Before, the `:git_wrapper_path` was a somewhat predictable value and
located in `/tmp` by default, which is world-writable. That meant that
there was a chance (albeit very small) that another process could guess
the path and overwrite it with something malicious.
Fix by randomly generating a path name so that the git wrapper script
location cannot be predicted.
This change should be transparent to capistrano users since the
`:git_wrapper_path` is only intended to be used internally. If you need
a predictable value for this path, set a custom value for
`:git_wrapper_path` in your `deploy.rb` file.
* Prevents last good release from being deleted on cleanup
Issue: 1907
If there are many failed deployments the relese folders will
still be left there and eventually if deploy:cleanup is
executed it will delete the release that is referenced by the
"current" symlink, potentially causing downtime.
That change will prevent the "current release" from ever being
removed during cleanup.
* Link PR on CHANGELOG
* Verify if current dir exists
Check if current release directory exists instead of relying on
exceptions being raised.
* deploy:cleanup should skip only the invalid releases and continue the rotation
of releases
* Add cucumber tests for deploy:cleanup
* PR feedback
* rebase on master
* add ruby 2.4.1 to specs
* vagrant works with bundler 1.15.3
* remove unnecessary command
The `upload!` method does escaping of its own internally, so we don't
need to do anything special there. Likewise environment variables are
already handled. The only place we need to explicitly `shellescape` is
when executing the `chmod` command.
Verify this all works as expected by changing the user in the Cucumber
features to be `(GitHub Web Flow) via ShipIt`. This user is now used
when exercising the `git:check` task.
Fixes#1842.
When `deploy:symlink:linked_files` task is executed, only the
release path (containing the timestamp) is created.
After the task is done, it is hard to navigate over that release path
(again, because it's a timestamp) to perform the assertions.
To solve the issue, we're additionally creating a current path because
the assertion is much more easily done via `current_path`.
Capistrano 'git:check' task executes a `git ls-remote -h #{repo_url}`
command to check if remote repo is accessible. If successful, command
output is a list of references and their SHAs.
Task should be successful and we're pretty sure remote repo will have a
`master` reference, so that's what we're asserting.
We're NOT asserting:
* repo references other than master - likely to change
* reference SHAs - will definitely change
This removes the dependency on the `kuroko` gem and uses the Vagrant
command line application to control the virtual environment. The
`vagrant` command should be in your path, but if it isn't the path can
be set with the `VAGRANT_BIN` environment variable. This may even work
on older versions of Vagrant, but they are untested.
The `VagrantHelpers` module was added to mimic some of the API that was
provided by `kuroko`. The `RemoteCommandHelpers` module was modified to
accommodate those changes. Any non-zero exit status on a remote command
will raise a `VagrantHelpers::VagrantSSHCommandError` and should be
expected by any tests using the command helpers. All existing tests
work as expected.
In addition, a couple of minor changes were made. The TestApp utilizes
the Pathname library but does not require it. This was causing the suite
to fail for me so I added an explicit require. Also, the test for the
existence of a release directory would give a false positive on
subsequent runs if the `KEEP_RUNNING` option was used. I added an
`at_exit` that removes the test deployment directory to clean up the
box for the next run.
Documentation was also added to the README for how to run the test
suites.
To show all tasks decalred in default config and stages files was missed from the tasks list.
Added default value for :stage and load all default configs. Also added cucumber tests.
If an error is raised during a deploy, the task `deploy:failed` will be
triggered. Custom tasks can hook into this using `after`:
after 'deploy:failed', :send_for_help do
#
end
I've also taken the opportunity to provide a marginally more useful
error message before triggering the task.
By default, this 'deploy:failed' will only be triggered when running
`cap <stage> deploy` - to trigger after individual tasks use `set
:deploying, true`
This closes#708 and replaces
https://github.com/capistrano/capistrano/pull/720
This change allows both the `deploy_config_path` and `stage_config_path`
to be moved from the default locations of `config/deploy.rb` and
`config/deploy` respectively. These values __must__ be set in the
`Capfile` prior to `capistrano/setup` being called, for example:
set :deploy_config_path, 'app/config/deploy.rb'
set :stage_config_path, 'app/config/deploy'
# Load DSL and Setup Up Stages
require 'capistrano/setup'
Fixes#610
This commit removes the existing 'local' integration tests and replaces
them with Cucumber features running against VMs. At this stage,
some of the assertions are pending due to the limited nature of the
response returned when executing commands through Vagrant, but the
framework is there as a starting point to build upon.
To run the suite:
bundle exec cucumber
During development, avoid scraping the VM between runs:
bundle exec cucumber KEEPING_RUNNING=1
Ultimately I would like to see the `TestApp` helpers along with the Vagrant
integration packaged and available for use when developing gems that work with
Cap. For now though, this closes#641
