From ffdabb63f77e48825c8db50045eb6fdf5c23c83f Mon Sep 17 00:00:00 2001 From: Sim Date: Sun, 21 Jul 2024 15:43:06 +0800 Subject: [PATCH 1/3] Support Laravel 11 --- .github/run-tests-L7.yml | 45 ------------------- .../{run-tests-l10.yml => run-tests-l11.yml} | 41 ++++++++++++++--- composer.json | 6 +-- phpunit.xml.dist | 25 ++++++----- tests/ExampleTest.php | 3 +- 5 files changed, 55 insertions(+), 65 deletions(-) delete mode 100644 .github/run-tests-L7.yml rename .github/workflows/{run-tests-l10.yml => run-tests-l11.yml} (58%) diff --git a/.github/run-tests-L7.yml b/.github/run-tests-L7.yml deleted file mode 100644 index 173547d..0000000 --- a/.github/run-tests-L7.yml +++ /dev/null @@ -1,45 +0,0 @@ -name: "Run Tests - Older" - -on: [push, pull_request] - -jobs: - test: - - runs-on: ubuntu-latest - strategy: - fail-fast: false - matrix: - php: [8.0, 7.4, 7.3, 7.2, 7.1] - laravel: [7.*, 6.*] - dependency-version: [prefer-lowest, prefer-stable] - include: - - laravel: 7.* - testbench: 5.* - - laravel: 6.* - testbench: 4.* - - name: P${{ matrix.php }} - L${{ matrix.laravel }} - ${{ matrix.dependency-version }} - - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Cache dependencies - uses: actions/cache@v3 - with: - path: ~/.composer/cache/files - key: dependencies-laravel-${{ matrix.laravel }}-php-${{ matrix.php }}-composer-${{ hashFiles('composer.json') }} - - - name: Setup PHP - uses: shivammathur/setup-php@v2 - with: - php-version: ${{ matrix.php }} - extensions: curl, mbstring, zip, pcntl, pdo, sqlite, pdo_sqlite, iconv - coverage: none - - - name: Install dependencies - run: | - composer require "laravel/framework:${{ matrix.laravel }}" "orchestra/testbench:${{ matrix.testbench }}" "symfony/console:>=4.3.4" "mockery/mockery:^1.3.2" --no-interaction --no-update - composer update --${{ matrix.dependency-version }} --prefer-dist --no-interaction - - name: Execute tests - run: vendor/bin/phpunit diff --git a/.github/workflows/run-tests-l10.yml b/.github/workflows/run-tests-l11.yml similarity index 58% rename from .github/workflows/run-tests-l10.yml rename to .github/workflows/run-tests-l11.yml index a4f7162..8d92f7c 100644 --- a/.github/workflows/run-tests-l10.yml +++ b/.github/workflows/run-tests-l11.yml @@ -1,16 +1,15 @@ -name: "Run Tests - L10" +name: "Run Tests - L11" on: [push, pull_request] jobs: test: - runs-on: ubuntu-latest strategy: fail-fast: false matrix: - laravel: [8.*, 9.*, 10.*] - php: [8.1, 8.0, 7.4, 7.3] + laravel: [8.*, 9.*, 10.*, 11.*] + php: [8.3, 8.1, 8.0, 7.4, 7.3] dependency-version: [prefer-lowest, prefer-stable] include: - laravel: 8.* @@ -19,19 +18,37 @@ jobs: testbench: 7.* - laravel: 10.* testbench: 8.* + - laravel: 11.* + testbench: 9.* exclude: + - laravel: 8.* + php: 8.0 - laravel: 8.* php: 8.1 + - laravel: 8.* + php: 8.3 - laravel: 9.* php: 7.3 - laravel: 9.* php: 7.4 + - laravel: 9.* + php: 8.3 - laravel: 10.* php: 7.3 - laravel: 10.* php: 7.4 - laravel: 10.* php: 8.0 + - laravel: 10.* + php: 8.3 + - laravel: 11.* + php: 7.3 + - laravel: 11.* + php: 7.4 + - laravel: 11.* + php: 8.0 + - laravel: 11.