vagrant-s3auth 1.0.3 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b66094513a9359fdfaa1bad57c2d96db83972c02
-  data.tar.gz: af829decb08f5da02d44124aa89c88aa39a07d92
+  metadata.gz: 792627aedcb06b8fa5facb6482fb99dfd9f1c327
+  data.tar.gz: 0f3d32cba11d602fb6079756f8637036f20883aa
 SHA512:
-  metadata.gz: 603e26c2c9ac9f963291aa62fc7c7be32f45ebf4adef3be663b6de60d291756e3d4eea903d37727c8a9608efeb8402e63b2c6e2e3fbc490a1fb10ad7c7174c03
-  data.tar.gz: ea62ef852d128b07ef947eec3eea033a43d811c92dcddb6a87a40d351a2618e16de9a1ec50622600a4ccbc95f19b75f01330f9439e2b3a078202e8e665c807ba
+  metadata.gz: 399ffee437d1ce9b11015bb740b169b94e1e7f74b8323c4d0c29b45bd7feeded918511ed6d80e429527e8f4170ec82be96e24c02c268d26542db76838894ce19
+  data.tar.gz: 90353673af0bbbcf45ac0af54d1944a10308c119a7ce01f444e87ca351cf93a5771c9a26e49dd03f9290bb696d30fa2b87f2fc1ff6dd6d43f58d383eed84365f

data/CHANGELOG.md

@@ -1,10 +1,26 @@
+## 1.1.0
+
+**1 June 2015**
+
+Enhancements:
+
+* upgrade to AWS SDK v2 ([#15])
+* recommend the use of the AWS SDK's centralized credential file ([#14])
+
+Fixes:
+
+* allow up to ten minutes of time skew ([#16])
+* try an unauthenticated download before demanding AWS credentials ([#10])
+
+Thanks, [@kimpepper][kimpepper] and [@companykitchen-dev][companykitchen-dev]!
+
 ## 1.0.3
 
 **10 March 2015**
 
 Fixes:
 
-* fix namespace collisions with [vagrant-aws][vagrant-aws] [#11]
+* fix namespace collisions with [vagrant-aws][vagrant-aws] ([#11])
 
 Thanks, [@andres-rojas][andres-rojas]!
 
@@ -15,7 +31,7 @@ Thanks, [@andres-rojas][andres-rojas]!
 
 Enhancements:
 
-* provide better error messages when S3 API requests are denied [#9]
+* provide better error messages when S3 API requests are denied ([#9])
 * include IAM policy recommendations in README
 
 ## 1.0.1
@@ -71,8 +87,14 @@ Enhancements:
 [#1]: https://github.com/WhoopInc/vagrant-s3auth/issues/1
 [#7]: https://github.com/WhoopInc/vagrant-s3auth/issues/7
 [#9]: https://github.com/WhoopInc/vagrant-s3auth/issues/9
+[#10]: https://github.com/WhoopInc/vagrant-s3auth/issues/10
 [#11]: https://github.com/WhoopInc/vagrant-s3auth/pull/11
+[#14]: https://github.com/WhoopInc/vagrant-s3auth/issues/14
+[#15]: https://github.com/WhoopInc/vagrant-s3auth/issues/15
+[#16]: https://github.com/WhoopInc/vagrant-s3auth/issues/16
 
 [andres-rojas]: https://github.com/andres-rojas
+[companykitchen-dev]: https://github.com/companykitchen-dev
+[kimpepper]: https://github.com/kimpepper
 
