vagrant-box-s3 0.1.3 → 0.1.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 857a4297cb7c77e6fc882a495a81de46e19ec48481e69394450349f4d2ab1462
-  data.tar.gz: 54fbc90963cefabf0318fadf73ef4e2370c4438862c75a00041fa727fd4f0780
+  metadata.gz: 9a2bc5d3cadb3cdcb261f206f5ca46fe0b210ef3514bcc9072176d85222f9e24
+  data.tar.gz: 9044ae220e16806ba95a48c94bf147bf5df4b418cd8181bf1a9cab7ac04219ef
 SHA512:
-  metadata.gz: 15d7d800c9636bdcc0fbcab656b46d041f57ee018ac20220689135952289603d9dece21ef7b5c7b8700ca9672ba4e7c4231e09d25b1eade790cc7fdd05e7b39b
-  data.tar.gz: 141d2ca407dfda8c5fa8516732dbbafea8c19a15d9c451645a817b14f177a68362797fb22b57726472acbf9a352758440fc376e2f82b08c97031d6e9be8b6296
+  metadata.gz: 24cf532f08f551c08dec67c11b94672bf660d73b985d2d4b35ab35e6413c6d9b6ff709b15088192e7fd006cbd0c76e11dbb0bea8f5f9dafd914e411eeaa9f9e3
+  data.tar.gz: a15234a433f1aa2d3f2968ad98c2fc9fb29e11d269361cbd6fc2fbeb10c4fdaaa4dd47d7e4a395fc6fcec5bbb24a4dec184493bc43e4781594a8a8b4e4ca71cf

data/README.md

@@ -11,8 +11,9 @@ Use Vagrant boxes stored in Amazon S3 private buckets.
 
 ## Features
 
-This plugin works by monkey patching `Vagrant::Util::Downloader`, extending the core Downloader class in Vagrant to
-override the `execute_curl` method to replace S3 box URLs with pre-signed S3 URLs.
+This plugin works using the `authenticate_box_url` hook to replace S3 URLs with presigned URLs and monkey 
+patching `Vagrant::Util::Downloader`, extending the core Downloader class in Vagrant to override the `head` method 
+used when fetching box metadata URLs from S3.
 
 ## Installation
 
@@ -55,22 +56,22 @@ You can also use your credentials file to create a profile. Select the appropria
 
 You can use any valid HTTP(S) URL for your box URL:
 
-#### Path-Style URLs
-
-Specify the bucket name in the path of the URL. AWS has deprecated path-style URLs, but they might still be seen or used in legacy systems.
+#### Virtual-Hosted-Style URLs
 
-- Format: https://s3.Region.amazonaws.com/bucket-name/key-name
-- Example: https://s3.eu-west-1.amazonaws.com/mybucket/mybox.box
+Virtual-hosted-style URLs use the bucket name as a subdomain. This is the recommended and most commonly used format.
 
+| Format                                       | Example                                                    |
+|----------------------------------------------|------------------------------------------------------------|
+| `https://BUCKET.s3.REGION.amazonaws.com/KEY` | `https://mybucket.s3.eu-west-1.amazonaws.com/mybox.box`    |
 
-- Format: https://s3-Region.amazonaws.com/bucket-name/keyname
-- Example: https://s3-eu-west-1.amazonaws.com/bucket-name/mybox.box
+#### Path-Style URLs
 
-#### Virtual-Hosted-Style URLs
-Virtual-hosted-style URLs use the bucket name as a subdomain. This is the recommended and most commonly used format.
+Specify the bucket name in the path of the URL. AWS has deprecated path-style URLs, but they might still be seen or used in legacy systems.
 
-- Format: https://bucket-name.s3.Region.amazonaws.com/key-name
-- Example: https://mybucket.s3.eu-west-1.amazonaws.com/mybox.box
+| Format                                       | Example                                                    |
+|----------------------------------------------|------------------------------------------------------------|
+| `https://s3.REGION.amazonaws.com/BUCKET/KEY` | `https://s3.eu-west-1.amazonaws.com/mybucket/mybox.box`    |
+| `https://s3-REGION.amazonaws.com/BUCKET/KEY` | `https://s3-eu-west-1.amazonaws.com/bucket-name/mybox.box` |
 
 ### IAM configuration
 
@@ -123,15 +124,15 @@ Update the current version in `lib/vagrant-box-s3/version.rb`.
 
 ### Dev build and test
 
-To build the plugin, use `rake build`, this will create a file with the current version number, e.g. `pkg/vagrant-box-s3-0.1.2.gem`.
+To build the plugin, use `rake build`, this will create a file with the current version number, e.g. `pkg/vagrant-box-s3-{VERSION}.gem`.
 
