mrsk 0.8.4 → 0.9.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +112 -9
- data/lib/mrsk/cli/main.rb +2 -2
- data/lib/mrsk/cli/server.rb +11 -2
- data/lib/mrsk/commander.rb +1 -1
- data/lib/mrsk/commands/app.rb +1 -0
- data/lib/mrsk/commands/builder/base.rb +17 -1
- data/lib/mrsk/commands/builder/multiarch.rb +1 -1
- data/lib/mrsk/commands/builder/native/remote.rb +1 -1
- data/lib/mrsk/commands/builder/native.rb +1 -1
- data/lib/mrsk/commands/registry.rb +5 -5
- data/lib/mrsk/commands/traefik.rb +20 -4
- data/lib/mrsk/configuration/role.rb +9 -1
- data/lib/mrsk/utils.rb +11 -1
- data/lib/mrsk/version.rb +1 -1
- metadata +30 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c57766d24180e114034c8c4e241eb2c5fd62774097b00b37f81bdf000643a078
|
4
|
+
data.tar.gz: cac9390c76fd4dad89a8dd37e099c64df29db16126a4417ea3ab7d9cae586055
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 6c5bfd3bc0663ada2ae40bd6f8298081d3bbfc7522002cd69ac564ff14d27819881bffdf5cbe7967d5cb7a7128341a8b500750e8dbae435432fca2c33d17680b
|
7
|
+
data.tar.gz: e82f424d51621b6460ec4b477799f31b265dbe0356f448f178c70c44eafd865fc326156a6be55f341f0a59294e50d40402cb98559ac1cad9ab58bbd840d4d51e
|
data/README.md
CHANGED
@@ -2,6 +2,8 @@
|
|
2
2
|
|
3
3
|
MRSK deploys web apps anywhere from bare metal to cloud VMs using Docker with zero downtime. It uses the dynamic reverse-proxy Traefik to hold requests while the new application container is started and the old one is stopped. It works seamlessly across multiple hosts, using SSHKit to execute commands. It was built for Rails applications, but works with any type of web app that can be containerized with Docker.
|
4
4
|
|
5
|
+
Watch the screencast: https://www.youtube.com/watch?v=LL1cV2FXZ5I
|
6
|
+
|
5
7
|
## Installation
|
6
8
|
|
7
9
|
Install MRSK globally with `gem install mrsk`. Then, inside your app directory, run `mrsk init` (or `mrsk init --bundle` within Rails apps where you want a bin/mrsk binstub). Now edit the new file `config/deploy.yml`. It could look as simple as this:
|
@@ -47,21 +49,21 @@ Voila! All the servers are now serving the app on port 80. If you're just runnin
|
|
47
49
|
|
48
50
|
## Vision
|
49
51
|
|
50
|
-
In the past decade+, there's been an explosion in commercial offerings that make deploying web apps easier. Heroku kicked it off with an incredible offering that stayed ahead of the competition seemingly forever. These days we have excellent alternatives like Fly.io and Render. And hosted Kubernetes is making things easier too on AWS, GCP, Digital Ocean, and elsewhere. But these are all offerings that have you renting computers in the cloud at a premium. If you want to run on
|
52
|
+
In the past decade+, there's been an explosion in commercial offerings that make deploying web apps easier. Heroku kicked it off with an incredible offering that stayed ahead of the competition seemingly forever. These days we have excellent alternatives like Fly.io and Render. And hosted Kubernetes is making things easier too on AWS, GCP, Digital Ocean, and elsewhere. But these are all offerings that have you renting computers in the cloud at a premium. If you want to run on your own hardware, or even just have a clear migration path to do so in the future, you need to carefully consider how locked in you get to these commercial platforms. Preferably before the bills swallow your business whole!
|
51
53
|
|
52
54
|
MRSK seeks to bring the advance in ergonomics pioneered by these commercial offerings to deploying web apps anywhere. Whether that's low-cost cloud options without the managed-service markup from the likes of Digital Ocean, Hetzner, OVH, etc, or it's your own colocated bare metal. To MRSK, it's all the same. Feed the config file a list of IP addresses with vanilla Ubuntu servers that have seen no prep beyond an added SSH key, and you'll be running in literally minutes.
