travis 1.6.18.travis.596.5 → 1.6.18.travis.604.5

data/lib/travis/cli.rb

@@ -24,6 +24,7 @@ module Travis
     autoload :Disable,      'travis/cli/disable'
     autoload :Enable,       'travis/cli/enable'
     autoload :Encrypt,      'travis/cli/encrypt'
+    autoload :EncryptFile,  'travis/cli/encrypt_file'
     autoload :Endpoint,     'travis/cli/endpoint'
     autoload :Env,          'travis/cli/env'
     autoload :Help,         'travis/cli/help'
@@ -65,7 +66,7 @@ module Travis
 
     def command(name)
       const_name = command_name(name)
-      constant   = CLI.const_get(const_name) if const_name =~ /^[A-Z][a-z]+$/ and const_defined? const_name
+      constant   = CLI.const_get(const_name) if const_name =~ /^[A-Z][A-Za-z]+$/ and const_defined? const_name
       if command? constant
         constant
       else
@@ -108,7 +109,7 @@ module Travis
         when nil, '-h', '-?' then 'Help'
         when '-v'            then 'Version'
         when /^--/           then command_name(name[2..-1])
-        else name.to_s.capitalize
+        else name.split('-').map(&:capitalize).join
         end
       end
 

data/lib/travis/cli/command.rb

@@ -47,7 +47,7 @@ module Travis
       on('--skip-completion-check', "don't check if auto-completion is set up")
 
       def self.command_name
-        name[/[^:]*$/].downcase
+        name[/[^:]*$/].split(/(?=[A-Z])/).map(&:downcase).join('-')
       end
 
       @@abstract ||= [Command] # ignore the man behind the courtains!
@@ -388,6 +388,17 @@ module Travis
           agree(color("DANGER ZONE: ", [:red, :bold]) << message << " ") { |q| q.default = "no" }
         end
 
+        def write_file(file, content, force = false)
+          error "#{file} already exists" unless write_file?(file, force)
+          File.write(file, content)
+        end
+
+        def write_file?(file, force)
+          return true if force or not File.exist?(file)
+          return false unless interactive?
+          danger_zone? "Override existing #{color(file, :info)}?"
+        end
+
         def wrong_args(quantity)
           error "too #{quantity} arguments" do
             say help

data/lib/travis/cli/encrypt_file.rb

@@ -0,0 +1,140 @@
+# encoding: utf-8
+require 'travis/cli'
+require 'travis/tools/system'
+
+require 'securerandom'
+require 'openssl'
+require 'digest'
+require 'shellwords'
+
+module Travis
+  module CLI
+    class EncryptFile < RepoCommand
+      attr_accessor :stage
+      description 'encrypts a file and adds decryption steps to .travis.yml'
+      on '-K', '--key KEY', 'encryption key to be used (randomly generated otherwise)'
+      on '--iv IV', 'encryption IV to be used (randomly generated otherwise)'
+      on '-d', '--decrypt', 'decrypt the file instead of encrypting it, requires key and iv'
+      on '-f', '--force', 'override output file if it exists'
+      on '-p', '--print-key', 'print (possibly generated) key and iv'
+      on '-w', '--decrypt-to PATH', 'where to write the decrypted file to on the Travis CI VM'
+      on '-a', '--add [STAGE]', 'automatically add command to .travis.yml (default stage is before_install)' do |c, stage|
+        c.stage = stage || 'before_install'
+      end
+
+      def run(input_path, output_path = nil)
+        self.decrypt_to ||= decrypt_to_for(input_path)
+        output_path     ||= File.basename(output_path_for(input_path))
+        self.output       = $stdout.tty? ? StringIO.new : $stderr if output_path == '-'
+        result            = transcode(input_path)
+
+        if output_path == '-'
+          $stdout.puts result
+        else
+          say "storing result as #{color(output_path, :info)}"
+          write_file(output_path, result, force)
+          return if decrypt?
+
+          error "requires --decrypt-to option when reading from stdin" unless decrypt_to?
+
+          set_env_vars
+
+          command = decrypt_command(output_path)
+          stage ? store_command(command) : print_command(command)
+
+          notes(input_path, output_path)
+        end
+      end
+
+      def setup
+        super
+        self.key        ||= SecureRandom.hex(32) unless decrypt?
+        self.iv         ||= SecureRandom.hex(16) unless decrypt?
+        error "key must be 64 characters long and a valid hex number" unless key =~ /^[a-f0-9]{64}$/
+        error "iv must be 32 characters long and a valid hex number"  unless iv  =~ /^[a-f0-9]{32}$/
+      end
+
+      def print_command(command)
+        empty_line
+        say command, template(__FILE__)
+      end
+
+      def store_command(command)
+        travis_config[stage] = Array(travis_config[stage])
+        travis_config[stage].delete(command)
+        travis_config[stage].unshift(command)
+        save_travis_config
+      end
+
+      def decrypt_command(path)
+        "openssl aes-256-cbc -K $#{env_name(:key)} -iv $#{env_name(:iv)} -in #{escape_path(path)} -out #{escape_path(decrypt_to)} -d"
+      end
+
+      def set_env_vars
+        say "storing secure env variables for decryption"
+        repository.env_vars.upsert env_name(:key), key, :public => false
+        repository.env_vars.upsert env_name(:iv),  iv,  :public => false
+      end
+
+      def env_name(name)
+        @env_prefix ||= "encrypted_#{Digest.hexencode(Digest::SHA1.digest(Dir.pwd)[0..5])}"
+        "#{@env_prefix}_#{name}"
+      end
+
+      def notes(input_path, output_path)
+        say "\nkey: #{color(key, :info)}\niv:  #{color(iv,  :info)}" if print_key?
+        empty_line
+        say "Make sure to add #{color(output_path, :info)} to the git repository."
+        say "Make sure #{color("not", :underline)} to add #{color(input_path, :info)} to the git repository." if input_path != '-'
+        say "Commit all changes to your #{color('.travis.yml', :info)}."
+      end
+
+      def transcode(input_path)
+        description = "stdin#{' (waiting for input)' if $stdin.tty?}" if input_path == '-'
+        say "#{decrypt ? "de" : "en"}crypting #{color(description || input_path, :info)} for #{color(slug, :info)}"
+
+        data     = input_path == '-' ? $stdin.read : File.binread(input_path)
+        aes      = OpenSSL::Cipher.new('AES-256-CBC')
+        decrypt  ? aes.decrypt : aes.encrypt
+        aes.key  = [key].pack('H*')
+        aes.iv   = [iv].pack('H*')
+
+        aes.update(data) + aes.final
+      end
+
+      def decrypt_to_for(input_path)
+        return if input_path == '-'
+        if input_path.start_with? Dir.home
+          input_path.sub(Dir.home, '~')
+        else
+          input_path
+        end
+      end
+
+      def escape_path(path)
+        Shellwords.escape(path).sub(/^\\~\//, '~\/')
+      end
+
+      def output_path_for(input_path)
+        case input_path
+        when '-'           then return '-'
+        when /^(.+)\.enc$/ then return $1 if     decrypt?
+        when /^(.+)\.dec$/ then return $1 unless decrypt?
+        end
+
+        if interactive? and input_path =~ /(\.enc|\.dec)$/
+          exit 1 unless danger_zone? "File extension of input file is #{color($1, :info)}, are you sure that is correct?"
+        end
+
+        "#{input_path}.#{decrypt ? 'dec' : 'enc'}"
+      end
+    end
+  end
+end
+
+__END__
+Please add the following to your build scirpt (<[[ color('before_install', :info) ]]> stage in your <[[ color('.travis.yml', :info) ]]>, for instance):
+
+    %s
+
+Pro Tip: You can add it automatically by running with <[[ color('--add', :info) ]]>.

data/lib/travis/cli/help.rb

@@ -10,7 +10,7 @@ module Travis
           say CLI.command(command).new.help
         else
           say "Usage: travis COMMAND ...\n\nAvailable commands:\n\n"
-          commands.each { |c| say "\t#{color(c.command_name, :command).ljust(20)} #{color(c.description, :info)}" }
+          commands.each { |c| say "\t#{color(c.command_name, :command).ljust(22)} #{color(c.description, :info)}" }
           say "\nrun `#$0 help COMMAND` for more infos"
         end
       end

data/lib/travis/cli/repo_command.rb

@@ -8,6 +8,10 @@ module Travis
       GIT_REGEX = %r{/?(.*/.+?)(\.git)?$}
       TRAVIS    = %r{^https://(staging-)?api\.travis-ci\.(org|com)}
       on('-r', '--repo SLUG', 'repository to use (will try to detect from current git clone)') { |c, slug| c.slug = slug }
+      on('-R', '--store-repo SLUG', 'like --repo, but remembers value for current directory') do |c, slug|
+        c.slug = slug
+        c.send(:store_slug, slug)
+      end
 
       attr_accessor :slug
       abstract
@@ -52,11 +56,38 @@ module Travis
         end
 
         def find_slug
-          git_head   = `git name-rev --name-only HEAD 2>#{IO::NULL}`.chomp
-          git_remote = `git config --get branch.#{git_head}.remote 2>#{IO::NULL}`.chomp
-          git_remote = 'origin' if git_remote.empty?
-          git_info   = `git config --get remote.#{git_remote}.url 2>#{IO::NULL}`.chomp
-          $1 if Addressable::URI.parse(git_info).path =~ GIT_REGEX
+          load_slug || store_slug(detect_slug)
+        end
+
+        def detect_slug
+          git_head    = `git name-rev --name-only HEAD 2>#{IO::NULL}`.chomp
+          git_remote  = `git config --get branch.#{git_head}.remote 2>#{IO::NULL}`.chomp
+          git_remote  = 'origin' if git_remote.empty?
+          git_info    = `git config --get remote.#{git_remote}.url 2>#{IO::NULL}`.chomp
+
+          if Addressable::URI.parse(git_info).path =~ GIT_REGEX
+            detectected_slug = $1
+            if interactive?
+              if agree("Detected repository as #{color(detectected_slug, :info)}, is this correct? ") { |q| q.default = 'yes' }
+                detectected_slug
+              else
+                ask("Repository slug: ") { |q| q.default = detectected_slug }
+              end
+            else
+              info "detected repository as #{color(detectected_slug, :bold)}"
+              detectected_slug
+            end
+          end
+        end
+
+        def load_slug
+          stored = `git config --get travis.slug`.chomp
+          stored unless stored.empty?
+        end
+
+        def store_slug(value)
+          `git config travis.slug #{value}` if value
+          value
         end
 
         def repo_config

data/travis.gemspec

@@ -115,7 +115,8 @@ Gem::Specification.new do |s|
     "assets/travis.sh",
     "assets/travis.sh.erb",
     "bin/travis",
-    "examples/cli.md",
+    "examples/cli/encrypt_file.md",
+    "examples/cli/private_dependencies.md",
     "examples/org_overview.rb",
     "examples/pro_auth.rb",
     "examples/stream.rb",
@@ -131,6 +132,7 @@ Gem::Specification.new do |s|
     "lib/travis/cli/disable.rb",
     "lib/travis/cli/enable.rb",
     "lib/travis/cli/encrypt.rb",
+    "lib/travis/cli/encrypt_file.rb",
     "lib/travis/cli/endpoint.rb",
     "lib/travis/cli/env.rb",
     "lib/travis/cli/help.rb",

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: travis
 version: !ruby/object:Gem::Version
-  version: 1.6.18.travis.596.5
+  version: 1.6.18.travis.604.5
 platform: ruby
 authors:
 - Konstantin Haase
@@ -39,7 +39,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-07-26 00:00:00.000000000 Z
+date: 2014-07-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -312,7 +312,8 @@ files:
 - assets/travis.sh
 - assets/travis.sh.erb
 - bin/travis
-- examples/cli.md
+- examples/cli/encrypt_file.md
+- examples/cli/private_dependencies.md
 - examples/org_overview.rb
 - examples/pro_auth.rb
 - examples/stream.rb
@@ -328,6 +329,7 @@ files:
 - lib/travis/cli/disable.rb
 - lib/travis/cli/enable.rb
 - lib/travis/cli/encrypt.rb
+- lib/travis/cli/encrypt_file.rb
 - lib/travis/cli/endpoint.rb
 - lib/travis/cli/env.rb
 - lib/travis/cli/help.rb