 [vagrant-aws]: https://github.com/mitchellh/vagrant-aws

data/Gemfile.lock

@@ -8,16 +8,16 @@ GIT
 
 GIT
   remote: git://github.com/mitchellh/vagrant.git
-  revision: 686e940a8474a8733be40b32e5d9107d557c627b
+  revision: e9b11b4ee4172dfaeca98492f5055d46d679ccd6
   ref: master
   specs:
-    vagrant (1.7.2.dev)
+    vagrant (1.7.2)
       bundler (>= 1.5.2, < 1.8.0)
       childprocess (~> 0.5.0)
       erubis (~> 2.7.0)
       hashicorp-checkpoint (~> 0.1.1)
-      i18n (~> 0.6.0)
-      listen (~> 2.7.11)
+      i18n (>= 0.6.0, <= 0.8.0)
+      listen (~> 2.8.0)
       log4r (~> 1.1.9, < 1.1.11)
       net-scp (~> 1.1.0)
       net-sftp (~> 2.1)
@@ -26,46 +26,52 @@ GIT
       rb-kqueue (~> 0.2.0)
       rest-client (>= 1.6.0, < 2.0)
       wdm (~> 0.1.0)
-      winrm (~> 1.1.3)
+      winrm (~> 1.3)
+      winrm-fs (~> 0.2.0)
 
