capistrano-ejson 0.0.2 → 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +6 -3
  3. data/capistrano-ejson.gemspec +1 -1
  4. data/lib/capistrano/tasks/ejson.cap +19 -6
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: e9366476c75176473e7c18a3af1c77d8f0b306d3
4
- data.tar.gz: 83e0c2bafbc10b927f0cf99a5845bc2f5b941a19
3
+ metadata.gz: c75a5ea99c26f925da5027f2c67c87fdef37a224
4
+ data.tar.gz: 6c608aeca7b796b3513a353e41405d7e830d70d3
5
5
  SHA512:
6
- metadata.gz: a51bbc6ddb7be7d1c865996260c102fbc27ea9772a20641c8e8ee147465e6425c70f89656f070b1bc70bff9ae94959a90d28c22ae73df652f98e24d18a0dfaf5
7
- data.tar.gz: 0aa7dbba021fdf1cbcc540d509d3b58442b2cd21203b781c18de4060952102c069e7078762c63b460127c30aaaafbf94cb6bb08af1733fbe890c66f2812cbe9e
6
+ metadata.gz: 7983e551b2b57f5035af6f2e7d1ccaa6df4e9f5e038b954cb1e21eba5c2e38e17752af06c49f2ec4651e67f88b68955aa2f1cbb7240c32d9e7ea0bc42e31cbbc
7
+ data.tar.gz: 4d40a140b7857823171a366e9416c8de0dcf6798011689f70f23b199b721641f75611050aadb45a9ec058fdbf778b46da185c9f6d0efbe5c7ba14d89db159874
data/README.md CHANGED
@@ -26,14 +26,17 @@ Require in `Capfile` to use the default task:
26
26
  require 'capistrano/ejson'
27
27
  ```
28
28
 
29
- The task `ejson:upload_config_files` will run after `deploy:updated`.
29
+ The task `ejson:upload_config_file` will run after `deploy:updated`.
30
30
 
31
- By default any file ending in `.ejson` will be decrypted and uploaded. You can set which files to upload manually by doing
31
+ By default the file `config/secrets.ejson` will be decrypted to `config/secrets.json`. You can change this behavior by specifying the following config variables:
32
32
 
33
33
  ```ruby
34
- set :ejson_files, %w{config/keys.ejson}
34
+ set :ejson_file, "config/secrets.ejson"
35
+ set :ejson_output_file, "config/secrets.json"
35
36
  ```
36
37
 
38
+ By default `capistrano-ejson` decrypts the secrets file from the machine that does the deploy and then uploads the resulting config to the servers. You can set `:ejson_deploy_mode` to `:remote` to perform the decryption remotely, which will run something like `ejson decrypt -o config/secrets.json config/secrets.ejson` on the remote hosts. If you need to use `sudo` or `bundle exec`, you should use the [SSHKit command map](https://github.com/capistrano/sshkit#the-command-map).
39
+
37
40
  ## Contributing
38
41
 
39
42
  1. Fork it
data/capistrano-ejson.gemspec CHANGED
@@ -4,7 +4,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
4
 
5
5
  Gem::Specification.new do |spec|
6
6
  spec.name = "capistrano-ejson"
7
- spec.version = "0.0.2"
7
+ spec.version = "0.1.0"
8
8
  spec.authors = ["Bouke van der Bijl"]
9
9
  spec.email = ["bouke@shopify.com"]
10
10
  spec.description = spec.summary = %q{Automatic EJSON decryption for Capistrano}
data/lib/capistrano/tasks/ejson.cap CHANGED
@@ -3,28 +3,41 @@ require 'open3'
3
3
  namespace :ejson do
4
4
  desc "Decrypt and upload ejson config files"
5
5
 
6
- task :upload_config_files do
7
- fetch(:ejson_files).each do |ejson_file|
8
- json_file = ejson_file.sub(/\.ejson\z/, '.json')
6
+ task :upload_config_file do
7
+ ejson_file = fetch(:ejson_file)
8
+ ejson_output_file = fetch(:ejson_output_file)
9
+ ejson_deploy_mode = fetch(:ejson_deploy_mode)
9
10
 
11
+ case ejson_deploy_mode
12
+ when :local
10
13
  Open3.popen3('bundle', 'exec', 'ejson', 'decrypt', ejson_file) do |stdin, stdout, stderr, wait_thr|
11
14
  if wait_thr.value == 0
12
15
  contents = stdout.read
13
16
  on roles(:all) do
14
- upload! StringIO.new(contents), File.join(release_path, json_file)
17
+ upload! StringIO.new(contents), File.join(release_path, ejson_output_file)
15
18
  end
16
19
  else
17
20
  raise "Failed to decrypt file #{stderr.read}"
18
21
  end
19
22
  end
23
+ when :remote
24
+ on roles(:all) do
25
+ within release_path do
26
+ execute :ejson, :decrypt, "-o", ejson_output_file, ejson_file
27
+ end
28
+ end
29
+ else
30
+ raise "Unknown ejson_deploy_mode: #{ejson_deploy_mode.inspect}"
20
31
  end
21
32
  end
22
33
 
23
- after 'deploy:updated', 'ejson:upload_config_files'
34
+ after 'deploy:updated', 'ejson:upload_config_file'
24
35
  end
25
36
 
26
37
  namespace :load do
27
38
  task :defaults do
28
- set :ejson_files, -> { Dir["**/*.ejson"] }
39
+ set :ejson_file, 'config/secrets.ejson'
40
+ set :ejson_output_file, 'config/secrets.json'
41
+ set :ejson_deploy_mode, :local
29
42
  end
30
43
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: capistrano-ejson
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.2
4
+ version: 0.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Bouke van der Bijl