cem_acpt 0.6.5 → 0.7.1

data/lib/cem_acpt/config/cem_acpt.rb

@@ -0,0 +1,90 @@
+# frozen_string_literal: true
+
+require_relative 'base'
+
+module CemAcpt
+  module Config
+    # Holds the configuration for cem_acpt
+    class CemAcpt < Base
+      VALID_KEYS = %i[
+        actions
+        ci_mode
+        config_file
+        image_name_builder
+        log_level
+        log_file
+        log_format
+        module_dir
+        node_data
+        no_destroy_nodes
+        no_ephemeral_ssh_key
+        platform
+        provisioner
+        quiet
+        terraform
+        test_data
+        tests
+        user_config
+        verbose
+      ].freeze
+
+      def valid_keys
+        VALID_KEYS
+      end
+
+      # The default configuration
+      def defaults
+        {
+          actions: {},
+          ci_mode: false,
+          config_file: nil,
+          image_name_builder: {
+            character_substitutions: ['_', '-'],
+            parts: ['cem-acpt', '$image_fam', '$collection', '$firewall'],
+            join_with: '-',
+          },
+          log_level: 'info',
+          log_file: nil,
+          log_format: 'text',
+          module_dir: Dir.pwd,
+          node_data: {},
+          no_ephemeral_ssh_key: false,
+          platform: {
+            name: 'gcp',
+          },
+          quiet: false,
+          test_data: {
+            for_each: {
+              collection: %w[puppet7],
+            },
+            vars: {},
+            name_pattern_vars: %r{^(?<framework>[a-z]+)_(?<image_fam>[a-z0-9-]+)_(?<firewall>[a-z]+)_(?<framework_vars>[-_a-z0-9]+)$},
+            vars_post_processing: {
+              new_vars: [
+                {
+                  name: 'profile',
+                  string_split: {
+                    from: 'framework_vars',
+                    using: '_',
+                    part: 0,
+                  },
+                },
+                {
+                  name: 'level',
+                  string_split: {
+                    from: 'framework_vars',
+                    using: '_',
+                    part: 1,
+                  },
+                },
+              ],
+              delete_vars: %w[framework_vars],
+            },
+          },
+          tests: [],
+          verbose: false,
+        }
+      end
+    end
+  end
+end

data/lib/cem_acpt/config/cem_acpt_image.rb

@@ -0,0 +1,53 @@
+# frozen_string_literal: true
+
+require_relative 'base'
+
+module CemAcpt
+  module Config
+    # Holds the configuration for cem_acpt_image
+    class CemAcptImage < Base
+      VALID_KEYS = %i[
+        ci_mode
+        config_file
+        images
+        log_level
+        log_file
+        log_format
+        no_destroy_nodes
+        no_ephemeral_ssh_key
+        platform
+        provisioner
+        quiet
+        terraform
+        user_config
+        verbose
+      ].freeze
+
+      def valid_keys
+        VALID_KEYS
+      end
+
+      def env_var_prefix
+        'CEM_ACPT_IMAGE'
+      end
+
+      # The default configuration
+      def defaults
+        {
+          ci_mode: false,
+          config_file: nil,
+          images: {},
+          log_level: 'info',
+          log_file: nil,
+          log_format: 'text',
+          no_ephemeral_ssh_key: false,
+          platform: {
+            name: 'gcp',
+          },
+          quiet: false,
+          verbose: false,
+        }
+      end
+    end
+  end
+end

