rollo 0.9.0.pre.1 → 0.9.0.pre.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CODE_OF_CONDUCT.md +13 -12
- data/Gemfile.lock +869 -742
- data/Rakefile +56 -9
- data/lib/rollo/commands/main.rb +2 -2
- data/lib/rollo/model/host_cluster.rb +2 -2
- data/lib/rollo/model/service_cluster.rb +1 -1
- data/lib/rollo/version.rb +1 -1
- data/rollo.gemspec +2 -0
- metadata +30 -2
data/Rakefile
CHANGED
|
@@ -1,19 +1,44 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
-
require 'yaml'
|
|
4
3
|
require 'rake_circle_ci'
|
|
4
|
+
require 'rake_git'
|
|
5
|
+
require 'rake_git_crypt'
|
|
5
6
|
require 'rake_github'
|
|
6
|
-
require 'rake_ssh'
|
|
7
7
|
require 'rake_gpg'
|
|
8
|
-
require '
|
|
8
|
+
require 'rake_ssh'
|
|
9
9
|
require 'rspec/core/rake_task'
|
|
10
10
|
require 'rubocop/rake_task'
|
|
11
|
+
require 'securerandom'
|
|
12
|
+
require 'yaml'
|
|
11
13
|
|
|
12
14
|
task default: %i[
|
|
13
15
|
library:fix
|
|
14
16
|
test:unit
|
|
15
17
|
]
|
|
16
18
|
|
|
19
|
+
RakeGitCrypt.define_standard_tasks(
|
|
20
|
+
namespace: :git_crypt,
|
|
21
|
+
|
|
22
|
+
provision_secrets_task_name: :'secrets:provision',
|
|
23
|
+
destroy_secrets_task_name: :'secrets:destroy',
|
|
24
|
+
|
|
25
|
+
install_commit_task_name: :'git:commit',
|
|
26
|
+
uninstall_commit_task_name: :'git:commit',
|
|
27
|
+
|
|
28
|
+
gpg_user_key_paths: %w[
|
|
29
|
+
config/gpg
|
|
30
|
+
config/secrets/ci/gpg.public
|
|
31
|
+
]
|
|
32
|
+
)
|
|
33
|
+
|
|
34
|
+
namespace :git do
|
|
35
|
+
RakeGit.define_commit_task(
|
|
36
|
+
argument_names: [:message]
|
|
37
|
+
) do |t, args|
|
|
38
|
+
t.message = args.message
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
|
|
17
42
|
namespace :encryption do
|
|
18
43
|
namespace :directory do
|
|
19
44
|
desc 'Ensure CI secrets directory exists.'
|
|
@@ -23,10 +48,12 @@ namespace :encryption do
|
|
|
23
48
|
end
|
|
24
49
|
|
|
25
50
|
namespace :passphrase do
|
|
26
|
-
desc 'Generate encryption passphrase
|
|
51
|
+
desc 'Generate encryption passphrase for CI GPG key'
|
|
27
52
|
task generate: ['directory:ensure'] do
|
|
28
|
-
File.write(
|
|
29
|
-
|
|
53
|
+
File.write(
|
|
54
|
+
'config/secrets/ci/encryption.passphrase',
|
|
55
|
+
SecureRandom.base64(36)
|
|
56
|
+
)
|
|
30
57
|
end
|
|
31
58
|
end
|
|
32
59
|
end
|
|
@@ -56,12 +83,33 @@ namespace :keys do
|
|
|
56
83
|
end
|
|
57
84
|
|
|
58
85
|
namespace :secrets do
|
|
59
|
-
|
|
60
|
-
|
|
86
|
+
namespace :directory do
|
|
87
|
+
desc 'Ensure secrets directory exists and is set up correctly'
|
|
88
|
+
task :ensure do
|
|
89
|
+
FileUtils.mkdir_p('config/secrets')
|
|
90
|
+
unless File.exist?('config/secrets/.unlocked')
|
|
91
|
+
File.write('config/secrets/.unlocked', 'true')
|
|
92
|
+
end
|
|
93
|
+
end
|
|
94
|
+
end
|
|
95
|
+
|
|
96
|
+
desc 'Generate all generatable secrets.'
