perkins 0.0.1

data/lib/perkins/assets/stylesheets/styles.css.scss

@@ -0,0 +1,199 @@
+$serif: "freight-sans-pro",sans-serif !important;
+$georgia: "ff-tisa-web-pro",Georgia,Cambria,"Times New Roman",Times,serif !important;
+$background-color: #F9F9F6;
+$soft-separator: #cecece;
+$link-color: #5100a9;
+$link-up: #222;
+
+body {
+  padding-top: 50px;
+  position: relative;
+  background-color: $background-color;
+  font-size: 1.6em;
+  font-family: "ff-tisa-web-pro",Georgia,Cambria,"Times New Roman",Times,serif !important;;
+  a{
+    outline: none !important;
+    color:$link-color;
+    &:hover{
+      color: $link-up;
+    }
+  }
+}
+
+.container{
+  width: 100%;
+}
+
+nav{
+  background-color: #F9F9F6 !important;
+}
+
+h2, .h2, h4 {
+  font-family: "ff-tisa-web-pro",Georgia,Cambria,"Times New Roman",Times,serif !important;;
+  &.title{
+    font-family: $serif;
+    text-transform: uppercase;
+    color:#0e0e0e;
+    font-weight: bold;
+  }
+  &.centered{
+    margin: 43px 20px;
+    text-align: center;
+    color:#0e0e0e;
+  }
+  font-weight: 700;
+}
+
+
+nav.transparent.navbar {
+   //background: rgba(0,0,0,0.4);
+  background: transparent;
+  //border-bottom: 1px solid #1E1E1E;
+  a {
+    color: #222;
+  }
+  .navbar-inner a {
+    font-weight: lighter;
+    color: #222;
+    text-transform: uppercase;
+    font-size: 0.8em;
+  }
+}
+.navbar-toggle {
+  background-color: rgba(0, 0, 0, 0);
+  border: 1px solid #000;
+  &:focus{
+    background-color: #ddd;
+  }
+}
+.navbar-toggle .icon-bar {
+  background-color: #000;
+}
+
+#footer {
+  border-top: 1px solid #ccc;
+  color: #888888;
+  margin-top: 0;
+  padding-bottom: 17px;
+  padding-top: 17px;
+  text-align: center;
+  //text-transform: uppercase;
+}
+
+.navbar {
+  background-color: #FFFFFF;
+  //border-bottom: 1px solid #ECECEC;
+  border-bottom: 1px solid #ccc;
+  font-weight: 500;
+  //position: relative;
+  transition: border-bottom-color 0s ease 0.1s;
+}
+
+.navbar-brand{
+  //color: #5100A9;
+  float: left;
+  font-family: $serif;
+
+  font-size: 37px;
+  font-style: inherit;
+  font-weight: 900;
+  margin-left: -15px;
+  margin-right: 5px;
+  text-transform: uppercase;
+
+}
+.navbar .nav,
+.navbar .nav > li {
+  float:none;
+  display:inline-block;
+  *display:inline; /* ie7 fix */
+  *zoom:1; /* hasLayout ie7 trigger */
+  vertical-align: top;
+  a{
+    font-family:$serif;
+  }
+}
+
+.navbar-inner {
+    display: block;
+    //font-family: Runda-1;
+    //font-size: 1.5em;
+    line-height: 20px;
+    margin-left: auto;
+    margin-right: auto;
+    //max-width: 687px;
+    text-align: center;
+}
+
+.nav-pills > li.active > a, .nav-pills > li.active > a:hover, .nav-pills > li.active > a:focus {
+    background-color: background;
+    border-radius: 0;
+    color: #fff;
+}
+
+.nav-pills > li > a, .nav-pills > li > a:hover, .nav-pills > li > a:focus {
+    background-color: #eee;
+    border-radius: 0;
+    color: #000;
+}
+
+
+.avatar{
+  border-radius: 50%;
+}
+
+
+#left-wrap{
+  min-width: 250px;
+}
+
+#sidebar{
+  border-right: 1px solid #cecece;
+  display: inline-block;
+  height: 100%;
+  left: 0px;
+  padding: 0;
+  width: 253px;
+  background-color: $background-color;
+  #sidebar-header{
+    border-bottom: 1px solid #cecece;
+    padding: 15px 15px 11px;
+  }
+}
+
+#main-content{
+  min-width: 600px;
+}
+
+#repo-menu{
+  //margin-top: 29px;
+  margin-top: 13px;
+  i{
+    padding: 3.7px;
+  }
+}
+
+/*
+pre#log{
+  background-color: #222;
+  border: 1px solid #ddd;
+  clear: left;
+  color: #f1f1f1;
+  counter-reset: line-numbering;
+  font-family: monospace;
+  font-size: 12px;
+  line-height: 19px;
+  margin-top: 1em;
+  min-height: 12px;
+  padding: 15px 23px;
+  position: relative;
+  white-space: pre-wrap;
+  word-wrap: break-word;
+}*/
+
+.build-row td{
+  font-size: 13px;
+  padding: 5px 20px 5px 0;
+  text-align: left;
+  vertical-align: top;
+}

data/lib/perkins/auth/github.rb

@@ -0,0 +1,181 @@
+require 'sinatra/base'
+require 'warden/github'
+
+#https://github.com/atmos/sinatra_auth_github
+
+module Perkins
+  module Auth
+    module Github
+      # Simple way to serve an image early in the stack and not get blocked by
+      # application level before filters
+      class AccessDenied < Sinatra::Base
+        enable :raise_errors
+        disable :show_exceptions
+
+        get '/_images/securocat.png' do
+          send_file(File.join(File.dirname(__FILE__), "views", "securocat.png"))
+        end
+      end
+
+      # The default failure application, this is overridable from the extension config
+      class BadAuthentication < Sinatra::Base
+        enable :raise_errors
+        disable :show_exceptions
+
+        helpers do
+          def unauthorized_template
+            @unauthenticated_template ||= "401"
+            #File.read(File.join(File.dirname(__FILE__), "../../views", "401.html"))
+          end
+        end
+
+        get '/unauthenticated' do
+          status 403
+          unauthorized_template
+        end
+      end
+
+      module Helpers
+        def warden
+          env['warden']
+        end
+
+        def authenticate!(*args)
+          warden.authenticate!(*args)
+        end
+
+        def authenticated?(*args)
+          warden.authenticated?(*args)
+        end
+
+        def logout!
+          warden.logout
+        end
+
+        # The authenticated user object
+        #
+        # Supports a variety of methods, name, full_name, email, etc
+        def github_user
+          warden.user
+        end
+
+        # Send a V3 API GET request to path
+        #
+        # path - the path on api.github.com to hit
+        #
+        # Returns a rest client response object
+        #
+        # Examples
+        #   github_raw_request("/user")
+        #   # => RestClient::Response
+        def github_raw_request(path)
+          github_user.github_raw_request(path)
+        end
+
+        # Send a V3 API GET request to path and parse the response body
+        #
+        # path - the path on api.github.com to hit
+        #
+        # Returns a parsed JSON response
+        #
+        # Examples
+        #   github_request("/user")
+        #   # => { 'login' => 'atmos', ... }
+        def github_request(path)
+          github_user.github_request(path)
+        end
+
+        # See if the user is a public member of the named organization
+        #
+        # name - the organization name
+        #
+        # Returns: true if the user is public access, false otherwise
+        def github_public_organization_access?(name)
+          github_user.publicized_organization_member?(name)
+        end
+
+        # See if the user is a member of the named organization
+        #
+        # name - the organization name
+        #
+        # Returns: true if the user has access, false otherwise
+        def github_organization_access?(name)
+          github_user.organization_member?(name)
+        end
+
+        # See if the user is a member of the team id
+        #
+        # team_id - the team's id
+        #
+        # Returns: true if the user has access, false otherwise
+        def github_team_access?(team_id)
+          github_user.team_member?(team_id)
+        end
+
+        # Enforce user membership to the named organization
+        #
+        # name - the organization to test membership against
+        #
+        # Returns an execution halt if the user is not a member of the named org
+        def github_public_organization_authenticate!(name)
+          authenticate!
+          halt([401, "Unauthorized User"]) unless github_public_organization_access?(name)
+        end
+
+        # Enforce user membership to the named organization if membership is publicized
+        #
+        # name - the organization to test membership against
+        #
+        # Returns an execution halt if the user is not a member of the named org
+        def github_organization_authenticate!(name)
+          authenticate!
+          halt([401, "Unauthorized User"]) unless github_organization_access?(name)
+        end
+
+        # Enforce user membership to the team id
+        #
+        # team_id - the team_id to test membership against
+        #
+        # Returns an execution halt if the user is not a member of the team
+        def github_team_authenticate!(team_id)
+          authenticate!
+          halt([401, "Unauthorized User"]) unless github_team_access?(team_id)
+        end
+
+        def _relative_url_for(path)
+          request.script_name + path
+        end
+      end
+
+      def self.registered(app)
+        app.use AccessDenied
+        app.use BadAuthentication
+
+        app.use Warden::Manager do |manager|
+          manager.default_strategies :github
+
+          manager.failure_app     = app.github_options[:failure_app] || BadAuthentication
+
+          manager.scope_defaults :default, :config => {
+            :client_id     => app.github_options[:client_id]    || ENV['GITHUB_CLIENT_ID'],
+            :client_secret => app.github_options[:secret]       || ENV['GITHUB_CLIENT_SECRET'],
+            :scope         => app.github_options[:scopes]       || "admin:repo_hook,repo,user:email",
+            :redirect_uri  => app.github_options[:callback_url] || '/auth/github/callback'
+          }
+        end
+
+        app.helpers Helpers
+
+        app.get '/auth/github/callback' do
+          if params["error"]
+            redirect "/unauthenticated"
+          else
+            authenticate!
+            return_to = session.delete('return_to') || _relative_url_for('/')
+            redirect return_to
+          end
+        end
+      end
+    end
+  end
+end

data/lib/perkins/build/data/env.rb

@@ -0,0 +1,84 @@
+require 'active_support/core_ext/module/delegation'
+require 'shellwords'
+
+module Perkins
+  module Build
+    class Data
+      class Env
+        delegate :secure_env_enabled?, :pull_request, :config, :build, :job, :repository, to: :data
+
+        class Group < Struct.new(:source, :vars)
+          def initialize(source, vars)
+            super(source, vars || [])
+          end
+
+          def announce?
+            source != 'travis' && vars.length > 0
+          end
+        end
+
+        attr_reader :data
+
+        def initialize(data)
+          @data = data
+        end
+
+        def vars
+          travis_vars + settings_vars + config_vars
+        end
+
+        def vars_groups
+          [Group.new('travis',   travis_vars),
+           Group.new('repository settings', settings_vars),
+           Group.new('.travis.yml', config_vars)]
+        end
+
+        private
+
+          def travis_vars
+            to_vars(
+              TRAVIS_PULL_REQUEST:    pull_request || false,
+              TRAVIS_SECURE_ENV_VARS: secure_env_vars?,
+              TRAVIS_BUILD_ID:        build[:id],
+              TRAVIS_BUILD_NUMBER:    build[:number],
+              TRAVIS_BUILD_DIR:       [ BUILD_DIR, slug.shellescape ].join('/'),
+              TRAVIS_JOB_ID:          job[:id],
+              TRAVIS_JOB_NUMBER:      job[:number],
+              TRAVIS_BRANCH:          job[:branch].shellescape,
+              TRAVIS_COMMIT:          job[:commit],
+              TRAVIS_COMMIT_RANGE:    job[:commit_range],
+              TRAVIS_REPO_SLUG:       slug.shellescape,
+              TRAVIS_OS_NAME:         config[:os],
+              TRAVIS_TAG:             job[:tag]
+            )
+          end
+
+          def slug
+            repository[:slug] || ''
+          end
+
+          def extract_config_vars(vars)
+            vars = to_vars(Array(vars).compact.reject(&:empty?))
+            vars.reject!(&:secure?) unless secure_env_enabled?
+            vars
+          end
+
+          def config_vars
+            extract_config_vars(config[:global_env]) + extract_config_vars(config[:env])
+          end
+
+          def settings_vars
+            data.raw_env_vars.map { |var| Var.new(var[:name], var[:value], !var[:public]) }
+          end
+
+          def to_vars(args)
+            args.to_a.map { |args| Var.create(*args) }.flatten
+          end
+
+          def secure_env_vars?
+            secure_env_enabled? && config_vars.any?(&:secure?)
+          end
+      end
+    end
+  end
+end

data/lib/perkins/build/data/var.rb

@@ -0,0 +1,60 @@
+module Perkins
+  module Build
+    class Data
+      class Var
+        PATTERN = /(?:SECURE )?([\w]+)=(("|')(.*?)(\3)|\$\(.*?\)|[^"' ]+)/
+
+        class << self
+          def create(*args)
+            if args.size == 1
+              parse(args.first).map { |key, value| Var.new(key, value) }
+            else
+              [Var.new(*args)]
+            end
+          end
+
+          def parse(line)
+            secure = line =~ /^SECURE /
+            line.scan(PATTERN).map { |match| [(secure ? "SECURE #{match[0]}" : match[0]), match[1]] }
+          end
+        end
+
+        attr_reader :value
+
+        def initialize(key, value, secure = nil)
+          @key = key.to_s
+          @value = value.to_s
+          @secure = secure
+        end
+
+        def key
+          strip_secure(@key)
+        end
+
+        def to_s
+          if travis?
+            false
+          elsif secure?
+            "export #{[key, '[secure]'].join('=')}"
+          else
+            "export #{[key, value].join('=')}"
+          end
+        end
+
+        def travis?
+          @key =~ /^TRAVIS_/
+        end
+
+        def secure?
+          @secure.nil? ? @key =~ /^SECURE / : @secure
+        end
+
+        private
+
+          def strip_secure(string)
+            string.gsub('SECURE ', '')
+          end
+      end
+    end
+  end
+end

data/lib/perkins/build/data.rb

@@ -0,0 +1,167 @@
+require 'core_ext/hash/deep_merge'
+require 'core_ext/hash/deep_symbolize_keys'
+require 'base64'
+
+# actually, the worker payload can be cleaned up a lot ...
+
+module Perkins
+  module Build
+    class Data
+      autoload :Env, 'perkins/build/data/env'
+      autoload :Var, 'perkins/build/data/var'
+
+      DEFAULTS = { }
+
+      DEFAULT_CACHES = {
+        apt:       false,
+        bundler:   false,
+        cocoapods: false,
+        composer:  false
+      }
+
+      attr_reader :data
+
+      def initialize(data, defaults = {})
+        data = data.deep_symbolize_keys
+        defaults = defaults.deep_symbolize_keys
+        @data = DEFAULTS.deep_merge(defaults.deep_merge(data))
+      end
+
+      def urls
+        data[:urls] || {}
+      end
+
+      def config
+        data[:config]
+      end
+
+      def hosts
+        data[:hosts] || {}
+      end
+
+      def paranoid_mode?
+        data.fetch(:paranoid, false)
+      end
+
+      def skip_resolv_updates?
+        data.fetch(:skip_resolv_updates, false)
+      end
+
+      def skip_etc_hosts_fix?
+        data.fetch(:skip_etc_hosts_fix, false)
+      end
+
+      def cache_options
+        data[:cache_options] || {}
+      end
+
+      def cache(input = config[:cache])
+        case input
+        when Hash           then input
+        when Array          then input.map { |e| cache(e) }.inject(:merge)
+        when String, Symbol then { input.to_sym => true }
+        when nil            then {} # for ruby 1.9
+        when false          then Hash[DEFAULT_CACHES.each_key.with_object(false).to_a]
+        else input.to_h
+        end
+      end
+
+      def cache?(type, default = DEFAULT_CACHES[type])
+        type &&= type.to_sym
+        !!cache.fetch(type) { default }
+      end
+
+      def env_vars
+        @env_vars ||= Env.new(self).vars
+      end
+
+      def env_vars_groups
+        @env_vars_groups ||= Env.new(self).vars_groups
+      end
+
+      def raw_env_vars
+        data[:env_vars] || []
+      end
+
+      class SshKey < Struct.new(:value, :source, :encoded)
+        def value
+          if encoded?
+            Base64.decode64(super)
+          else
+            super
+          end
+        end
+
+        def encoded?
+          encoded
+        end
+
+        def fingerprint
+          rsa_key = OpenSSL::PKey::RSA.new(value)
+          public_ssh_rsa = "\x00\x00\x00\x07ssh-rsa" + rsa_key.e.to_s(0) + rsa_key.n.to_s(0)
+          OpenSSL::Digest::MD5.new(public_ssh_rsa).hexdigest.scan(/../).join(':')
+        end
+      end
+
+      def ssh_key
+        if ssh_key = data[:ssh_key]
+          SshKey.new(ssh_key[:value], ssh_key[:source], ssh_key[:encoded])
+        elsif source_key = data[:config][:source_key]
+          SshKey.new(source_key, nil, true)
+        end
+      end
+
+      def pull_request
+        job[:pull_request]
+      end
+
+      def secure_env_enabled?
+        job[:secure_env_enabled]
+      end
+
+      def source_host
+        source_url =~ %r(^(?:https?|git)(?:://|@)([^/]*?)(?:/|:)) && $1
+      end
+
+      def api_url
+        repository[:api_url]
+      end
+
+      def source_url
+        repository[:source_url]
+      end
+
+      def slug
+        repository[:slug]
+      end
+
+      def commit
+        job[:commit]
+      end
+
+      def branch
+        job[:branch]
+      end
+
+      def ref
+        job[:ref]
+      end
+
+      def job
+        data[:job] || {}
+      end
+
+      def build
+        data[:source] || data[:build] || {} # TODO standarize the payload on :build
+      end
+
+      def repository
+        data[:repository] || {}
+      end
+
+      def token
+        data[:oauth_token]
+      end
+    end
+  end
+end