From 1b44134cab7811fe276829779d2fe3e4be4d2a3f Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Thu, 5 Jan 2017 09:06:03 +0000
Subject: [PATCH] Initial CI deployment integration

---
 .gitattributes               |   2 +
 .gitlab-ci.yml               |  92 +++++++++++++++++++++++++
 .gitlab-ci.yml.post-debian-8 |  38 -----------
 Makefile.PL                  |   8 ++-
 awit-certmaster              | 129 +++++++++++++++++++++++++++++++++--
 5 files changed, 226 insertions(+), 43 deletions(-)
 create mode 100644 .gitattributes
 create mode 100644 .gitlab-ci.yml
 delete mode 100644 .gitlab-ci.yml.post-debian-8

diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..a7affd6
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,2 @@
+.gitlab-ci.yml export-ignore
+.gitattributes export-ignore
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 0000000..5e3c281
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,92 @@
+stages:
+    - code-quality
+    - make-test
+    - make-install
+    - sources-upload
+
+
+
+code-quality:
+    stage: code-quality
+    script:
+        - export DEBIAN_FRONTEND=noninteractive
+        - apt-get update
+        - apt-get dist-upgrade -y
+        - apt-get install -y libperl-critic-perl make
+        - perlcritic --stern "$CI_PROJECT_DIR"
+
+
+
+make-test:
+    stage: make-test
+    script:
+        - export DEBIAN_FRONTEND=noninteractive
+
+		# Install IDMS Linux Enterprise
+        - apt-get update
+		- apt-get install -y wget
+		- echo "deb http://cdn.idms-linux.org/enterprise/ jessie enterprise" > /etc/apt/sources.list.d/idms-linux-enterprise.list
+		- wget -O- -q http://cdn.idms-linux.org/enterprise/enterprise.asc | apt-key add -
+		
+		- atp-get update
+        - apt-get dist-upgrade -y
+        - apt-get install -y make
+        - apt-get install -y libdatetime-perl libdatetime-timezone-perl libcrypt-openssl-rsa-perl libcrypt-openssl-x509-perl libjson-perl libwww-perl libcrypt-openssl-pkcs10-perl
+        - cd "$CI_PROJECT_DIR"
+        - perl Makefile.PL
+        - make test
+
+
+
+make-install:
+    stage: make-install
+    script:
+        - export DEBIAN_FRONTEND=noninteractive
+
+		# Install IDMS Linux Enterprise
+        - apt-get update
+		- apt-get install -y wget
+		- echo "deb http://cdn.idms-linux.org/enterprise/ jessie enterprise" > /etc/apt/sources.list.d/idms-linux-enterprise.list
+		- wget -O- -q http://cdn.idms-linux.org/enterprise/enterprise.asc | apt-key add -
+		
+        - apt-get update
+        - apt-get dist-upgrade -y
+        - apt-get install -y make
+        - apt-get install -y libdatetime-perl libdatetime-timezone-perl libcrypt-openssl-rsa-perl libcrypt-openssl-x509-perl libjson-perl libwww-perl libcrypt-openssl-pkcs10-perl
+        - cd "$CI_PROJECT_DIR"
+        - perl Makefile.PL
+        - make install
+
+
+
+sources-upload:
+    stage: sources-upload
+    only:
+        - tags@allworldit/awit-certmaster
+    except:
+        - master
+    script:
+        - export DEBIAN_FRONTEND=noninteractive
+        - apt-get update
+        - apt-get dist-upgrade -y
+        - apt-get install -y git xz-utils curl lftp gnupg
+        - cd "$CI_PROJECT_DIR"
+        # Import signing key
+        - echo "$SOURCES_GPG_SIGNKEY" | gpg --import
+        # Work out naming
+        - export ARCHIVE_VERSION="${CI_BUILD_TAG%%-*}"
+        - export ARCHIVE_NAME=${CI_PROJECT_NAME}-${ARCHIVE_VERSION##v}
+        # Create tar archive
+        - git archive --format=tar --prefix=${ARCHIVE_NAME}/ ${CI_BUILD_TAG} > ../${ARCHIVE_NAME}.tar
+        # Create compressed versions
+        - xz --keep --extreme -9 ../${ARCHIVE_NAME}.tar
+        # Sign compressed tar files
+        - gpg --sign --detach-sign --armor ../${ARCHIVE_NAME}.tar.xz
+        # Upload files, translating .asc into .sign
+        - lftp -e "set ssl:ca-file '/etc/ssl/certs/ca-certificates.crt'; set net:max-retries '5'; set net:timeout '60'; rm -r -f '${ARCHIVE_VERSION}'; mkdir '${ARCHIVE_VERSION}' && put ../'${ARCHIVE_NAME}.tar.xz' -o '${ARCHIVE_VERSION}/${ARCHIVE_NAME}.tar.xz' && put ../'${ARCHIVE_NAME}.tar.xz.asc' -o '${ARCHIVE_VERSION}/${ARCHIVE_NAME}.tar.xz.sign'; quit" -u "$UPLOAD_CRED" "$UPLOAD_HOST" 2>&1
+        # Test uploaded files
+        - curl --fail -o /dev/null "$DOWNLOAD_URL/${ARCHIVE_VERSION}/${ARCHIVE_NAME}.tar.xz"
+        - curl --fail -o /dev/null "$DOWNLOAD_URL/${ARCHIVE_VERSION}/${ARCHIVE_NAME}.tar.xz.sign"
+
+
+
diff --git a/.gitlab-ci.yml.post-debian-8 b/.gitlab-ci.yml.post-debian-8
deleted file mode 100644
index 87c3e6f..0000000
--- a/.gitlab-ci.yml.post-debian-8
+++ /dev/null
@@ -1,38 +0,0 @@
-stages:
-  - quality
-  - tests
-  - install
-
-code-quality:
-  stage: quality
-  script:
-    - export DEBIAN_FRONTEND=noninteractive
-    - apt-get update
-    - apt-get dist-upgrade -y
-    - apt-get install -y libperl-critic-perl make
-    - perlcritic --stern "$CI_PROJECT_DIR"
-
-make-test:
-  stage: tests
-  script:
-    - export DEBIAN_FRONTEND=noninteractive
-    - apt-get update
-    - apt-get dist-upgrade -y
-    - apt-get install -y make
-    - apt-get install -y libdatetime-perl libdatetime-timezone-perl libcrypt-openssl-rsa-perl libcrypt-openssl-x509-perl libjson-perl libwww-perl libcrypt-openssl-pkcs10-perl
-    - cd "$CI_PROJECT_DIR"
-    - perl Makefile.PL
-    - make test
-
-make-install:
-  stage: install
-  script:
-    - export DEBIAN_FRONTEND=noninteractive
-    - apt-get update
-    - apt-get dist-upgrade -y
-    - apt-get install -y make
-    - apt-get install -y libdatetime-perl libdatetime-timezone-perl libcrypt-openssl-rsa-perl libcrypt-openssl-x509-perl libjson-perl libwww-perl libcrypt-openssl-pkcs10-perl
-    - cd "$CI_PROJECT_DIR"
-    - perl Makefile.PL
-    - make install
-
diff --git a/Makefile.PL b/Makefile.PL
index 1195dc4..9dc12c7 100644
--- a/Makefile.PL
+++ b/Makefile.PL
@@ -1,5 +1,5 @@
 # Makefile
-# Copyright (C) 2016, AllWorldIT
+# Copyright (C) 2016-2017, AllWorldIT
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -25,5 +25,11 @@ WriteMakefile(
 	VERSION_FROM => "awit-certmaster",
 
 	EXE_FILES => [qw( awit-certmaster )],
+
+	MAN1EXT => "1",
+	MAN1PODS => {
+		'awit-certmaster' => 'blib/man1/awit-certmaster.1',
+	},
+
 );
 
diff --git a/awit-certmaster b/awit-certmaster
index 36146dc..044ee41 100755
--- a/awit-certmaster
+++ b/awit-certmaster
@@ -1,6 +1,6 @@
 #!/usr/bin/perl
 # awit-certmaster - SSL certificate maintainer for servers
-# Copyright (c) 2016, AllWorldIT
+# Copyright (c) 2016-2017, AllWorldIT
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -15,11 +15,32 @@
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
+
+=encoding utf8
+
+=head1 NAME
+
+awit-certmaster - SSL certificate maintainer for servers
+
+=head1 SYNOPSIS
+
+	awit-certmaster <MAIN OPTIONS> <CERT OPTIONS>
+
+=cut
+
+=head1 DESCRIPTION
+
+awit-certmaster is an SSL maintenance utility which makes use of multiple certificate providers to provision SSL certificates to
+web platforms automagically.
+
+=cut
+
+
+
 use strict;
 use warnings;
 
 
-
 package AWIT::CertMaster;
 
 
@@ -1724,12 +1745,86 @@ use Getopt::Long;
 
 
 my $NAME = "AWIT-CertMaster";
-our $VERSION = "1.1.1";
+our $VERSION = "1.1.2";
+
+
+
+print(STDERR "$NAME v$VERSION - Copyright (c) 2016-2017, AllWorldIT\n\n");
+
+
+
+=head1 MAIN OPTIONS
+
+C<awit-certmaster> provides the below commandline options...
+
+=cut
+
+=head2 --help|?
+
+	Display this help information.
+
+=cut
+
+=head2 --version
+
+	Display version information.
+
+=cut
+
+=head2 --nginx <CERT OPTIONS>
+
+	Process nginx configuration and generate certificates.
+
+=cut
+
+=head2 --apache <CERT OPTIONS>
 
+	Process apache configuration and generate certificates.
 
+=cut
 
-print(STDERR "$NAME v$VERSION - Copyright (c) 2016, AllWorldIT\n\n");
 
+=head1 CERT OPTIONS
+
+The following certificate operations are available for each server type above.
+
+=cut
+
+=head2 --check-only
+
+	Only check if certificates need to be re-issued.
+
+=cut
+
+=head2 --force=<DOMAIN>
+
+	Force generation of certificate for <DOMAIN>. This option can be specified multiple times.
+
+=cut
+
+=head2 --force-verfity=<DOMAIN>
+
+	Force verification of domain with certificate provider. This option can be specified multiple times.
+
+=cut
+
+=head2 --live
+
+	Run in LIVE mode. By default awit-certmaster runs in TEST mode.
+
+=cut
+
+=head2 --only=<DOMAIN>
+
+	ONLY process domain <DOMAIN> and none of the others. This option can be specified multiple times.
+
+=cut
+
+=head2 --use-dns=<DOMAIN>
+
+	Use DNS validation method for domain and not HTTP. THIS OPTION CURRENTLY DOES NOT WORK.
+
+=cut
 
 
 # Grab options
@@ -1826,3 +1921,29 @@ EOF
 
 
 
+__END__
+
+=head1 AUTHORS
+
+Nigel Kukard E<lt>nkukard@allworld.itE<gt>.
+
+=head1 BUGS
+
+All bugs should be reported via the project issue tracker
+L<https://gitlab.devlabs.linuxassist.net/allworldit/awit-certmaster/issues>.
+
+=head1 LICENSE AND COPYRIGHT
+
+Copyright (C) 2016-2017, AllWorldIT
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+=head1 SEE ALSO
+
+L<httpd>(1), L<nginx>(1).
+
+=cut
+
-- 
GitLab