rockstart 0.1.0 → 0.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +6 -0
- data/lib/generators/rockstart/authorization/USAGE +9 -0
- data/lib/generators/rockstart/authorization/auth0/USAGE +10 -0
- data/lib/generators/rockstart/authorization/auth0/auth0_generator.rb +49 -0
- data/lib/generators/rockstart/authorization/auth0/templates/app/controllers/auth_controller.rb.tt +47 -0
- data/lib/generators/rockstart/authorization/auth0/templates/app/controllers/concerns/session_auth.rb +23 -0
- data/lib/generators/rockstart/authorization/auth0/templates/app/models/user.rb.tt +82 -0
- data/lib/generators/rockstart/authorization/auth0/templates/app/views/auth/new.html.erb +3 -0
- data/lib/generators/rockstart/authorization/auth0/templates/app/views/auth/sign_out.html.erb +1 -0
- data/lib/generators/rockstart/authorization/auth0/templates/auth0.en.yml +5 -0
- data/lib/generators/rockstart/authorization/auth0/templates/auth0_initializer.rb +27 -0
- data/lib/generators/rockstart/authorization/auth0/templates/auth0_util.rb.tt +38 -0
- data/lib/generators/rockstart/authorization/auth0/templates/auth0_util_spec.rb +21 -0
- data/lib/generators/rockstart/authorization/auth0/templates/spec/factories/users.rb.tt +32 -0
- data/lib/generators/rockstart/authorization/auth0/templates/spec/models/user_spec.rb.tt +91 -0
- data/lib/generators/rockstart/authorization/auth0/templates/spec/requests/auth_spec.rb +94 -0
- data/lib/generators/rockstart/authorization/auth0/templates/spec/support/auth_request_helper.rb +27 -0
- data/lib/generators/rockstart/authorization/authorization_generator.rb +29 -0
- data/lib/generators/rockstart/{devise → authorization/devise}/USAGE +3 -1
- data/lib/generators/rockstart/authorization/devise/devise_generator.rb +208 -0
- data/lib/generators/rockstart/authorization/devise/templates/add_devise_to_users_migration.rb.tt +50 -0
- data/lib/generators/rockstart/{devise → authorization/devise}/templates/controllers/passwords_controller.rb +0 -0
- data/lib/generators/rockstart/{devise → authorization/devise}/templates/controllers/registrations_controller.rb +0 -0
- data/lib/generators/rockstart/{devise → authorization/devise}/templates/controllers/sessions_controller.rb +0 -0
- data/lib/generators/rockstart/{devise → authorization/devise}/templates/create_user_migration.rb.tt +0 -0
- data/lib/generators/rockstart/{devise → authorization/devise}/templates/models/user.rb +14 -2
- data/lib/generators/rockstart/{devise → authorization/devise}/templates/spec/factories/users.rb +0 -0
- data/lib/generators/rockstart/{devise → authorization/devise}/templates/spec/models/user_spec.rb +9 -21
- data/lib/generators/rockstart/{devise → authorization/devise}/templates/spec/requests/users/passwords_spec.rb +0 -0
- data/lib/generators/rockstart/{devise → authorization/devise}/templates/spec/requests/users/registrations_spec.rb +2 -11
- data/lib/generators/rockstart/{devise → authorization/devise}/templates/spec/requests/users/sessions_spec.rb +1 -38
- data/lib/generators/rockstart/{devise → authorization/devise}/templates/spec/support/devise_request_spec_helper.rb +0 -0
- data/lib/generators/rockstart/{devise → authorization/devise}/templates/translations.en.yml +0 -0
- data/lib/generators/rockstart/{pundit → authorization/pundit}/USAGE +1 -1
- data/lib/generators/rockstart/authorization/pundit/pundit_generator.rb +41 -0
- data/lib/generators/rockstart/{pundit → authorization/pundit}/templates/app/controllers/concerns/pundit_error_handling.rb +0 -0
- data/lib/generators/rockstart/{pundit → authorization/pundit}/templates/app/policies/application_policy.rb +0 -0
- data/lib/generators/rockstart/{pundit/templates/app/policies/user_policy.rb → authorization/pundit/templates/app/policies/user_policy.rb.tt} +4 -0
- data/lib/generators/rockstart/{pundit → authorization/pundit}/templates/config/locales/pundit.en.yml +0 -0
- data/lib/generators/rockstart/authorization/pundit/templates/lib/admin_constraint.rb +11 -0
- data/lib/generators/rockstart/{pundit/templates/lib/templates/pundit/policy/policy.rb → authorization/pundit/templates/scaffold/policy.rb.tt} +0 -0
- data/lib/generators/rockstart/{pundit/templates/lib/templates/rspec/policy/policy_spec.rb → authorization/pundit/templates/scaffold/policy_spec.rb.tt} +0 -0
- data/lib/generators/rockstart/{pundit/templates/spec/policies/user_policy_spec.rb → authorization/pundit/templates/spec/policies/user_policy_spec.rb.tt} +43 -5
