dice_bag 1.3.2 → 1.5.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 5a746ff933e6fc286fb83e0773837318e7c5474305f134522becee1a7633062a
4
- data.tar.gz: 2ef5740432f756bb865e9fd4b6ba16f4959ad9e907c8acbabb7f25cab78a50f4
3
+ metadata.gz: aad1fdaa143ede5c607a8ea0c451252da996e6d783a895ed742ee6c6b82b1001
4
+ data.tar.gz: 52802ac8af7acc21bcddcb86b246860bb05e9274be8bef54c9ccedffadfe670d
5
5
  SHA512:
6
- metadata.gz: bdefa0ab34fafe43c4be1c1e0de92ef4623ace5004bbb271c5da49a0c245299e3422c5d110411227654c1854485f6b561433527641f5e3bdd97bb46fb963a498
7
- data.tar.gz: c3904fd8f758752bbb2ebd572f7a0b99814ed91c5d52ffc0dc35a020d7e6ae41bd2fc5d4d0b01400d86a92aeab11a01a37e56fb3fdf23feb02ce409c45c6ff81
6
+ metadata.gz: 91dd8e76e891b52d9bb836f6b0da7a453f4f0aa182d63a0f2082e09260f6dd495d799ba62700f259d225233f676d2b6a8677981bf2de7653b8554b4fb911f030
7
+ data.tar.gz: d1947a678fef6d5f1c3855cead618c181593ac0a87f54fd6932609ba914ee904357d7acd450dd9b7fcea3c98ecc3351b43b426df890e6017357f54d1a1e2d601
@@ -0,0 +1,81 @@
1
+ # 1.5.0
2
+ * Add ability to generate and verify x509 certificates.
3
+
4
+ # 1.4.1
5
+ * Bundle extra files in the gem (MIT-LICENSE etc.).
6
+
7
+ # 1.4.0
8
+ * Allow thor 0.x and 1.x.
9
+
10
+ # 1.3.4
11
+ * Remove extra spaces from the database templates.
12
+
13
+ # 1.3.3
14
+ * Address a deprecation warning when using Rails 6.0.
15
+
16
+ # 1.3.2
17
+ * Gem specifies MIT license.
18
+
19
+ # 1.3.1
20
+ * Fix adapter name in the database.yml.dice template for PostgreSQL.
21
+
22
+ # 1.3.0
23
+ * Detect pg gem and generate database.yml.dice for PostgreSQL.
24
+
25
+ # 1.2.3
26
+ * Fix: Add missing newline after ruby warning message.
27
+
28
+ # 1.2.2
29
+ * Remove trailing space from the message generated by `<%= warning.as_yaml_comment %>`.
30
+
31
+ # 1.2.1
32
+ * Replaces `starts_with?` with `start_with?` to remove Rails dependency.
33
+
34
+ # 1.2.0
35
+ * Adds a `config:generate_from_gems` task to generate the templates from the specified gems only
36
+
37
+ # 1.1.1
38
+ * Updates the database.yml.dice file to not provide settings for test and development when
39
+ building in production.
40
+
41
+ # 1.1.0
42
+ * Removed the template for Newrelic.
43
+
44
+ # 1.0.0
45
+ * `config:generate_all` task allows user to choose an appropriate action when source and local templates are different.
46
+ * `config:generate_all:force` allows user to generate templates in 'force mode' (replacing local templates with the source).
47
+
48
+ # 0.9.0
49
+ * Feature: Adding a bang (!) at the end of method names, will raise when the variable
50
+ is not found in production.
51
+ * New relic template to use SSL by default
52
+
53
+ # 0.8.0
54
+ * Fix Template generation fails if the target directory is missing
55
+ * Document that configuration files must not be loaded in Rails config/application.rb
56
+ * Don't overwrite config files if user responds 'No' instead of just 'N'.
