capistrano-ssh-authorized-keys-github 1.1.0 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6775ce8d8eac1a2c278c71435aba2e616f684bad6038d3c7313082545e9c1a7e
|
4
|
+
data.tar.gz: 46d20cb800aefd3fe294f0c19f262afb5a1e5396fa86ba44af40c6ff9a723d50
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 4813997a4c8330e160109eb041c0363642ee4c89090f87bd327094b3901d482a5ea5d783c783334d5f0dbbded9c69e79e9401c30e31e8b52b0beead17ba078f4
|
7
|
+
data.tar.gz: f4c4e6b67257f8232c427f02803d4b2d520b10f123d61b212003c2a3af17ee39ef4eb0535ede0d284fb1f5b24c9cb799bed797781bfd22486e226d747628bc54
|
@@ -4,7 +4,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
4
4
|
|
5
5
|
Gem::Specification.new do |spec|
|
6
6
|
spec.name = 'capistrano-ssh-authorized-keys-github'
|
7
|
-
spec.version = '1.
|
7
|
+
spec.version = '1.2.0'
|
8
8
|
spec.authors = ['lloydwatkin']
|
9
9
|
spec.email = ['lloyd@olioex.com']
|
10
10
|
spec.summary = %q{Sync Github organisation public SSH keys to `server authorized_keys` file}
|
@@ -8,7 +8,7 @@ NO_ORGANISATION_MEMBER_KEYS_FOUND = 'There are no public members for this Github
|
|
8
8
|
namespace :security do
|
9
9
|
desc 'Cycle SSH key logins'
|
10
10
|
task :update_ssh_keys do
|
11
|
-
|
11
|
+
run_locally do
|
12
12
|
organisations = fetch(:github_orgs) || fetch(:github_org) || raise(NO_GITHUB_ORGANISATION_PROVIDED)
|
13
13
|
keys = ""
|
14
14
|
authentication = ''
|
@@ -17,37 +17,40 @@ namespace :security do
|
|
17
17
|
end
|
18
18
|
|
19
19
|
[*organisations].each do |organisation|
|
20
|
+
info "Fetching keys for #{organisation}"
|
20
21
|
url = URI("https://#{authentication}api.github.com/orgs/#{organisation}")
|
21
22
|
organisation_details = JSON.parse(Net::HTTP.get_response(url).body, symbolize_names: true)
|
22
23
|
members_url = URI(organisation_details[:members_url].gsub("{/member}", "").gsub('https://', "https://#{authentication}"))
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
"
|
24
|
+
response = Net::HTTP.get_response(members_url)
|
25
|
+
raise response.body unless response.kind_of? Net::HTTPSuccess
|
26
|
+
members = JSON.parse(response.body, symbolize_names: true)
|
27
|
+
keys += "\n#\n"\
|
28
|
+
"# #{organisation_details[:name]} keys\n"\
|
29
|
+
"# #{members_url}\n"\
|
30
|
+
"#\n"
|
31
31
|
member_details = members.map { |member| member[:login].downcase }.sort
|
32
32
|
member_details.each do |member|
|
33
|
+
info " - Downloading keys for #{member}"
|
33
34
|
member_keys = URI("https://#{authentication}github.com/#{member}.keys")
|
34
|
-
info = "
|
35
|
-
# @#{member}
|
36
|
-
# #{member_keys}
|
37
|
-
|
38
|
-
|
39
|
-
|
35
|
+
info = "\n #\n"\
|
36
|
+
" # @#{member}\n"\
|
37
|
+
" # #{member_keys}\n"\
|
38
|
+
" #\n"
|
39
|
+
response = Net::HTTP.get_response(member_keys)
|
40
|
+
raise response.body unless response.kind_of? Net::HTTPSuccess
|
41
|
+
keys += info + response.body.gsub(/\r\n?/, "\n")
|
40
42
|
end
|
41
43
|
end
|
44
|
+
raise raise NO_ORGANISATION_MEMBER_KEYS_FOUND unless keys.scan(/ssh-(rsa|ed25519)/).count > 0
|
45
|
+
info "Writing authorized_keys file to ./tmp"
|
46
|
+
File.open("./tmp/authorized_keys", "w") do |f|
|
47
|
+
f.write(keys)
|
48
|
+
end
|
42
49
|
|
43
|
-
|
44
|
-
|
45
|
-
f.write(keys)
|
46
|
-
end
|
50
|
+
info "Uploading updated authorized_keys to servers"
|
51
|
+
on roles(:all) do |host|
|
47
52
|
upload! './tmp/authorized_keys', "/tmp/authorized_keys"
|
48
53
|
execute :mv, "/tmp/authorized_keys", "~/.ssh/authorized_keys"
|
49
|
-
else
|
50
|
-
raise NO_ORGANISATION_MEMBER_KEYS_FOUND
|
51
54
|
end
|
52
55
|
end
|
53
56
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: capistrano-ssh-authorized-keys-github
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- lloydwatkin
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-11-07 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: capistrano
|