cert_watch 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (61) hide show
  1. checksums.yaml +7 -0
  2. data/MIT-LICENSE +20 -0
  3. data/README.md +151 -0
  4. data/Rakefile +16 -0
  5. data/app/assets/javascripts/cert_watch/application.js +13 -0
  6. data/app/assets/stylesheets/cert_watch/application.css +15 -0
  7. data/app/controllers/cert_watch/application_controller.rb +5 -0
  8. data/app/jobs/cert_watch/install_certificate_job.rb +16 -0
  9. data/app/jobs/cert_watch/renew_certificate_job.rb +16 -0
  10. data/app/jobs/cert_watch/renew_expiring_certificates_job.rb +13 -0
  11. data/app/models/cert_watch/certificate.rb +42 -0
  12. data/app/views/layouts/cert_watch/application.html.erb +14 -0
  13. data/config/locales/de.yml +47 -0
  14. data/config/locales/en.yml +47 -0
  15. data/config/routes.rb +2 -0
  16. data/db/migrate/20160711193700_create_certificates.rb +18 -0
  17. data/lib/cert_watch/CHANGELOG.md +5 -0
  18. data/lib/cert_watch/certbot_client.rb +32 -0
  19. data/lib/cert_watch/client.rb +7 -0
  20. data/lib/cert_watch/configuration.rb +37 -0
  21. data/lib/cert_watch/domain_owner.rb +23 -0
  22. data/lib/cert_watch/engine.rb +10 -0
  23. data/lib/cert_watch/error.rb +4 -0
  24. data/lib/cert_watch/install_error.rb +4 -0
  25. data/lib/cert_watch/installer.rb +7 -0
  26. data/lib/cert_watch/pem_directory_installer.rb +55 -0
  27. data/lib/cert_watch/renew_error.rb +4 -0
  28. data/lib/cert_watch/sanitize.rb +13 -0
  29. data/lib/cert_watch/shell.rb +20 -0
  30. data/lib/cert_watch/version.rb +3 -0
  31. data/lib/cert_watch/views/all.rb +3 -0
  32. data/lib/cert_watch/views/certificate_state.rb +42 -0
  33. data/lib/cert_watch.rb +32 -0
  34. data/spec/cert_watch/certbot_client_spec.rb +53 -0
  35. data/spec/cert_watch/domain_owner_spec.rb +62 -0
  36. data/spec/cert_watch/pem_directory_installer_spec.rb +75 -0
  37. data/spec/cert_watch/sanitize_spec.rb +19 -0
  38. data/spec/cert_watch/shell_spec.rb +19 -0
  39. data/spec/cert_watch/views/certificate_state_spec.rb +33 -0
  40. data/spec/examples.txt +40 -0
  41. data/spec/factories/certificates.rb +6 -0
  42. data/spec/internal/config/database.yml +3 -0
  43. data/spec/internal/config/routes.rb +3 -0
  44. data/spec/internal/db/combustion_test.sqlite +0 -0
  45. data/spec/internal/db/schema.rb +7 -0
  46. data/spec/internal/log/jobs/test/cert_watch.log +3793 -0
  47. data/spec/internal/log/test.log +24187 -0
  48. data/spec/internal/public/favicon.ico +0 -0
  49. data/spec/jobs/cert_watch/renew_expiring_certificates_job_spec.rb +43 -0
  50. data/spec/models/cert_watch/certificate_spec.rb +102 -0
  51. data/spec/rails_helper.rb +45 -0
  52. data/spec/spec_helper.rb +98 -0
  53. data/spec/support/config/cert_watch.rb +7 -0
  54. data/spec/support/config/factory_girl.rb +11 -0
  55. data/spec/support/config/resque_logger.rb +16 -0
  56. data/spec/support/config/timecop.rb +21 -0
  57. data/spec/support/helpers/doubles.rb +28 -0
  58. data/spec/support/helpers/fixtures.rb +25 -0
  59. data/spec/support/helpers/inline_resque.rb +9 -0
  60. data/spec/support/helpers/view_component_example_group.rb +31 -0
  61. metadata +298 -0
File without changes
@@ -0,0 +1,43 @@
1
+ require 'rails_helper'
2
+
3
+ module CertWatch
4
+ RSpec.describe RenewExpiringCertificatesJob do
5
+ it 'triggers renewal of installed expiring certificates' do
6
+ certificate = create(:certificate, state: 'installed', last_renewed_at: 40.days.ago)
7
+ CertWatch.config.renewal_interval = 1.month
8
+
9
+ RenewExpiringCertificatesJob.perform
10
+
11
+ expect(certificate.reload.state).to eq('renewing')
12
+ end
13
+
14
+ it 'ignores uninstalled certificates' do
15
+ certificate = create(:certificate, state: 'abandoned', last_renewed_at: 40.days.ago)
16
+ CertWatch.config.renewal_interval = 1.month
17
+
18
+ RenewExpiringCertificatesJob.perform
19
+
20
+ expect(certificate.reload.state).to eq('abandoned')
21
+ end
22
+
23
+ it 'ignores not expiring certificates' do
24
+ certificate = create(:certificate, state: 'installed', last_renewed_at: 10.days.ago)
25
+ CertWatch.config.renewal_interval = 1.month
26
+
27
+ RenewExpiringCertificatesJob.perform
28
+
29
+ expect(certificate.reload.state).to eq('installed')
30
+ end
31
+
32
+ it 'limits number of renewed certificates to batch size' do
33
+ create(:certificate, state: 'installed', last_renewed_at: 40.days.ago)
34
+ create(:certificate, state: 'installed', last_renewed_at: 50.days.ago)
35
+ CertWatch.config.renewal_interval = 1.month
36
+ CertWatch.config.renewal_batch_size = 1
37
+
38
+ RenewExpiringCertificatesJob.perform
39
+
40
+ expect(Certificate.where(state: 'renewing').count).to eq(1)
41
+ end
42
+ end
43
+ end
@@ -0,0 +1,102 @@
1
+ require 'rails_helper'
2
+
3
+ require 'support/helpers/doubles'
4
+ require 'support/helpers/inline_resque'
5
+
6
+ module CertWatch
7
+ RSpec.describe Certificate, inline_resque: true do
8
+ describe '#renew' do
9
+ it 'makes client renew certificate for domain' do
10
+ certificate = create(:certificate, domain: 'my.example.com')
11
+
12
+ certificate.renew!
13
+
14
+ expect(CertWatch.client).to have_received(:renew).with('my.example.com')
15
+ end
16
+
17
+ it 'installs certificate' do
18
+ certificate = create(:certificate, domain: 'my.example.com')
19
+
20
+ certificate.renew!
21
+
22
+ expect(CertWatch.installer).to have_received(:install).with('my.example.com')
23
+ end
24
+
25
+ it 'sets state to installed' do
26
+ certificate = create(:certificate, domain: 'my.example.com')
27
+
28
+ certificate.renew!
29
+
30
+ expect(certificate.reload.state).to eq('installed')
31
+ end
32
+
33
+ it 'updates last_renewed_at attribute' do
34
+ certificate = create(:certificate,
35
+ domain: 'my.example.com',
36
+ last_renewed_at: 1.month.ago)
37
+
38
+ certificate.renew!
39
+
40
+ expect(certificate.reload.last_renewed_at).to eq(Time.now)
41
+ end
42
+
43
+ it 'updates last_installed_at attribute' do
44
+ certificate = create(:certificate,
45
+ domain: 'my.example.com',
46
+ last_installed_at: 1.month.ago)
47
+
48
+ certificate.renew!
49
+
50
+ expect(certificate.reload.last_installed_at).to eq(Time.now)
51
+ end
52
+
53
+ context 'when renew results in error' do
54
+ before do
55
+ CertWatch.client = Doubles.failing_client
56
+ end
57
+
58
+ it 'sets state to renewing_failed' do
59
+ certificate = create(:certificate, domain: 'my.example.com')
60
+
61
+ certificate.renew!
62
+
63
+ expect(certificate.reload.state).to eq('renewing_failed')
64
+ end
65
+
66
+ it 'updates last_renewal_failed_at attribute' do
67
+ certificate = create(:certificate,
68
+ domain: 'my.example.com',
69
+ last_renewal_failed_at: 1.month.ago)
70
+
71
+ certificate.renew!
