secret_config 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6ac6f9526e20dd9f6b39762ff6363ec3090fa51db2dfa0726351742d7abe5f3e
-  data.tar.gz: 78e69dd6f2bed35f5dde021a0ef247d392fee388ae5d3b3c3f41ca551928ec0c
+  metadata.gz: ce78920783d826865d118ba93de56be3e428d766efd502070999f7a5b1ebb069
+  data.tar.gz: 69bf56d09a5e20e3966531a9e75591c44376c6e5d0413d429a79dbfad11d4823
 SHA512:
-  metadata.gz: 3f8fd6c22492f28bf71b1938792fe1cc392bfd073a0e541645dfd7869fe41f12f54e53575eabb9252440f34a137cce1b2bad89667dba84f80fec3183ef17de8f
-  data.tar.gz: f2ea35ffbb3acecacff2eca9ca16c73f3e6b1de15a78b3c19e8f2b59b6425fccc01c8c06779167ae3470d7fb5688bd7cbb5ec4e652f31841518bb824662417c9
+  metadata.gz: dee07a19a4728594c49f9c207d2006dde24ce2d87e25654c274efa11de4a9e0c274b9c66c6e31b4d8043c756fa007df8a2e5db84a189bf36b5ebeef2c596138c
+  data.tar.gz: 3a1eb219305927565c9920943bbde78b34bb4a1ad2cc7c703cb53bef9a1c7a35a3b9d82736d7969af4c08562de85dc05bc4224f76d6c2f38474ea0d479297ec2

data/lib/secret_config.rb

@@ -24,8 +24,8 @@ module SecretConfig
   end
 
   def self.root
-    @root ||= ENV["SECRETCONFIG_ROOT"] ||
-      raise(UndefinedRootError, "Either set env var 'SECRETCONFIG_ROOT' or call SecretConfig.root=")
+    @root ||= ENV["SECRET_CONFIG_ROOT"] ||
+      raise(UndefinedRootError, "Either set env var 'SECRET_CONFIG_ROOT' or call SecretConfig.root=")
   end
 
   def self.root=(root)
@@ -33,8 +33,15 @@ module SecretConfig
     @registry = nil if @registry
   end
 
-  def self.provider #(provider, **args)
-    @provider ||= (ENV["SECRETCONFIG_PROVIDER"] || :file).to_sym
+  # When provider is not supplied, returns the current provider instance
+  # When provider is supplied, sets the new provider and stores any arguments
+  def self.provider(provider = nil, **args)
+    if provider.nil?
+      return @provider ||= create_provider((ENV["SECRET_CONFIG_PROVIDER"] || :file).to_sym)
+    end
+
+    @provider      = create_provider(provider, args)
+    @registry      = nil if @registry
   end
 
   def self.provider=(provider)
@@ -45,4 +52,37 @@ module SecretConfig
   def self.registry
     @registry ||= SecretConfig::Registry.new(root: root, provider: provider)
   end
+
+  private
+
+  def self.create_provider(provider, args = nil)
+    klass = constantize_symbol(provider)
+    if args && args.size > 0
+      klass.new(**args)
+    else
+      klass.new
+    end
+  end
+
+  def implementation
+    @implementation ||= constantize_symbol(provider).new
+  end
+
+  def self.constantize_symbol(symbol, namespace = 'SecretConfig::Providers')
+    klass = "#{namespace}::#{camelize(symbol.to_s)}"
+    begin
+      Object.const_get(klass)
+    rescue NameError
+      raise(ArgumentError, "Could not convert symbol: #{symbol.inspect} to a class in: #{namespace}. Looking for: #{klass}")
+    end
+  end
+
+  # Borrow from Rails, when not running Rails
+  def self.camelize(term)
+    string = term.to_s
+    string = string.sub(/^[a-z\d]*/, &:capitalize)
+    string.gsub!(/(?:_|(\/))([a-z\d]*)/i) { "#{Regexp.last_match(1)}#{Regexp.last_match(2).capitalize}" }
+    string.gsub!('/'.freeze, '::'.freeze)
+    string
+  end
 end

data/lib/secret_config/providers/file.rb

@@ -7,7 +7,7 @@ module SecretConfig
     class File
       attr_reader :file_name
 
-      def initialize(file_name: ENV['SECRETCONFIG_FILE_NAME'] || "config/application.yml")
+      def initialize(file_name: "config/application.yml")
         @file_name = file_name
         raise(ConfigurationError, "Cannot find config file: #{file_name}") unless ::File.exist?(file_name)
       end

data/lib/secret_config/providers/ssm.rb

@@ -6,7 +6,7 @@ module SecretConfig
     class Ssm
       attr_reader :client, :key_id
 
