handsome_fencer-circle_c_i 0.1.9 → 0.1.10
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/generators/handsome_fencer/circle_c_i/deploy_key_generator.rb +14 -1
- data/lib/generators/handsome_fencer/circle_c_i/exposed_env_files_generator.rb +6 -3
- data/lib/generators/handsome_fencer/circle_c_i/install_generator.rb +6 -1
- data/lib/generators/handsome_fencer/circle_c_i/obfuscated_env_files_generator.rb +8 -2
- data/lib/generators/handsome_fencer/circle_c_i/templates/circleci/config.yml +2 -2
- data/lib/generators/handsome_fencer/circle_c_i/templates/circleci/expose_env.rb +2 -2
- data/lib/generators/handsome_fencer/circle_c_i/templates/config/database.yml +20 -0
- data/lib/handsome_fencer/circle_c_i/crypto.rb +11 -5
- data/lib/handsome_fencer/circle_c_i/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 042f6427f12410823e59a9f7e4d60ed98640c8bb00950a72ae9ad03e5ad714e9
|
|
4
|
+
data.tar.gz: 3658d0de2a4de63ddc657eb66a7dda846958f5030185691e31b7153525afdd35
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 581f9ae0c3cd48af19f2fdc7d630edbcda253dcf11abc106e3ae39a7dde0444cd3755c6da35a56eace03f3d78d3b85b2d370ef16cd4346ffcca79ee4c649f12a
|
|
7
|
+
data.tar.gz: c9bee3af2db0f2febbe5314fba32a918fd9e9a0f90bc6ace3c824d0061c93516ca176829e90adc4fa9231448d1cb21735694eb4ad481348686a120fec39cb30f
|
|
@@ -6,13 +6,26 @@ module HandsomeFencer
|
|
|
6
6
|
source_root File.expand_path('templates', __dir__)
|
|
7
7
|
desc "generate deploy key"
|
|
8
8
|
|
|
9
|
+
class_option :environment, type: :string, default: 'deploy'
|
|
9
10
|
def generate_deploy_key
|
|
11
|
+
environment = options[:environment]
|
|
10
12
|
@cipher = OpenSSL::Cipher.new 'AES-128-CBC'
|
|
11
13
|
@salt = '8 octets'
|
|
12
14
|
@new_key = @cipher.random_key
|
|
13
15
|
|
|
14
|
-
create_file ".circleci
|
|
16
|
+
create_file ".circleci/#{environment}.key", Base64.encode64(@new_key)
|
|
15
17
|
end
|
|
16
18
|
end
|
|
17
19
|
end
|
|
18
20
|
end
|
|
21
|
+
|
|
22
|
+
# desc 'copy keys to server'
|
|
23
|
+
# task :environment_keys, [:source, :destination] do |task, args|
|
|
24
|
+
#
|
|
25
|
+
# on server do
|
|
26
|
+
# within deploy_path do
|
|
27
|
+
# destination = args[:destination] || '.'
|
|
28
|
+
# upload! File.expand_path("../../#{args[:source]}", __dir__), destination='.'
|
|
29
|
+
# end
|
|
30
|
+
# end
|
|
31
|
+
# end
|
|
@@ -3,12 +3,15 @@ module HandsomeFencer
|
|
|
3
3
|
module CircleCI
|
|
4
4
|
|
|
5
5
|
class ExposedEnvFilesGenerator < Rails::Generators::Base
|
|
6
|
-
source_root File.expand_path('templates', __dir__)
|
|
7
6
|
desc "expose .env files inside .circleci directory"
|
|
8
7
|
|
|
8
|
+
source_root File.expand_path('templates', __dir__)
|
|
9
|
+
class_option :environment, type: :string, default: 'deploy'
|
|
10
|
+
|
|
9
11
|
def expose_env_files
|
|
10
|
-
|
|
11
|
-
@cipher.
