bastille 0.0.1

data/.gitignore

@@ -0,0 +1,18 @@
+*.gem
+*.rbc
+.bundle
+.config
+.rbenv-*
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/.travis.yml

@@ -0,0 +1,12 @@
+language: ruby
+script: 'bundle exec cucumber'
+rvm:
+  - 1.9.3
+  - ruby-head
+  - ree
+  - rbx-18mode
+  - rbx-19mode
+matrix:
+  allow_failures:
+    - rvm: rbx-18mode
+    - rvm: rbx-19mode

data/Gemfile

@@ -0,0 +1,5 @@
+source 'https://rubygems.org'
+
+gemspec
+
+gem 'system_timer', :platform => :ruby_18

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2013 Ryan Moran
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,96 @@
+# Bastille
+Bastille is a fortress for your configuration. It is a way to store environment variables
+that you can use in your application in a distributable and secure way. Bastille consists
+of a few pieces, a server, a command-line client, and a Ruby API that give you the ability
+to store and retrieve these environment variables in a simple fashion. Since Bastille encrypts
+all of your configuration on the client-side, the server is a simple KV store backed up by Redis.
+The server has no way of decrypting your keys, so they will remain secure should the server ever
+be compromised.
+
+## Installation
+Add this line to your application's Gemfile:
+    
+    gem 'bastille'
+
+And then execute:
+    
+    $ bundle
+
+Or install it yourself as:
+    
+    $ gem install bastille
+
+## CLI Usage
+Here is what you can do with bastille:
+
+    $ bastille token new
+    This action will require you to authenticate with Github. Are you sure you want to generate a new token? yes
+    Github username: ryanmoran
+    Password:
+    Where is the bastille server?: http://localhost:9000
+    What should we call this bastille token? This can be anything: bastille
+    Your token has been generated and authorized with github. It is stored in ~/.bastille. <3
+
+    $ bastille token show
+    username : ryanmoran
+    token    : abc123
+    domain   : http://localhost:9000
+    name     : bastille
+    key      : sekret
+
+    $ bastille token validate
+    Validating your token with the bastille server...
+    Your token is valid. \m/
+
+    $ bastille vault list
+    ryanmoran:
+    optimis:
+
+    $ bastille vault set ryanmoran:bastille KEY=value
+    "KEY => value" has been added to the ryanmoran:bastille vault.
+
+    $ bastille vault list
+    ryanmoran:
+      bastille
+    optimis:
+
+    $ bastille vault get ryanmoran:bastille
+    KEY=value
+
+    $ bastille vault set ryanmoran:bastille RAILS_ENV=production
+    "RAILS_ENV => production" has been added to the ryanmoran:bastille vault.
+
+    $ bastille vault get ryanmoran:bastille
+    KEY=value
+    RAILS_ENV=production
+
+    $ bastille vault delete ryanmoran:bastille KEY
+    Are you sure you want to remove the KEY key from the ryanmoran:bastille vault? yes
+    OK!
+
+    $ bastille vault get ryanmoran:bastille
+    RAILS_ENV=production
+
+    $ bastille vault delete ryanmoran:bastille
+    Are you sure you want to delete the ryanmoran:bastille vault? yes
+    OK!
+
+    $ bastille vault list
+    ryanmoran:
+    optimis:
+
+## Server
+Hosting bastille is very simple. Here is an example `config.ru`.
+
+    require 'rubygems'
+    require 'bastille/server'
+
+    run Bastille::Server
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/bastille.gemspec

@@ -0,0 +1,33 @@
+# -*- encoding: utf-8 -*-
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'bastille/version'
+
+Gem::Specification.new do |gem|
+  gem.name          = 'bastille'
+  gem.version       = Bastille::VERSION
+  gem.authors       = ['Ryan Moran']
+  gem.email         = ['ryan.moran@gmail.com']
+  gem.description   = %q{KV Storage As a Service, LOLz}
+  gem.summary       = %q{KV Storage As a Service, LOLz}
+  gem.homepage      = 'https://github.com/ryanmoran/bastille'
+
+  gem.files         = `git ls-files`.split($/)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.require_paths = ['lib']
+
+  gem.add_dependency 'gibberish'
+  gem.add_dependency 'highline'
+  gem.add_dependency 'httparty'
+  gem.add_dependency 'multi_json'
+  gem.add_dependency 'octokit'
+  gem.add_dependency 'redis'
+  gem.add_dependency 'redis-namespace'
+  gem.add_dependency 'sinatra'
+  gem.add_dependency 'thor'
+
+  gem.add_development_dependency 'aruba'
+  gem.add_development_dependency 'mimic'
+  gem.add_development_dependency 'fakeredis'
+end

data/bin/bastille

@@ -0,0 +1,7 @@
+#!/usr/bin/env ruby
+# vim:set ft=ruby:
+
+require 'rubygems'
+require 'bastille/cli'
+
+Bastille::CLI::Executable.start