-      def initialize(key_id: ENV["SECRETCONFIG_KEY_ID"])
+      def initialize(key_id: nil)
         @key_id = key_id
         logger  = SemanticLogger['Aws::SSM'] if defined?(SemanticLogger)
         @client = Aws::SSM::Client.new(logger: logger)

data/lib/secret_config/registry.rb

@@ -2,16 +2,11 @@ require 'base64'
 
 module SecretConfig
   # Centralized configuration with values stored in AWS System Manager Parameter Store
-  #
-  # Values are fetched from the central store on startup. Only those values starting with the specified
-  # root are loaded, supply multiple paths using the env var SECRETCONFIG_PATHS.
-  #
-  # Existing event mechanisms can be used to force a reload of the cached copy.
   class Registry
     attr_reader :provider
     attr_accessor :root
 
-    def initialize(root:, provider: :ssm)
+    def initialize(root:, provider:)
       # TODO: Validate root starts with /, etc
       @root     = root
       @provider = provider
@@ -21,7 +16,7 @@ module SecretConfig
     # Returns [Hash] a copy of the in memory configuration data.
     def configuration
       h = {}
-      registry.each_pair { |key, value| h[key] = value }
+      registry.each_pair { |k, v| decompose(k, v, h) }
       h
     end
 
@@ -54,7 +49,7 @@ module SecretConfig
 
     def refresh!
       h = {}
-      implementation.each(root) { |k, v| h[k] = v }
+      provider.each(root) { |k, v| h[k] = v }
       @registry = h
     end
 
@@ -66,8 +61,19 @@ module SecretConfig
       key.start_with?('/') ? key : "#{root}/#{key}"
     end
 
-    def implementation
-      @implementation ||= constantize_symbol(provider).new
+    def decompose(key, value, h = {})
+      path, name = File.split(key)
+      last       = path.split('/').reduce(h) do |target, path|
+        if path == ''
+          target
+        elsif target.key?(path)
+          target[path]
+        else
+          target[path] = {}
+        end
+      end
+      last[name] = value
+      h
     end
 
     def convert_encoding(encoding, value)
@@ -87,26 +93,12 @@ module SecretConfig
         value.to_f
       when :string
         value
+      when :boolean
+        %w[true 1 t].include?(value.to_s.downcase)
+      when :symbol
+        value.to_sym unless value.nil? || value.to_s.strip == ''
       end
     end
 
-    def constantize_symbol(symbol, namespace = 'SecretConfig::Providers')
-      klass = "#{namespace}::#{camelize(symbol.to_s)}"
-      begin
-        Object.const_get(klass)
-      rescue NameError
-        raise(ArgumentError, "Could not convert symbol: #{symbol.inspect} to a class in: #{namespace}. Looking for: #{klass}")
-      end
-    end
-
-    # Borrow from Rails, when not running Rails
-    def camelize(term)
-      string = term.to_s
-      string = string.sub(/^[a-z\d]*/, &:capitalize)
-      string.gsub!(/(?:_|(\/))([a-z\d]*)/i) { "#{Regexp.last_match(1)}#{Regexp.last_match(2).capitalize}" }
-      string.gsub!('/'.freeze, '::'.freeze)
-      string
-    end
-
   end
 end

data/lib/secret_config/version.rb

@@ -1,3 +1,3 @@
 module SecretConfig
-  VERSION = '0.1.0'
+  VERSION = '0.2.0'
 end

data/test/config/application.yml

@@ -2,10 +2,10 @@
 # These are for development and test only.
 
 #
-# Development - Local - Root: '/development/connect'
+# Development - Local - Root: '/development/my_application'
 #
 development:
-  connect:
+  my_application:
     symmetric_encryption:
       key:     QUJDREVGMTIzNDU2Nzg5MEFCQ0RFRjEyMzQ1Njc4OTA=
       iv:      QUJDREVGMTIzNDU2Nzg5MA==
@@ -26,7 +26,7 @@ development:
       secret_key_base: somereallylongstring
 
 test:
-  connect:
+  my_application:
     symmetric_encryption:
       key:     QUJDREVGMTIzNDU2Nzg5MEFCQ0RFRjEyMzQ1Njc4OTA=
       iv:      QUJDREVGMTIzNDU2Nzg5MA==

data/test/providers/file_test.rb

@@ -8,22 +8,22 @@ module Providers
       end
 
       let :root do
-        "/development/connect"
+        "/development/my_application"
       end
 
