mina-secrets-transfer 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 99eea53a14899220eea0f95c9b44d701a21c433988222b6c068731327b91f41d
+  data.tar.gz: e4884379ec899b01e48fb65c751193a98753f596975a36956f6e89a50dbaef21
+SHA512:
+  metadata.gz: 201ec108799416349ba1a4fff989fe5231465d100fcaabaeb77ffe57401b4faa56dfcd8c260bd71210385fa41c2a9b8dbd85f779d45618b4a5a649ec5cce6649
+  data.tar.gz: 003f16cbdf4e855b0b21a7cc13da3a954d93ce6ab53d2f1a39185dc09f33145bd77c0746402a7910bfcde7cf433e4fe9fc7e40b314010cb7b89df5bbc571aaa0

data/.gitignore

@@ -0,0 +1,18 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+.idea
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in mina_multistage.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2022 Vladimir Elchinov
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,80 @@
+
+
+# Mina::Secrets
+
+Plugin for Mina that helps handling secrets files (those that are not stored in repo). 
+
+Typical candidates are `master.key`, `database.yml`, `.env` etc. Anything you usualy create/upload manually during initial setup.
+
+## Installation & Usage
+
+Add this line to your application's Gemfile:
+
+```rb
+gem 'mina-secrets-transfer', require: false
+```
+
+And then execute:
+
+```shell
+$ bundle
+```
+
+Require `mina/secrets` in your `config/deploy.rb`:
+
+```rb
+require 'mina/bundler'
+require 'mina/rails'
+require 'mina/git'
+require 'mina/secrets'
+
+...
+
+task :setup do
+  ...
+end
+
+desc 'Deploys the current version to the server.'
+task :deploy do
+  ...
+end
+```
+
+
+Update setup task:
+
+```rb
+# config/deploy.rb
+
+desc 'Deploys the current version to the server.'
+task :setup do
+  ...
+  # add new task
+  invoke :'secrets:upload'
+  ...
+end
+```
+
+## Configuration
+
+* `secrets_files` - list of secrets files (`["config/master.key", "config/credentials/#{fetch(:rails_env)}.key"]` by default)
+
+Keep in mind that directories must be present in `shared_dirs`. All paths are relative to app root locally and to `shared_dir` on remote server.
+
+## Tasks
+| Name                    | Description
+|-------------------------|----------------------------------------------------------------------------------------
+|`secrets:upload`         | Safely upload secrets files to the server. Missing local files do not throw an exception. Existing remote files are NOT overwritten.
+|`secrets:upload:force`   | Upload secrets files to the server. Missing local files do not throw an exception. Existing remote files ARE overwritten.
+|`secrets:download`       | Safely download secrets files from the server. Missing local files are NOT overwritten. Missing remote files do not throw an exception.
+|`secrets:download:force` | Download secrets files from the server. Missing local files ARE overwritten. Missing remote files do not throw an exception.
+
+Use download tasks when you reinstall your local environment
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/lib/mina/secrets/version.rb

@@ -0,0 +1,5 @@
+module Mina
+  module Secrets
+    VERSION = "1.0.0"
+  end
+end

data/lib/mina/secrets.rb

@@ -0,0 +1,53 @@
+set :secrets_files, -> { ["config/master.key", "config/credentials/#{fetch(:rails_env)}.key"] }
+
+desc "Copy secrets files to the server."
+task :'secrets:upload' do
+  comment "Copying secrets files"
+  fetch(:secrets_files).each do |file|
+    if File.exist?(file)
+      command "[ ! -f  #{fetch(:shared_path)}/#{file} ] && echo -n '#{File.open(file).read}' > #{fetch(:shared_path)}/#{file} || echo 'Skiping existing file #{file}'"
+    else
+      command "echo 'Local file #{file} does not exist'"
+    end
+  end
+end
+
+desc "Copy secrets files to the server. Overwrite existing files."
+task :'secrets:upload:force' do
+  comment "Copying secrets files"
+  fetch(:secrets_files).each do |file|
+    if File.exist?(file)
+      command "[ -f  #{fetch(:shared_path)}/#{file} ] && echo 'Overwriting existing file #{file}' ; echo -n '#{File.open(file).read}' > #{fetch(:shared_path)}/#{file}"
+    else
+      command "echo 'Local file #{file} does not exist'"
+    end
+  end
+end
+
+
+desc "Download secrets files from the server."
+task :'secrets:download' do
+  comment "Downloading secrets files"
+  run(:local) do
+    fetch(:secrets_files).each do |file|
+      if File.exist?(file)
+        comment "Skiping existing file #{file}"
+      else
+        command "scp #{fetch(:user)}@#{fetch(:domain)}:#{fetch(:shared_path)}/#{file} #{file} 2>/dev/null || echo 'Remote file #{file} does not exist'"
+      end
+    end
+  end
+end
+
+desc "Download secrets files from the server. Overwrite existing local files."
+task :'secrets:download:force' do
+  comment "Downloading secrets files"
+  run(:local) do
+    fetch(:secrets_files).each do |file|
+      if File.exist?(file)
+        comment "Overwriting existing file #{file}"
+      end
+      command "scp #{fetch(:user)}@#{fetch(:domain)}:#{fetch(:shared_path)}/#{file} #{file} 2>/dev/null || echo 'Remote file #{file} does not exist'"
+    end
+  end
+end

metadata

@@ -0,0 +1,92 @@
+--- !ruby/object:Gem::Specification
+name: mina-secrets-transfer
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Vladimir Elchinov
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2022-09-26 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: mina
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.3.5
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.3.5
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Helps handling secrets files in Mina
+email:
+- elik@elik.ru
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/mina/secrets.rb
+- lib/mina/secrets/version.rb
+homepage: https://github.com/railsblueprint/mina-secrets-transfer/
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.0.3
+signing_key: 
+specification_version: 4
+summary: Helps handling secrets files in Mina
+test_files: []