vault-tools 0.7.1 → 2.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 0f446bd84b2eda87b17e6aeda507007ef5eb1c70
-  data.tar.gz: 3b99cfa7710146aad56c572c91807bbf39c57568
+SHA256:
+  metadata.gz: 94e958db62b7b6488e9e8369e0c2067cabd5a9ffdb6c2ebe91e774266dea2785
+  data.tar.gz: 75fbf49120000e5c48ff9b2ae1647aa88a63fc8e23fe64528c307653c310c5fb
 SHA512:
-  metadata.gz: 127f16f37b2061645c3a352598f3948a061a2d0fa97c15fc7abb159bd292ebb355c0e705a6afa45e43e1a7f14f5e57c07dbca4c0147985f6ce63d3c36068e021
-  data.tar.gz: 539c7464fd0b88aef7cbbe125e59b806c372d9e29d003fd008ac20490fdb0253fd447184d75fe3a4a7633449a449a8da813a4d05f774281e5d536f8afed6094f
+  metadata.gz: e2cf15adf12bef707094105199bc93bbe11c54f8c6ca75b441d7860e3df0efab710c139a4425cb85b1e55ed3cdb3b41d96e4d2ef3188f162a000e5eec022c1cb
+  data.tar.gz: 1e0f0e3f31feaa53fdfb08c5788f91f13bd78d3142eacdc4a3b03d2ee9ad3a1aae68372d84c9a2983c7846e436f7c63b35456690648262a3e2ce0babcfc2a0fb

data/.travis.yml

@@ -1,6 +1,7 @@
 language: ruby
 cache: bundler
 rvm:
-  - 2.5.0
-  - 2.4.0
-  - 2.3.0
+  - 2.6.0
+  - 2.5.3
+before_install:
+  - gem install bundler -v '< 2'

data/Gemfile

@@ -4,12 +4,13 @@ source 'https://rubygems.org'
 gemspec
 
 group :development do
-  gem 'rake'
-  gem 'shotgun'
+  gem 'rake', '~> 13.0'
+  gem 'shotgun', '~> 0.9.2'
   gem 'yard-sinatra'
 end
 
 group :test do
-  gem 'vault-test-tools'
   gem 'guard-minitest'
+  gem 'minitest-around'
+  gem 'vault-test-tools', '~> 1.0.0'
 end

