From 613081f4546fb4a84dc1671e5dbe8aec190b1f17 Mon Sep 17 00:00:00 2001 From: Kevin Blues Date: Wed, 4 Sep 2019 14:02:52 -0700 Subject: [PATCH 1/3] chore(Update rubocop version due to security issue): --- Gemfile.lock | 4 ++-- cloud_secret_env.gemspec | 2 +- lib/cloud_secret_env/version.rb | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 32c840e..8c43803 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,7 +1,7 @@ PATH remote: . specs: - cloud_secret_env (0.1.0) + cloud_secret_env (0.1.1) aws-sdk (~> 2) GEM @@ -63,7 +63,7 @@ DEPENDENCIES pry (~> 0.10) rake (~> 10.0) rspec (~> 3.0) - rubocop (~> 0.42) + rubocop (~> 0.49) BUNDLED WITH 1.17.3 diff --git a/cloud_secret_env.gemspec b/cloud_secret_env.gemspec index e83939b..9b3a5c2 100644 --- a/cloud_secret_env.gemspec +++ b/cloud_secret_env.gemspec @@ -24,6 +24,6 @@ Gem::Specification.new do |spec| spec.add_development_dependency 'pry', '~> 0.10' spec.add_development_dependency 'rake', '~> 10.0' spec.add_development_dependency 'rspec', '~> 3.0' - spec.add_development_dependency 'rubocop', '~> 0.42' + spec.add_development_dependency 'rubocop', '~> 0.49' spec.add_runtime_dependency 'aws-sdk', '~> 2' end diff --git a/lib/cloud_secret_env/version.rb b/lib/cloud_secret_env/version.rb index ff70cbf..25f12cd 100644 --- a/lib/cloud_secret_env/version.rb +++ b/lib/cloud_secret_env/version.rb @@ -1,5 +1,5 @@ # frozen_string_literal: true module CloudSecretEnv - VERSION = '0.1.0' + VERSION = '0.1.1' end From 1ff611076ddd32abdc7e6712f64c41fba93a7fd5 Mon Sep 17 00:00:00 2001 From: Kevin Blues Date: Thu, 5 Sep 2019 14:39:11 -0700 Subject: [PATCH 2/3] chore(dependency-versions): Bumps rubocop to 0.71 and adds build-base to dev docker image --- Dockerfile | 1 + Gemfile.lock | 20 ++++++++++---------- cloud_secret_env.gemspec | 2 +- 3 files changed, 12 insertions(+), 11 deletions(-) diff --git a/Dockerfile b/Dockerfile index 113b547..48b6d09 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,6 +3,7 @@ MAINTAINER Kevin Blues ARG DEPS="\ bash \ +build-base \ dumb-init \ git \ " diff --git a/Gemfile.lock b/Gemfile.lock index 8c43803..98fd450 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -20,12 +20,12 @@ GEM aws-eventstream (~> 1.0, >= 1.0.2) coderay (1.1.2) diff-lcs (1.3) + jaro_winkler (1.5.3) jmespath (1.4.0) method_source (0.9.2) - parallel (1.13.0) - parser (2.6.0.0) + parallel (1.17.0) + parser (2.6.4.0) ast (~> 2.4.0) - powerpack (0.1.2) pry (0.12.2) coderay (~> 1.1.0) method_source (~> 0.9.0) @@ -44,15 +44,15 @@ GEM diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.8.0) rspec-support (3.8.0) - rubocop (0.52.1) + rubocop (0.74.0) + jaro_winkler (~> 1.5.1) parallel (~> 1.10) - parser (>= 2.4.0.2, < 3.0) - powerpack (~> 0.1) + parser (>= 2.6) rainbow (>= 2.2.2, < 4.0) ruby-progressbar (~> 1.7) - unicode-display_width (~> 1.0, >= 1.0.1) - ruby-progressbar (1.10.0) - unicode-display_width (1.4.1) + unicode-display_width (>= 1.4.0, < 1.7) + ruby-progressbar (1.10.1) + unicode-display_width (1.6.0) PLATFORMS ruby @@ -63,7 +63,7 @@ DEPENDENCIES pry (~> 0.10) rake (~> 10.0) rspec (~> 3.0) - rubocop (~> 0.49) + rubocop (~> 0.71) BUNDLED WITH 1.17.3 diff --git a/cloud_secret_env.gemspec b/cloud_secret_env.gemspec index 9b3a5c2..e1982ce 100644 --- a/cloud_secret_env.gemspec +++ b/cloud_secret_env.gemspec @@ -24,6 +24,6 @@ Gem::Specification.new do |spec| spec.add_development_dependency 'pry', '~> 0.10' spec.add_development_dependency 'rake', '~> 10.0' spec.add_development_dependency 'rspec', '~> 3.0' - spec.add_development_dependency 