57
+ * Omit .dice files in Bundler path or in dot-prefixed directories
58
+
59
+ # 0.7.1
60
+ * The ensure_is_private_key method now additionally supports RSA keys without spaces.
61
+
62
+ # 0.7.0
63
+ * New ensure_is_private_key helper method to process RSA private keys.
64
+ * New config:deploy rake task to use for deployments, which overwrites config files without prompting.
65
+
66
+ # 0.6.0
67
+ * **Breaking change:** Only templates with the '.dice' extension are processed.
68
+ * **Breaking change:** Local override via the '.local' extension has been removed.
69
+ * Templates are processed in all directories.
70
+
71
+ # 0.5.0
72
+ * Generated templates should be committed to source control.
73
+ * New '.dice' extension for templates.
74
+ * Better testing infrastructure.
75
+ * Plugins and rake task can specify custom location for templates.
76
+
77
+ # 0.4.1
78
+ * Fix: Templates are generated in 'config' directory for Rails projects.
79
+
80
+ # 0.4.0
81
+ * Initial open source release.
@@ -0,0 +1,19 @@
1
+ Copyright (c) 2012-2020 Medidata Solutions Worldwide
2
+
3
+ Permission is hereby granted, free of charge, to any person obtaining a copy
4
+ of this software and associated documentation files (the "Software"), to deal
5
+ in the Software without restriction, including without limitation the rights
6
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
7
+ copies of the Software, and to permit persons to whom the Software is
8
+ furnished to do so, subject to the following conditions:
9
+
10
+ The above copyright notice and this permission notice shall be included in
11
+ all copies or substantial portions of the Software.
12
+
13
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
14
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
15
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
16
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
17
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
18
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
19
+ THE SOFTWARE.
@@ -0,0 +1,174 @@
1
+ # DiceBag
2
+
3
+ [![Build Status](https://travis-ci.org/mdsol/dice_bag.svg?branch=develop)](https://travis-ci.org/mdsol/dice_bag)
4
+ [![Code Climate](https://codeclimate.com/github/mdsol/dice_bag.png)](https://codeclimate.com/github/mdsol/dice_bag)
5
+
6
+ DiceBag is a library of rake tasks for configuring web apps in the style of [The
7
+ Twelve-Factor App][1]. Configuration values are picked up from the environment
8
+ and used to populate configuration files from templates. Pre-packaged templates
9
+ for common configuration files are provided.
10
+
11
+ Although Rails already supports ERB syntax for its YML configuration files, DiceBag will generate a final
12
+ static file that will work without keeping your deployment environment variables in sync with your
13
+ production environment variables. For security reasons, these environments may sometimes differ.
14
+
15
+ Also DiceBag will work with any kind of text files, not only YML files. It can be very useful for
16
+ ruby initializer files for instance.
17
+
18
+ [1]: http://www.12factor.net/
19
+
20
+ ## Installation
21
+
22
+ Add the following to your `Gemfile`:
23
+
24
+ ```ruby
25
+ gem 'dice_bag'
26
+ ```
27
+
28
+ If you are using these tasks outside of a Rails project, add the following to
29
+ your `Rakefile` or wherever your local rake tasks are defined:
30
+
31
+ ```ruby
32
+ require 'dice_bag/tasks'
33
+ ```
34
+
35
+ Run the following command to see the new tasks:
36
+
37
+ ```
38
+ [bundle exec] rake -T | grep "rake config"
39
+ ```
40
+
41
+ ## Create configuration files from templates
42
+
43
+ When the rake "config" task is run, configuration files are populated for all
44
+ ERB template files in the project that have a ".dice" extension. Configuration
45
+ values from the environment are made available to the templates through the
46
+ `configured` object.