* + php: 8.1 name: P${{ matrix.php }} - L${{ matrix.laravel }} - ${{ matrix.dependency-version }} @@ -49,12 +66,24 @@ jobs: uses: shivammathur/setup-php@v2 with: php-version: ${{ matrix.php }} - extensions: curl, mbstring, zip, pcntl, pdo, sqlite, pdo_sqlite, iconv + extensions: mbstring, zip, curl, pcntl, pdo, sqlite, pdo_sqlite, iconv, xdebug, mysqlnd, bcmath, bz2, dba, enchant, gd, gmp, igbinary, imagick, imap, intl, ldap, memcache, mongodb, msgpack, mysqli, odbc, pdo_dblib, pdo_firebird, pdo_mysql, pdo_odbc, pdo_pgsql, pdo_sqlsrv, pgsql, pspell, redis, snmp, soap, sqlsrv, tidy, yaml, zmq, memcached, ds + coverage: none + - name: Debug PHP Setup + run: | + php -v + php -m + - name: Install dependencies run: | composer require "laravel/framework:${{ matrix.laravel }}" "orchestra/testbench:${{ matrix.testbench }}" "symfony/console:>=4.3.4" "mockery/mockery:^1.3.2" --no-interaction --no-update composer update --${{ matrix.dependency-version }} --prefer-dist --no-interaction + + - name: Migrate PHPUnit Configuration + run: ./vendor/bin/phpunit --migrate-configuration || true + - name: Execute tests - run: vendor/bin/phpunit + run: | + vendor/bin/phpunit --no-coverage + diff --git a/composer.json b/composer.json index 505a4a7..8c322dd 100644 --- a/composer.json +++ b/composer.json @@ -16,13 +16,13 @@ } ], "require": { - "php": "^7.1 || ^7.3 || ^7.4 || ^8.0 || ^8.1", + "php": "^7.1 || ^7.3 || ^7.4 || ^8.0 || ^8.1 || ^8.3", "aws/aws-sdk-php": "^3.145 || ^3.219 || ^3.263", - "illuminate/support": "^6.0 || ^7.0 || ^8.0 || ^9.8 || ^10.6" + "illuminate/support": "^6.0 || ^7.0 || ^8.0 || ^9.8 || ^10.6 || ^11.0" }, "require-dev": { "orchestra/testbench": "^3.8 || ^5.0 || ^6.0 || ^7.4 || ^8.2", - "phpunit/phpunit": "^7.0||^8.4||^9.3.3" + "phpunit/phpunit": "^7.0 || ^8.4 || ^9.3.3 || ^11.0.1" }, "autoload": { "psr-4": { diff --git a/phpunit.xml.dist b/phpunit.xml.dist index 22fe879..3911e0b 100644 --- a/phpunit.xml.dist +++ b/phpunit.xml.dist @@ -1,5 +1,7 @@ -tests - - + + src/ - - + + + + + + + - - - - - + + + diff --git a/tests/ExampleTest.php b/tests/ExampleTest.php index efb49b3..3757aff 100644 --- a/tests/ExampleTest.php +++ b/tests/ExampleTest.php @@ -3,6 +3,7 @@ namespace Tapp\LaravelAwsSecretsManager\Tests; use Orchestra\Testbench\TestCase; +use PHPUnit\Framework\Attributes\Test; use Tapp\LaravelAwsSecretsManager\LaravelAwsSecretsManagerServiceProvider; class ExampleTest extends TestCase @@ -12,7 +13,7 @@ protected function getPackageProviders($app) return [LaravelAwsSecretsManagerServiceProvider::class]; } - /** @test */ + #[Test] public function true_is_true() { $this->assertTrue(true); From e2f84df64ea3dc3d42d44e7407dfb7ab5cdd7faa Mon Sep 17 00:00:00 2001 From: Sim Date: Sun, 21 Jul 2024 15:43:26 +0800 Subject: [PATCH 2/3] Use env() in config file --- config/config.php | 25 ++++++++++++++++--------- src/LaravelAwsSecretsManager.php | 6 ++++-- 2 files changed, 20 insertions(+), 11 deletions(-) diff --git a/config/config.php b/config/config.php index 85e4056..9ab58d2 100644 --- a/config/config.php +++ b/config/config.php @@ -36,9 +36,7 @@ | */ - 'enabled-environments' => [ - 'production', - ], + 'enabled-environments' => array_filter(explode(',', env('AWS_SECRETS_ENABLED_ENV', 'production'))), /* |-------------------------------------------------------------------------- @@ -48,10 +46,19 @@ | Some (not all) variables