 PATH
   remote: .
   specs:
-    vagrant-s3auth (1.0.3)
-      aws-sdk (~> 1.59.1)
+    vagrant-s3auth (1.1.0)
+      aws-sdk (~> 2.0.38)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    CFPropertyList (2.3.0)
-    akami (1.2.2)
-      gyoku (>= 0.4.0)
-      nokogiri
+    CFPropertyList (2.3.1)
     ast (2.0.0)
     astrolabe (1.3.0)
       parser (>= 2.2.0.pre.3, < 3.0)
-    aws-sdk (1.59.1)
-      aws-sdk-v1 (= 1.59.1)
-    aws-sdk-v1 (1.59.1)
-      json (~> 1.4)
-      nokogiri (>= 1.4.4)
+    aws-sdk (2.0.47)
+      aws-sdk-resources (= 2.0.47)
+    aws-sdk-core (2.0.47)
+      builder (~> 3.0)
+      jmespath (~> 1.0)
+      multi_json (~> 1.0)
+    aws-sdk-resources (2.0.47)
+      aws-sdk-core (= 2.0.47)
     builder (3.2.2)
     celluloid (0.16.0)
       timers (~> 4.0.0)
-    childprocess (0.5.5)
+    childprocess (0.5.6)
       ffi (~> 1.0, >= 1.0.11)
+    domain_name (0.5.24)
+      unf (>= 0.0.5, < 1.0.0)
     erubis (2.7.0)
-    excon (0.44.4)
-    ffi (1.9.6)
+    excon (0.45.3)
+    ffi (1.9.8)
     fission (0.5.0)
       CFPropertyList (~> 2.2)
-    fog (1.28.0)
+    fog (1.30.0)
       fog-atmos
       fog-aws (~> 0.0)
       fog-brightbox (~> 0.4)
-      fog-core (~> 1.27, >= 1.27.3)
+      fog-core (~> 1.27, >= 1.27.4)
       fog-ecloud
+      fog-google (>= 0.0.2)
       fog-json
+      fog-local
+      fog-powerdns (>= 0.1.1)
       fog-profitbricks
       fog-radosgw (>= 0.0.2)
       fog-riakcs
@@ -82,7 +88,7 @@ GEM
     fog-atmos (0.1.0)
       fog-core
       fog-xml
-    fog-aws (0.1.1)
+    fog-aws (0.4.0)
       fog-core (~> 1.27)
       fog-json (~> 1.0)
       fog-xml (~> 0.1)
@@ -91,23 +97,34 @@ GEM
       fog-core (~> 1.22)
       fog-json
       inflecto (~> 0.0.2)
-    fog-core (1.29.0)
+    fog-core (1.30.0)
       builder
-      excon (~> 0.38)
+      excon (~> 0.45)
       formatador (~> 0.2)
       mime-types
       net-scp (~> 1.1)
       net-ssh (>= 2.1.3)
-    fog-ecloud (0.0.2)
+    fog-ecloud (0.1.1)
       fog-core
       fog-xml
-    fog-json (1.0.0)
-      multi_json (~> 1.0)
-    fog-profitbricks (0.0.1)
+    fog-google (0.0.5)
+      fog-core
+      fog-json
+      fog-xml
+    fog-json (1.0.2)
+      fog-core (~> 1.0)
+      multi_json (~> 1.10)
+    fog-local (0.2.1)
+      fog-core (~> 1.27)
+    fog-powerdns (0.1.1)
+      fog-core (~> 1.27)
+      fog-json (~> 1.0)
+      fog-xml (~> 0.1)
+    fog-profitbricks (0.0.2)
       fog-core
       fog-xml
       nokogiri
-    fog-radosgw (0.0.3)
+    fog-radosgw (0.0.4)
       fog-core (>= 1.21.0)
       fog-json
       fog-xml (>= 0.0.1)
@@ -115,48 +132,49 @@ GEM
       fog-core
       fog-json
       fog-xml
-    fog-sakuracloud (1.0.0)
+    fog-sakuracloud (1.0.1)
       fog-core
       fog-json
-    fog-serverlove (0.1.1)
+    fog-serverlove (0.1.2)
       fog-core
       fog-json
-    fog-softlayer (0.4.1)
+    fog-softlayer (0.4.6)
       fog-core
       fog-json
-    fog-storm_on_demand (0.1.0)
+    fog-storm_on_demand (0.1.1)
       fog-core
       fog-json
-    fog-terremark (0.0.4)
+    fog-terremark (0.1.0)
       fog-core
