lib/awsecrets.rb in awsecrets-1.14.0 vs lib/awsecrets.rb in awsecrets-1.15.0

@@ -1,28 +1,24 @@
 require_relative 'awsecrets/version'
+require_relative 'awsecrets/utils'
 require 'optparse'
 require 'aws-sdk'
 require 'aws_config'
-require 'net/http'
 require 'yaml'
 
 module Awsecrets
+  include Misc
+
   def self.load(profile: nil, region: nil, secrets_path: nil, disable_load_secrets: false)
     @profile              = profile
     @region               = region
     @secrets_path         = secrets_path
     @disable_load_secrets = disable_load_secrets
     @disable_load_secrets = true if secrets_path == false
 
-    @credentials       = nil
-    @access_key_id     = nil
-    @secret_access_key = nil
-    @session_token     = nil
-    @role_arn          = nil
-    @external_id       = nil
-    @source_profile    = nil
-    @role_session_name = nil
+    @credentials = @access_key_id = @secret_access_key = @session_token = nil
+    @role_arn = @external_id = @source_profile = @role_session_name = nil
 
     # 1. Command Line Options
     load_options if load_method_args
     # 2. Environment Variables
     load_env
@@ -49,54 +45,57 @@
     opt.on('--secrets_path SECRETS_PATH') { |v| @secrets_path ||= v }
     begin
       opt.parse!(ARGV)
     rescue OptionParser::InvalidOption
     end
-    return unless @profile
+    return true unless @profile
     @region ||= AWSConfig[@profile]['region']
+    true
   end
 
   def self.load_env
     @region       ||= ENV['AWS_REGION']
     @region       ||= ENV['AWS_DEFAULT_REGION']
     @profile      ||= ENV['AWS_PROFILE']
     @secrets_path ||= ENV['AWS_SECRETS_PATH']
-    return if @access_key_id
+    return true if @access_key_id
     return unless ENV['AWS_ACCESS_KEY_ID'] && ENV['AWS_SECRET_ACCESS_KEY']
     @access_key_id     ||= ENV['AWS_ACCESS_KEY_ID']
     @secret_access_key ||= ENV['AWS_SECRET_ACCESS_KEY']
     @session_token     ||= ENV['AWS_SESSION_TOKEN']
+    true
   end
 
   def self.load_yaml
-    return if @disable_load_secrets
+    return false if @disable_load_secrets
     @secrets_path ||= 'secrets.yml'
     creds = YAML.load_file(@secrets_path) if File.exist?(File.expand_path(@secrets_path))
     @region ||= creds['region'] if creds && creds.include?('region')
-    return if @access_key_id
-    return unless creds &&
+    return true if @access_key_id
+    return true unless creds &&
                   creds.include?('aws_access_key_id') &&
                   creds.include?('aws_secret_access_key')
     @access_key_id     ||= creds['aws_access_key_id']
     @secret_access_key ||= creds['aws_secret_access_key']
     @session_token     ||= creds['aws_session_token'] if creds.include?('aws_session_token')
     @role_arn          ||= creds['role_arn'] if creds.include?('role_arn')
     @external_id       ||= creds['external_id'] if creds.include?('external_id')
     @role_session_name ||= creds['role_session_name'] if creds.include?('role_session_name')
 
-    return unless @role_arn
-    @role_session_name ||= generate_session_name
+    return true unless @role_arn
+    @role_session_name ||= Misc.generate_session_name
     @credentials ||= role_creds(
       client: Aws::STS::Client.new(
         region: @region,
         access_key_id: @access_key_id,
         secret_access_key: @secret_access_key
       ),
       role_arn: @role_arn,
       role_session_name: @role_session_name,
       external_id: @external_id
     )
+    true
   end
 
   def self.load_config
     @region ||= if AWSConfig[@profile] && AWSConfig[@profile]['region']
                   AWSConfig[@profile]['region']
@@ -113,11 +112,11 @@
   def self.set_aws_config
     @region ||= self.current_region
     Aws.config[:region] = @region
 
     if @role_arn && @source_profile
-      @role_session_name ||= generate_session_name
+      @role_session_name ||= Misc.generate_session_name
       region = if AWSConfig[@source_profile.name] && AWSConfig[@source_profile.name]['region']
                  AWSConfig[@source_profile.name]['region']
                else
                  AWSConfig['default']['region']
                end
@@ -136,20 +135,11 @@
     @credentials ||= Aws::SharedCredentials.new(profile_name: @profile) if @profile
     @credentials ||= Aws::SharedCredentials.new(profile_name: 'default') if AWSConfig['default'] && !@access_key_id
     @credentials ||= Aws::Credentials.new(@access_key_id, @secret_access_key, @session_token) if @access_key_id
     @credentials ||= Aws::InstanceProfileCredentials.new
 
+    Misc.validate_client
     Aws.config[:credentials] = @credentials
-  end
-
-  def self.generate_session_name
-    "awsecrets-session-#{Time.now.to_i}"
-  end
-
-  def self.current_region
-    metadata_endpoint = 'http://169.254.169.254/latest/meta-data/'
-    az = Net::HTTP.get(URI.parse(metadata_endpoint + 'placement/availability-zone'))
-    az[0...-1]
   end
 
   def self.role_creds(args)
     Aws::AssumeRoleCredentials.new(args)
   end