version bump

Add a gitignore to secrets_dir

README.md

@@ -106,7 +106,7 @@ Sample `Zanzifile`:
 ```yaml
 ---
 settings:
-  wsdl: my.scrt.srvr.com/webservices/sswebservice.asmx?wdsl
+  wsdl: my.scrt.srvr.com/webservices/sswebservice.asmx?wsdl
   domain: my.domain.net
   secret_dir: secrets/
   ignore_ssl: true

lib/zanzibar.rb

@@ -2,6 +2,7 @@ require 'zanzibar/version'
 require 'savon'
 require 'io/console'
 require 'fileutils'
+require 'yaml'
 
 module Zanzibar
   ##
@@ -123,12 +124,29 @@ module Zanzibar
       raise "There was an error getting the password for secret #{scrt_id}: #{err}"
     end
 
+    ## Get the password, save it to a file, and return the path to the file.
+    def get_username_and_password_and_save(scrt_id, path, name)
+      secret_items = get_secret(scrt_id)[:secret][:items][:secret_item]
+      password = get_secret_item_by_field_name(secret_items, 'Password')[:value]
+      username = get_secret_item_by_field_name(secret_items, 'Username')[:value]
+      save_username_and_password_to_file(password, username, path, name)
+      return File.join(path, name)
+    end
+
     def write_secret_to_file(path, secret_response)
       File.open(File.join(path, secret_response[:file_name]), 'wb') do |file|
         file.puts Base64.decode64(secret_response[:file_attachment])
       end
     end
 
+    ## Write the password to a file. Intended for use with a Zanzifile
+    def save_username_and_password_to_file(password, username, path, name)
+      user_pass = {'username' => username.to_s, 'password' => password.to_s}.to_yaml
+      File.open(File.join(path, name), 'wb') do |file|
+        file.print user_pass
+      end
+    end
+
     def get_secret_item_by_field_name(secret_items, field_name)
       secret_items.each do |item|
         return item if item[:field_name] == field_name

lib/zanzibar/actions/bundle.rb

@@ -20,6 +20,7 @@ module Zanzibar
       def run
         ensure_zanzifile
         load_required_secrets
+        ensure_secrets_path
         validate_environment
         load_resolved_secrets if resolved_file?
         validate_local_secrets unless @update
@@ -42,6 +43,17 @@ module Zanzibar
         debug { "#{ZANZIFILE_NAME} located..." }
       end
 
+      def ensure_secrets_path
+        ## Make sure the directory exists and that a .gitignore is there to ignore it
+        if @settings['secret_dir']
+          FileUtils.mkdir_p(@settings['secret_dir'])
+          File.open("#{@settings['secret_dir']}/.gitignore", 'w') do |file|
+            file.puts '*'
+            file.puts '!.gitignore'
+          end
+        end
+      end
+
       def resolved_file?
         File.exist? RESOLVED_NAME
       end
@@ -83,21 +95,26 @@ module Zanzibar
           downloaded_secrets[key] = download_one_secret(secret['id'],
                                                         secret['label'],
                                                         @settings['secret_dir'],
-                                                        args)
+                                                        args,
+                                                        secret['name'] || "#{secret['id']}_password")
 
-          debug { "Downloaded secret: #{key} to #{path}..." }
+          debug { "Downloaded secret: #{key} to #{@settings['secret_dir']}..." }
         end
 
         downloaded_secrets
       end
 
-      def download_one_secret(scrt_id, label, path, args)
+      def download_one_secret(scrt_id, label, path, args, name = nil)
+        if label == 'Password'
+          path = zanzibar(args).get_username_and_password_and_save(scrt_id, path, name)
+          { path: path, hash: Digest::MD5.file(path).hexdigest }
+        else
           path = zanzibar(args).download_secret_file(scrt_id: scrt_id,
                                                    type: label,
                                                    path: path)
-
           { path: path, hash: Digest::MD5.file(path).hexdigest }
         end
+      end
 
       def update_resolved_file(new_secrets)
         @local_secrets.merge! new_secrets

lib/zanzibar/cli.rb

@@ -53,6 +53,7 @@ module Zanzibar
     end
 
     desc 'plunder', "Alias to `#{APPLICATION_NAME} bundle`", :hide => true
+    option 'verbose', type: :boolean, default: false, aliases: :v
     alias_method :plunder, :bundle
 
     desc 'install', "Alias to `#{APPLICATION_NAME} bundle`"

lib/zanzibar/defaults.rb

@@ -1,3 +1,5 @@
+require 'pathname'
+
 # Definitions for various strings used throughout the gem
 module Zanzibar
   APPLICATION_NAME = Pathname.new($PROGRAM_NAME).basename

lib/zanzibar/version.rb

@@ -1,4 +1,4 @@
 # The version of the gem
 module Zanzibar
-  VERSION = '0.1.15'
+  VERSION = '0.1.18'
 end

spec/lib/zanzibar/actions/bundle_spec.rb

@@ -50,6 +50,12 @@ describe Zanzibar::Cli do
         expect(FakeFS::FileTest.file? File.join('secrets', 'zanzi_key')).to be(true)
       end
 
+      it 'should create a .gitignore' do
+        expect(FakeFS::FileTest.file? File.join('secrets', '.gitignore')).to be(false)
+        expect { subject.bundle }.to output(/Finished downloading secrets/).to_stdout
+        expect(FakeFS::FileTest.file? File.join('secrets', '.gitignore')).to be(true)
+      end
+
       it 'should create a resolved file' do
         expect(FakeFS::FileTest.file? Zanzibar::RESOLVED_NAME).to be(false)
         expect { subject.bundle }.to output(/Finished downloading secrets/).to_stdout

spec/lib/zanzibar_spec.rb

@@ -104,6 +104,17 @@ describe 'Zanzibar Test' do
     File.delete('attachment.txt')
   end
 
+  it 'should save credentials to a file' do
+    stub_request(:any, 'https://www.zanzitest.net/webservices/sswebservice.asmx')
+      .to_return(body: AUTH_XML, status: 200).then
+      .to_return(body: SECRET_XML, status: 200)
+
+      client.get_username_and_password_and_save(1234, '.', 'zanziTestCreds')
+      expect(File.exist? 'zanziTestCreds')
+      expect(File.read('zanziTestCreds')).to eq({'username' => 'ZanziUser', 'password' => 'zanziUserPassword'}.to_yaml)
+      File.delete('zanziTestCreds')
+  end
+
   it 'should use environment variables for credentials' do
     ENV['ZANZIBAR_USER'] = 'environment_user'
     ENV['ZANZIBAR_PASSWORD'] = 'environment_password'