- data/lib/generators/rockstart/{pundit → authorization/pundit}/templates/spec/support/pundit_matchers.rb +0 -0
- data/lib/generators/rockstart/deployment/USAGE +8 -0
- data/lib/generators/rockstart/deployment/deployment_generator.rb +78 -0
- data/lib/generators/rockstart/{docker → deployment/docker}/USAGE +0 -0
- data/lib/generators/rockstart/deployment/docker/docker_generator.rb +70 -0
- data/lib/generators/rockstart/{docker → deployment/docker}/templates/app/Dockerfile-app +6 -5
- data/lib/generators/rockstart/{docker → deployment/docker}/templates/docker-compose.test.yml +5 -2
- data/lib/generators/rockstart/deployment/docker/templates/docker-compose.yml +74 -0
- data/lib/generators/rockstart/{docker → deployment/docker}/templates/dockerignore +0 -0
- data/lib/generators/rockstart/deployment/docker/templates/dotenv.docker-db.tt +3 -0
- data/lib/generators/rockstart/deployment/docker/templates/dotenv.docker.tt +20 -0
- data/lib/generators/rockstart/{docker → deployment/docker}/templates/web/Dockerfile-web +0 -0
- data/lib/generators/rockstart/{docker → deployment/docker}/templates/web/nginx.conf +24 -1
- data/lib/generators/rockstart/deployment/heroku/USAGE +9 -0
- data/lib/generators/rockstart/deployment/heroku/heroku_generator.rb +50 -0
- data/lib/generators/rockstart/deployment/heroku/templates/Procfile.tt +5 -0
- data/lib/generators/rockstart/deployment/heroku/templates/app.json.tt +50 -0
- data/lib/generators/rockstart/deployment/heroku/templates/deploy-heroku.tt +42 -0
- data/lib/generators/rockstart/deployment/heroku/templates/heroku.rake.tt +25 -0
- data/lib/generators/rockstart/deployment/heroku/templates/slugignore +3 -0
- data/lib/generators/rockstart/deployment/nginx/USAGE +8 -0
- data/lib/generators/rockstart/deployment/nginx/nginx_generator.rb +20 -0
- data/lib/generators/rockstart/deployment/templates/hooks-postdeploy.tt +22 -0
- data/lib/generators/rockstart/deployment/templates/hooks-release.tt +17 -0
- data/lib/generators/rockstart/deployment/templates/rack_deflater_spec.rb +28 -0
- data/lib/generators/rockstart/deployment/templates/web.tt +3 -0
- data/lib/generators/rockstart/deployment/templates/worker.tt +3 -0
- data/lib/generators/rockstart/development/USAGE +10 -0
- data/lib/generators/rockstart/development/audited/USAGE +10 -0
- data/lib/generators/rockstart/development/audited/audited_generator.rb +35 -0
- data/lib/generators/rockstart/development/audited/templates/audit.rb.tt +35 -0
- data/lib/generators/rockstart/development/audited/templates/audit_spec.rb.tt +54 -0
- data/lib/generators/rockstart/development/audited/templates/audited_initializer.rb +5 -0
- data/lib/generators/rockstart/development/audited/templates/audited_support.rb +3 -0
- data/lib/generators/rockstart/development/audited/templates/install_audited.rb.tt +45 -0
- data/lib/generators/rockstart/development/development_generator.rb +42 -0
- data/lib/generators/rockstart/development/env/USAGE +8 -0
- data/lib/generators/rockstart/development/env/env_generator.rb +17 -0
- data/lib/generators/rockstart/development/env/templates/dotenv.development.tt +4 -0
- data/lib/generators/rockstart/development/friendly_id/USAGE +8 -0
- data/lib/generators/rockstart/development/friendly_id/friendly_id_generator.rb +15 -0
- data/lib/generators/rockstart/development/friendly_id/templates/friendly_id_initializer.rb +52 -0
- data/lib/generators/rockstart/development/generator_overrides/USAGE +8 -0
- data/lib/generators/rockstart/development/generator_overrides/generator_overrides_generator.rb +31 -0
- data/lib/generators/rockstart/development/generator_overrides/templates/resource_route_generator.rb.tt +54 -0
- data/lib/generators/rockstart/development/localhost_setup/USAGE +8 -0
- data/lib/generators/rockstart/development/localhost_setup/localhost_setup_generator.rb +34 -0
- data/lib/generators/rockstart/{docker → development/localhost_setup}/templates/localhost_domains.ext.tt +0 -0
- data/lib/generators/rockstart/{docker → development/localhost_setup}/templates/setup-localhost.tt +5 -5
- data/lib/generators/rockstart/development/readme/USAGE +8 -0
- data/lib/generators/rockstart/development/readme/readme_generator.rb +18 -0
- data/lib/generators/rockstart/development/readme/templates/README.md +74 -0
- data/lib/generators/rockstart/development/rebuild/USAGE +8 -0
- data/lib/generators/rockstart/development/rebuild/rebuild_generator.rb +21 -0
- data/lib/generators/rockstart/development/rebuild/templates/rockstart.tt +28 -0
- data/lib/generators/rockstart/{scaffold_templates → development/scaffolds}/USAGE +1 -1
- data/lib/generators/rockstart/development/scaffolds/scaffolds_generator.rb +46 -0
- data/lib/generators/rockstart/{scaffold_templates → development/scaffolds}/templates/api_controller.rb.tt +15 -7
- data/lib/generators/rockstart/{scaffold_templates → development/scaffolds}/templates/controller.rb.tt +18 -9
- data/lib/generators/rockstart/development/scaffolds/templates/factory_bot/factories.erb +8 -0
- data/lib/generators/rockstart/development/scaffolds/templates/model.rb.tt +61 -0
- data/lib/generators/rockstart/development/scaffolds/templates/rspec/api_request_spec.rb.tt +142 -0
- data/lib/generators/rockstart/development/scaffolds/templates/rspec/model_spec.rb.tt +35 -0
- data/lib/generators/rockstart/development/scaffolds/templates/rspec/request_spec.rb.tt +492 -0
- data/lib/generators/rockstart/frontend_app/USAGE +10 -0
- data/lib/generators/rockstart/frontend_app/application_urls/USAGE +8 -0
- data/lib/generators/rockstart/frontend_app/application_urls/application_urls_generator.rb +28 -0
- data/lib/generators/rockstart/{frontend_helpers → frontend_app/application_urls}/templates/application_urls.rb +0 -0
- data/lib/generators/rockstart/{frontend_helpers → frontend_app/application_urls}/templates/application_urls_helper.rb +0 -0
- data/lib/generators/rockstart/frontend_app/assets/USAGE +8 -0
- data/lib/generators/rockstart/frontend_app/assets/assets_generator.rb +11 -0
- data/lib/generators/rockstart/frontend_app/assets/templates/assets.rake +22 -0
- data/lib/generators/rockstart/frontend_app/frontend_app_generator.rb +38 -0
- data/lib/generators/rockstart/frontend_app/simple_form/USAGE +8 -0
- data/lib/generators/rockstart/frontend_app/simple_form/simple_form_generator.rb +9 -0
- data/lib/generators/rockstart/frontend_app/titles/USAGE +8 -0
- data/lib/generators/rockstart/{frontend_helpers → frontend_app/titles}/templates/titles.en.yml.tt +0 -0
- data/lib/generators/rockstart/frontend_app/titles/titles_generator.rb +22 -0
- data/lib/generators/rockstart/gemset/USAGE +8 -0
- data/lib/generators/rockstart/gemset/gemset_generator.rb +129 -0
- data/lib/generators/rockstart/mailers/USAGE +8 -0
- data/lib/generators/rockstart/mailers/mailers_generator.rb +7 -0
- data/lib/generators/rockstart/{smtp_mailer → mailers/smtp_mailer}/USAGE +0 -0
- data/lib/generators/rockstart/mailers/smtp_mailer/smtp_mailer_generator.rb +36 -0
- data/lib/generators/rockstart/{smtp_mailer/templates/config/initializers/action_mailer.rb → mailers/smtp_mailer/templates/action_mailer_initializer.rb} +0 -0
- data/lib/generators/rockstart/monitoring/USAGE +8 -0
- data/lib/generators/rockstart/{logging → monitoring/lograge}/USAGE +1 -1
- data/lib/generators/rockstart/monitoring/lograge/lograge_generator.rb +19 -0
- data/lib/generators/rockstart/monitoring/lograge/templates/lograge_initializer.rb +44 -0
- data/lib/generators/rockstart/monitoring/lograge/templates/lograge_util.rb +42 -0
- data/lib/generators/rockstart/monitoring/monitoring_generator.rb +35 -0
- data/lib/generators/rockstart/monitoring/okcomputer/USAGE +8 -0
- data/lib/generators/rockstart/monitoring/okcomputer/okcomputer_generator.rb +28 -0
- data/lib/generators/rockstart/monitoring/okcomputer/templates/okcomputer.en.yml +5 -0
- data/lib/generators/rockstart/monitoring/okcomputer/templates/okcomputer_initializer.rb.tt +34 -0
- data/lib/generators/rockstart/monitoring/okcomputer/templates/okcomputer_spec.rb +62 -0
- data/lib/generators/rockstart/monitoring/rollbar/USAGE +8 -0
- data/lib/generators/rockstart/monitoring/rollbar/rollbar_generator.rb +20 -0
- data/lib/generators/rockstart/monitoring/rollbar/templates/rollbar_initializer.rb.tt +80 -0
- data/lib/generators/rockstart/monitoring/sidekiq_ui/USAGE +8 -0
- data/lib/generators/rockstart/monitoring/sidekiq_ui/sidekiq_ui_generator.rb +38 -0
- data/lib/generators/rockstart/monitoring/sidekiq_ui/templates/sidekiq_spec.rb +32 -0
- data/lib/generators/rockstart/quality/quality_generator.rb +5 -16
- data/lib/generators/rockstart/quality/rubocop/USAGE +11 -0
- data/lib/generators/rockstart/quality/rubocop/rubocop_generator.rb +23 -0
- data/lib/generators/rockstart/quality/rubocop/templates/rubocop.rake +19 -0
- data/lib/generators/rockstart/quality/{templates → rubocop/templates}/rubocop.yml +0 -0
