peas-cli 0.6.0 → 0.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ff6bd17390d126df42251a27d4b7cbf3ecee90e9
-  data.tar.gz: d57aad2e837e5aa3eeca287cd631d4cb23c0600c
+  metadata.gz: 148aa934a08e354cd9f2fec7d0ac59a9cf4501f2
+  data.tar.gz: fa6cd8baf861cf1e21df8532c58f8659626b0628
 SHA512:
-  metadata.gz: 2e13f14149f6ec04c6775781978b705b84b3492b5ba73551c8a2cba4e7a02652a98b012438a3f3bc39fd48682d2e0697d930ba5ea718266e2f719f46dcffdd05
-  data.tar.gz: b6b6557852a4cee0b445071fec9f79f220848123324bded6fe121c112bd2a25b47cfd7baa4c059ff5729b71757805046cb2c5eaa97fd76d6374d0f524a9fbd50
+  metadata.gz: fe827c22e2027ab7ca62bffc09f0f803847c2051b38758230999811b76604c9e9ab7f77fd6324225935f5917b18d395e2f465f9a44ea35f4873218c35454034e
+  data.tar.gz: 9089daead2d77e5e4d8c9b29571d2d16775231f4dc85055e3cf62baebf21abb7bdc432b0c1a90798a09cacdc67b4ec291353a04a0ea95076664a58f0578b2e12

data/VERSION

@@ -1 +1 @@
-0.6.0
+0.7.0

data/lib/peas/api.rb

@@ -4,7 +4,7 @@ require 'openssl'
 
 class API
   include HTTParty
-  # TODO: Don't want to genuine SSL cert errors, say if there's a CA root cert
+  # TODO: Don't want to ignore genuine SSL cert errors, say if there's a CA root cert
   default_options.update(verify: false) # Ignore self-signed SSL error
 
   LONG_POLL_TIMEOUT = 10 * 60
@@ -16,8 +16,20 @@ class API
   end
 
   # Generic wrapper to the Peas API
-  def request(verb, method, params = nil)
-    response = self.class.send(verb, "#{method}", query: params).body
+  # `verb` HTTP verb
+  # `method` API method, eg; /app/create
+  # `query` Query params
+  # `auth` Whether to authenticate against the API. Eg; /auth/request doesn't need auth
+  # `print` Whether to output or return the response
+  def request(verb, method, query = {}, auth = true, print = true)
+    options = { query: query }
+    options[:headers] = { 'x-api-key' => api_key } if auth
+    request = [
+      verb.to_s.downcase,
+      "#{method}",
+      options
+    ]
+    response = self.class.send(request.shift, *request).body
     json = response ? JSON.parse(response) : {}
     # If there was an HTTP-level error
     raise json['error'].color(:red) if json.key? 'error'
@@ -27,15 +39,42 @@ class API
       API.stream_job json['job']
     else
       check_versions(json)
-      if block_given?
-        yield json['message']
-      else
-        puts json['message']
-      end
+      puts json['message'] if print
       json
     end
   end
 
+  # Get the API key from local cache, or request a new one
+  def api_key
+    # First check local storage
+    key = Peas.config['api_key']
+    return key if key
+    # Other wise request a new one
+    key_path = "#{ENV['HOME']}/.ssh/id_rsa"
+    unless File.exist? key_path
+      exit_now! 'Please add an SSH key'
+    end
+    username = ENV['USER'] # TODO: Ensure cross platform
+    params = {
+      username: username,
+      public_key: File.read("#{key_path}.pub")
+    }
+    response = request('POST', '/auth/request', params, auth: false, print: false)
+    doc = response['message']['sign']
+    digest = OpenSSL::Digest::SHA256.new
+    keypair = OpenSSL::PKey::RSA.new(File.read(key_path))
+    signature = keypair.sign(digest, doc)
+    encoded = Base64.urlsafe_encode64(signature)
+    params = {
+      username: username,
+      signed: encoded
+    }
+    response = request('POST', '/auth/verify', params, auth: false, print: false)
+    key = response['message']['api_key']
+    Peas.update_config api_key: key
+    key
+  end
+
   # Check CLI client is up to date.
   def check_versions(json)
     # Only check major and minor versions
@@ -58,6 +97,11 @@ class API
     ssl = OpenSSL::SSL::SSLSocket.new socket
     ssl.sync_close = true
     ssl.connect
+    ssl.puts API.new.api_key
+    unless ssl.gets.strip == 'AUTHORISED'
+      ssl.close
+      raise 'Unauthoirsed access to Switchboard connection.'
+    end
     ssl
   end
 

