capistrano-one_time_key 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (12) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +17 -0
  3. data/Gemfile +4 -0
  4. data/LICENSE.txt +13 -0
  5. data/README.md +35 -0
  6. data/Rakefile +1 -0
  7. data/capistrano-one_time_key.gemspec +25 -0
  8. data/lib/capistrano/one_time_key/tasks/one_time_key.rake +5 -0
  9. data/lib/capistrano/one_time_key/version.rb +5 -0
  10. data/lib/capistrano/one_time_key.rb +63 -0
  11. data/spec/spec_helper.rb +9 -0
  12. metadata +111 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 939b2c31402865d6fc47b342b49cf2036b61a5ca
4
+ data.tar.gz: 27d4763cc9247c3e5e81e669594f830c4c00dbfe
5
+ SHA512:
6
+ metadata.gz: acb7cf8ed73e1ac0371ac6cb2f4d26b60d4ba2e204483448e0bd2d92a72fcee1fdc4303c3dde47ea9f3224da378ba3cd914f5db348b573643d1b668a56b587d3
7
+ data.tar.gz: f9afe8d2f44bec9d273604df3bb9bf177cf950c9e122cbce0c4f76b58b3ee1d565fea947cb88f9733eff263ed4fc39542d35c7af3681aeb7825949dbaf5bb1b7
data/.gitignore ADDED
@@ -0,0 +1,17 @@
1
+ *.gem
2
+ *.rbc
3
+ .bundle
4
+ .config
5
+ .yardoc
6
+ Gemfile.lock
7
+ InstalledFiles
8
+ _yardoc
9
+ coverage
10
+ doc/
11
+ lib/bundler/man
12
+ pkg
13
+ rdoc
14
+ spec/reports
15
+ test/tmp
16
+ test/version_tmp
17
+ tmp
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source 'https://rubygems.org'
2
+
3
+ # Specify your gem's dependencies in capistrano-one_time_key.gemspec
4
+ gemspec
data/LICENSE.txt ADDED
@@ -0,0 +1,13 @@
1
+ Copyright (c) 2014 The Board of Trustees of the Leland Stanford Junior University
2
+
3
+ Licensed under the Apache License, Version 2.0 (the "License");
4
+ you may not use this file except in compliance with the License.
5
+ You may obtain a copy of the License at
6
+
7
+ http://www.apache.org/licenses/LICENSE-2.0
8
+
9
+ Unless required by applicable law or agreed to in writing, software
10
+ distributed under the License is distributed on an "AS IS" BASIS,
11
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ See the License for the specific language governing permissions and
13
+ limitations under the License.
data/README.md ADDED
@@ -0,0 +1,35 @@
1
+ # Capistrano::OneTimeKey
2
+
3
+ Capistrano::OneTimeKey creates per-deploy ssh keys. This may be useful in SSH environments that use alternative authentication mechanisms (e.g. kerberos) that have no (reliably maintained) net-ssh equivalents.
4
+
5
+ ## Installation
6
+
7
+ Add this line to your application's Gemfile:
8
+
9
+ gem 'capistrano-one_time_key'
10
+
11
+ And then execute:
12
+
13
+ $ bundle
14
+
15
+ Or install it yourself as:
16
+
17
+ $ gem install capistrano-one_time_key
18
+
19
+ ## Usage
20
+
21
+ In your Capfile, require the gem:
22
+
23
+ require 'capistrano/one_time_key'
24
+
25
+ And in your deploy stage, after you register servers and services, create the one time keys:
26
+
27
+ Capistrano::OneTimeKey.generate_one_time_key!
28
+
29
+ ## Contributing
30
+
31
+ 1. Fork it ( http://github.com/cbeer/capistrano-one_time_key/fork )
32
+ 2. Create your feature branch (`git checkout -b my-new-feature`)
33
+ 3. Commit your changes (`git commit -am 'Add some feature'`)
34
+ 4. Push to the branch (`git push origin my-new-feature`)
35
+ 5. Create new Pull Request
data/Rakefile ADDED
@@ -0,0 +1 @@
1
+ require "bundler/gem_tasks"
data/capistrano-one_time_key.gemspec ADDED
@@ -0,0 +1,25 @@
1
+ # coding: utf-8
2
+ lib = File.expand_path('../lib', __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require 'capistrano/one_time_key/version'
5
+
6
+ Gem::Specification.new do |spec|
7
+ spec.name = "capistrano-one_time_key"
8
+ spec.version = Capistrano::OneTimeKey::VERSION
9
+ spec.authors = ["Chris Beer"]
10
+ spec.email = ["cabeer@stanford.edu"]
11
+ spec.summary = %q{One time keys for capistrano}
12
+ spec.homepage = ""
13
+ spec.license = "APACHE2"
14
+
15
+ spec.files = `git ls-files`.split($/)
16
+ spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
17
+ spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
18
+ spec.require_paths = ["lib"]
19
+
20
+ spec.add_dependency "capistrano", "~> 3.0"
21
+
22
+ spec.add_development_dependency "bundler", "~> 1.5"
23
+ spec.add_development_dependency "rake"
24
+ spec.add_development_dependency "rspec"
25
+ end
data/lib/capistrano/one_time_key/tasks/one_time_key.rake ADDED
@@ -0,0 +1,5 @@
1
+ set :ssh_options, {
2
+ keys: [Capistrano::OneTimeKey.temporary_ssh_private_key_path],
3
+ forward_agent: false,
4
+ auth_methods: %w(publickey password)
5
+ }
data/lib/capistrano/one_time_key/version.rb ADDED
@@ -0,0 +1,5 @@
1
+ module Capistrano
2
+ module OneTimeKey
3
+ VERSION = "0.0.1"
4
+ end
5
+ end
data/lib/capistrano/one_time_key.rb ADDED
@@ -0,0 +1,63 @@
1
+ require "capistrano/one_time_key/version"
2
+ require "tmpdir"
3
+ require "securerandom"
4
+
5
+ module Capistrano
6
+ module OneTimeKey
7
+
8
+ def self.tmpdir
9
+ @dirname ||= Dir.mktmpdir
10
+ end
11
+
12
+ def self.temporary_ssh_private_key_path
13
+ File.join(tmpdir, "capistrano_key")
14
+ end
15
+
16
+ def self.comment
17
+ @comment ||= "capistrano-otk-#{SecureRandom.hex(6)}"
18
+ end
19
+
20
+ def self.generate_private_key!
