vault 0.15.0 → 0.16.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 267c85a379172af5c24fd3c3d4e14b9f07991e058f64933b3c56cc07036b053e
4
- data.tar.gz: 847ead8ea9965e449dfbf11e3447b240e5c016fbe90e177f1ba6adca0615ee18
3
+ metadata.gz: 46c570463a1aba190e789e5b2516b4140d48961611ff058235d3b9744e6a6b24
4
+ data.tar.gz: c84a96cf71d9f405281f56629e0fb68a6ce051740ea46da60e35cabf37d8b44e
5
5
  SHA512:
6
- metadata.gz: 744df9d7282b0f873f008667fbd9c5bd943eea362535cdf872598c5eb5cb9fa36bb91d182a2b3ad0a2877294c16e345d371b33998a83645ba4e6880b13980e0e
7
- data.tar.gz: 64ac03ddf3a2c5609e2224548353be0d9e640bfba1ec0ec0e215f541f2802db830238373a5b38fb15f77675d75717847468b8e5c2a1331cf609e87ca497e812a
6
+ metadata.gz: 98a20e963ec212e2269d1c28b581c24b356495789b4b37b20ebcb829c17904b518fc32f9cd2dadfcd59b957361410e7aa61f88e7ad419d72533d0ac1bd0ec68d
7
+ data.tar.gz: 35f0126a7e7ba6173662222a9006cd02bc2f78d6d674533546b68ad87420f99b1e26f1f160058b2a051c36a5faac219921ab24191f9165212ddc8f15c440e0a6
data/CHANGELOG.md CHANGED
@@ -1,5 +1,11 @@
1
1
  # Vault Ruby Changelog
2
2
 
3
+ ## v0.16.0 (??? ??, 2021)
4
+
5
+ IMPROVEMENTS
6
+
7
+ - The timeout used to get a connection from the connection pool that talks with vault is now configurable. Using `Vault.pool_timeout` or the env var `VAULT_POOL_TIMEOUT`.
8
+
3
9
  ## v0.15.0 (July 29, 2020)
4
10
 
5
11
  IMPROVEMENTS
data/README.md CHANGED
@@ -1,15 +1,17 @@
1
- Vault Ruby Client [![Build Status](https://secure.travis-ci.org/hashicorp/vault-ruby.svg)](http://travis-ci.org/hashicorp/vault-ruby)
1
+ Vault Ruby Client [![Build Status](https://circleci.com/gh/hashicorp/vault-ruby.svg?style=shield)](https://circleci.com/gh/hashicorp/vault-ruby)
2
2
  =================
3
3
 
4
4
  Vault is the official Ruby client for interacting with [Vault](https://vaultproject.io) by HashiCorp.
5
5
 
6
- **The documentation in this README corresponds to the master branch of the Vault Ruby client. It may contain unreleased features or different APIs than the most recently released version. Please see the Git tag that corresponds to your version of the Vault Ruby client for the proper documentation.**
6
+ **If you're viewing this README from GitHub on the `master` branch, know that it may contain unreleased features or
7
+ different APIs than the most recently released version. Please see the Git tag that corresponds to your version of the
8
+ Vault Ruby client for the proper documentation.**
7
9
 
8
10
  Quick Start
9
11
  -----------
10
12
  Install Ruby 2.0+: [Guide](https://www.ruby-lang.org/en/documentation/installation/).
11
13
 
12
- > Please note that Vault Ruby may work on older Ruby installations like Ruby 1.9, but you **should not** use these versions of Ruby when communicating with a Vault server. Ruby 1.9 has [reached EOL](https://www.ruby-lang.org/en/news/2014/01/10/ruby-1-9-3-will-end-on-2015/) and will no longer receive important security patches or maintenance updates. There _are known security vulnerabilities_ specifically around SSL ciphers, which this library uses to communicate with a Vault server. While many distros still ship with Ruby 1.9 as the default, you are **highly discouraged** from using this library on any version of Ruby lower than Ruby 2.0.
14
+ > Please note that as of Vault Ruby version 0.14.0 versions of Ruby prior to 2.0 are no longer supported.
13
15
 
14
16
  Install via Rubygems:
15
17
 
@@ -18,7 +20,7 @@ Install via Rubygems:
18
20
  or add it to your Gemfile if you're using Bundler:
19
21
 
