vault-tools 1.0.1 → 2.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fe49ccd1b29f332961d47073c6856e30b2505c27ecac92560683963d2835d370
-  data.tar.gz: dd30f52a76a9cfdcbcd0f1e44a99b33b0677111ebd80819fa8986597cee0102d
+  metadata.gz: 30215f797eb0408bdb04fcef03f996e62742d53900ab541fa88778d3bd9c3bb7
+  data.tar.gz: 30dd62061f20a3f7c4d98485d33d2dfaed376ecd09d872a795879c3fa29e062a
 SHA512:
-  metadata.gz: 975dca6c4728fbc1fde722298f5b55e874eca041e92e23c43ead2dd13bfd4a71718702f30a1de48c058fd93700302bf48fb0c26af4a1cc945f3fce77fbeafd28
-  data.tar.gz: 64b8630df783acf88d09fc2c807f9b611626b3209679bdaf27d35f0afd99f8a9084931bc62c4e9f4cbdf5751e4e238f8e8c65faee6922ca90a483506f226cfeb
+  metadata.gz: 47006d1b43d504f4faeb5052485b4fcc899be520353c84d1bbf80091983a2406977166a4089807f4222d54baafce4d0ccf1c74264cde82fa35c798448deb4c27
+  data.tar.gz: 23e8a5878796fef48fb97f809e87d813d9c12943d34e3acec788735920391bab399f32dbf7a33b94d51f3867ca5cbc048f149ae3c183b31d0237cb171ee84390

data/.circleci/config.yml

@@ -0,0 +1,15 @@
+version: 2.1
+
+jobs:
+  build:
+    docker:
+      - image: circleci/ruby:2.7.1
+    
+    steps:
+      - checkout
+      - run: export BUNDLE_GEMFILE=$PWD/Gemfile
+      - run: ruby --version
+      - run: gem update --system
+      - run: gem install bundler -v '< 2'
+      - run: bundle install --jobs=3 --retry=3 --path=${BUNDLE_PATH:-vendor/bundle}
+      - run: bundle exec rake

data/Gemfile

@@ -4,12 +4,12 @@ source 'https://rubygems.org'
 gemspec
 
 group :development do
-  gem 'rake', '~> 10.4'
+  gem 'rake', '~> 13.0'
   gem 'shotgun', '~> 0.9.2'
   gem 'yard-sinatra'
 end
 
 group :test do
-  gem 'guard-minitest'
-  gem 'vault-test-tools', '~> 0.4.2'
+  gem 'minitest-around'
+  gem 'vault-test-tools', '~> 1.1.0'
 end