       fog-xml
-    fog-vmfusion (0.0.1)
+    fog-vmfusion (0.1.0)
       fission
       fog-core
-    fog-voxel (0.0.2)
+    fog-voxel (0.1.0)
       fog-core
       fog-xml
-    fog-xml (0.1.1)
+    fog-xml (0.1.2)
       fog-core
       nokogiri (~> 1.5, >= 1.5.11)
     formatador (0.2.5)
-    gssapi (1.0.3)
+    gssapi (1.2.0)
       ffi (>= 1.0.1)
-    gyoku (1.2.2)
+    gyoku (1.3.1)
       builder (>= 2.1.2)
     hashicorp-checkpoint (0.1.4)
     hitimes (1.2.2)
-    http (0.6.3)
+    http (0.6.4)
       http_parser.rb (~> 0.6.0)
+    http-cookie (1.0.2)
+      domain_name (~> 0.5)
     http_parser.rb (0.6.0)
-    httpclient (2.5.3.3)
-    httpi (0.9.7)
-      rack
-    i18n (0.6.11)
+    httpclient (2.6.0.1)
+    i18n (0.7.0)
     inflecto (0.0.2)
     ipaddress (0.8.0)
-    json (1.8.1)
-    listen (2.7.12)
+    jmespath (1.0.2)
+      multi_json (~> 1.0)
+    listen (2.8.6)
       celluloid (>= 0.15.2)
       rb-fsevent (>= 0.9.3)
       rb-inotify (>= 0.9)
@@ -165,31 +183,30 @@ GEM
     logging (1.8.2)
       little-plugger (>= 1.1.3)
       multi_json (>= 1.8.4)
-    mime-types (2.4.3)
+    mime-types (2.6.1)
     mini_portile (0.6.0)
-    multi_json (1.10.1)
+    multi_json (1.11.0)
     net-scp (1.1.2)
       net-ssh (>= 2.6.5)
     net-sftp (2.1.2)
       net-ssh (>= 2.6.5)
-    net-ssh (2.9.1)
-    netrc (0.10.1)
+    net-ssh (2.9.2)
+    netrc (0.10.3)
     nokogiri (1.6.3.1)
       mini_portile (= 0.6.0)
-    nori (1.1.5)
-    parser (2.2.0.pre.8)
+    nori (2.6.0)
+    parser (2.2.2.5)
       ast (>= 1.1, < 3.0)
-      slop (~> 3.4, >= 3.4.5)
     powerpack (0.0.9)
-    rack (1.5.2)
     rainbow (2.0.0)
     rake (10.3.2)
-    rb-fsevent (0.9.4)
+    rb-fsevent (0.9.5)
     rb-inotify (0.9.5)
       ffi (>= 0.5.0)
-    rb-kqueue (0.2.3)
+    rb-kqueue (0.2.4)
       ffi (>= 0.5.0)
-    rest-client (1.7.2)
+    rest-client (1.8.0)
+      http-cookie (>= 1.0.2, < 2.0)
       mime-types (>= 1.16, < 3.0)
       netrc (~> 0.7)
     rubocop (0.28.0)
@@ -198,31 +215,30 @@ GEM
       powerpack (~> 0.0.6)
       rainbow (>= 1.99.1, < 3.0)
       ruby-progressbar (~> 1.4)
-    ruby-progressbar (1.7.0)
-    rubyntlm (0.1.1)
-    savon (0.9.5)
-      akami (~> 1.0)
-      builder (>= 2.1.2)
-      gyoku (>= 0.4.0)
-      httpi (~> 0.9)
-      nokogiri (>= 1.4.0)
-      nori (~> 1.0)
-      wasabi (~> 1.0)
-    slop (3.6.0)
+    ruby-progressbar (1.7.5)
+    rubyntlm (0.4.0)
+    rubyzip (1.1.7)
     timers (4.0.1)
       hitimes
+    unf (0.1.4)
+      unf_ext
+    unf_ext (0.0.7.1)
     uuidtools (2.1.5)
-    wasabi (1.0.0)
-      nokogiri (>= 1.4.0)
     wdm (0.1.0)
-    winrm (1.1.3)
-      gssapi (~> 1.0.0)
+    winrm (1.3.3)
+      builder (>= 2.1.2)
+      gssapi (~> 1.2)
+      gyoku (~> 1.0)
       httpclient (~> 2.2, >= 2.2.0.2)
       logging (~> 1.6, >= 1.6.1)
-      nokogiri (~> 1.5)
-      rubyntlm (~> 0.1.1)
-      savon (= 0.9.5)
+      nori (~> 2.0)
+      rubyntlm (~> 0.4.0)
       uuidtools (~> 2.1.2)
+    winrm-fs (0.2.0)
+      erubis (~> 2.7)
+      logging (~> 1.6, >= 1.6.1)
+      rubyzip (~> 1.1)
+      winrm (~> 1.3.0)
 
