lester 1.0.0.pre3 → 1.0.0.pre4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 629f5ef8a7b7ca2ec8dd33794b194db65f956820
-  data.tar.gz: e570cf77906310d5244170bc155bde166b5f2d43
+  metadata.gz: 293f6c33b69f844cb207f7f32200cd7a851565b2
+  data.tar.gz: a35d2096a418c122aa8272c464244acfec1094bc
 SHA512:
-  metadata.gz: 688a78a5d38fcdc5f5bd7b7fb5c8ace14c2498b992e3e61c124571ef7f83b66d32259ade45aa336058ac7a574e96373d3a44cafdc76ad8f649fa0a92e741b063
-  data.tar.gz: e2779dbe53014c23d91ea29df686bb90caf5f3507750ec6f1c9e3003e72f567a4d9ff3d91272f46f2d98fea2a97993d45264f5075131f2267a973f8d471bf86e
+  metadata.gz: 2382b2ae45040ce78714763d1c2ae177dae9ebf396f33a25075fb373643ff72788ca6478bfb6b586dc0c0d1ee06b752881dc6ae7125a8984cad38b4b3c4bb5fe
+  data.tar.gz: 62b5f5809c9c5daaa87cf2b1fd4abe3d1dc011c97af02554c8a59640acd6dbf86e44371ca8c60a8381ccebafeecf3a362acb6f7ffee1b5ea746acff68acf8add

data/README.md

@@ -34,7 +34,6 @@ following:
 
 ```shell
 lester new --domain example.org \
-           --email contact@example.org \
            --site-bucket example-org \
            --storage-bucket example-org-backup \
            --distribution-id ABCDEFGH
@@ -45,7 +44,6 @@ either a key ID or an alias:
 
 ```shell
 lester new --domain example.org \
-           --email contact@example.org \
            --site-bucket example-org \
            --storage-bucket example-org-backup \
            --distribution-id ABCDEFGH \

data/lib/lester/cli.rb

@@ -39,7 +39,6 @@ module Lester
           validate(@domain, 'domain is required')
           validate(@storage_bucket, 'storage bucket is required')
           validate(@site_bucket, 'site bucket is required')
-          validate(@email, 'email is required')
           validate(@distribution_id, 'distribution id is required')
         else
           raise UnkownCommandError, sprintf('Unknown command %p, expected "init" or "re|new"', @command)
@@ -80,7 +79,6 @@ module Lester
         opts.on('-E', '--endpoint=ENDPOINT', sprintf('ACME endpoint (default: %s)', @endpoint)) { |e| @endpoint = e }
         opts.on('-b', '--site-bucket=BUCKET', 'S3 bucket for site (required)') { |b| @site_bucket = b }
         opts.on('-k', '--key-size=BITS', sprintf('Key size (in bits) (default: %d)', @key_size)) { |s| @key_size = s.to_i }
-        opts.on('-e', '--email=ADDRESS', 'Registered email address (required)') { |e| @email = e }
         opts.on('-D', '--distribution-id=ID', 'CloudFront distribution ID (required)') { |d| @distribution_id = d }
         opts.separator ''
       end

data/lib/lester/command/renew.rb

@@ -13,7 +13,7 @@ module Lester
         @store = store
         @key_size = options[:key_size] || 2048
         @key_class = options[:key_class] || OpenSSL::PKey::RSA
-        @csr_class = options[:csr_class] || Acme::CertificateRequest
+        @csr_class = options[:csr_class] || Acme::Client::CertificateRequest
       end
 
       def run

data/lib/lester/factory.rb

@@ -21,7 +21,7 @@ module Lester
     end
 
     def certificate_store
-      @certificate_store ||= create_store('certificates')
+      @certificate_store ||= create_store(sprintf('certificates/%s', @config[:domain]))
     end
 
