conjur-debify 0.2.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 7d727bf95156d23c5fdcc395e95fc6308f459632
+  data.tar.gz: 5783389c1eb795cf8c6ee675ce2d2695867f795c
+SHA512:
+  metadata.gz: 536d4fe0a144a7b88f29fe9d8ac5c437bc934cd1a4db2b5cabbf030a6a54185b451e266b3a98bae203651bb9d27561ecb92d161690adc6477902dbe5a339fc51
+  data.tar.gz: 7b0c04adb847da5ab1ad69463ae5c8027059f9c765bf04896160d661e92b4f42e47fe16189e181e38c2d5a36520be9c25e67094e9c9edc9687e77512d7917d62

data/.gitignore

@@ -0,0 +1,17 @@
+features/reports
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+*.bundle
+*.so
+*.o
+*.a
+results.html
+mkmf.log
+*.deb

data/.project

@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+	<name>debify</name>
+	<comment></comment>
+	<projects>
+	</projects>
+	<buildSpec>
+		<buildCommand>
+			<name>com.aptana.ide.core.unifiedBuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+	</buildSpec>
+	<natures>
+		<nature>com.aptana.ruby.core.rubynature</nature>
+		<nature>com.aptana.projects.webnature</nature>
+	</natures>
+</projectDescription>

data/Gemfile

@@ -0,0 +1,2 @@
+source 'https://rubygems.org'
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2016 Kevin Gilpin
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,108 @@
+# Debify
+
+## Build a package
+
+Builds a Conjur Debian package from a Ruby gem.
+
+```
+$ debify help package
+NAME
+    package - Build a debian package for a project
+    
+SYNOPSIS
+    debify [global options] package [command options] project_name -- <fpm-arguments>
+
+DESCRIPTION
+    The package is built using fpm (https://github.com/jordansissel/fpm).
+
+    The project directory is required to contain:
+
+    * A Gemfile and Gemfile.lock * A shell script called debify.sh
+
+    debify.sh is invoked by the package build process to create any custom files, other than the project source tree. For example, config files can be
+    created in /opt/conjur/etc.
+
+    The distrib folder in the project source tree is intended to create scripts for package pre-install, post-install etc. The distrib folder is not
+    included in the deb package, so its contents should be copied to the file system or packaged using fpm arguments.
+
+    All arguments to this command which follow the double-dash are propagated to the fpm command. 
+
+COMMAND OPTIONS
+    -d, --dir=arg     - Set the current working directory (default: none)
+    -v, --version=arg - Specify the deb version; by default, it's computed from the Git tag (default: none)
+```
+
+### Example usage
+
+```sh-session
+$ package_name=$(debify package -d example -v 0.0.1 example -- --post-install /distrib/postinstall.sh)
+$ echo $package_name
+conjur-example_0.0.1_amd64.deb
+```
+
+## Test a package
+
+```
+$ debify help test
+NAME
+    test - Test a Conjur debian package in a Conjur appliance container
+
+SYNOPSIS
+    debify [global options] test [command options] project-name test-script
+
+DESCRIPTION
+    First, a Conjur appliance container is created and started. By default, the container image is registry.tld/conjur-appliance-cuke-master. An image tag
+    MUST be supplied. This image is configured with all the CONJUR_ environment variables setup for the local environment (appliance URL, cert path, admin
+    username and password, etc). The project source tree is also mounted into the container, at /src/<project-name>.
+
+    This command then waits for Conjur to initialize and be healthy. It proceeds by installing the conjur-<project-name>_latest_amd64.deb from the project
+    working directory.
+
+    Then the evoke "test-install" command is used to install the test code in the /src/<project-name>. Basically, the development bundle is installed and
+    the database configuration (if any) is setup.
+
+    Next, an optional "configure-script" from the project source tree is run, with the container id as the program argument. This command waits for Conjur
+    to be healthy again.
+
+    Finally, a test script from the project source tree is run, again with the container id as the program argument.
+
+    Then the Conjur container is deleted (use --keep to leave it running). 
+
+COMMAND OPTIONS
+    -c, --configure-script=arg - Shell script to configure the appliance before testing (default: none)
+    -d, --dir=arg              - Set the current working directory (default: none)
+    -i, --image=arg            - Image name (default: registry.tld/conjur-appliance-cuke-master)
+    -k, --[no-]keep            - Keep the Conjur appliance container after the command finishes
+    --[no-]pull                - Pull the image, even if it's in the Docker engine already (default: enabled)
+    -t, --image-tag=arg        - Image tag, e.g. 4.5-stable, 4.6-stable (default: none)
+```
+
+### Example usage
+
+```sh-session
+$ debify test -i conjur-appliance-cuke-master --image-tag 4.6-dev --no-pull -d example example test.sh
+```
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'debify'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install debify
+
+## Contributing
+
+1. Fork it ( https://github.com/[my-github-username]/debify/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create a new Pull Request