 PLATFORMS
   ruby

data/README.md

@@ -51,13 +51,33 @@ end
 AWS credentials are read from the standard environment variables
 `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`.
 
-If you need to obtain credentials from elsewhere, drop a block like the
-following at the top of your Vagrantfile:
+You may find it more convenient to use the
+[centralized credential file][aws-cred-file] to create a credential
+profile. Select the appropriate profile using the `AWS_PROFILE`
+environment variable. For example:
+
+```ini
+# ~/.aws/credentials
+
+[vagrant-s3auth]
+aws_access_key_id = AKIA...
+aws_secret_access_key = ...
+```
 
 ```ruby
-creds = File.read(File.expand_path('~/.company-aws-creds')).lines
-ENV['AWS_ACCESS_KEY_ID']     = creds[0].chomp
-ENV['AWS_SECRET_ACCESS_KEY'] = creds[1].chomp
+# Vagrantfile
+
+ENV['AWS_PROFILE'] = 'vagrant-s3auth'
+
+Vagrant.configure("2") { |config| ... }
+```
+
+Alternatively, you can write some Ruby to set the access key directly:
+
+```ruby
+access_key, secret_key = whizbang_inc_api.fetch_api_creds()
+ENV['AWS_ACCESS_KEY_ID']     = access_key
+ENV['AWS_SECRET_ACCESS_KEY'] = secret_key
 ```
 
 ##### IAM configuration
@@ -198,6 +218,12 @@ Within your metadata JSON, be sure to use [supported S3 URLs](#s3-urls).
 Note that the metadata itself doesn't need to be hosted on S3. Any metadata that
 points to a supported S3 URL will result in an authenticated request.
 