data/lib/cem_acpt/config.rb

@@ -1,381 +1,9 @@
 # frozen_string_literal: true
 
-require 'digest'
-require 'json'
-require 'yaml'
-require_relative 'core_extensions'
-
+# Module contains the CemAcptConfig::Base class which serves as a base class for different configs.
 module CemAcpt
-  using CemAcpt::CoreExtensions::ExtendedHash
-
-  # Holds the configuration for cem_acpt
-  class Config
-    KEYS = %i[
-      actions
-      ci_mode
-      config_file
-      image_name_builder
-      log_level
-      log_file
-      log_format
-      module_dir
-      node_data
-      no_destroy_nodes
-      no_ephemeral_ssh_key
-      platform
-      provisioner
-      quiet
-      terraform
-      test_data
-      tests
-      user_config
-      verbose
-    ].freeze
-
-    attr_reader :config, :env_vars
-
-    def initialize(opts: {}, config_file: nil, load_user_config: true)
-      @load_user_config = load_user_config
-      load(opts: opts, config_file: config_file)
-    end
-
-    # The default configuration
-    def defaults
-      {
-        actions: {},
-        ci_mode: false,
-        config_file: nil,
-        image_name_builder: {
-          character_substitutions: ['_', '-'],
-          parts: ['cem-acpt', '$image_fam', '$collection', '$firewall'],
-          join_with: '-',
-        },
-        log_level: 'info',
-        log_file: nil,
-        log_format: 'text',
-        module_dir: Dir.pwd,
-        node_data: {},
-        no_ephemeral_ssh_key: false,
-        platform: {
-          name: 'gcp',
-        },
-        quiet: false,
-        test_data: {
-          for_each: {
-            collection: %w[puppet7],
-          },
-          vars: {},
-          name_pattern_vars: %r{^(?<framework>[a-z]+)_(?<image_fam>[a-z0-9-]+)_(?<firewall>[a-z]+)_(?<framework_vars>[-_a-z0-9]+)$},
-          vars_post_processing: {
-            new_vars: [
-              {
-                name: 'profile',
-                string_split: {
-                  from: 'framework_vars',
-                  using: '_',
-                  part: 0,
-                },
-              },
-              {
-                name: 'level',
-                string_split: {
-                  from: 'framework_vars',
-                  using: '_',
-                  part: 1,
-                },
-              },
-            ],
-            delete_vars: %w[framework_vars],
-          },
-        },
-        tests: [],
-        verbose: false,
-      }
-    end
-
-    # Load the configuration from the environment variables, config file, and opts
-    # The order of precedence is:
-    #   1. environment variables
-    #   2. user config file (config.yaml in user_config_dir)
-    #   3. specified config file (if it exists)
-    #   4. opts
-    #   5. static options (set in this class)
-    # @param opts [Hash] The options to load
-    # @param config_file [String] The config file to load
-    # @return [self] This object with the config loaded
-    def load(opts: {}, config_file: nil)
-      create_config_dirs!
-      init_config!(opts: opts, config_file: config_file)
-      add_env_vars!(@config)
-      @config.merge!(user_config) if user_config && @load_user_config
-      @config.merge!(config_from_file) if config_from_file
-      @config.merge!(@options) if @options
-      add_static_options!(@config)
-      @config.format! # Symbolize keys of all hashes
-      validate_config!
-      # Freeze the config so it can't be modified
-      # This helps with thread safety and deterministic behavior
-      @config.freeze
-      self
-    end
-    alias to_h config
-
-    def explain
-      explanation = {}
-      %i[defaults env_vars user_config config_from_file options].each do |source|
-        source_vals = send(source).dup
-        next if source_vals.nil? || source_vals.empty?
-
-        # The loop below will overwrite the value of explanation[key] if the same key is found in multiple sources
-        # This is intentional, as the last source to set the value is the one that should be used