data/Rakefile

@@ -0,0 +1,49 @@
+require 'rake/clean'
+require 'rubygems'
+require 'rubygems/package_task'
+require 'rdoc/task'
+
+def cucumber?
+  require 'cucumber'
+  require 'cucumber/rake/task'
+rescue LoadError
+  false
+end
+
+Rake::RDocTask.new do |rd|
+  rd.main = "README.rdoc"
+  rd.rdoc_files.include("README.rdoc","lib/**/*.rb","bin/**/*")
+  rd.title = 'Your application title'
+end
+
+spec = eval(File.read('debify.gemspec'))
+
+Gem::PackageTask.new(spec) do |pkg|
+end
+
+if cucumber?
+  CUKE_RESULTS = 'results.html'
+  CLEAN << CUKE_RESULTS
+
+  desc 'Run features'
+  Cucumber::Rake::Task.new(:features) do |t|
+    opts = "features --format html -o #{CUKE_RESULTS} --format progress -x"
+    opts += " --tags #{ENV['TAGS']}" if ENV['TAGS']
+    t.cucumber_opts =  opts
+    t.fork = false
+  end
+
+  desc 'Run features tagged as work-in-progress (@wip)'
+  Cucumber::Rake::Task.new('features:wip') do |t|
+    tag_opts = ' --tags ~@pending'
+    tag_opts = ' --tags @wip'
+    t.cucumber_opts = "features --format html -o #{CUKE_RESULTS} --format pretty -x -s#{tag_opts}"
+    t.fork = false
+  end
+
+  task :cucumber => :features
+  task 'cucumber:wip' => 'features:wip'
+  task :wip => 'features:wip'
+end
+
+task :default => [:features]

data/bin/debify

@@ -0,0 +1,5 @@
+#!/usr/bin/env ruby
+require 'gli'
+require 'conjur/debify'
+
+exit run(ARGV)

data/debify.gemspec

@@ -0,0 +1,27 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'conjur/debify/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "conjur-debify"
+  spec.version       = Conjur::Debify::VERSION
+  spec.authors       = ["Kevin Gilpin"]
+  spec.email         = ["kgilpin@conjur.net"]
+  spec.summary       = %q{Utility commands to build and package Conjur services as Debian packages}
+  spec.homepage      = "https://github.com/conjurinc/debify"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+  
+  spec.add_dependency "gli"
+  spec.add_dependency "docker-api"
+
+  spec.add_development_dependency "bundler", "~> 1.7"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "cucumber"
+  spec.add_development_dependency "aruba"
+end

data/example/Gemfile

@@ -0,0 +1 @@
+source 'https://rubygems.org'

data/example/Gemfile.lock

@@ -0,0 +1,8 @@
+GEM
+  remote: https://rubygems.org/
+  specs:
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES

data/example/debify.sh

@@ -0,0 +1,3 @@
+#!/bin/bash -e
+
+echo "running debify.sh"

