roo_on_rails 1.6.0 → 1.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 86a6e1968fee13a33195ed5cf08d932a4852e3b6
-  data.tar.gz: 4d5aeb9679bdd99c13235f49135bd4128ed9a253
+  metadata.gz: 8adca9db27e5e65ab629420b4d02f4900a9c9629
+  data.tar.gz: e50c1756717e4f484684ae31de1653527ee1b081
 SHA512:
-  metadata.gz: 5c00030e5e763d19b2270f5193aea9c0d678818bd68f3e87236a5fe8d6766d93c35a8e88fbb86c082e7aca02d9fb9b34e4af9e9bf749642303fc1faf25c29d11
-  data.tar.gz: 3ac8b6245abd46a6ff7562b29234b58d5326f15b6cc052574b7aa7232815106b88b915c11fab4bbf65ffa3a5f319a07e112c556470e9124bbd30caeaf8dd7d1a
+  metadata.gz: fc9a1b2dfc35fff8b74f8a749e6f2858ac8c41d7a8d20b012d2d75d107581bc2643ec44ab2c01ec125f1419c92af06cbad55dca42b9eaa08f8487e554c0d62d9
+  data.tar.gz: 3d8545de35da3827a95ba6ad2d74367d662e4d09e5f0b900aaa567cf5f200b61ea0a7ed6f5110e64ccd0e81c82dbc59160ce877010d55a03a38d0540909093b7

data/CHANGELOG.md

@@ -1,8 +1,15 @@
+# v1.7.0 (2017-07-18)
+
+Features:
+
+- Adds check for Papertrail integration (#43)
+
 # v1.6.0 (2017-07-11)
 
 Features:
 
-- Adds check for a `PLAYBOOK.md` file, which should detail how to deal with issues which might occur with the service.
+- Adds check for a `PLAYBOOK.md` file, which should detail how to deal with
+  issues which might occur with the service (#41)
 
 Bug fixes:
 

data/Gemfile

@@ -6,6 +6,7 @@ gemspec
 gem 'guard'
 gem 'guard-rspec'
 gem 'appraisal'
+gem 'webmock'
 
 gem 'pg'
 gem 'sqlite3'

data/README.md

@@ -1,6 +1,35 @@
 ## `roo_on_rails` [![Gem Version](https://badge.fury.io/rb/roo_on_rails.svg)](https://badge.fury.io/rb/roo_on_rails) [![Build Status](https://travis-ci.org/deliveroo/roo_on_rails.svg?branch=master)](https://travis-ci.org/deliveroo/roo_on_rails) [![Code Climate](https://codeclimate.com/repos/58809e664ab8420081007382/badges/3489b7689ab2e0cf5d61/gpa.svg)](https://codeclimate.com/repos/58809e664ab8420081007382/feed)
 
-A gem that makes following our [guidelines](http://deliveroo.engineering/guidelines/services/) easy.
+
+`roo_on_rails` is:
+
+1. A library that extends Rails (as a set of Railties) and auto-configures common
+   dependencies.
+2. A command that checks whether an application's Github repository and Heroku
+   instanciations are compliant.
+
+... packaged into a gem, to make following our
+[guidelines](http://deliveroo.engineering/guidelines/services/) easy.
+
+<!-- START doctoc generated TOC please keep comment here to allow auto update -->
+<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
+**Table of Contents**
+
+- [Installation](#installation)
+- [Usage](#usage)
+- [Library features](#library-features)
+    - [New Relic configuration](#new-relic-configuration)
+    - [Rack middleware](#rack-middleware)
+    - [Database configuration](#database-configuration)
+    - [Sidekiq](#sidekiq)
+    - [HireFire Workers](#hirefire-workers)
+    - [Logging](#logging)
+    - [Google Oauth](#google-oauth)
+- [Command features](#command-features)
+- [Contributing](#contributing)
+- [License](#license)
+
+<!-- END doctoc generated TOC please keep comment here to allow auto update -->
 
 ## Installation
 
@@ -30,25 +59,7 @@ Then re-run your test suite to make sure everything is shipshape.
 
 ## Usage
 
-Run the following from your app's top-level directory:
-
-```
-bundle exec roo_on_rails
-```
-
-This will run a series of checks of your application's setup, as descirbed
-below.
-
-
-## Features
-
-### App validation
-
-Running the `roo_on_rails` script currently checks for:
-
-- compliant Heroku app naming;
-- presence of the Heroku preboot flag;
-- correct Github master branch protection.
+## Configuration and usage
 
 ### New Relic configuration
 
@@ -63,73 +74,63 @@ We enforce configuration of New Relic.
 3. The `NEW_RELIC_APP_NAME` environment variable must be defined
    such that the app will be properly registered in New Relic.
 
