capistrano-ssh-authorized-keys-github 1.0.1 → 1.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +5 -0
  3. data/capistrano-ssh-authorized-keys-github.gemspec +1 -1
  4. data/lib/capistrano/tasks/ssh-authorized-keys-github.cap +11 -6
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 407a32cd53e70eaf8ec1386ec9f47700abe3c66a63d0ea60bd5655a2b5c1cadf
4
- data.tar.gz: a81a938c7be2f821ec6f140f4c2a6141f9b9f09df478ca9b8385784c1ee97be0
3
+ metadata.gz: fdeace2093ea8dd5b0326e751fe39daaf0976d9815949063d0a041b579637db4
4
+ data.tar.gz: 5dcd586bbab56363ee751a3379354bfb93861e6dff1e645d78194eb530d86945
5
5
  SHA512:
6
- metadata.gz: 1935e81a7b66aeb1a99b8ccef18e9c1d21887a5e6f5634ba6a3239ac24e2fa189e9ec16be395a731af691c72945935ffa30b5dd281af9c047b5e92ec638ccbc2
7
- data.tar.gz: 0a6441bd065bc4a313b743faf03cd038afa92a0ba4e7657312ff7bf5e16707b02cc3a4f5cfcfc356363791d7a2c74e947fb8119c6d6c58a6ce4e4b42a6ddb071
6
+ metadata.gz: f5e563b6bcb8f601cb0d31c846869c8d62bff34d2154fd356c0c6596f695ed2238a152abfb3e50871ab1b20b8d581f5e17734a88a9af2770351c58bacc3f4fa5
7
+ data.tar.gz: e740b5181dcf8f7eb9915d9395c7bef55c222249980c3866cb771d2cc151c7ee61ef948b14b081e9562dec467314f21fe5207140b55f298dc359b3a04d5d0fd0
data/README.md CHANGED
@@ -2,6 +2,8 @@
2
2
 
3
3
  Sync organisation SSH public keys to server `authorized_keys` file so they are able to SSH into OS - for [Capistrano v3](https://github.com/capistrano/capistrano).
4
4
 
5
+ Note: The authorized keys file is generated locally before being uploaded to the server(s).
6
+
5
7
  ## Installation
6
8
 
7
9
  Add this line to your application's Gemfile:
@@ -27,6 +29,9 @@ And then set the variables in `config/deploy.rb`:
27
29
  set :github_org, 'olioex'
28
30
  # ...or... (takes priority)
29
31
  set :github_orgs, ['olioex', 'github']
32
+ # Optional for Github rate limits (oauth application)
33
+ set :github_app_id, '12345'
34
+ set :github_app_secret, 'abcdef'
30
35
 
31
36
  The task will run automatically on successful deploy. Alternatively, you can notify of a deploy starting manually by using:
32
37
 
data/capistrano-ssh-authorized-keys-github.gemspec CHANGED
@@ -4,7 +4,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
4
 
5
5
  Gem::Specification.new do |spec|
6
6
  spec.name = 'capistrano-ssh-authorized-keys-github'
7
- spec.version = '1.0.1'
7
+ spec.version = '1.1.0'
8
8
  spec.authors = ['lloydwatkin']
9
9
  spec.email = ['lloyd@olioex.com']
10
10
  spec.summary = %q{Sync Github organisation public SSH keys to `server authorized_keys` file}
data/lib/capistrano/tasks/ssh-authorized-keys-github.cap CHANGED
@@ -8,15 +8,18 @@ NO_ORGANISATION_MEMBER_KEYS_FOUND = 'There are no public members for this Github
8
8
  namespace :security do
9
9
  desc 'Cycle SSH key logins'
10
10
  task :update_ssh_keys do
11
- on roles(:all) do
11
+ on roles(:all) do |host|
12
12
  organisations = fetch(:github_orgs) || fetch(:github_org) || raise(NO_GITHUB_ORGANISATION_PROVIDED)
13
13
  keys = ""
14
- user = `whoami`.chomp
14
+ authentication = ''
15
+ if fetch(:github_app_id) && fetch(:github_app_secret)
16
+ authentication = "#{fetch(:github_app_id)}:#{fetch(:github_app_secret)}@"
17
+ end
15
18
 
16
19
  [*organisations].each do |organisation|
17
- url = URI("https://api.github.com/orgs/#{organisation}")
20
+ url = URI("https://#{authentication}api.github.com/orgs/#{organisation}")
18
21
  organisation_details = JSON.parse(Net::HTTP.get_response(url).body, symbolize_names: true)
19
- members_url = URI(organisation_details[:members_url].gsub("{/member}", ""))
22
+ members_url = URI(organisation_details[:members_url].gsub("{/member}", "").gsub('https://', "https://#{authentication}"))
20
23
  members = JSON.parse(Net::HTTP.get_response(members_url).body, symbolize_names: true)
21
24
  keys += " #
22
25
  # #{organisation_details[:name]} keys
@@ -27,7 +30,7 @@ namespace :security do
27
30
  "
28
31
  member_details = members.map { |member| member[:login].downcase }.sort
29
32
  member_details.each do |member|
30
- member_keys = URI("https://github.com/#{member}.keys")
33
+ member_keys = URI("https://#{authentication}github.com/#{member}.keys")
31
34
  info = " #
32
35
  # @#{member}
33
36
  # #{member_keys}
@@ -38,9 +41,11 @@ namespace :security do
38
41
  end
39
42
 
40
43
  if keys.scan(/ssh-(rsa|ed25519)/).count > 0
41
- File.open("/home/#{user}/.ssh/authorized_keys", "w") do |f|
44
+ File.open("./tmp/authorized_keys", "w") do |f|
42
45
  f.write(keys)
43
46
  end
47
+ upload! './tmp/authorized_keys', "/tmp/authorized_keys"
48
+ execute :mv, "/tmp/authorized_keys", "~/.ssh/authorized_keys"
44
49
  else
45
50
  raise NO_ORGANISATION_MEMBER_KEYS_FOUND
46
51
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: capistrano-ssh-authorized-keys-github
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.1
4
+ version: 1.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - lloydwatkin