dapp 0.12.8 → 0.13.0

data/lib/dapp/kube/secret.rb

@@ -0,0 +1,93 @@
+module Dapp
+  module Kube
+    class Secret
+      attr_reader :key
+
+      def initialize(key)
+        self.class._validate_key!(key)
+        @key = key
+      end
+
+      def generate(value)
+        cipher = self.class._openssl_cipher
+        cipher.encrypt
+        cipher.key = self.class._hex_to_binary key
+        iv = cipher.random_iv
+
+        iv_size_prefix = [iv.bytesize].pack('S')
+        encrypted = cipher.update(value.to_s) + cipher.final
+
+        self.class._binary_to_hex "#{iv_size_prefix}#{iv}#{encrypted}"
+      end
+
+      def extract(hexdata)
+        data = self.class._hex_to_binary hexdata.to_s
+
+        iv_size = data.unpack('S').first
+        data = data.byteslice(2..-1)
+        raise ExtractionError, code: :bad_data, data: {data: hexdata} unless data
+
+        iv = data.byteslice(0, iv_size)
+        data = data.byteslice(iv_size..-1)
+        raise ExtractionError, code: :bad_data, data: {data: hexdata} unless data
+
+        decipher = self.class._openssl_cipher
+        decipher.decrypt
+        decipher.key = self.class._hex_to_binary(key)
+
+        begin
+          decipher.iv = iv
+        rescue OpenSSL::Cipher::CipherError
+          raise ExtractionError, code: :bad_data, data: {data: hexdata}
+        end
+
+        begin
+          value = decipher.update(data) + decipher.final
+        rescue OpenSSL::Cipher::CipherError
+          raise ExtractionError, code: :bad_data, data: {data: hexdata}
+        end
+        value.force_encoding('utf-8')
+      end
+
+      class << self
+        def generate_key
+          _binary_to_hex _openssl_cipher.random_key
+        end
+
+        def _openssl_cipher
+          OpenSSL::Cipher::AES.new(128, :CBC)
+        end
+
+        def _hex_to_binary(key)
+          [key].pack('H*')
+        end
+
+        def _binary_to_hex(key)
+          key.unpack('H*').first
+        end
+
+        def _validate_key!(key)
+          # Требуется 128 битный ключ — это 16 байт.
+          # Ключ закодирован в hex кодировке для пользователя.
+          # 2 hex символа на 1 байт в hex кодировке.
+          # Поэтому требуется длина ключа в hex кодировке в 32 символа.
+          if key.bytesize < 32
+            raise InvalidKeyError, code: :key_length_too_short, data: {required_size: 32}
+          end
+        end
+      end
+
+      class Error < ::Dapp::Deployment::Error::Base
+        def initialize(**net_status)
+          super(net_status.merge(context: :secret))
+        end
+      end
+
+      class InvalidKeyError < Error
+      end
+
+      class ExtractionError < Error
+      end
+    end
+  end
+end

