aws-codedeploy-agent 0.0.1

data/lib/instance_agent/codedeploy_plugin/application_specification/application_specification.rb

@@ -0,0 +1,142 @@
+module InstanceAgent
+  module CodeDeployPlugin
+    module ApplicationSpecification
+
+      class AppSpecValidationException < Exception; end
+      class ApplicationSpecification
+
+        attr_reader :version, :os, :hooks, :files, :permissions
+
+        def initialize(yaml_hash, opts = {})
+          @version = parse_version(yaml_hash['version'])
+          @os = parse_os(yaml_hash['os'])
+          @hooks = parse_hooks(yaml_hash['hooks'] || {})
+          @files = parse_files(yaml_hash['files'] || [])
+          @permissions = parse_permissions(yaml_hash['permissions'] || [])
+        end
+
+        def self.parse(app_spec_string)
+          new(YAML.load(app_spec_string))
+        end
+
+        private
+        def supported_versions()
+          [0.0]
+        end
+
+        def parse_version(version)
+          if !supported_versions.include?(version)
+            raise AppSpecValidationException, "unsupported version: #{version}"
+          end
+          version
+        end
+
+        def supported_oses()
+          InstanceAgent::Platform.util.supported_oses()
+        end
+
+        def parse_os(os)
+          if !supported_oses.include?(os)
+            raise AppSpecValidationException, "unsupported os: #{os}"
+          end
+          os
+        end
+
+        def parse_files(file_map_hash)
+          files = []
+          #loop through hash and create fileInfo representations
+          file_map_hash.each do |mapping|
+            files << FileInfo.new(mapping['source'], mapping['destination'])
+          end
+          files
+        end
+
+        def parse_hooks(hooks_hash)
+          temp_hooks_hash = Hash.new
+          hooks_hash.each_pair do |hook, scripts|
+            current_hook_scripts = []
+            scripts.each do |script|
+              if (script.has_key?('location'))
+                current_hook_scripts << InstanceAgent::CodeDeployPlugin::ApplicationSpecification::ScriptInfo.new(script['location'].strip,
+                  {
+                    :runas => script.has_key?('runas') ? script['runas'].strip : nil,
+                    :timeout => script['timeout']
+                  })
+              else
+                raise AppSpecValidationException, 'script provided without a location value'
+              end
+            end
+            temp_hooks_hash[hook] = current_hook_scripts
+          end
+          temp_hooks_hash
+        end
+
+        def parse_permissions(permissions_list)
+          permissions = []
+          #loop through list and create permissionsInfo representations
+          permissions_list.each do |permission|
+            if !permission.has_key?('object')
+              raise AppSpecValidationException, 'permission provided without a object value'
+            end
+            if @os.eql?('linux')
+              permissions << InstanceAgent::CodeDeployPlugin::ApplicationSpecification::LinuxPermissionInfo.new(permission['object'].strip,
+                {
+                  :pattern => ('**'.eql?(permission['pattern']) || permission['pattern'].nil?) ? '**' : parse_simple_glob(permission['pattern']),
+                  :except => parse_simple_glob_list(permission['except']),
+                  :type => parse_type_list(permission['type']),
+                  :owner => permission['owner'],
+                  :group => permission['group'],
+                  :mode => parse_mode(permission['mode']),
+                  :acls => parse_acl(permission['acls']),
+                  :context => parse_context(permission['context'])
+                })
+            else
+              raise AppSpecValidationException, 'permissions only supported with linux os currently'
+            end
+          end
+          permissions
+        end
+
+        #placeholder for parsing globs: we should verify that the glob is only including what we expect.  For now just returning it as it is.
+        def parse_simple_glob(glob)
+          glob
+        end
+
+        def parse_simple_glob_list(glob_list)
+          temp_glob_list = []
+          (glob_list || []).each do |glob|
+            temp_glob_list << parse_simple_glob(glob)
+          end
+          temp_glob_list
+        end
+
+        def supported_types
+          ['file', 'directory']
+        end
+
+        def parse_type_list(type_list)
+          type_list ||= supported_types
+          type_list.each do |type|
+            if !supported_types.include?(type)
+              raise AppSpecValidationException, "assigning permissions to objects of type #{type} not supported"
+            end
+          end
+          type_list
+        end
+
+        def parse_mode(mode)
+          mode.nil? ? nil : InstanceAgent::CodeDeployPlugin::ApplicationSpecification::ModeInfo.new(mode)
+        end
+
+        def parse_acl(acl)
+          acl.nil? ? nil : InstanceAgent::CodeDeployPlugin::ApplicationSpecification::AclInfo.new(acl)
+        end
+
+        def parse_context(context)
+          context.nil? ? nil : InstanceAgent::CodeDeployPlugin::ApplicationSpecification::ContextInfo.new(context)
+        end
+      end
+
+    end
+  end
+end