+**IMPORTANT:** Your metadata *must* be served with `Content-Type: application/json`
+or Vagrant will not recognize it as metadata! Most S3 uploader tools (and most
+webservers) will *not* automatically set the `Content-Type` header when the file
+extension is not `.json`. Consult your tool's documentation for instructions on
+manually setting the content type.
+
 ## Auto-install
 
 The beauty of Vagrant is the magic of "`vagrant up` and done." Making your users
@@ -217,6 +243,7 @@ end
 ```
 
 [aws-403-404]: https://forums.aws.amazon.com/thread.jspa?threadID=56531#jive-message-210346
+[aws-cred-file]: http://blogs.aws.amazon.com/security/post/Tx3D6U6WSFGOK2H/A-New-and-Standardized-Way-to-Manage-Credentials-in-the-AWS-SDKs
 [aws-s3-iam]: http://blogs.aws.amazon.com/security/post/Tx3VRSWZ6B3SHAV/Writing-IAM-Policies-How-to-grant-access-to-an-Amazon-S3-bucket
 [aws-signed]: http://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html#ConstructingTheAuthenticationHeader
 [aws-user-policy]: http://docs.aws.amazon.com/AmazonS3/latest/dev/example-policies-s3.html

data/lib/vagrant-s3auth/extension/downloader.rb

@@ -8,25 +8,26 @@ S3Auth = VagrantPlugins::S3Auth
 module Vagrant
   module Util
     class Downloader
-      def execute_curl_with_s3(options, subprocess_options, &data_proc)
+      def s3auth_download(options, subprocess_options, &data_proc)
         # The URL sent to curl is always the last argument. We have to rely
         # on this implementation detail because we need to hook into both
         # HEAD and GET requests.
         url = options.last
 
-        if s3_object = S3Auth::Util.s3_object_for(url)
-          @logger.info("s3auth: Discovered S3 URL: #{@source}")
-          @logger.debug("s3auth: Bucket: #{s3_object.bucket.name.inspect}")
-          @logger.debug("s3auth: Key: #{s3_object.key.inspect}")
+        s3_object = S3Auth::Util.s3_object_for(url)
+        return unless s3_object
 
-          method = options.any? { |o| o == '-I' } ? :head : :get
+        @logger.info("s3auth: Discovered S3 URL: #{@source}")
+        @logger.debug("s3auth: Bucket: #{s3_object.bucket.name.inspect}")
+        @logger.debug("s3auth: Key: #{s3_object.key.inspect}")
 
-          @logger.info("s3auth: Generating signed URL for #{method.upcase}")
+        method = options.any? { |o| o == '-I' } ? :head : :get
 
-          url.replace(S3Auth::Util.s3_url_for(method, s3_object).to_s)
-        end
+        @logger.info("s3auth: Generating signed URL for #{method.upcase}")
+
+        url.replace(S3Auth::Util.s3_url_for(method, s3_object).to_s)
 
-        execute_curl_without_s3(options, subprocess_options, &data_proc)
+        execute_curl_without_s3auth(options, subprocess_options, &data_proc)
       rescue Errors::DownloaderError => e
         if e.message =~ /403 Forbidden/
           e.message << "\n\n"
@@ -35,14 +36,20 @@ module Vagrant
             bucket: s3_object && s3_object.bucket.name)
         end
         raise
-      rescue ::AWS::Errors::MissingCredentialsError
-        raise VagrantPlugins::S3Auth::Errors::MissingCredentialsError
-      rescue ::AWS::Errors::Base => e
-        raise VagrantPlugins::S3Auth::Errors::S3APIError, error: e
+      rescue ::Aws::Errors::MissingCredentialsError
+        raise S3Auth::Errors::MissingCredentialsError
+      rescue ::Aws::Errors::ServiceError => e
+        raise S3Auth::Errors::S3APIError, error: e
+      end
+
+      def execute_curl_with_s3auth(options, subprocess_options, &data_proc)
+        execute_curl_without_s3auth(options, subprocess_options, &data_proc)
+      rescue Errors::DownloaderError => e
+        s3auth_download(options, subprocess_options, &data_proc) || (raise e)
       end
 
-      alias_method :execute_curl_without_s3, :execute_curl
-      alias_method :execute_curl, :execute_curl_with_s3
+      alias_method :execute_curl_without_s3auth, :execute_curl
+      alias_method :execute_curl, :execute_curl_with_s3auth
     end
   end
 end

data/lib/vagrant-s3auth/util.rb

@@ -1,4 +1,4 @@
-require 'aws'
+require 'aws-sdk'
 require 'log4r'
 require 'net/http'
 require 'uri'
@@ -8,11 +8,21 @@ module VagrantPlugins
     module Util
       S3_HOST_MATCHER = /^((?<bucket>[[:alnum:]\-\.]+).)?s3([[:alnum:]\-\.]+)?\.amazonaws\.com$/
 
+      DEFAULT_REGION = 'us-east-1'
+
       LOCATION_TO_REGION = Hash.new { |_, key| key }.merge(
-        nil => 'us-east-1',