data/lib/dapp/version.rb

@@ -1,4 +1,4 @@
 module Dapp
-  VERSION = '0.12.8'.freeze
+  VERSION = '0.13.0'.freeze
   BUILD_CACHE_VERSION = 13
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dapp
 version: !ruby/object:Gem::Version
-  version: 0.12.8
+  version: 0.13.0
 platform: ruby
 authors:
 - Dmitry Stolyarov
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-03-16 00:00:00.000000000 Z
+date: 2017-05-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: mixlib-shellout
@@ -166,34 +166,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 0.1.6
-- !ruby/object:Gem::Dependency
-  name: sentry-raven
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 2.7.2
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 2.7.2
-- !ruby/object:Gem::Dependency
-  name: toml-rb
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 1.1.1
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 1.1.1
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -448,7 +420,6 @@ files:
 - lib/dapp/dapp/logging/i18n.rb
 - lib/dapp/dapp/logging/paint.rb
 - lib/dapp/dapp/logging/process.rb
-- lib/dapp/dapp/sentry.rb
 - lib/dapp/dapp/shellout/base.rb
 - lib/dapp/dapp/shellout/streaming.rb
 - lib/dapp/dapp/ssh_agent.rb
@@ -460,8 +431,6 @@ files:
 - lib/dapp/deployment/cli/command/deployment/apply.rb
 - lib/dapp/deployment/cli/command/deployment/minikube_setup.rb
 - lib/dapp/deployment/cli/command/deployment/mrproper.rb
-- lib/dapp/deployment/cli/command/deployment/secret_generate.rb
-- lib/dapp/deployment/cli/command/deployment/secret_key_generate.rb
 - lib/dapp/deployment/config/config.rb
 - lib/dapp/deployment/config/directive/app.rb
 - lib/dapp/deployment/config/directive/app/instance_methods.rb
@@ -479,8 +448,6 @@ files:
 - lib/dapp/deployment/dapp/command/common.rb
 - lib/dapp/deployment/dapp/command/minikube_setup.rb
 - lib/dapp/deployment/dapp/command/mrproper.rb
-- lib/dapp/deployment/dapp/command/secret_generate.rb
-- lib/dapp/deployment/dapp/command/secret_key_generate.rb
 - lib/dapp/deployment/dapp/dapp.rb
 - lib/dapp/deployment/dapp/dappfile.rb
 - lib/dapp/deployment/deployment.rb
@@ -649,7 +616,26 @@ files:
 - lib/dapp/helper/net_status.rb
 - lib/dapp/helper/sha256.rb
 - lib/dapp/helper/trivia.rb
-- lib/dapp/helper/url.rb
+- lib/dapp/kube.rb
+- lib/dapp/kube/cli/cli.rb
+- lib/dapp/kube/cli/command/base.rb
+- lib/dapp/kube/cli/command/kube.rb
+- lib/dapp/kube/cli/command/kube/deploy.rb
+- lib/dapp/kube/cli/command/kube/dismiss.rb
+- lib/dapp/kube/cli/command/kube/secret_file_encrypt.rb
+- lib/dapp/kube/cli/command/kube/secret_generate.rb
+- lib/dapp/kube/cli/command/kube/secret_key_generate.rb
+- lib/dapp/kube/dapp/command/common.rb
+- lib/dapp/kube/dapp/command/deploy.rb
+- lib/dapp/kube/dapp/command/dismiss.rb
+- lib/dapp/kube/dapp/command/secret_file_encrypt.rb
+- lib/dapp/kube/dapp/command/secret_generate.rb
+- lib/dapp/kube/dapp/command/secret_key_generate.rb
+- lib/dapp/kube/dapp/dapp.rb
+- lib/dapp/kube/error/base.rb
+- lib/dapp/kube/error/command.rb
+- lib/dapp/kube/kubernetes.rb
+- lib/dapp/kube/secret.rb
 - lib/dapp/prctl.rb
 - lib/dapp/version.rb
 homepage: https://github.com/flant/dapp
@@ -672,7 +658,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: 2.5.0
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.1
+rubygems_version: 2.4.8
 signing_key: 
 specification_version: 4
 summary: Build docker packaged apps using chef or shell