 Remove the old version:
 
-    vagrant plugin uninstall vagrant-box-s3
+    vagrant plugin uninstall vagrant-box-s3 --local
 
 Testing the plugin requires installing into vagrant from the build:
 
-    vagrant plugin install ../vagrant-box-s3/pkg/vagrant-box-s3-0.1.2.gem
+    vagrant plugin install ../vagrant-box-s3/pkg/vagrant-box-s3-{VERSION}.gem
 
 Then running a command that will trigger box URL related actions, such as `vagrant up`, `vagrant box update` etc. with the `--debug` flag.
 

data/lib/vagrant-box-s3/downloader.rb

@@ -4,47 +4,24 @@ module Vagrant
   module Util
     class Downloader
 
-      def aws_auth_download(options, subprocess_options, &data_proc)
-        # Get URL from options, which is the last option in the list.
-        url = options.last
+      alias_method :original_head, :head
 
-        # Determine method from curl command -I flag existence.
-        method = options.any? { |o| o == '-I' } ? :head_object : :get_object
+      def head
+        if ::VagrantPlugins::BoxS3::Utils.is_s3_manifest(@source)
+          options, subprocess_options = self.options
+          options.unshift("-i")
+          options << @source
 
-        # Generate pre-signed URL from S3 URL.
-        presigned_url = VagrantPlugins::BoxS3::Utils.presign_url(method, url, @logger)
+          @logger.info("HEAD (Override): #{@source}")
+          result = execute_curl(options, subprocess_options)
 
-        # Update URL in options.
-        url.replace(presigned_url.to_s)
-
-        # Call original execute_curl (aliased).
-        execute_curl_without_aws_auth(options, subprocess_options, &data_proc)
-
-      rescue Aws::Errors::MissingCredentialsError, Aws::Sigv4::Errors::MissingCredentialsError => e
-        message = "Missing AWS credentials: #{e.message}"
-        @logger.error(message) if defined?(@logger)
-        raise Errors::DownloaderError, message: message
-      rescue Aws::S3::Errors::Forbidden => e
-        message = "403 Forbidden: #{e.message}"
-        raise Errors::DownloaderError, message: message
-      rescue => e
-        raise Errors::DownloaderError, message: e
-      end
-
-      def execute_curl_with_aws_auth(options, subprocess_options, &data_proc)
-        options = options.dup
-        url = options.find { |o| o =~ /^http/ }
-
-        if url && url.include?('amazonaws.com')
-          aws_auth_download(options, subprocess_options, &data_proc)
+          headers, _body = result.stdout.split("\r\n\r\n", 2)
+          headers
         else
-          execute_curl_without_aws_auth(options, subprocess_options, &data_proc)
+          original_head
         end
       end
 
-      alias execute_curl_without_aws_auth execute_curl
-      alias execute_curl execute_curl_with_aws_auth
-
     end
   end
 end

data/lib/vagrant-box-s3/urls.rb

@@ -0,0 +1,70 @@
+require 'log4r'
+require 'vagrant-box-s3/utils'
+
+module VagrantPlugins
+  module BoxS3
+    class Urls
+      def initialize(app, env)
+          @app = app
+          @logger = Log4r::Logger.new('vagrant::plugins::box_s3')
+        end
+
+        def call(env)
+          # Assume 'env[:box_urls]' contains the original URLs that need authentication
+          original_urls = env[:box_urls]
+
+          # Your logic to authenticate the URLs goes here
+          # This is just an example, replace it with your actual authentication mechanism
+          authenticated_urls = original_urls.map do |url|
+            presign_url(url)
+          end
+
+          # Ensure the authenticated URLs are set back in the environment
+          env[:box_urls] = authenticated_urls
+
+          # Continue the middleware chain
+          @app.call(env)
+        end
+
+        private
+
+        # Pre-sign an s3 URL, with given method.
+        def presign_url(url)
+
+          # Check if the URL is an S3 URL.
+          if !Utils.is_s3_url(url)
+            @logger.info("Skipping presigner for #{url}")
+            return url
+          end
+
+          @logger.info("Discovered S3 URL: #{url}")
+
+          region, bucket, key = Utils.parse_s3_url(url)
+
+          profile = ENV['AWS_PROFILE']
+
+          @logger.debug("Region: #{region}")
+          @logger.debug("Bucket: #{bucket}")
+          @logger.debug("Key: #{key}")
+          @logger.debug("Profile: #{profile}")
+
+          client = Aws::S3::Client.new(
+            profile: profile,
+            region: region
+          )
+          presigner = Aws::S3::Presigner.new(client: client)
+
+          presigned_url = presigner.presigned_url(
+            :get_object,
+            bucket: bucket,
+            key: key,
+            expires_in: 3600
+          ).to_s
+
+          @logger.debug("Pre-signed URL: #{presigned_url}")
+
+          return presigned_url
+      end
+    end
+  end
+end

data/lib/vagrant-box-s3/utils.rb

@@ -7,13 +7,32 @@ module VagrantPlugins
 
       # Match host style URLs, e.g.
       # https://bucket-name.s3.Region.amazonaws.com/key-name
-      S3_URL_HOST_REGEX = %r{^https?://([\w\-\.]+)\.s3\.([\w\-]+)\.amazonaws\.com/([^?]+)}
+      # https://bucket-name.s3-Region.amazonaws.com/key-name
+      S3_URL_HOST_REGEX = %r{^https?://([\w\-\.]+)\.s3[-\.]([\w\-]+)\.amazonaws\.com/([^?]+)}
 
