itamae-plugin-resource-encrypted_remote_file 0.0.1.beta1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: df8e3344bda25a0e3379d31612be0c27f4810603
+  data.tar.gz: 96e1d71f210f0fed3e617308f68707f7caf1f830
+SHA512:
+  metadata.gz: 03d3a222d0a2fd44dde809dddffc6efa2c0d6e898a3c036e118de14edfe2bfc23a6281362d32580417bd09c1d6c6a5f57d655e2fa09607284a4397f64f35e5c5
+  data.tar.gz: a60f41c5141c6ab3fa6f9f7edaf77dedfcfc2f3279d11b9c5b6f03465138f26792381f8cc15914347aed9eaac724c066cedb650b445c14838f38b137828418e8

data/.coveralls.yml

@@ -0,0 +1 @@
+repo_token: X0BBZfE4kDkJeaSeaYsiGEstlGR9SLRU1

data/.gitignore

@@ -0,0 +1,9 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/

data/.hound.yml

@@ -0,0 +1,127 @@
+# target_version:
+#   rubocop v0.30.0
+
+# Exclude autogenerated files
+AllCops:
+  Exclude:
+    - "vendor/**/*" # rubocop config/default.yml
+    - "db/schema.rb"
+  DisplayCopNames: true
+
+##################### Style ##################################
+
+Style/AndOr:
+  EnforcedStyle: conditionals
+
+Style/AsciiComments:
+  Enabled: false
+
+Style/BlockDelimiters:
+  Enabled: false
+
+Style/BracesAroundHashParameters:
+  Enabled: false
+
+Style/DeprecatedHashMethods:
+  Enabled: false
+
+Style/Documentation:
+  Enabled: false
+
+Style/DoubleNegation:
+  Enabled: false
+
+Style/DotPosition:
+  EnforcedStyle: trailing
+
+Style/EmptyElse:
+  EnforcedStyle: empty
+
+Style/FormatString:
+  EnforcedStyle: percent
+
+Style/GuardClause:
+  MinBodyLength: 5
+
+Style/HashSyntax:
+  EnforcedStyle: ruby19_no_mixed_keys
+  Exclude:
+    - "**/*.rake"
+    - "Rakefile"
+
+Style/IfUnlessModifier:
+  Enabled: false
+
+Style/IndentHash:
+  EnforcedStyle: consistent
+
+Style/Lambda:
+  Enabled: false
+
+Style/NumericLiterals:
+  MinDigits: 6
+
+Style/PredicateName:
+  Enabled: false
+
+Style/RedundantSelf:
+  Enabled: false
+
+Style/RedundantReturn:
+  AllowMultipleReturnValues: true
+
+Style/SignalException:
+  EnforcedStyle: only_raise
+
+Style/SpaceAroundOperators:
+  MultiSpaceAllowedForOperators:
+    - "="
+    - "=>"
+    - "||"
+
+Style/StringLiterals:
+  EnforcedStyle: double_quotes
+
+Style/StringLiteralsInInterpolation:
+  Enabled: false
+
+Style/SingleLineBlockParams:
+  Enabled: false
+
+Style/SingleSpaceBeforeFirstArg:
+  Enabled: false
+
+Style/TrailingComma:
+  EnforcedStyleForMultiline: comma
+
+##################### Lint ##################################
+
+Lint/UnderscorePrefixedVariableName:
+  Enabled: false
+
+Lint/UnusedMethodArgument:
+  Enabled: false
+
+##################### Metrics ##################################
+
+Metrics/AbcSize:
+  Max: 30
+
+Metrics/CyclomaticComplexity:
+  Max: 10
+
+Metrics/LineLength:
+  Max: 160
+  Exclude:
+    - "db/migrate/*.rb"
+
+Metrics/MethodLength:
+  Max: 20
+  Exclude:
+    - "db/migrate/*.rb"
+
+Metrics/PerceivedComplexity:
+  Max: 8
+
+Metrics/ClassLength:
+  Max: 120

data/.rspec

@@ -0,0 +1,3 @@
+--format documentation
+--color
+--require spec_helper

data/.rubocop.yml

@@ -0,0 +1,2 @@
+inherit_from:
+  - .hound.yml

data/.travis.yml

@@ -0,0 +1,21 @@
+language: ruby
+rvm:
+- 2.1
+- 2.2
+- ruby-head
+cache: bundler
+before_install: gem install bundler
+before_script:
+- export COVERAGE=true
+script:
+- bundle exec rspec
+branches:
+  only:
+  - master
+notifications:
+  email: false
+  slack:
+    secure: SusEtW3pV+b+KUQoQjhqTI+7QtaDXlVl0Wx2EPo1VA4k/t9M/FRZXAXxq2j5+K3QE0y4p4QbnMRoZ8W8l4f7NXzOi7CFHQAnKUVDswZdsj2udEWeNWUeN4Rub0de3sInfKkbZKfT0uhamToX/pRH7uhOogeL9Eei+KUekUXJKTE=
+matrix:
+  allow_failures:
+  - rvm: ruby-head