       let :expected do
         {
-          "/development/connect/mongo/database"               => "secret_config_development",
-          "/development/connect/mongo/primary"                => "127.0.0.1:27017",
-          "/development/connect/mongo/secondary"              => "127.0.0.1:27018",
-          "/development/connect/mysql/database"               => "secret_config_development",
-          "/development/connect/mysql/password"               => "secret_configrules",
-          "/development/connect/mysql/username"               => "secret_config",
-          "/development/connect/mysql/host"                   => "127.0.0.1",
-          "/development/connect/secrets/secret_key_base"      => "somereallylongstring",
-          "/development/connect/symmetric_encryption/key"     => "QUJDREVGMTIzNDU2Nzg5MEFCQ0RFRjEyMzQ1Njc4OTA=",
-          "/development/connect/symmetric_encryption/version" => 2,
-          "/development/connect/symmetric_encryption/iv"      => "QUJDREVGMTIzNDU2Nzg5MA=="
+          "/development/my_application/mongo/database"               => "secret_config_development",
+          "/development/my_application/mongo/primary"                => "127.0.0.1:27017",
+          "/development/my_application/mongo/secondary"              => "127.0.0.1:27018",
+          "/development/my_application/mysql/database"               => "secret_config_development",
+          "/development/my_application/mysql/password"               => "secret_configrules",
+          "/development/my_application/mysql/username"               => "secret_config",
+          "/development/my_application/mysql/host"                   => "127.0.0.1",
+          "/development/my_application/secrets/secret_key_base"      => "somereallylongstring",
+          "/development/my_application/symmetric_encryption/key"     => "QUJDREVGMTIzNDU2Nzg5MEFCQ0RFRjEyMzQ1Njc4OTA=",
+          "/development/my_application/symmetric_encryption/version" => 2,
+          "/development/my_application/symmetric_encryption/iv"      => "QUJDREVGMTIzNDU2Nzg5MA=="
         }
       end
 

data/test/providers/ssm_test.rb

@@ -8,42 +8,50 @@ module Providers
       end
 
       let :root do
-        "/development/connect"
+        "/development/my_application"
       end
 
       let :expected do
         {
-          "/development/connect/mongo/database"               => "secret_config_development",
-          "/development/connect/mongo/primary"                => "127.0.0.1:27017",
-          "/development/connect/mongo/secondary"              => "127.0.0.1:27018",
-          "/development/connect/mysql/database"               => "secret_config_development",
-          "/development/connect/mysql/password"               => "secret_configrules",
-          "/development/connect/mysql/username"               => "secret_config",
-          "/development/connect/mysql/host"                   => "127.0.0.1",
-          "/development/connect/secrets/secret_key_base"      => "somereallylongstring",
-          "/development/connect/symmetric_encryption/key"     => "QUJDREVGMTIzNDU2Nzg5MEFCQ0RFRjEyMzQ1Njc4OTA=",
-          "/development/connect/symmetric_encryption/version" => "2",
-          "/development/connect/symmetric_encryption/iv"      => "QUJDREVGMTIzNDU2Nzg5MA=="
+          "/development/my_application/mongo/database"               => "secret_config_development",
+          "/development/my_application/mongo/primary"                => "127.0.0.1:27017",
+          "/development/my_application/mongo/secondary"              => "127.0.0.1:27018",
+          "/development/my_application/mysql/database"               => "secret_config_development",
+          "/development/my_application/mysql/password"               => "secret_configrules",
+          "/development/my_application/mysql/username"               => "secret_config",
+          "/development/my_application/mysql/host"                   => "127.0.0.1",
+          "/development/my_application/secrets/secret_key_base"      => "somereallylongstring",
+          "/development/my_application/symmetric_encryption/key"     => "QUJDREVGMTIzNDU2Nzg5MEFCQ0RFRjEyMzQ1Njc4OTA=",
+          "/development/my_application/symmetric_encryption/version" => "2",
+          "/development/my_application/symmetric_encryption/iv"      => "QUJDREVGMTIzNDU2Nzg5MA=="
         }
       end
 
+      before do
+        unless ENV['AWS_ACCESS_KEY_ID']
+          skip "Skipping AWS SSM Parameter Store tests because env var 'AWS_ACCESS_KEY_ID' is not defined."
+        end
+      end
+
       describe '#each' do
         it 'fetches all keys in path' do
-          upload_settings if ENV['SECRETCONFIG_TEST_UPLOAD_SSM']
-
           ssm   = SecretConfig::Providers::Ssm.new
           paths = {}
           ssm.each(root) { |key, value| paths[key] = value }
 
+          if paths.empty?
+            upload_settings(ssm) unless ssm.key?("/development/my_application/mongo/database")
+            ssm.each(root) { |key, value| paths[key] = value }
+          end
+
           expected.each_pair do |key, value|
             assert_equal paths[key], value, "Path: #{key}"
           end
         end
       end
 