|
53
55
|
|
54
|
-
This approach gives you enormous portability. You can have your web app deployed on several clouds at ease like this. Or you can buy the baseline with your own hardware, then deploy to a cloud before a big seasonal spike to get more capacity. When you're not locked into a single provider from a tooling perspective, there
|
56
|
+
This approach gives you enormous portability. You can have your web app deployed on several clouds at ease like this. Or you can buy the baseline with your own hardware, then deploy to a cloud before a big seasonal spike to get more capacity. When you're not locked into a single provider from a tooling perspective, there are a lot of compelling options available.
|
55
57
|
|
56
58
|
Ultimately, MRSK is meant to compress the complexity of going to production using open source tooling that isn't tied to any commercial offering. Not to zero, mind you. You're probably still better off with a fully managed service if basic Linux or Docker is still difficult, but as soon as those concepts are familiar, you'll be ready to go with MRSK.
|
57
59
|
|
58
60
|
## Why not just run Capistrano, Kubernetes or Docker Swarm?
|
59
61
|
|
60
|
-
MRSK basically is Capistrano for Containers, without the need to carefully prepare servers in advance. No need to ensure that the servers have just the right version of Ruby or other dependencies you need. That all lives in the Docker image now. You can boot a brand new Ubuntu (or whatever) server, add it to the list servers in MRSK, and it'll be auto-provisioned with Docker, and run right away. Docker's layer caching also speeds up deployments with less mucking about on the server. And the images built for MRSK can be used for CI or later introspection.
|
62
|
+
MRSK basically is Capistrano for Containers, without the need to carefully prepare servers in advance. No need to ensure that the servers have just the right version of Ruby or other dependencies you need. That all lives in the Docker image now. You can boot a brand new Ubuntu (or whatever) server, add it to the list of servers in MRSK, and it'll be auto-provisioned with Docker, and run right away. Docker's layer caching also speeds up deployments with less mucking about on the server. And the images built for MRSK can be used for CI or later introspection.
|
61
63
|
|
62
64
|
Kubernetes is a beast. Running it yourself on your own hardware is not for the faint of heart. It's a fine option if you want to run on someone else's platform, either transparently [like Render](https://thenewstack.io/render-cloud-deployment-with-less-engineering/) or explicitly on AWS/GCP, but if you'd like the freedom to move between cloud and your own hardware, or even mix the two, MRSK is much simpler. You can see everything that's going on, it's just basic Docker commands being called.
|
63
65
|
|
64
|
-
Docker Swarm is much simpler than Kubernetes, but it's still built on the same declarative model that uses state reconciliation. MRSK is intentionally designed
|
66
|
+
Docker Swarm is much simpler than Kubernetes, but it's still built on the same declarative model that uses state reconciliation. MRSK is intentionally designed around imperative commands, like Capistrano.
|
65
67
|
|
66
68
|
Ultimately, there are a myriad of ways to deploy web apps, but this is the toolkit we're using at [37signals](https://37signals.com) to bring [HEY](https://www.hey.com) [home from the cloud](https://world.hey.com/dhh/why-we-re-leaving-the-cloud-654b47e0) without losing the advantages of modern containerization tooling.
|
67
69
|
|
@@ -78,6 +80,8 @@ DB_PASSWORD=secret123
|
|
78
80
|
|
79
81
|
### Using a generated .env file
|
80
82
|
|
83
|
+
#### 1Password as a secret store
|
84
|
+
|
81
85
|
If you're using a centralized secret store, like 1Password, you can create `.env.erb` as a template which looks up the secrets. Example of a .env.erb file:
|
82
86
|
|
83
87
|
```erb
|
@@ -93,6 +97,52 @@ This template can safely be checked into git. Then everyone deploying the app ca
|
|
93
97
|
|
94
98
|
If you need separate env variables for different destinations, you can set them with `.env.destination.erb` for the template, which will generate `.env.staging` when run with `mrsk envify -d staging`.
|
95
99
|
|
100
|
+
#### Bitwarden as a secret store
|
101
|
+
|
102
|
+
If you are using open source secret store like bitwarden, you can create `.env.erb` as a template which looks up the secrets.
|
103
|
+
|
104
|
+
You can store `SOME_SECRET` in a secure note in bitwarden vault.