data/lib/peas/commands/admin.rb

@@ -1,7 +1,7 @@
 def format_settings(hash)
   puts "Available settings"
   puts ''
-  hash.each do |type, settings|
+  hash['message'].each do |type, settings|
     puts "#{type.capitalize}:"
     settings.each do |setting, value|
       value = '[unset]' if value == ''
@@ -23,13 +23,12 @@ command :admin do |admin|
           # Update Git config
           Git.sh "git config peas.domain #{domain}"
           # Update file
-          content = Peas.config.merge('domain' => domain).to_json
-          File.open(Peas.config_file, 'w+') { |f| f.write(content) }
+          Peas.update_config domain: domain
           @api = API.new # Refresh settings from git/file because there's a new domain URI
         end
-        @api.request(:put, '/admin/settings', args[0] => args[1]) { |response| format_settings response }
+        format_settings @api.request(:put, '/admin/settings', { args[0] => args[1] }, true, false)
       else
-        @api.request(:get, '/admin/settings') { |response| format_settings response }
+        format_settings @api.request(:get, '/admin/settings', true, false)
       end
     end
   end

data/lib/peas/commands/app.rb

@@ -15,11 +15,13 @@ command :create do |c|
     unless File.exist? public_key_path
       exit_now! "Couldn't find an SSH public key", 1
     end
+    params = {
+      'muse' => Git.name_from_remote(Git.remote('origin')),
+    }
     response = @api.request(
       :post,
       '/app',
-      muse: Git.name_from_remote(Git.remote('origin')),
-      public_key: File.open(public_key_path).read
+      params
     )
     Git.add_remote response['remote_uri']
   end
@@ -55,7 +57,7 @@ command :scale do |c|
     @api.request(
       :put,
       "/app/#{Git.name_from_remote}/scale",
-      scaling_hash: scaling_hash.to_json
+      'scaling_hash' => scaling_hash.to_json
     )
   end
 end

data/lib/peas/commands/config.rb

@@ -11,7 +11,7 @@ command :config do |c|
       @api.request(
         :delete,
         "/app/#{Git.name_from_remote}/config",
-        keys: args.to_json
+        'keys' => args.to_json
       )
     end
   end
@@ -32,7 +32,7 @@ command :config do |c|
       @api.request(
         :put,
         "/app/#{Git.name_from_remote}/config",
-        vars: vars.to_json
+        'vars' => vars.to_json
       )
     end
   end

data/lib/peas/config.rb

@@ -14,6 +14,12 @@ module Peas
     JSON.parse contents
   end
 
+  # Merge new key/values into the config file
+  def self.update_config(hash)
+    content = Peas.config.merge(hash).to_json
+    File.open(Peas.config_file, 'w+') { |f| f.write(content) }
+  end
+
   # Hierarchy of sources for the Peas API domain
   def self.api_domain
     git_domain = Git.sh 'git config peas.domain'
@@ -25,7 +31,7 @@ module Peas
     elsif Peas.config['domain']
       Peas.config['domain']
     else
-      'vcap.me:4000'
+      'vcap.me:4443'
     end
     unless domain[/\Ahttp:\/\//] || domain[/\Ahttps:\/\//]
       "https://#{domain}"

data/peas-cli.gemspec

@@ -2,16 +2,16 @@
 # DO NOT EDIT THIS FILE DIRECTLY
 # Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
 # -*- encoding: utf-8 -*-
-# stub: peas-cli 0.6.0 ruby lib
+# stub: peas-cli 0.7.0 ruby lib
 
 Gem::Specification.new do |s|
   s.name = "peas-cli"
-  s.version = "0.6.0"
+  s.version = "0.7.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.require_paths = ["lib"]
   s.authors = ["Tom Buckley-Houston"]
-  s.date = "2015-01-03"
+  s.date = "2015-01-17"
   s.description = "Peas is an open source Heroku-style PaaS written in Ruby and using Docker"
   s.email = "tom@tombh.co.uk"
   s.executables = ["peas"]