- data/lib/generators/rockstart/rockstart_generator.rb +13 -65
- data/lib/generators/rockstart/run/USAGE +17 -0
- data/lib/generators/rockstart/run/run_generator.rb +73 -0
- data/lib/generators/rockstart/security/brakeman/USAGE +9 -0
- data/lib/generators/rockstart/security/brakeman/brakeman_generator.rb +15 -0
- data/lib/generators/rockstart/security/{templates → brakeman/templates}/brakeman.rake +1 -1
- data/lib/generators/rockstart/security/bundler_audit/USAGE +8 -0
- data/lib/generators/rockstart/security/bundler_audit/bundler_audit_generator.rb +11 -0
- data/lib/generators/rockstart/security/bundler_audit/templates/bundler_audit.rake +14 -0
- data/lib/generators/rockstart/security/content_security/USAGE +8 -0
- data/lib/generators/rockstart/security/content_security/content_security_generator.rb +41 -0
- data/lib/generators/rockstart/security/{templates → content_security/templates}/content_security_policy_initializer.rb.tt +2 -2
- data/lib/generators/rockstart/security/{templates → content_security/templates}/content_security_spec.rb.tt +12 -13
- data/lib/generators/rockstart/security/{templates/csp_violations_controller.rb → content_security/templates/csp_violations_controller.rb.tt} +14 -6
- data/lib/generators/rockstart/security/{templates → content_security/templates}/session_store_initializer.rb.tt +1 -2
- data/lib/generators/rockstart/security/rack_attack/USAGE +8 -0
- data/lib/generators/rockstart/security/rack_attack/rack_attack_generator.rb +37 -0
- data/lib/generators/rockstart/security/{templates → rack_attack/templates}/cache_support.rb +1 -1
- data/lib/generators/rockstart/security/{templates/rack_attack.rb → rack_attack/templates/rack_attack_initializer.rb.tt} +34 -1
- data/lib/generators/rockstart/security/rack_attack/templates/rack_attack_spec.rb.tt +116 -0
- data/lib/generators/rockstart/security/security_generator.rb +20 -84
- data/lib/generators/rockstart/storage/USAGE +8 -0
- data/lib/generators/rockstart/storage/active_storage/USAGE +8 -0
- data/lib/generators/rockstart/storage/active_storage/active_storage_generator.rb +59 -0
- data/lib/generators/rockstart/storage/active_storage/templates/active_storage_initializer.rb +9 -0
- data/lib/generators/rockstart/storage/active_storage/templates/better_s3_service.rb +27 -0
- data/lib/generators/rockstart/storage/active_storage/templates/cloudcube_util.rb +30 -0
- data/lib/generators/rockstart/storage/active_storage/templates/cloudcube_util_spec.rb +73 -0
- data/lib/generators/rockstart/storage/active_storage/templates/storage.yml.tt +15 -0
- data/lib/generators/rockstart/storage/memcached/USAGE +8 -0
- data/lib/generators/rockstart/storage/memcached/memcached_generator.rb +27 -0
- data/lib/generators/rockstart/{postgres → storage/postgres}/USAGE +1 -1
- data/lib/generators/rockstart/storage/postgres/postgres_generator.rb +20 -0
- data/lib/generators/rockstart/{postgres → storage/postgres}/templates/config/database.yml.tt +6 -0
- data/lib/generators/rockstart/{postgres → storage/postgres}/templates/migration.rb.tt +0 -0
- data/lib/generators/rockstart/storage/storage_generator.rb +26 -0
- data/lib/generators/rockstart/testing/USAGE +9 -0
- data/lib/generators/rockstart/testing/env/USAGE +8 -0
- data/lib/generators/rockstart/testing/env/env_generator.rb +24 -0
- data/lib/generators/rockstart/testing/env/templates/climate_control_helpers_support.rb +14 -0
- data/lib/generators/rockstart/testing/env/templates/dotenv.test.tt +8 -0
- data/lib/generators/rockstart/{rspec → testing/rspec}/USAGE +1 -1
- data/lib/generators/rockstart/testing/rspec/rspec_generator.rb +52 -0
- data/lib/generators/rockstart/{rspec → testing/rspec}/templates/support/factory_bot.rb +0 -0
- data/lib/generators/rockstart/{rspec → testing/rspec}/templates/support/shoulda_matchers.rb +0 -0
- data/lib/generators/rockstart/{rspec → testing/rspec}/templates/support/test_helpers.rb +0 -0
- data/lib/generators/rockstart/testing/rspec/templates/support/vcr.rb +11 -0
- data/lib/generators/rockstart/testing/simplecov/USAGE +9 -0
- data/lib/generators/rockstart/testing/simplecov/simplecov_generator.rb +11 -0
- data/lib/generators/rockstart/testing/testing_generator.rb +24 -0
- data/lib/generators/rockstart/workers/USAGE +8 -0
- data/lib/generators/rockstart/workers/sidekiq/USAGE +9 -0
- data/lib/generators/rockstart/workers/sidekiq/sidekiq_generator.rb +29 -0
- data/lib/generators/rockstart/workers/sidekiq/templates/sidekiq.yml.tt +5 -0
- data/lib/generators/rockstart/workers/sidekiq/templates/sidekiq_initializer.rb +5 -0
- data/lib/generators/rockstart/workers/workers_generator.rb +18 -0
- data/lib/rockstart/base_generator.rb +4 -5
- data/lib/rockstart/env.rb +3 -1
- data/lib/rockstart/generators/class_option_helpers.rb +154 -0
- data/lib/rockstart/generators/content_security_options.rb +61 -0
- data/lib/rockstart/generators/migration_helpers.rb +30 -0
- data/lib/rockstart/generators/system_helpers.rb +14 -0
- data/lib/rockstart/generators/template_helpers.rb +27 -0
- data/lib/rockstart/version.rb +1 -1
- metadata +212 -83
- data/lib/generators/rockstart/devise/devise_generator.rb +0 -258
- data/lib/generators/rockstart/docker/docker_generator.rb +0 -86
- data/lib/generators/rockstart/docker/templates/docker-compose.yml +0 -47
- data/lib/generators/rockstart/docker/templates/dotenv.docker.tt +0 -4
- data/lib/generators/rockstart/frontend_helpers/USAGE +0 -8
- data/lib/generators/rockstart/frontend_helpers/frontend_helpers_generator.rb +0 -65
- data/lib/generators/rockstart/logging/logging_generator.rb +0 -12
- data/lib/generators/rockstart/logging/templates/rockstart/lograge_initializer.rb +0 -50
- data/lib/generators/rockstart/postgres/postgres_generator.rb +0 -32
- data/lib/generators/rockstart/pundit/pundit_generator.rb +0 -32
- data/lib/generators/rockstart/quality/templates/rubocop.rake +0 -4
- data/lib/generators/rockstart/rspec/rspec_generator.rb +0 -70
- data/lib/generators/rockstart/rspec/templates/dotenv.development +0 -1
- data/lib/generators/rockstart/rspec/templates/dotenv.test +0 -1
- data/lib/generators/rockstart/rspec/templates/rspec_templates/model/model_spec.rb +0 -13
- data/lib/generators/rockstart/scaffold_templates/scaffold_templates_generator.rb +0 -39
- data/lib/generators/rockstart/scaffold_templates/templates/rspec/scaffold/api_request_spec.rb +0 -139
- data/lib/generators/rockstart/scaffold_templates/templates/rspec/scaffold/request_spec.rb +0 -408
- data/lib/generators/rockstart/security/templates/bundler_audit.rake +0 -4
- data/lib/generators/rockstart/smtp_mailer/smtp_mailer_generator.rb +0 -30
- data/lib/generators/rockstart/tailwindcss/USAGE +0 -8
- data/lib/generators/rockstart/tailwindcss/tailwindcss_generator.rb +0 -30
- data/lib/generators/rockstart/tailwindcss/templates/application.css +0 -3
- data/lib/generators/rockstart/tailwindcss/templates/postcss.config.js +0 -32
@@ -0,0 +1,11 @@
|
|
1
|
+
Description:
|
2
|
+
Installs rubocop with configured rules
|
3
|
+
|
4
|
+
Example:
|
5
|
+
rails generate rockstart:quality:rubocop
|
6
|
+
|
7
|
+
This will create:
|
8
|
+
Installs rubocop
|
9
|
+
Adds a rake task for controlling rubocop
|
10
|
+
Generates a default configuration file
|
11
|
+
Builds a rubocop_todo.yml file based off any current violations
|
@@ -0,0 +1,23 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "rockstart/generators/system_helpers"
|
4
|
+
module Rockstart::Quality
|
5
|
+
class RubocopGenerator < Rails::Generators::Base
|
6
|
+
include Rockstart::Generators::SystemHelpers
|
7
|
+
|
8
|
+
source_root File.expand_path("templates", __dir__)
|
9
|
+
|
10
|
+
def add_default_configuration
|
11
|
+
copy_file "rubocop.yml", ".rubocop.yml"
|
12
|
+
end
|
13
|
+
|
14
|
+
def add_rake_task
|
15
|
+
copy_file "rubocop.rake", "lib/tasks/rubocop.rake"
|
16
|
+
end
|
17
|
+
|
18
|
+
# Rebuild .rubocop_todo.yml, ensuring only existing code is excluded
|
19
|
+
def build_rubocop_todo
|
20
|
+
system! "bundle exec rake rubocop:auto_gen_config"
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
begin
|
4
|
+
require "rubocop/rake_task"
|
5
|
+
RuboCop::RakeTask.new
|
6
|
+
rescue LoadError
|
7
|
+
raise "Please install the rubocop-rails gem!!!" unless Rails.env.production?
|
8
|
+
end
|
9
|
+
|
10
|
+
namespace :rubocop do
|
11
|
+
desc "Rebuild rubocop_todo.yml"
|
12
|
+
task :auto_gen_config do
|
13
|
+
require "rubocop"
|
14
|
+
|
15
|
+
cli = RuboCop::CLI.new
|
16
|
+
result = cli.run(["--auto-gen-config", "--exclude-limit", "100"])
|
17
|
+
abort("RuboCop failed!") if result.nonzero?
|
18
|
+
end
|
19
|
+
end
|
File without changes
|
@@ -1,77 +1,25 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
class_option :devise, type: :boolean,
|
7
|
-
desc: "Include Devise support",
|
8
|
-
default: true
|
9
|
-
|
10
|
-
class_option :postgres, type: :boolean,
|
11
|
-
desc: "Include Postgres support",
|
12
|
-
default: Rockstart::Env.postgres_db?
