vault 0.15.0 → 0.16.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 267c85a379172af5c24fd3c3d4e14b9f07991e058f64933b3c56cc07036b053e
-  data.tar.gz: 847ead8ea9965e449dfbf11e3447b240e5c016fbe90e177f1ba6adca0615ee18
+  metadata.gz: 46c570463a1aba190e789e5b2516b4140d48961611ff058235d3b9744e6a6b24
+  data.tar.gz: c84a96cf71d9f405281f56629e0fb68a6ce051740ea46da60e35cabf37d8b44e
 SHA512:
-  metadata.gz: 744df9d7282b0f873f008667fbd9c5bd943eea362535cdf872598c5eb5cb9fa36bb91d182a2b3ad0a2877294c16e345d371b33998a83645ba4e6880b13980e0e
-  data.tar.gz: 64ac03ddf3a2c5609e2224548353be0d9e640bfba1ec0ec0e215f541f2802db830238373a5b38fb15f77675d75717847468b8e5c2a1331cf609e87ca497e812a
+  metadata.gz: 98a20e963ec212e2269d1c28b581c24b356495789b4b37b20ebcb829c17904b518fc32f9cd2dadfcd59b957361410e7aa61f88e7ad419d72533d0ac1bd0ec68d
+  data.tar.gz: 35f0126a7e7ba6173662222a9006cd02bc2f78d6d674533546b68ad87420f99b1e26f1f160058b2a051c36a5faac219921ab24191f9165212ddc8f15c440e0a6

data/CHANGELOG.md

@@ -1,5 +1,11 @@
 # Vault Ruby Changelog
 
+## v0.16.0 (??? ??, 2021)
+
+IMPROVEMENTS
+
+- The timeout used to get a connection from the connection pool that talks with vault is now configurable. Using `Vault.pool_timeout` or the env var `VAULT_POOL_TIMEOUT`.
+
 ## v0.15.0 (July 29, 2020)
 
 IMPROVEMENTS

data/README.md

@@ -1,15 +1,17 @@
-Vault Ruby Client [![Build Status](https://secure.travis-ci.org/hashicorp/vault-ruby.svg)](http://travis-ci.org/hashicorp/vault-ruby)
+Vault Ruby Client [![Build Status](https://circleci.com/gh/hashicorp/vault-ruby.svg?style=shield)](https://circleci.com/gh/hashicorp/vault-ruby)
 =================
 
 Vault is the official Ruby client for interacting with [Vault](https://vaultproject.io) by HashiCorp.
 
-**The documentation in this README corresponds to the master branch of the Vault Ruby client. It may contain unreleased features or different APIs than the most recently released version. Please see the Git tag that corresponds to your version of the Vault Ruby client for the proper documentation.**
+**If you're viewing this README from GitHub on the `master` branch, know that it may contain unreleased features or
+different APIs than the most recently released version. Please see the Git tag that corresponds to your version of the
+Vault Ruby client for the proper documentation.**
 
 Quick Start
 -----------
 Install Ruby 2.0+: [Guide](https://www.ruby-lang.org/en/documentation/installation/).
 
-> Please note that Vault Ruby may work on older Ruby installations like Ruby 1.9, but you **should not** use these versions of Ruby when communicating with a Vault server. Ruby 1.9 has [reached EOL](https://www.ruby-lang.org/en/news/2014/01/10/ruby-1-9-3-will-end-on-2015/) and will no longer receive important security patches or maintenance updates. There _are known security vulnerabilities_ specifically around SSL ciphers, which this library uses to communicate with a Vault server. While many distros still ship with Ruby 1.9 as the default, you are **highly discouraged** from using this library on any version of Ruby lower than Ruby 2.0.
+> Please note that as of Vault Ruby version 0.14.0 versions of Ruby prior to 2.0 are no longer supported.
 
 Install via Rubygems:
 
@@ -18,7 +20,7 @@ Install via Rubygems:
 or add it to your Gemfile if you're using Bundler:
 
 ```ruby
-gem "vault", "~> 0.1"
+gem "vault"
 ```
 
 and then run the `bundle` command to install.
@@ -214,7 +216,7 @@ Development
 Important Notes:
 
 - **All new features must include test coverage.** At a bare minimum, Unit tests are required. It is preferred if you include integration tests as well.
-- **The tests must be be idempotent.** The HTTP calls made during a test should be able to be run over and over.
+- **The tests must be idempotent.** The HTTP calls made during a test should be able to be run over and over.
 - **Tests are order independent.** The default RSpec configuration randomizes the test order, so this should not be a problem.
 - **Integration tests require Vault**  Vault must be available in the path for the integration tests to pass.
    - **In order to be considered an integration test:** The test MUST use the `vault_test_client` or `vault_redirect_test_client` as the client. This spawns a process, or uses an already existing process from another test, to run against.

data/lib/vault/client.rb

@@ -86,7 +86,7 @@ module Vault
       @lock.synchronize do
         return @nhp if @nhp
 