|
105
|
+
|
106
|
+
```
|
107
|
+
$ bw list items --search SOME_SECRET | jq
|
108
|
+
? Master password: [hidden]
|
109
|
+
|
110
|
+
[
|
111
|
+
{
|
112
|
+
"object": "item",
|
113
|
+
"id": "123123123-1232-4224-222f-234234234234",
|
114
|
+
"organizationId": null,
|
115
|
+
"folderId": null,
|
116
|
+
"type": 2,
|
117
|
+
"reprompt": 0,
|
118
|
+
"name": "SOME_SECRET",
|
119
|
+
"notes": "yyy",
|
120
|
+
"favorite": false,
|
121
|
+
"secureNote": {
|
122
|
+
"type": 0
|
123
|
+
},
|
124
|
+
"collectionIds": [],
|
125
|
+
"revisionDate": "2023-02-28T23:54:47.868Z",
|
126
|
+
"creationDate": "2022-11-07T03:16:05.828Z",
|
127
|
+
"deletedDate": null
|
128
|
+
}
|
129
|
+
]
|
130
|
+
```
|
131
|
+
|
132
|
+
and extract the `id` of `SOME_SECRET` from the `json` above and use in the `erb` below.
|
133
|
+
|
134
|
+
|
135
|
+
Example `.env.erb` file:
|
136
|
+
|
137
|
+
```erb
|
138
|
+
<% if (session_token=`bw unlock --raw`.strip) != "" %># Generated by mrsk envify
|
139
|
+
SOME_SECRET=<%= `bw get notes 123123123-1232-4224-222f-234234234234 --session #{session_token}` %>
|
140
|
+
<% else raise ArgumentError, "session_token token missing" end %>
|
141
|
+
```
|
142
|
+
|
143
|
+
Then everyone deploying the app can run `mrsk envify` and mrsk will generate `.env`
|
144
|
+
|
145
|
+
|
96
146
|
### Using another registry than Docker Hub
|
97
147
|
|
98
148
|
The default registry is Docker Hub, but you can change it using `registry/server`:
|
@@ -100,10 +150,14 @@ The default registry is Docker Hub, but you can change it using `registry/server
|
|
100
150
|
```yaml
|
101
151
|
registry:
|
102
152
|
server: registry.digitalocean.com
|
103
|
-
username:
|
104
|
-
|
153
|
+
username:
|
154
|
+
- DOCKER_REGISTRY_TOKEN
|
155
|
+
password:
|
156
|
+
- DOCKER_REGISTRY_TOKEN
|
105
157
|
```
|
106
158
|
|
159
|
+
A reference to secret `DOCKER_REGISTRY_TOKEN` will look for `ENV["DOCKER_REGISTRY_TOKEN"]` on the machine running MRSK.
|
160
|
+
|
107
161
|
### Using a different SSH user than root
|
108
162
|
|
109
163
|
The default SSH user is root, but you can change it using `ssh/user`:
|
@@ -228,9 +282,30 @@ servers:
|
|
228
282
|
my-label: "50"
|
229
283
|
```
|
230
284
|
|
285
|
+
### Using container options
|
286
|
+
|
287
|
+
You can specialize the options used to start containers using the `options` definitions:
|
288
|
+
|
289
|
+
```yaml
|
290
|
+
servers:
|
291
|
+
web:
|
292
|
+
- 192.168.0.1
|
293
|
+
- 192.168.0.2
|
294
|
+
job:
|
295
|
+
hosts:
|
296
|
+
- 192.168.0.3
|
297
|
+
- 192.168.0.4
|
298
|
+
cmd: bin/jobs
|
299
|
+
options:
|
300
|
+
cap-add: true
|
301
|
+
cpu-count: 4
|
302
|
+
```
|
303
|
+
|
304
|
+
That'll start the job containers with `docker run ... --cap-add --cpu-count 4 ...`.
|
305
|
+
|
231
306
|
### Using remote builder for native multi-arch
|
232
307
|
|
233
|
-
If you're developing on ARM64 (like Apple Silicon), but you want to deploy on AMD64 (x86 64-bit), you can use multi-
|
308
|
+
If you're developing on ARM64 (like Apple Silicon), but you want to deploy on AMD64 (x86 64-bit), you can use multi-architecture images. By default, MRSK will setup a local buildx configuration that does this through QEMU emulation. But this can be quite slow, especially on the first build.
|
234
309
|
|
235
310
|
If you want to speed up this process by using a remote AMD64 host to natively build the AMD64 part of the image, while natively building the ARM64 part locally, you can do so using builder options:
|
236
311
|
|
@@ -268,9 +343,29 @@ builder:
|
|
268
343
|
|
269
344
|
This is also a good option if you're running MRSK from a CI server that shares architecture with the deployment servers.