21
+ `ssh-keygen -f #{temporary_ssh_private_key_path} -N "" -C "#{comment}"`
22
+ return temporary_ssh_private_key_path
23
+ end
24
+
25
+ def self.generate_one_time_key!
26
+
27
+ path = generate_private_key!
28
+
29
+ public_key = File.read("#{path}.pub")
30
+
31
+ on roles(:all) do |host|
32
+ Capistrano::OneTimeKey.add_key_to_host host, public_key
33
+ end
34
+
35
+ at_exit do
36
+ # remove dirname locally
37
+ FileUtils.remove_entry Capistrano::OneTimeKey.temporary_ssh_private_key_path
38
+ on roles(:all) do |host|
39
+ Capistrano::OneTimeKey.remove_key_from_host host, public_key
40
+ end
41
+ end
42
+ end
43
+
44
+ def self.add_key_to_host capistrano_host, public_key
45
+ execute_on_remote capistrano_host, "mkdir -p ~/.ssh && \
46
+ chmod 700 ~/.ssh && \
47
+ touch ~/.ssh/authorized_keys && \
48
+ chmod 600 ~/.ssh/authorized_keys && \
49
+ echo '#{public_key}' >> ~/.ssh/authorized_keys"
50
+ end
51
+
52
+ def self.remove_key_from_host capistrano_host, public_key
53
+ execute_on_remote capistrano_host, "sed -i.bak -e '/#{comment}$/d' ~/.ssh/authorized_keys && rm ~/.ssh/authorized_keys.bak"
54
+ end
55
+
56
+ def self.execute_on_remote capistrano_host, command
57
+ `echo "#{command}" | ssh #{capistrano_host.user}@#{capistrano_host.hostname}`
58
+ end
59
+ end
60
+ end
61
+
62
+
63
+ load File.expand_path("../one_time_key/tasks/one_time_key.rake", __FILE__)
data/spec/spec_helper.rb ADDED
@@ -0,0 +1,9 @@
1
+ $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
2
+ $LOAD_PATH.unshift(File.dirname(__FILE__))
3
+
4
+ require 'rspec/autorun'
5
+ require 'capistrano/one_time_key'
6
+
7
+ RSpec.configure do |config|
8
+
9
+ end
metadata ADDED
@@ -0,0 +1,111 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: capistrano-one_time_key
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ platform: ruby
6
+ authors:
7
+ - Chris Beer
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2014-01-16 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: capistrano
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '3.0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '3.0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: bundler
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '1.5'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '1.5'
41
+ - !ruby/object:Gem::Dependency
42
+ name: rake
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">="
46
+ - !ruby/object:Gem::Version
47
+ version: '0'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: rspec
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ">="
60
+ - !ruby/object:Gem::Version
61
+ version: '0'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ">="
67
+ - !ruby/object:Gem::Version
68
+ version: '0'
69
+ description:
70
+ email:
71
+ - cabeer@stanford.edu
72
+ executables: []
73
+ extensions: []
74
+ extra_rdoc_files: []
75
+ files:
76
+ - ".gitignore"
77
+ - Gemfile
78
+ - LICENSE.txt
79
+ - README.md
80
+ - Rakefile
81
+ - capistrano-one_time_key.gemspec
82
+ - lib/capistrano/one_time_key.rb
83
+ - lib/capistrano/one_time_key/tasks/one_time_key.rake
84
+ - lib/capistrano/one_time_key/version.rb
85
+ - spec/spec_helper.rb
86
+ homepage: ''
87
+ licenses:
88
+ - APACHE2
89
+ metadata: {}
90
+ post_install_message:
91
+ rdoc_options: []
92
+ require_paths:
93
+ - lib
94
+ required_ruby_version: !ruby/object:Gem::Requirement
95
+ requirements:
96
+ - - ">="
97
+ - !ruby/object:Gem::Version
98
+ version: '0'
99
+ required_rubygems_version: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - ">="
102
+ - !ruby/object:Gem::Version
103
+ version: '0'
104
+ requirements: []
105
+ rubyforge_project:
106
+ rubygems_version: 2.2.0
107
+ signing_key:
108
+ specification_version: 4
109
+ summary: One time keys for capistrano
110
+ test_files:
111
+ - spec/spec_helper.rb