prepd 0.1.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 7da5fcedfd696ae8ed02c72983c3580aa81ebdb2
+  data.tar.gz: 5ff634d081c083161b62fef9b55506d7ffe0c0d8
+SHA512:
+  metadata.gz: eed08a0948cc105d1c88bc4ef489e35fd0dce5f5429c731c3f708689cc18ea14aee2f9413fdc85fce2c5fa926c93eb4b50203f80a221dc01c9ac4a15984fe770
+  data.tar.gz: 5d687fbcbc00fcb87c2d0c1f25e619ac0532f640220daea216be2f7fcb7d6243010a42328fe90e2249cb579130427c762325aedcd1103eb57851b565b22c6d62

data/.gitignore

@@ -0,0 +1,9 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,49 @@
+# Contributor Code of Conduct
+
+As contributors and maintainers of this project, and in the interest of
+fostering an open and welcoming community, we pledge to respect all people who
+contribute through reporting issues, posting feature requests, updating
+documentation, submitting pull requests or patches, and other activities.
+
+We are committed to making participation in this project a harassment-free
+experience for everyone, regardless of level of experience, gender, gender
+identity and expression, sexual orientation, disability, personal appearance,
+body size, race, ethnicity, age, religion, or nationality.
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery
+* Personal attacks
+* Trolling or insulting/derogatory comments
+* Public or private harassment
+* Publishing other's private information, such as physical or electronic
+  addresses, without explicit permission
+* Other unethical or unprofessional conduct
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+By adopting this Code of Conduct, project maintainers commit themselves to
+fairly and consistently applying these principles to every aspect of managing
+this project. Project maintainers who do not follow or enforce the Code of
+Conduct may be permanently removed from the project team.
+
+This code of conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community.
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting a project maintainer at rjayroach@gmail.com. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. Maintainers are
+obligated to maintain confidentiality with regard to the reporter of an
+incident.
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 1.3.0, available at
+[http://contributor-covenant.org/version/1/3/0/][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/3/0/

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in prepd.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2016 Robert Roach
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,335 @@
+# Prepd
+
+Prepd - A Production Ready Environment for Project Development
+
+One of the core principles of Agile Development is delivering viewable results
+to the business from Week 1. Too often product developement begins with the
+application software, while the infrastructure to deploy into is addressed as
+and when it is needed.
+
+Thankfully, many web application products get to market on similar,
+if not identical, infrastructure. However setting up this infastructure takes time,
+is error prone and typically is non-repeatable ending up as a unique snowflake.
+
+To avoid this, many development teams turn to a PaaS service such as Heroku.
+This has limitations and only addresses the final deployment infrastructure.
+
+Prepd aims to address this by providing a 'convention over configruation' approach
+to provisioning infrastructure. From local developer machines (vagrant running linux
+on the developer's laptop) to staging and production running a docker swarm cluster.
+
+With microservices becoming a common application development strategy, prepd
+aims to make it dead simple to build and deploy a microservice based application.
+Beginning with the end in mind, Prepd offers a simple, conventional way to provision
+all this infrastructure, including CI workflow, secrets managment, 12-factor apps
+
+Agile Development requires 'near production' infrastructure to be in place from Day 1.
+Using Prepd, makes that possible quickly and easily without resorting to a PaaS provider.
+
+## Focus
+
+The focus of Prepd is on enabling developers to build and deploy applications following current
+industry best practices with as little effort as possible. Being flexible and configurable
+for the wide variety of application deployment strategies is currently a secondary goal to
+getting something up and running. Therefore, choices are made:
+
+1. Infrastructure is provisioned via:
+..* Vagrantfile on local machines for development and a local cluster
+..* Terraform plans for clutser infrastructure exclusively on AWS
+2. Ansible is the automation tool used to configure the infrastructure for application deployment
+3. Docker conatainer deployment is currently the only method for deploying applications
+4. The development environment currently supports:
+..* Postgres and Redis for data storage
+..* Rails and Ember for application development
+
+A future goal for Prepd is to enable more application types and tool support
+
+# What is a Production Ready Environment?
+
+It takes a lot of services tuned to work together to make smoothly running infrastructure
+
+## Networking
+- Domain names figured out and DNS running on Route53 etc
+- Ability to programatically change and update DNS
+- SSL certs are already installed so we do TLS from the beginning on all publicly available infrastructure
+- Load Balancing is setup, configured and running in at least staging and production, but also possible in development
+
+## Development Pipeline Required Services
+
+Prepd provisions and configures the infrastructure and provides a tool to deploy applications into the infrastructure.
+However, certain aspects of the pipeline are expected to be provided outside of Prepd, which are:
+
+- Continuous Integration
+- Container Build and Store
+
+### Continuous Integration
+
+CI is expected to be setup and configured as part of an automated deploy process from the outset of the project.
+Here is an example overview of using CircleCI to test a Rails API application
+
+- Create an account on CircleCI and link it to your GitHub account. Authorize CircleCI to access the account
+- Add the Rails API repository as a project on CircleCI. If using rails-templates a circle.yml project already exists
+- Configure slack notifications for when a build completes
+
+### Container Build and Store
+
+A container repository that also builds containers is expected to be provided.
+Here is an example overview of using quay.io to build a Rails API application container
+
+- Create an account on quay.io and link it to your GitHub account. Authorize quay.io to access the account
+- Add the Rails API repository as a docker repository on quay.io
+- Create a trigger to build the container when there is a push on a certain branch of the GitHub repository
+
+Prepd provides ansible playbooks that invoke docker compose to deploy the container from quay.io to the target infrastructure
+
+## Application Services (TODO)
+
+Prepd will be augmented to provide playbooks for the default Application Group as well as Terraform plans that provide:
+
+- Communication Services, e.g. SMTP, SNS (Push), Slack webhooks, Twilio, etc
+- Logging in both local/development and in staging/production with ELK
+- Monitoring/alert service (Prometheus)
+- Additional common 3rd party services as needed
+
+## Swarm Load Balancing
+- network overlays
+- load balancing between micro services
+- manage cluster scaling with compose/swarm mode/ansible or some combination thereof
+
+
+# Installation
+
+Prepd is a ruby gem. It also requires software on the local laptop, including VirtualBox, Vagrant and Ansible
+
+```bash
+gem install prepd
+```
+
+## Automated Installation of Dependencies (TODO)
+
+With the gem installed, navigate to it's directory and run bootstrap.sh to install dependencies
+
+```bash
+bundle cd prepd
+./bootstrap.sh
+```
+
+This will:
+
+- Install ansible
+- Clone the ansible-roles repository
+- Run ansible to install Virtualbox and Vagrant
+
+## Manual Installation of Dependencies
+
+### Ansible
+
+Tested with version 2.2.0
+
+#### Install on MacOS
+
+If planning to install on a clean machine:
+1. Wipe Mac: http://support.apple.com/kb/PH13871  OR http://support.apple.com/en-us/HT201376
+2. Create New User with Admin rights
+
+Install Homebrew:
+
+```bash
+ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
+```
+
+Install python with zlib and ssl support
+
+```bash
+xcode-select --install
+brew install openssl
+brew link openssl --force
+brew uninstall python
+brew install python --with-brewed-openssl
+sudo easy_install pip
+sudo pip install -U ansible
+sudo pip install -U setuptools cryptography markupsafe
+sudo pip install -U ansible boto
+```
+
+#### Install on Ubuntu
+
+```bash
+apt-get install ansible
+```
+
+### VirtualBox
+
+Install VirtualBox from [here](https://www.virtualbox.org/wiki/Downloads)
+
+### Vagrant
+
+Install Vagrant from [here](https://www.vagrantup.com/docs/installation/)
+
+```bash
+vagrant plugin install vagrant-vbguest      # keep your VirtualBox Guest Additions up to date
+vagrant plugin install vagrant-cachier      # caches guest packages
+vagrant plugin install vagrant-hostmanager  # updates /etc/hosts file when machines go up/down
+```
+
+#### vagrant-hostmanager
+This plugin automatically updates the host's /etc/hosts file when vagrant machines go up/down
+
+In order to do that it needs sudo password or sudo priviledges.
+To avoid being asked for the password every time the hosts file is updated,
+[enable passwordless sudo](https://github.com/devopsgroup-io/vagrant-hostmanager#passwordless-sudo)
+for the specific command that hostmanager uses to update the hosts file
+
+
+# Prepd Actors
+
+A Client may have multiples projects. Applications share common infrastructure that is defined by the Project
+
+- Client: An organization with one or more projects, e.g Acme Corp
+- Project: A definition of infrastructure provided for one or more applications
+- Application: A logical group of deployable repositories, e.g. a Rails API server and an Ember web client
+
+
+## Projects
+
+- A project is comprised of Infrastructure Environments (IE) and Application Groups (AG)
+- Infrastructure Environemnts are defined separately for each environment
+- Application Groups are deployed into one or more Infrastructure EnvironmentS
+
+## Infrastructure Environments
+
+Infrastructure is either Vagrant machines for development and local environments or EC2 instances for staging and production
+
+Local, Staging and Production Environments use a Docker swarm network to manage applicaiton groups
+
+- local: virtual machines running on laptop via vagrant whose primary purpose is application development
+- development: primary purpose is also application development, but the infrastructure is deployed in the cloud (AWS)
+- staging: a mirror of production in every way with the possible exception of reduced or part-time resources
+- production: production ;-)
+
+## Applications
+
+Applications are the content that actually gets deployed. The entire purpose of prepd is to provide a consistent
+and easy to manage infrastructure for each environment into which the application will be deployed.
+
+
+# Usage
+
+## New Client
+
+This overview assumes a complete greenfield, e.g. that no infrastructure exists, no applications exist or even 3rd
+party service have been setup. To start from zero, then:
+
+- Create a new GH Organization
+- Create an AWS Account and two IAM Groups: Administrators and ReadOnlyAdministrators
+- Create a CI Account and give it access to the GH Organization
+- Create a Docker Private Repository account and give it access to the GH Organization
+- Create the project in prepd
+
+The first four items are outside the scope of this document.
+
+```ruby
+prepd
+c = Client.create(name: 'Acme')
+```
+
+## New Project
+- create a GH repo for the project
+- create an IAM user for project_name-terraform and download the AWS credentials CSV
+- create an IAM user for project_name-ansible and download the AWS credentials CSV
+- use prepd to create the project using the repo_url and path names (tf_creds and ansible_creds) to CSV files
+
+```ruby
+c = Client.find_by(name: 'Acme')
+c.projects.new(name: 'widget', repo_url: 'git@github.com:my_git_hub_account/widget.git')
+c.tf_creds = 'Users/dude/aws/widget-terraform.csv'
+c.ansible_creds = 'Users/dude/aws/widget-ansible.csv'
+c.save
+```
+
+## New Application
+
+View the [lego README.md](https://github.com/rjayroach/lego) on creating micro serivce applications with Rails and Ember
+
+## Bring Up the Machine
+
+```ruby
+cd ~/prepd/acme/widget
+vagrant up
+vagrant ssh
+```
+
+
+# Credentials
+
+## Project Credentials
+Prepd will create the following credential (hidden) files in project_root:
+
+- .boto: AWS IAM credentials that give read only access to Ansible
+- .developer.yml: Developer’s git account (and other account) details
+- .terraform-vars.txt: AWS IAM credentials that give full access to CRUD AWS resources
+- .vault-password.txt: a UUID used to encrypt and decrypt ansible vault files
+- .id_rsa.pub: the public key uploaded to AWS as the primary key pair for accessing EC2 instances
+- .id_rsa: the private key
+
+- terraform will use project_root/id_rsa.pub to upload key_material to AWS for the machine key
+- config-development.yml checks the project_root and: 1) if .boto exists link it, 2) if id_rsa and id_rsa.pub exist then link them
+- the developer can then do ssh-add which will auto load ~/.ssh/id_rsa to login or run ansible
+
+
+## Transfer Credentials to New Machine
+
+The prepd gem can encrypt the credentials using gpg which must be installed on the host machine
+
+The encrypted credentials are written to and read from the user's home directory so that they are not accidentally
+committed to the project repository
+
+### Encrypt
+
+```ruby
+prepd
+c = Client.find_by(name: 'Acme')
+p = c.projects.find_by(name: 'widget')
+p.encrypt
+```
+
+This will create a tar file containing the various project credentials. It will then invoke gpg to encrypt the archive.
+The credentials will be placed in the project's data directory
+
+You will be prompted for a passphrase to enter twice. After doing that send the file by email or other mechanism
+
+### Decrypt
+
+On the target machine, use prepd to decrypt the file and place it in the correct directory
+
+- Clone the project repository
+- Place the gpg tar file in the project's data directory
+- Run prepd. It will expect to find the credentials file in the project's data directory
+
+```ruby
+prepd
+c = Client.find_by(name: 'Acme')
+p = c.projects.find_by(name: 'widget')
+p.decrypt
+```
+
+## Authorization
+
+If giving a developer access to the machine for development only (not terraform or ansible) then add their public key to the
+instance’s ~/.ssh/authorized_keys. The developer uses ssh-agent forwarding to access the machine from the VM
+
+
+# Development
+
+After checking out the repo, run `bin/setup` to install dependencies. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+# Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/prepd. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
+
+
+# License
+
+The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,2 @@
+require "bundler/gem_tasks"
+task :default => :spec

data/TODO.md

@@ -0,0 +1,17 @@
+# TODO
+
+- option to just gpg encrypt ansible-vault.txt rather than the full set of credentials
+- move gpg files to the project's data dir instead of user's home dir
+- add an option to tar, gizp and gpg the data directory as well
+
+- update prepd-project readme when cloning existing to also pull in ansible-roles
+
+
+- create a bootstrap.sh script that installs Ansible and dependencies, e.g. Homebrew, python, etc
+- add a playbook that provisions a mac or ubuntu laptop with android, packer, extras, etc
+
+- update README to document provisioning a mac (and ubuntu) from brand new:
+1. git clone prepd
+2. run bootstrap.sh
+3. run ./laptop.yml
+4. bin/console to create a client and project OR git clone a project created with prepd

data/bin/console

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+
+require 'bundler/setup'
+require 'prepd/cli'

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/exe/prepd

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+
+require "prepd"
+
+require 'bundler/setup'
+require 'prepd/cli'

data/lib/prepd/cli/commands.rb

@@ -0,0 +1,37 @@
+module Prepd
+  def self.options=(options)
+    @options = options
+  end
+  def self.options; @options; end
+
+  def self.commands
+    puts (methods(false) - %i(:options= :options :commands default_settings)).join("\n")
+  end
+
+  def self.new(name)
+    Client.create(name: name)
+  end
+
+  def self.rm
+    FileUtils.rm_rf(work_dir)
+    FileUtils.rm_rf(data_dir)
+  end
+
+  def self.clients; Client.pluck(:name); end
+
+  def self.projects; Project.pluck(:name); end
+
+  def self.current_client
+    @client
+  end
+
+  def self.current_client=(client)
+    STDOUT.puts 'duh'
+    @client = client
+    Dir.chdir(client.path) do
+      Pry.start(client, prompt: [proc { "prepd(#{client.name}) > " }])
+    end
+    STDOUT.puts 'duh2'
+    nil
+  end
+end

data/lib/prepd/cli/options_parser.rb

@@ -0,0 +1,42 @@
+require 'optparse'
+
+module Prepd::Cli
+  class OptionsParser
+    attr_accessor :options
+
+    def initialize(options = nil)
+      self.options = options || {}
+    end
+
+    def parse
+      optparse = OptionParser.new do |opts|
+        opts.on('-c', '--client [OPT]', 'Client') do |value|
+          options['CLIENT'] = value
+        end
+
+        opts.on( '-d', '--data_dir [OPT]', 'Data directory' ) do |value|
+          options['DATA_DIR'] = value
+        end
+
+        opts.on( '-p', '--project [OPT]', 'Project' ) do |value|
+          options['PROJECT'] = value
+        end
+
+        opts.on('-h', '--help', 'Display this screen') do
+          puts opts
+          exit
+        end
+
+        opts.on('-n', '--no-op', 'Show what would happen but do not execute') do
+          options.no_op = true
+        end
+
+        opts.on('-v', '--verbose', 'Display additional information') do
+          options.verbose = true
+        end
+      end
+      optparse.parse!
+      options
+    end
+  end
+end

data/lib/prepd/cli.rb

@@ -0,0 +1,8 @@
+require 'pry'
+require 'prepd'
+require 'prepd/cli/options_parser'
+require 'prepd/cli/commands'
+
+Prepd.options = Prepd.default_settings
+Prepd.options.merge!(Prepd::Cli::OptionsParser.new.parse)
+Pry.start(Prepd, prompt: [proc { 'prepd> '}])

data/lib/prepd/models.rb

@@ -0,0 +1,261 @@
+module Prepd
+  class Client < ActiveRecord::Base
+    attr_accessor :data_dir
+
+    has_many :projects, dependent: :destroy
+    has_many :applications, through: :projects
+
+    before_validation :set_defaults
+    validates :name, :path, presence: true
+
+    after_create :setup
+    after_destroy :destroy_client
+
+    def set_defaults
+      self.path = "#{Prepd.options['DATA_DIR']}/#{name}"
+    end
+
+    def setup
+      FileUtils.mkdir_p(path) unless Dir.exists?(path)
+    end
+
+    def destroy_client
+      FileUtils.rm_rf("#{path}")
+    end
+  end
+
+
+  class Project < ActiveRecord::Base
+    attr_accessor :tf_creds, :tf_key, :tf_secret, :ansible_creds, :ansible_key, :ansible_secret
+
+    belongs_to :client, required: true
+    has_many :applications, dependent: :destroy
+
+    validates :name, presence: true, uniqueness: { scope: :client }
+
+    after_create :create_project
+    after_destroy :destroy_project
+
+    #
+    # Initialize the prepd-project or just copy in developer credentials if the project already exists
+    #
+    def create_project
+      if Dir.exists?(path)
+        copy_developer_yml
+        return
+      end
+      setup_git
+      clone_submodules
+      copy_developer_yml
+      generate_credentials
+      encrypt_vault_files
+    end
+
+    #
+    # Destory the VM and remove the project from the file system
+    #
+    def destroy_project
+      Dir.chdir(path) { system('vagrant destroy') }
+      FileUtils.rm_rf(path)
+    end
+
+    #
+    # Clone prepd-project, remove the git history and start with a clean repository
+    #
+    def setup_git
+      Dir.chdir(client.path) { system("git clone git@github.com:rjayroach/prepd-project.git #{name}") }
+      Dir.chdir(path) do
+        FileUtils.rm_rf("#{path}/.git")
+        system('git init')
+        system('git add .')
+        system("git commit -m 'First commit from Prepd'")
+        system("git remote add origin #{repo_url}") if repo_url
+      end
+    end
+
+    #
+    # Clone ansible roles and terraform modules
+    #
+    def clone_submodules
+      Dir.chdir("#{path}/ansible") do
+        system('git submodule add git@github.com:rjayroach/ansible-roles.git roles')
+      end
+      Dir.chdir("#{path}/terraform") do
+        system('git submodule add git@github.com:rjayroach/terraform-modules.git modules')
+      end
+    end
+
+    #
+    # Copy developer credentials or create them if the file doesn't already exists
+    # TODO: Maybe the creation of developer creds should be done at startup of prepd
+    #
+    def copy_developer_yml
+      return if File.exists?("#{path}/.developer.yml")
+      Dir.chdir(path) do
+        if File.exists?("#{Prepd.work_dir}/developer.yml")
+          FileUtils.cp("#{Prepd.work_dir}/developer.yml", '.developer.yml')
+        elsif File.exists?("#{Dir.home}/.prepd-developer.yml")
+          FileUtils.cp("#{Dir.home}/.prepd-developer.yml", '.developer.yml')
+        else
+          File.open('.developer.yml', 'w') do |f|
+            f.puts('---')
+            f.puts("git_username: #{`git config --get user.name`.chomp}")
+            f.puts("git_email: #{`git config --get user.email`.chomp}")
+            f.puts("docker_username: ")
+            f.puts("docker_password: ")
+          end
+        end
+      end
+    end
+
+    #
+    # Create AWS credential files for Terraform and Ansible, ssh keys and and ansible-vault encryption key
+    # NOTE: The path to credentials is used in the ansible-role prepd
+    #
+    def generate_credentials
+      # self.tf_creds = '/Users/rjayroach/Documents/c2p4/aws/legos-terraform.csv'
+      # self.ansible_creds = '/Users/rjayroach/Documents/c2p4/aws/legos-ansible.csv'
+      generate_tf_creds
+      generate_ansible_creds
+      generate_ssh_keys
+      generate_vault_password
+    end
+
+    def generate_tf_creds
+      self.tf_key, self.tf_secret = CSV.read(tf_creds).last.slice(2,2) if tf_creds
+      unless tf_key and tf_secret
+        STDOUT.puts 'tf_key and tf_secret need to be set (or set tf_creds to path to CSV file)'
+        return
+      end
+      require 'csv'
+      Dir.chdir(path) do
+        File.open('.terraform-vars.txt', 'w') do |f|
+          f.puts("aws_access_key_id = \"#{tf_key}\"")
+          f.puts("aws_secret_access_key = \"#{tf_secret}\"")
+        end
+      end
+    end
+
+    def generate_ansible_creds
+      self.ansible_key, self.ansible_secret = CSV.read(ansible_creds).last.slice(2,2) if ansible_creds
+      unless ansible_key and ansible_secret
+        STDOUT.puts 'ansible_key and ansible_secret need to be set (or set ansible_creds to path to CSV file)'
+        return
+      end
+      Dir.chdir(path) do
+        File.open('.boto', 'w') do |f|
+          f.puts('[Credentials]')
+          f.puts("aws_access_key_id = #{ansible_key}")
+          f.puts("aws_secret_access_key = #{ansible_secret}")
+        end
+      end
+    end
+
+    #
+    # Generate a key pair to be used as the EC2 key pair
+    #
+    def generate_ssh_keys(file_name = '.id_rsa')
+      Dir.chdir(path) { system("ssh-keygen -b 2048 -t rsa -f #{file_name} -q -N '' -C 'ansible@#{name}.#{client.name}.local'") }
+    end
+
+    #
+    # Generate the key to encrypt ansible-vault files
+    #
+    def generate_vault_password(file_name = '.vault-password.txt')
+      require 'securerandom'
+      Dir.chdir(path) { File.open(file_name, 'w') { |f| f.puts(SecureRandom.uuid) } }
+    end
+
+    #
+    # Use ansible-vault to encrypt the inventory group_vars
+    #
+    def encrypt_vault_files
+      Dir.chdir("#{path}/ansible") do
+        %w(all development local production staging).each do |env|
+          system("ansible-vault encrypt inventory/group_vars/#{env}/vault")
+        end
+      end
+    end
+
+    def encrypt(mode = :vault)
+      return unless executable?('gpg')
+      Dir.chdir(path) do
+        system "tar cf #{archive(:credentials)} #{file_list(mode)}"
+      end
+      system "gpg -c #{archive(:credentials)}"
+      FileUtils.rm(archive(:credentials))
+      "File created: #{archive(:credentials)}.gpg"
+    end
+
+    def encrypt_data
+      return unless executable?('gpg')
+      archive_path = "#{path}/#{client.name}-#{name}-data.tar"
+      Dir.chdir(path) do
+        system "tar cf #{archive_path} data"
+      end
+      system "gpg -c #{archive_path}"
+      FileUtils.rm(archive_path)
+      FileUtils.mv("#{archive_path}.gpg", "#{archive(:data)}.gpg")
+      "File created: #{archive(:data)}.gpg"
+    end
+
+    def decrypt(type = :credentials)
+      return unless %i(credentials data).include? type
+      return unless executable?('gpg')
+      unless File.exists?("#{archive(type)}.gpg")
+        STDOUT.puts "File not found: #{archive(type)}.gpg"
+        return
+      end
+      system "gpg #{archive(type)}.gpg"
+      Dir.chdir(path) do
+        system "tar xf #{archive(type)}"
+      end
+      FileUtils.rm(archive(type))
+      "File processed: #{archive(type)}.gpg"
+    end
+
+    def executable?(name = 'gpg')
+      require 'mkmf'
+      rv = find_executable(name)
+      STDOUT.puts "#{name} executable not found" unless rv
+      FileUtils.rm('mkmf.log')
+      rv
+    end
+
+    def file_list(mode)
+      return ".boto .id_rsa .id_rsa.pub .terraform-vars.txt .vault-password.txt" if mode.eql?(:all)
+      ".vault-password.txt"
+    end
+
+    def archive(type = :credentials)
+      "#{data_path}/#{client.name}-#{name}-#{type}.tar"
+    end
+
+    def data_path
+      "#{path}/data"
+    end
+
+    def path
+     "#{client.path}/#{name}"
+    end
+  end
+
+
+  class Application < ActiveRecord::Base
+    belongs_to :project, required: true
+
+    validates :name, presence: true, uniqueness: { scope: :project }
+
+    after_create :setup
+
+    def setup
+      Dir.chdir("#{project.path}/ansible") do
+        FileUtils.cp_r('application', name)
+      end
+    end
+
+    def path
+     "#{project.path}/ansible/#{name}"
+    end
+  end
+end

data/lib/prepd/schema.rb

@@ -0,0 +1,23 @@
+ActiveRecord::Schema.define do
+  unless ActiveRecord::Base.connection.data_sources.include?('clients')
+    create_table :clients do |table|
+      table.column :name, :string
+      table.column :path , :string
+    end
+  end
+
+  unless ActiveRecord::Base.connection.data_sources.include?('projects')
+    create_table :projects do |table|
+      table.column :client_id, :integer # foreign key <table-name-singular>_id
+      table.column :name, :string
+      table.column :repo_url, :string
+    end
+  end
+
+  unless ActiveRecord::Base.connection.data_sources.include?('applications')
+    create_table :applications do |table|
+      table.column :project_id, :integer # foreign key <table-name-singular>_id
+      table.column :name, :string
+    end
+  end
+end

data/lib/prepd/version.rb

@@ -0,0 +1,3 @@
+module Prepd
+  VERSION = '0.1.1'
+end

data/lib/prepd.rb

@@ -0,0 +1,47 @@
+require 'prepd/version'
+require 'dotenv'
+require 'active_record'
+require 'sqlite3'
+require 'fileutils'
+
+module Prepd
+  def self.work_dir; "#{Dir.home}/.prepd"; end
+  def self.data_dir; ENV['DATA_DIR']; end
+
+  def self.files; Dir.glob("#{work_dir}/*"); end
+
+  def self.config; "#{work_dir}/config"; end
+
+  def self.default_settings
+    {
+      'VERSION' => '1',
+      'DATA_DIR' => "#{Dir.home}/prepd",
+      'VAGRANT_BASE_BOX' => 'debian/contrib-jessie64'
+    }
+  end
+
+  # Create records for exisitng directories in the DATA_DIR
+  def self.scan
+    clients = Dir.entries(ENV['DATA_DIR'])
+    clients.select { |entry| !entry.starts_with?('.') }.each do |client_name|
+      c = Client.find_or_create_by(name: client_name)
+      projects = Dir.entries("#{ENV['DATA_DIR']}/#{client_name}")
+      projects.select { |entry| !entry.starts_with?('.') }.each do |project_name|
+        c.projects.find_or_create_by(name: project_name)
+      end
+    end
+  end
+
+  FileUtils.mkdir_p work_dir
+  ActiveRecord::Base.logger = Logger.new(File.open("#{work_dir}/database.log", 'w'))
+  ActiveRecord::Base.establish_connection(adapter: :sqlite3, database: "#{work_dir}/sqlite.db")
+  unless File.exists?(config)
+    File.open(config, 'a') do |f|
+      default_settings.each { |key, value| f.puts("#{key}=#{value}") }
+    end
+  end
+  Dotenv.load(config)
+end
+
+require 'prepd/schema'
+require 'prepd/models'

data/prepd.gemspec

@@ -0,0 +1,31 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'prepd/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'prepd'
+  spec.version       = Prepd::VERSION
+  spec.authors       = ['Robert Roach']
+  spec.email         = ['rjayroach@gmail.com']
+
+  spec.summary       = %q{An easy to use tool to create Production Ready Environments for Project Development}
+  spec.description   = %q{Prepd assists builders of web application products to start with the end in mind by making it easy to stand up all required infrastructure
+  *before* starting to code the application}
+  spec.homepage      = 'https://github.com/rjayroach/prepd-gem'
+  spec.license       = 'MIT'
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.bindir        = 'exe'
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ['lib']
+
+  spec.add_development_dependency 'bundler', '~> 1.12'
+  spec.add_development_dependency 'rake', '~> 10.0'
+
+  spec.add_dependency 'dotenv'
+  spec.add_dependency 'activerecord'
+  spec.add_dependency 'sqlite3'
+  spec.add_dependency 'pry'
+  spec.add_dependency 'awesome_print'
+end

metadata

@@ -0,0 +1,163 @@
+--- !ruby/object:Gem::Specification
+name: prepd
+version: !ruby/object:Gem::Version
+  version: 0.1.1
+platform: ruby
+authors:
+- Robert Roach
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2017-11-02 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.12'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.12'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: dotenv
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: activerecord
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: awesome_print
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: |-
+  Prepd assists builders of web application products to start with the end in mind by making it easy to stand up all required infrastructure
+    *before* starting to code the application
+email:
+- rjayroach@gmail.com
+executables:
+- prepd
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- CODE_OF_CONDUCT.md
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- TODO.md
+- bin/console
+- bin/setup
+- exe/prepd
+- lib/prepd.rb
+- lib/prepd/cli.rb
+- lib/prepd/cli/commands.rb
+- lib/prepd/cli/options_parser.rb
+- lib/prepd/models.rb
+- lib/prepd/schema.rb
+- lib/prepd/version.rb
+- prepd.gemspec
+homepage: https://github.com/rjayroach/prepd-gem
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.5.2.1
+signing_key: 
+specification_version: 4
+summary: An easy to use tool to create Production Ready Environments for Project Development
+test_files: []