data/spec/cli_spec.rb

@@ -5,6 +5,7 @@ describe 'Peas CLI' do
     allow(Git).to receive(:sh).and_return(nil)
     allow(Git).to receive(:remote).and_return('git@github.com:test-test.git')
     allow_any_instance_of(API).to receive(:sleep).and_return(nil)
+    allow_any_instance_of(API).to receive(:api_key).and_return 'APIKEY'
     allow(Peas).to receive(:config_file).and_return('/tmp/.peas')
     File.delete '/tmp/.peas' if File.exist? '/tmp/.peas'
   end
@@ -19,7 +20,8 @@ describe 'Peas CLI' do
   describe 'Settings' do
     it 'should set and use the domain setting' do
       stub_request(:put, 'https://new-domain.com:4000/admin/settings?peas.domain=new-domain.com:4000')
-        .to_return(body: response_mock({}))
+        .with(headers: { 'X-Api-Key' => 'APIKEY' })
+        .to_return(body: response_mock)
       expect(Git).to receive(:sh).with("git config peas.domain https://new-domain.com:4000")
       cli %w(admin settings peas.domain new-domain.com:4000)
       config = JSON.parse File.open('/tmp/.peas').read
@@ -27,7 +29,8 @@ describe 'Peas CLI' do
     end
 
     it 'should set a normal setting' do
-      stub_request(:put, 'https://vcap.me:4000/admin/settings?mongodb.uri=mongodb://uri')
+      stub_request(:put, TEST_DOMAIN + '/admin/settings?mongodb.uri=mongodb://uri')
+        .with(headers: { 'X-Api-Key' => 'APIKEY' })
         .to_return(body: response_mock(
           defaults: { 'peas.domain' => 'https://boss.com' },
           services: {
@@ -44,17 +47,15 @@ describe 'Peas CLI' do
   describe 'App methods' do
     it 'should list all apps' do
       stub_request(:get, TEST_DOMAIN + '/app')
+        .with(headers: { 'X-Api-Key' => 'APIKEY' })
         .to_return(body: response_mock(["coolapp"]))
       output = cli ['apps']
       expect(output).to eq "coolapp\n"
     end
 
     it 'should create an app and its remote' do
-      public_key_path = "#{ENV['HOME']}/.ssh/id_rsa.pub"
-      allow(File).to receive(:open).and_call_original
-      expect(File).to receive(:exist?).with(public_key_path) { true }
-      expect(File).to receive(:open).with(public_key_path) { double(read: 'apublickey') }
-      stub_request(:post, TEST_DOMAIN + '/app?muse=test-test&public_key=apublickey')
+      stub_request(:post, TEST_DOMAIN + '/app?muse=test-test')
+        .with(headers: { 'X-Api-Key' => 'APIKEY' })
         .to_return(
           body: {
             version: Peas::VERSION,
@@ -71,6 +72,7 @@ describe 'Peas CLI' do
 
     it 'should destroy an app' do
       stub_request(:delete, TEST_DOMAIN + '/app/test-test')
+        .with(headers: { 'X-Api-Key' => 'APIKEY' })
         .to_return(body: response_mock("App 'test' successfully destroyed"))
       expect(Git).to receive(:remove_remote)
       output = cli ['destroy']
@@ -79,11 +81,15 @@ describe 'Peas CLI' do
 
     it 'should scale an app', :with_socket do
       expect(@socket).to receive(:puts).with('subscribe.job_progress.123')
+      expect(@socket).to receive(:puts).with "APIKEY"
       stub_request(
         :put,
         TEST_DOMAIN + '/app/test-test/scale?scaling_hash=%7B%22web%22:%223%22,%22worker%22:%222%22%7D'
-      ).to_return(body: '{"job": "123"}')
+      )
+        .with(headers: { 'X-Api-Key' => 'APIKEY' })
+        .to_return(body: '{"job": "123"}')
       allow(@socket).to receive(:gets).and_return(
+        'AUTHORISED',
         '{"body":"scaling"}',
         '{"status":"complete"}'
       )
@@ -116,6 +122,7 @@ describe 'Peas CLI' do
     describe 'Config ENV vars' do
       it 'should set config for an app' do
         stub_request(:put, TEST_DOMAIN + '/app/test-test/config?vars=%7B%22FOO%22:%22BAR%22%7D')
+          .with(headers: { 'X-Api-Key' => 'APIKEY' })
           .to_return(body: response_mock("{'FOO' => 'BAR'}"))
         output = cli %w(config set FOO=BAR)
         expect(output).to eq "{'FOO' => 'BAR'}\n"
@@ -123,6 +130,7 @@ describe 'Peas CLI' do
 
       it 'delete config for an app' do
         stub_request(:delete, TEST_DOMAIN + '/app/test-test/config?keys=%5B%22FOO%22%5D')
+          .with(headers: { 'X-Api-Key' => 'APIKEY' })
           .to_return(body: response_mock(nil))
         output = cli %w(config rm FOO)
         expect(output).to eq "\n"
@@ -130,6 +138,7 @@ describe 'Peas CLI' do
 