20
22
  ```ruby
21
- gem "vault", "~> 0.1"
23
+ gem "vault"
22
24
  ```
23
25
 
24
26
  and then run the `bundle` command to install.
@@ -214,7 +216,7 @@ Development
214
216
  Important Notes:
215
217
 
216
218
  - **All new features must include test coverage.** At a bare minimum, Unit tests are required. It is preferred if you include integration tests as well.
217
- - **The tests must be be idempotent.** The HTTP calls made during a test should be able to be run over and over.
219
+ - **The tests must be idempotent.** The HTTP calls made during a test should be able to be run over and over.
218
220
  - **Tests are order independent.** The default RSpec configuration randomizes the test order, so this should not be a problem.
219
221
  - **Integration tests require Vault** Vault must be available in the path for the integration tests to pass.
220
222
  - **In order to be considered an integration test:** The test MUST use the `vault_test_client` or `vault_redirect_test_client` as the client. This spawns a process, or uses an already existing process from another test, to run against.
data/lib/vault/client.rb CHANGED
@@ -86,7 +86,7 @@ module Vault
86
86
  @lock.synchronize do
87
87
  return @nhp if @nhp
88
88
 
89
- @nhp = PersistentHTTP.new("vault-ruby", nil, pool_size)
89
+ @nhp = PersistentHTTP.new("vault-ruby", nil, pool_size, pool_timeout)
90
90
 
91
91
  if proxy_address
92
92
  proxy_uri = URI.parse "http://#{proxy_address}"
@@ -14,6 +14,7 @@ module Vault
14
14
  :proxy_port,
15
15
  :proxy_username,
16
16
  :pool_size,
17
+ :pool_timeout,
17
18
  :read_timeout,
18
19
  :ssl_ciphers,
19
20
  :ssl_pem_contents,
@@ -30,6 +30,9 @@ module Vault
30
30
  # The default size of the connection pool
31
31
  DEFAULT_POOL_SIZE = 16
32
32
 
33
+ # The default timeout in seconds for retrieving a connection from the connection pool
34
+ DEFAULT_POOL_TIMEOUT = 0.5
35
+
33
36
  # The set of exceptions that are detect and retried by default
34
37
  # with `with_retries`
35
38
  RETRIED_EXCEPTIONS = [HTTPServerError]
@@ -85,12 +88,22 @@ module Vault
85
88
  # @return Integer
86
89
  def pool_size
87
90
  if var = ENV["VAULT_POOL_SIZE"]
88
- return var.to_i
91
+ var.to_i
89
92
  else
90
93
  DEFAULT_POOL_SIZE
91
94
  end
92
95
  end
93
96
 
97
+ # The timeout for getting a connection from the connection pool that communicates with Vault
98
+ # @return Float
99
+ def pool_timeout
100
+ if var = ENV["VAULT_POOL_TIMEOUT"]
101
+ var.to_f
102
+ else
103
+ DEFAULT_POOL_TIMEOUT
104
+ end
105
+ end
106
+
94
107
  # The HTTP Proxy server address as a string
95
108
  # @return [String, nil]
96
109
  def proxy_address
@@ -202,11 +202,6 @@ class PersistentHTTP
202
202
 
203
203
  HAVE_OPENSSL = defined? OpenSSL::SSL # :nodoc:
204
204
 
205
- ##
206
- # The default connection pool size is 1/4 the allowed open files.
207
-
208
- DEFAULT_POOL_SIZE = 16
209
-
210
205
  ##
211
206
  # The version of PersistentHTTP you are using
212
207
 
@@ -505,7 +500,7 @@ class PersistentHTTP
505
500
  # Defaults to 1/4 the number of allowed file handles. You can have no more
506
501
  # than this many threads with active HTTP transactions.
507
502
 
508
- def initialize name=nil, proxy=nil, pool_size=DEFAULT_POOL_SIZE
503
+ def initialize name=nil, proxy=nil, pool_size=Vault::Defaults::DEFAULT_POOL_SIZE, pool_timeout=Vault::Defaults::DEFAULT_POOL_TIMEOUT
509
504
  @name = name
510
505
 
511
506
  @debug_output = nil
@@ -525,7 +520,7 @@ class PersistentHTTP
525
520
  @socket_options << [Socket::IPPROTO_TCP, Socket::TCP_NODELAY, 1] if
526
521
  Socket.const_defined? :TCP_NODELAY
527
522
 
