capistrano-exfel 0.5.1 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ef45c51e824ccecc31a30329a3f3ba9472ebf557797bc9b272cb2144e766d66e
-  data.tar.gz: 65da7a715d907fb7ee55059e59b084ba0ba522ddc5418db861b55df2f4f1c01c
+  metadata.gz: b925c2c72a60f707c57e1a66498d002e195efb763b236d3abd78a9758bbc55e1
+  data.tar.gz: 177b21eaae35e49cecd409d30689297424e8fa4bca973258a6920076a2d996fa
 SHA512:
-  metadata.gz: a89d538459f63c0b6917be0a8c837c8a35f8b7b4e426e32fcb453b2f76acf9c9cba4443d9e35e49035a3ae36e48b4d1b426a48dcc2d273a40a4573c1440b644e
-  data.tar.gz: e246b7ef338052d8e8b06c3256c04c189422c44db1fef61975dfb5d9d79ef3feb7af81a9525ee64f5063a7a263ab4f38591fcb496151cac46916465ab1cb0da0
+  metadata.gz: 137afb3c169d97bc7379291d1b35dd1cef430ef5c6bd7c8e3cd99d727d1022b006a1537ebdbf2f3bdeced227df99d1f36b1faac22a11f264958e19f5ed2315bf
+  data.tar.gz: 169da8972bcbde299fa4d6e66feb483e5d4b3e550ab7a769b6d913f411aa8501368065b8ac8e8474d74ee2935f4d77a1d57ee384aee3197092f9f2f9da955fba

data/Gemfile

@@ -6,4 +6,4 @@ source 'https://rubygems.org'
 gemspec
 
 # Use Rubocop to validate ruby code syntax
-gem 'rubocop', '1.64.1', require: false, group: :development
+gem 'rubocop', '~> 1.71', require: false, group: :development

data/README.md

@@ -1,7 +1,7 @@
 # Capistrano::Exfel
 
 Deploys Ruby on Rails Applications in EuXFEL VMs using Capistrano3 throw username/password authentication.
-The standard EuXFEL VMs for web applications is Ubuntu 22 with Apache web server.
+The standard EuXFEL VMs for web applications is Ubuntu 22.04 with Apache web server.
 Installation of Phusion Passenger and RVM are also required to this gem.
 
 ## Installation
@@ -28,9 +28,9 @@ $ gem install capistrano-exfel
 
 ## Usage
 
-Add this line to your `Capfile` for Ubuntu 22 machines:
+Add this line to your `Capfile` for Ubuntu 22.04 machines:
 
-    # Load Ubuntu 14 tasks
+    # Load Ubuntu 22.04 tasks
     require 'capistrano/exfel/ubuntu22'
 
 This gem will reuse `capistrano-rails` and `capistrano-rvm` tasks to build the following tasks:
@@ -92,22 +92,36 @@ set :repo_url, 'exfl_git_server:/my_app_repo_path' # 'git@example.com:me/my_repo
 # Default value for :format is :pretty
 # set :format, :pretty
 
-# Default value for :log_level is :debug
-# set :log_level, :info
+# Default value for :log_level is :info
+# set :log_level, :debug
 
 # Default value for :linked_files is []
-# set :linked_files, %w(config/database.yml config/secrets.yml)
+# set :linked_files, %w(config/database.yml)
 
-# Default value for linked_dirs is []
-# set :linked_dirs, %w(bin log tmp/pids tmp/cache tmp/sockets vendor/bundle public/system)
+# Define value for linked_dirs
+append :linked_dirs, 'log', 'files',
+       'tmp/pids', 'tmp/cache', 'tmp/sockets',
+       'vendor/bundle', '.bundle',
+       'public/system', 'public/uploads'
+# append :linked_files, 'config/database.yml', 'config/secrets.yml'
 