'rubocop', '~> 0.49' + spec.add_development_dependency 'rubocop', '~> 0.71' spec.add_runtime_dependency 'aws-sdk', '~> 2' end From 78520a929cdb3497489bb0b9ef95d8a3491fa6b6 Mon Sep 17 00:00:00 2001 From: Kevin Blues Date: Thu, 5 Sep 2019 14:51:22 -0700 Subject: [PATCH 3/3] chore(.rubocop.yml): Update rubocop.yml to mimic current rails config without rails specifics --- .rubocop.yml | 148 ++++++------------ Gemfile.lock | 4 +- cloud_secret_env.gemspec | 4 +- lib/cloud_secret_env.rb | 38 ++--- lib/cloud_secret_env/config.rb | 1 + lib/cloud_secret_env/providers/aws.rb | 14 +- .../cloud_secret_env/cloud_secret_env_spec.rb | 2 + spec/cloud_secret_env/config_spec.rb | 6 +- spec/cloud_secret_env/providers/aws_spec.rb | 2 + 9 files changed, 86 insertions(+), 133 deletions(-) diff --git a/.rubocop.yml b/.rubocop.yml index c26cdf8..1f257a0 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,6 +1,3 @@ -AllCops: - TargetRubyVersion: 2.3 - ################## Layout ################################# Layout/AccessModifierIndentation: @@ -98,26 +95,26 @@ Layout/InitialIndentation: Checks the indentation of the first non-blank non-comment line in a file. Enabled: false -Layout/FirstParameterIndentation: - Description: 'Checks the indentation of the first parameter in a method call.' +Layout/IndentFirstArgument: + Description: 'Checks the indentation of the first argument in a method call.' Enabled: false Layout/IndentationConsistency: Description: 'Keep indentation straight.' - Enabled: false + EnforcedStyle: rails Layout/IndentationWidth: Description: 'Use 2 spaces for indentation.' StyleGuide: 'https://github.com/bbatsov/ruby-style-guide#spaces-indentation' Enabled: true -Layout/IndentArray: +Layout/IndentFirstArrayElement: Description: >- Checks the indentation of the first element in an array literal. Enabled: false -Layout/IndentHash: +Layout/IndentFirstHashElement: Description: 'Checks the indentation of the first key in a hash literal.' Enabled: false @@ -261,6 +258,27 @@ Layout/TrailingWhitespace: StyleGuide: 'https://github.com/bbatsov/ruby-style-guide#no-trailing-whitespace' Enabled: true +Layout/BlockAlignment: + Description: 'Align block ends correctly.' + Enabled: true + +Layout/ConditionPosition: + Description: >- + Checks for condition placed in a confusing position relative to + the keyword. + StyleGuide: 'https://github.com/bbatsov/ruby-style-guide#same-line-condition' + Enabled: true + +Layout/DefEndAlignment: + Description: 'Align ends corresponding to defs correctly.' + Enabled: true + AutoCorrect: true + +Layout/EndAlignment: + Description: 'Align ends correctly.' + Enabled: true + AutoCorrect: true + #################### Lint ################################ Lint/AmbiguousOperator: @@ -283,31 +301,15 @@ Lint/AssignmentInCondition: StyleGuide: 'https://github.com/bbatsov/ruby-style-guide#safe-assignment-in-condition' Enabled: true -Lint/BlockAlignment: - Description: 'Align block ends correctly.' - Enabled: true - Lint/CircularArgumentReference: Description: "Don't refer to the keyword argument in the default value." Enabled: true -Lint/ConditionPosition: - Description: >- - Checks for condition placed in a confusing position relative to - the keyword. - StyleGuide: 'https://github.com/bbatsov/ruby-style-guide#same-line-condition' - Enabled: true - Lint/Debugger: Description: 'Check for debugger calls.' AutoCorrect: false Enabled: true -Lint/DefEndAlignment: - Description: 'Align ends corresponding to defs correctly.' - Enabled: true - AutoCorrect: true - Lint/DeprecatedClassMethods: Description: 'Check for deprecated class method calls.' Enabled: true @@ -332,11 +334,6 @@ Lint/EmptyInterpolation: Description: 'Checks for empty string interpolation.' Enabled: true -Lint/EndAlignment: - Description: 'Align ends correctly.' - Enabled: true - AutoCorrect: true - Lint/EndInMethod: Description: 'END blocks should not be placed inside method definitions.' Enabled: true @@ -412,7 +409,7 @@ Lint/UnderscorePrefixedVariableName: Description: 'Do not use prefix `_` for a variable that is used.' Enabled: true -Lint/UnneededDisable: +Lint/UnneededCopDisableDirective: Description: >- Checks for rubocop:disable comments that can be removed. Note: this cop is not disabled when disabling all cops. @@ -458,6 +455,11 @@ Lint/Void: Description: 'Possible use of operator/literal/variable in void context.' Enabled: true +Lint/FlipFlop: + Description: 'Checks for flip flops' + StyleGuide: 'https://github.com/bbatsov/ruby-style-guide#no-flip-flops' + Enabled: true + ###################### Metrics #################################### Metrics/AbcSize: @@ -468,13 +470,6 @@ Metrics/AbcSize: Enabled: false Max: 20 -Metrics/BlockLength: - Description: 'Avoid blocks that are too large' - Enabled: true - Max: 25 - Exclude: - - spec/**/* - Metrics/BlockNesting: Description: 'Avoid excessive block nesting' StyleGuide: 'https://github.com/bbatsov/ruby-style-guide#three-is-the-number-thou-shalt-count' @@ -571,62 +566,6 @@ Naming/VariableName: StyleGuide: 'https://github.com/bbatsov/ruby-style-guide#snake-case-symbols-methods-vars' Enabled: true -##################### Performance ############################# - -Performance/Count: - Description: >- - Use `count` instead of `select...size`, `reject...size`, - `select...count`, `reject...count`, `select...length`, - and `reject...length`. - Enabled: true - -Performance/Detect: - Description: >- - Use `detect` instead of `select.first`, `find_all.first`, - `select.last`, and `find_all.last`. - Reference: 'https://github.com/JuanitoFatas/fast-ruby#enumerabledetect-vs-enumerableselectfirst-code' - Enabled: true - -Performance/FlatMap: - Description: >- - Use `Enumerable#flat_map` - instead of `Enumerable#map...Array#flatten(1)` - or `Enumberable#collect..Array#flatten(1)` - Reference: 'https://github.com/JuanitoFatas/fast-ruby#enumerablemaparrayflatten-vs-enumerableflat_map-code' - Enabled: true - EnabledForFlattenWithoutParams: false - # If enabled, this cop will warn about usages of - # `flatten` being called without any parameters. - # This can be dangerous since `flat_map` will only flatten 1 level, and - # `flatten` without any parameters can flatten multiple levels. - -Performance/ReverseEach: - Description: 'Use `reverse_each` instead of `reverse.each`.' - Reference: 'https://github.com/JuanitoFatas/fast-ruby#enumerablereverseeach-vs-enumerablereverse_each-code' - Enabled: true - -Performance/Sample: - Description: >- - Use `sample` instead of `shuffle.first`, - `shuffle.last`, and `shuffle[Fixnum]`. - Reference: 'https://github.com/JuanitoFatas/fast-ruby#arrayshufflefirst-vs-arraysample-code' - Enabled: true - -Performance/Size: - Description: >- - Use `size` instead of `count` for counting - the number of elements in `Array` and `Hash`. - Reference: 'https://github.com/JuanitoFatas/fast-ruby#arraycount-vs-arraysize-code' - Enabled: true - -Performance/StringReplacement: - Description: >- - Use `tr` instead of `gsub` when you are replacing the same - number of characters. Use `delete` instead