-        @nhp = PersistentHTTP.new("vault-ruby", nil, pool_size)
+        @nhp = PersistentHTTP.new("vault-ruby", nil, pool_size, pool_timeout)
 
         if proxy_address
           proxy_uri = URI.parse "http://#{proxy_address}"

data/lib/vault/configurable.rb

@@ -14,6 +14,7 @@ module Vault
         :proxy_port,
         :proxy_username,
         :pool_size,
+        :pool_timeout,
         :read_timeout,
         :ssl_ciphers,
         :ssl_pem_contents,

data/lib/vault/defaults.rb

@@ -30,6 +30,9 @@ module Vault
     # The default size of the connection pool
     DEFAULT_POOL_SIZE = 16
 
+    # The default timeout in seconds for retrieving a connection from the connection pool
+    DEFAULT_POOL_TIMEOUT = 0.5
+
     # The set of exceptions that are detect and retried by default
     # with `with_retries`
     RETRIED_EXCEPTIONS = [HTTPServerError]
@@ -85,12 +88,22 @@ module Vault
       # @return Integer
       def pool_size
         if var = ENV["VAULT_POOL_SIZE"]
-          return var.to_i
+          var.to_i
         else
           DEFAULT_POOL_SIZE
         end
       end
 
+      # The timeout for getting a connection from the connection pool that communicates with Vault
+      # @return Float
+      def pool_timeout
+        if var = ENV["VAULT_POOL_TIMEOUT"]
+          var.to_f
+        else
+          DEFAULT_POOL_TIMEOUT
+        end
+      end
+
       # The HTTP Proxy server address as a string
       # @return [String, nil]
       def proxy_address

data/lib/vault/persistent.rb

@@ -202,11 +202,6 @@ class PersistentHTTP
 
   HAVE_OPENSSL = defined? OpenSSL::SSL # :nodoc:
 
-  ##
-  # The default connection pool size is 1/4 the allowed open files.
-
-  DEFAULT_POOL_SIZE = 16
-
   ##
   # The version of PersistentHTTP you are using
 
@@ -505,7 +500,7 @@ class PersistentHTTP
   # Defaults to 1/4 the number of allowed file handles.  You can have no more
   # than this many threads with active HTTP transactions.
 
-  def initialize name=nil, proxy=nil, pool_size=DEFAULT_POOL_SIZE
+  def initialize name=nil, proxy=nil, pool_size=Vault::Defaults::DEFAULT_POOL_SIZE, pool_timeout=Vault::Defaults::DEFAULT_POOL_TIMEOUT
     @name = name
 
     @debug_output     = nil
@@ -525,7 +520,7 @@ class PersistentHTTP
     @socket_options << [Socket::IPPROTO_TCP, Socket::TCP_NODELAY, 1] if
       Socket.const_defined? :TCP_NODELAY
 
-    @pool = PersistentHTTP::Pool.new size: pool_size do |http_args|
+    @pool = PersistentHTTP::Pool.new size: pool_size, timeout: pool_timeout do |http_args|
       PersistentHTTP::Connection.new Net::HTTP, http_args, @ssl_generation
     end
 

data/lib/vault/persistent/pool.rb

@@ -31,7 +31,7 @@ class PersistentHTTP::Pool < Vault::ConnectionPool # :nodoc:
     stack  = stacks[net_http_args]
 
     if stack.empty? then
-      conn = @available.pop connection_args: net_http_args
+      conn = @available.pop @timeout, connection_args: net_http_args
     else
       conn = stack.last
     end

data/lib/vault/version.rb

@@ -1,3 +1,3 @@
 module Vault
-  VERSION = "0.15.0"
+  VERSION = "0.16.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: vault
 version: !ruby/object:Gem::Version
-  version: 0.15.0
+  version: 0.16.0
 platform: ruby
 authors:
 - Seth Vargo
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-08-05 00:00:00.000000000 Z
+date: 2021-03-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sigv4
@@ -115,14 +115,9 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".circleci/config.yml"
-- ".gitignore"
-- ".rspec"
 - CHANGELOG.md
-- Gemfile
 - LICENSE
 - README.md
-- Rakefile
 - lib/vault.rb
 - lib/vault/api.rb
 - lib/vault/api/approle.rb
@@ -165,7 +160,6 @@ files:
 - lib/vault/vendor/connection_pool/timed_stack.rb
 - lib/vault/vendor/connection_pool/version.rb
 - lib/vault/version.rb
-- vault.gemspec
 homepage: https://github.com/hashicorp/vault-ruby
 licenses:
 - MPL-2.0
@@ -178,14 +172,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.2.3
 signing_key: 
 specification_version: 4
 summary: Vault is a Ruby API client for interacting with a Vault server.