 # Default value for keep_releases is 5
 # set :keep_releases, 5
 
 # RVM related information
-# set :rvm_type, :system
-set :rvm_ruby_version, '3.1.3' # If not specified will ask for it
+set :rvm_type, :system
+set :rvm_ruby_version, '3.3.0' # If not specified will ask for it
 # set :rvm_roles, [:app, :web]
+# set :rvm_custom_path, '~/.myveryownrvm'  # only needed if not detected
+
+# Default value for default_env is {}
+# set :default_env, { path: "/opt/ruby/bin:$PATH" }
+# set :default_env, { rvm_bin_path: '/usr/local/rvm/bin'}
+
+# Defaults to nil (no asset cleanup is performed)
+# If you use Rails 4+ and you'd like to clean up old assets after each deploy,
+# set this to the number of versions to keep
+set :keep_assets, 5
 ```
 
 As an example, to configure GIT plugin, add the following to the Capfile:

data/capistrano-exfel.gemspec

@@ -9,10 +9,9 @@ Gem::Specification.new do |spec|
   spec.version               = Capistrano::Exfel::VERSION
   spec.authors               = ['Luis Maia', 'Maurizio Manetti']
   spec.email                 = %w[luisgoncalo.maia@gmail.com maurizio.manetti@xfel.eu]
-  spec.summary               = 'Deploy Ruby on Rails 4, 5, 6 and 7 Applications in EuXFEL Virtual Machines'
+  spec.summary               = 'Deploy Ruby on Rails 4, 5, 6, 7 and 8 Applications in EuXFEL Virtual Machines'
   spec.description           = 'Deployment of Ruby on Rails Applications in EuXFEL Virtual Machines ' \
-                                '(Ubuntu 22.04 + Apache + RVM + Phusion Passenger) ' \
-                                'using Capistrano3 and LDAP'
+                                '(Ubuntu 22.04 + Apache + RVM + Phusion Passenger) '
   spec.homepage              = 'https://github.com/luismaia/capistrano-exfel'
   spec.license               = 'MIT'
 
@@ -20,6 +19,8 @@ Gem::Specification.new do |spec|
   spec.executables           = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
   spec.test_files            = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths         = ['lib']
+  spec.platform              = 'ruby'
+  spec.required_ruby_version = '>= 3.0'
 
   spec.add_development_dependency 'bundler', '~> 2.0'
   spec.add_development_dependency 'rake', '~> 13.0'

data/lib/capistrano/exfel/ubuntu22.rb

@@ -17,5 +17,5 @@ load File.expand_path('../tasks/app_home.rake', __dir__)
 load File.expand_path('../tasks/assets.rake', __dir__)
 load File.expand_path('../tasks/application.rake', __dir__)
 load File.expand_path('../tasks/database.rake', __dir__)
-load File.expand_path('../tasks/secrets.rake', __dir__)
+load File.expand_path('../tasks/config.rake', __dir__)
 load File.expand_path('../tasks/util.rake', __dir__)

data/lib/capistrano/exfel/version.rb

@@ -3,6 +3,6 @@
 module Capistrano
   # Capistrano::Exfel version information
   module Exfel
-    VERSION = '0.5.1'
+    VERSION = '0.6.0'
   end
 end

data/lib/capistrano/recipes/config/.env.example

@@ -0,0 +1 @@
+SECRET_KEY_BASE=___secret_that_must_be_replaced_after_deploy___

data/lib/capistrano/recipes/config/local.yml

@@ -0,0 +1,16 @@
+# local configuration to override config.yml
+
+development:
+
+# put here any override or subkey addition for development environment
+# e.g. for local development
+
+test:
+
+# put here any override or subkey addition for test environment
+# e.g. for running rspec locally
+
+production:
+
+# put here any override or subkey addition for production environment
+# e.g. for running production locally or in stage deployment

data/lib/capistrano/tasks/application.rake

@@ -10,7 +10,7 @@ namespace :application do
     invoke 'app_home:deploy_first_time_start_msg'
     invoke 'app_home:create_all'
     invoke 'database:configure_mysql'
-    invoke 'secrets:configure'