528
- @pool = PersistentHTTP::Pool.new size: pool_size do |http_args|
523
+ @pool = PersistentHTTP::Pool.new size: pool_size, timeout: pool_timeout do |http_args|
529
524
  PersistentHTTP::Connection.new Net::HTTP, http_args, @ssl_generation
530
525
  end
531
526
 
@@ -31,7 +31,7 @@ class PersistentHTTP::Pool < Vault::ConnectionPool # :nodoc:
31
31
  stack = stacks[net_http_args]
32
32
 
33
33
  if stack.empty? then
34
- conn = @available.pop connection_args: net_http_args
34
+ conn = @available.pop @timeout, connection_args: net_http_args
35
35
  else
36
36
  conn = stack.last
37
37
  end
data/lib/vault/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Vault
2
- VERSION = "0.15.0"
2
+ VERSION = "0.16.0"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: vault
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.15.0
4
+ version: 0.16.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Seth Vargo
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2020-08-05 00:00:00.000000000 Z
11
+ date: 2021-03-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sigv4
@@ -115,14 +115,9 @@ executables: []
115
115
  extensions: []
116
116
  extra_rdoc_files: []
117
117
  files:
118
- - ".circleci/config.yml"
119
- - ".gitignore"
120
- - ".rspec"
121
118
  - CHANGELOG.md
122
- - Gemfile
123
119
  - LICENSE
124
120
  - README.md
125
- - Rakefile
126
121
  - lib/vault.rb
127
122
  - lib/vault/api.rb
128
123
  - lib/vault/api/approle.rb
@@ -165,7 +160,6 @@ files:
165
160
  - lib/vault/vendor/connection_pool/timed_stack.rb
166
161
  - lib/vault/vendor/connection_pool/version.rb
167
162
  - lib/vault/version.rb
168
- - vault.gemspec
169
163
  homepage: https://github.com/hashicorp/vault-ruby
170
164
  licenses:
171
165
  - MPL-2.0
@@ -178,14 +172,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
178
172
  requirements:
179
173
  - - ">="
180
174
  - !ruby/object:Gem::Version
181
- version: '0'
175
+ version: '2.0'
182
176
  required_rubygems_version: !ruby/object:Gem::Requirement
183
177
  requirements:
184
178
  - - ">="
185
179
  - !ruby/object:Gem::Version
186
180
  version: '0'
187
181
  requirements: []
188
- rubygems_version: 3.1.2
182
+ rubygems_version: 3.2.3
189
183
  signing_key:
190
184
  specification_version: 4
191
185
  summary: Vault is a Ruby API client for interacting with a Vault server.
data/.circleci/config.yml DELETED
@@ -1,85 +0,0 @@
1
- version: 2.1
2
-
3
- orbs:
4
- gem: zfhui/ruby-gem@0.2.1
5
-
6
- references:
7
- images:
8
- ubuntu: &UBUNTU_IMAGE ubuntu-1604:201903-01
9
-
10
- jobs:
11
- test:
12
- machine:
13
- image: *UBUNTU_IMAGE
14
- parameters:
15
- ruby-version:
16
- type: string
17
- vault-version:
18
- type: string
19
- steps:
20
- - checkout
21
- # Restore bundle cache
22
- - restore_cache:
23
- keys:
24
- - v1-dependencies-bundler-<< parameters.ruby-version >>-{{ checksum "vault.gemspec" }}
25
- # fallback to using the latest cache if no exact match is found
26
- - v1-dependencies-bundler-
27
- - run:
28
- name: Install vault
29
- command: |
30
- curl -sLo vault.zip https://releases.hashicorp.com/vault/<< parameters.vault-version >>/vault_<< parameters.vault-version >>_linux_amd64.zip
31
- unzip vault.zip
32
- mkdir -p ~/bin
33
- mv vault ~/bin
34
- export PATH="~/bin:$PATH"
35
- - run:
36
- name: Set ruby version
37
- command: |
38
- rvm install << parameters.ruby-version >>
39
- echo . $(rvm << parameters.ruby-version >> do rvm env --path) >> $BASH_ENV
40
- - run:
41
- name: Run tests
42
- command: |
43