data/lib/dapp/dapp/sentry.rb

@@ -1,112 +0,0 @@
-module Dapp
-  class Dapp
-    module Sentry
-      def sentry_message(msg, **kwargs)
-        return if not ensure_sentry_configured
-        kwargs[:level] ||= "info"
-        Raven.capture_message(msg, _make_sentry_params(**kwargs))
-      end
-
-      def sentry_exception(exception, **kwargs)
-        return if not ensure_sentry_configured
-        (kwargs[:tags] ||= {})['error-code'] = begin
-          net_status = exception.net_status
-          [net_status[:context], net_status[:code]].compact.join('_')
-        end
-        Raven.capture_exception(exception, _make_sentry_params(**kwargs))
-      end
-
-      def ensure_sentry_configured
-        return false unless sentry_settings = settings["sentry"]
-
-        unless @sentry_settings_configured
-          Raven.configure do |config|
-            logger = ::Logger.new(STDOUT)
-            logger.level = ::Logger::WARN
-
-            config.logger = logger
-            config.dsn = sentry_settings["dsn"]
-          end
-
-          @sentry_settings_configured = true
-        end
-
-        return true
-      end
-
-      def _make_sentry_params(level: nil, tags: {}, extra: {}, user: {})
-        {
-          level: level,
-          tags:  _sentry_tags_context.merge(tags),
-          extra: _sentry_extra_context.merge(extra),
-          user:  _sentry_user_context.merge(user),
-        }
-      end
-
-      def _sentry_extra_context
-        @_sentry_extra_context ||= {
-          "pwd" => Dir.pwd,
-          "dapp-dir" => self.work_dir,
-          "options" => self.options,
-          "env-options" => {
-            "DAPP_FORCE_SAVE_CACHE" => ENV["DAPP_FORCE_SAVE_CACHE"],
-            "DAPP_BIN_DAPPFILE_YML" => ENV["DAPP_BIN_DAPPFILE_YML"],
-            "ANSIBLE_ARGS" => ENV["ANSIBLE_ARGS"],
-            "DAPP_CHEF_DEBUG" => ENV["DAPP_CHEF_DEBUG"],
-          },
-        }.tap {|extra|
-          extra["ci-env"] = {"CI" => ENV["CI"]}
-          ENV.select {|k, v| k.start_with?("CI_")}.each do |k, v|
-            extra["ci-env"][k] = v
-          end
-        }
-      end
-
-      def _sentry_tags_context
-        name = options[:name] || 
-        @_sentry_tags_context ||= {
-          "dapp-short-version" => ::Dapp::VERSION.split(".")[0..1].join("."),
-          "dapp-version" => ::Dapp::VERSION,
-          "dapp-build-cache-version" => ::Dapp::BUILD_CACHE_VERSION,
-          "dapp-command" => self.options[:dapp_command],
-        }.tap {|tags|
-          git_config_path = File.join(Dir.pwd, ".git/config")
-
-          tags["dapp-name"] = options[:name]
-
-          if File.exists? git_config_path
-            cfg = IniFile.load(File.join(Dir.pwd, ".git/config"))
-            remote_origin_cfg = cfg['remote "origin"']
-            remote_origin_url = remote_origin_cfg["url"]
-            if remote_origin_url
-              tags["dapp-name"] ||= begin
-                repo_name = remote_origin_url.split('/').last
-                repo_name = repo_name[/.*(?=\.git)/] if repo_name.end_with? '.git'
-                repo_name
-              end
-
-              tags["git-host"] = self.get_host_from_git_url(remote_origin_url)
-
-              git_name = self.git_url_to_name(remote_origin_url)
-
-              tags["git-group"] = git_name.partition("/")[0]
-              tags["git-name"] = git_name
-            end
-          end
-
-          tags["dapp-name"] ||= File.basename(Dir.pwd)
-
-          begin
-            ver = self.class.host_docker_minor_version
-            tags["docker-minor-version"] = ver.to_s
-          rescue ::Exception
-          end
-        }
-      end
-
-      def _sentry_user_context
-        @_sentry_user_context ||= {}
-      end
-    end # Sentry
-  end # Dapp
-end # Dapp

data/lib/dapp/deployment/cli/command/deployment/secret_generate.rb

@@ -1,13 +0,0 @@
-module Dapp::Deployment::CLI::Command
-  class Deployment < ::Dapp::CLI
-    class SecretGenerate < Base
-      banner <<BANNER.freeze
-Usage:
-
-  dapp deployment secret generate
-
-Options:
-BANNER
-    end
-  end
-end

data/lib/dapp/deployment/cli/command/deployment/secret_key_generate.rb

@@ -1,13 +0,0 @@
-module Dapp::Deployment::CLI::Command
-  class Deployment < ::Dapp::CLI
-    class SecretKeyGenerate < Base
-      banner <<BANNER.freeze
-Usage:
-
-  dapp deployment secret key generate
-
-Options:
-BANNER
-    end
-  end
-end

data/lib/dapp/helper/url.rb

@@ -1,23 +0,0 @@
-module Dapp
-  module Helper
-    module Url
-      def git_url_to_name(url)
-        url_without_scheme = url.split("://", 2).last
-        # This may be broken, because "@" should delimit creds, not a ":"
-        url_without_creds = url_without_scheme.split(":", 2).last
-        url_without_creds.gsub(%r{.*?([^\/ ]+\/[^\/ ]+)\.git}, '\\1')
-      end
-
-      def get_host_from_git_url(url)
-        url_without_scheme = url.split("://", 2).last
-        url_without_creds = url_without_scheme.split("@", 2).last
-
-        # Split out part after ":" in this kind of url: github.com:flant/dapp.git
-        url_part = url_without_creds.split(":", 2).first
-
-        # Split out part after first "/": github.com/flant/dapp.git
-        url_part.split("/", 2).first
-      end
-    end # Url
-  end # Helper
-end # Dapp