47
+
48
+ For example, take a "database.yml.dice" file containing this template:
49
+
50
+ ```erb
51
+ development:
52
+ database: development
53
+ username: <%= configured.database_username || 'root' %>
54
+ password: <%= configured.database_password %>
55
+ ```
56
+
57
+ Then running the following command:
58
+
59
+ ```
60
+ DATABASE_USERNAME=alice DATABASE_PASSWORD=xyzzy [bundle exec] rake config
61
+ ```
62
+
63
+ will generate a "database.yml" file with the following contents:
64
+
65
+ ```yaml
66
+ development:
67
+ database: development
68
+ username: alice
69
+ password: xyzzy
70
+ ```
71
+
72
+ See the [feature documentation][features] for further examples and
73
+ functionality.
74
+
75
+ [features]: https://www.relishapp.com/mdsol/dice-bag/docs
76
+
77
+ As discussed in [The Twelve-Factor App section on configuration][2], do not
78
+ commit your generated configuration files to source control. Instead, commit the
79
+ templates to source control and then regenerate the configuration files at
80
+ deployment time by running the rake `config:deploy` task.
81
+
82
+ [2]: http://www.12factor.net/config
83
+
84
+
85
+ ### Ensuring variables are set in production
86
+
87
+ It is a common pattern to use default information for development but to not
88
+ allow defaults in production, instead we want to always set up the environment variables
89
+ in production.
90
+
91
+ It is very easy to discover what variables have not been set in production using a bang after
92
+ the variable name, for instance:
93
+ ```
94
+ secret_key: <%= configured.secret_key_base! || 'any text is ok' %>
95
+ ```
96
+ Will raise an explanatory error if we are using Rails, we are in production and the
97
+ variable SECRET_KEY_BASE is not set. In other environments will not care about it
98
+ not being set and will use the default.
99
+
100
+
101
+ ### Generating the templates of given gems only
102
+
103
+ `config:generate_all` will generate all the templates it can find. Since sometimes this behavior
104
+ is not desirable you can use the `config:generate_from_gems` task to specify gem names:
105
+
106
+ ```
107
+ [bundle exec] rake config:generate_from_gems gem1 gem2 gemN
108
+ ```
109
+
110
+ will generate only the templates provided by `gem1`, `gem2` and `gemN`.
111
+
112
+ To force-generate set the `DICEBAG_FORCE` environment variable to any value when running the task.
113
+
114
+
115
+ ## Generating the pre-packaged templates
116
+
117
+ If the corresponding gems are installed, the following pre-packaged templates are provided:
118
+
119
+ * mysql2 or pg: `database.yml.dice` for [Rails](https://github.com/rails/rails/)
120
+ * aws-sdk: `aws.yml.dice`
121
+ * dalli: `dalli.yml.dice`
122
+
123
+ Run the following command to generate them:
124
+
125
+ ```
126
+ [bundle exec] rake config:generate_all
127
+ ```
128
+
129
+ This command provides options to compare changes between source and local templates, so new additions to the source templates can be safely added while preserving any project specific customization to local templates.
130
+
131
+ Alternatively, to force generate templates (replacing existing local templates with the source), run the following:
132
+
133
+ ```
134
+ [bundle exec] rake config:generate_all:force
135
+ ```
136
+
137
+
138
+ As with your own templates, you should commit these pre-packaged templates to
139
+ source control.
140
+
141
+ You can customize these pre-packaged template to your needs but if the change is
142
+ a generic fix or extension, please consider contributing it back to this project
143
+ so that everyone benefits.
144
+
145
+ ### Defining your own pre-packaged templates
146
+
147
+ If you want DiceBag to generate your own pre-packaged templates when you run the
148
+ rake "config:generate_all" task, you can create a plug-in. Read the
149
+ [templates.md](./templates.md) file to learn how to do this.
150
+
151
+ ## Troubleshooting
152
+
153
+ ### rake config fails in Rails project with file not found
154
+
155
+ Due to rake running ``` config/application.rb ``` before kicking off a task,
156
+ if ``` config/application.rb ``` loads any configuration files that dice_bag
157
+ must generate a 'file not found' error may occur. Makes sense that a file
158
+ ``` rake config:generate_all ``` needs to create, does not exist before it has ran.