72
+
73
+ expect(certificate.reload.last_renewal_failed_at).to eq(Time.now)
74
+ end
75
+ end
76
+
77
+ context 'when install results in error' do
78
+ before do
79
+ CertWatch.installer = Doubles.failing_installer
80
+ end
81
+
82
+ it 'sets state to installing_failed' do
83
+ certificate = create(:certificate, domain: 'my.example.com')
84
+
85
+ certificate.renew!
86
+
87
+ expect(certificate.reload.state).to eq('installing_failed')
88
+ end
89
+
90
+ it 'updates last_install_failed_at attribute' do
91
+ certificate = create(:certificate,
92
+ domain: 'my.example.com',
93
+ last_install_failed_at: 1.month.ago)
94
+
95
+ certificate.renew!
96
+
97
+ expect(certificate.reload.last_install_failed_at).to eq(Time.now)
98
+ end
99
+ end
100
+ end
101
+ end
102
+ end
@@ -0,0 +1,45 @@
1
+ # This file is copied to spec/ when you run 'rails generate rspec:install'
2
+ ENV['RAILS_ENV'] ||= 'test'
3
+
4
+ require 'combustion'
5
+ Combustion.initialize! :all
6
+
7
+ # Prevent database truncation if the environment is production
8
+ abort('The Rails environment is running in production mode!') if Rails.env.production?
9
+
10
+ require 'spec_helper'
11
+ require 'rspec/rails'
12
+ # Add additional requires below this line. Rails is not loaded until this point!
13
+
14
+ require 'support/config/factory_girl'
15
+ require 'support/config/timecop'
16
+ require 'support/config/resque_logger'
17
+ require 'support/config/cert_watch'
18
+
19
+ # Checks for pending migration and applies them before tests are run.
20
+ # If you are not using ActiveRecord, you can remove this line.
21
+ ActiveRecord::Migration.maintain_test_schema!
22
+
23
+ RSpec.configure do |config|
24
+ # If you're not using ActiveRecord, or you'd prefer not to run each of your
25
+ # examples within a transaction, remove the following line or assign false
26
+ # instead of true.
27
+ config.use_transactional_fixtures = true
28
+
29
+ # Filter lines from Rails gems in backtraces.
30
+ config.filter_rails_from_backtrace!
31
+ # arbitrary gems may also be filtered via:
32
+ # config.filter_gems_from_backtrace("gem name")
33
+
34
+ config.when_first_matching_example_defined(inline_resque: true) do
35
+ require 'support/helpers/inline_resque'
36
+ end
37
+
38
+ config.when_first_matching_example_defined(fixture_files: true) do
39
+ require 'support/helpers/fixtures'
40
+ end
41
+
42
+ config.when_first_matching_example_defined(type: :view_component) do
43
+ require 'support/helpers/view_component_example_group'
44
+ end
45
+ end
@@ -0,0 +1,98 @@
1
+ require 'coveralls'
2
+ Coveralls.wear!
3
+
4
+ # This file was generated by the `rails generate rspec:install` command. Conventionally, all
5
+ # specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
6
+ # The generated `.rspec` file contains `--require spec_helper` which will cause
7
+ # this file to always be loaded, without a need to explicitly require it in any
8
+ # files.
9
+ #
10
+ # Given that it is always loaded, you are encouraged to keep this file as
11
+ # light-weight as possible. Requiring heavyweight dependencies from this file
12
+ # will add to the boot time of your test suite on EVERY test run, even for an
13
+ # individual file that may not need all of that loaded. Instead, consider making
14
+ # a separate helper file that requires the additional dependencies and performs
15
+ # the additional setup, and require it from the spec files that actually need
16
+ # it.
17
+ #
18
+ # The `.rspec` file also contains a few flags that are not defaults but that
19
+ # users commonly want.
20
+ #
21
+ # See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
22
+ RSpec.configure do |config|
23
+ # rspec-expectations config goes here. You can use an alternate
24
+ # assertion/expectation library such as wrong or the stdlib/minitest
25
+ # assertions if you prefer.