data/lib/instance_agent/codedeploy_plugin/application_specification/context_info.rb

@@ -0,0 +1,23 @@
+module InstanceAgent
+  module CodeDeployPlugin
+    module ApplicationSpecification
+
+      #Helper Class for storing a context
+      class ContextInfo
+
+        attr_reader :user, :role, :type, :range
+
+        def initialize(context)
+          if context['type'].nil?
+            raise AppSpecValidationException, "invalid context type required #{context.inspect}"
+          end
+          @user = context['name']
+          @role = nil
+          @type = context['type']
+          @range = context['range'].nil? ? nil : RangeInfo.new(context['range'])
+        end
+      end
+
+    end
+  end
+end

data/lib/instance_agent/codedeploy_plugin/application_specification/file_info.rb

@@ -0,0 +1,23 @@
+module InstanceAgent
+  module CodeDeployPlugin
+    module ApplicationSpecification
+
+      #Helper class for storing data parsed from file maps
+      class FileInfo
+
+        attr_reader :source, :destination
+
+        def initialize(source, destination, opts = {})
+          if(source.nil?)
+            raise AppSpecValidationException, 'File needs to have a source'
+          elsif (destination.nil?)
+            raise AppSpecValidationException, 'File needs to have a destination'
+          end
+          @source = source
+          @destination = destination
+        end
+      end
+
+    end
+  end
+end

data/lib/instance_agent/codedeploy_plugin/application_specification/linux_permission_info.rb

@@ -0,0 +1,121 @@
+module InstanceAgent
+  module CodeDeployPlugin
+    module ApplicationSpecification
+
+      #Helper Class for storing data parsed from permissions list
+      class LinuxPermissionInfo
+
+        attr_reader :object, :pattern, :except, :type, :owner, :group, :mode, :acls, :context
+
+        def initialize(object, opts = {})
+          object = object.to_s
+          if (object.empty?)
+            raise AppSpecValidationException, 'Permission needs a object value'
+          end
+          @object = object
+          @pattern = opts[:pattern] || "**"
+          @except = opts[:except] || []
+          @type = opts[:type] || ["file", "directory"]
+          @owner = opts[:owner]
+          @group = opts[:group]
+          @mode = opts[:mode]
+          @acls = opts[:acls]
+          @context = opts[:context]
+        end
+
+        def validate_file_permission()
+          if @type.include?("file")
+            if !"**".eql?(@pattern)
+              raise AppSpecValidationException, "Attempt to use pattern #{@pattern} when assigning permissions to file #{@object}"
+            end
+            if !@except.empty?
+             raise AppSpecValidationException, "Attempt to use except #{@except} when assigning permissions to file #{@object}"
+            end
+          end
+        end
+
+        def validate_file_acl(object)
+          if !@acls.nil?
+            default_acl = @acls.get_default_ace
+            if !default_acl.nil?
+              raise "Attempt to set default acl #{default_acl} on file #{object}"
+            end
+          end
+        end
+
+        def matches_pattern?(name)
+          name = name.chomp(File::SEPARATOR)
+          base_object = sanitize_dir_path(@object)
+          if !base_object.end_with?(File::SEPARATOR)
+            base_object = base_object + File::SEPARATOR
+          end
+          if name.start_with?(base_object)
+            if ("**".eql?(@pattern))
+              return true
+            end
+            rel_name = name[base_object.length..name.length]
+            return matches_simple_glob(rel_name, @pattern)
+          end
+          false
+        end
+
+        def matches_except?(name)
+          name = name.chomp(File::SEPARATOR)
+          base_object = sanitize_dir_path(@object)
+          if !base_object.end_with?(File::SEPARATOR)
+            base_object = base_object + File::SEPARATOR
+          end
+          if name.start_with?(base_object)
+            rel_name = name[base_object.length..name.length]
+            @except.each do |item|
+              if matches_simple_glob(rel_name, item)
+                return true
+              end
+            end
+          end
+          false
+        end
+
+        private
+        def matches_simple_glob(name, pattern)
+          if name.include?(File::SEPARATOR)
+            return false
+          end
+          options = expand(pattern.chars.entries)
+          name.chars.each do |char|
+            new_options = []
+            options.each do |option|
+              if option[0].eql?("*")
+                new_options.concat(expand(option))
+              elsif option[0].eql?(char)
+                option.shift
+                new_options.concat(expand(option))
+              end
+            end
+            options = new_options
+            if (options.include?(["*"]))
+              return true
+            end
+          end
+          options.include?([])
+        end
+
+        private
+        def expand(option)
+          previous_option = nil
+          while "*".eql?(option[0]) do
+            previous_option = Array.new(option)
+            option.shift
+          end
+          previous_option.nil? ? [option] : [previous_option, option]
+        end
+
+        private
+        def sanitize_dir_path(path)
+          File.expand_path(path)
+        end
+      end
+
+    end
+  end
+end