+    invoke 'config:configure'
     invoke 'apache:configure_and_start'
     invoke 'apache:check_write_permissions'
     invoke :deploy
@@ -25,7 +25,7 @@ namespace :application do
     # This is advisable to kill users cookies after the upgrade.
     # The consequence is that users will be logged out automatically from the Application after the upgrade.
     # This is important to avoid errors with old validity_token in forms
-    invoke 'secrets:update_app_secret'
+    invoke 'config:update_app_secret'
     invoke :deploy
     invoke 'app_home:correct_shared_permissions'
     invoke 'application:restart'
@@ -137,7 +137,7 @@ namespace :load do
     set :pty, -> { true }
 
     # Default value for :linked_files is []
-    set :linked_files, -> { %w[config/database.yml config/secrets.yml] }
+    set :linked_files, -> { %w[config/database.yml config/local.yml .env] }
 
     # Default value for linked_dirs is []
     set :linked_dirs, -> { %w[log tmp/pids tmp/sockets vendor/bundle public/system] }

data/lib/capistrano/tasks/config.rake

@@ -0,0 +1,117 @@
+# frozen_string_literal: true
+
+namespace :config do
+  desc 'Create .env and local in shared path'
+  task :configure do
+    set :env_file_path, "#{fetch(:shared_path)}/.env"
+    set :local_file_path, "#{fetch(:shared_path)}/config/local.yml"
+
+    invoke 'config:set_permissions_pre_update'
+    invoke 'config:set_config_files'
+    invoke 'config:replace_token'
+    invoke 'config:set_permissions_post_update'
+  end
+
+  desc 'Update Application secret in file .env'
+  task :update_app_secret do
+    set :env_file_path, "#{fetch(:shared_path)}/.env"
+    set :local_file_path, "#{fetch(:shared_path)}/config/local.yml"
+
+    invoke 'config:set_permissions_pre_update'
+    invoke 'config:replace_token'
+    invoke 'config:set_permissions_post_update'
+  end
+
+  # desc 'Set (create or replace) .env and local.yml in the shared path'
+  task :set_config_files do
+    on roles(:app), in: :sequence do
+      debug '#' * 50
+      debug 'Create and configure .env and local.yml file'
+      env_file_path = fetch(:env_file_path).to_s
+      local_file_path = fetch(:local_file_path).to_s
+
+      set :env_original_file_path, File.expand_path('../recipes/config/.env.example', __dir__)
+      set :local_original_file_path, File.expand_path('../recipes/config/local.yml', __dir__)
+
+      unless remote_file_exists?(env_file_path)
+        upload! StringIO.new(File.read(fetch(:env_original_file_path).to_s)), fetch(:env_file_path).to_s
+      end
+      unless remote_file_exists?(local_file_path)
+        upload! StringIO.new(File.read(fetch(:local_original_file_path).to_s)), fetch(:local_file_path).to_s
+      end
+
+      debug '#' * 50
+    end
+  end
+
+  # desc 'Replace the secure secret key in your .env'
+  task :replace_token do
+    on roles(:app), in: :sequence do
+      debug '#' * 50
+
+      pattern = 'SECRET_KEY_BASE=.*'
+      new_secret = "SECRET_KEY_BASE=#{fetch(:secrets_key_base)}"
+      env_file_path = fetch(:env_file_path).to_s
+
+      if remote_file_exists?(env_file_path)
+        num_occurrences = get_num_occurrences_in_file(env_file_path, pattern)
+
+        if num_occurrences.zero?
+          error "no secret token found in #{env_file_path}"
+          exit 1
+        end
+      else
+        error "file #{env_file_path} not found"
+        exit 1
+      end
+
+      command = "sed -i -e \"s/#{pattern}/#{new_secret}/g\" #{env_file_path}"
+      debug command
+      execute command
+
+      debug 'Secret token successfully replaced'
+      debug '#' * 50
+    end
+  end
+
+  # desc 'Correct .env file permissions before change the file'
+  task :set_permissions_pre_update do
