gemsmith 7.2.0 → 7.3.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 662e814586c4f37d3a10ff89ae864438cf65210d
4
- data.tar.gz: 8d9b0b9e1555391015ad315566ed829d18bdf922
3
+ metadata.gz: 28d4c64a7cb8cc5819196a8c3ee614e2da031350
4
+ data.tar.gz: 1dfec05ae110a647cc69134ed9f2e522d7a0a830
5
5
  SHA512:
6
- metadata.gz: 41fcb36f790fed31f7950f9f14329ae720f51ba6bb4a61be2d93c12f4978b302b117cd7c8b02f45edaa1dc94fd972e1addbf246bdfef8db4e9f2cf51619d55cf
7
- data.tar.gz: 6e8bdefb5e12f7e88e85661a3aaa81379871d8f181c118b7ae92403782fa63c2d3152a5caa737ea973e82de9b819cb33b3db31c1a3083c83052e64a4755afd71
6
+ metadata.gz: 410efca04dbfdd99d472a4d986a4a15192afbf86766397be24d4af210dde4532294a286dc2206132156aa8f3dc6f3fe822b71d7171d30dd9aa06884d12172e99
7
+ data.tar.gz: ebf4fa5d837dbd5eda29f22080fceddd1545cc5034e2f0834a38346f2db5327fb0290fc9196a6243acf0fb69637cdd6c9bfa1df6c987a03160bb95e6111bb506
checksums.yaml.gz.sig CHANGED
Binary file
data.tar.gz.sig CHANGED
Binary file
data/README.md CHANGED
@@ -14,7 +14,7 @@ A command line interface for smithing new Ruby gems.
14
14
  # Table of Contents
15
15
 
16
16
  - [Features](#features)
17
- - [Screencast](#screencast)
17
+ - [Screencasts](#screencasts)
18
18
  - [Requirements](#requirements)
19
19
  - [Setup](#setup)
20
20
  - [Usage](#usage)
@@ -24,6 +24,10 @@ A command line interface for smithing new Ruby gems.
24
24
  - [Security](#security)
25
25
  - [Git Signing Key](#git-signing-key)
26
26
  - [Gem Certificates](#gem-certificates)
27
+ - [Private Gem Servers](#private-gem-servers)
28
+ - [Gem Specification Metadata](#gem-specification-metadata)
29
+ - [RubyGems Credentials](#rubygems-credentials)
30
+ - [Generating Credentials](#generating-credentials)
27
31
  - [Promotion](#promotion)
28
32
  - [Versioning](#versioning)
29
33
  - [Code of Conduct](#code-of-conduct)
@@ -56,7 +60,7 @@ A command line interface for smithing new Ruby gems.
56
60
  - Provides the ability to open the source code of any gem within your favorite editor.
57
61
  - Provides the ability to read the documentation of any gem within your default browser.
58
62
 
59
- # Screencast
63
+ # Screencasts
60
64
 
61
65
  [![asciicast](https://asciinema.org/a/30728.png)](https://asciinema.org/a/30728)
62
66
 
@@ -71,7 +75,7 @@ A command line interface for smithing new Ruby gems.
71
75
 
72
76
  For a secure install, type the following from the command line (recommended):
73
77
 
74
- gem cert --add <(curl -Ls https://www.alchemists.io/gem-public.pem)
78
+ gem cert --add <(curl --location --silent https://www.alchemists.io/gem-public.pem)
75
79
  gem install gemsmith --trust-policy MediumSecurity
76
80
 
77
81
  NOTE: A HighSecurity trust policy would be best but MediumSecurity enables signed gem verification while
@@ -173,15 +177,15 @@ For more gem creation options, type: `gemsmith --help --create`
173
177
 
174
178
  Once a gem skeleton has been created, the following tasks are available (i.e. `bundle exec rake -T`):
175
179
 
176
- rake build # Build gemsmith-7.0.0.gem into the pkg directory
180
+ rake build # Build example-0.1.0.gem into the pkg directory
177
181
  rake clean # Remove any temporary products / Clean gem artifacts
178
182
  rake clobber # Remove any generated files
179
183
  rake console # Open IRB console for gem development environment
180
184
  rake doc # Update README (table of contents)
181
- rake install # Build and install gemsmith-7.0.0.gem into system gems
182
- rake install:local # Build and install gemsmith-7.0.0.gem into system gems without network access
183
- rake publish # Build, tag v7.0.0 (signed), and push gemsmith-7.0.0.gem to RubyGems
184
- rake release[remote] # Create tag v7.0.0 and build and push gemsmith-7.0.0.gem to Rubygems
185
+ rake install # Build and install example-0.1.0.gem into system gems
186
+ rake install:local # Build and install example-0.1.0.gem into system gems without network access
187
+ rake publish # Build, tag v0.1.0 (signed), and push example-0.1.0.gem to RubyGems
188
+ rake release[remote] # Build, tag v0.1.0 (unsigned), and push example-0.1.0.gem to RubyGems
185
189
  rake rubocop # Run RuboCop
186
190
  rake rubocop:auto_correct # Auto-correct RuboCop offenses
187
191
  rake spec # Run RSpec code examples
@@ -192,7 +196,7 @@ Gemsmith:
192
196
  rake build - Cleans and regenerates the README table of contents in addition to building the gem.
193
197
  rake install - Inherits the `build` modifications mentioned above.
194
198
  rake install:local - Inherits the `build` modifications mentioned above.
195
- rake release - Inherits the `build` modifications mentioned above.
199
+ rake release - Identical to the `publish` tasks but does not securely sign the Git tag.
196
200
 
197
201
  When building/testing your gem locally, a typical workflow is:
198
202
 
@@ -261,6 +265,77 @@ To learn more about gem certificates, read the following:
261
265
  - [A Practical Guide to Using Signed Ruby Gems - Part 1: Bundler](http://blog.meldium.com/home/2013/3/3/signed-rubygems-part)
262
266
  - [A Practical Guide to Using Signed Ruby Gems - Part 2: Heroku](http://blog.meldium.com/home/2013/3/6/signed-gems-on-heroku)
263
267
 
268
+ # Private Gem Servers
269
+
270
+ By default, the following Rake tasks will publish your gem to [RubyGems](https://rubygems.org):
271
+
272
+ rake release
273
+ rake publish
274
+
275
+ You can change this behavior by adding metadata to your gemspec that will allow the Rake tasks, mentioned above, to
276
+ publish your gem to an alternate/private gem server instead. This can be done by updating your gem specification and
277
+ RubyGems credentials.
278
+
279
+ ## Gem Specification Metadata
280
+
281
+ Add the following metadata to your gemspec:
282
+
283
+ Gem::Specification.new do |spec|
284
+ spec.metadata = {
285
+ "allowed_push_key" => "example_key",
286
+ "allowed_push_host" => "https://gems.example.com"
287
+ }
288
+ end
289
+
290
+ The gemspec metadata keys and values *must* be strings per the
291
+ [RubyGems Specification](http://guides.rubygems.org/specification-reference/#metadata). Each key represents the
292
+ following:
293
+
294
+ - `allowed_push_key`: Provides a reference (look up) to the key defined the RubyGems credentials file so that sensitive
295
+ credentials are not used within your gemspec.
296
+ - `allowed_push_host`: Provides the URL of the private gem server to push your gem to.
297
+
298
+ ## RubyGems Credentials
299
+
300
+ The "example_key" defined within the gem specification, mentioned above, *must* be defined withing your
301
+ `~/.gem/credentials` file and should look like this:
302
+
303
+ ---
304
+ :example_key: "Basic dXNlcjpwYXNzd29yZA=="
305
+
306
+ The "example_key" *must* be a symbol (hence the double colons) due to RubyGems requirements.
307
+
308
+ ## Generating Credentials
309
+
310
+ RubyGems uses an `Authorization` HTTP header when pushing a gem to a remote server. This can be an API key, HTTP Basic
311
+ Auth, etc. When pushing a gem to RubyGems, you'll want to use the API key associated with your account. If that is the
312
+ case, you're credentials would contain the following:
313
+
314
+ ---
315
+ :rubygems_api_key: 2a0b460650e67d9b85a60e183defa376
316
+
317
+ For a server that might use HTTP Basic auth, you can generate the key value by launching IRB and running the following:
318
+
319
+ require "net/http"
320
+ Net::HTTP::Get.new("http://gems.example.com").basic_auth "user", "password"
321
+
322
+ The URL is arbitrary but the user and password should be your account credentials. The output, from running the code
323
+ above, should look like the following:
324
+
325
+ ["Basic dXNlcjpwYXNzd29yZA=="]
326
+
327
+ You can then add this value to your credentials file like so:
328
+
329
+ ---
330
+ :example_key: "Basic dXNlcjpwYXNzd29yZA=="
331
+
332
+ You can add multiple accounts to your RubyGems credentials (there is no limit to the number of accounts you might need
333
+ to have access to). Example:
334
+
335
+ ---
336
+ :rubygems_api_key: 2a0b460650e67d9b85a60e183defa376
337
+ :example_key: "Basic dXNlcjpwYXNzd29yZA=="
338
+
264
339
  # Promotion
265
340
 
266
341
  Once your gem is released, you might want to let the world know about your accomplishment:
@@ -39,10 +39,10 @@ module Gemsmith
39
39
 
40
40
  case
41
41
  when specs.size == 1
42
- spec_aid.send method, specs.first
42
+ spec_aid.public_send method, specs.first
43
43
  when specs.size > 1
44
44
  print_gems specs
45
- spec_aid.send method, pick_gem(specs, name)
45
+ spec_aid.public_send method, pick_gem(specs, name)
46
46
  else
47
47
  error("Unable to find gem: #{name}.") && ""
48
48
  end
@@ -12,7 +12,7 @@ module Gemsmith
12
12
  end
13
13
 
14
14
  def self.version
15
- "7.2.0"
15
+ "7.3.0"
16
16
  end
17
17
 
18
18
  def self.version_label
@@ -5,15 +5,25 @@ require "milestoner"
5
5
  module Gemsmith
6
6
  module Rake
7
7
  # Provides gem release functionality. Meant to be wrapped in Rake tasks.
8
+ # rubocop:disable Metrics/MethodLength
9
+ # rubocop:disable Metrics/ParameterLists
8
10
  class Release
11
+ def self.default_gem_host
12
+ Gem::DEFAULT_HOST
13
+ end
14
+
9
15
  def initialize gem_spec_path = Dir.glob("#{Dir.pwd}/*.gemspec").first,
16
+ gem_config: Gem::ConfigFile.new([]),
10
17
  bundler: Bundler,
11
18
  publisher: Milestoner::Publisher.new,
12
- shell: Bundler::UI::Shell.new
19
+ shell: Bundler::UI::Shell.new,
20
+ kernel: Kernel
13
21
 
14
22
  @gem_spec_path = gem_spec_path
23
+ @gem_config = gem_config
15
24
  @publisher = publisher
16
25
  @shell = shell
26
+ @kernel = kernel
17
27
  @gem_spec = bundler.load_gemspec gem_spec_path.to_s
18
28
  rescue Errno::ENOENT
19
29
  @shell.error "Invalid gemspec file path: #{@gem_spec_path}."
@@ -31,15 +41,51 @@ module Gemsmith
31
41
  "#{gem_spec.name}-#{version_number}.gem"
32
42
  end
33
43
 
34
- def publish
35
- publisher.publish version_number, sign: true
44
+ def allowed_push_key
45
+ gem_spec.metadata.fetch("allowed_push_key") { "rubygems_api_key" }
46
+ end
47
+
48
+ def allowed_push_host
49
+ gem_spec.metadata.fetch("allowed_push_host") { self.class.default_gem_host }
50
+ end
51
+
52
+ def push
53
+ return false unless gem_credentials? && gem_credential_value?
54
+
55
+ kernel.system %(gem push "pkg/#{gem_file_name}" --key "#{translated_api_key}" --host "#{allowed_push_host}")
56
+ shell.confirm "Pushed #{gem_file_name} to #{allowed_push_host}."
57
+ true
58
+ end
59
+
60
+ def publish sign: true
61
+ publisher.publish version_number, sign: sign
62
+ push
36
63
  rescue Milestoner::Errors::Base => error
37
64
  shell.error error.message
38
65
  end
39
66
 
40
67
  private
41
68
 
42
- attr_reader :gem_spec_path, :gem_spec, :publisher, :shell
69
+ attr_reader :gem_spec_path, :gem_config, :gem_spec, :publisher, :shell, :kernel
70
+
71
+ def gem_credentials?
72
+ return true if File.exist?(gem_config.credentials_path)
73
+ shell.error "Unable to load gem credentials: #{gem_config.credentials_path}."
74
+ false
75
+ end
76
+
77
+ def translated_api_key
78
+ return :rubygems if allowed_push_key == "rubygems_api_key"
79
+ allowed_push_key.to_sym
80
+ end
81
+
82
+ def gem_credential_value?
83
+ value = gem_config.api_keys[translated_api_key]
84
+ return true unless value.nil? || value.empty?
85
+
86
+ shell.error %(Invalid credential (#{gem_config.credentials_path}): :#{allowed_push_key}: "#{value}".)
87
+ false
88
+ end
43
89
  end
44
90
  end
45
91
  end
@@ -14,12 +14,14 @@ module Gemsmith
14
14
  new.install
15
15
  end
16
16
 
17
- def install
18
- build = Gemsmith::Rake::Build.new
19
- release = Gemsmith::Rake::Release.new
17
+ def initialize
18
+ @build = Gemsmith::Rake::Build.new
19
+ @release = Gemsmith::Rake::Release.new
20
+ end
20
21
 
22
+ def install
21
23
  ::Rake::Task[:build].enhance [:clean, :doc, :validate]
22
- ::Rake::Task[:release].enhance { ::Rake::Task[:clean].invoke }
24
+ ::Rake::Task[:release].clear
23
25
 
24
26
  desc "Update README (table of contents)"
25
27
  task :doc do
@@ -35,12 +37,20 @@ module Gemsmith
35
37
  build.validate
36
38
  end
37
39
 
40
+ desc "Build, tag #{release.version_label} (unsigned), and push #{release.gem_file_name} to RubyGems"
41
+ task release: :build do
42
+ release.publish sign: false
43
+ end
44
+
38
45
  desc "Build, tag #{release.version_label} (signed), and push #{release.gem_file_name} to RubyGems"
39
- task publish: [:build, "release:guard_clean"] do
46
+ task publish: :build do
40
47
  release.publish
41
- ::Rake::Task["release:rubygem_push"].invoke
42
48
  end
43
49
  end
50
+
51
+ private
52
+
53
+ attr_reader :build, :release
44
54
  end
45
55
  end
46
56
  end
@@ -20,6 +20,8 @@
20
20
 
21
21
  # Features
22
22
 
23
+ # Screencasts
24
+
23
25
  # Requirements
24
26
 
25
27
  0. [MRI <%= config.dig(:versions, :ruby) %>](https://www.ruby-lang.org)
@@ -32,7 +34,7 @@
32
34
  <%- if config.dig(:create, :security) -%>
33
35
  For a secure install, type the following (recommended):
34
36
 
35
- gem cert --add <(curl -Ls <%= config.dig :organization, :url %>/gem-public.pem)
37
+ gem cert --add <(curl --location --silent <%= config.dig :organization, :url %>/gem-public.pem)
36
38
  gem install <%= config.dig(:gem, :name) %> --trust-policy MediumSecurity
37
39
 
38
40
  NOTE: A HighSecurity trust policy would be best but MediumSecurity enables signed gem verification while
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: gemsmith
3
3
  version: !ruby/object:Gem::Version
4
- version: 7.2.0
4
+ version: 7.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Brooke Kuhlmann
@@ -30,7 +30,7 @@ cert_chain:
30
30
  aSif+qBc6oHD7EQWPF5cZkzkIURuwNwPBngZGxIKaMAgRhjGFXzUMAaq++r59cS9
31
31
  xTfQ4k6fglKEgpnLAXiKdo2c8Ym+X4rIKFfedQ==
32
32
  -----END CERTIFICATE-----
33
- date: 2016-02-20 00:00:00.000000000 Z
33
+ date: 2016-02-29 00:00:00.000000000 Z
34
34
  dependencies:
35
35
  - !ruby/object:Gem::Dependency
36
36
  name: thor
@@ -411,7 +411,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
411
411
  version: '0'
412
412
  requirements: []
413
413
  rubyforge_project:
414
- rubygems_version: 2.5.2
414
+ rubygems_version: 2.6.1
415
415
  signing_key:
416
416
  specification_version: 4
417
417
  summary: A command line interface for smithing new Ruby gems.
metadata.gz.sig CHANGED
Binary file