gemstash 2.4.0 → 2.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d58f7aa439647ca176542a5baa37d06ecc97a932d01c865dfc6c84ced8339eec
-  data.tar.gz: 5c2509224be5415b8beb839973c529d58cb76986bb93a4231069122974b85179
+  metadata.gz: 69af5c3ee89fc53cee466750fcf2f0028e48da55c97ec1e088ce57115982e0fd
+  data.tar.gz: 548acfcde803f83ef757218d414a8d88677af45b9e60164bcaffd178adeb86b2
 SHA512:
-  metadata.gz: becd0a79decd3a755c9867935e942854b614b2bbfa03a1928a770aed8faa9b4fcbd1d4f672c60cd01d45d9ebd20d591f2d4e30da0076bbe6d966cbea76b123eb
-  data.tar.gz: f775af62ccd3e2c5efada9cd41208fcbf060bfe2ab23a16fe79f70947d171a403d43aa2e4f96a48c78b73e5045f5aeda07af1e0d3fa80a210ffefd015cbc6ace
+  metadata.gz: d8eb6be20540527c746f5d9a02d2f170549e8764ad182a834384a4f63edd62ea373b5113256a89c250524c4551a02d792c8eb0e88d3a860f1337add8548bec0e
+  data.tar.gz: d35028447a52b25de004572ce975f6dff4d2cd358e54f72c537edb29e85dba43682f9c313f8b94461a3fcd7b3e9be089593fdba29fde039f664d7cebb1d11580

data/CHANGELOG.md

@@ -1,3 +1,15 @@
+## 2.6.0 (2023-09-30)
+
+### Changes
+
+  - Support `GEMSTASH_CONFIG` environment variable ([#369](https://github.com/rubygems/gemstash/pull/369), [@kyrofa](https://github.com/kyrofa))
+
+## 2.5.0 (2023-09-28)
+
+### Changes
+
+  - Add support for upstream auth with ENV variables ([#339](https://github.com/rubygems/gemstash/pull/339), [@CiTroNaK](https://github.com/CiTroNaK))
+
 ## 2.4.0 (2023-09-27)
 
 ### Changes
@@ -8,7 +20,7 @@
 
 ### Fixes
 
-  - Require a now-needed file for Puma 6. Thanks, [@ktreis][]! ([#362](https://github.com/rubygems/gemstash/pull/362), [@olleolleolle](https://github.com/olleolleolle))
+  - Require a now-needed file for Puma 6. Thanks, [@ktreis](https://github.com/ktreis)! ([#362](https://github.com/rubygems/gemstash/pull/362), [@olleolleolle](https://github.com/olleolleolle))
 
 ## 2.3.1 (2023-09-05)
 

data/lib/gemstash/configuration.rb

@@ -75,6 +75,11 @@ module Gemstash
   private
 
     def default_file
+      # Support the config file being specified via environment variable
+      gemstash_config = ENV["GEMSTASH_CONFIG"]
+      return gemstash_config if gemstash_config
+
+      # If no environment variable is used, fall back to the normal defaults
       File.exist?("#{DEFAULT_FILE}.erb") ? "#{DEFAULT_FILE}.erb" : DEFAULT_FILE
     end
 

data/lib/gemstash/man/gemstash-multiple-sources.7

@@ -49,6 +49,10 @@ gem \[dq]rubywarrior\[dq]
 source \[dq]http://localhost:9292/upstream/#{CGI.escape(\[dq]https://my.gem-source.local\[dq])}\[dq] do
   gem \[dq]my-gem\[dq]
 end
+
+source \[dq]http://localhost:9292/upstream/my-other.gem-source.local\[dq] do
+  gem \[dq]my-other-gem\[dq]
+end
 .EE
 .PP
 Notice the \f[CR]CGI.escape\f[R] call in the second source.
@@ -57,6 +61,57 @@ knows what gem source you want.
 The \f[CR]/upstream\f[R] prefix tells Gemstash to use a gem source other
 than the default source.
 You can now bundle with the additional source.
+.PP
+Notice that the third source doesn\[cq]t need to be escaped.
+This is because the \f[CR]https://\f[R] is used by default when no
+scheme is set, and the source URL does not contain any characters that
+need to be escaped.
+.SS Authentication with Multiple Sources
+You can use basic authentication or API keys on sources directly in
+Gemfile or using ENV variables on the Gemstash instance.
+.PP
+Example \f[CR]Gemfile\f[R]:
+.IP
+.EX
+# ./Gemfile
+require \[dq]cgi\[dq]
+source \[dq]http://localhost:9292\[dq]
+
+source \[dq]http://localhost:9292/upstream/#{CGI.escape(\[dq]user:password\[at]my.gem-source.local\[dq])}\[dq] do
+  gem \[dq]my-gem\[dq]
+end
+
+source \[dq]http://localhost:9292/upstream/#{CGI.escape(\[dq]api_key\[at]my-other.gem-source.local\[dq])}\[dq] do
+  gem \[dq]my-other-gem\[dq]
+end
+.EE
+.PP
+If you set \f[CR]GEMSTASH_<HOST>\f[R] ENV variable with your
+authentication information, you can omit it from the \f[CR]Gemfile\f[R]:
+.IP
+.EX
+# ./Gemfile
+source \[dq]http://localhost:9292\[dq]
+
+source \[dq]http://localhost:9292/upstream/my.gem-source.local\[dq] do
+  gem \[dq]my-gem\[dq]
+end
+.EE
+.PP
+And run the Gemstash with the credentials set in an ENV variable:
+.IP
+.EX
+GEMSTASH_MY__GEM___SOURCE__LOCAL=user:password gemstash start --no-daemonize --config-file config.yml.erb
+.EE
+.PP
+The name of the ENV variable is the uppercase version of the host name,
+with all \f[CR].\f[R] characters replaced with \f[CR]__\f[R], all
+\f[CR]-\f[R] with \f[CR]___\f[R] and a \f[CR]GEMSTASH_\f[R] prefix (it
+uses the same syntax as
+Bundler (https://bundler.io/v2.4/man/bundle-config.1.html#CREDENTIALS-FOR-GEM-SOURCES)).
+.PP
+Example: \f[CR]my.gem-source.local\f[R] =>
+\f[CR]GEMSTASH_MY__GEM___SOURCE__LOCAL\f[R]
 .SS Redirecting
 Gemstash supports an alternate mode of specifying your gem sources.
 If you want Gemstash to redirect Bundler to your given gem sources, then

data/lib/gemstash/man/gemstash-multiple-sources.7.txt

@@ -44,15 +44,63 @@
 		gem "my-gem"
 	      end
 
+	      source "http://localhost:9292/upstream/my-other.gem-source.local" do
+		gem "my-other-gem"
+	      end
+
        Notice the CGI.escape call in the second source.  This is important, as
        it properly URL escapes the source  URL	so  Gemstash  knows  what  gem
        source  you  want.   The  /upstream  prefix tells Gemstash to use a gem
        source other than the default source.  You can now bundle with the  ad-
        ditional source.
 
+       Notice  that  the third source doesn't need to be escaped.  This is be-
+       cause the https:// is used by default when no scheme is	set,  and  the
+       source URL does not contain any characters that need to be escaped.
+
+   1mAuthentication with Multiple Sources0m
+       You  can  use  basic  authentication or API keys on sources directly in
+       Gemfile or using ENV variables on the Gemstash instance.
+
+       Example Gemfile:
+
+	      # ./Gemfile
+	      require "cgi"
+	      source "http://localhost:9292"
+
+	      source "http://localhost:9292/upstream/#{CGI.escape("user:password@my.gem-source.local")}" do
+		gem "my-gem"
+	      end
+
+	      source "http://localhost:9292/upstream/#{CGI.escape("api_key@my-other.gem-source.local")}" do
+		gem "my-other-gem"
+	      end
+
+       If you set GEMSTASH_<HOST> ENV variable with your authentication infor-
+       mation, you can omit it from the Gemfile:
+
+	      # ./Gemfile
+	      source "http://localhost:9292"
+
+	      source "http://localhost:9292/upstream/my.gem-source.local" do
+		gem "my-gem"
+	      end
+
+       And run the Gemstash with the credentials set in an ENV variable:
+
+	      GEMSTASH_MY__GEM___SOURCE__LOCAL=user:password gemstash start --no-daemonize --config-file config.yml.erb
+
+       The name of the ENV variable is the uppercase version of the host name,
+       with all . characters replaced with __, all - with ___ and a  GEMSTASH_
+       prefix	   (it	   uses     the     same     syntax	as     Bundler
+       (https://bundler.io/v2.4/man/bundle-config.1.html#CREDENTIALS-FOR-GEM-
+       SOURCES)).
+
+       Example: my.gem-source.local => GEMSTASH_MY__GEM___SOURCE__LOCAL
+
    1mRedirecting0m
        Gemstash supports an alternate mode of specifying your gem sources.  If
-       you  want  Gemstash to redirect Bundler to your given gem sources, then
+       you want Gemstash to redirect Bundler to your given gem	sources,  then
        you can specify your Gemfile like so:
 
 	      # ./Gemfile
@@ -60,9 +108,9 @@
 	      source "http://localhost:9292/redirect/#{CGI.escape("https://rubygems.org")}"
 	      gem "rubywarrior"
 
-       Notice the /redirect prefix.  This prefix tells	Gemstash  to  redirect
-       API  calls to the provided URL.	Redirected calls like this will not be
-       cached by Gemstash, and gem files will not be  stashed,	even  if  they
+       Notice  the  /redirect  prefix.	This prefix tells Gemstash to redirect
+       API calls to the provided URL.  Redirected calls like this will not  be
+       cached  by  Gemstash,  and  gem files will not be stashed, even if they
        were previously cached or stashed from the same gem source.
 
 				October 8, 2015   4mgemstash-multiple-sources24m(7)

data/lib/gemstash/upstream.rb

@@ -11,10 +11,12 @@ module Gemstash
 
     attr_reader :user_agent, :uri
 
-    def_delegators :@uri, :scheme, :host, :user, :password, :to_s
+    def_delegators :@uri, :scheme, :host, :to_s
 
     def initialize(upstream, user_agent: nil)
-      @uri = URI(CGI.unescape(upstream.to_s))
+      url = CGI.unescape(upstream.to_s)
+      url = "https://#{url}" unless %r{^https?://}.match?(url)
+      @uri = URI(url)
       @user_agent = user_agent
       raise "URL '#{@uri}' is not valid!" unless @uri.to_s&.match?(URI::DEFAULT_PARSER.make_regexp)
     end
@@ -40,12 +42,41 @@ module Gemstash
       @host_id ||= "#{host}_#{hash}"
     end
 
+    def user
+      env_auth_user || @uri.user
+    end
+
+    def password
+      env_auth_pass || @uri.password
+    end
+
   private
 
     def hash
       Digest::MD5.hexdigest(to_s)
     end
 
+    def env_auth_user
+      return unless env_auth
+
+      env_auth.split(":", 2).first
+    end
+
+    def env_auth_pass
+      return unless env_auth
+      return unless env_auth.include?(":")
+
+      env_auth.split(":", 2).last
+    end
+
+    def env_auth
+      @env_auth ||= ENV["GEMSTASH_#{host_for_env}"]
+    end
+
+    def host_for_env
+      host.upcase.gsub(".", "__").gsub("-", "___")
+    end
+
     # :nodoc:
     class GemName
       def initialize(upstream, gem_name)

data/lib/gemstash/version.rb

@@ -2,5 +2,5 @@
 
 # :nodoc:
 module Gemstash
-  VERSION = "2.4.0"
+  VERSION = "2.6.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: gemstash
 version: !ruby/object:Gem::Version
-  version: 2.4.0
+  version: 2.6.0
 platform: ruby
 authors:
 - Andre Arko
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-09-27 00:00:00.000000000 Z
+date: 2023-09-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport