bard-new 0.1.0

data/spec/bard/new/provision/nginx_spec.rb

@@ -0,0 +1,81 @@
+require "spec_helper"
+require "bard/new/provision/base"
+require "bard/new/provision/nginx"
+
+describe Bard::Provision::Nginx do
+  let(:target) { double("target", project_name: "test_app") }
+  let(:config) { double("config", project_name: "test_app", :[] => target) }
+  let(:ssh_url) { "user@example.com" }
+  let(:provision_server) { double("provision_server") }
+  let(:nginx) { Bard::Provision::Nginx.new(config, ssh_url) }
+
+  before do
+    allow(nginx).to receive(:target).and_return(target)
+    allow(nginx).to receive(:provision_server).and_return(provision_server)
+    allow(provision_server).to receive_message_chain(:ssh_uri, :host).and_return("192.168.1.100")
+    allow(nginx).to receive(:print)
+    allow(nginx).to receive(:puts)
+    allow(nginx).to receive(:system)
+  end
+
+  describe "#call" do
+    context "when HTTP is not responding" do
+      it "installs nginx" do
+        allow(nginx).to receive(:http_responding?).and_return(false)
+        allow(nginx).to receive(:app_configured?).and_return(true)
+
+        expect(provision_server).to receive(:run!).with(/apt-get install -y nginx/, home: true)
+
+        nginx.call
+      end
+    end
+
+    context "when app is not configured" do
+      it "creates nginx config" do
+        allow(nginx).to receive(:http_responding?).and_return(true)
+        allow(nginx).to receive(:app_configured?).and_return(false)
+
+        expect(provision_server).to receive(:run!).with("bard setup")
+
+        nginx.call
+      end
+    end
+
+    context "when everything is already set up" do
+      it "skips installation and configuration" do
+        allow(nginx).to receive(:http_responding?).and_return(true)
+        allow(nginx).to receive(:app_configured?).and_return(true)
+
+        expect(provision_server).not_to receive(:run!)
+
+        nginx.call
+      end
+    end
+
+    it "prints status messages" do
+      allow(nginx).to receive(:http_responding?).and_return(true)
+      allow(nginx).to receive(:app_configured?).and_return(true)
+
+      expect(nginx).to receive(:print).with("Nginx:")
+      expect(nginx).to receive(:puts).with(" ✓")
+
+      nginx.call
+    end
+  end
+
+  describe "#http_responding?" do
+    it "checks if port 80 is responding on the remote" do
+      expect(provision_server).to receive(:run).with("nc -zv localhost 80 2>/dev/null", home: true, quiet: true)
+
+      nginx.http_responding?
+    end
+  end
+
+  describe "#app_configured?" do
+    it "checks if nginx config exists for the app" do
+      expect(provision_server).to receive(:run).with("[ -f /etc/nginx/sites-enabled/test_app ]", quiet: true)
+
+      nginx.app_configured?
+    end
+  end
+end

data/spec/bard/new/provision/repo_spec.rb

@@ -0,0 +1,208 @@
+require "spec_helper"
+require "bard/new/provision/base"
+require "bard/new/provision/repo"
+
+describe Bard::Provision::Repo do
+  let(:ssh_uri) { double("ssh_uri", user: "deploy", host: "example.com") }
+  let(:target) { double("target", ssh_uri: ssh_uri, project_name: "test_project") }
+  let(:config) { double("config", project_name: "test_project", :[] => target) }
+  let(:ssh_url) { "deploy@example.com" }
+  let(:provision_server) { double("provision_server") }
+  let(:github_api) { double("github_api") }
+  let(:repo_provisioner) { Bard::Provision::Repo.new(config, ssh_url) }
+
+  before do
+    allow(repo_provisioner).to receive(:target).and_return(target)
+    allow(repo_provisioner).to receive(:provision_server).and_return(provision_server)
+    allow(repo_provisioner).to receive(:print)
+    allow(repo_provisioner).to receive(:puts)
+    allow(Bard::Github).to receive(:new).and_return(github_api)
+  end
+
+  describe "#call" do
+    context "when repository is already cloned" do
+      context "when not on latest master" do
+        it "updates to latest master" do
+          allow(repo_provisioner).to receive(:already_cloned?).and_return(true)
+          allow(repo_provisioner).to receive(:on_latest_master?).and_return(false)
+
+          expect(repo_provisioner).to receive(:update_to_latest_master!)
