Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/mileszim/chambermaid

Companion Ruby Gem for chamber cli
https://github.com/mileszim/chambermaid

aws aws-ssm chamber dotenv env parameter-store rails ruby ssm

Last synced: about 1 month ago
JSON representation

Companion Ruby Gem for chamber cli

Host: GitHub
URL: https://github.com/mileszim/chambermaid
Owner: mileszim
License: mit
Created: 2020-07-31T18:14:50.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2022-06-07T21:45:41.000Z (over 2 years ago)
Last Synced: 2024-11-29T08:46:27.948Z (about 2 months ago)
Topics: aws, aws-ssm, chamber, dotenv, env, parameter-store, rails, ruby, ssm
Language: Ruby
Homepage:
Size: 53.7 KB
Stars: 1
Watchers: 2
Forks: 0
Open Issues: 1
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE.txt
- Code of conduct: CODE_OF_CONDUCT.md

Awesome Lists containing this project

README

# Chambermaid [![Gem Version](https://badge.fury.io/rb/chambermaid.svg)](https://badge.fury.io/rb/chambermaid) [![Build Status](https://travis-ci.com/mileszim/chambermaid.svg?branch=master)](https://travis-ci.com/mileszim/chambermaid)

Companion RubyGem for [chamber](https://github.com/segmentio/chamber).

Chambermaid injects AWS SSM params into your ENV. Plays nice with other ENV gems like dotenv.

- [RubyDocs](https://rubydoc.info/gems/chambermaid)

## Installation

Add this line to your application's Gemfile:

```ruby
gem 'chambermaid'
```

And then execute:

$ bundle install

Or install it yourself as:

$ gem install chambermaid

## Usage

**Standalone**

```ruby
Chambermaid.add_namespace("/my/param/namespace")
Chambermaid.add_service("my-chamber-service")
```

**Configuration Block**

```ruby
# config/initializers/chambermaid.rb

Chambermaid.configure do |config|
# Load all values from SSM Namespace path
config.add_namespace("/my/param/namespace")

# Load values from chamber-cli service
config.add_service("my-chamber-service")

# Set `overload: true` to choose these params over existing
# ones in ENV when they are merged together
config.add_namespace("/my/important/namespace", overload: true)
end

# If this is standalone ruby (not a Rails environment),
# call `Chambermaid.load!` after the configuration block
#
# Chambermaid.load!
```

**Reload SSM into ENV**
```ruby
Chambermaid.reload!
```

**Restore ENV to original state**
```ruby
Chambermaid.restore!
Chambermaid.reset! # alias of .restore!
```

**Configure Logging**
```ruby
Chambermaid.configure do |config|
# ... other config ...

# Change log level
config.log_level = :debug

# Set custom logger instance
config.logger = MyCoolLogger.new
end

# Outside of config block
Chambermaid.log_level = :warn
```

_Note: Chambermaid.logger is set to Rails.logger automatically if including inside a rails app_

### AWS Authentication

Chambermaid expects your AWS credential configuration to live inside ENV on application load.

> **Note:** `AWS_DEFAULT_REGION` or `AWS_REGION` is **required**

You can use either:
* `AWS_ACCESS_KEY_ID`
* `AWS_SECRET_ACCESS_KEY`

or STS grants:
```bash
$ aws-vault exec my-user -- bundle exec rails server
```
> *See [aws-vault](https://github.com/99designs/aws-vault/blob/master/USAGE.md) docs for more info*

or a metadata endpoint grant:
* Available in attached Task or EC2 instance. *See [AWS Docs](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-metadata-endpoint.html) for more info.*
* Through aws-vault: `aws-vault exec -s my-user`

#### IAM Permissions Required

Since this is meant to work out of the box as a complement to [chamber cli](https://github.com/segmentio/chamber), it needs similar IAM permissions.

In this case, however, we can grant read-only to the namespace(s).
```json
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Action": "ssm:DescribeParameters",
"Resource": "*"
},
{
"Sid": "",
"Effect": "Allow",
"Action": [
"ssm:GetParametersByPath",
"ssm:GetParameters",
"ssm:GetParameter",
"kms:Decrypt"
],
"Resource": [
"arn:aws:ssm:us-east-1:1234567890:parameter/my-chamber-service",
"arn:aws:kms:us-east-1:1234567890:key/258574a1-cfce-4530-9e3c-d4b07cd04115"
]
}
]
}
```
> **Note:** `Resource` array MUST include the full ARN of the key id used for chamber cli
> *(Default alias is `parameter_store_key`)*

## Development

After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.

To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).

## Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/mileszim/chambermaid. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/mileszim/chambermaid/blob/master/CODE_OF_CONDUCT.md).

## License

The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

## Code of Conduct

Everyone interacting in the Chambermaid project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/mileszim/chambermaid/blob/master/CODE_OF_CONDUCT.md).