RubyGems - vault - Versions diffs - 0.1.5 → 0.2.0 - Mend

vault 0.1.5 → 0.2.0

Files changed (10) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 8070f5204dc7fb565bfd50f5ba081fcd43b871ee
-  data.tar.gz: ee1b072bdf2cf41a886b35fcb765337bdb18b260
+  metadata.gz: 85725acc286dd2dc1e346442a4e528d7e11ae42e
+  data.tar.gz: 6344245bd60e54203151708b45134c9ae2201a51
 SHA512:
-  metadata.gz: a4ef3702182f75b6d33b48be4d93f3bb8c0ea66920bc9b63cbaa46be9983a934c2611728fef80260d591293d87b941a07904d5add95f65feebd9847efc8125d0
-  data.tar.gz: dbb8386139effe9ba92a6803e7f20074a0a1ae92fe527d113113f9d6f95495465ac4ab190e13ae6ff944ffc09f480ff251904cf1e9edaa274bb715a3908746ca
+  metadata.gz: 6d573f396ec086b8103a3d29750c92aa79c0dd0567c5eb511c60a2d9912ad9fb47ef7d4a7a43b910e480ba3742e61e24cd2df9b3fe30e215dfa8d5d22993da88
+  data.tar.gz: 558a0c41ef94a57da06b5bb40bdd34fb07d0367a0ccdf7b51edae9d53fbb28940a81abccd5b9eccd78474493424d7f259459fcc8c522da515f3af37a0e8d5b2d

data/CHANGELOG.md CHANGED

@@ -1,5 +1,16 @@
 # Vault Ruby Changelog
+## v0.2.0 (December 2, 2015)
+IMPROVEMENTS
+- Add support for retries (clients must opt-in) [GH-47]
+BUG FIXES
+- Fix redirection on POST/PUT [GH-40]
+- Use `$HOME` instead of `~` for shell expansion
 ## v0.1.5 (September 1, 2015)
 IMPROVEMENTS

data/Gemfile.lock CHANGED

@@ -1,13 +1,17 @@
 PATH
   remote: .
   specs:
-    vault (0.1.5)
+    vault (0.2.0)
 GEM
   remote: https://rubygems.org/
   specs:
+    addressable (2.3.8)
     coderay (1.1.0)
+    crack (0.4.2)
+      safe_yaml (~> 1.0.0)
     diff-lcs (1.2.5)
+    hashdiff (0.2.3)
     method_source (0.8.2)
     pry (0.10.1)
       coderay (~> 1.1.0)
@@ -27,7 +31,12 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.2.0)
     rspec-support (3.2.2)
+    safe_yaml (1.0.4)
     slop (3.6.0)
+    webmock (1.22.3)
+      addressable (>= 2.3.6)
+      crack (>= 0.3.2)
+      hashdiff
 PLATFORMS
   ruby
@@ -38,6 +47,7 @@ DEPENDENCIES
   rake (~> 10.0)
   rspec (~> 3.2)
   vault!
+  webmock (~> 1.22)
 BUNDLED WITH
    1.10.6

data/README.md CHANGED

@@ -3,6 +3,8 @@ Vault Ruby Client [![Build Status](https://secure.travis-ci.org/hashicorp/vault-
 Vault is the official Ruby client for interacting with [Vault](https://vaultproject.io) by HashiCorp.
+**The documentation in this README corresponds to the master branch of the Vault Ruby client. It may contain unreleased features or different APIs than the most recently released version. Please see the Git tag that corresponds to your version of the Vault Ruby client for the proper documentation.**
 Quick Start
 -----------
 Install Ruby 2.0+: [Guide](https://www.ruby-lang.org/en/documentation/installation/).
@@ -35,7 +37,7 @@ Usage
 The following configuration options are available:
 ```ruby
-Vault::Client.configure do |config|
+Vault.configure do |config|
   # The address of the Vault server, also read as ENV["VAULT_ADDR"]
   config.address = "https://127.0.0.1:8200"
@@ -76,6 +78,61 @@ client_2 = Vault::Client.new(address: "https://other-vault.mycompany.com")
 ### Making requests
 All of the methods and API calls are heavily documented with examples inline using YARD. In order to keep the examples versioned with the code, the README only lists a few examples for using the Vault gem. Please see the inline documentation for the full API documentation. The tests in the 'spec' directory are an additional source of examples.
+Idempotent requests can be wrapped with a `with_retries` clause to automatically retry on certain connection errors. For example, to retry on socket/network-level issues, you can do the following:
+```ruby
+Vault.with_retries(Vault::HTTPConnectionError) do
+  Vault.logical.read("secret/on_bad_network")
+end
+```
+To rescue particular HTTP exceptions:
+```ruby
+# Rescue 4xx errors
+Vault.with_retries(Vault::HTTPClientError) {}
+# Rescue 5xx errors
+Vault.with_retries(Vault::HTTPServerError) {}
+# Rescue all HTTP errors
+Vault.with_retries(Vault::HTTPError) {}
+```
+For advanced users, the first argument of the block is the attempt number and the second argument is the exception itself:
+```ruby
+Vault.with_retries(Vault::HTTPConnectionError, Vault::HTTPError) do |attempt, e|
+  log "Received exception #{e} from Vault - attempt #{attempt}"
+  Vault.logical.read("secret/bacon")
+end
+```
+The following options are available:
+```ruby
+# :attempts - The number of retries when communicating with the Vault server.
+#   The default value is 2.
+#
+# :base - The base interval for retry exponential backoff. The default value is
+#   0.05s.
+#
+# :max_wait - The maximum amount of time for a single exponential backoff to
+#   sleep. The default value is 2.0s.
+Vault.with_retries(Vault::HTTPError, attempts: 5) do
+  # ...
+end
+```
+After the number of retries have been exhausted, the original exception is raised.
+```ruby
+Vault.with_retries(Exception) do
+  raise Exception
+end #=> #<Exception>
+```
 #### Seal Status
 ```ruby
 Vault.sys.seal_status