159
+
160
+ Solution: Move any config loading that depends on files generated by dice_bag out of `application.rb` and into `config/initializers/*`. Since the commands
161
+ `rails server` or `rails console` etc. always run the initializers, moving the logic
162
+ here should be a safe bet.
163
+
164
+ ## Contributors
165
+
166
+ * [Andrew Smith](https://github.com/asmith-mdsol)
167
+ * [Jordi Carres](https://github.com/jcarres-mdsol)
168
+ * [Dan Hoizner](https://github.com/dhoizner-mdsol)
169
+ * [Aaron Weiner](https://github.com/HonoreDB)
170
+ * [Luke Greene](https://github.com/lgreene-mdsol)
171
+ * [Johnny Lo](https://github.com/jlo188)
172
+ * [Connor Ross](https://github.com/cross311)
173
+ * [Mathieu Jobin](https://github.com/mjobin-mdsol)
174
+
@@ -10,7 +10,7 @@ module DiceBag
10
10
  require "openssl"
11
11
 
12
12
  begin
13
- OpenSSL::PKey::RSA.new @private_key
13
+ rsa_object
14
14
  true
15
15
  rescue => e
16
16
  puts "#{e.message}\n#{e.backtrace}"
@@ -25,6 +25,14 @@ module DiceBag
25
25
  @private_key = [HEADER, body, FOOTER].flatten.join("\n")
26
26
  end
27
27
 
28
+ def public_key
29
+ rsa_object.public_key
30
+ end
31
+
32
+ def rsa_object
33
+ @rsa_object ||= OpenSSL::PKey::RSA.new(@private_key)
34
+ end
35
+
28
36
  private
29
37
 
30
38
  HEADER = "-----BEGIN RSA PRIVATE KEY-----".freeze
@@ -3,9 +3,12 @@ module DiceBag
3
3
  class Project
4
4
  DEFAULT_NAME = "project"
5
5
 
6
+ # TODO: how to find the name of the project in non Rails apps?
6
7
  def self.name
7
- # TODO: how to do find the name of the project in no-rails environments?
8
- defined?(Rails) ? Rails.application.class.parent_name.downcase : DEFAULT_NAME
8
+ return DEFAULT_NAME unless defined?(Rails)
9
+
10
+ parent_name_method = Module.respond_to?(:module_parent_name) ? :module_parent_name : :parent_name
11
+ Rails.application.class.send(parent_name_method).downcase
9
12
  end
10
13
 
11
14
  def self.config_files(filename)
@@ -17,5 +17,57 @@ module DiceBag
17
17
  raise "The private key provided is invalid"
18
18
  end
19
19
  end
20
+
21
+ # Generates https://en.wikipedia.org/wiki/X.509 certificate, commonly used in authentication services
22
+ def generate_509_certificate(private_key, root_ca: nil, root_key: nil)
23
+ root_key ||= OpenSSL::PKey::RSA.new(2048) # the CA's public/private key
24
+ root_ca ||= default_root_ca(root_key)
25
+
26
+ cert = OpenSSL::X509::Certificate.new
27
+ cert.version = 2
28
+ cert.serial = 2
29
+ cert.subject = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=Ruby certificate")
30
+ cert.issuer = root_ca.subject # root CA is the issuer
31
+ cert.public_key = PrivateKey.new(private_key.dup).public_key
32
+ cert.not_before = Time.now
33
+ cert.not_after = cert.not_before + 1 * 365 * 24 * 60 * 60 # 1 years validity
34
+ ef = OpenSSL::X509::ExtensionFactory.new
35
+ ef.subject_certificate = cert
36
+ ef.issuer_certificate = root_ca
37
+ cert.add_extension(ef.create_extension("keyUsage", "digitalSignature", true))
38
+ cert.add_extension(ef.create_extension("subjectKeyIdentifier", "hash", false))
39
+ cert.sign(root_key, OpenSSL::Digest::SHA256.new)
40
+ cert
41
+ end
42
+
43
+ # raw_cert: DER or PEM encoded certificate