data/example/distrib/postinstall.sh

@@ -0,0 +1,8 @@
+#!/bin/sh -e
+# Example postinstall script.
+
+case $1 in
+  configure)
+	echo 'Executing post-install script'
+    ;;
+esac

data/example/test.sh

@@ -0,0 +1,3 @@
+#!/bin/bash -ex
+
+echo Test succeeded

data/features/debify.feature

@@ -0,0 +1,15 @@
+Feature: Packaging
+
+	@announce-output
+	Scenario: 'example' project can be packaged successfully
+		When I run `env DEBUG=true GLI_DEBUG=true debify package -d ../../example -v 0.0.1 example -- --post-install /distrib/postinstall.sh`
+		Then the exit status should be 0
+		And the stdout should contain exactly "conjur-example_0.0.1_amd64.deb"
+
+	@announce-output
+	Scenario: 'example' project can be tested successfully
+		Given I run `env DEBUG=true GLI_DEBUG=true debify package -d ../../example -v 0.0.1 example -- --post-install /distrib/postinstall.sh`
+		And the exit status should be 0
+		When I run `env DEBUG=true GLI_DEBUG=true debify test -t 4.6-stable -d ../../example --no-pull example test.sh`
+		Then the exit status should be 0
+		And the stderr should contain "Test succeeded"

data/features/step_definitions/debify_steps.rb

@@ -0,0 +1,6 @@
+When /^I get help for "([^"]*)"$/ do |app_name|
+  @app_name = app_name
+  step %(I run `#{app_name} help`)
+end
+
+# Add more step definitions here

data/features/support/env.rb

@@ -0,0 +1,19 @@
+require 'aruba/cucumber'
+
+ENV['PATH'] = "#{File.expand_path(File.dirname(__FILE__) + '/../../bin')}#{File::PATH_SEPARATOR}#{ENV['PATH']}"
+LIB_DIR = File.join(File.expand_path(File.dirname(__FILE__)),'..','..','lib')
+
+Aruba.configure do |config|
+  config.exit_timeout = 120
+end
+
+Before do
+  # Using "announce" causes massive warnings on 1.9.2
+  @puts = true
+  @original_rubylib = ENV['RUBYLIB']
+  ENV['RUBYLIB'] = LIB_DIR + File::PATH_SEPARATOR + ENV['RUBYLIB'].to_s
+end
+
+After do
+  ENV['RUBYLIB'] = @original_rubylib
+end

data/jenkins.sh

@@ -0,0 +1,6 @@
+#!/bin/bash -ex
+
+gem install -N bundler
+bundle
+rm -rf features/reports
+cucumber --format pretty --format junit --out features/reports || true

