cert_watch 1.0.0

data/spec/jobs/cert_watch/renew_expiring_certificates_job_spec.rb

@@ -0,0 +1,43 @@
+require 'rails_helper'
+
+module CertWatch
+  RSpec.describe RenewExpiringCertificatesJob do
+    it 'triggers renewal of installed expiring certificates' do
+      certificate = create(:certificate, state: 'installed', last_renewed_at: 40.days.ago)
+      CertWatch.config.renewal_interval = 1.month
+
+      RenewExpiringCertificatesJob.perform
+
+      expect(certificate.reload.state).to eq('renewing')
+    end
+
+    it 'ignores uninstalled certificates' do
+      certificate = create(:certificate, state: 'abandoned', last_renewed_at: 40.days.ago)
+      CertWatch.config.renewal_interval = 1.month
+
+      RenewExpiringCertificatesJob.perform
+
+      expect(certificate.reload.state).to eq('abandoned')
+    end
+
+    it 'ignores not expiring certificates' do
+      certificate = create(:certificate, state: 'installed', last_renewed_at: 10.days.ago)
+      CertWatch.config.renewal_interval = 1.month
+
+      RenewExpiringCertificatesJob.perform
+
+      expect(certificate.reload.state).to eq('installed')
+    end
+
+    it 'limits number of renewed certificates to batch size' do
+      create(:certificate, state: 'installed', last_renewed_at: 40.days.ago)
+      create(:certificate, state: 'installed', last_renewed_at: 50.days.ago)
+      CertWatch.config.renewal_interval = 1.month
+      CertWatch.config.renewal_batch_size = 1
+
+      RenewExpiringCertificatesJob.perform
+
+      expect(Certificate.where(state: 'renewing').count).to eq(1)
+    end
+  end
+end

data/spec/models/cert_watch/certificate_spec.rb

@@ -0,0 +1,102 @@
+require 'rails_helper'
+
+require 'support/helpers/doubles'
+require 'support/helpers/inline_resque'
+
+module CertWatch
+  RSpec.describe Certificate, inline_resque: true do
+    describe '#renew' do
+      it 'makes client renew certificate for domain' do
+        certificate = create(:certificate, domain: 'my.example.com')
+
+        certificate.renew!
+
+        expect(CertWatch.client).to have_received(:renew).with('my.example.com')
+      end
+
+      it 'installs certificate' do
+        certificate = create(:certificate, domain: 'my.example.com')
+
+        certificate.renew!
+
+        expect(CertWatch.installer).to have_received(:install).with('my.example.com')
+      end
+
+      it 'sets state to installed' do
+        certificate = create(:certificate, domain: 'my.example.com')
+
+        certificate.renew!
+
+        expect(certificate.reload.state).to eq('installed')
+      end
+
+      it 'updates last_renewed_at attribute' do
+        certificate = create(:certificate,
+                             domain: 'my.example.com',
+                             last_renewed_at: 1.month.ago)
+
+        certificate.renew!
+
+        expect(certificate.reload.last_renewed_at).to eq(Time.now)
+      end
+
+      it 'updates last_installed_at attribute' do
+        certificate = create(:certificate,
+                             domain: 'my.example.com',
+                             last_installed_at: 1.month.ago)
+
+        certificate.renew!
+
+        expect(certificate.reload.last_installed_at).to eq(Time.now)
+      end
+
+      context 'when renew results in error' do
+        before do
+          CertWatch.client = Doubles.failing_client
+        end
+
+        it 'sets state to renewing_failed' do
+          certificate = create(:certificate, domain: 'my.example.com')
+
+          certificate.renew!
+
+          expect(certificate.reload.state).to eq('renewing_failed')
+        end
+
+        it 'updates last_renewal_failed_at attribute' do
+          certificate = create(:certificate,
+                               domain: 'my.example.com',
+                               last_renewal_failed_at: 1.month.ago)
+
+          certificate.renew!
+
+          expect(certificate.reload.last_renewal_failed_at).to eq(Time.now)
+        end
+      end
+
+      context 'when install results in error' do
+        before do
+          CertWatch.installer = Doubles.failing_installer
+        end
+
+        it 'sets state to installing_failed' do
+          certificate = create(:certificate, domain: 'my.example.com')
+
+          certificate.renew!
+
+          expect(certificate.reload.state).to eq('installing_failed')
+        end
+
+        it 'updates last_install_failed_at attribute' do
+          certificate = create(:certificate,
+                               domain: 'my.example.com',
+                               last_install_failed_at: 1.month.ago)
+
+          certificate.renew!
+
+          expect(certificate.reload.last_install_failed_at).to eq(Time.now)
+        end
+      end
+    end
+  end
+end

data/spec/rails_helper.rb

@@ -0,0 +1,45 @@
+# This file is copied to spec/ when you run 'rails generate rspec:install'
+ENV['RAILS_ENV'] ||= 'test'
+
+require 'combustion'
+Combustion.initialize! :all
+
+# Prevent database truncation if the environment is production
+abort('The Rails environment is running in production mode!') if Rails.env.production?
+
+require 'spec_helper'
+require 'rspec/rails'
+# Add additional requires below this line. Rails is not loaded until this point!
+
+require 'support/config/factory_girl'
+require 'support/config/timecop'
+require 'support/config/resque_logger'
+require 'support/config/cert_watch'
+
+# Checks for pending migration and applies them before tests are run.
+# If you are not using ActiveRecord, you can remove this line.
+ActiveRecord::Migration.maintain_test_schema!
+
+RSpec.configure do |config|
+  # If you're not using ActiveRecord, or you'd prefer not to run each of your
+  # examples within a transaction, remove the following line or assign false
+  # instead of true.
+  config.use_transactional_fixtures = true
+
+  # Filter lines from Rails gems in backtraces.
+  config.filter_rails_from_backtrace!
+  # arbitrary gems may also be filtered via:
+  # config.filter_gems_from_backtrace("gem name")
+
+  config.when_first_matching_example_defined(inline_resque: true) do
+    require 'support/helpers/inline_resque'
+  end
+
+  config.when_first_matching_example_defined(fixture_files: true) do
+    require 'support/helpers/fixtures'
+  end
+
+  config.when_first_matching_example_defined(type: :view_component) do
+    require 'support/helpers/view_component_example_group'
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,98 @@
+require 'coveralls'
+Coveralls.wear!
+
+# This file was generated by the `rails generate rspec:install` command. Conventionally, all
+# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
+# The generated `.rspec` file contains `--require spec_helper` which will cause
+# this file to always be loaded, without a need to explicitly require it in any
+# files.
+#
+# Given that it is always loaded, you are encouraged to keep this file as
+# light-weight as possible. Requiring heavyweight dependencies from this file
+# will add to the boot time of your test suite on EVERY test run, even for an
+# individual file that may not need all of that loaded. Instead, consider making
+# a separate helper file that requires the additional dependencies and performs
+# the additional setup, and require it from the spec files that actually need
+# it.
+#
+# The `.rspec` file also contains a few flags that are not defaults but that
+# users commonly want.
+#
+# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
+RSpec.configure do |config|
+  # rspec-expectations config goes here. You can use an alternate
+  # assertion/expectation library such as wrong or the stdlib/minitest
+  # assertions if you prefer.
+  config.expect_with :rspec do |expectations|
+    # This option will default to `true` in RSpec 4. It makes the `description`
+    # and `failure_message` of custom matchers include text for helper methods
+    # defined using `chain`, e.g.:
+    #     be_bigger_than(2).and_smaller_than(4).description
+    #     # => "be bigger than 2 and smaller than 4"
+    # ...rather than:
+    #     # => "be bigger than 2"
+    expectations.include_chain_clauses_in_custom_matcher_descriptions = true
+  end
+
+  # rspec-mocks config goes here. You can use an alternate test double
+  # library (such as bogus or mocha) by changing the `mock_with` option here.
+  config.mock_with :rspec do |mocks|
+    # Prevents you from mocking or stubbing a method that does not exist on
+    # a real object. This is generally recommended, and will default to
+    # `true` in RSpec 4.
+    mocks.verify_partial_doubles = true
+  end
+
+  # This option will default to `:apply_to_host_groups` in RSpec 4 (and will
+  # have no way to turn it off -- the option exists only for backwards
+  # compatibility in RSpec 3). It causes shared context metadata to be
+  # inherited by the metadata hash of host groups and examples, rather than
+  # triggering implicit auto-inclusion in groups with matching metadata.
+  config.shared_context_metadata_behavior = :apply_to_host_groups
+
+  # This allows you to limit a spec run to individual examples or groups
+  # you care about by tagging them with `:focus` metadata. When nothing
+  # is tagged with `:focus`, all examples get run. RSpec also provides
+  # aliases for `it`, `describe`, and `context` that include `:focus`
+  # metadata: `fit`, `fdescribe` and `fcontext`, respectively.
+  config.filter_run_when_matching :focus
+
+  # Allows RSpec to persist some state between runs in order to support
+  # the `--only-failures` and `--next-failure` CLI options. We recommend
+  # you configure your source control system to ignore this file.
+  config.example_status_persistence_file_path = 'spec/examples.txt'
+
+  # Limits the available syntax to the non-monkey patched syntax that is
+  # recommended. For more details, see:
+  #   - http://rspec.info/blog/2012/06/rspecs-new-expectation-syntax/
+  #   - http://www.teaisaweso.me/blog/2013/05/27/rspecs-new-message-expectation-syntax/
+  #   - http://rspec.info/blog/2014/05/notable-changes-in-rspec-3/#zero-monkey-patching-mode
+  config.disable_monkey_patching!
+
+  # Many RSpec users commonly either run the entire suite or an individual
+  # file, and it's useful to allow more verbose output when running an
+  # individual spec file.
+  if config.files_to_run.one?
+    # Use the documentation formatter for detailed output,
+    # unless a formatter has already been configured
+    # (e.g. via a command-line flag).
+    config.default_formatter = 'doc'
+  end
+
+  # Print the 10 slowest examples and example groups at the
+  # end of the spec run, to help surface which specs are running
+  # particularly slow.
+  config.profile_examples = 10
+
+  # Run specs in random order to surface order dependencies. If you find an
+  # order dependency and want to debug it, you can fix the order by providing
+  # the seed, which is printed after each run.
+  #     --seed 1234
+  config.order = :random
+
+  # Seed global randomization in this process using the `--seed` CLI option.
+  # Setting this allows you to use `--seed` to deterministically reproduce
+  # test failures related to randomization by passing the same `--seed` value
+  # as the one that triggered the failure.
+  Kernel.srand config.seed
+end

data/spec/support/config/cert_watch.rb

@@ -0,0 +1,7 @@
+RSpec.configure do |config|
+  config.before do
+    CertWatch.setup
+    CertWatch.client = Doubles.client
+    CertWatch.installer = Doubles.installer
+  end
+end

data/spec/support/config/factory_girl.rb

@@ -0,0 +1,11 @@
+require 'factory_girl_rails'
+
+RSpec.configure do |config|
+  # Allow to use build and create methods without FactoryGirl prefix.
+  config.include FactoryGirl::Syntax::Methods
+
+  # Make sure factories are up to date when using spring
+  config.before(:all) do
+    FactoryGirl.reload
+  end
+end

data/spec/support/config/resque_logger.rb

@@ -0,0 +1,16 @@
+require 'fileutils'
+log_dir = Rails.root.join('log', 'jobs', Rails.env)
+
+RSpec.configure do |config|
+  config.before(:all) do
+    FileUtils.mkdir_p(log_dir)
+  end
+end
+
+Resque.logger_config = {
+  folder: log_dir,
+  class_name: Logger,
+  class_args: ['daily', 1.kilobyte],
+  level:      Logger::INFO,
+  formatter:  Logger::Formatter.new
+}

data/spec/support/config/timecop.rb

@@ -0,0 +1,21 @@
+require 'timecop'
+
+RSpec.configure do |config|
+  config.before(:each) do
+    Timecop.freeze(Time.local(2013))
+  end
+
+  config.before(:each, capybara_feature: true) do
+    # Do not freeze time in capybara tests to enable waiting for elements
+    Timecop.travel(Time.local(2013))
+  end
+
+  config.before(:each, integration: true) do
+    # Do not freeze time in integration tests
+    Timecop.return
+  end
+
+  config.after(:each) do
+    Timecop.return
+  end
+end

data/spec/support/helpers/doubles.rb

@@ -0,0 +1,28 @@
+module Doubles
+  extend RSpec::Mocks::ExampleMethods
+  extend self
+
+  def client
+    instance_double('CertWatch::Client').tap do |double|
+      allow(double).to receive(:renew).and_return(:ok)
+    end
+  end
+
+  def failing_client
+    instance_double('CertWatch::Client').tap do |double|
+      allow(double).to receive(:renew).and_raise(CertWatch::RenewError)
+    end
+  end
+
+  def installer
+    instance_double('CertWatch::Installer').tap do |double|
+      allow(double).to receive(:install).and_return(:ok)
+    end
+  end
+
+  def failing_installer
+    instance_double('CertWatch::Installer').tap do |double|
+      allow(double).to receive(:install).and_raise(CertWatch::InstallError)
+    end
+  end
+end

data/spec/support/helpers/fixtures.rb

@@ -0,0 +1,25 @@
+require 'fileutils'
+
+module Fixtures
+  extend self
+
+  def directory(path)
+    FileUtils.mkdir_p(path)
+  end
+
+  def file(path, contents = '')
+    FileUtils.mkdir_p(File.dirname(path))
+    File.write(path, contents)
+    Pathname.new(path)
+  end
+end
+
+RSpec.configure do |config|
+  config.around(:example, fixture_files: true) do |example|
+    Dir.mktmpdir('cert_watch_spec') do |dir|
+      Dir.chdir(dir) do
+        example.call
+      end
+    end
+  end
+end

data/spec/support/helpers/inline_resque.rb

@@ -0,0 +1,9 @@
+RSpec.configure do |config|
+  config.before(:each, inline_resque: true) do
+    Resque.inline = true
+  end
+
+  config.after(:each, inline_resque: true) do
+    Resque.inline = false
+  end
+end

data/spec/support/helpers/view_component_example_group.rb

@@ -0,0 +1,31 @@
+module ViewComponentExampleGroup
+  extend ActiveSupport::Concern
+  include RSpec::Rails::RailsExampleGroup
+  include ActionView::TestCase::Behavior
+  include Capybara::RSpecMatchers
+
+  included do
+    attr_reader :rendered
+  end
+
+  def arbre(&block)
+    Arbre::Context.new({}, _view, &block)
+  end
+
+  def helper
+    _view
+  end
+
+  def render(builder_method, *args, &block)
+    @rendered =
+      if block_given?
+        arbre(&block).to_s
+      else
+        arbre.send(builder_method, *args, &block)
+      end
+  end
+end
+
+RSpec.configure do |config|
+  config.include(ViewComponentExampleGroup, type: :view_component)
+end