44
+ def ensure_is_509_certificate(raw_cert)
45
+ certificate = OpenSSL::X509::Certificate.new(raw_cert)
46
+ rescue OpenSSL::X509::CertificateError
47
+ false
48
+ end
49
+
50
+ def default_root_ca(root_key)
51
+ @default_root_ca ||= generate_root_ca(root_key)
52
+ end
53
+
54
+ def generate_root_ca(root_key)
55
+ root_ca = OpenSSL::X509::Certificate.new
56
+ root_ca.version = 2 # cf. RFC 5280 - to make it a "v3" certificate
57
+ root_ca.serial = 1 # considered a security flaw for real certificates
58
+ root_ca.subject = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=Ruby CA")
59
+ root_ca.issuer = root_ca.subject # root CA's are "self-signed"
60
+ root_ca.public_key = root_key.public_key
61
+ root_ca.not_before = Time.now
62
+ root_ca.not_after = root_ca.not_before + 2 * 365 * 24 * 60 * 60 # 2 years validity
63
+ ef = OpenSSL::X509::ExtensionFactory.new
64
+ ef.subject_certificate = root_ca
65
+ ef.issuer_certificate = root_ca
66
+ root_ca.add_extension(ef.create_extension("basicConstraints", "CA:TRUE", true))
67
+ root_ca.add_extension(ef.create_extension("keyUsage", "keyCertSign, cRLSign", true))
68
+ root_ca.add_extension(ef.create_extension("subjectKeyIdentifier", "hash", false))
69
+ root_ca.add_extension(ef.create_extension("authorityKeyIdentifier", "keyid:always", false))
70
+ root_ca.sign(root_key, OpenSSL::Digest::SHA256.new)
71
+ end
20
72
  end
21
73
  end
@@ -12,8 +12,8 @@
12
12
  port: <%= configured[env].database_port || 3306 %>
13
13
  pool: <%= configured[env].database_pool || 5 %>
14
14
  timeout: <%= configured[env].database_timeout || 5000 %>
15
- encoding: <%= configured[env].database_encoding || 'utf8' %>
16
- reconnect: <%= configured[env].database_reconnect || false %>
15
+ encoding: <%= configured[env].database_encoding || 'utf8' %>
16
+ reconnect: <%= configured[env].database_reconnect || false %>
17
17
  <% db_cert = configured[env].database_ssl_cert %>
18
18
  <%= db_cert ? "sslca: #{db_cert}" : '' %>
19
19
  <% end %>
@@ -12,8 +12,8 @@
12
12
  port: <%= configured[env].database_port || 5432 %>
13
13
  pool: <%= configured[env].database_pool || 5 %>
14
14
  timeout: <%= configured[env].database_timeout || 5000 %>
15
- encoding: <%= configured[env].database_encoding || 'unicode' %>
16
- reconnect: <%= configured[env].database_reconnect || false %>
15
+ encoding: <%= configured[env].database_encoding || 'unicode' %>
16
+ reconnect: <%= configured[env].database_reconnect || false %>
17
17
  <% db_cert = configured[env].database_ssl_cert %>
18
18
  <%= db_cert ? "sslca: #{db_cert}" : '' %>
19
19
  <% end %>
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module DiceBag
2
- VERSION = "1.3.2"
4
+ VERSION = "1.5.0"
3
5
  end
@@ -8,5 +8,33 @@ describe DiceBag::Project do
8
8
  it "should give me a default name for non Rails apps" do
9
9
  expect(project.name).to eq(DiceBag::Project::DEFAULT_NAME)
10
10
  end
11
+
12
+ context "Rails app" do
13
+ let(:name) { "HelloService" }
14
+ let(:rails) { Class.new }
15
+ before { stub_const("Rails", rails) }
16
+
17
+ describe "Rails < 6.1" do
18
+ before do
19
+ allow(Module).to receive(:parent_name).and_return(name)
20
+ allow(rails).to receive_message_chain(:application, :class, :parent_name).and_return(name)
21
+ end
22
+
23
+ it "uses the :parent_name method" do
24
+ expect(project.name).to eq("helloservice")
25
+ end
26
+ end
27
+
28
+ describe "Rails >= 6.1" do
29
+ before do
30
+ allow(Module).to receive(:module_parent_name).and_return(name)
31
+ allow(rails).to receive_message_chain(:application, :class, :module_parent_name).and_return(name)
32
+ end
33
+
34
+ it "uses the :module_parent_name method" do
35
+ expect(project.name).to eq("helloservice")
36
+ end
37
+ end
38
+ end
11
39
  end
12
40
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dice_bag
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.3.2
4
+ version: 1.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Smith
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2019-01-08 00:00:00.000000000 Z
12
+ date: 2020-11-25 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rake
@@ -29,16 +29,16 @@ dependencies:
29
29
  name: thor
30
30
  requirement: !ruby/object:Gem::Requirement
31
31
  requirements:
32
- - - "~>"
32
+ - - "<"
33
33
  - !ruby/object:Gem::Version
34
- version: '0.0'
34
+ version: '2.0'
35
35
  type: :runtime
36
36
  prerelease: false
37
37
  version_requirements: !ruby/object:Gem::Requirement
38
38
  requirements:
39
- - - "~>"
39
+ - - "<"
40
40
  - !ruby/object:Gem::Version
41
- version: '0.0'
41
+ version: '2.0'
42
42
  - !ruby/object:Gem::Dependency
43
43
  name: diff-lcs
44
44
  requirement: !ruby/object:Gem::Requirement
@@ -103,6 +103,9 @@ executables: []
103
103
  extensions: []
104
104
  extra_rdoc_files: []
105
105
  files:
106
+ - CHANGELOG.md
107
+ - MIT-LICENSE
108
+ - README.md
106
109
  - lib/dice_bag.rb
107
110
  - lib/dice_bag/available_templates.rb
108
111
  - lib/dice_bag/command.rb
@@ -128,10 +131,12 @@ files:
128
131
  - spec/command_spec.rb
129
132
  - spec/configuration_spec.rb
130
133
  - spec/spec_helper.rb
131
- homepage: https://github.com/mdsol/dice_bag
134
+ homepage:
132
135
  licenses:
133
136
  - MIT
134
- metadata: {}
137
+ metadata:
138
+ homepage_uri: https://github.com/mdsol/dice_bag
139
+ changelog_uri: https://github.com/mdsol/dice_bag/blob/develop/CHANGELOG.md
135
140
  post_install_message:
136
141
  rdoc_options: []
137
142
  require_paths:
@@ -140,21 +145,20 @@ required_ruby_version: !ruby/object:Gem::Requirement
140
145
  requirements:
141
146
  - - ">="
142
147
  - !ruby/object:Gem::Version
143
- version: 2.3.0
148
+ version: '2.3'
144
149
  required_rubygems_version: !ruby/object:Gem::Requirement
145
150
  requirements:
146
151
  - - ">="
147
152
  - !ruby/object:Gem::Version
148
153
  version: '0'
149
154
  requirements: []
150
- rubyforge_project:
151
- rubygems_version: 2.7.6
155
+ rubygems_version: 3.0.6
152
156
  signing_key:
153
157
  specification_version: 4
154
158
  summary: Dice Bag is a library of rake tasks for configuring web apps in the style
155
159
  of The Twelve-Factor App. It also provides continuous integration tasks that rely
156
160
  on the configuration tasks.
157
161
  test_files:
158
- - spec/spec_helper.rb
159
162
  - spec/configuration_spec.rb
163
+ - spec/spec_helper.rb
160
164
  - spec/command_spec.rb