|
270
345
|
|
346
|
+
### Using a different Dockerfile or context when building
|
347
|
+
|
348
|
+
If you need to pass a different Dockerfile or context to the build command (e.g. if you're using a monorepo or you have
|
349
|
+
different Dockerfiles), you can do so in the builder options:
|
350
|
+
|
351
|
+
```yaml
|
352
|
+
# Use a different Dockerfile
|
353
|
+
builder:
|
354
|
+
dockerfile: Dockerfile.xyz
|
355
|
+
|
356
|
+
# Set context
|
357
|
+
builder:
|
358
|
+
context: ".."
|
359
|
+
|
360
|
+
# Set Dockerfile and context
|
361
|
+
builder:
|
362
|
+
dockerfile: "../Dockerfile.xyz"
|
363
|
+
context: ".."
|
364
|
+
```
|
365
|
+
|
271
366
|
### Using build secrets for new images
|
272
367
|
|
273
|
-
Some images need a secret passed in during build time, like a GITHUB_TOKEN to give access to private gem repositories. This can be done by having the secret in ENV, then referencing it in the builder configuration:
|
368
|
+
Some images need a secret passed in during build time, like a GITHUB_TOKEN, to give access to private gem repositories. This can be done by having the secret in ENV, then referencing it in the builder configuration:
|
274
369
|
|
275
370
|
```yaml
|
276
371
|
builder:
|
@@ -304,6 +399,15 @@ traefik:
|
|
304
399
|
|
305
400
|
This will start the traefik container with `--accesslog=true accesslog.format=json`.
|
306
401
|
|
402
|
+
### Traefik's host port binding
|
403
|
+
|
404
|
+
By default Traefik binds to port 80 of the host machine, it can be configured to use an alternative port:
|
405
|
+
|
406
|
+
```yaml
|
407
|
+
traefik:
|
408
|
+
host_port: 8080
|
409
|
+
```
|
410
|
+
|
307
411
|
### Configuring build args for new images
|
308
412
|
|
309
413
|
Build arguments that aren't secret can also be configured:
|
@@ -317,7 +421,6 @@ builder:
|
|
317
421
|
This build argument can then be used in the Dockerfile:
|
318
422
|
|
319
423
|
```
|
320
|
-
# Private repositories need an access token during the build
|
321
424
|
ARG RUBY_VERSION
|
322
425
|
FROM ruby:$RUBY_VERSION-slim as base
|
323
426
|
```
|
data/lib/mrsk/cli/main.rb
CHANGED
@@ -11,7 +11,7 @@ class Mrsk::Cli::Main < Mrsk::Cli::Base
|
|
11
11
|
desc "deploy", "Deploy app to servers"
|
12
12
|
def deploy
|
13
13
|
runtime = print_runtime do
|
14
|
-
say "Ensure Docker
|
14
|
+
say "Ensure curl and Docker are installed...", :magenta
|
15
15
|
invoke "mrsk:cli:server:bootstrap"
|
16
16
|
|
17
17
|
say "Log into image registry...", :magenta
|
@@ -173,7 +173,7 @@ class Mrsk::Cli::Main < Mrsk::Cli::Base
|
|
173
173
|
desc "registry", "Login and -out of the image registry"
|
174
174
|
subcommand "registry", Mrsk::Cli::Registry
|
175
175
|
|
176
|
-
desc "server", "Bootstrap servers with Docker"
|
176
|
+
desc "server", "Bootstrap servers with curl and Docker"
|
177
177
|
subcommand "server", Mrsk::Cli::Server
|
178
178
|
|
179
179
|
desc "traefik", "Manage Traefik load balancer"
|
data/lib/mrsk/cli/server.rb
CHANGED
@@ -1,6 +1,15 @@
|
|
1
1
|
class Mrsk::Cli::Server < Mrsk::Cli::Base
|
2
|
-
desc "bootstrap", "Ensure Docker
|
2
|
+
desc "bootstrap", "Ensure curl and Docker are installed on servers"
|
3
3
|
def bootstrap
|
4
|
-
on(MRSK.hosts + MRSK.accessory_hosts)
|
4
|
+
on(MRSK.hosts + MRSK.accessory_hosts) do
|
5
|
+
dependencies_to_install = Array.new.tap do |dependencies|
|
6
|
+
dependencies << "curl" unless execute "which curl", raise_on_non_zero_exit: false
|
7
|
+
dependencies << "docker.io" unless execute "which docker", raise_on_non_zero_exit: false
|
8
|
+
end
|
9
|
+
|
10
|
+
if dependencies_to_install.any?
