Module: Awsecrets

Defined in:
lib/awsecrets.rb,
lib/awsecrets/version.rb

Constant Summary collapse

VERSION = 
'1.6.0'

Class Method Summary collapse

Class Method Details

.load(profile: nil, region: nil, secrets_path: 'secrets.yml') ⇒ Object 



8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
 
# File 'lib/awsecrets.rb', line 8

def self.load(profile: nil, region: nil, secrets_path: 'secrets.yml')
  @profile = profile
  @secrets_path = secrets_path
  @region = region
  @credentials = nil

  # 1. Command Line Options
  load_options if load_method_args
  # 2. Environment Variables
  load_env
  # 3. YAML file (secrets.yml)
  load_yaml
  # 4. The AWS credentials file
  load_creds
  # 5. The CLI configuration file
  load_config

  Aws.config[:region] = @region
  Aws.config[:credentials] = @credentials
end

.load_configObject 



84
85
86
87
88
89
90
91
 
# File 'lib/awsecrets.rb', line 84

def self.load_config
  return unless @region.nil?
  @region = if AWSConfig[@profile] && AWSConfig[@profile]['region']
              AWSConfig[@profile]['region']
            else
              AWSConfig['default']['region']
            end
end

.load_credsObject 



79
80
81
82
 
# File 'lib/awsecrets.rb', line 79

def self.load_creds
  return unless @credentials.nil?
  @credentials = Aws::SharedCredentials.new(profile_name: nil)
end

.load_envObject 



50
51
52
53
54
55
56
57
58
59
60
61
62
63
 
# File 'lib/awsecrets.rb', line 50

def self.load_env
  @region = ENV['AWS_REGION'] unless @region
  @region = ENV['AWS_DEFAULT_REGION'] unless @region
  if @credentials.nil? && ENV['AWS_PROFILE']
    @credentials = Aws::SharedCredentials.new(profile_name: ENV['AWS_PROFILE'])
    @profile = ENV['AWS_PROFILE']
  end
  return unless @credentials.nil? && ENV['AWS_ACCESS_KEY_ID'] && ENV['AWS_SECRET_ACCESS_KEY']
  @credentials = Aws::Credentials.new(
    ENV['AWS_ACCESS_KEY_ID'],
    ENV['AWS_SECRET_ACCESS_KEY'],
    ENV['AWS_SESSION_TOKEN'] # Not necessary
  )
end

.load_method_argsObject 



29
30
31
32
33
34
 
# File 'lib/awsecrets.rb', line 29

def self.load_method_args
  return false unless @profile
  @region = AWSConfig[@profile]['region'] if AWSConfig[@profile]['region'] && @region.nil?
  @credentials = Aws::SharedCredentials.new(profile_name: @profile)
  true
end

.load_optionsObject 



36
37
38
39
40
41
42
43
44
45
46
47
48
 
# File 'lib/awsecrets.rb', line 36

def self.load_options
  opt = OptionParser.new
  opt.on('--profile PROFILE') { |v| @profile = v } unless @profile
  opt.on('--region REGION') { |v| @region = v } unless @region
  opt.on('--secrets_path SECRETS_PATH') { |v| @secrets_path = v } unless @secrets_path
  begin
    opt.parse!(ARGV)
  rescue OptionParser::InvalidOption
  end
  return unless @profile
  @region = AWSConfig[@profile]['region'] if AWSConfig[@profile]['region'] && @region.nil?
  @credentials = Aws::SharedCredentials.new(profile_name: @profile)
end

.load_yamlObject 



65
66
67
68
69
70
71
72
73
74
75
76
77
 
# File 'lib/awsecrets.rb', line 65

def self.load_yaml
  creds = YAML.load_file(@secrets_path) if File.exist?(@secrets_path)
  if @region.nil? && creds
    @region = creds['region'] if creds.include?('region')
  end
  return unless @credentials.nil? && creds &&
                creds.include?('aws_access_key_id') &&
                creds.include?('aws_secret_access_key')
  @credentials = Aws::Credentials.new(
    creds['aws_access_key_id'],
    creds['aws_secret_access_key']
  )
end