     def private_key
@@ -39,7 +39,7 @@ module Lester
     def create_store(suffix)
       uri = URI(sprintf('s3://%s', @config[:storage_bucket]))
       bucket_name = uri.host
-      prefix = sprintf('%s/%s/%s', uri.path, @config[:domain], suffix).sub('/', '')
+      prefix = sprintf('%s/%s', uri.path, suffix).sub('/', '')
       bucket = Aws::S3::Bucket.new(bucket_name)
       S3Store.new(bucket, prefix, store_options)
     end

data/lib/lester/version.rb

@@ -1,3 +1,3 @@
 module Lester
-  VERSION = '1.0.0.pre3'.freeze
+  VERSION = '1.0.0.pre4'.freeze
 end

data/spec/acceptance/cli_init_spec.rb

@@ -23,7 +23,7 @@ describe 'bin/lester init' do
   context 'when the private key exists' do
     it 'stores it' do
       command.run
-      object = storage_bucket.object('example.org/account/private_key.json')
+      object = storage_bucket.object('account/private_key.json')
       expect { JSON::JWK.new(JSON.parse(object.read)).to_key }.to_not raise_error
     end
 
@@ -40,7 +40,7 @@ describe 'bin/lester init' do
 
     it 'stores it under the given prefix' do
       command.run
-      object = storage_bucket.object('lester/example.org/account/private_key.json')
+      object = storage_bucket.object('lester/account/private_key.json')
       expect { JSON::JWK.new(JSON.parse(object.read)).to_key }.to_not raise_error
     end
   end

data/spec/acceptance/cli_renew_spec.rb

@@ -14,7 +14,6 @@ describe 'bin/lester renew' do
       '--endpoint', 'http://127.0.0.1:4000',
       '--site-bucket', 'example-org-site',
       '--storage-bucket', storage_bucket_name,
-      '--email', 'contact@example.org',
       '--distribution-id', 'distribution-id',
     ]
   end
@@ -24,7 +23,7 @@ describe 'bin/lester renew' do
   end
 
   before do
-    storage_bucket.put_object(key: 'example.org/account/private_key.json', body: Pathname.new(private_key_path))
+    storage_bucket.put_object(key: 'account/private_key.json', body: Pathname.new(private_key_path))
     cloudfront.add_config('distribution-id', {
       viewer_certificate: { iam_certificate_id: 'example.org-old' },
     })
@@ -55,37 +54,37 @@ describe 'bin/lester renew' do
 
       it 'stores the certificate' do
         command.run
-        object = storage_bucket.object('example.org/certificates/201512120949/cert.pem')
+        object = storage_bucket.object('certificates/example.org/201512120949/cert.pem')
         expect { OpenSSL::X509::Certificate.new(object.read) }.to_not raise_error
       end
 
       it 'stores the certificate request' do
         command.run
-        object = storage_bucket.object('example.org/certificates/201512120949/csr.pem')
+        object = storage_bucket.object('certificates/example.org/201512120949/csr.pem')
         expect { OpenSSL::X509::Request.new(object.read) }.to_not raise_error
       end
 
       it 'stores the certificate chain' do
         command.run
-        object = storage_bucket.object('example.org/certificates/201512120949/chain.pem')
+        object = storage_bucket.object('certificates/example.org/201512120949/chain.pem')
         expect { OpenSSL::X509::Certificate.new(object.read) }.to_not raise_error
       end
 
       it 'stores the certificate fullchain' do
         command.run
-        object = storage_bucket.object('example.org/certificates/201512120949/fullchain.pem')
+        object = storage_bucket.object('certificates/example.org/201512120949/fullchain.pem')
         expect { OpenSSL::X509::Certificate.new(object.read) }.to_not raise_error
       end
 
       it 'stores the certificate private key' do
         command.run
-        object = storage_bucket.object('example.org/certificates/201512120949/privkey.pem')
+        object = storage_bucket.object('certificates/example.org/201512120949/privkey.pem')
         expect { OpenSSL::PKey::RSA.new(object.read) }.to_not raise_error
       end
 
