profile_name"),
|
72
|
+
profile_assume_role_arn = Some("arn:aws:iam::account-id:role/role-name"),
|
40
73
|
s3_bucket = "foo",
|
41
74
|
s3_endpoint = S3Endpoint.defaultEndpoint,
|
42
75
|
site = None,
|
@@ -55,14 +88,44 @@ class ConfigSpec extends Specification {
|
|
55
88
|
concurrency_level = 1,
|
56
89
|
cloudfront_wildcard_invalidation = None,
|
57
90
|
treat_zero_length_objects_as_redirects = None
|
58
|
-
))
|
91
|
+
)) must beAnInstanceOf[STSAssumeRoleSessionCredentialsProvider]
|
92
|
+
}
|
93
|
+
|
94
|
+
s"return ${classOf[ProfileCredentialsProvider]} when profile is defined in the config" in {
|
95
|
+
Config.awsCredentials(Config(
|
96
|
+
s3_id = None,
|
97
|
+
s3_secret = None,
|
98
|
+
session_token = None,
|
99
|
+
profile = Some("profile_name"),
|
100
|
+
profile_assume_role_arn = None,
|
101
|
+
s3_bucket = "foo",
|
102
|
+
s3_endpoint = S3Endpoint.defaultEndpoint,
|
103
|
+
site = None,
|
104
|
+
max_age = None,
|
105
|
+
cache_control = None,
|
106
|
+
gzip = None,
|
107
|
+
gzip_zopfli = None,
|
108
|
+
s3_key_prefix = None,
|
109
|
+
ignore_on_server = None,
|
110
|
+
exclude_from_upload = None,
|
111
|
+
s3_reduced_redundancy = None,
|
112
|
+
cloudfront_distribution_id = None,
|
113
|
+
cloudfront_invalidate_root = None,
|
114
|
+
content_type = None,
|
115
|
+
redirects = None,
|
116
|
+
concurrency_level = 1,
|
117
|
+
cloudfront_wildcard_invalidation = None,
|
118
|
+
treat_zero_length_objects_as_redirects = None
|
119
|
+
)) must beAnInstanceOf[ProfileCredentialsProvider]
|
59
120
|
}
|
60
121
|
|
61
|
-
s"return ${classOf[DefaultAWSCredentialsProviderChain]} when s3_id and
|
122
|
+
s"return ${classOf[DefaultAWSCredentialsProviderChain]} when s3_id, s3_secret, profile and profile_assume_role_arn are not defined in the config" in {
|
62
123
|
Config.awsCredentials(Config(
|
63
124
|
s3_id = None,
|
64
125
|
s3_secret = None,
|
65
126
|
session_token = None,
|
127
|
+
profile = None,
|
128
|
+
profile_assume_role_arn = None,
|
66
129
|
s3_bucket = "foo",
|
67
130
|
s3_endpoint = S3Endpoint.defaultEndpoint,
|
68
131
|
site = None,
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: s3_website
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.
|
4
|
+
version: 3.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Lauri Lehmijoki
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-
|
11
|
+
date: 2017-09-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: thor
|
@@ -30,14 +30,14 @@ dependencies:
|
|
30
30
|
requirements:
|
31
31
|
- - '='
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: 2.
|
33
|
+
version: 2.2.0
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
38
|
- - '='
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version: 2.
|
40
|
+
version: 2.2.0
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
42
|
name: colored
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|