cem_acpt 0.2.4 → 0.6.0

data/lib/cem_acpt/utils/ssh.rb

@@ -0,0 +1,197 @@
+# frozen_string_literal: true
+
+require 'open3'
+require_relative '../logging'
+
+module CemAcpt
+  module Utils
+    # SSH-related utilities
+    module SSH
+      # Class for generating SSH keys
+      class Keygen
+        include CemAcpt::Logging
+
+        DEFAULT_TYPE = 'ed25519'
+        DEFAULT_PASSPHRASE = ''
+        DEFAULT_ROUNDS = 100
+        DEFAULT_BITS = 4096
+
+        def initialize(key_dir: ::File.join(ENV['HOME'], '.ssh'))
+          @key_dir = key_dir
+          @bin_path = find_bin_path
+        end
+
+        def exist?(key_name)
+          key_paths(key_name, chmod: false)
+          true
+        rescue StandardError
+          false
+        end
+
+        def create(key_name, **options)
+          delete(key_name) # Delete existing keys with same name
+          cmd = new_keygen_cmd(key_name, **options)
+          logger.debug("Creating SSH key with command: #{cmd}")
+          _stdout, stderr, status = Open3.capture3(cmd)
+          raise "Failed to create SSH key! #{stderr}" unless status.success?
+
+          key_paths(key_name)
+        end
+
+        def delete(key_name)
+          priv_key = key_path(key_name)
+          pub_key = key_path(key_name, public_key: true)
+          if ::File.file?(priv_key)
+            logger.debug("Deleting private key: #{priv_key}")
+            ::File.delete(priv_key)
+          end
+          if ::File.file?(pub_key)
+            logger.debug("Deleting public key: #{pub_key}")
+            ::File.delete(pub_key)
+          end
+        end
+
+        private
+
+        FIND_BIN_PATH_COMMANDS = [
+          "#{ENV['SHELL']} -c 'command -v ssh-keygen'",
+          "#{ENV['SHELL']} -c 'which ssh-keygen'",
+        ].freeze
+
+        def find_bin_path(find_cmd = FIND_BIN_PATH_COMMANDS.first)
+          bin_path, stderr, status = Open3.capture3(find_cmd)
+          raise "Cannot find ssh-keygen with command #{find_cmd}: #{stderr}" unless status.success?
+
+          bin_path.chomp
+        rescue StandardError => e
+          return find_bin_path(FIND_BIN_PATH_COMMANDS.last) unless FIND_BIN_PATH_COMMANDS.last == find_cmd
+
+          raise e
+        end
+
+        def new_keygen_cmd(key_name, **options)
+          [
+            @bin_path,
+            '-o',
+            "-t #{options[:type] || DEFAULT_TYPE}",
+            "-C '#{options[:comment] || "cem_acpt_#{key_name}"}'",
+            "-f #{::File.join(@key_dir, key_name)}",
+            "-N '#{options[:passphrase] || DEFAULT_PASSPHRASE}'",
+            "-a #{options[:rounds] || DEFAULT_ROUNDS}",
+            "-b #{options[:bits] || DEFAULT_BITS}",
+          ].join(' ')
+        end
+
+        def key_path(file_name, public_key: false)
+          key = ::File.join(@key_dir, file_name)
+          public_key ? "#{key}.pub" : key
+        end
+
+        def key_paths(file_name, chmod: true)
+          priv_key = key_path(file_name)
+          pub_key = key_path(file_name, public_key: true)
+          raise "Private key file #{priv_key} does not exist" unless ::File.file?(priv_key)
+          raise "Public key file #{pub_key} does not exist" unless ::File.file?(pub_key)
+
+          ::File.chmod(0o600, priv_key) if chmod
+          ::File.chmod(0o600, pub_key) if chmod
+          [priv_key, pub_key]
+        end
+      end
+
+      def self.ssh_keygen
+        bin_path = `#{ENV['SHELL']} -c 'command -v ssh-keygen'`.chomp
+        raise 'Cannot find ssh-keygen! Install it and verify PATH' unless bin_path
+
+        bin_path
+      rescue StandardError => e
+        raise "Cannot find ssh-keygen! Install it and verify PATH. Orignal error: #{e}"
+      end
+
+      def self.default_keydir
+        ssh_dir = ::File.join(ENV['HOME'], '.ssh')
+        raise "SSH directory at #{ssh_dir} does not exist" unless ::File.directory?(ssh_dir)
+
+        ssh_dir
+      end
+
+      def self.file_path(file_name, keydir: default_keydir)
+        ::File.join(keydir, file_name)
+      end
+
+      # Takes a file name (not path) and optional SSH key directory and returns the paths
+      # to the private key and public key based on the file name given.
+      # @param file_name [String] The base name for the keys
+      # @param keydir [String] An optional SSH key directory
+      def self.key_paths(file_name, keydir: default_keydir)
+        [file_path(file_name, keydir: keydir), file_path("#{file_name}.pub", keydir: keydir)]
+      end
+
+      def self.create(key_name, **options)
+        keygen = Keygen.new
+        keys = keygen.create(key_name, **options)
+        keys + ['/dev/null']
+      end
+
+      def self.create_known_hosts(known_hosts, overwrite: true, keydir: default_keydir)
+        return nil unless known_hosts
+
+        kh_file = file_path(known_hosts, keydir: keydir)
+        ::File.open(kh_file, 'w') { |f| f.write("\n") } unless ::File.exist?(kh_file) && !overwrite
+        kh_file
+      end
+
+      def self.set_ssh_file_permissions(*files)
+        files.uniq.compact.map { |p| ::File.chmod(0o600, p) }
+      end
+
+      def self.ephemeral_ssh_key(keydir: default_keydir)
+        CemAcpt::Utils::SSH::Ephemeral.create(keydir: keydir)
+      end
+
+      def self.clean_ephemeral_keys
+        CemAcpt::Utils::SSH::Ephemeral.clean
+      end
+
+      # Ephemeral SSH key generation and cleanup
+      module Ephemeral
+        PRIV_KEY = 'acpt_test_key'
+        CREATE_OPTS = {
+          type: 'ed25519',
+          bits: '4096',
+          rounds: '100',
+          comment: 'Ephemeral for cem_acpt',
+          password: '',
+          known_hosts: 'acpt_known_hosts',
+          overwrite_known_hosts: true,
+        }.freeze
+
+        class << self
+          attr_accessor :ephemeral_keydir
+        end
+
+        def self.create(keydir: CemAcpt::Utils::SSH.default_keydir)
+          return [false, false, false] if ENV['CEM_ACPT_SSH_PRI_KEY'] # Don't create ephemeral keys if this is set
+
+          self.ephemeral_keydir = keydir
+          @priv_key, @pub_key, @known_hosts = CemAcpt::Utils::SSH.create(PRIV_KEY, keydir: ephemeral_keydir, **CREATE_OPTS)
+          [@priv_key, @pub_key, @known_hosts]
+        end
+
+        def self.clean
+          return if ENV['CEM_ACPT_SSH_PRI_KEY']
+
+          [@priv_key, @pub_key, @known_hosts].each_with_object([]) do |f, arr|
+            next unless f
+
+            path = CemAcpt::Utils::SSH.file_path(f, keydir: ephemeral_keydir)
+            if ::File.exist?(path)
+              ::File.delete(path)
+              arr << path
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/cem_acpt/utils/terminal.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+require 'concurrent-ruby'
+
+module CemAcpt
+  module Utils
+    # Terminal-related utilities
+    module Terminal
+      def self.keep_terminal_alive
+        executor = Concurrent::SingleThreadExecutor.new
+        executor.post do
+          loop do
+            $stdout.print(".\r")
+            sleep(1)
+            $stdout.print("..\r")
+            sleep(1)
+            $stdout.print("...\r")
+            sleep(1)
+            $stdout.print("   \r")
+            sleep(1)
+          end
+        end
+        executor
+      end
+    end
+  end
+end

data/lib/cem_acpt/utils.rb

@@ -1,144 +1,10 @@
 # frozen_string_literal: true
 
-require 'open3'
-require 'securerandom'
+require_relative 'utils/puppet'
+require_relative 'utils/ssh'
+require_relative 'utils/terminal'
 
 module CemAcpt
   # Utility methods and modules for CemAcpt.
-  module Utils
-    def self.os
-      case RbConfig::CONFIG['host_os']
-      when /mswin|msys|mingw|cygwin|bccwin|wince|emc/
-        :windows
-      else
-        :nix
-      end
-    end
-
-    # File-related utilities
-    module File
-      def self.set_permissions(permission, *file_paths)
-        file_paths.map { |p| ::File.chmod(permission, p) }
-      end
-    end
-
-    # Puppet-related utilities
-    module Puppet
-      DEFAULT_PUPPET_PATH = {
-        nix: '/opt/puppetlabs/bin/puppet',
-        windows: 'C:/Program Files/Puppet Labs/Puppet/bin/puppet.bat',
-      }.freeze
-
-      # Finds and returns the Puppet executable
-      def self.puppet_executable
-        this_os = CemAcpt::Utils.os
-        if ::File.file?(DEFAULT_PUPPET_PATH[this_os]) && ::File.executable?(DEFAULT_PUPPET_PATH[this_os])
-          return DEFAULT_PUPPET_PATH[this_os]
-        end
-
-        file_name = 'puppet'
-        if this_os == :windows
-          exts = ENV['PATHEXT'] ? ".{#{ENV['PATHEXT'].tr(';', ',').tr('.', '').downcase}}" : '.{exe,com,bat}'
-          file_name = "#{file_name}#{exts}"
-        end
-        ENV['PATH'].split(::File::PATH_SEPARATOR).each do |path|
-          if ::File.file?(::File.join(path, file_name)) && ::File.executable?(::File.join(path, file_name))
-            return ::File.join(path, file_name)
-          end
-        end
-        raise 'Could not find Puppet executable! Is Puppet installed?'
-      end
-
-      # Builds a Puppet module package.
-      # @param module_dir [String] Path to the module directory. If target_dir
-      #   is specified as a relative path, it will be relative to the module dir.
-      # @param target_dir [String] Path to the target directory where the package
-      #   will be built. This defaults to the relative path 'pkg/'.
-      # @param should_log [Boolean] Whether or not to log the build process.
-      # @return [String] Path to the built package.
-      def self.build_module_package(module_dir, target_dir = nil, should_log: false)
-        require 'puppet/modulebuilder'
-        require 'fileutils'
-
-        builder_logger = should_log ? logger : nil
-        builder = ::Puppet::Modulebuilder::Builder.new(::File.expand_path(module_dir), target_dir, builder_logger)
-
-        # Validates module metadata by raising exception if invalid
-        _metadata = builder.metadata
-
-        # Builds the module package
-        builder.build
-      end
-    end
-
-    # Node-related utilities
-    module Node
-      def self.random_instance_name(prefix: 'cem-acpt-', length: 24)
-        rand_length = length - prefix.length
-        "#{prefix}#{::SecureRandom.hex(rand_length)}"
-      end
-    end
-
-    # SSH-related utilities
-    module SSH
-      def self.ssh_keygen
-        bin_path = `#{ENV['SHELL']} -c 'command -v ssh-keygen'`.chomp
-        raise 'Cannot find ssh-keygen! Install it and verify PATH' unless bin_path
-
-        bin_path
-      rescue StandardError => e
-        raise "Cannot find ssh-keygen! Install it and verify PATH. Orignal error: #{e}"
-      end
-
-      def self.default_keydir
-        ssh_dir = ::File.join(ENV['HOME'], '.ssh')
-        raise "SSH directory at #{ssh_dir} does not exist" unless ::File.directory?(ssh_dir)
-
-        ssh_dir
-      end
-
-      def self.ephemeral_ssh_key(type: 'rsa', bits: '4096', comment: nil, keydir: default_keydir)
-        raise ArgumentError, 'keydir does not exist' unless ::File.directory?(keydir)
-
-        keyfile = ::File.join(keydir, 'acpt_test_key')
-        keygen_cmd = [ssh_keygen, "-t #{type}", "-b #{bits}", "-f #{keyfile}", '-N ""']
-        keygen_cmd << "-C \"#{comment}\"" if comment
-        _, stderr, status = Open3.capture3(keygen_cmd.join(' '))
-        raise "Failed to generate ephemeral SSH key: #{stderr}" unless status.success?
-
-        [keyfile, "#{keyfile}.pub"]
-      end
-
-      def self.acpt_known_hosts(keydir: default_keydir, file_name: 'acpt_known_hosts', overwrite: true)
-        kh_file = ::File.join(keydir, file_name)
-        ::File.open(kh_file, 'w') { |f| f.write("\n") } unless ::File.exist?(kh_file) && !overwrite
-        kh_file
-      end
-
-      def self.set_ssh_file_permissions(priv_key, pub_key, known_hosts)
-        CemAcpt::Utils::File.set_permissions(0o600, priv_key, pub_key, known_hosts)
-      end
-    end
-
-    # Terminal-related utilities
-    module Terminal
-      def self.keep_terminal_alive
-        require 'concurrent-ruby'
-        executor = Concurrent::SingleThreadExecutor.new
-        executor.post do
-          loop do
-            $stdout.print(".\r")
-            sleep(1)
-            $stdout.print("..\r")
-            sleep(1)
-            $stdout.print("...\r")
-            sleep(1)
-            $stdout.print("   \r")
-            sleep(1)
-          end
-        end
-        executor
-      end
-    end
-  end
+  module Utils; end
 end

data/lib/cem_acpt/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module CemAcpt
-  VERSION = '0.2.4'
+  VERSION = '0.6.0'
 end

data/lib/cem_acpt.rb

@@ -1,34 +1,84 @@
 # frozen_string_literal: true
 
-module CemAcpt
-  require_relative 'cem_acpt/logging'
-  require_relative 'cem_acpt/version'
-  require_relative 'cem_acpt/spec_helper_acceptance'
+require_relative 'cem_acpt/config'
+require_relative 'cem_acpt/logging'
+require_relative 'cem_acpt/test_runner'
+require_relative 'cem_acpt/version'
 
+module CemAcpt
   class << self
     include CemAcpt::Logging
-  end
 
-  def self.run(params)
-    require_relative 'cem_acpt/context'
+    attr_reader :config
+
+    def version(as_str: false)
+      return VERSION unless as_str
+
+      "cem_acpt v#{VERSION}"
+    end
+
+    def print_config(options, format: :yaml)
+      config = new_config(options)
+      if format == :explain
+        puts config.explain
+        return
+      end
+      puts config.send("to_#{format}".to_sym)
+    end
+
+    def run(options)
+      # Set up config, logger, and helper
+      @config = new_config(options)
+      initialize_logger!
+      runner = new_runner
 
-    log_level = params[:log_level]
-    log_formatter = params[:log_format] ? new_log_formatter(params[:log_format]) : nil
-    logdevs = [$stdout]
-    if params[:log_file] && params[:quiet]
-      logdevs = [params[:log_file]]
-    elsif params[:log_file] && !params[:quiet]
-      logdevs << params[:log_file]
+      # Set up signal handlers
+      Signal.trap('INT') do
+        @trap_context = true
+        logger.trap_context = @trap_context
+        logger.fatal('Signal Handler') { 'Received interrupt signal. Cleaning up test suite...' }
+        runner.clean_up(@trap_context)
+        logger.fatal('Signal Handler') { 'Exiting due to interrupt signal' }
+        exit 1
+      end
+
+      # Run the test suite
+      runner.run
+
+      exit runner.exit_code
+    end
+
+    private
+
+    def new_config(options)
+      CemAcpt::Config.new(opts: options, config_file: options[:config_file])
     end
-    if (params[:CI] || ENV['CI'] || ENV['GITHUB_ACTION']) && !logdevs.include?($stdout)
-      logdevs << $stdout
+
+    def new_runner
+      CemAcpt::TestRunner::Runner.new(@config)
+    end
+
+    def initialize_logger!
+      raise 'Config must be loaded before logger can be initialized' if config.nil? || config.empty?
+
+      log_formatter = config.get('log_format')&.to_sym || :text
+      logdevs = [$stdout]
+      # If log_file is set, and quiet is set, only log to the file
+      if config.get('log_file') && config.get('quiet')
+        logdevs = [config.get('log_file')]
+      elsif config.get('log_file') && !config.get('quiet')
+        logdevs << config.get('log_file')
+      end
+      if config.ci_mode? && !logdevs.include?($stdout)
+        logdevs << $stdout
+      end
+      new_log = new_logger(
+        *logdevs,
+        level: config.get('log_level'),
+        formatter: log_formatter,
+      )
+      new_log.set_verbose(!!config.get('verbose'))
+      new_log
     end
-    new_logger(
-      *logdevs,
-      level: log_level,
-      formatter: log_formatter,
-    )
-    exit_code = CemAcpt::Context.with(params, &:run)
-    exit exit_code
   end
 end

data/lib/terraform/gcp/linux/goss/puppet_idempotent.yaml

@@ -0,0 +1,10 @@
+command:
+  puppet_idempotent:
+    exec: 'sudo /opt/puppetlabs/puppet/bin/puppet apply --verbose --detailed-exitcodes /opt/cem_acpt/manifest.pp'
+    timeout: 300000 # 5 mins in miliseconds
+    stdout:
+      - "Applied catalog in"
+    stderr:
+      - ""
+    exit-status: 0
+    

data/lib/terraform/gcp/linux/goss/puppet_noop.yaml

@@ -0,0 +1,12 @@
+command:
+  puppet_noop:
+    exec: 'sudo /opt/puppetlabs/puppet/bin/puppet apply --verbose --detailed-exitcodes --noop /opt/cem_acpt/manifest.pp'
+    timeout: 300000 # 5 mins in miliseconds
+    stdout:
+      - "Applied catalog in"
+    stderr:
+      - ""
+    exit-status:
+      or:
+        - 0
+        - 2

data/lib/terraform/gcp/linux/main.tf

@@ -0,0 +1,191 @@
+terraform {
+  required_providers {
+      google = {
+          source = "hashicorp/google"
+          version = "4.59.0"
+      }
+  }
+}
+
+variable "credentials_file" {
+    type = string
+}
+
+variable "project" {
+    type = string
+}
+
+variable "region" {
+    type = string
+}
+
+variable "zone" {
+    type = string
+}
+
+variable "subnetwork" {
+    type = string
+}
+
+variable "username" {
+    type = string
+}
+
+variable "private_key" {
+    type = string
+    sensitive = true
+}
+
+variable "public_key" {
+    type = string
+}
+
+variable "puppet_module_package" {
+    type = string
+}
+
+variable "node_data" {
+    type = map(object({
+        machine_type = string
+        image = string
+        disk_size = number
+        test_name = string
+        goss_file = string
+        puppet_manifest = string
+        provision_dir_source = string
+        provision_dir_dest = string
+        provision_commands = list(string)
+    }))
+}
+
+provider "google" {
+    credentials = file(var.credentials_file)
+    project = var.project
+    region = var.region
+    zone = var.zone
+}
+
+resource "google_compute_instance" "acpt-test-node" {
+    provider = google
+    for_each = var.node_data
+    name = each.key
+    machine_type = each.value.machine_type
+
+    boot_disk {
+        initialize_params {
+            image = each.value.image
+            size = each.value.disk_size
+            type = "pd-standard"
+        }
+    }
+
+    scheduling {
+        preemptible = true
+        automatic_restart = false
+        provisioning_model = "SPOT"
+        instance_termination_action = "DELETE"
+    }
+
+    network_interface {
+        subnetwork = var.subnetwork
+        access_config {
+            network_tier = "STANDARD"
+        }
+    }
+
+    provisioner "remote-exec" {
+        connection {
+            type = "ssh"
+            user = "${var.username}"
+            timeout = "5m"
+            host = self.network_interface.0.access_config.0.nat_ip
+            private_key = "${file(var.private_key)}"
+            agent = false
+        }
+        inline = [
+            "sudo mkdir -p ${each.value.provision_dir_dest}",
+            "sudo chown -R ${var.username}:${var.username} ${each.value.provision_dir_dest}"
+        ]
+    }
+
+    provisioner "file" {
+        source = "${each.value.provision_dir_source}/"
+        destination = each.value.provision_dir_dest
+        connection {
+            type = "ssh"
+            user = "${var.username}"
+            timeout = "2m"
+            host = self.network_interface.0.access_config.0.nat_ip
+            private_key = "${file(var.private_key)}"
+            agent = false
+        }
+    }
+
+    provisioner "file" {
+        source = var.puppet_module_package
+        destination = "${each.value.provision_dir_dest}/puppet-module.tar.gz"
+        connection {
+            type = "ssh"
+            user = "${var.username}"
+            timeout = "2m"
+            host = self.network_interface.0.access_config.0.nat_ip
+            private_key = "${file(var.private_key)}"
+            agent = false
+        }
+    }
+
+    provisioner "file" {
+        source = each.value.goss_file
+        destination = "${each.value.provision_dir_dest}/goss.yaml"
+        connection {
+            type = "ssh"
+            user = "${var.username}"
+            timeout = "2m"
+            host = self.network_interface.0.access_config.0.nat_ip
+            private_key = "${file(var.private_key)}"
+            agent = false
+        }
+    }
+
+    provisioner "file" {
+        source = each.value.puppet_manifest
+        destination = "${each.value.provision_dir_dest}/manifest.pp"
+        connection {
+            type = "ssh"
+            user = "${var.username}"
+            timeout = "2m"
+            host = self.network_interface.0.access_config.0.nat_ip
+            private_key = "${file(var.private_key)}"
+            agent = false
+        }
+    }
+
+    provisioner "remote-exec" {
+        connection {
+            type = "ssh"
+            user = "${var.username}"
+            timeout = "5m"
+            host = self.network_interface.0.access_config.0.nat_ip
+            private_key = "${file(var.private_key)}"
+            agent = false
+        }
+        inline = each.value.provision_commands
+    }
+
+    metadata = {
+        oslogin = "TRUE"
+        ssh-keys = "${var.username}:${file(var.public_key)}"
+        cem-acpt-test = each.value.test_name
+    }
+
+    tags = [ "cem-acpt-test-node" ]
+}
+
+output "instance_name_ip" {
+    value = {
+        for k, v in google_compute_instance.acpt-test-node : v.name => {
+            ip = v.network_interface.0.access_config.0.nat_ip,
+            test_name = v.metadata.cem-acpt-test,
+        }
+    }
+}