data/Gemfile.lock

@@ -1,102 +1,94 @@
 PATH
   remote: .
   specs:
-    vault-tools (0.7.1)
-      aws-sdk (~> 1.0)
+    vault-tools (2.0.2)
+      aws-sdk-s3 (~> 1.0)
       coderay
       excon
-      fernet (= 2.0.rc2)
-      heroku-api
-      rack (~> 1.6.4)
+      fernet (= 2.0)
+      rack (~> 2.0)
       rack-ssl-enforcer
-      rollbar (~> 2.7.1)
+      rollbar (~> 2.18.2)
       scrolls (~> 0.9)
-      sinatra (~> 1.4.4)
+      sinatra (~> 2.0.4)
       uuidtools
-      zipkin-tracer (~> 0.27)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    ansi (1.5.0)
-    aws-sdk (1.67.0)
-      aws-sdk-v1 (= 1.67.0)
-    aws-sdk-v1 (1.67.0)
-      json (~> 1.4)
-      nokogiri (~> 1)
+    aws-eventstream (1.1.0)
+    aws-partitions (1.332.0)
+    aws-sdk-core (3.100.0)
+      aws-eventstream (~> 1, >= 1.0.2)
+      aws-partitions (~> 1, >= 1.239.0)
+      aws-sigv4 (~> 1.1)
+      jmespath (~> 1.0)
+    aws-sdk-kms (1.34.1)
+      aws-sdk-core (~> 3, >= 3.99.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-s3 (1.69.1)
+      aws-sdk-core (~> 3, >= 3.99.0)
+      aws-sdk-kms (~> 1)
+      aws-sigv4 (~> 1.1)
+    aws-sigv4 (1.2.0)
+      aws-eventstream (~> 1, >= 1.0.2)
     coderay (1.1.2)
-    concurrent-ruby (1.0.5)
-    dotenv (2.0.0)
-    excon (0.60.0)
-    faraday (0.15.1)
-      multipart-post (>= 1.2, < 3)
-    fernet (2.0.rc2)
+    dotenv (2.5.0)
+    excon (0.75.0)
+    fernet (2.0)
       valcro (= 0.1)
-    finagle-thrift (1.4.2)
-      thrift (~> 0.9.3)
     guard-compat (1.2.1)
-    guard-minitest (2.4.4)
+    guard-minitest (2.4.6)
       guard-compat (~> 1.2)
       minitest (>= 3.0)
-    heroku-api (0.4.3)
-      excon (~> 0.45)
-      multi_json (~> 1.8)
-    json (1.8.6)
-    logfmt (0.0.7)
-    method_source (0.9.0)
-    mini_portile2 (2.3.0)
-    minitest (4.7.5)
-    multi_json (1.13.1)
-    multipart-post (2.0.0)
-    nokogiri (1.8.2)
-      mini_portile2 (~> 2.3.0)
-    pry (0.11.3)
+    jmespath (1.4.0)
+    logfmt (0.0.8)
+    method_source (0.9.2)
+    mini_portile2 (2.4.0)
+    minitest (5.11.3)
+    minitest-around (0.5.0)
+      minitest (~> 5.0)
+    multi_json (1.14.1)
+    mustermann (1.1.1)
+      ruby2_keywords (~> 0.0.1)
+    nokogiri (1.10.9)
+      mini_portile2 (~> 2.4.0)
+    pry (0.12.2)
       coderay (~> 1.1.0)
       method_source (~> 0.9.0)
-    rack (1.6.4)
-    rack-protection (1.5.5)
+    rack (2.0.6)
+    rack-protection (2.0.8.1)
       rack
     rack-ssl-enforcer (0.2.9)
-    rack-test (0.6.3)
-      rack (>= 1.0)
-    rake (10.4.2)
-    rdoc (6.0.1)
-    rollbar (2.7.1)
+    rack-test (1.1.0)
+      rack (>= 1.0, < 3)
+    rake (13.0.1)
+    rdoc (6.1.1)
+    rollbar (2.18.2)
       multi_json
-    rr (1.1.2)
+    rr (1.2.1)
+    ruby2_keywords (0.0.2)
     scrolls (0.9.0)
-    shotgun (0.9.1)
+    shotgun (0.9.2)
       rack (>= 1.0)
-    sinatra (1.4.8)
-      rack (~> 1.5)
-      rack-protection (~> 1.4)
-      tilt (>= 1.3, < 3)
-    sucker_punch (2.0.4)
-      concurrent-ruby (~> 1.0.0)
-    thrift (0.9.3.0)
-    tilt (2.0.8)
-    turn (0.9.7)
-      ansi
-      minitest (~> 4)
+    sinatra (2.0.8.1)
+      mustermann (~> 1.0)
+      rack (~> 2.0)
+      rack-protection (= 2.0.8.1)
+      tilt (~> 2.0)
+    tilt (2.0.10)
     uuidtools (2.1.5)
     valcro (0.1)
-    vault-test-tools (0.3.9)
-      guard-minitest
+    vault-test-tools (1.0.0)
       logfmt
-      minitest (~> 4.7.4)
+      minitest (~> 5.11)
       nokogiri
-      rack-test
+      rack-test (~> 1.1)
       rr
-      scrolls
-      turn
-    yard (0.9.12)
+      scrolls (= 0.9)
+    yard (0.9.25)
     yard-sinatra (1.0.0)
       yard (~> 0.7)
-    zipkin-tracer (0.27.2.1)
-      faraday (~> 0.8)
-      finagle-thrift (~> 1.4.2)
-      rack (>= 1.0)
-      sucker_punch (~> 2.0)
 
 PLATFORMS
   ruby
@@ -104,14 +96,15 @@ PLATFORMS
 DEPENDENCIES
   dotenv
   guard-minitest
+  minitest-around
   pry
-  rake
+  rake (~> 13.0)
   rdoc
-  shotgun
-  vault-test-tools
+  shotgun (~> 0.9.2)
+  vault-test-tools (~> 1.0.0)
   vault-tools!
   yard
   yard-sinatra
 
 BUNDLED WITH
-   1.16.1
+   1.17.3

data/README.md

@@ -26,9 +26,6 @@ calling `Vault.setup` will:
 - if the `CONFIG_APP` environment variable is defined and this is
   the production environment, it will attempt to use the Heroku API
   to load the config vars from another app into `Vault::Config`
-- enable distributed tracing via Zipkin, if the [required config
-  vars](#configs-for-tracing) are set
-
 
 ### `Vault::Config`
 
@@ -93,16 +90,6 @@ Generate the API documentation:
 
     vendor/bin/d
 
-## Configs for tracing
-
-The following are config vars to be set in the consumer app for tracing with
-Zipkin:
-* `APP_NAME` (required) what the trace will show up as in the Zipkin interface.
-* `ZIPKIN_ENABLED` (required) must be set to `true` to start tracing.
-* `ZIPKIN_API_HOST` (required) where to post traces to. URL must contain the
-  basic auth creds from the Tools team.
-* `ZIPKIN_SAMPLE_RATE` defaults to `0.1`.
-
 ## Releasing
 
     > bundle exec rake release

data/lib/vault-tools.rb

@@ -3,19 +3,8 @@ require "vault-tools/version"
 require 'sinatra/base'
 require 'scrolls'
 require 'rack/ssl-enforcer'
-require 'heroku-api'
 require 'rollbar'
-
-Rollbar.configure do |config|
-  config.environment = ENV['RACK_ENV'] || ENV['RAILS_ENV'] || ENV['APP_ENV'] || ENV['ROLLBAR_ENV'] || 'unassigned'
-  config.access_token = ENV['ROLLBAR_ACCESS_TOKEN']
-  config.scrub_headers = (config.scrub_headers || []) | ["Authorization", "Cookie", "Set-Cookie", "X_CSRF_TOKEN", "X-CSRF-Token", "HTTP_X_CSRF_TOKEN"]
-  config.scrub_fields = (config.scrub_fields || []) | [:passwd, :password, :password_confirmation, :secret, :confirm_password,
-                          :secret_token, :api_key, :access_token, :authenticity_token, :"bouncer.token", :"bouncer.refresh_token",
-                          :heroku_oauth_token, :heroku_session_nonce, :heroku_users_session, :oauth_token, :postgres_session_nonce,
-                          :"request.cookies.signup-sso-session", :sudo_oauth_token, :super_user_session_secret, :user_session_secret,
-                          :"wwo-sso-session"]
-end
+require 'excon'
 
 # Yes, there's a lot of stuff on STDERR.  But its on
 # stderr and not stdout so you can pipe to /dev/null if
@@ -83,7 +72,6 @@ module Vault
     self.override_global_config
     self.load_shared_config
     self.init_scrolls
-    Tracing.configure
   end
 end
 
@@ -101,6 +89,17 @@ require 'vault-tools/time'
 require 'vault-tools/s3'
 require 'vault-tools/statement_store'
 require 'vault-tools/rollbar_helper'
-require 'vault-tools/tracing/sidekiq_client'
-require 'vault-tools/tracing/sidekiq_server'
-require 'vault-tools/tracing'
+
+Rollbar.configure do |config|
+  config.environment = ENV['RACK_ENV'] || ENV['RAILS_ENV'] || ENV['APP_ENV'] || ENV['ROLLBAR_ENV'] || 'unassigned'
+  config.access_token = ENV['ROLLBAR_ACCESS_TOKEN']
+  config.scrub_headers = (config.scrub_headers || []) | ["Authorization", "Cookie", "Set-Cookie", "X_CSRF_TOKEN", "X-CSRF-Token", "HTTP_X_CSRF_TOKEN"]
+  config.scrub_fields = (config.scrub_fields || []) | [:passwd, :password, :password_confirmation, :secret, :confirm_password,
+                          :secret_token, :api_key, :access_token, :authenticity_token, :"bouncer.token", :"bouncer.refresh_token",
+                          :heroku_oauth_token, :heroku_session_nonce, :heroku_users_session, :oauth_token, :postgres_session_nonce,
+                          :"request.cookies.signup-sso-session", :sudo_oauth_token, :super_user_session_secret, :user_session_secret,
+                          :"wwo-sso-session"]
+
+
+  config.enabled = Vault::Config.production?
+end

data/lib/vault-tools/app.rb

@@ -5,7 +5,7 @@ module Vault
     ID_CAPTURE = /\Aapp(\d+)\@[\w\.]+com\z/
     # Convert a core app ID into a Heroku app ID.
     #
-    # @param app_id [Fixnum] A core app ID.
+    # @param app_id [Integer] A core app ID.
     # @return [String] A Heroku ID that uniquely represents the app.
     def self.id_to_hid(app_id)
       "app#{app_id}@heroku.com"
@@ -13,7 +13,7 @@ module Vault
 
     # Convert a core app ID into a v5 UUID.
     #
-    # @param app_id [Fixnum] An app ID.
+    # @param app_id [Integer] An app ID.
     # @return [String] A v5 UUID that uniquely represents the app.
     def self.id_to_uuid(app_id)
       url = "https://vault.heroku.com/apps/#{app_id}"
@@ -24,7 +24,7 @@ module Vault
     #
     # @param heroku_id [String] A Heroku app ID, such as `app1234@heroku.com`.
     # @raise [ArgumentError] Raised if a malformed Heroku ID is provided.
-    # @return [Fixnum] The core app ID that uniquely represents the app.
+    # @return [Integer] The core app ID that uniquely represents the app.
     def self.hid_to_id(heroku_id)
       if app_id = heroku_id.slice(ID_CAPTURE, 1)
         app_id.to_i

data/lib/vault-tools/config.rb

@@ -32,30 +32,12 @@ module Vault
       ENV[var_name] || @@shared[var_name] || @@defaults[default_name]
     end
 