       it 'uses server side encryption for everything that is stored' do
         command.run
-        keys = storage_bucket.keys.select { |k| k.start_with?('example.org/certificates') }
+        keys = storage_bucket.keys.select { |k| k.start_with?('certificates/example.org') }
         expect(keys).to_not be_empty
         keys.each do |key|
           object = storage_bucket.object(key)
@@ -106,7 +105,6 @@ describe 'bin/lester renew' do
             '--endpoint', 'http://127.0.0.1:4000',
             '--site-bucket', 'example-org-site',
             '--storage-bucket', 'example-org-backup',
-            '--email', 'contact@example.org',
             '--distribution-id', 'distribution-id',
             '--kms-id', 'alias/letsencrypt',
           ]
@@ -114,7 +112,7 @@ describe 'bin/lester renew' do
 
         it 'uses server side encryption through AWS KMS' do
           command.run
-          keys = storage_bucket.keys.select { |k| k.start_with?('example.org/certificates') }
+          keys = storage_bucket.keys.select { |k| k.start_with?('certificates/example.org') }
           expect(keys).to_not be_empty
           keys.each do |key|
             object = storage_bucket.object(key)
@@ -130,13 +128,10 @@ describe 'bin/lester renew' do
         end
 
         it 'stores everything under given prefix' do
-          storage_bucket.put_object(key: 'lester/example.org/account/private_key.json', body: Pathname.new(private_key_path))
+          storage_bucket.put_object(key: 'lester/account/private_key.json', body: Pathname.new(private_key_path))
           command.run
-          keys = storage_bucket.keys.select { |k| k.start_with?('lester') }
+          keys = storage_bucket.keys.select { |k| k.start_with?('lester/certificates') }
           expect(keys).to_not be_empty
-          keys.each do |key|
-            expect(key).to start_with('lester/example.org')
-          end
         end
       end
     end
@@ -157,7 +152,7 @@ describe 'bin/lester renew' do
     context 'with a non-registered private key', vcr: { cassette_name: 'new-certificate-fail' } do
       it 'prints an error message' do
         command.run
-        expect(io.string.chomp).to eq('No registration exists matching provided key (Acme::Error::Unauthorized)')
+        expect(io.string.chomp).to eq('No registration exists matching provided key (Acme::Client::Error::Unauthorized)')
       end
 
       it 'returns a non-ok exit code' do

data/spec/lester/cli_spec.rb

@@ -68,10 +68,6 @@ module Lester
           parameter_validation 'site-bucket', 'site bucket'
         end
 
-        context '-e / --email ADDRESS' do
-          parameter_validation 'email'
-        end
-
         context '-D / --distribution-id ID' do
           parameter_validation 'distribution-id', 'distribution id'
         end

data/spec/lester/command/renew_spec.rb

@@ -65,7 +65,7 @@ module Lester
       end
 
       let :new_certificate do
-        Acme::Certificate.new(certificate, chain, nil)
+        Acme::Client::Certificate.new(certificate, chain, nil)
       end
 
       before do
@@ -75,7 +75,7 @@ module Lester
         allow(authenticator).to receive(:authenticate).with(http01_challenge)
         allow(uploader).to receive(:upload)
         allow(csr_impl).to receive(:new) do |args|
-          Acme::CertificateRequest.new(args)
+          Acme::Client::CertificateRequest.new(args)
         end
         allow(store).to receive(:put)
       end

data/spec/support/parameter_validation.rb

@@ -6,7 +6,6 @@ module ParameterValidation
         'endpoint' => 'http://127.0.0.1:4000',
         'site-bucket' => 'example-org-site',
         'storage-bucket' => 'example-org-backup',
-        'email' => 'contact@example.org',
         'private-key' => 'path/to/private_key.pem',
       }
     end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: lester
 version: !ruby/object:Gem::Version
-  version: 1.0.0.pre3
+  version: 1.0.0.pre4
 platform: ruby
 authors:
 - Mathias Söderberg
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-12-22 00:00:00.000000000 Z
+date: 2016-02-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: json
@@ -28,16 +28,16 @@ dependencies:
   name: acme-client
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.2.2
+        version: '0.3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.2.2
+        version: '0.3'
 - !ruby/object:Gem::Dependency
   name: aws-sdk
   requirement: !ruby/object:Gem::Requirement