-      def upload_settings
+      def upload_settings(ssm)
         file_provider = SecretConfig::Providers::File.new(file_name: file_name)
-        ssm           = SecretConfig::Providers::Ssm.new
         file_provider.each(root) { |key, value| ap key; ssm.set(key, value) }
       end
     end

data/test/registry_test.rb

@@ -7,38 +7,36 @@ class RegistryTest < Minitest::Test
     end
 
     let :root do
-      "/development/connect"
+      "/development/my_application"
     end
 
-    let :registry do
-      ENV['SECRETCONFIG_FILE_NAME'] = file_name
+    let :provider do
+      SecretConfig::Providers::File.new(file_name: file_name)
+    end
 
-      SecretConfig::Registry.new(root: root, provider: :file)
+    let :registry do
+      SecretConfig::Registry.new(root: root, provider: provider)
     end
 
     let :expected do
       {
-        "/development/connect/mongo/database"               => "secret_config_development",
-        "/development/connect/mongo/primary"                => "127.0.0.1:27017",
-        "/development/connect/mongo/secondary"              => "127.0.0.1:27018",
-        "/development/connect/mysql/database"               => "secret_config_development",
-        "/development/connect/mysql/password"               => "secret_configrules",
-        "/development/connect/mysql/username"               => "secret_config",
-        "/development/connect/mysql/host"                   => "127.0.0.1",
-        "/development/connect/secrets/secret_key_base"      => "somereallylongstring",
-        "/development/connect/symmetric_encryption/key"     => "QUJDREVGMTIzNDU2Nzg5MEFCQ0RFRjEyMzQ1Njc4OTA=",
-        "/development/connect/symmetric_encryption/version" => 2,
-        "/development/connect/symmetric_encryption/iv"      => "QUJDREVGMTIzNDU2Nzg5MA=="
+        "/development/my_application/mongo/database"               => "secret_config_development",
+        "/development/my_application/mongo/primary"                => "127.0.0.1:27017",
+        "/development/my_application/mongo/secondary"              => "127.0.0.1:27018",
+        "/development/my_application/mysql/database"               => "secret_config_development",
+        "/development/my_application/mysql/password"               => "secret_configrules",
+        "/development/my_application/mysql/username"               => "secret_config",
+        "/development/my_application/mysql/host"                   => "127.0.0.1",
+        "/development/my_application/secrets/secret_key_base"      => "somereallylongstring",
+        "/development/my_application/symmetric_encryption/key"     => "QUJDREVGMTIzNDU2Nzg5MEFCQ0RFRjEyMzQ1Njc4OTA=",
+        "/development/my_application/symmetric_encryption/version" => 2,
+        "/development/my_application/symmetric_encryption/iv"      => "QUJDREVGMTIzNDU2Nzg5MA=="
       }
     end
 
     describe '#configuration' do
       it 'returns a copy of the config' do
-        paths = registry.configuration
-
-        expected.each_pair do |key, value|
-          assert_equal value, paths[key], "Path: #{key}"
-        end
+        assert_equal "127.0.0.1", registry.configuration.dig("development", "my_application", "mysql", "host")
       end
     end
 
@@ -108,5 +106,22 @@ class RegistryTest < Minitest::Test
         assert_equal "ABCDEF1234567890ABCDEF1234567890", registry.fetch("symmetric_encryption/key", encoding: :base64)
       end
     end
+
+    private
+
+    def decompose(key, value, h = {})
+      path, name = File.split(key)
+      last       = path.split('/').reduce(h) do |target, path|
+        if path == ''
+          target
+        elsif target.key?(path)
+          target[path]
+        else
+          target[path] = {}
+        end
+      end
+      last[name] = value
+      h
+    end
   end
 end

data/test/secret_config_test.rb

@@ -7,18 +7,17 @@ class SecretConfigTest < Minitest::Test
     end
 
     let :root do
-      "/development/connect"
+      "/development/my_application"
     end
 
     before do
-      ENV['SECRETCONFIG_FILE_NAME'] = file_name
-      SecretConfig.root             = root
-      SecretConfig.provider         = :file
+      SecretConfig.root = root
+      SecretConfig.provider :file, file_name: file_name
     end
 
     describe '#configuration' do
       it 'returns a copy of the config' do
-        assert_equal "127.0.0.1", SecretConfig.configuration["/development/connect/mysql/host"]
+        assert_equal "127.0.0.1", SecretConfig.configuration.dig("development", "my_application", "mysql", "host")
       end
     end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: secret_config
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Reid Morrison
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-04-12 00:00:00.000000000 Z
+date: 2019-04-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: concurrent-ruby