|
11
|
+
execute "apt-get update -y && apt-get install #{dependencies_to_install.join(" ")} -y)"
|
12
|
+
end
|
13
|
+
end
|
5
14
|
end
|
6
15
|
end
|
data/lib/mrsk/commander.rb
CHANGED
data/lib/mrsk/commands/app.rb
CHANGED
@@ -10,7 +10,11 @@ class Mrsk::Commands::Builder::Base < Mrsk::Commands::Base
|
|
10
10
|
end
|
11
11
|
|
12
12
|
def build_options
|
13
|
-
[ *build_tags, *build_labels, *build_args, *build_secrets ]
|
13
|
+
[ *build_tags, *build_labels, *build_args, *build_secrets, *build_dockerfile ]
|
14
|
+
end
|
15
|
+
|
16
|
+
def build_context
|
17
|
+
context
|
14
18
|
end
|
15
19
|
|
16
20
|
private
|
@@ -30,6 +34,10 @@ class Mrsk::Commands::Builder::Base < Mrsk::Commands::Base
|
|
30
34
|
argumentize "--secret", secrets.collect { |secret| [ "id", secret ] }
|
31
35
|
end
|
32
36
|
|
37
|
+
def build_dockerfile
|
38
|
+
argumentize "--file", dockerfile
|
39
|
+
end
|
40
|
+
|
33
41
|
def args
|
34
42
|
(config.builder && config.builder["args"]) || {}
|
35
43
|
end
|
@@ -37,4 +45,12 @@ class Mrsk::Commands::Builder::Base < Mrsk::Commands::Base
|
|
37
45
|
def secrets
|
38
46
|
(config.builder && config.builder["secrets"]) || []
|
39
47
|
end
|
48
|
+
|
49
|
+
def dockerfile
|
50
|
+
(config.builder && config.builder["dockerfile"]) || "Dockerfile"
|
51
|
+
end
|
52
|
+
|
53
|
+
def context
|
54
|
+
(config.builder && config.builder["context"]) || "."
|
55
|
+
end
|
40
56
|
end
|
@@ -2,7 +2,7 @@ class Mrsk::Commands::Registry < Mrsk::Commands::Base
|
|
2
2
|
delegate :registry, to: :config
|
3
3
|
|
4
4
|
def login
|
5
|
-
docker :login, registry["server"], "-u", redact(
|
5
|
+
docker :login, registry["server"], "-u", redact(lookup("username")), "-p", redact(lookup("password"))
|
6
6
|
end
|
7
7
|
|
8
8
|
def logout
|
@@ -10,11 +10,11 @@ class Mrsk::Commands::Registry < Mrsk::Commands::Base
|
|
10
10
|
end
|
11
11
|
|
12
12
|
private
|
13
|
-
def
|
14
|
-
if registry[
|
15
|
-
ENV.fetch(registry[
|
13
|
+
def lookup(key)
|
14
|
+
if registry[key].is_a?(Array)
|
15
|
+
ENV.fetch(registry[key].first).dup
|
16
16
|
else
|
17
|
-
registry[
|
17
|
+
registry[key]
|
18
18
|
end
|
19
19
|
end
|
20
20
|
end
|
@@ -1,15 +1,19 @@
|
|
1
1
|
class Mrsk::Commands::Traefik < Mrsk::Commands::Base
|
2
|
+
delegate :optionize, to: Mrsk::Utils
|
3
|
+
|
4
|
+
CONTAINER_PORT = 80
|
5
|
+
|
2
6
|
def run
|
3
7
|
docker :run, "--name traefik",
|
4
8
|
"--detach",
|
5
9
|
"--restart", "unless-stopped",
|
6
10
|
"--log-opt", "max-size=#{MAX_LOG_SIZE}",
|
7
|
-
"--publish",
|
11
|
+
"--publish", port,
|
8
12
|
"--volume", "/var/run/docker.sock:/var/run/docker.sock",
|
9
13
|
"traefik",
|
10
14
|
"--providers.docker",
|
11
15
|
"--log.level=DEBUG",
|
12
|
-
*
|
16
|
+
*cmd_option_args
|
13
17
|
end
|
14
18
|
|
15
19
|
def start
|
@@ -45,8 +49,20 @@ class Mrsk::Commands::Traefik < Mrsk::Commands::Base
|
|
45
49
|
docker :image, :prune, "--all", "--force", "--filter", "label=org.opencontainers.image.title=Traefik"
|
46
50
|
end
|
47
51
|
|
52
|
+
def port
|
53
|
+
"#{host_port}:#{CONTAINER_PORT}"
|
54
|
+
end
|
55
|
+
|
48
56
|
private
|
49
|
-
def
|
50
|
-
|
57
|
+
def cmd_option_args
|
58
|
+
if args = config.raw_config.dig(:traefik, "args")
|
59
|
+
optionize args
|
60
|
+
else
|
61
|
+
[]
|
62
|
+
end
|
63
|
+
end
|
64
|
+
|
65
|
+
def host_port