       # Match path style URLs e.g.
       # https://s3.Region.amazonaws.com/bucket-name/key-name
       # https://s3-Region.amazonaws.com/bucket-name/keyname
       S3_URL_PATH_REGEX = %r{^https?://s3[-\.]([\w\-]+)\.amazonaws\.com/([^/]+)/([^?]+)}
 
+      # Check if URL matches S3 URLs.
+      def self.is_s3_url(url)
+        # Check if the URL matches either the host style or path style S3 URL
+        matches_host_style = !!(url =~ S3_URL_HOST_REGEX)
+        matches_path_style = !!(url =~ S3_URL_PATH_REGEX)
+
+        # Return true if either match is found, false otherwise
+        matches_host_style || matches_path_style
+      end
+
+      # Check if the URL is an S3 URL and the filename is 'manifest.json'
+      def self.is_s3_manifest(url)
+        uri = URI.parse(url)
+        filename = File.basename(uri.path)
+
+        return is_s3_url(url) && filename == 'manifest.json'
+      end
+
       # Parse an s3 URL.
       def self.parse_s3_url(url)
         region = bucket = key = nil
@@ -32,66 +51,6 @@ module VagrantPlugins
         return region, bucket, key
       end
 
-      # Remove presigned URL params from box URL.
-      # We do this as URLs can be cached and do not want to want
-      # to include previously presigned URL parameters.
-      def self.remove_presigned_params(url)
-        # Parse the URL
-        uri = URI.parse(url)
-
-        # Split the query string into parameters
-        query_params = URI.decode_www_form(uri.query || '').to_h
-
-        # Remove any parameters that start with 'X-Amz-'
-        query_params.reject! { |k, _| k.start_with?('X-Amz-') }
-
-        # Check if there are any query parameters left
-        if query_params.empty?
-          # If no query parameters left, set uri.query to nil to remove the '?'
-          uri.query = nil
-        else
-          # Reconstruct the query string without AWS presigned parameters
-          uri.query = URI.encode_www_form(query_params)
-        end
-
-        return uri.to_s
-      end
-
-      # Pre-sign an s3 URL, with given method.
-      def self.presign_url(method, url, logger)
-
-        url = remove_presigned_params(url)
-
-        logger.info("BoxS3: Generating signed URL for #{method.upcase}")
-        logger.info("BoxS3: Discovered S3 URL: #{url}")
-
-        region, bucket, key = parse_s3_url(url)
-
-        profile = ENV['AWS_PROFILE']
-
-        logger.debug("BoxS3: Region: #{region}")
-        logger.debug("BoxS3: Bucket: #{bucket}")
-        logger.debug("BoxS3: Key: #{key}")
-        logger.debug("BoxS3: Profile: #{profile}")
-
-        client = Aws::S3::Client.new(
-          profile: profile,
-          region: region
-        )
-        presigner = Aws::S3::Presigner.new(client: client)
-
-        presigned_url = presigner.presigned_url(
-          method,
-          bucket: bucket,
-          key: key,
-          expires_in: 3600
-        ).to_s
-
-        logger.debug("BoxS3: Pre-signed URL: #{presigned_url}")
-
-        return presigned_url
-      end
-
     end
   end
 end

data/lib/vagrant-box-s3/version.rb

@@ -1,5 +1,5 @@
 module VagrantPlugins
   module BoxS3
-    VERSION = '0.1.3'
+    VERSION = '0.1.5'
   end
 end

data/lib/vagrant-box-s3.rb

@@ -1,4 +1,5 @@
 require 'vagrant'
+require 'vagrant-box-s3/urls'
 
 module VagrantPlugins
   module BoxS3
@@ -9,6 +10,10 @@ module VagrantPlugins
         require_relative 'vagrant-box-s3/downloader'
       end
 
+      action_hook(:vagrant_box_s3_url, :authenticate_box_url) do |hook|
+        hook.prepend(Urls)
+      end
+
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: vagrant-box-s3
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.1.5
 platform: ruby
 authors:
 - Steve Whiteley
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-02-19 00:00:00.000000000 Z
+date: 2024-10-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-s3
@@ -63,6 +63,7 @@ files:
 - README.md
 - lib/vagrant-box-s3.rb
 - lib/vagrant-box-s3/downloader.rb
+- lib/vagrant-box-s3/urls.rb
 - lib/vagrant-box-s3/utils.rb
 - lib/vagrant-box-s3/version.rb
 homepage: https://github.com/memiah/vagrant-box-s3