|
13
|
-
|
14
|
-
class_option :pundit, type: :boolean,
|
15
|
-
desc: "Include Pundit support",
|
16
|
-
default: true
|
17
|
-
|
18
|
-
def generate_logging
|
19
|
-
generate "rockstart:logging"
|
20
|
-
end
|
21
|
-
|
22
|
-
def generate_rspec
|
23
|
-
generate "rockstart:rspec"
|
24
|
-
end
|
25
|
-
|
26
|
-
def generate_postgres
|
27
|
-
return unless options[:postgres]
|
28
|
-
|
29
|
-
generate "rockstart:postgres"
|
30
|
-
end
|
31
|
-
|
32
|
-
def generate_smtp_mailer
|
33
|
-
generate "rockstart:smtp_mailer"
|
34
|
-
end
|
3
|
+
require "rockstart/generators/class_option_helpers"
|
4
|
+
require "rockstart/generators/content_security_options"
|
35
5
|
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
def generate_devise
|
41
|
-
return unless options[:devise]
|
42
|
-
|
43
|
-
generate "rockstart:devise", pundit_option
|
44
|
-
end
|
45
|
-
|
46
|
-
def generate_pundit
|
47
|
-
return unless options[:pundit]
|
48
|
-
|
49
|
-
generate "rockstart:pundit"
|
50
|
-
end
|
51
|
-
|
52
|
-
def generate_security
|
53
|
-
generate "rockstart:security"
|
54
|
-
end
|
55
|
-
|
56
|
-
def generate_docker
|
57
|
-
generate "rockstart:docker", postgres_option, devise_option
|
58
|
-
end
|
6
|
+
class RockstartGenerator < Rails::Generators::Base
|
7
|
+
include Rockstart::Generators::ClassOptionHelpers
|
8
|
+
include Rockstart::Generators::ContentSecurityOptions
|
59
9
|
|
60
|
-
|
61
|
-
generate "rockstart:quality"
|
62
|
-
end
|
10
|
+
desc "The quickest way for getting Rails Ready to Rock!"
|
63
11
|
|
64
|
-
|
12
|
+
all_class_options
|
65
13
|
|
66
|
-
def
|
67
|
-
|
14
|
+
def add_rebuid_script
|
15
|
+
generate "rockstart:development:rebuild", *all_class_options, *content_security_options
|
68
16
|
end
|
69
17
|
|
70
|
-
def
|
71
|
-
|
18
|
+
def install_all_gems
|
19
|
+
generate "rockstart:gemset", *all_class_options, *content_security_options
|
72
20
|
end
|
73
21
|
|
74
|
-
def
|
75
|
-
|
22
|
+
def run_rockstart_generators
|
23
|
+
generate "rockstart:run", *all_class_options, *content_security_options
|
76
24
|
end
|
77
25
|
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
Description:
|
2
|
+
Runs all rockstart generators without installing gems
|
3
|
+
|
4
|
+
Example:
|
5
|
+
rails generate rockstart:run
|
6
|
+
|
7
|
+
This will run the core rockstart generators:
|
8
|
+
rockstart:development
|
9
|
+
rockstart:testing
|
10
|
+
rockstart:storage
|
11
|
+
rockstart:mailers
|
12
|
+
rockstart:frontend_app
|
13
|
+
rockstart:authorization
|
14
|
+
rockstart:monitoring
|
15
|
+
rockstart:security
|
16
|
+
rockstart:deployment
|
17
|
+
rockstart:quality
|
@@ -0,0 +1,73 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "rockstart/generators/class_option_helpers"
|
4
|
+
require "rockstart/generators/content_security_options"
|
5
|
+
|
6
|
+
class Rockstart::RunGenerator < Rails::Generators::Base
|
7
|
+
include Rockstart::Generators::ClassOptionHelpers
|
8
|
+
include Rockstart::Generators::ContentSecurityOptions
|
9
|
+
|
10
|
+
all_class_options
|
11
|
+
|
12
|
+
def setup_development_environment
|
13
|
+
generate "rockstart:development",
|
14
|
+
auth0_option,
|
15
|
+
devise_option,
|
16
|
+
postgres_option,
|
17
|
+
pundit_option
|
18
|
+
end
|
19
|
+
|
20
|
+
def generate_testing
|
21
|
+
generate "rockstart:testing", auth0_option, devise_option
|
22
|
+
end
|
23
|
+
|
24
|
+
def generate_storage
|
25
|
+
generate "rockstart:storage", memcached_option, postgres_option
|
26
|
+
end
|
27
|
+
|
28
|
+
def generate_mailers
|
29
|
+
generate "rockstart:mailers"
|
30
|
+
end
|
31
|
+
|
32
|
+
def generate_workers
|
33
|
+
generate "rockstart:workers", devise_option, sidekiq_option
|
34
|
+
end
|
35
|
+
|
36
|
+
def generate_frontend_app
|
37
|
+
return unless frontend?
