lester 1.0.0.pre3 → 1.0.0.pre4

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 629f5ef8a7b7ca2ec8dd33794b194db65f956820
4
- data.tar.gz: e570cf77906310d5244170bc155bde166b5f2d43
3
+ metadata.gz: 293f6c33b69f844cb207f7f32200cd7a851565b2
4
+ data.tar.gz: a35d2096a418c122aa8272c464244acfec1094bc
5
5
  SHA512:
6
- metadata.gz: 688a78a5d38fcdc5f5bd7b7fb5c8ace14c2498b992e3e61c124571ef7f83b66d32259ade45aa336058ac7a574e96373d3a44cafdc76ad8f649fa0a92e741b063
7
- data.tar.gz: e2779dbe53014c23d91ea29df686bb90caf5f3507750ec6f1c9e3003e72f567a4d9ff3d91272f46f2d98fea2a97993d45264f5075131f2267a973f8d471bf86e
6
+ metadata.gz: 2382b2ae45040ce78714763d1c2ae177dae9ebf396f33a25075fb373643ff72788ca6478bfb6b586dc0c0d1ee06b752881dc6ae7125a8984cad38b4b3c4bb5fe
7
+ data.tar.gz: 62b5f5809c9c5daaa87cf2b1fd4abe3d1dc011c97af02554c8a59640acd6dbf86e44371ca8c60a8381ccebafeecf3a362acb6f7ffee1b5ea746acff68acf8add
data/README.md CHANGED
@@ -34,7 +34,6 @@ following:
34
34
 
35
35
  ```shell
36
36
  lester new --domain example.org \
37
- --email contact@example.org \
38
37
  --site-bucket example-org \
39
38
  --storage-bucket example-org-backup \
40
39
  --distribution-id ABCDEFGH
@@ -45,7 +44,6 @@ either a key ID or an alias:
45
44
 
46
45
  ```shell
47
46
  lester new --domain example.org \
48
- --email contact@example.org \
49
47
  --site-bucket example-org \
50
48
  --storage-bucket example-org-backup \
51
49
  --distribution-id ABCDEFGH \
@@ -39,7 +39,6 @@ module Lester
39
39
  validate(@domain, 'domain is required')
40
40
  validate(@storage_bucket, 'storage bucket is required')
41
41
  validate(@site_bucket, 'site bucket is required')
42
- validate(@email, 'email is required')
43
42
  validate(@distribution_id, 'distribution id is required')
44
43
  else
45
44
  raise UnkownCommandError, sprintf('Unknown command %p, expected "init" or "re|new"', @command)
@@ -80,7 +79,6 @@ module Lester
80
79
  opts.on('-E', '--endpoint=ENDPOINT', sprintf('ACME endpoint (default: %s)', @endpoint)) { |e| @endpoint = e }
81
80
  opts.on('-b', '--site-bucket=BUCKET', 'S3 bucket for site (required)') { |b| @site_bucket = b }
82
81
  opts.on('-k', '--key-size=BITS', sprintf('Key size (in bits) (default: %d)', @key_size)) { |s| @key_size = s.to_i }
83
- opts.on('-e', '--email=ADDRESS', 'Registered email address (required)') { |e| @email = e }
84
82
  opts.on('-D', '--distribution-id=ID', 'CloudFront distribution ID (required)') { |d| @distribution_id = d }
85
83
  opts.separator ''
86
84
  end
@@ -13,7 +13,7 @@ module Lester
13
13
  @store = store
14
14
  @key_size = options[:key_size] || 2048
15
15
  @key_class = options[:key_class] || OpenSSL::PKey::RSA
16
- @csr_class = options[:csr_class] || Acme::CertificateRequest
16
+ @csr_class = options[:csr_class] || Acme::Client::CertificateRequest
17
17
  end
18
18
 
19
19
  def run
@@ -21,7 +21,7 @@ module Lester
21
21
  end
22
22
 
23
23
  def certificate_store
24
- @certificate_store ||= create_store('certificates')
24
+ @certificate_store ||= create_store(sprintf('certificates/%s', @config[:domain]))
25
25
  end
26
26
 