data/Gemfile.lock

@@ -1,113 +1,107 @@
 PATH
   remote: .
   specs:
-    vault-tools (1.0.1)
-      aws-sdk (~> 1.0)
+    vault-tools (2.1.0)
+      aws-sdk-s3 (~> 1.0)
       coderay
       excon
-      fernet (= 2.0.rc2)
-      heroku-api
+      fernet (= 2.0)
       rack (~> 2.0)
       rack-ssl-enforcer
-      rollbar (~> 2.7.1)
+      rollbar (~> 2.18.2)
       scrolls (~> 0.9)
       sinatra (~> 2.0.4)
       uuidtools
-      zipkin-tracer (~> 0.27)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    aws-sdk (1.67.0)
-      aws-sdk-v1 (= 1.67.0)
-    aws-sdk-v1 (1.67.0)
-      json (~> 1.4)
-      nokogiri (~> 1)
-    coderay (1.1.2)
-    concurrent-ruby (1.1.3)
-    dotenv (2.5.0)
-    excon (0.62.0)
-    faraday (0.15.3)
-      multipart-post (>= 1.2, < 3)
-    fernet (2.0.rc2)
+    aws-eventstream (1.1.1)
+    aws-partitions (1.491.0)
+    aws-sdk-core (3.119.1)
+      aws-eventstream (~> 1, >= 1.0.2)
+      aws-partitions (~> 1, >= 1.239.0)
+      aws-sigv4 (~> 1.1)
+      jmespath (~> 1.0)
+    aws-sdk-kms (1.46.0)
+      aws-sdk-core (~> 3, >= 3.119.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-s3 (1.99.0)
+      aws-sdk-core (~> 3, >= 3.119.0)
+      aws-sdk-kms (~> 1)
+      aws-sigv4 (~> 1.1)
+    aws-sigv4 (1.2.4)
+      aws-eventstream (~> 1, >= 1.0.2)
+    coderay (1.1.3)
+    dotenv (2.7.6)
+    excon (0.85.0)
+    fernet (2.0)
       valcro (= 0.1)
-    finagle-thrift (1.4.2)
-      thrift (~> 0.9.3)
-    guard-compat (1.2.1)
-    guard-minitest (2.4.6)
-      guard-compat (~> 1.2)
-      minitest (>= 3.0)
-    heroku-api (0.4.3)
-      excon (~> 0.45)
-      multi_json (~> 1.8)
-    json (1.8.6)
-    logfmt (0.0.8)
-    method_source (0.9.2)
-    mini_portile2 (2.3.0)
-    minitest (5.11.3)
-    multi_json (1.13.1)
-    multipart-post (2.0.0)
-    mustermann (1.0.3)
-    nokogiri (1.8.5)
-      mini_portile2 (~> 2.3.0)
-    pry (0.12.2)
-      coderay (~> 1.1.0)
-      method_source (~> 0.9.0)
-    rack (2.0.6)
-    rack-protection (2.0.4)
+    jmespath (1.4.0)
+    logfmt (0.0.9)
+    method_source (1.0.0)
+    mini_portile2 (2.6.1)
+    minitest (5.14.4)
+    minitest-around (0.5.0)
+      minitest (~> 5.0)
+    multi_json (1.15.0)
+    mustermann (1.1.1)
+      ruby2_keywords (~> 0.0.1)
+    nokogiri (1.12.3)
+      mini_portile2 (~> 2.6.1)
+      racc (~> 1.4)
+    pry (0.14.1)
+      coderay (~> 1.1)
+      method_source (~> 1.0)
+    racc (1.5.2)
+    rack (2.2.3)
+    rack-protection (2.0.8.1)
       rack
     rack-ssl-enforcer (0.2.9)
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
-    rake (10.5.0)
-    rdoc (6.0.4)
-    rollbar (2.7.1)
+    rake (13.0.6)
+    rdoc (6.3.2)
+    rollbar (2.18.2)
       multi_json
     rr (1.2.1)
-    scrolls (0.9.0)
+    ruby2_keywords (0.0.5)
+    scrolls (0.9.1)
     shotgun (0.9.2)
       rack (>= 1.0)
-    sinatra (2.0.4)
+    sinatra (2.0.8.1)
       mustermann (~> 1.0)
       rack (~> 2.0)
-      rack-protection (= 2.0.4)
+      rack-protection (= 2.0.8.1)
       tilt (~> 2.0)
-    sucker_punch (2.1.1)
-      concurrent-ruby (~> 1.0)
-    thrift (0.9.3.0)
-    tilt (2.0.8)
-    uuidtools (2.1.5)
+    tilt (2.0.10)
+    uuidtools (2.2.0)
     valcro (0.1)
-    vault-test-tools (0.4.2)
+    vault-test-tools (1.1.0)
       logfmt
       minitest (~> 5.11)
       nokogiri
       rack-test (~> 1.1)
-      rr
-      scrolls (= 0.9)
-    yard (0.9.16)
+      rr (~> 1.2)
+      scrolls
+    yard (0.9.26)
     yard-sinatra (1.0.0)
       yard (~> 0.7)
-    zipkin-tracer (0.29.1)
-      faraday (~> 0.8)
-      finagle-thrift (~> 1.4.2)
-      rack (>= 1.0)
-      sucker_punch (~> 2.0)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
   dotenv
-  guard-minitest
+  minitest-around
   pry
-  rake (~> 10.4)
+  rake (~> 13.0)
   rdoc
   shotgun (~> 0.9.2)
-  vault-test-tools (~> 0.4.2)
+  vault-test-tools (~> 1.1.0)
   vault-tools!
   yard
   yard-sinatra
 
 BUNDLED WITH
-   1.17.1
+   2.2.26

data/README.md

@@ -3,7 +3,7 @@
 Tools is the English word for ツール.  Tooling for the Heroku Vault
 team to enable faster bootstrapping for Ruby projects.
 
-[![Build Status](https://travis-ci.org/heroku/vault-tools.png?branch=master)](https://travis-ci.org/heroku/vault-tools)
+[![CircleCI](https://circleci.com/gh/heroku/vault-tools/tree/master.svg?style=shield&circle-token=39ec638ab252a4440ca919f9b09dc258b4459c58)](_https://circleci.com/gh/heroku/vault-tools/tree/master_)
 
 ## Installation
 
@@ -26,9 +26,6 @@ calling `Vault.setup` will:
 - if the `CONFIG_APP` environment variable is defined and this is
   the production environment, it will attempt to use the Heroku API
   to load the config vars from another app into `Vault::Config`
-- enable distributed tracing via Zipkin, if the [required config
-  vars](#configs-for-tracing) are set
-
 
 ### `Vault::Config`
 
@@ -93,16 +90,10 @@ Generate the API documentation:
 
     vendor/bin/d
 
-## Configs for tracing
-
-The following are config vars to be set in the consumer app for tracing with
-Zipkin:
-* `APP_NAME` (required) what the trace will show up as in the Zipkin interface.
-* `ZIPKIN_ENABLED` (required) must be set to `true` to start tracing.
-* `ZIPKIN_API_HOST` (required) where to post traces to. URL must contain the
-  basic auth creds from the Tools team.
-* `ZIPKIN_SAMPLE_RATE` defaults to `0.1`.
-
 ## Releasing
 
     > bundle exec rake release
+
+## Release Notes
+  Version 2.1.0 (2021-08-26):
+    guard-minitest was removed due to it causing problems with the ruby version upgrade. Was not actively used anymore. Hasn't been updated in a long time.

data/lib/vault-tools/app.rb

@@ -5,7 +5,7 @@ module Vault
     ID_CAPTURE = /\Aapp(\d+)\@[\w\.]+com\z/
     # Convert a core app ID into a Heroku app ID.
     #
-    # @param app_id [Fixnum] A core app ID.
+    # @param app_id [Integer] A core app ID.
     # @return [String] A Heroku ID that uniquely represents the app.
     def self.id_to_hid(app_id)
       "app#{app_id}@heroku.com"
@@ -13,7 +13,7 @@ module Vault
 
     # Convert a core app ID into a v5 UUID.
     #
-    # @param app_id [Fixnum] An app ID.
+    # @param app_id [Integer] An app ID.
     # @return [String] A v5 UUID that uniquely represents the app.
     def self.id_to_uuid(app_id)
       url = "https://vault.heroku.com/apps/#{app_id}"
@@ -24,7 +24,7 @@ module Vault
     #
     # @param heroku_id [String] A Heroku app ID, such as `app1234@heroku.com`.
     # @raise [ArgumentError] Raised if a malformed Heroku ID is provided.
-    # @return [Fixnum] The core app ID that uniquely represents the app.
+    # @return [Integer] The core app ID that uniquely represents the app.
     def self.hid_to_id(heroku_id)
       if app_id = heroku_id.slice(ID_CAPTURE, 1)
         app_id.to_i

data/lib/vault-tools/config.rb

@@ -32,30 +32,12 @@ module Vault
       ENV[var_name] || @@shared[var_name] || @@defaults[default_name]
     end
 
-    # Loads config from another app.
-    def self.load_shared!(app = nil)
-      heroku   = Heroku::API.new
-      @@shared = heroku.get_config_vars(app).body
-    end
-
     # Reset defaults and shared values
     def self.reset!
       @@defaults = {}
       @@shared   = {}
     end
 
-    # An environment variable from another app.
-    #
-    # @param app [String] The name of the app to get the value from.
-    # @param name [String] The name of the environment variable to fetch a
-    #   value for.
-    # @return [String] The value of an environment variable from another
-    #   Heroku app or nil if no match is available.
-    def self.remote_env(app, name)
-      heroku = Heroku::API.new
-      heroku.get_config_vars(app).body[name]
-    end
-
     # An environment variable.
     #
     # @param name [String] The name of the environment variable to fetch a
@@ -126,7 +108,7 @@ module Vault
 
     # The port to listen on for web requests.
     #
-    # @return [Fixnum] The port to listen on for web requests.
+    # @return [Integer] The port to listen on for web requests.
     def self.port
       env!("PORT").to_i
     end
@@ -148,12 +130,12 @@ module Vault
       !bool?('VAULT_TOOLS_DISABLE_SSL')
     end
 
-    # An environment variable converted to a Fixnum.
+    # An environment variable converted to a Integer.
     #
     # @param name [String] The name of the environment variable to fetch a
-    #   Fixnum for.
-    # @return [Fixnum] The number or nil if the value couldn't be coerced to a
-    #   Fixnum.
+    #   Integer for.
+    # @return [Integer] The number or nil if the value couldn't be coerced to a
+    #   Integer.
     def self.int(name)
       self[name] && self[name].to_i
     end
@@ -194,7 +176,7 @@ module Vault
 
     # The number of threads to use in Sidekiq workers.
     #
-    # @return [Fixnum] The number of threads from the `SIDEKIQ_CONCURRENCY`
+    # @return [Integer] The number of threads from the `SIDEKIQ_CONCURRENCY`
     #   environment variable or 25 if no variable is defined.
     def self.sidekiq_concurrency
       int('SIDEKIQ_CONCURRENCY') || 25

data/lib/vault-tools/log.rb

@@ -19,9 +19,9 @@ module Vault
     # This makes it possible to easily measure individual HTTP status codes as
     # well as classes of HTTP status codes.
     #
-    # @param status [Fixnum] The HTTP status code to record.
-    def self.count_status(status)
-      count("http.#{status}")
+    # @param status [Integer] The HTTP status code to record.
+    def self.count_status(status, data)
+      count("http.#{status}", 1, data)
       if status_prefix = status.to_s.match(/\d/)[0]
         count("http.#{status_prefix}xx")
       end
@@ -39,7 +39,7 @@ module Vault
     # Log a timing metric.
     #
     # @param name [String] A Sinatra-formatted route URL.
-    # @param duration [Fixnum] The duration to record, in milliseconds.
+    # @param duration [Integer] The duration to record, in milliseconds.
     def self.time(name, duration)
       if name
         name.gsub(/\/:\w+/, '').            # Remove param names from path.

data/lib/vault-tools/pipeline.rb

@@ -16,11 +16,11 @@ module Vault
   class Pipeline
     def self.use(*args)
       @filters ||= []
-      @filters.push *args
+      @filters.push(*args)
     end
 
     def self.filters
-      @filters
+      @filters ||= nil
     end
 
     def self.process(thing)

data/lib/vault-tools/s3.rb

@@ -1,4 +1,4 @@
-require 'aws-sdk'
+require 'aws-sdk-s3'
 
 module S3
   extend self
@@ -10,7 +10,7 @@ module S3
   # @param value [String]
   def write(bucket, key, value)
     Vault::Log.log(:fn => __method__, :key => key) do
-      s3.buckets[bucket].objects[key].write(value)
+      s3.put_object({bucket: bucket, key: key, body: value})
     end
   end
 
@@ -20,17 +20,17 @@ module S3
   # @param key [String]
   def read(bucket, key)
     Vault::Log.log(:fn => __method__, :key => key) do
-      s3.buckets[bucket].objects[key].read
+      s3.get_object({bucket: bucket, key: key}).body.read
     end
   end
 
-  # Get the underlying AWS::S3 instance, creating it using environment vars
-  # if necessary.
+  # Get the underlying AWS::S3::Client instance, creating it using environment
+  # vars if necessary.
   def s3
-    @s3 ||= AWS::S3.new(
-      :access_key_id => Config.env('AWS_ACCESS_KEY_ID'),
-      :secret_access_key => Config.env('AWS_SECRET_ACCESS_KEY'),
-      :use_ssl => true
+    @s3 ||= Aws::S3::Client.new(
+      credentials: Aws::Credentials.new(Config.env('AWS_ACCESS_KEY_ID'),
+                                        Config.env('AWS_SECRET_ACCESS_KEY')),
+      region: Config.env('AWS_REGION')
     )
   end
 

data/lib/vault-tools/statement_store.rb

@@ -2,8 +2,9 @@ module Vault
   # The StatementStore knows how to save and retrieve invoices from S3
   class StatementStore
     def initialize(opts = {})
-      @key_id = opts.fetch(:key_id, ENV['AWS_ACCESS_KEY_ID'])
-      @key = opts.fetch(:key, ENV['AWS_SECRET_ACCESS_KEY'])
+      @credentials = Aws::Credentials.new(opts.fetch(:key_id, Config[:aws_access_key_id]),
+                                          opts.fetch(:key, Config[:aws_secret_access_key]))
+      @region = opts.fetch(:region, Config[:aws_region])
     end
 
     # Retrieve invoice JSON from S3
@@ -34,20 +35,24 @@ module Vault
 
     # Retrieve the contents in a given format of a given file from S3
     def retrieve(format, opts)
-      s3.buckets[bucket_for(format, opts)].objects[path_for(opts)].read
+      s3.get_object({
+        bucket: bucket_for(format, opts),
+        key: path_for(opts)
+      }).body.read
     end
 
     # Write the contents in the given format to S3
     def write(format, opts)
-      obj = s3.buckets[bucket_for(format, opts)].objects[path_for(opts)]
-      obj.write(opts[:contents])
-      obj
+      s3.put_object({
+        bucket: bucket_for(format, opts),
+        key: path_for(opts),
+        body: opts[:contents]
+      })
     end
 
     # Get an instance of the S3 client to work with
     def s3
-      @s3 ||= AWS::S3.new(access_key_id: @key_id, secret_access_key: @key,
-                          use_ssl: true)
+      @s3 ||= Aws::S3::Client.new(credentials: @credentials, region: @region)
     end
 
     # Determine which bucket an invoice should live in
@@ -73,10 +78,11 @@ module Vault
     private
 
     def validate_path_opts(opts)
+      user = opts[:user_hid] || opts[:user_id]
+
       fail(ArgumentError, 'start_time required!') unless opts[:start_time]
       fail(ArgumentError, 'stop_time required!') unless opts[:stop_time]
       fail(ArgumentError, 'version required!') unless opts[:version]
-      user = opts[:user_hid] || opts[:user_id]
       fail(ArgumentError, 'user_hid or or user_id required!') unless user
     end
   end