+    on roles(:app) do
+      sudo_cmd = "echo '#{fetch(:password)}' | sudo -S"
+
+      debug '#' * 50
+
+      chmod_command = "chmod -f 777 #{fetch(:env_file_path)} || true"
+      debug chmod_command
+      execute "#{sudo_cmd} #{chmod_command}"
+
+      debug '#' * 50
+    end
+  end
+
+  # desc 'Correct .env file permissions after change the file and local.yml file permissions'
+  task :set_permissions_post_update do
+    on roles(:app) do
+      sudo_cmd = "echo '#{fetch(:password)}' | sudo -S"
+
+      debug '#' * 50
+
+      # Update .env and local.yml user and group owners
+      chown_command_env = "chown #{fetch(:app_user_owner)}.#{fetch(:app_group_owner)} #{fetch(:env_file_path)}"
+      chown_command_local = "chown #{fetch(:app_user_owner)}.#{fetch(:app_group_owner)} #{fetch(:local_file_path)}"
+      debug chown_command_env
+      execute "#{sudo_cmd} #{chown_command_env}"
+      debug chown_command_local
+      execute "#{sudo_cmd} #{chown_command_local}"
+
+      chmod_command_env = "chmod 440 #{fetch(:env_file_path)}"
+      chmod_command_local = "chmod 440 #{fetch(:local_file_path)}"
+      debug chmod_command_env
+      execute "#{sudo_cmd} #{chmod_command_env}"
+      debug chmod_command_local
+      execute "#{sudo_cmd} #{chmod_command_local}"
+
+      debug '#' * 50
+    end
+  end
+end

metadata

@@ -1,15 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: capistrano-exfel
 version: !ruby/object:Gem::Version
-  version: 0.5.1
+  version: 0.6.0
 platform: ruby
 authors:
 - Luis Maia
 - Maurizio Manetti
-autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-06-24 00:00:00.000000000 Z
+date: 2025-01-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -39,8 +38,8 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '13.0'
-description: Deployment of Ruby on Rails Applications in EuXFEL Virtual Machines (Ubuntu
-  22.04 + Apache + RVM + Phusion Passenger) using Capistrano3 and LDAP
+description: 'Deployment of Ruby on Rails Applications in EuXFEL Virtual Machines
+  (Ubuntu 22.04 + Apache + RVM + Phusion Passenger) '
 email:
 - luisgoncalo.maia@gmail.com
 - maurizio.manetti@xfel.eu
@@ -54,7 +53,6 @@ files:
 - LICENSE.txt
 - README.md
 - Rakefile
-- capistrano-exfel.gem
 - capistrano-exfel.gemspec
 - capistrano.graph
 - capistrano.png
@@ -62,22 +60,22 @@ files:
 - lib/capistrano/exfel/ubuntu22.rb
 - lib/capistrano/exfel/version.rb
 - lib/capistrano/recipes/apache/app_ssl.conf
+- lib/capistrano/recipes/config/.env.example
 - lib/capistrano/recipes/config/database_mysql.yml
 - lib/capistrano/recipes/config/database_postgresql.yml
 - lib/capistrano/recipes/config/database_sqlite.yml
-- lib/capistrano/recipes/config/secrets_example.yml
+- lib/capistrano/recipes/config/local.yml
 - lib/capistrano/tasks/apache.rake
 - lib/capistrano/tasks/app_home.rake
 - lib/capistrano/tasks/application.rake
 - lib/capistrano/tasks/assets.rake
+- lib/capistrano/tasks/config.rake
 - lib/capistrano/tasks/database.rake
-- lib/capistrano/tasks/secrets.rake
 - lib/capistrano/tasks/util.rake
 homepage: https://github.com/luismaia/capistrano-exfel
 licenses:
 - MIT
 metadata: {}
-post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -85,15 +83,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '3.0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.7
-signing_key:
+rubygems_version: 3.6.1
 specification_version: 4
-summary: Deploy Ruby on Rails 4, 5, 6 and 7 Applications in EuXFEL Virtual Machines
+summary: Deploy Ruby on Rails 4, 5, 6, 7 and 8 Applications in EuXFEL Virtual Machines
 test_files: []

data/lib/capistrano/recipes/config/secrets_example.yml

@@ -1,115 +0,0 @@
-# Be sure to restart your server when you modify this file.
-
-# Your secret key is used for verifying the integrity of signed cookies.
-# If you change this key, all old signed cookies will become invalid!
-
-# Make sure the secret is at least 30 characters and all random,
-# no regular words or you'll be exposed to dictionary attacks.
-# You can use `rake secret` to generate a secure secret key.
-
-# Make sure the secrets in this file are kept private
-# if you're sharing your code publicly.
-
-defaults: &defaults
-  # Application secret_key_base (run 'rake secret' to generate a new secret)
-  secret_key_base: '___secret_that_must_be_replaced_after_deploy___'
-
-  # Application name
-  app_name: '<<APP_NAME>>'
-
-  # Domain where the application is available including the http(s) protocol (e.g. <<APP_DOMAIN>>)
-  # Note that the final '/' character is mandatory
-  # Examples:
-  # * 'http://localhost:3000/'  - The application is available under 'localhost'
-  # * 'https://example.com/'    - The application is available under a server RackBaseURI
-  site_domain: '<<APP_DOMAIN>>'
-
-  # Sub domain where the application is available (e.g. my_app)
-  # Examples:
-  # * ""        - The application is available under '/' (the server root)
-  # * '/my_app' - The application is available under '/my_app'
-  app_sub_domain_uri: '/<<APP_NAME_URI>>' # guarantee that the leading slash is there if value isn't an empty String
-
-  # Sub domain to be applied to the Router
-  # Examples:
-  # * ""       - The application URI routing is done via HTTP Server (e.g. Apache or NGINX)
-  # * 'my_app' - The application URI routing must be done via code
-  routes_base_uri: ""
-
-  # Application full url to be used as config.action_mailer.default_url_options (e.g. https://example.com/my_app)
-  app_full_url: '<<APP_FULL_URL>>'
-
-  # Google Analytics code
-  google_analytics_code: 'UA-XXXXXXXX-Y'
-
-  #  # EMAIL CONFIGURATION
-  #  #
-  #  #  email_configuration = {
-  #  #    address: 'smtp.gmail.com',
-  #  #    port: 587,
-  #  #    user_name: 'email@gmail.com',
-  #  #    password: 'password',
-  #  #    authentication: 'plain',
-  #  #    enable_starttls_auto: true
-  #  #  }
-  #  #
-  #  email_delivery_method: :smtp
-  #  email_smtp_settings_address: 'smtp.gmail.com'
-  #  email_smtp_settings_port: 587
-  #  email_smtp_settings_user_name: 'email@gmail.com'
-  #  email_smtp_settings_password: 'password'
-  #  email_smtp_settings_authentication: 'plain'
-
-  #  #  email_configuration:
-  #  #    delivery_method: :smtp
-  #  #    smtp_settings:
-  #  #      address: 'smtp.example.com'
-  #  #      port: 25
-  #  #
-  email_delivery_method: :smtp
-  email_smtp_settings_address: 'smtp.example.com'
-  email_smtp_settings_port: 25
-
-  # OMNIAUTH
-  #
-  # The option will only be visible and work if the provider:
-  # 1) Is present in array 'active_providers'
-  # 2) It's API and SECRET (or TITLE) is not Blank
-  #
-  # active_providers: ['kerberos', 'twitter', 'google_oauth2', 'linkedin', 'facebook', 'github']
-  active_providers: ['ldap']
-  #
-  twitter_app_id: ""
-  twitter_app_secret: ""
-  google_app_id: ""
-  google_app_secret: ""
-  linkedin_app_id: ""
-  linkedin_app_secret: ""
-  facebook_app_id: ""
-  facebook_app_secret: ""
-  github_app_id: ""
-  github_app_secret: ""
-  kerberos_title: 'XFEL'
-  ldap_title: 'European-XFEL (LDAP)'
-  ldap:
-    host: 'it-ldap-slave.desy.de'
-    port: 1636
-    users_base_dn: 'ou=people,ou=RGY,o=DESY,c=DE'
-    groups_base_dn: 'ou=group,ou=RGY,o=DESY,c=DE'
-    user_id: 'uid'
-    ssl: true
-    encryption: # This configuration is only taken into account if 'ssl' is true!
-      method: :simple_tls # Default if nil: simple_tls
-      tls_options: '' # Default if nil: nil
-
-#
-development:
-  <<: *defaults
-
-#
-test:
-  <<: *defaults
-
-#
-production:
-  <<: *defaults

data/lib/capistrano/tasks/secrets.rake

@@ -1,109 +0,0 @@
-# frozen_string_literal: true
-
-namespace :secrets do
-  desc 'Create secrets.yml in shared path'
-  task :configure do
-    set :secrets_file_path, "#{fetch(:shared_path)}/config/secrets.yml"
-
-    invoke 'secrets:set_permissions_pre_update'
-    invoke 'secrets:set_secrets_file'
-    invoke 'secrets:replace_token'
-    invoke 'secrets:set_permissions_post_update'
-  end
-
-  desc 'Update Application secret in file secrets.yml'
-  task :update_app_secret do
-    set :secrets_file_path, "#{fetch(:shared_path)}/config/secrets.yml"
-
-    invoke 'secrets:set_permissions_pre_update'
-    invoke 'secrets:replace_token'
-    invoke 'secrets:set_permissions_post_update'
-  end
-
-  # desc 'Set (create or replace) secrets.yml in the shared path'
-  task :set_secrets_file do
-    on roles(:app), in: :sequence do
-      debug '#' * 50
-      debug 'Create and configure secrets.yml file'
-      secrets_file_path = fetch(:secrets_file_path).to_s
-
-      set :secrets_original_file_path, File.expand_path('../recipes/config/secrets_example.yml', __dir__)
-
-      unless remote_file_exists?(secrets_file_path)
-        upload! StringIO.new(File.read(fetch(:secrets_original_file_path).to_s)), fetch(:secrets_file_path).to_s
-      end
-
-      execute "sed -i 's|<<APP_NAME>>|#{fetch(:app_name)}|g' #{fetch(:secrets_file_path)}"
-      execute "sed -i 's|<<APP_DOMAIN>>|#{fetch(:app_domain)}|g' #{fetch(:secrets_file_path)}"
-      execute "sed -i 's|<<APP_NAME_URI>>|#{fetch(:app_name_uri)}|g' #{fetch(:secrets_file_path)}"
-      execute "sed -i 's|<<APP_FULL_URL>>|#{fetch(:app_full_url)}|g' #{fetch(:secrets_file_path)}"
-
-      debug '#' * 50
-    end
-  end
-
-  # desc 'Replace the secure secret key in your secrets.yml'
-  task :replace_token do
-    on roles(:app), in: :sequence do
-      debug '#' * 50
-
-      pattern = 'secret_key_base:.*'
-      new_secret = "secret_key_base: '#{fetch(:secrets_key_base)}'"
-      secrets_file_path = fetch(:secrets_file_path).to_s
-
-      if remote_file_exists?(secrets_file_path)
-        num_occurrences = get_num_occurrences_in_file(secrets_file_path, pattern)
-
-        if num_occurrences.zero?
-          error "no secret token found in #{secrets_file_path}"
-          exit 1
-        end
-      else
-        error "file #{secrets_file_path} not found"
-        exit 1
-      end
-
-      command = "sed -i -e \"s/#{pattern}/#{new_secret}/g\" #{secrets_file_path}"
-      debug command
-      execute command
-
-      debug 'Secret token successfully replaced'
-      debug '#' * 50
-    end
-  end
-
-  # desc 'Correct secrets.yml file permissions before change the file'
-  task :set_permissions_pre_update do
-    on roles(:app) do
-      sudo_cmd = "echo '#{fetch(:password)}' | sudo -S"
-
-      debug '#' * 50
-
-      chmod_command = "chmod -f 777 #{fetch(:secrets_file_path)} || true"
-      debug chmod_command
-      execute "#{sudo_cmd} #{chmod_command}"
-
-      debug '#' * 50
-    end
-  end
-
-  # desc 'Correct secrets.yml file permissions after change the file'
-  task :set_permissions_post_update do
-    on roles(:app) do
-      sudo_cmd = "echo '#{fetch(:password)}' | sudo -S"
-
-      debug '#' * 50
-
-      # Update database.yml user and group owners
-      chown_command = "chown #{fetch(:app_user_owner)}.#{fetch(:app_group_owner)} #{fetch(:secrets_file_path)}"
-      debug chown_command
-      execute "#{sudo_cmd} #{chown_command}"
-
-      chmod_command = "chmod 440 #{fetch(:secrets_file_path)}"
-      debug chmod_command
-      execute "#{sudo_cmd} #{chmod_command}"
-
-      debug '#' * 50
-    end
-  end
-end