27
27
  def private_key
@@ -39,7 +39,7 @@ module Lester
39
39
  def create_store(suffix)
40
40
  uri = URI(sprintf('s3://%s', @config[:storage_bucket]))
41
41
  bucket_name = uri.host
42
- prefix = sprintf('%s/%s/%s', uri.path, @config[:domain], suffix).sub('/', '')
42
+ prefix = sprintf('%s/%s', uri.path, suffix).sub('/', '')
43
43
  bucket = Aws::S3::Bucket.new(bucket_name)
44
44
  S3Store.new(bucket, prefix, store_options)
45
45
  end
@@ -1,3 +1,3 @@
1
1
  module Lester
2
- VERSION = '1.0.0.pre3'.freeze
2
+ VERSION = '1.0.0.pre4'.freeze
3
3
  end
@@ -23,7 +23,7 @@ describe 'bin/lester init' do
23
23
  context 'when the private key exists' do
24
24
  it 'stores it' do
25
25
  command.run
26
- object = storage_bucket.object('example.org/account/private_key.json')
26
+ object = storage_bucket.object('account/private_key.json')
27
27
  expect { JSON::JWK.new(JSON.parse(object.read)).to_key }.to_not raise_error
28
28
  end
29
29
 
@@ -40,7 +40,7 @@ describe 'bin/lester init' do
40
40
 
41
41
  it 'stores it under the given prefix' do
42
42
  command.run
43
- object = storage_bucket.object('lester/example.org/account/private_key.json')
43
+ object = storage_bucket.object('lester/account/private_key.json')
44
44
  expect { JSON::JWK.new(JSON.parse(object.read)).to_key }.to_not raise_error
45
45
  end
46
46
  end
@@ -14,7 +14,6 @@ describe 'bin/lester renew' do
14
14
  '--endpoint', 'http://127.0.0.1:4000',
15
15
  '--site-bucket', 'example-org-site',
16
16
  '--storage-bucket', storage_bucket_name,
17
- '--email', 'contact@example.org',
18
17
  '--distribution-id', 'distribution-id',
19
18
  ]
20
19
  end
@@ -24,7 +23,7 @@ describe 'bin/lester renew' do
24
23
  end
25
24
 
26
25
  before do
27
- storage_bucket.put_object(key: 'example.org/account/private_key.json', body: Pathname.new(private_key_path))
26
+ storage_bucket.put_object(key: 'account/private_key.json', body: Pathname.new(private_key_path))
28
27
  cloudfront.add_config('distribution-id', {
29
28
  viewer_certificate: { iam_certificate_id: 'example.org-old' },
30
29
  })
@@ -55,37 +54,37 @@ describe 'bin/lester renew' do
55
54
 
56
55
  it 'stores the certificate' do
57
56
  command.run
58
- object = storage_bucket.object('example.org/certificates/201512120949/cert.pem')
57
+ object = storage_bucket.object('certificates/example.org/201512120949/cert.pem')
59
58
  expect { OpenSSL::X509::Certificate.new(object.read) }.to_not raise_error
60
59
  end
61
60
 
62
61
  it 'stores the certificate request' do
63
62
  command.run
64
- object = storage_bucket.object('example.org/certificates/201512120949/csr.pem')
63
+ object = storage_bucket.object('certificates/example.org/201512120949/csr.pem')
65
64
  expect { OpenSSL::X509::Request.new(object.read) }.to_not raise_error
66
65
  end
67
66
 
68
67
  it 'stores the certificate chain' do
69
68
  command.run
70
- object = storage_bucket.object('example.org/certificates/201512120949/chain.pem')
69
+ object = storage_bucket.object('certificates/example.org/201512120949/chain.pem')
71
70
  expect { OpenSSL::X509::Certificate.new(object.read) }.to_not raise_error
72
71
  end
73
72
 
74
73
  it 'stores the certificate fullchain' do
75
74
  command.run
76
- object = storage_bucket.object('example.org/certificates/201512120949/fullchain.pem')
75
+ object = storage_bucket.object('certificates/example.org/201512120949/fullchain.pem')
77
76
  expect { OpenSSL::X509::Certificate.new(object.read) }.to_not raise_error
78
77
  end
79
78
 
80
79
  it 'stores the certificate private key' do
81
80
  command.run
82
- object = storage_bucket.object('example.org/certificates/201512120949/privkey.pem')
81
+ object = storage_bucket.object('certificates/example.org/201512120949/privkey.pem')
83
82
  expect { OpenSSL::PKey::RSA.new(object.read) }.to_not raise_error
84
83
  end
85
84
 
