chake 0.90.3 → 0.91
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.manifest +1 -0
- data/ChangeLog.md +9 -0
- data/README.md +22 -3
- data/Rakefile +1 -1
- data/activate.sh +3 -0
- data/bin/chake +1 -1
- data/lib/chake/config_manager/itamae.rb +4 -1
- data/lib/chake/config_manager/itamae_remote.rb +4 -1
- data/lib/chake/version.rb +1 -1
- data/lib/chake.rb +15 -5
- metadata +4 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6fe9cf47e4e7590cb5a32366622afc40947318a280a958615c927b5f50bd82a6
|
4
|
+
data.tar.gz: 415f634b59bdb86ad59e582e8685ddd85891d4df66a54d81f9cc0c8bfa7e6e26
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9840c830bdbb3469a7458ac19eeeb4518a75a07ae35937326a02c437be8a6b809adb5bb89d45ac3bad86703f3c2068139378b300e057bb119d3b4249d7b38285
|
7
|
+
data.tar.gz: 2d85e0d8e47a6ce2a5b189bbe9cc81b0b58913c7089fa60f7b61697787e37b58dc7356c7626c64c37915f0ba72e104c38d5f67da5d134a925f13f98315470963
|
data/.manifest
CHANGED
data/ChangeLog.md
CHANGED
@@ -1,3 +1,12 @@
|
|
1
|
+
# 0.91
|
2
|
+
|
3
|
+
- itamae: handle empty recipe list
|
4
|
+
- Add support for configuring encrypted files explicitly
|
5
|
+
- itamae-remote: handle empty recipe list
|
6
|
+
- Rakefile: deb:install: install dependencies as well
|
7
|
+
- activate.sh: add script to use this source dir in a shell
|
8
|
+
- Make rsync invocations quiet by default
|
9
|
+
|
1
10
|
# 0.90.3
|
2
11
|
|
3
12
|
- `itamae_spec`: fix rspec warning about syntax for `expect { }.to raise`
|
data/README.md
CHANGED
@@ -265,9 +265,28 @@ end
|
|
265
265
|
|
266
266
|
### Encrypted files
|
267
267
|
|
268
|
-
|
269
|
-
|
270
|
-
|
268
|
+
`chake` supports encrypted files matching either `\*.gpg` or `\*.asc`. There are
|
269
|
+
two ways of specicying per-host encrypted files:
|
270
|
+
|
271
|
+
1. listing them in the `encrypted` attribute in the node configuration file.
|
272
|
+
Example:
|
273
|
+
|
274
|
+
```yaml
|
275
|
+
host1.mycompany.com:
|
276
|
+
itamae:
|
277
|
+
- roles/basic.rb
|
278
|
+
encrypted:
|
279
|
+
- foo.txt.asc
|
280
|
+
```
|
281
|
+
2. (deprecated) any files matching
|
282
|
+
`\*\*/files/{default,host-#{node}}/\*.{asc,gpg}` and
|
283
|
+
`\*\*/files/\*.{asc,gpg}`, **if** `encrypted` is not defined in the node
|
284
|
+
configuration.
|
285
|
+
|
286
|
+
|
287
|
+
They will be decrypted with GnuPG before being sent to the node (for the
|
288
|
+
configuration management tools that required files to be sent), without the
|
289
|
+
`\*.asc` or `\*.gpg` extension. You can use them to store passwords and other
|
271
290
|
sensitive information (SSL keys, etc) in the repository together with the rest
|
272
291
|
of the configuration.
|
273
292
|
|
data/Rakefile
CHANGED
@@ -36,7 +36,7 @@ desc 'Builds and installs Debian package'
|
|
36
36
|
task 'deb:install' => 'build:debsrc' do
|
37
37
|
chdir "pkg/#{pkg.name}-#{pkg.version}" do
|
38
38
|
sh 'dpkg-buildpackage --diff-ignore=version.rb -us -uc'
|
39
|
-
sh '
|
39
|
+
sh 'sudo apt-get install -qy --reinstall $(debc --list-debs)'
|
40
40
|
end
|
41
41
|
end
|
42
42
|
|
data/activate.sh
ADDED
data/bin/chake
CHANGED
data/lib/chake/version.rb
CHANGED
data/lib/chake.rb
CHANGED
@@ -31,18 +31,28 @@ task :nodes do
|
|
31
31
|
end
|
32
32
|
|
33
33
|
def encrypted_for(node)
|
34
|
-
encrypted_files =
|
34
|
+
encrypted_files = Array(node.data['encrypted'])
|
35
|
+
if encrypted_files.empty?
|
36
|
+
encrypted_files = Dir.glob("**/files/{default,host-#{node.hostname}}/*.{asc,gpg}") + Dir.glob('**/files/*.{asc,gpg}')
|
37
|
+
end
|
35
38
|
encrypted_files.each_with_object({}) do |key, hash|
|
36
39
|
hash[key] = key.sub(/\.(asc|gpg)$/, '')
|
37
40
|
end
|
38
41
|
end
|
39
42
|
|
43
|
+
desc 'list encrypted files per node'
|
44
|
+
task :encrypted do
|
45
|
+
Chake.nodes.each do |node|
|
46
|
+
puts "#{node.hostname}: #{Array(encrypted_for(node).keys).join(', ')}"
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
40
50
|
def maybe_decrypt(node)
|
41
51
|
if node.needs_upload?
|
42
52
|
return yield
|
43
53
|
end
|
44
54
|
|
45
|
-
files = encrypted_for(node
|
55
|
+
files = encrypted_for(node)
|
46
56
|
files.each do |encrypted, target|
|
47
57
|
sh "gpg --use-agent --quiet --decrypt --output #{target} #{encrypted}"
|
48
58
|
end
|
@@ -131,15 +141,15 @@ Chake.nodes.each do |node|
|
|
131
141
|
task "upload:#{hostname}" => ["bootstrap:#{hostname}", :upload_common] do
|
132
142
|
next unless node.needs_upload?
|
133
143
|
|
134
|
-
encrypted = encrypted_for(
|
144
|
+
encrypted = encrypted_for(node)
|
135
145
|
rsync_excludes = (encrypted.values + encrypted.keys).map { |f| ['--exclude', f] }.flatten
|
136
146
|
rsync_excludes << '--exclude' << '.git/'
|
137
147
|
rsync_excludes << '--exclude' << 'cache/'
|
138
148
|
rsync_excludes << '--exclude' << 'nodes/'
|
139
149
|
rsync_excludes << '--exclude' << 'local-mode-cache/'
|
140
150
|
|
141
|
-
rsync = node.rsync + ['-
|
142
|
-
rsync_logging = (Rake.application.options.
|
151
|
+
rsync = node.rsync + ['-ap'] + ENV.fetch('CHAKE_RSYNC_OPTIONS', '').split
|
152
|
+
rsync_logging = (Rake.application.options.trace && '--verbose') || '--quiet'
|
143
153
|
|
144
154
|
hash_files = Dir.glob(File.join(Chake.tmpdir, '*.sha1sum'))
|
145
155
|
files = Dir.glob('**/*').reject { |f| File.directory?(f) } - encrypted.keys - encrypted.values - hash_files
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: chake
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: '0.91'
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Antonio Terceiro
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-
|
11
|
+
date: 2023-12-17 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -121,6 +121,7 @@ files:
|
|
121
121
|
- README.md
|
122
122
|
- README.shell.md
|
123
123
|
- Rakefile
|
124
|
+
- activate.sh
|
124
125
|
- bin/chake
|
125
126
|
- chake.gemspec
|
126
127
|
- chake.spec.erb
|
@@ -199,7 +200,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
199
200
|
- !ruby/object:Gem::Version
|
200
201
|
version: '0'
|
201
202
|
requirements: []
|
202
|
-
rubygems_version: 3.
|
203
|
+
rubygems_version: 3.4.20
|
203
204
|
signing_key:
|
204
205
|
specification_version: 4
|
205
206
|
summary: serverless configuration management tool for chef
|