- export VAULT_VERSION=<< parameters.vault-version >>
44
- ruby --version
45
- gem install bundler
46
- bundle -v
47
- bundle install --jobs=3 --retry=3 --path=vendor/bundle
48
- bundle exec rake
49
- # Store bundle cache
50
- - save_cache:
51
- key: v1-dependencies-bundler-<< parameters.ruby-version >>-{{ checksum "vault.gemspec" }}
52
- paths:
53
- - vendor/bundle
54
-
55
- build-release:
56
- working_directory: ~/repo
57
- executor: gem/default
58
- steps:
59
- - gem/build:
60
- gem-name: vault
61
- - gem/release:
62
- gem-name: vault
63
- gem-credentials-env-name: $RUBYGEMS_API_KEY
64
-
65
- workflows:
66
- run-tests:
67
- jobs:
68
- - test:
69
- filters:
70
- tags:
71
- only: /^v[0-9]+\.[0-9]+\.[0-9]+.*/
72
- matrix:
73
- parameters:
74
- ruby-version: ["2.7.1", "2.6", "2.5"]
75
- vault-version: ["1.5.0", "1.4.2", "1.4.1", "1.4.0", "1.3.6"]
76
- name: test-ruby-<< matrix.ruby-version >>-vault-<< matrix.vault-version >>
77
- - build-release:
78
- requires:
79
- - test
80
- context: vault-gem-release
81
- filters:
82
- tags:
83
- only: /^v[0-9]+\.[0-9]+\.[0-9]+.*/
84
- branches:
85
- ignore: /.*/
data/.gitignore DELETED
@@ -1,42 +0,0 @@
1
- ### Ruby ###
2
- *.gem
3
- *.rbc
4
- /.config
5
- /.vscode
6
- /coverage/
7
- /InstalledFiles
8
- /pkg/
9
- /spec/reports/
10
- /test/tmp/
11
- /test/version_tmp/
12
- /tmp/
13
- /vendor/bundle/
14
- /vendor/ruby/
15
-
16
- ## Specific to RubyMotion:
17
- .dat*
18
- .repl_history
19
- build/
20
-
21
- ## Documentation cache and generated files:
22
- /.yardoc/
23
- /_yardoc/
24
- /doc/
25
- /rdoc/
26
-
27
- ## Environment normalisation:
28
- /.bundle/
29
- /vendor/bundle
30
- /lib/bundler/man/
31
-
32
- # for a library or gem, you might want to ignore these files since the code is
33
- # intended to run in multiple environments; otherwise, check them in:
34
- Gemfile.lock
35
- .ruby-version
36
- .ruby-gemset
37
-
38
- # unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
39
- .rvmrc
40
-
41
- # Project-specific
42
- spec/tmp
data/.rspec DELETED
@@ -1,2 +0,0 @@
1
- --format documentation
2
- --color
data/Gemfile DELETED
@@ -1,3 +0,0 @@
1
- source "https://rubygems.org"
2
-
3
- gemspec
data/Rakefile DELETED
@@ -1,6 +0,0 @@
1
- require "bundler/gem_tasks"
2
- require "rspec/core/rake_task"
3
-
4
- RSpec::Core::RakeTask.new(:spec)
5
-
6
- task default: :spec
data/vault.gemspec DELETED
@@ -1,30 +0,0 @@
1
- # coding: utf-8
2
- lib = File.expand_path("../lib", __FILE__)
3
- $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
- require "vault/version"
5
-
6
- Gem::Specification.new do |spec|
7
- spec.name = "vault"
8
- spec.version = Vault::VERSION
9
- spec.authors = ["Seth Vargo"]
10
- spec.email = ["sethvargo@gmail.com"]
11
- spec.licenses = ["MPL-2.0"]
12
-
13
- spec.summary = "Vault is a Ruby API client for interacting with a Vault server."
14
- spec.description = spec.summary
15
- spec.homepage = "https://github.com/hashicorp/vault-ruby"
16
-
17
- spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
18
- spec.bindir = "exe"
19
- spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
20
- spec.require_paths = ["lib"]
21
-
22
- spec.add_runtime_dependency "aws-sigv4"
23
-
24
- spec.add_development_dependency "bundler", "~> 2"
25
- spec.add_development_dependency "pry", "~> 0.13.1"
26
- spec.add_development_dependency "rake", "~> 12.0"
27
- spec.add_development_dependency "rspec", "~> 3.5"
28
- spec.add_development_dependency "yard", "~> 0.9.24"
29
- spec.add_development_dependency "webmock", "~> 3.8.3"
30
- end