+        '' => DEFAULT_REGION,
         'EU' => 'eu-west-1'
       )
 
+      def self.s3_client(region = DEFAULT_REGION)
+        ::Aws::S3::Client.new(region: region)
+      end
+
+      def self.s3_resource(region = DEFAULT_REGION)
+        ::Aws::S3::Resource.new(client: s3_client(region))
+      end
+
       def self.s3_object_for(url, follow_redirect = true)
         url = URI(url)
 
@@ -27,8 +37,7 @@ module VagrantPlugins
         end
 
         if bucket && key
-          ::AWS::S3.new(region: get_bucket_region(bucket))
-            .buckets[bucket].objects[key]
+          s3_resource(get_bucket_region(bucket)).bucket(bucket).object(key)
         elsif follow_redirect
           response = Net::HTTP.get_response(url) rescue nil
           if response.is_a?(Net::HTTPRedirection)
@@ -38,15 +47,14 @@ module VagrantPlugins
       end
 
       def self.s3_url_for(method, s3_object)
-        s3_object.url_for(method,
-          expires: 10,
-          signature_version: :v4,
-          force_path_style: true)
+        s3_object.presigned_url(method, expires_in: 60 * 10)
       end
 
       def self.get_bucket_region(bucket)
-        LOCATION_TO_REGION[::AWS::S3.new.buckets[bucket].location_constraint]
-      rescue ::AWS::S3::Errors::AccessDenied
+        LOCATION_TO_REGION[
+          s3_client.get_bucket_location(bucket: bucket).location_constraint
+        ]
+      rescue ::Aws::S3::Errors::AccessDenied
         raise Errors::BucketLocationAccessDeniedError,
           bucket: bucket,
           access_key: ENV['AWS_ACCESS_KEY_ID']

data/lib/vagrant-s3auth/version.rb

@@ -1,5 +1,5 @@
 module VagrantPlugins
   module S3Auth
-    VERSION = '1.0.3'
+    VERSION = '1.1.0'
   end
 end

data/locales/en.yml

@@ -2,7 +2,7 @@ en:
   vagrant_s3auth:
     errors:
       missing_credentials: |-
-        Unable to read AWS credentials from the environment.
+        Unable to find AWS credentials.
 
         Ensure the following variables are set in your environment, or set
         them at the top of your Vagrantfile:
@@ -10,6 +10,12 @@ en:
             AWS_ACCESS_KEY_ID
             AWS_SECRET_ACCESS_KEY
 
+        Alternatively, you can create a credential profile and set the
+
+            AWS_PROFILE
+
+        environment variable. Consult the documentation for details.
+
       malformed_shorthand_url: |-
         Malformed shorthand S3 box URL:
 

data/test/box/public-minimal

@@ -0,0 +1,13 @@
+{
+  "name": "vagrant-s3auth/public-minimal",
+  "description": "This box contains no company secrets.",
+  "versions": [{
+    "version": "1.0.1",
+    "providers": [{
+      "name": "virtualbox",
+      "url": "%{box_url}",
+      "checksum_type": "sha1",
+      "checksum": "8ea536dd3092cf159f02405edd44ded5b62ba4e6"
+    }]
+  }]
+}

data/test/cleanup.rb

@@ -1,13 +1,13 @@
 #!/usr/bin/env ruby
 
 require 'bundler/setup'
-require 'aws'
+require 'aws-sdk'
 
 require_relative 'support'
 
 [REGION_STANDARD, REGION_NONSTANDARD].each do |region|
-  s3 = AWS::S3.new(region: region)
-  bucket = s3.buckets["#{region}.#{BUCKET}"]
+  s3 = Aws::S3::Resource.new(region: region)
+  bucket = s3.bucket("#{region}.#{BUCKET}")
   bucket.delete! if bucket.exists?
 end
 

data/test/run.bats

@@ -23,7 +23,9 @@ fi
 
 teardown() {
   bundle exec vagrant box remove "$VAGRANT_S3AUTH_BOX_BASE" > /dev/null 2>&1 || true
+  bundle exec vagrant box remove "public-$VAGRANT_S3AUTH_BOX_BASE" > /dev/null 2>&1 || true
   bundle exec vagrant box remove "vagrant-s3auth/$VAGRANT_S3AUTH_BOX_BASE" > /dev/null 2>&1 || true
+  bundle exec vagrant box remove "vagrant-s3auth/public-$VAGRANT_S3AUTH_BOX_BASE" > /dev/null 2>&1 || true
   bundle exec vagrant box remove "$ATLAS_USERNAME/$VAGRANT_S3AUTH_ATLAS_BOX_NAME" > /dev/null 2>&1 || true
 }
 
@@ -37,6 +39,13 @@ teardown() {
     "https://s3.amazonaws.com/us-east-1.$VAGRANT_S3AUTH_BUCKET/$VAGRANT_S3AUTH_BOX_BASE.box"
 }
 
+@test "public simple box with full path standard url without credentials" {
+  AWS_ACCESS_KEY_ID= \
+    bundle exec vagrant box add \
+    --name "$VAGRANT_S3AUTH_BOX_BASE" \
+    "https://s3.amazonaws.com/us-east-1.$VAGRANT_S3AUTH_BUCKET/public-$VAGRANT_S3AUTH_BOX_BASE.box"
+}
+
 @test "simple box with full host standard url" {
   bundle exec vagrant box add \
     --name "$VAGRANT_S3AUTH_BOX_BASE" \
@@ -55,6 +64,13 @@ teardown() {
     "https://s3-$VAGRANT_S3AUTH_REGION_NONSTANDARD.amazonaws.com/$VAGRANT_S3AUTH_REGION_NONSTANDARD.$VAGRANT_S3AUTH_BUCKET/$VAGRANT_S3AUTH_BOX_BASE.box"