data/.circleci/config.yml

@@ -1,85 +0,0 @@
-version: 2.1
-
-orbs:
-  gem: zfhui/ruby-gem@0.2.1
-
-references:
-  images:
-    ubuntu: &UBUNTU_IMAGE ubuntu-1604:201903-01
-
-jobs:
-  test:
-    machine:
-      image: *UBUNTU_IMAGE
-    parameters:
-      ruby-version:
-        type: string
-      vault-version:
-        type: string
-    steps:
-      - checkout
-            # Restore bundle cache
-      - restore_cache:
-          keys:
-            - v1-dependencies-bundler-<< parameters.ruby-version >>-{{ checksum "vault.gemspec" }}
-            # fallback to using the latest cache if no exact match is found
-            - v1-dependencies-bundler-
-      - run:
-          name: Install vault
-          command: |
-            curl -sLo vault.zip https://releases.hashicorp.com/vault/<< parameters.vault-version >>/vault_<< parameters.vault-version >>_linux_amd64.zip
-            unzip vault.zip
-            mkdir -p ~/bin
-            mv vault ~/bin
-            export PATH="~/bin:$PATH"
-      - run:
-          name: Set ruby version
-          command: |
-            rvm install << parameters.ruby-version >>
-            echo . $(rvm << parameters.ruby-version >> do rvm env --path) >> $BASH_ENV
-      - run:
-          name: Run tests
-          command: |
-            export VAULT_VERSION=<< parameters.vault-version >>
-            ruby --version
-            gem install bundler
-            bundle -v
-            bundle install --jobs=3 --retry=3 --path=vendor/bundle
-            bundle exec rake
-      # Store bundle cache
-      - save_cache:
-          key: v1-dependencies-bundler-<< parameters.ruby-version >>-{{ checksum "vault.gemspec" }}
-          paths:
-            - vendor/bundle
-
-  build-release:
-    working_directory: ~/repo
-    executor: gem/default
-    steps:
-      - gem/build:
-          gem-name: vault
-      - gem/release:
-          gem-name: vault
-          gem-credentials-env-name: $RUBYGEMS_API_KEY
-
-workflows:
-  run-tests:
-    jobs:
-      - test:
-          filters:
-            tags:
-              only: /^v[0-9]+\.[0-9]+\.[0-9]+.*/
-          matrix:
-            parameters:
-              ruby-version: ["2.7.1", "2.6", "2.5"]
-              vault-version: ["1.5.0", "1.4.2", "1.4.1", "1.4.0", "1.3.6"]
-          name: test-ruby-<< matrix.ruby-version >>-vault-<< matrix.vault-version >>
-      - build-release:
-          requires:
-            - test
-          context: vault-gem-release
-          filters:
-            tags:
-              only: /^v[0-9]+\.[0-9]+\.[0-9]+.*/ 
-            branches:
-              ignore: /.*/

data/.gitignore

@@ -1,42 +0,0 @@
-### Ruby ###
-*.gem
-*.rbc
-/.config
-/.vscode
-/coverage/
-/InstalledFiles
-/pkg/
-/spec/reports/
-/test/tmp/
-/test/version_tmp/
-/tmp/
-/vendor/bundle/
-/vendor/ruby/
-
-## Specific to RubyMotion:
-.dat*
-.repl_history
-build/
-
-## Documentation cache and generated files:
-/.yardoc/
-/_yardoc/
-/doc/
-/rdoc/
-
-## Environment normalisation:
-/.bundle/
-/vendor/bundle
-/lib/bundler/man/
-
-# for a library or gem, you might want to ignore these files since the code is
-# intended to run in multiple environments; otherwise, check them in:
-Gemfile.lock
-.ruby-version
-.ruby-gemset
-
-# unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
-.rvmrc
-
-# Project-specific
-spec/tmp

data/.rspec

@@ -1,2 +0,0 @@
---format documentation
---color

data/Gemfile

@@ -1,3 +0,0 @@
-source "https://rubygems.org"
-
-gemspec

data/Rakefile

@@ -1,6 +0,0 @@
-require "bundler/gem_tasks"
-require "rspec/core/rake_task"
-
-RSpec::Core::RakeTask.new(:spec)
-
-task default: :spec

data/vault.gemspec

@@ -1,30 +0,0 @@
-# coding: utf-8
-lib = File.expand_path("../lib", __FILE__)
-$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require "vault/version"
-
-Gem::Specification.new do |spec|
-  spec.name          = "vault"
-  spec.version       = Vault::VERSION
-  spec.authors       = ["Seth Vargo"]
-  spec.email         = ["sethvargo@gmail.com"]
-  spec.licenses      = ["MPL-2.0"]
-
-  spec.summary       = "Vault is a Ruby API client for interacting with a Vault server."
-  spec.description   = spec.summary
-  spec.homepage      = "https://github.com/hashicorp/vault-ruby"
-
-  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
-  spec.bindir        = "exe"
-  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
-  spec.require_paths = ["lib"]
-
-  spec.add_runtime_dependency "aws-sigv4"
-
-  spec.add_development_dependency "bundler", "~> 2"
-  spec.add_development_dependency "pry",     "~> 0.13.1"
-  spec.add_development_dependency "rake",    "~> 12.0"
-  spec.add_development_dependency "rspec",   "~> 3.5"
-  spec.add_development_dependency "yard",    "~> 0.9.24"
-  spec.add_development_dependency "webmock", "~> 3.8.3"
-end