of `gsub` when - you are deleting characters. - Reference: 'https://github.com/JuanitoFatas/fast-ruby#stringgsub-vs-stringtr-code' - Enabled: true - ##################### Rails ################################## Rails/ActionFilter: @@ -814,11 +753,6 @@ Style/EvenOdd: StyleGuide: 'https://github.com/bbatsov/ruby-style-guide#predicate-methods' Enabled: true -Style/FlipFlop: - Description: 'Checks for flip flops' - StyleGuide: 'https://github.com/bbatsov/ruby-style-guide#no-flip-flops' - Enabled: true - Style/For: Description: 'Checks use of for or each in multiline loops.' StyleGuide: 'https://github.com/bbatsov/ruby-style-guide#no-for-loops' @@ -1116,8 +1050,13 @@ Style/TrailingCommaInArguments: StyleGuide: 'https://github.com/bbatsov/ruby-style-guide#no-trailing-params-comma' Enabled: true -Style/TrailingCommaInLiteral: - Description: 'Checks for trailing comma in literals.' +Style/TrailingCommaInArrayLiteral: + Description: 'Checks for trailing comma in array literals.' + StyleGuide: 'https://github.com/bbatsov/ruby-style-guide#no-trailing-array-commas' + Enabled: true + +Style/TrailingCommaInHashLiteral: + Description: 'Checks for trailing comma in hash literals.' StyleGuide: 'https://github.com/bbatsov/ruby-style-guide#no-trailing-array-commas' Enabled: true @@ -1175,4 +1114,11 @@ Style/WhileUntilModifier: Style/WordArray: Description: 'Use %w or %W for arrays of words.' StyleGuide: 'https://github.com/bbatsov/ruby-style-guide#percent-w' - Enabled: true \ No newline at end of file + Enabled: true + +Style/Sample: + Description: >- + Use `sample` instead of `shuffle.first`, + `shuffle.last`, and `shuffle[Fixnum]`. + Reference: 'https://github.com/JuanitoFatas/fast-ruby#arrayshufflefirst-vs-arraysample-code' + Enabled: true diff --git a/Gemfile.lock b/Gemfile.lock index 98fd450..03330eb 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -44,7 +44,7 @@ GEM diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.8.0) rspec-support (3.8.0) - rubocop (0.74.0) + rubocop (0.71.0) jaro_winkler (~> 1.5.1) parallel (~> 1.10) parser (>= 2.6) @@ -63,7 +63,7 @@ DEPENDENCIES pry (~> 0.10) rake (~> 10.0) rspec (~> 3.0) - rubocop (~> 0.71) + rubocop (= 0.71) BUNDLED WITH 1.17.3 diff --git a/cloud_secret_env.gemspec b/cloud_secret_env.gemspec index e1982ce..b1fa272 100644 --- a/cloud_secret_env.gemspec +++ b/cloud_secret_env.gemspec @@ -1,6 +1,6 @@ # frozen_string_literal: true -lib = File.expand_path('../lib', __FILE__) +lib = File.expand_path('lib', __dir__) $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib) require 'cloud_secret_env/version' @@ -24,6 +24,6 @@ Gem::Specification.new do |spec| spec.add_development_dependency 'pry', '~> 0.10' spec.add_development_dependency 'rake', '~> 10.0' spec.add_development_dependency 'rspec', '~> 3.0' - spec.add_development_dependency 'rubocop', '~> 0.71' + spec.add_development_dependency 'rubocop', '0.71' spec.add_runtime_dependency 'aws-sdk', '~> 2' end diff --git a/lib/cloud_secret_env.rb b/lib/cloud_secret_env.rb index 2bc63f2..e82c1c8 100644 --- a/lib/cloud_secret_env.rb +++ b/lib/cloud_secret_env.rb @@ -25,26 +25,26 @@ def run private - def provider - case @config.provider - when AWS_PROVIDER - Providers::AWS.new( - access_key: @config.access_key, - secret_key: @config.secret_key, - region: @config.region, - profile_name: @config.profile_name, - secret_ids: @config.secret_ids - ) + def provider + case @config.provider + when AWS_PROVIDER + Providers::AWS.new( + access_key: @config.access_key, + secret_key: @config.secret_key, + region: @config.region, + profile_name: @config.profile_name, + secret_ids: @config.secret_ids + ) + end end - end - def push_env!