data/lib/conjur/debify.rb

@@ -0,0 +1,323 @@
+require "conjur/debify/version"
+require 'docker'
+require 'fileutils'
+
+include GLI::App
+
+# This is used to turn on DEBUG notices for the test case operation. For instance,
+# messages from "evoke configure"
+module DebugMixin
+  DEBUG = ENV['DEBUG']
+
+  def debug *a
+    DebugMixin.debug *a
+  end
+
+  def self.debug *a
+    $stderr.puts *a if DEBUG
+  end
+
+  def debug_write *a
+    DebugMixin.debug_write *a
+  end
+
+  def self.debug_write *a
+    $stderr.write *a if DEBUG
+  end
+
+  # you can give this to various docker methods to print output if debug is on
+  def self.docker_debug *a
+    if a.length == 2 && a[0].is_a?(Symbol)
+      debug a.last
+    else
+       a.each do |line|
+         line = JSON.parse(line)
+         line.keys.each do |k|
+           debug line[k]
+         end
+       end
+    end
+  end
+
+  DOCKER = method :docker_debug
+end
+
+program_desc 'Utility commands for building and testing Conjur appliance Debian packages'
+
+version Conjur::Debify::VERSION
+
+subcommand_option_handling :normal
+arguments :strict
+
+desc "Build a debian package for a project"
+long_desc <<DESC
+The package is built using fpm (https://github.com/jordansissel/fpm).
+
+The project directory is required to contain:
+
+* A Gemfile and Gemfile.lock
+* A shell script called debify.sh
+
+debify.sh is invoked by the package build process to create any custom 
+files, other than the project source tree. For example, config files can be 
+created in /opt/conjur/etc.
+
+The distrib folder in the project source tree is intended to create scripts
+for package pre-install, post-install etc. The distrib folder is not included
+in the deb package, so its contents should be copied to the file system or 
+packaged using fpm arguments.
+
+All arguments to this command which follow the double-dash are propagated to 
+the fpm command.
+DESC
+arg_name "project-name -- <fpm-arguments>"
+command "package" do |c|
+  c.desc "Set the current working directory"
+  c.flag [ :d, "dir" ]
+  
+  c.desc "Specify the deb version; by default, it's computed from the Git tag"
+  c.flag [ :v, :version ]
+  
+  c.action do |global_options,cmd_options,args|
+    raise "project-name is required" unless project_name = args.shift
+    fpm_args = []
+    if (delimeter = args.shift) == '--'
+      fpm_args = args.dup
+    else
+      raise "Unexpected argument '#{delimiter}'"
+    end
+    
+    dir = cmd_options[:dir] || '.'
+    pwd = File.dirname(__FILE__)
+    version = cmd_options[:version]
+
+    fpm_image = Docker::Image.build_from_dir File.expand_path('fpm', File.dirname(__FILE__)), tag: "debify-fpm", &DebugMixin::DOCKER
+    DebugMixin.debug_write "Built base fpm image '#{fpm_image.id}'\n"
+    dir = File.expand_path(dir)
+    Dir.chdir dir do
+      unless version
+        version = `git describe --long --tags --abbrev=7 | sed -e 's/^v//'`.strip
+        raise "No Git version (tag) for project '#{project_name}'" if version.empty?
+      end
+
+      package_name = "conjur-#{project_name}_#{version}_amd64.deb"
+      
+      output = StringIO.new
+      Gem::Package::TarWriter.new(output) do |tar|
+        `git ls-files -z`.split("\x0").each do |fname|
+          stat = File.stat(fname)
+          tar.add_file(fname, stat.mode) { |tar_file| tar_file.write(File.read(fname)) }
+        end
+        tar.add_file('Dockerfile', 0640) { |tar_file| tar_file.write File.read(File.expand_path("debify/Dockerfile.fpm", pwd)).gsub("@@image@@", fpm_image.id) }
+      end
+      output.rewind
+        
+      image = Docker::Image.build_from_tar output, &DebugMixin::DOCKER
+
+      DebugMixin.debug_write "Built fpm image '#{image.id}' for project #{project_name}\n"
+
+      # Make it under HOME so that Docker can map the volume on MacOS