86
85
  it 'uses server side encryption for everything that is stored' do
87
86
  command.run
88
- keys = storage_bucket.keys.select { |k| k.start_with?('example.org/certificates') }
87
+ keys = storage_bucket.keys.select { |k| k.start_with?('certificates/example.org') }
89
88
  expect(keys).to_not be_empty
90
89
  keys.each do |key|
91
90
  object = storage_bucket.object(key)
@@ -106,7 +105,6 @@ describe 'bin/lester renew' do
106
105
  '--endpoint', 'http://127.0.0.1:4000',
107
106
  '--site-bucket', 'example-org-site',
108
107
  '--storage-bucket', 'example-org-backup',
109
- '--email', 'contact@example.org',
110
108
  '--distribution-id', 'distribution-id',
111
109
  '--kms-id', 'alias/letsencrypt',
112
110
  ]
@@ -114,7 +112,7 @@ describe 'bin/lester renew' do
114
112
 
115
113
  it 'uses server side encryption through AWS KMS' do
116
114
  command.run
117
- keys = storage_bucket.keys.select { |k| k.start_with?('example.org/certificates') }
115
+ keys = storage_bucket.keys.select { |k| k.start_with?('certificates/example.org') }
118
116
  expect(keys).to_not be_empty
119
117
  keys.each do |key|
120
118
  object = storage_bucket.object(key)
@@ -130,13 +128,10 @@ describe 'bin/lester renew' do
130
128
  end
131
129
 
132
130
  it 'stores everything under given prefix' do
133
- storage_bucket.put_object(key: 'lester/example.org/account/private_key.json', body: Pathname.new(private_key_path))
131
+ storage_bucket.put_object(key: 'lester/account/private_key.json', body: Pathname.new(private_key_path))
134
132
  command.run
135
- keys = storage_bucket.keys.select { |k| k.start_with?('lester') }
133
+ keys = storage_bucket.keys.select { |k| k.start_with?('lester/certificates') }
136
134
  expect(keys).to_not be_empty
137
- keys.each do |key|
138
- expect(key).to start_with('lester/example.org')
139
- end
140
135
  end
141
136
  end
142
137
  end
@@ -157,7 +152,7 @@ describe 'bin/lester renew' do
157
152
  context 'with a non-registered private key', vcr: { cassette_name: 'new-certificate-fail' } do
158
153
  it 'prints an error message' do
159
154
  command.run
160
- expect(io.string.chomp).to eq('No registration exists matching provided key (Acme::Error::Unauthorized)')
155
+ expect(io.string.chomp).to eq('No registration exists matching provided key (Acme::Client::Error::Unauthorized)')
161
156
  end
162
157
 
163
158
  it 'returns a non-ok exit code' do
@@ -68,10 +68,6 @@ module Lester
68
68
  parameter_validation 'site-bucket', 'site bucket'
69
69
  end
70
70
 
71
- context '-e / --email ADDRESS' do
72
- parameter_validation 'email'
73
- end
74
-
75
71
  context '-D / --distribution-id ID' do
76
72
  parameter_validation 'distribution-id', 'distribution id'
77
73
  end
@@ -65,7 +65,7 @@ module Lester
65
65
  end
66
66
 
67
67
  let :new_certificate do
68
- Acme::Certificate.new(certificate, chain, nil)
68
+ Acme::Client::Certificate.new(certificate, chain, nil)
69
69
  end
70
70
 
71
71
  before do
@@ -75,7 +75,7 @@ module Lester
75
75
  allow(authenticator).to receive(:authenticate).with(http01_challenge)
76
76
  allow(uploader).to receive(:upload)
77
77
  allow(csr_impl).to receive(:new) do |args|
78
- Acme::CertificateRequest.new(args)
78
+ Acme::Client::CertificateRequest.new(args)
79
79
  end
80
80
  allow(store).to receive(:put)
81
81
  end
@@ -6,7 +6,6 @@ module ParameterValidation
6
6
  'endpoint' => 'http://127.0.0.1:4000',
7
7
  'site-bucket' => 'example-org-site',
8
8
  'storage-bucket' => 'example-org-backup',
9
- 'email' => 'contact@example.org',
10
9
  'private-key' => 'path/to/private_key.pem',
11
10
  }
12
11
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: lester
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0.pre3
4
+ version: 1.0.0.pre4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Mathias Söderberg
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-12-22 00:00:00.000000000 Z
11
+ date: 2016-02-27 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: json
@@ -28,16 +28,16 @@ dependencies:
28
28
  name: acme-client
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - '='
31
+ - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: 0.2.2
33
+ version: '0.3'
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - '='
38
+ - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: 0.2.2
40
+ version: '0.3'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: aws-sdk
43
43
  requirement: !ruby/object:Gem::Requirement