data/Gemfile

@@ -0,0 +1,4 @@
+source "https://rubygems.org"
+
+# Specify your gem's dependencies in itamae-plugin-resource-encrypted_remote_file.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2015 sue445
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,62 @@
+# Itamae::Plugin::Resource::EncryptedRemoteFile
+
+encrypt secret data (ex. id_rsa), and forward decrypted file to remote.
+
+This is like to [knife-solo_data_bag](https://github.com/thbishop/knife-solo_data_bag)
+
+[![Build Status](https://travis-ci.org/sue445/itamae-plugin-resource-encrypted_remote_file.svg?branch=master)](https://travis-ci.org/sue445/itamae-plugin-resource-encrypted_remote_file)
+[![Code Climate](https://codeclimate.com/github/sue445/itamae-plugin-resource-encrypted_remote_file/badges/gpa.svg)](https://codeclimate.com/github/sue445/itamae-plugin-resource-encrypted_remote_file)
+[![Coverage Status](https://coveralls.io/repos/sue445/itamae-plugin-resource-encrypted_remote_file/badge.svg)](https://coveralls.io/r/sue445/itamae-plugin-resource-encrypted_remote_file)
+[![Dependency Status](https://gemnasium.com/sue445/itamae-plugin-resource-encrypted_remote_file.svg)](https://gemnasium.com/sue445/itamae-plugin-resource-encrypted_remote_file)
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'itamae-plugin-resource-encrypted_remote_file'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install itamae-plugin-resource-encrypted_remote_file
+
+## Usage
+
+### Encrypt data
+install [reversible_cryptography](https://github.com/mitaku/reversible_cryptography)
+
+```sh
+gem install reversible_cryptography
+
+
+```
+
+### Recipe
+
+```ruby
+encrypted_remote_file "/home/deployer/.ssh/id_rsa" do
+  owner    "root"
+  group    "root"
+  source   "remote_files/encrypted_file.txt"
+  password ENV["PASSWORD"]
+end
+```
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release` to create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+1. Fork it ( https://github.com/sue445/itamae-plugin-resource-encrypted_remote_file/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create a new Pull Request

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "itamae/plugin/resource/encrypted_remote_file"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start

data/bin/setup

@@ -0,0 +1,7 @@
+#!/bin/bash
+set -euo pipefail
+IFS=$'\n\t'
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/itamae-plugin-resource-encrypted_remote_file.gemspec

@@ -0,0 +1,36 @@
+# coding: utf-8
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+
+Gem::Specification.new do |spec|
+  spec.name          = "itamae-plugin-resource-encrypted_remote_file"
+  spec.version       = "0.0.1.beta1"
+  spec.authors       = ["sue445"]
+  spec.email         = ["sue445@sue445.net"]
+
+  spec.summary       = "encrypt secret data, and forward decrypted file to remote."
+  spec.description   = "encrypt secret data, and forward decrypted file to remote."
+  spec.homepage      = "https://github.com/sue445/itamae-plugin-resource-encrypted_remote_file"
+
+  # Prevent pushing this gem to RubyGems.org by setting 'allowed_push_host', or
+  # delete this section to allow pushing this gem to any host.
+  if spec.respond_to?(:metadata)
+    spec.metadata["allowed_push_host"] = "https://rubygems.org"
+  else
+    raise "RubyGems 2.0 or newer is required to protect against public gem pushes."
+  end
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency "itamae", "~> 1.2.13"
+  spec.add_dependency "reversible_cryptography"
+
+  spec.add_development_dependency "bundler", ">= 1.9.4"
+  spec.add_development_dependency "coveralls"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec"
+  spec.add_development_dependency "rubocop"
+end

data/lib/itamae-plugin-resource-encrypted_remote_file.rb

@@ -0,0 +1 @@
+require "itamae/plugin/resource/encrypted_remote_file"

data/lib/itamae/plugin/resource/encrypted_remote_file.rb

@@ -0,0 +1,37 @@
+require "itamae"
+
+module Itamae
+  module Plugin
+    module Resource
+      require "tempfile"
+      require "reversible_cryptography"
+
+      class EncryptedRemoteFile < ::Itamae::Resource::RemoteFile
+        define_attribute :password, type: String
+
+        def pre_action
+          src_expanded_path = ::File.expand_path(attributes.source, ::File.dirname(@recipe.path))
+          encrypted_data = File.read(src_expanded_path).strip
+
+          decrypted_data = ReversibleCryptography::Message.decrypt(encrypted_data, attributes.password)
+          @decrypted_tempfile = Tempfile.open(File.basename(attributes.source)) do |f|
+            f.write(decrypted_data)
+            f
+          end
+
+          super
+        end
+
+        def content_file
+          @decrypted_tempfile.path
+        end
+
+        def action_create(options)
+          super
+
+          @decrypted_tempfile.close! if @decrypted_tempfile
+        end
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,157 @@
+--- !ruby/object:Gem::Specification
+name: itamae-plugin-resource-encrypted_remote_file
+version: !ruby/object:Gem::Version
+  version: 0.0.1.beta1
+platform: ruby
+authors:
+- sue445
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2015-04-23 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: itamae
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.2.13
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.2.13
+- !ruby/object:Gem::Dependency
+  name: reversible_cryptography
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.9.4
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.9.4
+- !ruby/object:Gem::Dependency
+  name: coveralls
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: encrypt secret data, and forward decrypted file to remote.
+email:
+- sue445@sue445.net
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".coveralls.yml"
+- ".gitignore"
+- ".hound.yml"
+- ".rspec"
+- ".rubocop.yml"
+- ".travis.yml"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- itamae-plugin-resource-encrypted_remote_file.gemspec
+- lib/itamae-plugin-resource-encrypted_remote_file.rb
+- lib/itamae/plugin/resource/encrypted_remote_file.rb
+homepage: https://github.com/sue445/itamae-plugin-resource-encrypted_remote_file
+licenses: []
+metadata:
+  allowed_push_host: https://rubygems.org
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">"
+    - !ruby/object:Gem::Version
+      version: 1.3.1
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.5
+signing_key: 
+specification_version: 4
+summary: encrypt secret data, and forward decrypted file to remote.
+test_files: []