       it 'should list all config for an app' do
         stub_request(:get, TEST_DOMAIN + '/app/test-test/config')
+          .with(headers: { 'X-Api-Key' => 'APIKEY' })
           .to_return(body: response_mock("{'FOO' => 'BAR'}\n{'MOO' => 'CAR'}"))
         output = cli %w(config)
         expect(output).to eq "{'FOO' => 'BAR'}\n{'MOO' => 'CAR'}\n"
@@ -140,7 +149,13 @@ describe 'Peas CLI' do
   describe 'Logs' do
     it 'should stream logs', :with_socket do
       expect(@socket).to receive(:puts).with('stream_logs.test-test')
-      allow(@socket).to receive(:gets).and_return("Here's ya logs", "MOAR", false)
+      expect(@socket).to receive(:puts).with "APIKEY"
+      allow(@socket).to receive(:gets).and_return(
+        "AUTHORISED",
+        "Here's ya logs",
+        "MOAR",
+        false
+      )
       output = cli %w(logs)
       expect(output).to eq "Here's ya logs\nMOAR\n"
     end
@@ -148,7 +163,14 @@ describe 'Peas CLI' do
 
   it 'should retrieve and output a long-running command', :with_socket do
     expect(@socket).to receive(:puts).with('subscribe.job_progress.123')
-    allow(@socket).to receive(:gets).and_return("doing", "something", "done", false)
+    expect(@socket).to receive(:puts).with "APIKEY"
+    allow(@socket).to receive(:gets).and_return(
+      "AUTHORISED",
+      "doing",
+      "something",
+      "done",
+      false
+    )
     expect(API).to receive(:puts).with "doing"
     expect(API).to receive(:puts).with "something"
     expect(API).to receive(:puts).with "done"
@@ -157,6 +179,7 @@ describe 'Peas CLI' do
 
   it 'should show a warning when there is a version mismatch' do
     stub_request(:get, TEST_DOMAIN + '/app/test-test/config')
+      .with(headers: { 'X-Api-Key' => 'APIKEY' })
       .to_return(body: '{"version": "100000.1000000.100000"}')
     output = cli %w(config)
     expect(output).to include 'Your version of the CLI client is out of date'

data/spec/spec_helper.rb

@@ -9,7 +9,7 @@ require 'lib/peas'
 ENV['GLI_ENV'] = 'test'
 ROOT = File.join(File.expand_path(File.dirname(__FILE__)), '..')
 $LOAD_PATH.unshift(File.join(ROOT, 'lib'))
-TEST_DOMAIN = 'https://vcap.me:4000'
+TEST_DOMAIN = 'https://vcap.me:4443'
 SWITCHBOARD_TEST_PORT = 79345
 SSL_KEY_PATH = "#{ROOT}/../contrib/ssl-keys/server.key"
 SSL_KEY = OpenSSL::PKey::RSA.new File.read(SSL_KEY_PATH)
@@ -34,6 +34,7 @@ RSpec.configure do |config|
   end
 
   config.before(:each, :with_echo_server) do
+    allow_any_instance_of(API).to receive(:api_key).and_return('APIKEY')
     tcp_server = TCPServer.new 'vcap.me', SWITCHBOARD_TEST_PORT
     context = OpenSSL::SSL::SSLContext.new
     context.key = SSL_KEY
@@ -43,6 +44,12 @@ RSpec.configure do |config|
       @connection = @server.accept
       begin
         Timeout.timeout(2) do
+          auth = @connection.gets.strip
+          if auth == 'APIKEY'
+            @connection.puts 'AUTHORISED'
+          else
+            @connection.puts 'UNAUTHORISED'
+          end
           while (line = @connection.gets)
             @connection.write line
             @connection.close if line.strip == 'FINAL COMMAND'
@@ -73,7 +80,7 @@ end
 
 # Form a response as the API would. Useful as you only need to provide a string without any JSON
 # formatting
-def response_mock(response, key = :message)
+def response_mock(response = {}, key = :message)
   {
     'version' => Peas::VERSION,
     key => response

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: peas-cli
 version: !ruby/object:Gem::Version
-  version: 0.6.0
+  version: 0.7.0
 platform: ruby
 authors:
 - Tom Buckley-Houston
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-01-03 00:00:00.000000000 Z
+date: 2015-01-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gli