+          expect(github_api).not_to receive(:add_deploy_key)
+
+          repo_provisioner.call
+        end
+
+        it "prints status message when updating to latest master" do
+          allow(repo_provisioner).to receive(:already_cloned?).and_return(true)
+          allow(repo_provisioner).to receive(:on_latest_master?).and_return(false)
+          allow(repo_provisioner).to receive(:update_to_latest_master!)
+
+          expect(repo_provisioner).to receive(:print).with("Repo:")
+          expect(repo_provisioner).to receive(:print).with(" Updating to latest master,")
+          expect(repo_provisioner).to receive(:puts).with(" ✓")
+
+          repo_provisioner.call
+        end
+      end
+
+      context "when already on latest master" do
+        it "skips update" do
+          allow(repo_provisioner).to receive(:already_cloned?).and_return(true)
+          allow(repo_provisioner).to receive(:on_latest_master?).and_return(true)
+
+          expect(repo_provisioner).not_to receive(:update_to_latest_master!)
+          expect(github_api).not_to receive(:add_deploy_key)
+
+          repo_provisioner.call
+        end
+
+        it "only prints repo header and checkbox" do
+          allow(repo_provisioner).to receive(:already_cloned?).and_return(true)
+          allow(repo_provisioner).to receive(:on_latest_master?).and_return(true)
+
+          expect(repo_provisioner).to receive(:print).with("Repo:")
+          expect(repo_provisioner).not_to receive(:print).with(" Updating to latest master,")
+          expect(repo_provisioner).to receive(:puts).with(" ✓")
+
+          repo_provisioner.call
+        end
+      end
+    end
+
+    context "when repository is not cloned but can be cloned" do
+      it "clones the repository directly" do
+        allow(repo_provisioner).to receive(:already_cloned?).and_return(false)
+        allow(repo_provisioner).to receive(:can_clone_project?).and_return(true)
+
+        expect(provision_server).to receive(:run!).with("git clone git@github.com:botandrosedesign/test_project", home: true)
+        expect(github_api).not_to receive(:add_deploy_key)
+
+        repo_provisioner.call
+      end
+    end
+
+    context "when repository cannot be cloned and SSH keypair exists" do
+      it "adds deploy key and clones repository" do
+        allow(repo_provisioner).to receive(:already_cloned?).and_return(false)
+        allow(repo_provisioner).to receive(:can_clone_project?).and_return(false)
+        allow(repo_provisioner).to receive(:ssh_keypair?).and_return(true)
+        allow(provision_server).to receive(:run).with("cat ~/.ssh/id_rsa.pub", home: true).and_return("ssh-rsa AAAAB3...")
+
+        expect(github_api).to receive(:add_deploy_key).with(title: "deploy@example.com", key: "ssh-rsa AAAAB3...")
+        expect(provision_server).to receive(:run!).with("git clone git@github.com:botandrosedesign/test_project", home: true)
+
+        repo_provisioner.call
+      end
+    end
+
+    context "when repository cannot be cloned and no SSH keypair exists" do
+      it "generates keypair, adds deploy key, and clones repository" do
+        allow(repo_provisioner).to receive(:already_cloned?).and_return(false)
+        allow(repo_provisioner).to receive(:can_clone_project?).and_return(false)
+        allow(repo_provisioner).to receive(:ssh_keypair?).and_return(false)
+        allow(provision_server).to receive(:run).with("cat ~/.ssh/id_rsa.pub", home: true).and_return("ssh-rsa AAAAB3...")
+
+        expect(provision_server).to receive(:run!).with('ssh-keygen -t rsa -b 2048 -f ~/.ssh/id_rsa -q -N ""', home: true)
+        expect(github_api).to receive(:add_deploy_key).with(title: "deploy@example.com", key: "ssh-rsa AAAAB3...")
+        expect(provision_server).to receive(:run!).with("git clone git@github.com:botandrosedesign/test_project", home: true)
+
+        repo_provisioner.call
+      end
+
+      it "prints status messages during setup" do
+        allow(repo_provisioner).to receive(:already_cloned?).and_return(false)
+        allow(repo_provisioner).to receive(:can_clone_project?).and_return(false)
+        allow(repo_provisioner).to receive(:ssh_keypair?).and_return(false)
+        allow(provision_server).to receive(:run).and_return("ssh-rsa AAAAB3...")
+        allow(provision_server).to receive(:run!)
+        allow(github_api).to receive(:add_deploy_key)
+
+        expect(repo_provisioner).to receive(:print).with("Repo:")
+        expect(repo_provisioner).to receive(:print).with(" Generating keypair in ~/.ssh,")
+        expect(repo_provisioner).to receive(:print).with(" Add public key to GitHub repo deploy keys,")
+        expect(repo_provisioner).to receive(:print).with(" Cloning repo,")
+        expect(repo_provisioner).to receive(:puts).with(" ✓")
+
+        repo_provisioner.call
+      end
+    end
+
+    it "always prints success message" do
+      allow(repo_provisioner).to receive(:already_cloned?).and_return(true)
+      allow(repo_provisioner).to receive(:on_latest_master?).and_return(true)
+
+      expect(repo_provisioner).to receive(:print).with("Repo:")
+      expect(repo_provisioner).to receive(:puts).with(" ✓")
+
+      repo_provisioner.call
+    end
+  end
+
+  describe "private methods" do
+    describe "#ssh_keypair?" do
+      it "checks if SSH public key exists" do
+        expect(provision_server).to receive(:run).with("[ -f ~/.ssh/id_rsa.pub ]", home: true, quiet: true)
+
+        repo_provisioner.send(:ssh_keypair?)
+      end
+    end
+
+    describe "#already_cloned?" do
+      it "checks if git directory exists" do
+        expect(provision_server).to receive(:run).with("[ -d ~/test_project/.git ]", home: true, quiet: true)
+
+        repo_provisioner.send(:already_cloned?)
+      end
+    end
+
+    describe "#can_clone_project?" do
+      it "tests if repository can be cloned" do
+        expected_commands = [
+          "needle=$(ssh-keyscan -t ed25519 github.com 2>/dev/null | cut -d \" \" -f 2-3)",
+          "grep -q \"$needle\" ~/.ssh/known_hosts || ssh-keyscan -H github.com >> ~/.ssh/known_hosts 2>/dev/null",
+          "git ls-remote git@github.com:botandrosedesign/test_project"
+        ].join("; ")
+
+        expect(provision_server).to receive(:run).with(expected_commands, home: true, quiet: true)
+
+        repo_provisioner.send(:can_clone_project?)
+      end
+    end
+
+    describe "#project_name" do
+      it "returns the config's project name" do
+        expect(repo_provisioner.send(:project_name)).to eq("test_project")
+      end
+    end
+
+    describe "#on_latest_master?" do
+      it "checks if current HEAD matches origin/master after fetching" do
+        expected_command = "cd ~/test_project && git fetch origin && [ $(git rev-parse HEAD) = $(git rev-parse origin/master) ]"
+        expect(provision_server).to receive(:run).with(expected_command, home: true, quiet: true)
+
+        repo_provisioner.send(:on_latest_master?)