|
|
97
|
+
task generate: %w[
|
|
61
98
|
encryption:passphrase:generate
|
|
62
99
|
keys:deploy:generate
|
|
63
100
|
keys:secrets:generate
|
|
64
101
|
]
|
|
102
|
+
|
|
103
|
+
desc 'Provision all secrets.'
|
|
104
|
+
task provision: [:generate]
|
|
105
|
+
|
|
106
|
+
desc 'Delete all secrets.'
|
|
107
|
+
task :destroy do
|
|
108
|
+
rm_rf 'config/secrets'
|
|
109
|
+
end
|
|
110
|
+
|
|
111
|
+
desc 'Rotate all secrets.'
|
|
112
|
+
task rotate: [:'git_crypt:reinstall']
|
|
65
113
|
end
|
|
66
114
|
|
|
67
115
|
RuboCop::RakeTask.new
|
|
@@ -121,7 +169,6 @@ end
|
|
|
121
169
|
namespace :pipeline do
|
|
122
170
|
desc 'Prepare CircleCI Pipeline'
|
|
123
171
|
task prepare: %i[
|
|
124
|
-
circle_ci:project:follow
|
|
125
172
|
circle_ci:env_vars:ensure
|
|
126
173
|
circle_ci:checkout_keys:ensure
|
|
127
174
|
circle_ci:ssh_keys:ensure
|
data/lib/rollo/commands/main.rb
CHANGED
data/lib/rollo/version.rb
CHANGED
data/rollo.gemspec
CHANGED
|
@@ -48,6 +48,8 @@ Gem::Specification.new do |spec|
|
|
|
48
48
|
spec.add_development_dependency 'irbtools'
|
|
49
49
|
spec.add_development_dependency 'rake'
|
|
50
50
|
spec.add_development_dependency 'rake_circle_ci'
|
|
51
|
+
spec.add_development_dependency 'rake_git'
|
|
52
|
+
spec.add_development_dependency 'rake_git_crypt'
|
|
51
53
|
spec.add_development_dependency 'rake_github'
|
|
52
54
|
spec.add_development_dependency 'rake_gpg'
|
|
53
55
|
spec.add_development_dependency 'rake_ssh'
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rollo
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.9.0.pre.
|
|
4
|
+
version: 0.9.0.pre.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- InfraBlocks Maintainers
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-10-29 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk
|
|
@@ -164,6 +164,34 @@ dependencies:
|
|
|
164
164
|
- - ">="
|
|
165
165
|
- !ruby/object:Gem::Version
|
|
166
166
|
version: '0'
|
|
167
|
+
- !ruby/object:Gem::Dependency
|
|
168
|
+
name: rake_git
|
|
169
|
+
requirement: !ruby/object:Gem::Requirement
|
|
170
|
+
requirements:
|
|
171
|
+
- - ">="
|
|
172
|
+
- !ruby/object:Gem::Version
|
|
173
|
+
version: '0'
|
|
174
|
+
type: :development
|
|
175
|
+
prerelease: false
|
|
176
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
177
|
+
requirements:
|
|
178
|
+
- - ">="
|
|
179
|
+
- !ruby/object:Gem::Version
|
|
180
|
+
version: '0'
|
|
181
|
+
- !ruby/object:Gem::Dependency
|
|
182
|
+
name: rake_git_crypt
|
|
183
|
+
requirement: !ruby/object:Gem::Requirement
|
|
184
|
+
requirements:
|
|
185
|
+
- - ">="
|
|
186
|
+
- !ruby/object:Gem::Version
|
|
187
|
+
version: '0'
|
|
188
|
+
type: :development
|
|
189
|
+
prerelease: false
|
|
190
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
191
|
+
requirements:
|
|
192
|
+
- - ">="
|
|
193
|
+
- !ruby/object:Gem::Version
|
|
194
|
+
version: '0'
|
|
167
195
|
- !ruby/object:Gem::Dependency
|
|
168
196
|
name: rake_github
|
|
169
197
|
requirement: !ruby/object:Gem::Requirement
|