+      tempdir = File.expand_path((0...50).map { ('a'..'z').to_a[rand(26)] }.join, ENV['HOME'])
+      FileUtils.mkdir tempdir
+      at_exit do
+        FileUtils.rm_rf tempdir
+      end
+      
+      options = {
+        'Cmd'   => [ project_name, version ] + fpm_args,
+        'Image' => image.id,
+        'Binds' => [
+          [ tempdir, '/dist' ].join(':')
+        ]
+      }
+      
+      container = Docker::Container.create options
+      begin
+        DebugMixin.debug_write "Packaging #{project_name} in container #{container.id}\n"
+        container.tap(&:start).attach { |stream, chunk| $stderr.puts chunk }
+        status = container.wait
+        raise "Failed to package #{project_name}" unless status['StatusCode'] == 0
+        
+        deb_file = nil
+        Dir.chdir(tempdir) do
+          deb_file = Dir["*.deb"]
+          raise "Expected one deb file, got #{deb_file.join(', ')}" unless deb_file.length == 1
+          deb_file = deb_file[0]
+          FileUtils.cp deb_file, dir
+        end
+        FileUtils.ln_sf deb_file, deb_file.gsub(version, "latest")
+        puts File.basename(deb_file)
+      ensure
+        container.delete(force: true)
+      end
+    end
+  end
+end
+
+desc "Test a Conjur debian package in a Conjur appliance container"
+long_desc <<DESC
+First, a Conjur appliance container is created and started. By default, the
+container image is registry.tld/conjur-appliance-cuke-master. An image tag
+MUST be supplied. This image is configured with all the CONJUR_ environment
+variables setup for the local environment (appliance URL, cert path, admin username and
+password, etc). The project source tree is also mounted into the container, at
+/src/<project-name>.
+
+This command then waits for Conjur to initialize and be healthy. It proceeds by
+installing the conjur-<project-name>_latest_amd64.deb from the project working directory.
+
+Then the evoke "test-install" command is used to install the test code in the 
+/src/<project-name>. Basically, the development bundle is installed and the database
+configuration (if any) is setup.
+
+Next, an optional "configure-script" from the project source tree is run, with the 
+container id as the program argument. This command waits for Conjur to be healthy again.
+
+Finally, a test script from the project source tree is run, again with the container
+id as the program argument. 
+
+Then the Conjur container is deleted (use --keep to leave it running).
+DESC
+arg_name "project-name test-script"
+command "test" do |c|
+  c.desc "Set the current working directory"
+  c.flag [ :d, :dir ]
+
+  c.desc "Keep the Conjur appliance container after the command finishes"
+  c.default_value false
+  c.switch [ :k, :keep ]
+
+  c.desc "Image name"
+  c.default_value "registry.tld/conjur-appliance-cuke-master"
+  c.flag [ :i, :image ]
+  
+  c.desc "Image tag, e.g. 4.5-stable, 4.6-stable"
+  c.flag [ :t, "image-tag"]
+  
+  c.desc "Pull the image, even if it's in the Docker engine already"
+  c.default_value true
+  c.switch [ :pull ]
+    
+  c.desc "Shell script to configure the appliance before testing"
+  c.flag [ :c, "configure-script" ]
+    
+  c.action do |global_options,cmd_options,args|
+    raise "project-name is required" unless project_name = args.shift
+    raise "test-script is required" unless test_script = args.shift
+    
+    dir = cmd_options[:dir] || '.'
+    dir = File.expand_path(dir)
+    
+    raise "Directory #{dir} does not exist or is not a directory" unless File.directory?(dir)
+    raise "Directory #{dir} does not contain a .deb file" unless Dir["#{dir}/*.deb"].length >= 1
+    
+    Dir.chdir dir do
+      image_tag = cmd_options["image-tag"] or raise "image-tag is required"
+      appliance_image_id = [ cmd_options[:image], image_tag ].join(":")
+      configure_script = cmd_options["configure-script"]