data/lib/vault/client.rb CHANGED

@@ -16,6 +16,9 @@ module Vault
     # The name of the header used to hold the Vault token.
     TOKEN_HEADER = "X-Vault-Token".freeze
+    # The name of the header used for redirection.
+    LOCATION_HEADER = "location".freeze
     # The default headers that are sent with every request.
     DEFAULT_HEADERS = {
       "Content-Type" => "application/json",
@@ -214,8 +217,7 @@ module Vault
           case response
           when Net::HTTPRedirection
-            redirect = URI.parse(response["location"])
-            request(verb, redirect, data, headers)
+            request(verb, response[LOCATION_HEADER], data, headers)
           when Net::HTTPSuccess
             success(response)
           else
@@ -313,18 +315,65 @@ module Vault
         raise MissingTokenError
       end
+      # Use the correct exception class
+      case response
+      when Net::HTTPClientError
+        klass = HTTPClientError
+      when Net::HTTPServerError
+        klass = HTTPServerError
+      else
+        klass = HTTPError
+      end
       if (response.content_type || '').include?("json")
         # Attempt to parse the error as JSON
         begin
           json = JSON.parse(response.body, JSON_PARSE_OPTIONS)
           if json[:errors]
-            raise HTTPError.new(address, response.code, json[:errors])
+            raise klass.new(address, response, json[:errors])
           end
         rescue JSON::ParserError; end
       end
-      raise HTTPError.new(address, response.code, [response.body])
+      raise klass.new(address, response, [response.body])
+    end
+    # Execute the given block with retries and exponential backoff.
+    #
+    # @param [Array<Exception>] rescued
+    #   the list of exceptions to rescue
+    def with_retries(*rescued, &block)
+      options      = rescued.last.is_a?(Hash) ? rescued.pop : {}
+      exception    = nil
+      retries      = 0
+      max_attempts = options[:attempts] || Defaults::RETRY_ATTEMPTS
+      backoff_base = options[:base]     || Defaults::RETRY_BASE
+      backoff_max  = options[:max_wait] || Defaults::RETRY_MAX_WAIT
+      begin
+        return yield retries
+      rescue *rescued => e
+        exception = e
+        retries += 1
+        raise if retries > max_attempts
+        # Calculate the exponential backoff combined with an element of
+        # randomness.
+        backoff = [backoff_base * (2 ** (retries - 1)), backoff_max].min
+        backoff = backoff * (0.5 * (1 + Kernel.rand))
+        # Ensure we are sleeping at least the minimum interval.
+        backoff = [backoff_base, backoff].max
+        # Exponential backoff.
+        Kernel.sleep(backoff)
+        # Now retry
+        retry
+      end
     end
   end
 end

data/lib/vault/defaults.rb CHANGED

@@ -8,13 +8,24 @@ module Vault
     # The path to the vault token on disk.
     # @return [String]
-    VAULT_DISK_TOKEN = Pathname.new("~/.vault-token").expand_path.freeze
+    VAULT_DISK_TOKEN = Pathname.new("#{ENV["HOME"]}/.vault-token").expand_path.freeze
     # The list of SSL ciphers to allow. You should not change this value unless
     # you absolutely know what you are doing!
     # @return [String]
     SSL_CIPHERS = "TLSv1.2:!aNULL:!eNULL".freeze
+    # The default number of attempts.
+    # @return [Fixnum]
+    RETRY_ATTEMPTS = 2
+    # The default backoff interval.
+    # @return [Fixnum]
+    RETRY_BASE = 0.05
+    # The maximum amount of time for a single exponential backoff to sleep.
+    RETRY_MAX_WAIT = 2.0
     class << self
       # The list of calculated options for this configurable.
       # @return [Hash]

data/lib/vault/errors.rb CHANGED

@@ -42,13 +42,18 @@ shown below:
 Please refer to the documentation for more help.
 EOH
     end
+    def original_exception
+      @exception
+    end
   end
   class HTTPError < VaultError
-    attr_reader :address, :code, :errors
+    attr_reader :address, :response, :code, :errors
-    def initialize(address, code, errors = [])
-      @address, @code, @errors = address, code.to_i, errors
+    def initialize(address, response, errors = [])
+      @address, @response, @errors = address, response, errors
+      @code  = response.code.to_i
       errors = errors.map { |error| "  * #{error}" }
       super <<-EOH
@@ -61,4 +66,7 @@ Please refer to the documentation for help.
 EOH
     end
   end
+  class HTTPClientError < HTTPError; end
+  class HTTPServerError < HTTPError; end
 end

data/lib/vault/version.rb CHANGED

@@ -1,3 +1,3 @@
 module Vault
-  VERSION = "0.1.5"
+  VERSION = "0.2.0"
 end

data/vault.gemspec CHANGED

@@ -23,4 +23,5 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "pry"
   spec.add_development_dependency "rake",    "~> 10.0"
   spec.add_development_dependency "rspec",   "~> 3.2"
+  spec.add_development_dependency "webmock", "~> 1.22"
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: vault
 version: !ruby/object:Gem::Version
-  version: 0.1.5
+  version: 0.2.0
 platform: ruby
 authors:
 - Seth Vargo
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2015-09-01 00:00:00.000000000 Z
+date: 2015-12-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -66,6 +66,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.2'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.22'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.22'
 description: Vault is a Ruby API client for interacting with a Vault server.
 email:
 - sethvargo@gmail.com