Sha256: 53e91058a60c5ca0265fc41811e91a79a179c44024e7c8c372900c2925dd4f06

Contents?: true

Size: 2 KB

Versions: 1

Compression:

Stored size: 2 KB

Contents

desc 'security-update [step]', 'Support for performing security updates'
long_desc <<-LONGDESC
Preparation for security update: `geordi security-update`

After performing the update: `geordi security-update finish`

Switches branches, pulls, pushes and deploys as required by our workflow. Tells
what it will do before it does it.
LONGDESC

def security_update(step='prepare')
  case step
  when 'prepare'
    announce 'Preparing for security update'
    warn 'Please read https://makandracards.com/makandra/1587 before applying security updates!'
    note 'About to: pull master and production branches, checkout production'
    wait 'Continue?'

    Util.system! 'git checkout master', :show_cmd => true
    Util.system! 'git pull', :show_cmd => true
    Util.system! 'git checkout production', :show_cmd => true
    Util.system! 'git pull', :show_cmd => true

    success 'Successfully prepared for security update'
    puts
    note 'Please apply the security update now.'
    note 'When you are done, run `geordi security-update finish`.'


  when 'finish'
    announce 'Finishing security update'

    # ensure everything is committed
    `git status --porcelain`.empty? or fail('There are uncommitted changes.')
    note 'Working directory clean.'

    print 'Have you successfully run all tests? [yN] '
    exit unless $stdin.gets =~ /[yes]+/

    note 'About to: push production, checkout & pull master, merge production, push master, deploy all stages'
    wait 'Continue?'

    Util.system! 'git push', :show_cmd => true
    Util.system! 'git checkout master', :show_cmd => true
    Util.system! 'git pull', :show_cmd => true
    Util.system! 'git merge production', :show_cmd => true
    Util.system! 'git push', :show_cmd => true

    invoke_cmd 'all_targets', 'deploy:migrations'

    success 'Successfully pushed and deployed security update'
    puts
    note 'Now send an email to customer and project lead, informing them about the update.'
    note 'Do not forget to make a joblog on a security budget, if available.'
  end
end

Version data entries

1 entries across 1 versions & 1 rubygems

Version Path
geordi-1.0.0 lib/geordi/commands/security_update.rb