are set into the config, as such updating the env() will not overwrite | the config cached values. The variables below will overwrite the config. | + | Example: + | .env + | VARIABLES_CONFIG_KEYS=APP_KEY:app.key,OTHER_KEY:app.other_key + | */ - 'variables-config' => [ - 'APP_KEY' => 'app.key', - ], + + 'variables-config' => collect(array_filter(explode(',', env('AWS_SECRETS_VARIABLES_CONFIGS', '')))) + ->mapWithKeys(function ($pair) { + [$envKey, $configKey] = explode(':', $pair); + + return [$envKey => $configKey]; + }) + ->toArray(), /* |-------------------------------------------------------------------------- @@ -63,7 +70,7 @@ | */ - 'cache-enabled' => true, // boolean + 'cache-enabled' => env('AWS_SECRETS_CACHE_ENABLED', true), /* |-------------------------------------------------------------------------- @@ -74,7 +81,7 @@ | */ - 'cache-expiry' => 30, // minutes + 'cache-expiry' => env('AWS_SECRETS_CACHE_EXPIRY', 30), /* |-------------------------------------------------------------------------- @@ -86,7 +93,7 @@ | */ - 'cache-store' => 'file', + 'cache-store' => env('AWS_SECRETS_CACHE_STORE', 'file'), /* |-------------------------------------------------------------------------- diff --git a/src/LaravelAwsSecretsManager.php b/src/LaravelAwsSecretsManager.php index 6921d02..e9c40d3 100644 --- a/src/LaravelAwsSecretsManager.php +++ b/src/LaravelAwsSecretsManager.php @@ -15,8 +15,10 @@ class LaravelAwsSecretsManager protected $cacheExpiry; protected $cacheStore; protected $debug; - protected $enabledEnvironments; - protected $listTag; + protected array $enabledEnvironments; + protected bool $keyRotation; + protected string $listTagName = ''; + protected string $listTagValue = ''; public function __construct() { From 8c795eab7868d0883ee8ec49b7d3b1817849ea07 Mon Sep 17 00:00:00 2001 From: Sim Date: Wed, 24 Jul 2024 11:40:58 +0800 Subject: [PATCH 3/3] Update README with environment based configuration --- README.md | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/README.md b/README.md index 21e04f5..8da167f 100644 --- a/README.md +++ b/README.md @@ -32,6 +32,37 @@ AWS_SECRETS_TAG_VALUE=production `AWS_SECRETS_TAG_NAME` and `AWS_SECRETS_TAG_VALUE` are used to pull down all the secrets that match the tag key/value. +### Other Environment-based Configuration + +#### Enabled environments + +Specify which environments should have AWS Secrets enabled: + +`AWS_SECRETS_ENABLED_ENV=production,staging` + +Default: `production` + +#### Overwritable Variables Config + +Specify which variables should be able to overwrite the config using the `AWS_SECRETS_VARIABLES_CONFIGS` key in the `.env` file. The format is a comma-separated list of `ENV_VARIABLE_NAME:CONFIG_KEY` pairs. + +For example: + +`VARIABLES_CONFIG_KEYS=APP_KEY:app.key,OTHER_KEY:app.other_key` + +This setup allows `APP_KEY` to overwrite `app.key` in the config, and `OTHER_KEY` to overwrite `app.other_key`. + +Default Behavior: If `AWS_SECRETS_VARIABLES_CONFIGS` is not set or is empty, no variables will be set for config overwriting. + +#### Cache Settings + +For example: +``` +AWS_SECRETS_CACHE_ENABLED=true +AWS_SECRETS_CACHE_EXPIRY=60 +AWS_SECRETS_CACHE_STORE=file +``` + ### Setting up AWS Secrets 1. Store New Secret.