-        source_vals.each do |key, value|
-          explanation[key] = source if @config.dget(key.to_s) == value
-        end
-      end
-      explained = explanation.each_with_object([]) do |(key, value), ary|
-        ary << "Key '#{key}' from source '#{value}'"
-      end
-      explained.join("\n")
-    end
-
-    def [](key)
-      if key.is_a?(Symbol)
-        @config[key].dup
-      elsif key.is_a?(String)
-        @config.dget(key).dup
-      else
-        raise ArgumentError, "Invalid key type '#{key.class}'"
-      end
-    end
-
-    def get(dot_key)
-      @config.dget(dot_key).dup
-    end
-    alias dget get
-
-    def has?(dot_key)
-      !!get(dot_key)
-    end
-
-    def empty?
-      @config.empty?
-    end
-
-    def ci_mode?
-      !!get('ci_mode') || !!(ENV['GITHUB_ACTIONS'] || ENV['CI'])
-    end
-    alias ci? ci_mode?
-
-    def debug_mode?
-      get('log_level') == 'debug'
-    end
-    alias debug? debug_mode?
-
-    def verbose_mode?
-      !!get('verbose')
-    end
-    alias verbose? verbose_mode?
-
-    def quiet_mode?
-      !!get('quiet')
-    end
-    alias quiet? quiet_mode?
-
-    def to_yaml
-      @config.to_yaml
-    end
-
-    def to_json(*args)
-      @config.to_json(*args)
-    end
-
-    private
-
-    attr_reader :options
-
-    def user_config_dir
-      @user_config_dir ||= File.join(Dir.home, '.cem_acpt')
-    end
-
-    def user_config_file
-      @user_config_file ||= File.join(user_config_dir, 'config.yaml')
-    end
-
-    def terraform_dir
-      @terraform_dir ||= File.join(user_config_dir, 'terraform')
-    end
-
-    def module_terraform_checksum_file
-      @module_terraform_checksum_file ||= File.join(user_config_dir, 'terraform_checksum.txt')
-    end
-
-    def module_terraform_checksum
-      @module_terraform_checksum ||= new_module_terraform_checksum
-    end
-
-    def valid_env_var?(env_var)
-      env_var.start_with?('CEM_ACPT_') && ENV[env_var]
-    end
-
-    def env_var_to_dot_key(env_var)
-      env_var.sub('CEM_ACPT_', '').gsub(%r{__}, '.').downcase
-    end
-
-    def add_static_options!(config)
-      config.dset('user_config.dir', user_config_dir)
-      config.dset('user_config.file', user_config_file)
-      config.dset('provisioner', 'terraform')
-      config.dset('terraform.dir', terraform_dir)
-      set_third_party_env_vars!(config)
-    end
-
-    # Certain environment variables are used by other tools like GitHub Actions
-    # This method sets the relative config values for those environment variables.
-    # This is the last step in composing the config, so it will override any
-    # values set by the user.
-    def set_third_party_env_vars!(config)
-      if ENV['RUNNER_DEBUG'] == '1'
-        config.dset('log_level', 'debug')
-        config.dset('verbose', true)
-      end
-      if ENV['GITHUB_ACTIONS'] == 'true' || ENV['CI'] == 'true'
-        config.dset('ci_mode', true)
-      end
-    end
-
-    # Used to source the config during loading of config files.
-    # Because config may not be fully loaded yet, this method
-    # checks the options hash first, then the current config,
-    # then the environment variables for the given key
-    # @param key [String] The key to find in dot notation
-    # @return [Any] The value of the key
-    def find_option(key)
-      return @options.dget(key) if @options.dget(key)
-      return @config.dget(key) if @config.dget(key)
-      ENV.each do |k, v|
-        next unless valid_env_var?(k)
-
-        return v if env_var_to_dot_key(k) == key
-      end
-      nil
-    end
-
-    def init_config!(opts: {}, config_file: nil)
-      # Blank out the config
-      @user_config = {}
-      @config_from_file = {}
-      @options = {}
-      @config = defaults.dup
-      # Set the parameterized defaults
-      config_file = ENV['CEM_ACPT_CONFIG_FILE'] if config_file.nil?
-      @config.dset('config_file', config_file) if config_file
-      @options = opts || {}
-    end
-