|
66
|
+
config.raw_config.dig(:traefik, "host_port") || CONTAINER_PORT
|
51
67
|
end
|
52
68
|
end
|
@@ -1,5 +1,5 @@
|
|
1
1
|
class Mrsk::Configuration::Role
|
2
|
-
delegate :argumentize, :argumentize_env_with_secrets, to: Mrsk::Utils
|
2
|
+
delegate :argumentize, :argumentize_env_with_secrets, :optionize, to: Mrsk::Utils
|
3
3
|
|
4
4
|
attr_accessor :name
|
5
5
|
|
@@ -35,6 +35,14 @@ class Mrsk::Configuration::Role
|
|
35
35
|
specializations["cmd"]
|
36
36
|
end
|
37
37
|
|
38
|
+
def option_args
|
39
|
+
if args = specializations["options"]
|
40
|
+
optionize args
|
41
|
+
else
|
42
|
+
[]
|
43
|
+
end
|
44
|
+
end
|
45
|
+
|
38
46
|
def running_traefik?
|
39
47
|
name.web? || specializations["traefik"]
|
40
48
|
end
|
data/lib/mrsk/utils.rb
CHANGED
@@ -5,7 +5,7 @@ module Mrsk::Utils
|
|
5
5
|
def argumentize(argument, attributes, redacted: false)
|
6
6
|
Array(attributes).flat_map do |key, value|
|
7
7
|
if value.present?
|
8
|
-
escaped_pair = [ key, value
|
8
|
+
escaped_pair = [ key, escape_shell_value(value) ].join("=")
|
9
9
|
[ argument, redacted ? redact(escaped_pair) : escaped_pair ]
|
10
10
|
else
|
11
11
|
[ argument, key ]
|
@@ -23,8 +23,18 @@ module Mrsk::Utils
|
|
23
23
|
end
|
24
24
|
end
|
25
25
|
|
26
|
+
# Returns a list of shell-dashed option arguments. If the value is true, it's treated like a value-less option.
|
27
|
+
def optionize(args)
|
28
|
+
args.collect { |(key, value)| [ "--#{key}", value == true ? nil : escape_shell_value(value) ] }.flatten.compact
|
29
|
+
end
|
30
|
+
|
26
31
|
# Copied from SSHKit::Backend::Abstract#redact to be available inside Commands classes
|
27
32
|
def redact(arg) # Used in execute_command to hide redact() args a user passes in
|
28
33
|
arg.to_s.extend(SSHKit::Redaction) # to_s due to our inability to extend Integer, etc
|
29
34
|
end
|
35
|
+
|
36
|
+
# Escape a value to make it safe for shell use.
|
37
|
+
def escape_shell_value(value)
|
38
|
+
value.to_s.dump.gsub(/`/, '\\\\`')
|
39
|
+
end
|
30
40
|
end
|
data/lib/mrsk/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: mrsk
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.9.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- David Heinemeier Hansson
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-
|
11
|
+
date: 2023-03-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -80,6 +80,34 @@ dependencies:
|
|
80
80
|
- - "~>"
|
81
81
|
- !ruby/object:Gem::Version
|
82
82
|
version: '2.5'
|
83
|
+
- !ruby/object:Gem::Dependency
|
84
|
+
name: ed25519
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - "~>"
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: '1.2'
|
90
|
+
type: :runtime
|
91
|
+
prerelease: false
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - "~>"
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: '1.2'
|
97
|
+
- !ruby/object:Gem::Dependency
|
98
|
+
name: bcrypt_pbkdf
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - "~>"
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '1.0'
|
104
|
+
type: :runtime
|
105
|
+
prerelease: false
|
106
|
+
version_requirements: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - "~>"
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: '1.0'
|
83
111
|
description:
|
84
112
|
email: dhh@hey.com
|
85
113
|
executables:
|