roro 0.3.18 → 0.3.21
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/.circleci/config.yml +12 -6
- data/lib/roro.rb +1 -0
- data/lib/roro/cli/generate/exposed.rb +1 -1
- data/lib/roro/cli/generate/keys.rb +2 -2
- data/lib/roro/cli/generate/obfuscated.rb +4 -4
- data/lib/roro/cli/rollon.rb +1 -1
- data/lib/roro/crypto.rb +73 -0
- data/lib/roro/version.rb +1 -1
- data/roro.gemspec +2 -11
- data/roro/containers/app/Dockerfile +51 -0
- metadata +19 -18
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 43e30bd9aa551984852307e9c258049546a167e89aaab22e3f8b7256cec22a23
|
|
4
|
+
data.tar.gz: 790ad729852cf34c8bbdfa6499ab325f399334d1df2c385d20e7ae5757dcd707
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4de76d1807c627790a721e968e458bcff335d9a972b8b496d5a1dfc494c8b750332eae75411dc689482bb3e60fab44319fa46cc95c63547cedfa5c849e527ce5
|
|
7
|
+
data.tar.gz: b7f2647884d116fc849431070829e2806f244771580a532f57e65cabbf17d856bf209d76e425eee28e370eee90ef6d10f0ab8de10998503bc058da846387bb78
|
data/.circleci/config.yml
CHANGED
|
@@ -14,8 +14,14 @@ defaults: &defaults
|
|
|
14
14
|
major_only: &major_only
|
|
15
15
|
filters:
|
|
16
16
|
branches:
|
|
17
|
-
only: master
|
|
18
|
-
|
|
17
|
+
only: master
|
|
18
|
+
|
|
19
|
+
release: &release
|
|
20
|
+
filters:
|
|
21
|
+
branches:
|
|
22
|
+
only: release
|
|
23
|
+
|
|
24
|
+
|
|
19
25
|
version: 2.1
|
|
20
26
|
|
|
21
27
|
executors:
|
|
@@ -79,7 +85,9 @@ workflows:
|
|
|
79
85
|
|
|
80
86
|
build-cli:
|
|
81
87
|
jobs:
|
|
82
|
-
- build
|
|
88
|
+
- build:
|
|
89
|
+
<<: *major_only
|
|
90
|
+
<<: *release
|
|
83
91
|
- test-rollon-rails:
|
|
84
92
|
<<: *major_only
|
|
85
93
|
- test:
|
|
@@ -88,6 +96,4 @@ workflows:
|
|
|
88
96
|
- release:
|
|
89
97
|
requires:
|
|
90
98
|
- build
|
|
91
|
-
|
|
92
|
-
branches:
|
|
93
|
-
only: release
|
|
99
|
+
<<: *release
|
data/lib/roro.rb
CHANGED
|
@@ -45,7 +45,7 @@ module Roro
|
|
|
45
45
|
def gather_environments
|
|
46
46
|
environments = []
|
|
47
47
|
['.env', '.env.enc'].each do |extension|
|
|
48
|
-
|
|
48
|
+
Roro::Crypto.source_files('roro', extension).each do |env_file|
|
|
49
49
|
environments << env_file.split('/').last.split(extension).last
|
|
50
50
|
end
|
|
51
51
|
end
|
|
@@ -54,7 +54,7 @@ module Roro
|
|
|
54
54
|
|
|
55
55
|
def confirm_files_decrypted?(environment)
|
|
56
56
|
orphan_encrypted = []
|
|
57
|
-
|
|
57
|
+
Roro::Crypto.source_files('.', '.env.enc').each do |file|
|
|
58
58
|
unless File.exist? file.split('.enc').first
|
|
59
59
|
orphan_encrypted << file
|
|
60
60
|
end
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
require '
|
|
1
|
+
require 'roro/crypto'
|
|
2
2
|
|
|
3
3
|
module Roro
|
|
4
4
|
|
|
@@ -6,11 +6,11 @@ module Roro
|
|
|
6
6
|
|
|
7
7
|
desc "generate::obfuscated", "obfuscates any files matching the pattern ./roro/**/*.env"
|
|
8
8
|
map "generate::obfuscated" => "generate_obfuscated"
|
|
9
|
-
|
|
10
|
-
def generate_obfuscated(*args)
|
|
9
|
+
|
|
10
|
+
def generate_obfuscated(*args)
|
|
11
11
|
environments = args.first ? [args.first] : gather_environments
|
|
12
12
|
environments.each do |environment|
|
|
13
|
-
|
|
13
|
+
Roro::Crypto.obfuscate(environment, 'roro')
|
|
14
14
|
end
|
|
15
15
|
end
|
|
16
16
|
end
|
data/lib/roro/cli/rollon.rb
CHANGED
|
@@ -4,7 +4,7 @@ module Roro
|
|
|
4
4
|
class << self
|
|
5
5
|
private
|
|
6
6
|
def shared_options!
|
|
7
|
-
method_option :omakase,
|
|
7
|
+
method_option :omakase, desc: "Use the Roro setup with some configuring. 'Omakase' translates as 'I'll leave it up to you.'", aliases: ['-d', '--default']
|
|
8
8
|
method_option :fatsutofodo, desc: 'Use the Roro setup without having to think.', aliases: ['-f', '--fast']
|
|
9
9
|
method_option :okonomi, desc: "Use Roro how you like. 'Okonomi' has the opposite meaning of omakase.", aliases: ['-i', '--interactive']
|
|
10
10
|
end
|
data/lib/roro/crypto.rb
ADDED
|
@@ -0,0 +1,73 @@
|
|
|
1
|
+
require "openssl"
|
|
2
|
+
require "base64"
|
|
3
|
+
module Roro::Crypto
|
|
4
|
+
|
|
5
|
+
class << self
|
|
6
|
+
|
|
7
|
+
def generate_key
|
|
8
|
+
@cipher = OpenSSL::Cipher.new 'AES-128-CBC'
|
|
9
|
+
@salt = '8 octets'
|
|
10
|
+
@new_key = @cipher.random_key
|
|
11
|
+
Base64.encode64(@new_key)
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
def write_to_file(data, filename)
|
|
15
|
+
File.open(filename, "w") { |io| io.write data }
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
def generate_key_file(directory, environment)
|
|
19
|
+
write_to_file(generate_key, directory + "/" + environment + ".key")
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
def source_files(directory=nil, extension=nil)
|
|
23
|
+
Dir.glob(directory + "/**/*#{extension}")
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
def build_cipher(environment)
|
|
27
|
+
@cipher = OpenSSL::Cipher.new 'AES-128-CBC'
|
|
28
|
+
@salt = '8 octets'
|
|
29
|
+
@pass_phrase = get_key(environment)
|
|
30
|
+
@cipher.encrypt.pkcs5_keyivgen @pass_phrase, @salt
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def encrypt(file, environment=nil)
|
|
34
|
+
environment ||= file.split('.')[-2].split('/').last
|
|
35
|
+
build_cipher(environment)
|
|
36
|
+
encrypted = @cipher.update(File.read file) + @cipher.final
|
|
37
|
+
write_to_file(Base64.encode64(encrypted), file + '.enc')
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
def decrypt(file, environment=nil)
|
|
41
|
+
environment ||= file.split('.')[-3].split('/').last
|
|
42
|
+
build_cipher(environment)
|
|
43
|
+
encrypted = Base64.decode64 File.read(file)
|
|
44
|
+
@cipher.decrypt.pkcs5_keyivgen @pass_phrase, @salt
|
|
45
|
+
decrypted = @cipher.update(encrypted) + @cipher.final
|
|
46
|
+
decrypted_file = file.split('.enc').first
|
|
47
|
+
write_to_file decrypted, decrypted_file
|
|
48
|
+
end
|
|
49
|
+
|
|
50
|
+
def obfuscate(env=nil, dir=nil, ext=nil)
|
|
51
|
+
ext = ext || "#{env}.env"
|
|
52
|
+
source_files(dir, ext).each { |file| encrypt(file, env) }
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
def expose(env=nil, dir=nil, ext=nil)
|
|
56
|
+
ext = ext || "#{env}.env.enc"
|
|
57
|
+
source_files(dir, ext).each { |file| decrypt(file, env) }
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
def get_key(environment, directory=nil)
|
|
61
|
+
env_key = environment.upcase + '_KEY'
|
|
62
|
+
key_file = source_files('./.', "#{directory}/#{environment}.key").first
|
|
63
|
+
case
|
|
64
|
+
when ENV[env_key].nil? && key_file.nil?
|
|
65
|
+
raise DeployKeyError, "No #{env_key} set."
|
|
66
|
+
when ENV[env_key]
|
|
67
|
+
ENV[env_key]
|
|
68
|
+
when File.exist?(key_file)
|
|
69
|
+
File.read(key_file).strip
|
|
70
|
+
end
|
|
71
|
+
end
|
|
72
|
+
end
|
|
73
|
+
end
|
data/lib/roro/version.rb
CHANGED
data/roro.gemspec
CHANGED
|
@@ -14,37 +14,28 @@ Gem::Specification.new do |spec|
|
|
|
14
14
|
spec.homepage = "https://github.com/schadenfred/roro"
|
|
15
15
|
spec.license = "MIT"
|
|
16
16
|
|
|
17
|
-
# Prevent pushing this gem to RubyGems.org. To allow pushes either set the 'allowed_push_host'
|
|
18
|
-
# to allow pushing to a single host or delete this section to allow pushing to any host.
|
|
19
17
|
if spec.respond_to?(:metadata)
|
|
20
|
-
|
|
21
18
|
spec.metadata["homepage_uri"] = spec.homepage
|
|
22
19
|
spec.metadata["source_code_uri"] = "https://github.com/schadenfred/roro"
|
|
23
|
-
|
|
24
20
|
else
|
|
25
21
|
raise "RubyGems 2.0 or newer is required to protect against " \
|
|
26
22
|
"public gem pushes."
|
|
27
23
|
end
|
|
28
24
|
|
|
29
|
-
# Specify which files should be added to the gem when it is released.
|
|
30
|
-
# The `git ls-files -z` loads the files in the RubyGem that have been added into git.
|
|
31
25
|
spec.files = Dir.chdir(File.expand_path('..', __FILE__)) do
|
|
32
26
|
`git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
|
|
33
27
|
end
|
|
34
|
-
|
|
28
|
+
|
|
35
29
|
spec.executables << 'roro'
|
|
36
|
-
# spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
|
37
|
-
# spec.bindir = "exe"
|
|
38
|
-
# spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
|
39
30
|
spec.require_paths = ['lib']
|
|
40
31
|
spec.add_dependency 'gem-release', '~> 2.1'
|
|
41
|
-
spec.add_dependency 'handsome_fencer-crypto', '~> 0.1.9'
|
|
42
32
|
spec.add_dependency 'rake', '~> 13.0', '>= 13.0.1'
|
|
43
33
|
spec.add_dependency 'sshkit', '~> 1.21'
|
|
44
34
|
spec.add_dependency 'thor', '~> 1.0', '>= 1.0.1'
|
|
45
35
|
spec.add_development_dependency 'bundler', '~> 2.1', '>= 2.1.4'
|
|
46
36
|
spec.add_development_dependency 'byebug', '~> 11.1', '>= 11.1.3'
|
|
47
37
|
spec.add_development_dependency 'handsome_fencer-test', '~> 0.2.2'
|
|
38
|
+
spec.add_development_dependency 'readline'
|
|
48
39
|
spec.add_development_dependency 'mocha', '~> 1.11', '>= 1.11.2'
|
|
49
40
|
|
|
50
41
|
end
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
FROM ruby:2.7.0-alpine AS builder
|
|
2
|
+
|
|
3
|
+
LABEL maintainer="your-docker-registry-email using RoRo"
|
|
4
|
+
|
|
5
|
+
# Add basic packages
|
|
6
|
+
RUN apk add --no-cache \
|
|
7
|
+
build-base \
|
|
8
|
+
postgresql-dev \
|
|
9
|
+
git \
|
|
10
|
+
nodejs \
|
|
11
|
+
yarn \
|
|
12
|
+
tzdata \
|
|
13
|
+
file
|
|
14
|
+
|
|
15
|
+
## Set APP_HOME and BUNDLE_PATH as using ENV instructions:
|
|
16
|
+
ENV APP_HOME /usr/src/app/
|
|
17
|
+
ENV BUNDLE_PATH /gems
|
|
18
|
+
|
|
19
|
+
## Create both as directories to make sure they exist:
|
|
20
|
+
RUN mkdir -p ${APP_HOME}
|
|
21
|
+
RUN mkdir ${BUNDLE_PATH}
|
|
22
|
+
|
|
23
|
+
## Tell Docker to create volumes for our workspace and gems
|
|
24
|
+
## so other containers can access them.
|
|
25
|
+
|
|
26
|
+
RUN gem install bundler:2.1.4
|
|
27
|
+
|
|
28
|
+
WORKDIR ${APP_HOME}
|
|
29
|
+
|
|
30
|
+
## Create a Gemfile with just the Rails gem inside:
|
|
31
|
+
RUN echo -e "source 'https://rubygems.org'\ngem 'rails'" > Gemfile
|
|
32
|
+
|
|
33
|
+
## Bundle to install rails:
|
|
34
|
+
RUN bundle install
|
|
35
|
+
|
|
36
|
+
## Use Rails to generate a new app. We'll configure it later.
|
|
37
|
+
RUN bundle exec rails new . \
|
|
38
|
+
--database=postgresql \
|
|
39
|
+
--skip-bundle \
|
|
40
|
+
--skip-webpack-install
|
|
41
|
+
RUN bundle --jobs 4
|
|
42
|
+
RUN bundle exec rails webpacker:install
|
|
43
|
+
RUN bundle exec rails yarn:install
|
|
44
|
+
## Tell docker not to create a layer:
|
|
45
|
+
FROM scratch AS export-stage
|
|
46
|
+
|
|
47
|
+
## Copy the generated files onto the host. Note that because we are in a
|
|
48
|
+
## new container, we don't have access to the previous ${APP_HOME}
|
|
49
|
+
## variable and so we must hard code it as our source:
|
|
50
|
+
COPY --from=builder /usr/src/app/ .
|
|
51
|
+
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: roro
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.21
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- schadenfred
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2021-03-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: gem-release
|
|
@@ -24,20 +24,6 @@ dependencies:
|
|
|
24
24
|
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
26
|
version: '2.1'
|
|
27
|
-
- !ruby/object:Gem::Dependency
|
|
28
|
-
name: handsome_fencer-crypto
|
|
29
|
-
requirement: !ruby/object:Gem::Requirement
|
|
30
|
-
requirements:
|
|
31
|
-
- - "~>"
|
|
32
|
-
- !ruby/object:Gem::Version
|
|
33
|
-
version: 0.1.9
|
|
34
|
-
type: :runtime
|
|
35
|
-
prerelease: false
|
|
36
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
37
|
-
requirements:
|
|
38
|
-
- - "~>"
|
|
39
|
-
- !ruby/object:Gem::Version
|
|
40
|
-
version: 0.1.9
|
|
41
27
|
- !ruby/object:Gem::Dependency
|
|
42
28
|
name: rake
|
|
43
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -146,6 +132,20 @@ dependencies:
|
|
|
146
132
|
- - "~>"
|
|
147
133
|
- !ruby/object:Gem::Version
|
|
148
134
|
version: 0.2.2
|
|
135
|
+
- !ruby/object:Gem::Dependency
|
|
136
|
+
name: readline
|
|
137
|
+
requirement: !ruby/object:Gem::Requirement
|
|
138
|
+
requirements:
|
|
139
|
+
- - ">="
|
|
140
|
+
- !ruby/object:Gem::Version
|
|
141
|
+
version: '0'
|
|
142
|
+
type: :development
|
|
143
|
+
prerelease: false
|
|
144
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
145
|
+
requirements:
|
|
146
|
+
- - ">="
|
|
147
|
+
- !ruby/object:Gem::Version
|
|
148
|
+
version: '0'
|
|
149
149
|
- !ruby/object:Gem::Dependency
|
|
150
150
|
name: mocha
|
|
151
151
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -214,6 +214,7 @@ files:
|
|
|
214
214
|
- lib/roro/configurator/eligibility.rb
|
|
215
215
|
- lib/roro/configurator/okonomi.rb
|
|
216
216
|
- lib/roro/configurator/omakase.rb
|
|
217
|
+
- lib/roro/crypto.rb
|
|
217
218
|
- lib/roro/stories/greenfield.yml
|
|
218
219
|
- lib/roro/stories/greenfield/rails.yml
|
|
219
220
|
- lib/roro/stories/rollon.yml
|
|
@@ -308,6 +309,7 @@ files:
|
|
|
308
309
|
- lib/roro/version.rb
|
|
309
310
|
- roro.gemspec
|
|
310
311
|
- roro/containers/.keep
|
|
312
|
+
- roro/containers/app/Dockerfile
|
|
311
313
|
- roro/containers/ruby_image/Dockerfile
|
|
312
314
|
- roro/containers/ruby_image/ci.env.enc
|
|
313
315
|
- roro/keys/.keep
|
|
@@ -335,8 +337,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
335
337
|
- !ruby/object:Gem::Version
|
|
336
338
|
version: '0'
|
|
337
339
|
requirements: []
|
|
338
|
-
|
|
339
|
-
rubygems_version: 2.6.13
|
|
340
|
+
rubygems_version: 3.1.2
|
|
340
341
|
signing_key:
|
|
341
342
|
specification_version: 4
|
|
342
343
|
summary: Containerization framwork for Ruby on Rails applications.
|