|
|
12
|
+
environment = options[:environment]
|
|
13
|
+
@cipher = HandsomeFencer::CircleCI::Crypto.new(dkfile: environment)
|
|
14
|
+
@cipher.expose('.circleci', "#{environment}.env.enc")
|
|
12
15
|
end
|
|
13
16
|
end
|
|
14
17
|
end
|
|
@@ -7,7 +7,7 @@ module HandsomeFencer
|
|
|
7
7
|
desc "Sets up some necessary files for continuous deployments using docker and CircleCI"
|
|
8
8
|
|
|
9
9
|
def copy_circle_templates
|
|
10
|
-
directory "circleci", "
|
|
10
|
+
directory "circleci", "./.circleci", recursive: true
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
def copy_deploy_task
|
|
@@ -18,6 +18,11 @@ module HandsomeFencer
|
|
|
18
18
|
copy_file "docker-compose.yml", "docker-compose.yml"
|
|
19
19
|
end
|
|
20
20
|
|
|
21
|
+
def copy_config_databas_yml
|
|
22
|
+
copy_file "config/database.yml", "config/database.yml"
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
|
|
21
26
|
def insert_gitignores
|
|
22
27
|
create_file '.gitignore' if File.exist? '.gitignore'
|
|
23
28
|
append_to_file '.gitignore', "\n.circleci/**/*.env"
|
|
@@ -3,12 +3,18 @@ module HandsomeFencer
|
|
|
3
3
|
module CircleCI
|
|
4
4
|
|
|
5
5
|
class ObfuscatedEnvFilesGenerator < Rails::Generators::Base
|
|
6
|
+
|
|
7
|
+
class_option :environment, type: :string, default: 'deploy'
|
|
8
|
+
|
|
6
9
|
source_root File.expand_path('templates', __dir__)
|
|
7
10
|
desc "obfuscate .env files inside .circleci directory"
|
|
8
11
|
|
|
9
12
|
def obfuscate_env_files
|
|
10
|
-
|
|
11
|
-
|
|
13
|
+
|
|
14
|
+
environment = options[:environment]
|
|
15
|
+
|
|
16
|
+
@cipher = HandsomeFencer::CircleCI::Crypto.new(dkfile: environment)
|
|
17
|
+
@cipher.obfuscate('.circleci', "#{environment}.env")
|
|
12
18
|
end
|
|
13
19
|
end
|
|
14
20
|
end
|
|
@@ -9,8 +9,8 @@ jobs:
|
|
|
9
9
|
machine: true
|
|
10
10
|
steps:
|
|
11
11
|
- checkout
|
|
12
|
-
- run: gem install
|
|
13
|
-
- run: ruby expose_env.rb
|
|
12
|
+
- run: gem install handsome_fencer-circle_c_i
|
|
13
|
+
- run: ruby .circleci/expose_env.rb
|
|
14
14
|
- run: docker-compose build dev_app database
|
|
15
15
|
- run: docker-compose run dev_app bin/rails db:create db:migrate test
|
|
16
16
|
|
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
require '
|
|
2
|
-
cipher =
|
|
1
|
+
require 'handsome_fencer/circle_c_i/crypto'
|
|
2
|
+
cipher = HandsomeFencer::CircleCI::Crypto.new
|
|
3
3
|
cipher.expose
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
default: &default
|
|
2
|
+
adapter: postgresql
|
|
3
|
+
encoding: unicode
|
|
4
|
+
host: <%= ENV.fetch('DATABASE_HOST') %>
|
|
5
|
+
username: <%= ENV.fetch('POSTGRES_USER') %>
|
|
6
|
+
password: <%= ENV.fetch('POSTGRES_PASSWORD') %>
|
|
7
|
+
database: <%= ENV.fetch('POSTGRES_DB') %>
|
|
8
|
+
pool: 5
|
|
9
|
+
variables:
|
|
10
|
+
statement_timeout: 5000
|
|
11
|
+
|
|
12
|
+
development:
|
|
13
|
+
<<: *default
|
|
14
|
+
|
|
15
|
+
test:
|
|
16
|
+
<<: *default
|
|
17
|
+
|
|
18
|
+
|
|
19
|
+
production:
|
|
20
|
+
<<: *default
|
|
@@ -1,26 +1,28 @@
|
|
|
1
1
|
require 'openssl'
|
|
2
2
|
require 'base64'
|
|
3
|
-
|
|
3
|
+
require 'byebug'
|
|
4
4
|
module HandsomeFencer
|
|
5
5
|
module CircleCI
|
|
6
6
|
class Crypto
|
|
7
7
|
|
|
8
8
|
DeployKeyError = Class.new(StandardError)
|
|
9
9
|
|
|
10
|
-
def initialize
|
|
10
|
+
def initialize(options={})
|
|
11
|
+
|
|
11
12
|
@cipher = OpenSSL::Cipher.new 'AES-128-CBC'
|
|
12
13
|
@salt = '8 octets'
|
|
14
|
+
@dkfile = ".circleci/" + options[:dkfile] + ".key"
|
|
13
15
|
@pass_phrase = get_deploy_key
|
|
14
16
|
end
|
|
15
17
|
|
|
16
18
|
def get_deploy_key
|
|
17
19
|
case
|
|
18
|
-
when ENV['DEPLOY_KEY'].nil? && !File.exist?(dkfile)
|
|
20
|
+
when ENV['DEPLOY_KEY'].nil? && !File.exist?(@dkfile)
|
|
19
21
|
raise DeployKeyError, "No deploy key set. Please generate a deploy key using '$ bin/rails generate handsome_fencer:circle_c_i:deploy_key' or set it using '$ export ENV['DEPLOY_KEY'] = some-complicated-key'"
|
|
22
|
+
when File.exist?(@dkfile)
|
|
23
|
+
Base64.decode64(File.read(@dkfile))
|
|
20
24
|
when !ENV['DEPLOY_KEY'].nil?
|
|
21
25
|
Base64.decode64(ENV['DEPLOY_KEY'])
|
|
22
|
-
when File.exist?(dkfile)
|
|
23
|
-
Base64.decode64(File.read(dkfile))
|
|
24
26
|
end
|
|
25
27
|
end
|
|
26
28
|
|
|
@@ -55,6 +57,7 @@ module HandsomeFencer
|
|
|
55
57
|
end
|
|
56
58
|
|
|
57
59
|
def decrypt(file)
|
|
60
|
+
|
|
58
61
|
encrypted = Base64.decode64 File.read(file.to_s)
|
|
59
62
|
@cipher.decrypt.pkcs5_keyivgen @pass_phrase, @salt
|
|
60
63
|
decrypted = @cipher.update(encrypted) + @cipher.final
|
|
@@ -73,6 +76,9 @@ module HandsomeFencer
|
|
|
73
76
|
end
|
|
74
77
|
|
|
75
78
|
def expose(directory=nil, extension=nil)
|
|
79
|
+
# if @dkfile == '.circleci/production.key'
|
|
80
|
+
# # byebug
|
|
81
|
+
# end
|
|
76
82
|
extension = extension || '.env.enc'
|
|
77
83
|
directory = directory || '.circleci'
|
|
78
84
|
source_files(directory, extension).each { |file| decrypt(file) }
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: handsome_fencer-circle_c_i
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.10
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- schadenfred
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-09-
|
|
11
|
+
date: 2018-09-30 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: sshkit
|
|
@@ -105,6 +105,7 @@ files:
|
|
|
105
105
|
- lib/generators/handsome_fencer/circle_c_i/templates/circleci/containers/web/production.env
|
|
106
106
|
- lib/generators/handsome_fencer/circle_c_i/templates/circleci/expose_env.rb
|
|
107
107
|
- lib/generators/handsome_fencer/circle_c_i/templates/circleci/obfuscate_env.rb
|
|
108
|
+
- lib/generators/handsome_fencer/circle_c_i/templates/config/database.yml
|
|
108
109
|
- lib/generators/handsome_fencer/circle_c_i/templates/docker-compose.yml
|
|
109
110
|
- lib/generators/handsome_fencer/circle_c_i/templates/lib/tasks/deploy.rake
|
|
110
111
|
- lib/handsome_fencer/circle_c_i.rb
|