|
38
|
+
|
39
|
+
generate "rockstart:frontend_app"
|
40
|
+
end
|
41
|
+
|
42
|
+
def generate_authorization
|
43
|
+
generate "rockstart:authorization", auth0_option, devise_option, pundit_option
|
44
|
+
end
|
45
|
+
|
46
|
+
def generate_monitoring
|
47
|
+
generate "rockstart:monitoring",
|
48
|
+
auth0_option,
|
49
|
+
devise_option,
|
50
|
+
memcached_option,
|
51
|
+
rollbar_option,
|
52
|
+
sidekiq_option
|
53
|
+
end
|
54
|
+
|
55
|
+
def generate_security
|
56
|
+
generate "rockstart:security", devise_option, rollbar_option, *content_security_options
|
57
|
+
end
|
58
|
+
|
59
|
+
def generate_deployment
|
60
|
+
generate "rockstart:deployment",
|
61
|
+
auth0_option,
|
62
|
+
devise_option,
|
63
|
+
frontend_option,
|
64
|
+
memcached_option,
|
65
|
+
postgres_option,
|
66
|
+
rollbar_option,
|
67
|
+
sidekiq_option
|
68
|
+
end
|
69
|
+
|
70
|
+
def generate_quality
|
71
|
+
generate "rockstart:quality"
|
72
|
+
end
|
73
|
+
end
|
@@ -0,0 +1,15 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Rockstart::Security
|
4
|
+
class BrakemanGenerator < Rails::Generators::Base
|
5
|
+
source_root File.expand_path("templates", __dir__)
|
6
|
+
|
7
|
+
def add_rake_tasks
|
8
|
+
copy_file "brakeman.rake", "lib/tasks/brakeman.rake"
|
9
|
+
end
|
10
|
+
|
11
|
+
def add_output_to_gitignore
|
12
|
+
append_to_file ".gitignore", "brakeman\n"
|
13
|
+
end
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,11 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Rockstart::Security
|
4
|
+
class BundlerAuditGenerator < Rails::Generators::Base
|
5
|
+
source_root File.expand_path("templates", __dir__)
|
6
|
+
|
7
|
+
def add_rake_task
|
8
|
+
copy_file "bundler_audit.rake", "lib/tasks/bundler_audit.rake"
|
9
|
+
end
|
10
|
+
end
|
11
|
+
end
|
@@ -0,0 +1,14 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
namespace :bundle do
|
4
|
+
task :audit do
|
5
|
+
require "bundler/audit/cli"
|
6
|
+
|
7
|
+
IGNORE_LIST = [
|
8
|
+
"CVE-2015-9284" # Using POST for OAuth
|
9
|
+
].freeze
|
10
|
+
|
11
|
+
Bundler::Audit::CLI.start ["update"]
|
12
|
+
Bundler::Audit::CLI.start ["check", "--ignore", IGNORE_LIST.join(",")]
|
13
|
+
end
|
14
|
+
end
|
@@ -0,0 +1,41 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "rockstart/generators/class_option_helpers"
|
4
|
+
require "rockstart/generators/content_security_options"
|
5
|
+
require "rockstart/generators/template_helpers"
|
6
|
+
|
7
|
+
module Rockstart::Security
|
8
|
+
class ContentSecurityGenerator < Rails::Generators::Base
|
9
|
+
include Rockstart::Generators::ClassOptionHelpers
|
10
|
+
include Rockstart::Generators::ContentSecurityOptions
|
11
|
+
include Rockstart::Generators::TemplateHelpers
|
12
|
+
|
13
|
+
source_root File.expand_path("templates", __dir__)
|
14
|
+
|
15
|
+
class_option :session_name, type: :string,
|
16
|
+
desc: "Name used for Rails Sessions",
|
17
|
+
default: Rockstart::Env.default_session_name
|
18
|
+
|
19
|
+
rollbar_class_option
|
20
|
+
|
21
|
+
def add_initializer
|
22
|
+
initializer_template "content_security_policy"
|
23
|
+
end
|
24
|
+
|
25
|
+
def configure_session_store
|
26
|
+
initializer_template "session_store"
|
27
|
+
end
|
28
|
+
|
29
|
+
def add_csp_violations_controller
|
30
|
+
template "csp_violations_controller.rb.tt", "app/controllers/csp_violations_controller.rb"
|
31
|
+
route "resources :csp_violations, only: [:create]"
|
32
|
+
template "content_security_spec.rb.tt", "spec/requests/content_security_spec.rb"
|
33
|
+
end
|
34
|
+
|
35
|
+
private
|
36
|
+
|
37
|
+
def session_name
|
38
|
+
options[:session_name]
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
@@ -14,7 +14,7 @@ csp_script_sources = <%= script_hosts.inspect %>
|
|
14
14
|
csp_style_sources = <%= style_hosts.inspect %>
|
15
15
|
|
16
16
|
# Allow the asset host to serve assets
|
17
|
-
if (asset_host =
|
17
|
+
if (asset_host = ENV["ASSET_HOST"].presence)
|
18
18
|
csp_font_sources.append(asset_host)
|
19
19
|
csp_image_sources.append(asset_host)
|
20
20
|
csp_script_sources.append(asset_host)
|
@@ -31,7 +31,7 @@ Rails.application.config.content_security_policy do |policy|
|
|
31
31
|
policy.default_src :none
|
32
32
|
policy.connect_src :self, *csp_connect_sources
|
33
33
|
policy.font_src :self, *csp_font_sources
|
34
|
-
policy.img_src :self, :data, *csp_image_sources
|
34
|
+
policy.img_src :self, :data, :https, *csp_image_sources
|
35
35
|
policy.object_src :none
|
36
36
|
policy.script_src :self, *csp_script_sources
|
37
37
|
policy.style_src :self, *csp_style_sources
|
@@ -6,18 +6,17 @@ RSpec.describe "ContentSecurity", type: :request do
|
|
6
6
|
describe "HTTP Headers" do
|
7
7
|
context "after sign in" do
|
8
8
|
before do
|
9
|
-
|
10
|
-
post user_session_path params: { user: { email: user.email, password: user.password } }
|
9
|
+
sign_in create(:user)
|
11
10
|
end
|
12
11
|
|
13
12
|
it "includes all expected secure headers", :aggregate_failures do
|
13
|
+
get url_for_user_dashboard
|
14
|
+
|
14
15
|
# Cookies
|
15
16
|
session_cookie = cookies.get_cookie("<%= session_name %>")
|
16
17
|
expect(session_cookie).to be_http_only
|
17
18
|
expect(session_cookie.to_h["SameSite"]).to eq("Lax")
|
18
19
|
|
19
|
-
follow_redirect!
|
20
|
-
|
21
20
|
# Security Headers
|
22
21
|
expect(response.headers["X-Frame-Options"]).to eq "SAMEORIGIN"
|
23
22
|
expect(response.headers["X-XSS-Protection"]).to eq "1; mode=block"
|
@@ -28,15 +27,15 @@ RSpec.describe "ContentSecurity", type: :request do
|
|
28
27
|
|
29
28
|
# Content Security Policy
|
30
29
|
content_security_policy = response.headers["Content-Security-Policy"]
|
31
|
-
expect(content_security_policy).to have_content("default-src 'none'")
|
32
|
-
expect(content_security_policy).to have_content("connect-src 'self'")
|
33
|
-
expect(content_security_policy).to have_content("font-src 'self'<% if font_hosts.any? %> <%= font_hosts.join(' ') %><% end
|
34
|
-
expect(content_security_policy).to have_content("img-src 'self' data:<% if image_hosts.any? %> <%= image_hosts.join(' ') %><% end
|
35
|
-
expect(content_security_policy).to have_content("object-src 'none'")
|
36
|
-
expect(content_security_policy).to have_content("script-src 'self'<% if script_hosts.any? %> <%= script_hosts.join(' ') %><% end
|
37
|
-
expect(content_security_policy).to have_content("style-src 'self'<% if style_hosts.any? %> <%= style_hosts.join(' ') %><% end
|
38
|
-
expect(content_security_policy).to have_content("block-all-mixed-content")
|
39
|
-
expect(content_security_policy).to have_content("upgrade-insecure-requests")
|
30
|
+
expect(content_security_policy).to have_content("default-src 'none';")
|
31
|
+
expect(content_security_policy).to have_content("connect-src 'self';")
|
32
|
+
expect(content_security_policy).to have_content("font-src 'self'<% if font_hosts.any? %> <%= font_hosts.join(' ') %><% end %>;")
|
33
|
+
expect(content_security_policy).to have_content("img-src 'self' data: https:<% if image_hosts.any? %> <%= image_hosts.join(' ') %><% end %>;")
|
34
|
+
expect(content_security_policy).to have_content("object-src 'none';")
|
35
|
+
expect(content_security_policy).to have_content("script-src 'self'<% if script_hosts.any? %> <%= script_hosts.join(' ') %><% end %>;")
|
36
|
+
expect(content_security_policy).to have_content("style-src 'self'<% if style_hosts.any? %> <%= style_hosts.join(' ') %><% end %>;")
|
37
|
+
expect(content_security_policy).to have_content("block-all-mixed-content;")
|
38
|
+
expect(content_security_policy).to have_content("upgrade-insecure-requests;")
|
40
39
|
expect(content_security_policy).to have_content("report-uri /csp_violations")
|
41
40
|
|
42
41
|
# Content Security Policy should not require any unsafe exceptions
|
@@ -10,19 +10,29 @@ class CspViolationsController < ApplicationController
|
|
10
10
|
report = report_base["csp-report"]
|
11
11
|
message = build_content_security_message(report)
|
12
12
|
|
13
|
-
|
14
|
-
|
13
|
+
log_csp_report_violation(message)
|
14
|
+
<% if rollbar? -%>
|
15
|
+
Rollbar.warning("csp-violation", message) unless ENV["ROLLBAR_ACCESS_TOKEN"].blank?
|
16
|
+
<% end -%>
|
15
17
|
end
|
16
18
|
head :ok
|
17
19
|
end
|
18
20
|
|
19
21
|
private
|
20
22
|
|
23
|
+
def log_csp_report_violation(message)
|
24
|
+
# Post message using Lograge format
|
25
|
+
Rails.logger.warn message.merge(
|
26
|
+
"@timestamp" => ::Time.now.utc,
|
27
|
+
type: "csp-report",
|
28
|
+
request_id: request.request_id,
|
29
|
+
user_agent: request.headers["User-Agent"]
|
30
|
+
).to_json
|
31
|
+
end
|
32
|
+
|
21
33
|
# rubocop:disable Metrics/AbcSize, Metrics/MethodLength
|
22
34
|
def build_content_security_message(report)
|
23
35
|
{
|
24
|
-
"@timestamp" => ::Time.now.utc,
|
25
|
-
type: "csp-report",
|
26
36
|
blocked_uri: report["blocked-uri"].try(:downcase),
|
27
37
|
disposition: report["disposition"].try(:downcase),
|
28
38
|
document_uri: report["document-uri"],
|
@@ -30,8 +40,6 @@ class CspViolationsController < ApplicationController
|
|
30
40
|
violated_directive: report["violated-directive"].try(:downcase),
|
31
41
|
referrer: report["referrer"].try(:downcase),
|
32
42
|
status_code: (report["status-code"].presence || 0).to_i,
|
33
|
-
request_id: request.request_id,
|
34
|
-
user_agent: request.headers["User-Agent"],
|
35
43
|
raw_report: report
|
36
44
|
}
|
37
45
|
end
|