-No further configuration is required for production apps as the gem configures our standard settings.
-
-However if you have Heroku's [review apps](https://devcenter.heroku.com/articles/github-integration-review-apps) enabled then you will need to update `app.json` so that it lists `NEW_RELIC_LICENSE_KEY` in the `env` section, so that this key is copied from the parent app (only keys listed here will be created on the review app; either generated, if that is specified, or otherwise copied).
-
-More documentation is available [directly from heroku](https://devcenter.heroku.com/articles/github-integration-review-apps#inheriting-config-vars) but the block below has been helpful in other apps:
-
-```json
-"env": {
-  "NEW_RELIC_LICENSE_KEY": {
-    "description": "The New Relic licence key",
-    "required": true
-  },
-  "NEW_RELIC_APP_NAME": {
-    "description": "The application name to be registered in New Relic",
-    "required": true
-  },
-  "SECRET_KEY_BASE": {
-    "description": "A secret basis for the key which verifies the integrity of signed cookies.",
-    "generator": "secret"
-  },
-  "RACK_ENV": {
-    "description": "The name of the environment for Rack."
-  },
-  "RAILS_ENV": {
-    "description": "The name of the environment for Rails."
-  }
-},
-```
+No further configuration is required for production apps as the gem configures
+our standard settings.
 
 ### Rack middleware
 
 We'll insert the following middlewares into the rails stack:
 
-1. `Rack::Timeout`: sets a timeout for all requests. Use `RACK_SERVICE_TIMEOUT` (default 15) and `RACK_WAIT_TIMEOUT` (default 30) to customise.
+1. `Rack::Timeout`: sets a timeout for all requests. Use `RACK_SERVICE_TIMEOUT`
+   (default 15) and `RACK_WAIT_TIMEOUT` (default 30) to customise.
 2. `Rack::SslEnforcer`: enforces HTTPS.
-3. `Rack::Deflater`: compresses responses from the application, can be disabled with `ROO_ON_RAILS_RACK_DEFLATE` (default: 'YES').
+3. `Rack::Deflater`: compresses responses from the application, can be disabled
+   with `ROO_ON_RAILS_RACK_DEFLATE` (default: 'YES').
+4. Optional middlewares for Google Oauth2 (more below).
 
 ### Database configuration
 
-The database statement timeout will be set to a low value by default. Use `DATABASE_STATEMENT_TIMEOUT` (milliseconds, default 200) to customise.
+The database statement timeout will be set to a low value by default. Use
+`DATABASE_STATEMENT_TIMEOUT` (milliseconds, default 200) to customise.
 
-For database creation and migration (specifically the `db:create`, `db:migrate`, `db:migrate:down` and `db:rollback` tasks) a much higher statement timeout is set by default. Use `MIGRATION_STATEMENT_TIMEOUT` (milliseconds, default 10000) to customise.
+For database creation and migration (specifically the `db:create`, `db:migrate`,
+`db:migrate:down` and `db:rollback` tasks) a much higher statement timeout is
+set by default. Use `MIGRATION_STATEMENT_TIMEOUT` (milliseconds, default 10000)
+to customise.
 
-_Note: This configuration is not supported in Rails 3 and will be skipped. Set statement timeouts directly in the database._
+_Note: This configuration is not supported in Rails 3 and will be skipped. Set
+statement timeouts directly in the database._
 
 ### Sidekiq
 
 When `SIDEKIQ_ENABLED` is set we'll:
 
- - check for the existence of a worker line in your Procfile
- - add SLA style queues to your worker list
- - check for a `HIREFIRE_TOKEN` and if it's set enable SLA based autoscaling
+- check for the existence of a worker line in your Procfile;
+- add SLA style queues to your worker list;
+- check for a `HIREFIRE_TOKEN` and if it's set enable SLA based autoscaling;
 
 The following ENV are available:
 
- - `SIDEKIQ_ENABLED`
- - `SIDEKIQ_THREADS` (default: 25) - Sets sidekiq concurrency value
- - `SIDEKIQ_DATABASE_REAPING_FREQUENCY` (default: 10) - For sidekiq processes the amount of time in seconds rails will wait before attempting to find and recover connections from dead threads
+- `SIDEKIQ_ENABLED`
+- `SIDEKIQ_THREADS` (default: 25) - Sets sidekiq concurrency value
+- `SIDEKIQ_DATABASE_REAPING_FREQUENCY` (default: 10) - For sidekiq processes the
+  amount of time in seconds rails will wait before attempting to find and
+  recover connections from dead threads
 
-### HireFire Workers
+### HireFire (for Sidekiq workers)
 
-When `HIREFIRE_TOKEN` is set an endpoint will be mounted at /hirefire that reports the required worker count as a function of queue latency. By default we add queue names in the style 'within1day', so if we notice an average latency in that queue of more than an set threshold we'll request one more worker. If we notice less than a threshold we'll request one less worker. These settings can be customised via the following ENV variables
+When `HIREFIRE_TOKEN` is set an endpoint will be mounted at `/hirefire` that
+reports the required worker count as a function of queue latency. By default we
+add queue names in the style 'within1day', so if we notice an average latency in
+that queue of more than an set threshold we'll request one more worker. If we
+notice less than a threshold we'll request one less worker. These settings can
+be customised via the following ENV variables
 
- - `WORKER_INCREASE_THRESHOLD` (default 0.5)
- - `WORKER_DECREASE_THRESHOLD` (default 0.1)
+- `WORKER_INCREASE_THRESHOLD` (default 0.5)
+- `WORKER_DECREASE_THRESHOLD` (default 0.1)
 
-When setting the manager up in the HireFire web ui, the following settings must be used:
+When setting the manager up in the HireFire web ui, the following settings must
+be used:
 
 - name: 'worker'
 - type: 'Worker.HireFire.JobQueue'
@@ -138,7 +139,9 @@ When setting the manager up in the HireFire web ui, the following settings must
 
 ### Logging
 
-For clearer and machine-parseable log output, there in an extension to be able to add context to your logs which is output as [logfmt](https://brandur.org/logfmt) key/value pairs after the log message.
+For clearer and machine-parseable log output, there in an extension to be able
+to add context to your logs which is output as
+[logfmt](https://brandur.org/logfmt) key/value pairs after the log message.
 
 ```ruby
 # application.rb
@@ -167,13 +170,68 @@ logger.with(a: 1) { logger.with(b: 2) { logger.info('Stuff') } }
 logger.with(a: 1, b: 2).info('Stuff')
 ```
 
-See the [class documentation](lib/roo_on_rails/context_logging.rb) for further details.
+See the [class documentation](lib/roo_on_rails/context_logging.rb) for further
+details.
+
+### Google Oauth
+
+When `GOOGLE_AUTH_ENABLED` is set to true we'll:
+
+* Inject a `Omniauth` Rack middleware with a pre-configured strategy for Google
+  Oauth2.
+* Onject custom Rack middleare to handle Oauth callback requests.
+* Generate the `config/initializers/google_oauth.rb` file that contains some
+  examples of how to wire in your authentication logic.
+
+To use this functionality, you must:
+
+* Obtain the Oauth2 credentials from Google and configure them in
+  `GOOGLE_AUTH_CLIENT_ID` and `GOOGLE_AUTH_CLIENT_SECRET`.
+* Provide in `GOOGLE_AUTH_ALLOWED_DOMAINS` a comma-separated list of domains, to
+  whitelist the allowed email addresses.
+* Customize the code in the generated Rails initializer to hook into your
+  application's authentication logic.
+* Update your Rails controllers to require authentication, when necessary.
+
+
+## Command features
+
+### Usage
+
+Run the following from your app's top-level directory:
+
+```
+bundle exec roo_on_rails
+```
+
+You will (currently) need to have admin privileges on the
+`roo-dd-bridge-production` application for this to work. This will be addressed
+eventually.
+
+
+### Description
+
+Running the `roo_on_rails` command currently checks for:
+
+- the presence of `PLAYBOOK.md`
+- compliant Heroku app naming;
+- presence of the Heroku preboot flag;
+- correct Github master branch protection;
+- integration with the Heroku-Datadog metrics bridge (for CPU, memory, request
+  throughput data);
+- integration with Papertrail;
+- correct Sidekiq configuration.
+
+The command is designed to fix issues in many cases.
+
 
 ## Contributing
 
-Bug reports and pull requests are welcome on GitHub at https://github.com/deliveroo/roo_on_rails.
+Pull requests are welcome on GitHub at
+`https://github.com/deliveroo/roo_on_rails`.
 
 
 ## License
 
-The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
+The gem is available as open source under the terms of the [MIT
+License](http://opensource.org/licenses/MIT).

data/bin/console

@@ -3,6 +3,11 @@
 require "bundler/setup"
 require "roo_on_rails"
 
+require 'roo_on_rails/environment'
+RooOnRails::Environment.load
+
+require 'roo_on_rails/config'
+
 # You can add fixtures and/or initialization code here to make experimenting
 # with your gem easier. You can also use a different console, if you like.
 

data/gemfiles/.bundle/config

@@ -0,0 +1,2 @@
+---
+BUNDLE_RETRY: "1"

data/gemfiles/rails_3.gemfile

@@ -5,6 +5,7 @@ source "https://rubygems.org"
 gem "guard"
 gem "guard-rspec"
 gem "appraisal"
+gem "webmock"
 gem "pg"
 gem "sqlite3"
 gem "rails", "~> 3.2"

data/gemfiles/rails_3.gemfile.lock

@@ -1,13 +1,16 @@
 PATH
   remote: ..
   specs:
-    roo_on_rails (1.6.0)
+    roo_on_rails (1.7.0)
       dogstatsd-ruby
       dotenv-rails (~> 2.1)
+      faraday
+      faraday_middleware
       hashie (~> 3.4)
       hirefire-resource
       newrelic_rpm
       octokit
+      omniauth-google-oauth2
       platform-api (~> 2.0)
       rack-ssl-enforcer
       rack-timeout
@@ -60,6 +63,8 @@ GEM
     coderay (1.1.1)
     concurrent-ruby (1.0.5)
     connection_pool (2.2.1)
+    crack (0.4.3)
+      safe_yaml (~> 1.0.0)
     diff-lcs (1.3)
     docile (1.1.5)
     dogstatsd-ruby (3.0.0)
@@ -71,6 +76,8 @@ GEM
     excon (0.57.1)
     faraday (0.12.1)
       multipart-post (>= 1.2, < 3)
+    faraday_middleware (0.11.0.1)
+      faraday (>= 0.7.4, < 1.0)
     ffi (1.9.18)
     formatador (0.2.5)
     guard (2.14.1)
@@ -87,7 +94,8 @@ GEM
       guard (~> 2.1)
       guard-compat (~> 1.1)
       rspec (>= 2.99.0, < 4.0)
-    hashie (3.5.5)
+    hashdiff (0.3.4)
+    hashie (3.5.6)
     heroics (0.0.23)
       erubis (~> 2.0)
       excon
@@ -97,6 +105,7 @@ GEM
     i18n (0.8.4)
     journey (1.0.4)
     json (1.8.6)
+    jwt (1.5.6)
     listen (3.1.5)
       rb-fsevent (~> 0.9, >= 0.9.4)
       rb-inotify (~> 0.9, >= 0.9.7)
@@ -110,14 +119,32 @@ GEM
     mime-types (1.25.1)
     moneta (0.8.1)
     multi_json (1.12.1)
+    multi_xml (0.6.0)
     multipart-post (2.0.0)
     nenv (0.3.0)
     newrelic_rpm (4.2.0.334)
     notiffany (0.1.1)
       nenv (~> 0.1)
       shellany (~> 0.0)
+    oauth2 (1.4.0)
+      faraday (>= 0.8, < 0.13)
+      jwt (~> 1.0)
+      multi_json (~> 1.3)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 3)
     octokit (4.7.0)
       sawyer (~> 0.8.0, >= 0.5.3)
+    omniauth (1.4.2)
+      hashie (>= 1.2, < 4)
+      rack (>= 1.0, < 3)
+    omniauth-google-oauth2 (0.5.0)
+      jwt (~> 1.5)
+      multi_json (~> 1.3)
+      omniauth (>= 1.1.1)
+      omniauth-oauth2 (>= 1.3.1)
+    omniauth-oauth2 (1.4.0)
+      oauth2 (~> 1.0)
+      omniauth (~> 1.2)
     pg (0.21.0)
     platform-api (2.1.0)
       heroics (~> 0.0.23)
@@ -178,6 +205,7 @@ GEM
       rspec-support (~> 3.6.0)
     rspec-support (3.6.0)
     ruby_dep (1.5.0)
+    safe_yaml (1.0.4)
     sawyer (0.8.1)
       addressable (>= 2.3.5, < 2.6)
       faraday (~> 0.8, < 1.0)
@@ -206,6 +234,10 @@ GEM
       polyglot (>= 0.3.1)
     tzinfo (0.3.53)
     url (0.3.2)
+    webmock (3.0.1)
+      addressable (>= 2.3.6)
+      crack (>= 0.3.2)
+      hashdiff
 
 PLATFORMS
   ruby
@@ -219,6 +251,7 @@ DEPENDENCIES
   memfs
   pg
   pry-byebug
+  rack-test
   rails (~> 3.2)
   rake (~> 10.0)
   roo_on_rails!
@@ -227,6 +260,7 @@ DEPENDENCIES
   simplecov
   sqlite3
   thor (~> 0.19)
+  webmock
 
 BUNDLED WITH
    1.14.6

data/gemfiles/rails_4.gemfile

@@ -5,6 +5,7 @@ source "https://rubygems.org"
 gem "guard"
 gem "guard-rspec"
 gem "appraisal"
+gem "webmock"
 gem "pg"
 gem "sqlite3"
 gem "rails", "~> 4.2"

data/gemfiles/rails_4.gemfile.lock

@@ -1,13 +1,16 @@
 PATH
   remote: ..
   specs:
-    roo_on_rails (1.6.0)
+    roo_on_rails (1.7.0)
       dogstatsd-ruby
       dotenv-rails (~> 2.1)
+      faraday
+      faraday_middleware
       hashie (~> 3.4)
       hirefire-resource
       newrelic_rpm
       octokit
+      omniauth-google-oauth2
       platform-api (~> 2.0)
       rack-ssl-enforcer
       rack-timeout
@@ -67,6 +70,8 @@ GEM
     coderay (1.1.1)
     concurrent-ruby (1.0.5)
     connection_pool (2.2.1)
+    crack (0.4.3)
+      safe_yaml (~> 1.0.0)
     diff-lcs (1.3)
     docile (1.1.5)
     dogstatsd-ruby (3.0.0)
@@ -78,6 +83,8 @@ GEM
     excon (0.57.1)
     faraday (0.12.1)
       multipart-post (>= 1.2, < 3)
+    faraday_middleware (0.11.0.1)
+      faraday (>= 0.7.4, < 1.0)
     ffi (1.9.18)
     formatador (0.2.5)
     globalid (0.4.0)
@@ -96,7 +103,8 @@ GEM
       guard (~> 2.1)
       guard-compat (~> 1.1)
       rspec (>= 2.99.0, < 4.0)
-    hashie (3.5.5)
+    hashdiff (0.3.4)
+    hashie (3.5.6)
     heroics (0.0.23)
       erubis (~> 2.0)
       excon
@@ -104,6 +112,7 @@ GEM
     hirefire-resource (0.4.2)
     i18n (0.8.4)
     json (2.1.0)
+    jwt (1.5.6)
     listen (3.1.5)
       rb-fsevent (~> 0.9, >= 0.9.4)
       rb-inotify (~> 0.9, >= 0.9.7)
@@ -122,6 +131,7 @@ GEM
     minitest (5.10.2)
     moneta (0.8.1)
     multi_json (1.12.1)
+    multi_xml (0.6.0)
     multipart-post (2.0.0)
     nenv (0.3.0)
     newrelic_rpm (4.2.0.334)
@@ -130,8 +140,25 @@ GEM
     notiffany (0.1.1)
       nenv (~> 0.1)
       shellany (~> 0.0)
+    oauth2 (1.4.0)
+      faraday (>= 0.8, < 0.13)
+      jwt (~> 1.0)
+      multi_json (~> 1.3)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 3)
     octokit (4.7.0)
       sawyer (~> 0.8.0, >= 0.5.3)
+    omniauth (1.6.1)
+      hashie (>= 3.4.6, < 3.6.0)
+      rack (>= 1.6.2, < 3)
+    omniauth-google-oauth2 (0.5.0)
+      jwt (~> 1.5)
+      multi_json (~> 1.3)
+      omniauth (>= 1.1.1)
+      omniauth-oauth2 (>= 1.3.1)
+    omniauth-oauth2 (1.4.0)
+      oauth2 (~> 1.0)
+      omniauth (~> 1.2)
     pg (0.21.0)
     platform-api (2.1.0)
       heroics (~> 0.0.23)
@@ -194,6 +221,7 @@ GEM
       rspec-support (~> 3.6.0)
     rspec-support (3.6.0)
     ruby_dep (1.5.0)
+    safe_yaml (1.0.4)
     sawyer (0.8.1)
       addressable (>= 2.3.5, < 2.6)
       faraday (~> 0.8, < 1.0)
@@ -222,6 +250,10 @@ GEM
     tzinfo (1.2.3)
       thread_safe (~> 0.1)
     url (0.3.2)
+    webmock (3.0.1)
+      addressable (>= 2.3.6)
+      crack (>= 0.3.2)
+      hashdiff
 
 PLATFORMS
   ruby
@@ -235,6 +267,7 @@ DEPENDENCIES
   memfs
   pg
   pry-byebug
+  rack-test
   rails (~> 4.2)
   rake (~> 10.0)
   roo_on_rails!
@@ -242,6 +275,7 @@ DEPENDENCIES
   simplecov
   sqlite3
   thor (~> 0.19)
+  webmock
 
 BUNDLED WITH
    1.14.6