+      end
+
+      it "returns true when on latest master" do
+        allow(provision_server).to receive(:run).and_return(true)
+
+        expect(repo_provisioner.send(:on_latest_master?)).to be true
+      end
+
+      it "returns false when not on latest master" do
+        allow(provision_server).to receive(:run).and_return(false)
+
+        expect(repo_provisioner.send(:on_latest_master?)).to be false
+      end
+    end
+
+    describe "#update_to_latest_master!" do
+      it "checks out master and resets to origin/master" do
+        expected_command = "cd ~/test_project && git checkout master && git reset --hard origin/master"
+        expect(provision_server).to receive(:run!).with(expected_command, home: true)
+
+        repo_provisioner.send(:update_to_latest_master!)
+      end
+    end
+  end
+end

data/spec/bard/new/provision/rvm_spec.rb

@@ -0,0 +1,49 @@
+require "spec_helper"
+require "bard/new/provision/base"
+require "bard/new/provision/rvm"
+
+describe Bard::Provision::RVM do
+  let(:config) { { production: double("production") } }
+  let(:ssh_url) { "user@example.com" }
+  let(:provision_server) { double("provision_server") }
+  let(:rvm) { Bard::Provision::RVM.new(config, ssh_url) }
+
+  before do
+    allow(rvm).to receive(:provision_server).and_return(provision_server)
+    allow(rvm).to receive(:print)
+    allow(rvm).to receive(:puts)
+    allow(File).to receive(:read).with(".ruby-version").and_return("3.2.0\n")
+  end
+
+  describe "#call" do
+    context "when RVM is not installed" do
+      it "installs RVM and Ruby" do
+        allow(provision_server).to receive(:run).with("[ -d ~/.rvm ]", quiet: true).and_return(false)
+
+        expect(provision_server).to receive(:run!).with(/sed -i.*bashrc/)
+        expect(provision_server).to receive(:run!).with("rvm install 3.2.0")
+
+        rvm.call
+      end
+    end
+
+    context "when RVM is already installed" do
+      it "skips installation" do
+        allow(provision_server).to receive(:run).with("[ -d ~/.rvm ]", quiet: true).and_return(true)
+
+        expect(provision_server).not_to receive(:run!)
+
+        rvm.call
+      end
+    end
+
+    it "prints status messages" do
+      allow(provision_server).to receive(:run).and_return(true)
+
+      expect(rvm).to receive(:print).with("RVM:")
+      expect(rvm).to receive(:puts).with(" ✓")
+
+      rvm.call
+    end
+  end
+end

data/spec/bard/new/provision/ssh_spec.rb

@@ -0,0 +1,242 @@
+require "spec_helper"
+require "bard/new/provision/base"
+require "bard/new/provision/ssh"
+
+describe Bard::Provision::SSH do
+  let(:ssh_uri) { double("ssh_uri", host: "example.com", port: 2222) }
+  let(:provision_ssh_uri) { double("provision_ssh_uri", host: "example.com", port: nil) }
+  let(:target) { double("target", ssh_uri: ssh_uri) }
+  let(:config) { { production: target } }
+  let(:ssh_url) { "user@example.com" }
+  let(:provision_server) { double("provision_server", ssh_uri: provision_ssh_uri) }
+  let(:ssh_provisioner) { Bard::Provision::SSH.new(config, ssh_url) }
+
+  before do
+    allow(ssh_provisioner).to receive(:target).and_return(target)
+    allow(ssh_provisioner).to receive(:provision_server).and_return(provision_server)
+    allow(ssh_provisioner).to receive(:print)
+    allow(ssh_provisioner).to receive(:puts)
+    allow(ssh_provisioner).to receive(:system)
+  end
+
+  describe "#call" do
+    context "when SSH is already available on target port" do
+      it "skips port reconfiguration but checks known hosts" do
+        allow(ssh_provisioner).to receive(:password_auth_enabled?).and_return(false)
+        allow(ssh_provisioner).to receive(:ssh_available?).with(provision_ssh_uri, port: 2222).and_return(true)
+        allow(ssh_provisioner).to receive(:ssh_known_host?).with(provision_ssh_uri).and_return(true)
+
+        expect(provision_server).not_to receive(:run!)
+
+        ssh_provisioner.call
+      end
+
+      it "adds to known hosts if not present" do
+        allow(ssh_provisioner).to receive(:password_auth_enabled?).and_return(false)
+        allow(ssh_provisioner).to receive(:ssh_available?).with(provision_ssh_uri, port: 2222).and_return(true)
+        allow(ssh_provisioner).to receive(:ssh_known_host?).with(provision_ssh_uri).and_return(false)
+
+        expect(ssh_provisioner).to receive(:add_ssh_known_host!).with(provision_ssh_uri)
+
+        ssh_provisioner.call
+      end
+    end
+
+    context "when SSH is not available on target port but available on default port" do
+      it "reconfigures SSH port and adds to known hosts" do
+        allow(ssh_provisioner).to receive(:password_auth_enabled?).and_return(false)
+        allow(ssh_provisioner).to receive(:ssh_available?).with(provision_ssh_uri, port: 2222).and_return(false, true)
+        allow(ssh_provisioner).to receive(:ssh_available?).with(provision_ssh_uri).and_return(true)
+        allow(ssh_provisioner).to receive(:ssh_known_host?).with(provision_ssh_uri).and_return(false)
+        allow(ssh_provisioner).to receive(:sleep)
+
+        expect(ssh_provisioner).to receive(:add_ssh_known_host!).with(provision_ssh_uri).twice
+        expect(provision_server).to receive(:run!).with(
+          'echo "Port 2222" | sudo tee /etc/ssh/sshd_config.d/port_2222.conf && sudo service ssh restart',
+          home: true
+        )
+
+        ssh_provisioner.call
+      end
+
+      it "raises if new port is not responding after reconfiguration" do
+        allow(ssh_provisioner).to receive(:password_auth_enabled?).and_return(false)
+        allow(ssh_provisioner).to receive(:ssh_available?).with(provision_ssh_uri, port: 2222).and_return(false)
+        allow(ssh_provisioner).to receive(:ssh_available?).with(provision_ssh_uri).and_return(true)
+        allow(ssh_provisioner).to receive(:ssh_known_host?).with(provision_ssh_uri).and_return(true)
+        allow(provision_server).to receive(:run!)
+        allow(ssh_provisioner).to receive(:sleep)
+
+        expect { ssh_provisioner.call }.to raise_error(/reconfigured SSH to port 2222 but it's not responding/)
+      end
+
+      it "prints status messages during reconfiguration" do
+        allow(ssh_provisioner).to receive(:password_auth_enabled?).and_return(false)
+        allow(ssh_provisioner).to receive(:ssh_available?).with(provision_ssh_uri, port: 2222).and_return(false, true)
+        allow(ssh_provisioner).to receive(:ssh_available?).with(provision_ssh_uri).and_return(true)
+        allow(ssh_provisioner).to receive(:ssh_known_host?).and_return(false)
+        allow(ssh_provisioner).to receive(:add_ssh_known_host!)
+        allow(provision_server).to receive(:run!)
+        allow(ssh_provisioner).to receive(:sleep)
+
+        expect(ssh_provisioner).to receive(:print).with("SSH:")
+        expect(ssh_provisioner).to receive(:print).with(" Adding known host,")
+        expect(ssh_provisioner).to receive(:print).with(" Reconfiguring port to 2222,")
+        expect(ssh_provisioner).to receive(:print).with(" Adding known host,")
+        expect(ssh_provisioner).to receive(:puts).with(" ✓")
+
+        ssh_provisioner.call
+      end
+    end
+
+    context "when SSH is not available on either port" do
+      it "raises an error" do
+        allow(ssh_provisioner).to receive(:password_auth_enabled?).and_return(false)
+        allow(ssh_provisioner).to receive(:ssh_available?).with(provision_ssh_uri, port: 2222).and_return(false)
+        allow(ssh_provisioner).to receive(:ssh_available?).with(provision_ssh_uri).and_return(false)
+
+        expect { ssh_provisioner.call }.to raise_error("can't find SSH on port 2222 or 22")
+      end
+    end
+
+    context "when password authentication is enabled" do
+      it "disables password authentication" do
+        allow(ssh_provisioner).to receive(:password_auth_enabled?).and_return(true)
+        allow(ssh_provisioner).to receive(:ssh_available?).with(provision_ssh_uri, port: 2222).and_return(true)
+        allow(ssh_provisioner).to receive(:ssh_known_host?).and_return(true)
+
+        expect(ssh_provisioner).to receive(:disable_password_auth!)
+
+        ssh_provisioner.call
+      end
+
+      it "prints status message when disabling password authentication" do
+        allow(ssh_provisioner).to receive(:password_auth_enabled?).and_return(true)
+        allow(ssh_provisioner).to receive(:disable_password_auth!)
+        allow(ssh_provisioner).to receive(:ssh_available?).with(provision_ssh_uri, port: 2222).and_return(true)
+        allow(ssh_provisioner).to receive(:ssh_known_host?).and_return(true)
+
+        expect(ssh_provisioner).to receive(:print).with("SSH:")
+        expect(ssh_provisioner).to receive(:print).with(" Disabling password authentication,")
+        expect(ssh_provisioner).to receive(:puts).with(" ✓")
+
+        ssh_provisioner.call
+      end
+    end
+
+    context "when password authentication is already disabled" do
+      it "skips disabling password authentication" do
+        allow(ssh_provisioner).to receive(:password_auth_enabled?).and_return(false)
+        allow(ssh_provisioner).to receive(:ssh_available?).with(provision_ssh_uri, port: 2222).and_return(true)
+        allow(ssh_provisioner).to receive(:ssh_known_host?).and_return(true)
+
+        expect(ssh_provisioner).not_to receive(:disable_password_auth!)
+
+        ssh_provisioner.call
+      end
+    end
+
+    it "updates the SSH URL with the target port" do
+      allow(ssh_provisioner).to receive(:password_auth_enabled?).and_return(false)
+      allow(ssh_provisioner).to receive(:ssh_available?).with(provision_ssh_uri, port: 2222).and_return(true)
+      allow(ssh_provisioner).to receive(:ssh_known_host?).and_return(true)
+
+      ssh_provisioner.call
+    end
+  end
+
+  describe "private methods" do
+    describe "#target_port" do
+      it "returns the target's SSH port" do
+        expect(ssh_provisioner.send(:target_port)).to eq(2222)
+      end
+
+      it "defaults to 22 if no port is specified" do
+        allow(ssh_uri).to receive(:port).and_return(nil)
+        expect(ssh_provisioner.send(:target_port)).to eq(22)
+      end
+    end
+
+    describe "#ssh_available?" do
+      it "tests SSH connectivity on specified port" do
+        expect(ssh_provisioner).to receive(:system).with("nc -zv example.com 2222 2>/dev/null")
+
+        ssh_provisioner.send(:ssh_available?, provision_ssh_uri, port: 2222)
+      end
+
+      it "uses SSH URI port if no port specified" do
+        allow(provision_ssh_uri).to receive(:port).and_return(2222)
+        expect(ssh_provisioner).to receive(:system).with("nc -zv example.com 2222 2>/dev/null")
+
+        ssh_provisioner.send(:ssh_available?, provision_ssh_uri)
+      end
+
+      it "defaults to port 22 if no port in URI or parameter" do
+        expect(ssh_provisioner).to receive(:system).with("nc -zv example.com 22 2>/dev/null")
+
+        ssh_provisioner.send(:ssh_available?, provision_ssh_uri)
+      end
+    end
+
+    describe "#ssh_known_host?" do
+      it "checks if host is in known_hosts file" do
+        expected_command = 'grep -q "$(ssh-keyscan -t ed25519 -p22 example.com 2>/dev/null | cut -d \' \' -f 2-3)" ~/.ssh/known_hosts'
+        expect(ssh_provisioner).to receive(:system).with(expected_command)
+
+        ssh_provisioner.send(:ssh_known_host?, provision_ssh_uri)
+      end
+    end
+
+    describe "#add_ssh_known_host!" do