(secrets) - block = if @config.override - ->(k, v) { ENV[k] = v } - else - ->(k, v) { ENV[k] = v unless ENV[k] } - end - secrets.each(&block) - end + def push_env!(secrets) + block = if @config.override + ->(k, v) { ENV[k] = v } + else + ->(k, v) { ENV[k] = v unless ENV[k] } + end + secrets.each(&block) + end end end diff --git a/lib/cloud_secret_env/config.rb b/lib/cloud_secret_env/config.rb index a539512..b36a8cd 100644 --- a/lib/cloud_secret_env/config.rb +++ b/lib/cloud_secret_env/config.rb @@ -19,6 +19,7 @@ class ConfigValidationError < StandardError; end def provider=(provider) provider = provider.to_sym raise ProviderNotFound, "Provider '#{provider}' not found" unless ::CloudSecretEnv::PROVIDERS.include?(provider) + @provider = provider end diff --git a/lib/cloud_secret_env/providers/aws.rb b/lib/cloud_secret_env/providers/aws.rb index 162a463..380f048 100644 --- a/lib/cloud_secret_env/providers/aws.rb +++ b/lib/cloud_secret_env/providers/aws.rb @@ -47,13 +47,13 @@ def fetch_secrets! private - def initialize_secrets_manager! - options = { region: region } - options[:profile] = profile_name if profile_name - keys_exist = access_key && !access_key.empty? && secret_key && !secret_key.empty? - options[:credentials] = Aws::Credentials.new(access_key, secret_key) if keys_exist - @secrets_manager = Aws::SecretsManager::Client.new(options) - end + def initialize_secrets_manager! + options = { region: region } + options[:profile] = profile_name if profile_name + keys_exist = access_key && !access_key.empty? && secret_key && !secret_key.empty? + options[:credentials] = Aws::Credentials.new(access_key, secret_key) if keys_exist + @secrets_manager = Aws::SecretsManager::Client.new(options) + end end end end diff --git a/spec/cloud_secret_env/cloud_secret_env_spec.rb b/spec/cloud_secret_env/cloud_secret_env_spec.rb index fc3657c..e0b4b99 100644 --- a/spec/cloud_secret_env/cloud_secret_env_spec.rb +++ b/spec/cloud_secret_env/cloud_secret_env_spec.rb @@ -1,5 +1,6 @@ # frozen_string_literal: true +# rubocop:disable Metrics/BlockLength RSpec.describe CloudSecretEnv do it 'has a version number' do expect(described_class::VERSION).not_to be_nil @@ -64,3 +65,4 @@ end end end +# rubocop:enable Metrics/BlockLength diff --git a/spec/cloud_secret_env/config_spec.rb b/spec/cloud_secret_env/config_spec.rb index 01d1ca6..7c72033 100644 --- a/spec/cloud_secret_env/config_spec.rb +++ b/spec/cloud_secret_env/config_spec.rb @@ -1,5 +1,6 @@ # frozen_string_literal: true +# rubocop:disable Metrics/BlockLength RSpec.describe CloudSecretEnv::Config do let(:config) { described_class.new } @@ -52,8 +53,8 @@ def error_message subject - rescue described_class::ConfigValidationError => cve - cve.message + rescue described_class::ConfigValidationError => e + e.message end context 'provider is blank' do @@ -101,3 +102,4 @@ def error_message end end end +# rubocop:enable Metrics/BlockLength diff --git a/spec/cloud_secret_env/providers/aws_spec.rb b/spec/cloud_secret_env/providers/aws_spec.rb index fb2bdb3..7f15a69 100644 --- a/spec/cloud_secret_env/providers/aws_spec.rb +++ b/spec/cloud_secret_env/providers/aws_spec.rb @@ -1,5 +1,6 @@ # frozen_string_literal: true +# rubocop:disable Metrics/BlockLength RSpec.describe CloudSecretEnv::Providers::AWS do describe '#fetch_secrets!' do let!(:provider) do @@ -51,3 +52,4 @@ end end end +# rubocop:enable Metrics/BlockLength