+        
+      raise "#{configure_script} does not exist or is not a file" unless configure_script.nil? || File.file?(configure_script)
+      raise "#{test_script} does not exist or is not a file" unless File.file?(test_script)
+        
+      appliance_image = if cmd_options[:pull]
+        Docker::Image.create 'fromImage' => appliance_image_id, &DebugMixin::DOCKER
+      else
+        Docker::Image.get(appliance_image_id)
+      end
+      
+      options = {
+        'Image' => appliance_image.id,
+        'Env' => [
+          "CONJUR_APPLIANCE_URL=https://localhost/api",
+          "CONJUR_ACCOUNT=cucumber",
+          "CONJUR_CERT_FILE=/opt/conjur/etc/ssl/ca.pem",
+          "CONJUR_AUTHN_LOGIN=admin",
+          "CONJUR_ENV=production",
+          "CONJUR_AUTHN_API_KEY=secret",
+          "CONJUR_ADMIN_PASSWORD=secret",
+        ],
+        'Binds' => [
+          [ dir, "/src/#{project_name}" ].join(':')
+        ]
+      }
+      
+      container = Docker::Container.create(options)
+      
+      def wait_for_conjur appliance_image, container
+        wait_options = {
+          'Image' => appliance_image.id,
+          'Entrypoint' => '/opt/conjur/evoke/bin/wait_for_conjur',
+          'HostConfig' => {
+            'Links' => [
+              [ container.id, 'conjur' ].join(":")
+            ]
+          }
+        }
+  
+        wait_container = Docker::Container.create wait_options
+        begin
+          spawn("docker logs -f #{wait_container.id}", [ :out, :err ] => $stderr).tap do |pid|
+            Process.detach pid
+          end
+          wait_container.start
+          status = wait_container.wait
+          raise "wait_for_conjur failed" unless status['StatusCode'] == 0
+        ensure
+          wait_container.delete(force: true)
+        end
+      end
+      
+      begin
+        DebugMixin.debug_write "Testing #{project_name} in container #{container.id}\n"
+        spawn("docker logs -f #{container.id}", [ :out, :err ] => $stderr).tap do |pid|
+          Process.detach pid
+        end
+        container.start
+        
+        DebugMixin.debug_write "Waiting for Conjur\n"
+        wait_for_conjur appliance_image, container
+        
+        DebugMixin.debug_write "Installing #{project_name}\n"
+        
+        stdout, stderr, exitcode = container.exec [ "dpkg", "-i", "/src/#{project_name}/conjur-#{project_name}_latest_amd64.deb" ], &DebugMixin::DOCKER
+        exit_now! "deb install failed", exitcode unless exitcode == 0
+        stdout, stderr, exitcode = container.exec [ "/opt/conjur/evoke/bin/test-install", project_name ], &DebugMixin::DOCKER
+        exit_now! "test-install failed", exitcode unless exitcode == 0
+  
+        wait_for_conjur appliance_image, container
+  
+        if configure_script
+          system "./#{configure_script} #{container.id}"
+          exit_now! "#{configure_script} failed with exit code #{$?.exitstatus}", $?.exitstatus unless $?.exitstatus == 0
+          wait_for_conjur appliance_image, container
+        end
+  
+        system "./#{test_script} #{container.id}"
+        exit_now! "#{test_script} failed with exit code #{$?.exitstatus}", $?.exitstatus unless $?.exitstatus == 0
+      ensure
+        container.delete(force: true) unless cmd_options[:keep]
+      end
+    end
+  end
+end
+  
+pre do |global,command,options,args|
+  # Pre logic here
+  # Return true to proceed; false to abort and not call the
+  # chosen command
+  # Use skips_pre before a command to skip this block
+  # on that command only
+  true
+end
+
+post do |global,command,options,args|
+  # Post logic here
+  # Use skips_post before a command to skip this
+  # block on that command only
+end
+
+on_error do |exception|
+  # Error logic here
+  # return false to skip default error handling
+  true
+end

data/lib/conjur/debify/Dockerfile.fpm

@@ -0,0 +1,17 @@
+FROM @@image@@
+
+RUN mkdir -p /src/opt/conjur/project
+
+WORKDIR /src/opt/conjur/project
+
+COPY Gemfile ./
+COPY Gemfile.lock ./
+
+RUN bundle --deployment --without "test development"
+RUN mkdir -p .bundle
+RUN cp /usr/local/bundle/config .bundle/config
+
+COPY . .
+ADD debify.sh /
+
+WORKDIR /src

data/lib/conjur/debify/version.rb

@@ -0,0 +1,5 @@
+module Conjur
+  module Debify
+    VERSION = "0.2.0"
+  end
+end

data/lib/conjur/fpm/Dockerfile

@@ -0,0 +1,12 @@
+FROM ruby:2.0
+
+RUN apt-get update -y && apt-get install -y build-essential
+
+RUN gem install --no-rdoc --no-ri bundler fpm
+
+RUN mkdir /src
+
+COPY debify_utils.sh /
+COPY package.sh      /
+
+ENTRYPOINT [ "/package.sh" ]

data/lib/conjur/fpm/debify_utils.sh

@@ -0,0 +1,12 @@
+function bundle_clean() {
+        chmod og+r -R vendor/bundle # some gems have broken perms
+
+        gem install bundler --no-rdoc --no-ri --install-dir ./vendor/bundle/ruby/2.0.0
+
+        # some cleanup
+        rm -rf vendor/bundle/ruby/2.0.0/cache
+        rm -rf vendor/bundle/ruby/2.0.0/gems/*/{test,spec,examples,example,contrib,doc,ext,sample}
+        
+        # Ruby 2.0 is ruby2.0 in ubuntu, fix shebangs
+        sed -i -e '1 c #!/usr/bin/env ruby2.0' vendor/bundle/ruby/2.0.0/bin/*
+}

data/lib/conjur/fpm/package.sh

@@ -0,0 +1,51 @@
+#!/bin/bash -ex
+
+project_name=$1
+shift
+version=$1
+shift
+
+if [ -z "$project_name" ]; then
+	echo Project name argument is required
+	exit 1
+fi
+if [ -z "$version" ]; then
+	echo Version argument is required
+	exit 1
+fi
+
+package_name=conjur-"$project_name"_"$version"_amd64.deb
+
+echo Building $package_name
+
+mv /src/opt/conjur/project /src/opt/conjur/$project_name
+
+cd /src/opt/conjur/$project_name
+
+source /debify_utils.sh
+bundle_clean
+
+cd /src
+
+mkdir -p opt/conjur/etc
+
+/debify.sh
+
+[ -d opt/conjur/"$project_name"/distrib ] && mv opt/conjur/"$project_name"/distrib /
+
+fpm -s dir -t deb -n conjur-$project_name -v $version -C . \
+	--maintainer "Conjur Inc." \
+	--vendor "Conjur Inc." \
+	--license "Proprietary" \
+	--url "https://www.conjur.net" \
+	--deb-no-default-config-files \
+	--config-files opt/conjur/etc \
+	--deb-user conjur \
+	--deb-group conjur \
+	--depends ruby2.0 \
+	--description "Conjur $project_name service" \
+	"$@"
+
+ls -al *.deb
+
+cp *.deb /dist/

metadata

@@ -0,0 +1,156 @@
+--- !ruby/object:Gem::Specification
+name: conjur-debify
+version: !ruby/object:Gem::Version
+  version: 0.2.0
+platform: ruby
+authors:
+- Kevin Gilpin
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2016-01-07 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: gli
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: docker-api
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.7'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: cucumber
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: aruba
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: 
+email:
+- kgilpin@conjur.net
+executables:
+- debify
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .project
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/debify
+- debify.gemspec
+- example/Gemfile
+- example/Gemfile.lock
+- example/debify.sh
+- example/distrib/postinstall.sh
+- example/test.sh
+- features/debify.feature
+- features/step_definitions/debify_steps.rb
+- features/support/env.rb
+- jenkins.sh
+- lib/conjur/debify.rb
+- lib/conjur/debify/Dockerfile.fpm
+- lib/conjur/debify/version.rb
+- lib/conjur/fpm/Dockerfile
+- lib/conjur/fpm/debify_utils.sh
+- lib/conjur/fpm/package.sh
+homepage: https://github.com/conjurinc/debify
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.0.14.1
+signing_key: 
+specification_version: 4
+summary: Utility commands to build and package Conjur services as Debian packages
+test_files:
+- features/debify.feature
+- features/step_definitions/debify_steps.rb
+- features/support/env.rb
+has_rdoc: