digicert-cli 0.1.0 → 0.2.0

data/.travis.yml

@@ -4,5 +4,4 @@ rvm:
   - 2.4.1
 
 before_install:
-  - cp .sample.env .env
   - gem install bundler -v 1.14.6

data/Gemfile

@@ -2,5 +2,3 @@ source 'https://rubygems.org'
 
 # Specify your gem's dependencies in digicert-cli.gemspec
 gemspec
-
-gem "digicert", github: "riboseinc/digicert", ref: "f122a4b"

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2017 Ribose Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -2,51 +2,245 @@
 
 [![Build
 Status](https://travis-ci.org/riboseinc/digicert-cli.svg?branch=master)](https://travis-ci.org/riboseinc/digicert-cli)
+[![Code
+Climate](https://codeclimate.com/github/riboseinc/digicert-cli/badges/gpa.svg)](https://codeclimate.com/github/riboseinc/digicert-cli)
+[![Gem
+Version](https://badge.fury.io/rb/digicert-cli.svg)](https://badge.fury.io/rb/digicert-cli)
 
-The CLI for the Digicert API
+The [Digicert CLI] is a tool that allows us to manage Digicert orders,
+certificates and etc using [Digicert Ruby Client].
+
+## Configure
+
+We need to setup our API key before we want to use the CLI. For simplicity we
+have add an easier interface to setup the Digicert API KEY. To setup your key
+please use the following interface.
+
+```sh
+digicert config DIGICERT_API_KEY
+```
 
 ## Usages
 
+### Getting Help
+
+We have been trying to simplify the `CLI` with proper `help` documentation. Each
+of the `command` and `subcommand` should provide you the basic usages guide with
+the list of supported options.
+
+Normally the parent command should fire up the `help` documentation, but if it
+does not then you can explicitly call the `help` command or pass `-h` flags with
+any of the action and that should fire up the documentation. For example
+
+```sh
+$ digicert help
+```
+
+```sh
+Commands:
+  digicert certificate     # Manage Digicert Certificates
+  digicert config API_KEY  # Configure The CLI Client
+  digicert csr             # Fetch/generate Certificate CSR
+  digicert help [COMMAND]  # Describe available / One specific command
+  digicert order           # Manage Digicert Orders
+```
+
+The above command lists the available commands with a basic description and as
+you might have notice, it also ships with a `help` command which can be used to
+up the usages documentation for it's nested command.
+
+```sh
+# digicert order -h
+$ digicert help order
+```
+
+```sh
+Commands:
+  digicert order find              # Find a digicert order
+  digicert order help [COMMAND]    # Describe subcommands or one specific
+  digicert order list              # List digicert orders
+  digicert order reissue ORDER_ID  # Reissue digicert order
+```
+
+Hopefully you get the idea, we will try our best to keep this guide up to date
+but whenever you need some more information please add the `-h` flags with any
+commands or subcommands and you should see what you need.
+
 ### Orders
 
-This CLI provides an easier interface to list the orders from the Digicert API.
-To retrieve the list of the certificate orders we can use
+#### Listing Orders
+
+Listing orders is pretty simple with the CLI, once we have our API key
+configured then we can list all of our orders using the `list` interface
+
+```sh
+$ digicert order list
+```
 
 ```sh
-digicert order list
++---------------+---------------+------------------+-------------+-------------+
+| Id            | Product Type  | Common Name      | Status      | Expiry      |
++---------------+---------------+------------------+-------------+-------------+
+| xxxxx65       | ssl_wildcard  | *.ribosetest.com | expired     | 2018-06-25  |
+| xxxxx20       | ssl_wildcard  | *.ribosetest.com | issued      | 2018-06-15  |
+| xxxxx06       | ssl_wildcard  | *.ribosetest.com | revoked     | 2018-05-09  |
++---------------+---------------+------------------+-------------+-------------+
 ```
 
-Digicert does not have any a direct interface to filter certificate orders,
-but we have added partial support for filtering, to filter the orders by any
-specific criteria please pass those as option to the `order list` interface.
-Currently supported options are `common_name` and `product_type`.
+The above interface without any option will list out all of the orders we have
+with Digicert, but sometime we might need to filter those listings, and that's
+where can can use the filter options. This interface supports filter options
+through the `--filter` option and expect the value to be in `key:value` format.
+
+For example, if we want to retrieve all of the orders that has product type of
+`ssl_wildcard` then we can use
 
 ```sh
-digicert order list -c "ribosetest.com" -p "ssl_plus"
+$ digicert order list --filter 'product_name_id:ssl_wildcard'
 ```
 
-### Single Order
+It will only list the orders with the `ssl_wildcard` product type, Currently the
+supported filters options are `date_created`, `valid_till`, `status`, `search`,
+`common_name` and `product_name_id`. Please [check the wiki] for more up to date
+supported filtering options.
+
+#### Find an order
+
+We can use the `find` interface to retrieve a single order, by default it will
+print the details in the console. This interface also supports filter options.
+
+One important thing to remember, it will only retrieve one single entry, so if
+you have multiple orders in your specified terms then it will only retrieve the
+most recent one form that list.
 
-Use `find` interface to retrieve a single order, this interface supports all
-default filters.
+```sh
+$ digicert order find --filter 'common_name:ribosetest.com' 'product_name_id:ssl_plus'
+```
 
 ```sh
-digicert order find -c "ribosetest.com" -p "ssl_plus" --status expired
+#<Digicert::ResponseObject id=xxx04, certificate=#<Digicert::ResponseObject
+..........................id=xxxx08 price=xxxx, product_name_id="ssl_plus">
 ```
 
-This interface also allow us to specific a flag in case we only want to find
-the `id` for the resource.
+But if you don't care about that much of data and only need the `ID` then you
+can pass the `--quiet` flags to reduce the noises and retrieve only the id.
+
+#### Reissue an order
+
+To reissue a non-expired order we can use the `reissue` interface and pass the
+order id to it. By default it will reissue the order using the existing details
+but if we want to update the `CSR` then we can pass the certificate file as
+`--crt`.
+
+```sh
+$ digicert order reissue 12345 --crt path_to_the_new_csr.csr
+```
 
 ```sh
-digicert order find -c "ribosetest.com" -p "ssl_plus" --status expired --quiet
+Reissue request xxxxx8 created for order - 123456
 ```
 
-### Reissue an order
+Pretty cool right? The above interface also support some other option that we
+can use to download the recently reissued order. To download, all we need to do
+is just provide a valid path and it will automatically download the certificates
+
+```sh
+$ digicert order reissue 123456 --output /path/to/downloads
+```
+
+```sh
+Reissue request 1xxxxx created for order - 123456
+
+Fetch attempt 1..
+Downloaded certificate to:
+
+/path/to/downloads/123456.root.crt
+/path/to/downloads/123456.certificate.crt
+/path/to/downloads/123456.intermediate.crt
+```
+
+### Certificate
+
+#### Fetch a certificate
+
+The `fetch` interface will retrieve the certificate for any specific orders, by
+default it will print out the detail in the console but if we only want the `ID`
+then we can pass the `--quiet` flags with it.
+
+```sh
+$ digicert certificate fetch 123456789 --quiet
+```
+
+#### Download a certificate
+
+To download a certificate we can use the same `fetch` interface but with the
+`--output` option. Based on the `--output` option `fetch` interface will fetch
+the certificates and download the `root`, `intermediate` and `certificate` to
+the output path, to download a certificate we can do
+
+```sh
+$ digicert certificate fetch 123456 --output /path/to/downloads
+```
+
+The above interface supports downloading a certificate and it expects us to
+provide the `order-id`, but if we only care about download then we can also use
+the `download` interface. It acts pretty much similar but it let's us specify
+the `order-id` or `certificate-id`.
+
+```sh
+$ digicert certificate download --order-id 654321 --output /downloads
+$ digicert certificate download --certificate-id 123456 --output /downloads
+```
+
+#### List duplicate certificates
+
+Digicert allows us to duplicate a certificate and if we want to list all of the
+duplicates then we can use the `duplicates` interface. This interface expects us
+to provide the `order-id` to list the duplicates
+
+```sh
+$ digicert certificate duplicates 123456
+```
+
+```sh
++----------+-------------------+------------------+----------+--------------+
+| Id       | Common Name       | SAN Names        | Status   | Validity     |
++----------+-------------------+------------------+----------+--------------+
+| xxxxx19  | *.ribosetest.com  | *.ribosetest.com | approved | xxxxx-xxxxxx |
+|          |                   | ribosetest.com   |          |              |
++----------+-------------------+------------------+----------+--------------+
+```
+
+### CSR
+
+#### Fetch an order's CSR
+
+Retrieving a `CSR` is pretty easy, if we have an order id and we want retrieve
+it's `CSR` then we can use the `fetch` interface from `csr` command. And once we
+passed it to the interface then it will retrieve and print it to the console.
+
+```sh
+$ digicert csr fetch 123456
+```
+
+#### Generate a new CSR
+
+Digicert gem usages a third party library to generate a CSR, and we have also
+included that in the CLI to make the `CSR` generation process simpler, so if we
+need to generate a new `CSR` then we can use the `generate` interface and pass
+the order id with the key file to generate the CSR
+
+```sh
+$ digicert csr generate --oreder-id 12345 --key /path/to/the/key-file.key
+```
 
-To reissue an existing order, we can use the following interface.
+This interface also support custom details like `common-name` and `san`. We can
+pass those as `--common-name` and `--san` and it will automatically use it to
+generate the new `CSR`
 
 ```sh
-digicert order reissue --order_id 12345
+$ digicert csr generate --common-name ribosetest.com --order-id 1234 \
+  --san test1.ribosetest.com test2.ribosetest.com --key path_to_key_file
 ```
 
 ## Development
@@ -61,7 +255,7 @@ should fix the violations as part of your contribution.
 Clone the repository.
 
 ```sh
-git clone https://github.com/abunashir/digicert-cli
+git clone https://github.com/riboseinc/digicert-cli
 ```
 
 Setup your environment.
@@ -99,6 +293,9 @@ Here are a few technical guidelines to follow:
 This gem is developed, maintained and funded by [Ribose Inc.][riboseinc]
 
 [riboseinc]: https://www.ribose.com
-[issues]: https://github.com/abunashir/digicert-cli/issues
+[issues]: https://github.com/riboseinc/digicert-cli/issues
 [squash]: https://github.com/thoughtbot/guides/tree/master/protocol/git#write-a-feature
 [sandi-metz]: http://robots.thoughtbot.com/post/50655960596/sandi-metz-rules-for-developers
+[Digicert CLI]: https://github.com/riboseinc/digicert-cli
+[Digicert Ruby Client]: https://github.com/riboseinc/digicert
+[check the wiki]: https://github.com/riboseinc/digicert-cli/wiki

data/bin/digicert

@@ -16,7 +16,6 @@ class Gem::Specification
 end
 
 # start up the CLI
-require "bundler/setup"
 require "digicert/cli"
 
-Digicert::CLI.start(*ARGV)
+Digicert::CLI.start(ARGV)

data/digicert-cli.gemspec

@@ -20,21 +20,12 @@ Gem::Specification.new do |spec|
   spec.bindir        = "bin"
   spec.executables   = "digicert"
 
-  # Digicert gem dpendenceis
-  #
-  # We are developing this cli and the digicert gem at the same time
-  # and we might not instantly push the digicert gems to rubygems while
-  # we are adding any new features. So let's use the one from our github
-  # and once we are close to finalize then we will switch to the actual
-  # digicert gem from rubygems.
-  #
-  # spec.add_dependency "digicert", "~> 0.1.1"
-  #
-
+  spec.add_dependency "thor", "~> 0.19.4"
+  spec.add_dependency "digicert", "~> 0.1.2"
+  spec.add_dependency "openssl", ">= 2.0.3"
   spec.add_dependency "terminal-table"
 
   spec.add_development_dependency "bundler", "~> 1.14"
-  spec.add_development_dependency "dotenv"
   spec.add_development_dependency "rake", "~> 10.0"
   spec.add_development_dependency "rspec", "~> 3.0"
   spec.add_development_dependency "webmock", "~> 2.0"

data/lib/digicert/cli.rb

@@ -1,20 +1,44 @@
-require "optparse"
+#--
+# Copyright (c) 2017 Ribose Inc.
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+# ++
+
+require "thor"
+require "openssl"
 require "digicert"
 
 require "digicert/cli/util"
 require "digicert/cli/auth"
+require "digicert/cli/base"
 require "digicert/cli/command"
 
 module Digicert
   module CLI
-    def self.start(*args)
-      command = args.shift.strip rescue help
-      subcommand = args.first.start_with?("-") ? "list" : args.shift.strip
-
-      response = Digicert::CLI::Command.run(command, subcommand, args)
-
-      $stdout.write(response)
-      $stdout.write("\n")
+    def self.start(arguments)
+      Digicert::CLI::Command.start(arguments)
+    rescue Digicert::Errors::Forbidden, NoMethodError
+      Thor::Shell::Basic.new.say(
+        "Invalid: Missing API KEY\n\n" \
+        "A valid Digicert API key is required for any of the CLI operation\n" \
+        "You can set your API Key using `digicert config DIGICERT_API_KEY`",
+      )
     end
   end
 end

data/lib/digicert/cli/auth.rb

@@ -1,5 +1,8 @@
-require "dotenv/load"
+require "digicert"
+require "digicert/cli/rcfile"
 
-Digicert.configure do |config|
-  config.api_key = ENV["DIGICERT_API_KEY"]
+unless Digicert.configuration.api_key
+  Digicert.configure do |config|
+    config.api_key = Digicert::CLI::RCFile.api_key || ENV["DIGICERT_API_KEY"]
+  end
 end

data/lib/digicert/cli/base.rb

@@ -0,0 +1,19 @@
+module Digicert
+  module CLI
+    class Base
+      attr_reader :order_id, :options
+
+      def initialize(attributes = {})
+        @options = attributes
+        @order_id = options.delete(:order_id)
+
+        extract_local_attributes(options)
+      end
+
+      private
+
+      def extract_local_attributes(options)
+      end
+    end
+  end
+end

data/lib/digicert/cli/certificate.rb

@@ -0,0 +1,75 @@
+module Digicert
+  module CLI
+    class Certificate < Digicert::CLI::Base
+      def fetch
+        apply_option_flags(order.certificate)
+      end
+
+      def duplicates
+        if order_id && duplicate_certificates
+          display_in_table(duplicate_certificates)
+        end
+      end
+
+      def download
+        download_certificate(certificate_id)
+      end
+
+      private
+
+      attr_reader :output_path
+
+      def extract_local_attributes(options)
+        @output_path = options.fetch(:output, nil)
+      end
+
+      def order
+        @order ||= Digicert::Order.fetch(order_id)
+      end
+
+      def certificate_id
+        @certificate_id ||= options[:certificate_id] || order.certificate.id
+      end
+
+      def duplicate_certificates
+        @certificates ||= Digicert::DuplicateCertificate.all(order_id: order_id)
+      end
+
+      def apply_option_flags(certificate)
+        download_certificate(certificate.id) || apply_output_flag(certificate)
+      end
+
+      def download_certificate(certificate_id)
+        if output_path
+          Digicert::CLI::CertificateDownloader.download(
+            path: output_path,
+            certificate_id: certificate_id,
+            filename: order_id || certificate_id,
+          )
+        end
+      end
+
+      def apply_output_flag(certificate)
+        options[:quiet] ? certificate.id : certificate
+      end
+
+      def display_in_table(certificates)
+        certificates_attributes = certificates.map do |certificate|
+          [
+            certificate.id,
+            certificate.common_name,
+            certificate.dns_names.join("\n"),
+            certificate.status,
+            [certificate.valid_from, certificate.valid_till].join(" - "),
+          ]
+        end
+
+        Digicert::CLI::Util.make_it_pretty(
+          table_wdith: 100,
+          rows: certificates_attributes,
+          headings: ["Id", "Common Name", "SAN Names", "Status", "Validity"],
+        )
+      end
+    end
+  end
+end