data/lib/instance_agent/codedeploy_plugin/application_specification/mode_info.rb

@@ -0,0 +1,66 @@
+module InstanceAgent
+  module CodeDeployPlugin
+    module ApplicationSpecification
+
+      #Helper Class for storing mode of a file
+      class ModeInfo
+
+        attr_reader :mode
+        attr_reader :world, :world_readable, :world_writable, :world_executable
+        attr_reader :group, :group_readable, :group_writable, :group_executable
+        attr_reader :owner, :owner_readable, :owner_writable, :owner_executable
+        attr_reader :setuid, :setgid, :sticky
+
+        def initialize(mode)
+          mode = mode.to_s
+          while mode.length < 3 do
+            mode = "0" + mode;
+          end
+          if mode.length > 4
+            raise AppSpecValidationException, "permission mode length incorrect: #{mode}"
+          end
+          mode.each_char do |char|
+            if (char.ord < '0'.ord) || (char.ord > '7'.ord)
+              raise AppSpecValidationException, "invalid character #{char} in permission mode #{mode}"
+            end
+          end
+          @mode = mode
+          mode_array = mode.reverse.chars.entries
+
+          @world = mode_array[0]
+          world_bits = to_bits(@world.to_i, 3)
+          @world_readable = (world_bits[0] == 1)
+          @world_writable = (world_bits[1] == 1)
+          @world_executable = (world_bits[2] == 1)
+
+          @group = mode_array[1]
+          group_bits = to_bits(@group.to_i, 3)
+          @group_readable = (group_bits[0] == 1)
+          @group_writable = (group_bits[1] == 1)
+          @group_executable = (group_bits[2] == 1)
+
+          @owner = mode_array[2]
+          owner_bits = to_bits(@owner.to_i, 3)
+          @owner_readable = (owner_bits[0] == 1)
+          @owner_writable = (owner_bits[1] == 1)
+          @owner_executable = (owner_bits[2] == 1)
+
+          special = (mode_array.length > 3) ? mode_array[3]: '0'
+          special_bits = to_bits(special.to_i, 3)
+          @setuid = (special_bits[0] == 1)
+          @setgid = (special_bits[1] == 1)
+          @sticky = (special_bits[2] == 1)
+        end
+
+        def to_bits(num, min_size)
+          bits = Array.new(min_size, 0)
+          num_bits = num.to_s(2).split("")
+          diff = [0, min_size - num_bits.length].max
+          num_bits.map.with_index {|n,i| bits[i+diff] = n.to_i}
+          bits
+        end
+      end
+
+    end
+  end
+end

data/lib/instance_agent/codedeploy_plugin/application_specification/range_info.rb