data/config.ru

@@ -0,0 +1,4 @@
+require 'rubygems'
+require 'bastille/server'
+
+run Bastille::Server

data/features/bastille.feature

@@ -0,0 +1,15 @@
+Feature: Run `bastille`
+  In order to view the commands available for this application
+  As a user
+  I want to have the `bastille` command print a lising of the subcommands it supports
+
+  Scenario: list all subcommands
+    When I run `bastille`
+    Then the output should contain:
+      """
+      Tasks:
+        bastille help [TASK]   # Describe available tasks or one specific task
+        bastille token [TASK]  # Provides the user with tools to create and view th...
+        bastille vault [TASK]  # Provides access to your vaults
+      """
+

data/features/support/aruba.rb

@@ -0,0 +1,7 @@
+require 'aruba/cucumber'
+
+Aruba.configure do |config|
+  config.before_cmd do |cmd|
+    set_env 'BASTILLE_STORE', '.bastille'
+  end
+end

data/features/support/octokit.rb

@@ -0,0 +1,69 @@
+require 'mimic'
+
+OCTOKIT_DOMAIN = 'http://localhost:9999'
+
+Aruba.configure do |config|
+  config.before_cmd do |cmd|
+    set_env 'OCTOKIT_API_ENDPOINT', OCTOKIT_DOMAIN
+    set_env 'OCTOKIT_WEB_ENDPOINT', OCTOKIT_DOMAIN
+  end
+end
+
+Mimic.mimic :port => 9999 do
+  set :rate_limit, 5000
+  set :raise_errors, Proc.new { false }
+  set :show_exceptions, false
+
+  before do
+    headers 'X-RateLimit-Limit'     => settings.rate_limit.to_s,
+            'X-RateLimit-Remaining' => (settings.rate_limit - 1).to_s,
+            'Content-Type'          => 'application/json'
+  end
+
+  after do
+    settings.rate_limit = settings.rate_limit - 1
+  end
+
+  post '/authorizations' do
+    headers 'Location' => "#{OCTOKIT_DOMAIN}/authorizations/1"
+    body = {
+      'id' => 1,
+      'url' => "#{OCTOKIT_DOMAIN}/authorizations/1",
+      'scopes' => [
+        'public_repo'
+      ],
+      'token' => 'abc123',
+      'app' => {
+        'url' => 'http://my-github-app.com',
+        'name' => 'my github app'
+      },
+      'note' => 'optional note',
+      'note_url' => 'http://optional/note/url',
+      'updated_at' => '2011-09-06T20:39:23Z',
+      'created_at' => '2011-09-06T17:26:27Z'
+    }.to_json
+    [201, headers, body]
+  end
+
+  get '/rate_limit' do
+    json = {
+      'rate' => {
+        'remaining' => (settings.rate_limit - 1),
+        'limit'     => settings.rate_limit
+      }
+    }.to_json
+    [200, headers, json]
+  end
+
+  get '/user/orgs' do
+    json =[
+      {
+        'login' => 'something',
+        'id'    => 2,
+        "url"   => "#{OCTOKIT_DOMAIN}/orgs/something"
+      }
+    ].to_json
+    [200, headers, json]
+  end
+
+end

data/features/support/server.rb

@@ -0,0 +1,55 @@
+require 'bastille/server'
+require 'fakeredis'
+
+module TestServer
+  extend self
+
+  HOST   = '127.0.0.1'
+  PORT   = 9000
+  SERVER = 'webrick'
+
+  def run!
+    @thread = Thread.fork do
+      ENV['RACK_ENV'] = 'test'
+      Rack::Server.start :app => Bastille::Server.new,
+        :Host      => HOST,
+        :Port      => PORT,
+        :server    => SERVER,
+        :Logger    => WEBrick::Log::new("/dev/null", 7),
+        :AccessLog => []
+    end
+    wait_for_service
+  end
+
+  def stop!
+    @thread.kill
+  end
+
+  def listening?
+    begin
+      socket = TCPSocket.new(HOST, PORT)
+      socket.close unless socket.nil?
+      true
+    rescue Errno::ECONNREFUSED, SocketError
+      false
+    end
+  end
+
+  def wait_for_service(timeout = 5)
+    start_time = Time.now
+
+    until listening?
+      if timeout && (Time.now > (start_time + timeout))
+        raise SocketError.new("Socket did not open within #{timeout} seconds")
+      end
+    end
+  end
+end
+
+at_exit do
+  TestServer.stop!
+end
+
+Octokit.api_endpoint = OCTOKIT_DOMAIN
+Octokit.web_endpoint = OCTOKIT_DOMAIN
+TestServer.run!