+      it "adds host to known_hosts file" do
+        expected_command = "ssh-keyscan -p22 -H example.com >> ~/.ssh/known_hosts 2>/dev/null"
+        expect(ssh_provisioner).to receive(:system).with(expected_command)
+
+        ssh_provisioner.send(:add_ssh_known_host!, provision_ssh_uri)
+      end
+    end
+
+    describe "#password_auth_enabled?" do
+      it "returns true when password authentication is enabled" do
+        expect(provision_server).to receive(:run!).with(
+          %q{grep -E '^\s*PasswordAuthentication\s+yes' /etc/ssh/sshd_config /etc/ssh/sshd_config.d/*.conf 2>/dev/null || true},
+          home: true,
+          capture: true
+        ).and_return("PasswordAuthentication yes\n")
+
+        expect(ssh_provisioner.send(:password_auth_enabled?)).to be true
+      end
+
+      it "returns false when password authentication is disabled" do
+        expect(provision_server).to receive(:run!).with(
+          %q{grep -E '^\s*PasswordAuthentication\s+yes' /etc/ssh/sshd_config /etc/ssh/sshd_config.d/*.conf 2>/dev/null || true},
+          home: true,
+          capture: true
+        ).and_return("")
+
+        expect(ssh_provisioner.send(:password_auth_enabled?)).to be false
+      end
+
+      it "returns false when grep returns nil" do
+        expect(provision_server).to receive(:run!).with(
+          %q{grep -E '^\s*PasswordAuthentication\s+yes' /etc/ssh/sshd_config /etc/ssh/sshd_config.d/*.conf 2>/dev/null || true},
+          home: true,
+          capture: true
+        ).and_return(nil)
+
+        expect(ssh_provisioner.send(:password_auth_enabled?)).to be false
+      end
+    end
+
+    describe "#disable_password_auth!" do
+      it "creates sshd config file to disable password authentication and restarts ssh" do
+        expect(provision_server).to receive(:run!).with(
+          %q{echo "PasswordAuthentication no" | sudo tee /etc/ssh/sshd_config.d/disable_password_auth.conf && sudo service ssh restart},
+          home: true
+        )
+
+        ssh_provisioner.send(:disable_password_auth!)
+      end
+    end
+  end
+end

data/spec/bard/new/provision/swapfile_spec.rb

@@ -0,0 +1,33 @@
+require "spec_helper"
+require "bard/new/provision/base"
+require "bard/new/provision/swapfile"
+
+describe Bard::Provision::Swapfile do
+  let(:config) { { production: double("production") } }
+  let(:ssh_url) { "user@example.com" }
+  let(:provision_server) { double("provision_server") }
+  let(:swapfile) { Bard::Provision::Swapfile.new(config, ssh_url) }
+
+  before do
+    allow(swapfile).to receive(:provision_server).and_return(provision_server)
+    allow(swapfile).to receive(:print)
+    allow(swapfile).to receive(:puts)
+  end
+
+  describe "#call" do
+    it "sets up swapfile on the server" do
+      expect(provision_server).to receive(:run!).with(/if \[ ! -f \/swapfile \]/, home: true).ordered
+      expect(provision_server).to receive(:run!).with("sudo swapon --show | grep -q /swapfile", home: true).ordered
+
+      swapfile.call
+    end
+
+    it "prints status messages" do
+      allow(provision_server).to receive(:run!)
+      expect(swapfile).to receive(:print).with("Swapfile:")
+      expect(swapfile).to receive(:puts).with(" ✓")
+
+      swapfile.call
+    end
+  end
+end