-    # Loads config from another app.
-    def self.load_shared!(app = nil)
-      heroku   = Heroku::API.new
-      @@shared = heroku.get_config_vars(app).body
-    end
-
     # Reset defaults and shared values
     def self.reset!
       @@defaults = {}
       @@shared   = {}
     end
 
-    # An environment variable from another app.
-    #
-    # @param app [String] The name of the app to get the value from.
-    # @param name [String] The name of the environment variable to fetch a
-    #   value for.
-    # @return [String] The value of an environment variable from another
-    #   Heroku app or nil if no match is available.
-    def self.remote_env(app, name)
-      heroku = Heroku::API.new
-      heroku.get_config_vars(app).body[name]
-    end
-
     # An environment variable.
     #
     # @param name [String] The name of the environment variable to fetch a
@@ -126,7 +108,7 @@ module Vault
 
     # The port to listen on for web requests.
     #
-    # @return [Fixnum] The port to listen on for web requests.
+    # @return [Integer] The port to listen on for web requests.
     def self.port
       env!("PORT").to_i
     end
@@ -148,12 +130,12 @@ module Vault
       !bool?('VAULT_TOOLS_DISABLE_SSL')
     end
 
-    # An environment variable converted to a Fixnum.
+    # An environment variable converted to a Integer.
     #
     # @param name [String] The name of the environment variable to fetch a
-    #   Fixnum for.
-    # @return [Fixnum] The number or nil if the value couldn't be coerced to a
-    #   Fixnum.
+    #   Integer for.
+    # @return [Integer] The number or nil if the value couldn't be coerced to a
+    #   Integer.
     def self.int(name)
       self[name] && self[name].to_i
     end
@@ -194,7 +176,7 @@ module Vault
 
     # The number of threads to use in Sidekiq workers.
     #
-    # @return [Fixnum] The number of threads from the `SIDEKIQ_CONCURRENCY`
+    # @return [Integer] The number of threads from the `SIDEKIQ_CONCURRENCY`
     #   environment variable or 25 if no variable is defined.
     def self.sidekiq_concurrency
       int('SIDEKIQ_CONCURRENCY') || 25

data/lib/vault-tools/log.rb

@@ -19,9 +19,9 @@ module Vault
     # This makes it possible to easily measure individual HTTP status codes as
     # well as classes of HTTP status codes.
     #
-    # @param status [Fixnum] The HTTP status code to record.
-    def self.count_status(status)
-      count("http.#{status}")
+    # @param status [Integer] The HTTP status code to record.
+    def self.count_status(status, data)
+      count("http.#{status}", 1, data)
       if status_prefix = status.to_s.match(/\d/)[0]
         count("http.#{status_prefix}xx")
       end
@@ -39,7 +39,7 @@ module Vault
     # Log a timing metric.
     #
     # @param name [String] A Sinatra-formatted route URL.
-    # @param duration [Fixnum] The duration to record, in milliseconds.
+    # @param duration [Integer] The duration to record, in milliseconds.
     def self.time(name, duration)
       if name
         name.gsub(/\/:\w+/, '').            # Remove param names from path.

data/lib/vault-tools/pipeline.rb

@@ -20,7 +20,7 @@ module Vault
     end
 
     def self.filters
-      @filters
+      @filters ||= nil
     end
 
     def self.process(thing)

data/lib/vault-tools/s3.rb

@@ -1,4 +1,4 @@
-require 'aws-sdk'
+require 'aws-sdk-s3'
 
 module S3
   extend self
@@ -10,7 +10,7 @@ module S3
   # @param value [String]
   def write(bucket, key, value)
     Vault::Log.log(:fn => __method__, :key => key) do
-      s3.buckets[bucket].objects[key].write(value)
+      s3.put_object({bucket: bucket, key: key, body: value})
     end
   end
 
@@ -20,17 +20,17 @@ module S3
   # @param key [String]
   def read(bucket, key)
     Vault::Log.log(:fn => __method__, :key => key) do
-      s3.buckets[bucket].objects[key].read
+      s3.get_object({bucket: bucket, key: key}).body.read
     end
   end
 
-  # Get the underlying AWS::S3 instance, creating it using environment vars
-  # if necessary.
+  # Get the underlying AWS::S3::Client instance, creating it using environment
+  # vars if necessary.
   def s3
-    @s3 ||= AWS::S3.new(
-      :access_key_id => Config.env('AWS_ACCESS_KEY_ID'),
-      :secret_access_key => Config.env('AWS_SECRET_ACCESS_KEY'),
-      :use_ssl => true
+    @s3 ||= Aws::S3::Client.new(
+      credentials: Aws::Credentials.new(Config.env('AWS_ACCESS_KEY_ID'),
+                                        Config.env('AWS_SECRET_ACCESS_KEY')),
+      region: Config.env('AWS_REGION')
     )
   end