data/features/token.feature

@@ -0,0 +1,71 @@
+Feature: Run `bastille token`
+  In order to generate a valid token set for authenticating with the bastille server
+  As a user
+  I want to have the `bastille tokenize` command prompt me to authenticate with Github
+  And then serialize this the resulting OAuth token and data from Github
+  And store that data in a file at ~/.bastille
+
+  Scenario: list token subcommands
+    When I run `bastille token`
+    Then the output should contain:
+      """
+      Tasks:
+        bastille token delete          # Deletes the token
+        bastille token help [COMMAND]  # Describe subcommands or one specific subco...
+        bastille token new             # Generates an OAuth token from github to au...
+        bastille token show            # Prints your credentials out to the command...
+        bastille token validate        # Validates your token with the bastille ser...
+      """
+
+  Scenario: run `token new`, `token validate`, and `token delete`
+    When I run `bastille token new` interactively
+    And I wait for output to contain "Are you sure you want to generate a new token?"
+    And I type "yes"
+    And I wait for output to contain "Github username:"
+    And I type "mister.happy"
+    And I wait for output to contain "Password:"
+    And I type "sekret"
+    And I wait for output to contain "Where is the bastille server?"
+    And I type "http://localhost:9000"
+    And I wait for output to contain "What should we call this bastille token?"
+    And I type "banana"
+    Then the output should not contain "The username and password entered do not match."
+    And the exit status should be 0
+    And a file named ".bastille" should exist
+    When I run `bastille token validate`
+    Then the output should contain:
+      """
+      Validating your token with the bastille server...
+      Your token is valid. \m/
+      """
+    When I run `bastille token delete` interactively
+    And I wait for output to contain "Are you sure you want to delete your token? This cannot be undone."
+    And I type "yes"
+    Then a file named ".bastille" should not exist
+
+  Scenario: run `token show`
+    Given a file named ".bastille" with:
+      """
+      ---
+      :username: mister.happy
+      :token: abc123
+      :domain: http://localhost:9000
+      :name: banana
+      """
+    When I run `bastille token show`
+    Then the output should contain:
+      """
+        domain   : http://localhost:9000
+        name     : banana
+        token    : abc123
+        username : mister.happy
+      """
+    Then the exit status should be 0
+
+  Scenario: decide not to generate new token
+    When I run `bastille token new` interactively
+    And I wait for output to contain "Are you sure you want to generate a new token?"
+    And I type "no"
+    Then the output should not contain "Github username"
+    And the exit status should be 0
+

data/features/vault.feature

@@ -0,0 +1,79 @@
+Feature: Run `bastille tokenize`
+  In order to generate a valid token set for authenticating with the bastille server
+  As a user
+  I want to have the `bastille tokenize` command prompt me to authenticate with Github
+  And then serialize this the resulting OAuth token and data from Github
+  And store that data in a file at ~/.bastille
+
+  Background:
+    Given a file named ".bastille" with:
+      """
+      ---
+      :username: mister.happy
+      :token: abc123
+      :domain: http://localhost:9000
+      :name: banana
+      """
+
+  Scenario: list subcommands
+    When I run `bastille vault`
+    Then the output should contain:
+      """
+      Tasks:
+        bastille vault delete [SPACE]:[VAULT] (KEY)       # Deletes the given vault...
+        bastille vault get [SPACE]:[VAULT]                # Retrieves the contents ...
+        bastille vault help [COMMAND]                     # Describe subcommands or...
+        bastille vault list                               # List out existing vaults
+        bastille vault set [SPACE]:[VAULT] [KEY]=[VALUE]  # Sets a key in the given...
+      """
+
+  Scenario: list existing vaults
+    When I run `bastille vault list`
+    Then the output should contain:
+      """
+        mister.happy:
+        something:
+      """
+
+  Scenario: set and get a key from a vault, list vaults, delete vault
+    When I run `bastille vault set mister.happy:test RAILS_ENV=production`
+    Then the output should contain:
+      """
+      "RAILS_ENV => production" has been added to the mister.happy:test vault.
+      """
+    When I run `bastille vault get mister.happy:test`
+    Then the output should contain:
+      """
+      RAILS_ENV=production
+      """
+    When I run `bastille vault list`
+    Then the output should contain:
+      """
+        mister.happy:
+          test
+        something:
+      """
+    When I run `bastille vault delete mister.happy:test` interactively
+    And I wait for output to contain "Are you sure you want to delete the mister.happy:test vault?"
+    And I type "yes"
+    Then the output should contain "OK!"
+    When I run `bastille vault list`
+    Then the output should contain:
+      """
+        mister.happy:
+        something:
+      """
+
+  Scenario: try to get a vault you don't own
+    When I run `bastille vault get defunkt:resque`
+    Then the output should contain:
+    """
+    Github is saying that you are not the owner of this space. Your spaces are ["mister.happy", "something"]
+    """
+
+  Scenario: try to set a key you don't own
+    When I run `bastille vault set defunkt:resque BANANA=yummy`
+    Then the output should contain:
+    """
+    Github is saying that you are not the owner of this space. Your spaces are ["mister.happy", "something"]
+    """