 }
 
+@test "public simple box with full path nonstandard url without credentials" {
+  AWS_ACCESS_KEY_ID= \
+    bundle exec vagrant box add \
+    --name "$VAGRANT_S3AUTH_BOX_BASE" \
+    "https://s3-$VAGRANT_S3AUTH_REGION_NONSTANDARD.amazonaws.com/$VAGRANT_S3AUTH_REGION_NONSTANDARD.$VAGRANT_S3AUTH_BUCKET/public-$VAGRANT_S3AUTH_BOX_BASE.box"
+}
+
 @test "simple box with full host nonstandard url" {
   bundle exec vagrant box add \
     --name "$VAGRANT_S3AUTH_BOX_BASE" \
@@ -73,6 +89,13 @@ teardown() {
     "https://s3.amazonaws.com/us-east-1.$VAGRANT_S3AUTH_BUCKET/$VAGRANT_S3AUTH_BOX_BASE"
 }
 
+@test "public metadata box with full path standard url without credentials" {
+  AWS_ACCESS_KEY_ID= \
+    bundle exec vagrant box add \
+    --name "vagrant-s3auth/public-$VAGRANT_S3AUTH_BOX_BASE" \
+    "https://s3.amazonaws.com/us-east-1.$VAGRANT_S3AUTH_BUCKET/public-$VAGRANT_S3AUTH_BOX_BASE"
+}
+
 @test "metadata box with full host standard url" {
   bundle exec vagrant box add \
     --name "vagrant-s3auth/$VAGRANT_S3AUTH_BOX_BASE" \
@@ -91,6 +114,14 @@ teardown() {
     "https://s3-$VAGRANT_S3AUTH_REGION_NONSTANDARD.amazonaws.com/$VAGRANT_S3AUTH_REGION_NONSTANDARD.$VAGRANT_S3AUTH_BUCKET/$VAGRANT_S3AUTH_BOX_BASE"
 }
 
+@test "public metadata box with full path nonstandard url without credentials" {
+  AWS_ACCESS_KEY_ID= \
+    bundle exec vagrant box add \
+    --name "vagrant-s3auth/public-$VAGRANT_S3AUTH_BOX_BASE" \
+    "https://s3-$VAGRANT_S3AUTH_REGION_NONSTANDARD.amazonaws.com/$VAGRANT_S3AUTH_REGION_NONSTANDARD.$VAGRANT_S3AUTH_BUCKET/public-$VAGRANT_S3AUTH_BOX_BASE"
+}
+
+
 @test "metadata box with full host nonstandard url" {
   bundle exec vagrant box add \
     --name "vagrant-s3auth/$VAGRANT_S3AUTH_BOX_BASE" \

data/test/setup.rb

@@ -1,29 +1,31 @@
 #!/usr/bin/env ruby
 
 require 'bundler/setup'
-require 'aws'
+require 'aws-sdk'
 
 require_relative 'support'
 
 ROOT = Pathname.new(File.dirname(__FILE__))
 
-box_urls = [REGION_STANDARD, REGION_NONSTANDARD].map do |region|
-  s3 = AWS::S3.new(region: region)
-  bucket = s3.buckets.create("#{region}.#{BUCKET}")
+box_urls = [REGION_STANDARD, REGION_NONSTANDARD].flat_map do |region|
+  s3 = Aws::S3::Resource.new(region: region)
+  bucket = s3.create_bucket(bucket: "#{region}.#{BUCKET}")
 
-  box = bucket.objects["#{BOX_BASE}.box"]
-  box.write(ROOT + Pathname.new("box/#{BOX_BASE}.box"))
-  box.public_url
+  [BOX_BASE, 'public-' + BOX_BASE].flat_map do |box_name|
+    box = bucket.object("#{box_name}.box")
+    box.upload_file(ROOT + Pathname.new("box/#{box_name}.box"))
+    box.acl.put(acl: 'public-read') if box_name.start_with?('public')
 
-  metadata_string = File.read(ROOT + Pathname.new("box/#{BOX_BASE}")) % {
-    box_url: box.public_url
-  }
+    metadata_string = File.read(ROOT + Pathname.new("box/#{box_name}")) % {
+      box_url: box.public_url
+    }
 
-  metadata = bucket.objects[BOX_BASE]
-  metadata.write(metadata_string, content_type: 'application/json')
-  metadata.acl = :public_read
+    metadata = bucket.object(box_name)
+    metadata.put(body: metadata_string, content_type: 'application/json')
+    metadata.acl.put(acl: 'public-read') if box_name.start_with?('public')
 
-  box.public_url
+    box.public_url
+  end
 end
 
 atlas = Atlas.new(ATLAS_TOKEN, ATLAS_USERNAME)

data/vagrant-s3auth.gemspec

@@ -15,7 +15,7 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(/spec/)
   spec.require_paths = ['lib']
 
-  spec.add_dependency 'aws-sdk', '~> 1.59.1'
+  spec.add_dependency 'aws-sdk', '~> 2.0.38'
 
   spec.add_development_dependency 'bundler', '~> 1.5'
   spec.add_development_dependency 'http', '~> 0.6.3'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: vagrant-s3auth
 version: !ruby/object:Gem::Version
-  version: 1.0.3
+  version: 1.1.0
 platform: ruby
 authors:
 - Nikhil Benesch
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-03-11 00:00:00.000000000 Z
+date: 2015-06-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.59.1
+        version: 2.0.38
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.59.1
+        version: 2.0.38
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -108,6 +108,8 @@ files:
 - locales/en.yml
 - test/box/minimal
 - test/box/minimal.box
+- test/box/public-minimal
+- test/box/public-minimal.box
 - test/cleanup.rb
 - test/run.bats
 - test/setup.rb