@@ -0,0 +1,134 @@
+module InstanceAgent
+  module CodeDeployPlugin
+    module ApplicationSpecification
+
+      #Helper Class for storing the range of a context
+      class RangeInfo
+
+        attr_reader :low_sensitivity, :high_sensitivity, :categories
+
+        def initialize(range)
+          parts = ensure_parts(range, ":")
+          sensitivity_parts = ensure_parts(parts[0], "-")
+          @low_sensitivity = getSensitivityNumber(sensitivity_parts[0])
+          if sensitivity_parts.length == 2
+            @high_sensitivity = getSensitivityNumber(sensitivity_parts[1])
+            if @high_sensitivity < @low_sensitivity
+              raise AppSpecValidationException, "invalid sensitivity range in #{range}"
+            end
+          else
+            @high_sensitivity = @low_sensitivity
+          end
+          if parts.length == 2
+            @categories = get_category_numbers(parts[1].split(","))
+          end
+        end
+
+        def ensure_parts(input, split_on)
+          num_parts = 1
+          if input.include?(split_on)
+            num_parts = 2
+          end
+          parts = input.split(split_on, 2)
+          if parts.length != num_parts
+            raise AppSpecValidationException, "invalid range part #{input}"
+          end
+          parts.each do |part|
+            if part.nil? || part.eql?('')
+              raise AppSpecValidationException, "invalid range part #{input}"
+            end
+          end
+          parts
+        end
+
+        def getSensitivityNumber(sensitivity)
+          if sensitivity.nil? || sensitivity.length < 2 || !sensitivity.start_with?('s')
+            raise AppSpecValidationException, "invalid sensitivity #{sensitivity}"
+          end
+          s_level = sensitivity.sub('s', '')
+          s_level.chars.each do |digit|
+            if (digit.ord < '0'.ord) || (digit.ord > '9'.ord)
+              raise AppSpecValidationException, "invalid sensitivity #{sensitivity}"
+            end
+          end
+          s_level.to_i
+        end
+
+        def get_category_number(category)
+          if category.nil? || category.length < 2 ||  !category.start_with?('c')
+            raise AppSpecValidationException, "invalid category #{category}"
+          end
+          c_level = category.sub('c', '')
+          c_level.chars.each do |digit|
+            if (digit.ord < '0'.ord) || (digit.ord > '9'.ord)
+              raise AppSpecValidationException, "invalid category #{category}"
+            end
+          end
+          level = c_level.to_i
+          if level > 1023
+            raise AppSpecValidationException, "invalid category #{category}"
+          end
+          level
+        end
+
+        def get_category_range(range)
+          low = get_category_number(range[0])
+          high = get_category_number(range[1])
+          if (high < low)
+            raise AppSpecValidationException, "invalid category range #{range[0]}.#{range[1]}"
+          end
+          (low..high).to_a
+        end
+
+        def get_category_numbers(parts)
+          temp_categories = [];
+          parts.each do |part|
+            if part.include? "."
+              temp_categories.concat get_category_range(ensure_parts(part, "."))
+            else
+              temp_categories << get_category_number(part)
+            end
+          end
+          if !temp_categories.sort!.uniq!.nil?
+            raise AppSpecValidationException, "duplicate categories"
+          end
+          temp_categories
+        end
+
+        # format s#[-s#][:c#[.c#](,c#[.c#])*] (# means a number)
+        def get_range
+          range = "s" + @low_sensitivity.to_s
+          if (@low_sensitivity != @high_sensitivity)
+            range = range + "-s" + @high_sensitivity.to_s
+          end
+          if @categories
+            range = range + ":"
+            index = 0
+            while index < @categories.length
+              if (index != 0)
+                range = range + ","
+              end
+
+              low = @categories[index]
+              low_index = index
+              high = @categories[index]
+              index += 1
+              while (@categories[index] == low + (index - low_index))
+                high += 1
+                index += 1
+              end
+
+              if (low == high)
+                range = range + "c" + low.to_s
+              else
+                range = range + "c" + low.to_s + ".c" + high.to_s
+              end
+            end
+          end
+          range
+        end
+      end
+
+    end
+  end
+end