26
+ config.expect_with :rspec do |expectations|
27
+ # This option will default to `true` in RSpec 4. It makes the `description`
28
+ # and `failure_message` of custom matchers include text for helper methods
29
+ # defined using `chain`, e.g.:
30
+ # be_bigger_than(2).and_smaller_than(4).description
31
+ # # => "be bigger than 2 and smaller than 4"
32
+ # ...rather than:
33
+ # # => "be bigger than 2"
34
+ expectations.include_chain_clauses_in_custom_matcher_descriptions = true
35
+ end
36
+
37
+ # rspec-mocks config goes here. You can use an alternate test double
38
+ # library (such as bogus or mocha) by changing the `mock_with` option here.
39
+ config.mock_with :rspec do |mocks|
40
+ # Prevents you from mocking or stubbing a method that does not exist on
41
+ # a real object. This is generally recommended, and will default to
42
+ # `true` in RSpec 4.
43
+ mocks.verify_partial_doubles = true
44
+ end
45
+
46
+ # This option will default to `:apply_to_host_groups` in RSpec 4 (and will
47
+ # have no way to turn it off -- the option exists only for backwards
48
+ # compatibility in RSpec 3). It causes shared context metadata to be
49
+ # inherited by the metadata hash of host groups and examples, rather than
50
+ # triggering implicit auto-inclusion in groups with matching metadata.
51
+ config.shared_context_metadata_behavior = :apply_to_host_groups
52
+
53
+ # This allows you to limit a spec run to individual examples or groups
54
+ # you care about by tagging them with `:focus` metadata. When nothing
55
+ # is tagged with `:focus`, all examples get run. RSpec also provides
56
+ # aliases for `it`, `describe`, and `context` that include `:focus`
57
+ # metadata: `fit`, `fdescribe` and `fcontext`, respectively.
58
+ config.filter_run_when_matching :focus
59
+
60
+ # Allows RSpec to persist some state between runs in order to support
61
+ # the `--only-failures` and `--next-failure` CLI options. We recommend
62
+ # you configure your source control system to ignore this file.
63
+ config.example_status_persistence_file_path = 'spec/examples.txt'
64
+
65
+ # Limits the available syntax to the non-monkey patched syntax that is
66
+ # recommended. For more details, see:
67
+ # - http://rspec.info/blog/2012/06/rspecs-new-expectation-syntax/
68
+ # - http://www.teaisaweso.me/blog/2013/05/27/rspecs-new-message-expectation-syntax/
69
+ # - http://rspec.info/blog/2014/05/notable-changes-in-rspec-3/#zero-monkey-patching-mode
70
+ config.disable_monkey_patching!
71
+
72
+ # Many RSpec users commonly either run the entire suite or an individual
73
+ # file, and it's useful to allow more verbose output when running an
74
+ # individual spec file.
75
+ if config.files_to_run.one?
76
+ # Use the documentation formatter for detailed output,
77
+ # unless a formatter has already been configured
78
+ # (e.g. via a command-line flag).
79
+ config.default_formatter = 'doc'
80
+ end
81
+
82
+ # Print the 10 slowest examples and example groups at the
83
+ # end of the spec run, to help surface which specs are running
84
+ # particularly slow.
85
+ config.profile_examples = 10
86
+
87
+ # Run specs in random order to surface order dependencies. If you find an
88
+ # order dependency and want to debug it, you can fix the order by providing
89
+ # the seed, which is printed after each run.
90
+ # --seed 1234
91
+ config.order = :random
92
+
93
+ # Seed global randomization in this process using the `--seed` CLI option.
94
+ # Setting this allows you to use `--seed` to deterministically reproduce
95
+ # test failures related to randomization by passing the same `--seed` value
96
+ # as the one that triggered the failure.
97
+ Kernel.srand config.seed
98
+ end
@@ -0,0 +1,7 @@
1
+ RSpec.configure do |config|
2
+ config.before do
3
+ CertWatch.setup
4
+ CertWatch.client = Doubles.client
5
+ CertWatch.installer = Doubles.installer
6
+ end
7
+ end
@@ -0,0 +1,11 @@
1
+ require 'factory_girl_rails'
2
+
3
+ RSpec.configure do |config|
4
+ # Allow to use build and create methods without FactoryGirl prefix.
5
+ config.include FactoryGirl::Syntax::Methods
6
+
7
+ # Make sure factories are up to date when using spring
8
+ config.before(:all) do
9
+ FactoryGirl.reload
10
+ end
11
+ end
@@ -0,0 +1,16 @@
1
+ require 'fileutils'
2
+ log_dir = Rails.root.join('log', 'jobs', Rails.env)
3
+
4
+ RSpec.configure do |config|
5
+ config.before(:all) do
6
+ FileUtils.mkdir_p(log_dir)
7
+ end
8
+ end
9
+
10
+ Resque.logger_config = {
11
+ folder: log_dir,
12
+ class_name: Logger,
13
+ class_args: ['daily', 1.kilobyte],
14
+ level: Logger::INFO,
15
+ formatter: Logger::Formatter.new
16
+ }
@@ -0,0 +1,21 @@
1
+ require 'timecop'
2
+
3
+ RSpec.configure do |config|
4
+ config.before(:each) do
5
+ Timecop.freeze(Time.local(2013))
6
+ end
7
+
8
+ config.before(:each, capybara_feature: true) do
9
+ # Do not freeze time in capybara tests to enable waiting for elements
10
+ Timecop.travel(Time.local(2013))
11
+ end
12
+
13
+ config.before(:each, integration: true) do
14
+ # Do not freeze time in integration tests
15
+ Timecop.return
16
+ end
17
+
18
+ config.after(:each) do
19
+ Timecop.return
20
+ end
21
+ end
@@ -0,0 +1,28 @@
1
+ module Doubles
2
+ extend RSpec::Mocks::ExampleMethods
3
+ extend self
4
+
5
+ def client
6
+ instance_double('CertWatch::Client').tap do |double|
7
+ allow(double).to receive(:renew).and_return(:ok)
8
+ end
9
+ end
10
+
11
+ def failing_client
12
+ instance_double('CertWatch::Client').tap do |double|
13
+ allow(double).to receive(:renew).and_raise(CertWatch::RenewError)
14
+ end
15
+ end
16
+
17
+ def installer
18
+ instance_double('CertWatch::Installer').tap do |double|
19
+ allow(double).to receive(:install).and_return(:ok)
20
+ end
21
+ end
22
+
23
+ def failing_installer
24
+ instance_double('CertWatch::Installer').tap do |double|
25
+ allow(double).to receive(:install).and_raise(CertWatch::InstallError)
26
+ end
27
+ end
28
+ end
@@ -0,0 +1,25 @@
1
+ require 'fileutils'
2
+
3
+ module Fixtures
4
+ extend self
5
+
6
+ def directory(path)
7
+ FileUtils.mkdir_p(path)
8
+ end
9
+
10
+ def file(path, contents = '')
11
+ FileUtils.mkdir_p(File.dirname(path))
12
+ File.write(path, contents)
13
+ Pathname.new(path)
14
+ end
15
+ end
16
+
17
+ RSpec.configure do |config|
18
+ config.around(:example, fixture_files: true) do |example|
19
+ Dir.mktmpdir('cert_watch_spec') do |dir|
20
+ Dir.chdir(dir) do
21
+ example.call
22
+ end
23
+ end
24
+ end
25
+ end
@@ -0,0 +1,9 @@
1
+ RSpec.configure do |config|
2
+ config.before(:each, inline_resque: true) do
3
+ Resque.inline = true
4
+ end
5
+
6
+ config.after(:each, inline_resque: true) do
7
+ Resque.inline = false
8
+ end
9
+ end
@@ -0,0 +1,31 @@
1
+ module ViewComponentExampleGroup
2
+ extend ActiveSupport::Concern
3
+ include RSpec::Rails::RailsExampleGroup
4
+ include ActionView::TestCase::Behavior
5
+ include Capybara::RSpecMatchers
6
+
7
+ included do
8
+ attr_reader :rendered
9
+ end
10
+
11
+ def arbre(&block)
12
+ Arbre::Context.new({}, _view, &block)
13
+ end
14
+
15
+ def helper
16
+ _view
17
+ end
18
+
19
+ def render(builder_method, *args, &block)
20
+ @rendered =
21
+ if block_given?
22
+ arbre(&block).to_s
23
+ else
24
+ arbre.send(builder_method, *args, &block)
25
+ end
26
+ end
27
+ end
28
+
29
+ RSpec.configure do |config|
30
+ config.include(ViewComponentExampleGroup, type: :view_component)
31
+ end