-    def add_env_vars!(config)
-      @env_vars = {}
-      # First load known environment variables into their respective config keys
-      # Then load any environment variables that start with CEM_ACPT_<known key> into their respective config keys
-      ENV.each do |env_var, value|
-        next unless valid_env_var?(env_var)
-
-        key = env_var_to_dot_key(env_var) # Convert CEM_ACPT_<key> to <dotkey>
-        next unless KEYS.include?(key.split('.').first.to_sym) # Skip if the key is not a known config key
-        @env_vars[key] = value
-        config.dset(key, value)
-      end
-    end
-
-    def user_config
-      return @user_config unless @user_config.nil? || @user_config.empty?
-
-      @user_config = if user_config_file && File.exist?(user_config_file)
-                       load_config_file(user_config_file)
-                     else
-                       {}
-                     end
-
-      @user_config
-    end
-
-    def config_from_file
-      return @config_from_file unless @config_from_file.nil? || @config_from_file.empty?
-
-      conf_file = find_option('config_file')
-      return {} if conf_file.nil? || conf_file.empty?
-
-      unless conf_file
-        warn "Invalid config_file type '#{conf_file.class}'. Must be a String."
-        return {}
-      end
-
-      mod_dir = find_option('module_dir')
-      if mod_dir && File.exist?(File.join(mod_dir, conf_file))
-        @config_from_file = load_config_file(File.join(mod_dir, conf_file))
-      elsif File.exist?(File.expand_path(conf_file))
-        @config_from_file = load_config_file(File.expand_path(conf_file))
-      else
-        err_msg = [
-          "Config file '#{File.expand_path(conf_file)}' does not exist.",
-        ]
-        err_msg << "Config file '#{File.join(mod_dir, conf_file)}' does not exist." if mod_dir
-        raise err_msg.join("\n")
-      end
-
-      @config_from_file
-    end
-
-    def load_config_file(config_file)
-      return {} if config_file.nil? || config_file.empty? || !File.exist?(File.expand_path(config_file))
-
-      loaded = load_yaml(config_file)
-      loaded.format!
-      loaded
-    end
-
-    def load_yaml(config_file)
-      if YAML.respond_to?(:safe_load_file) # Ruby 3.0+
-        YAML.safe_load_file(File.expand_path(config_file), permitted_classes: [Regexp])
-      else
-        YAML.safe_load(File.read(File.expand_path(config_file)), permitted_classes: [Regexp])
-      end
-    end
-
-    def validate_config!
-      @config.each do |key, _value|
-        warn "Unknown config key: #{key}" unless KEYS.include?(key)
-      end
-    end
-
-    def create_config_dirs!
-      FileUtils.mkdir_p(user_config_dir)
-      create_terraform_dir!
-    end
-
-    def create_terraform_dir!
-      raise 'Cannot create terraform dir without a user config dir' unless Dir.exist? user_config_dir
-
-      if File.exist?(module_terraform_checksum_file)
-        checksum = File.read(module_terraform_checksum_file).strip
-        return if checksum == module_terraform_checksum
-      end
-      FileUtils.rm_rf(File.join(user_config_dir, 'terraform'))
-      FileUtils.cp_r(File.expand_path(File.join(__dir__, '..', 'terraform')), user_config_dir)
-      @module_terraform_checksum = new_module_terraform_checksum
-      File.write(module_terraform_checksum_file, module_terraform_checksum)
-    end
-
-    def new_module_terraform_checksum
-      sha256 = Digest::SHA256.new
-      files_and_dirs = Dir.glob(File.join(__dir__, '..', 'terraform', '**', '*'))
-      files_and_dirs.each do |file|
-        sha256 << if File.directory?(file)
-                    File.basename(file)
-                  else
-                    File.read(file)
-                  end
-      end
-      sha256.hexdigest
-    end
+  module Config
+    require_relative 'config/cem_acpt'
+    require_relative 'config/cem_acpt_image'
   end
 end

data/lib/cem_acpt/{core_extensions.rb → core_ext.rb}

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # This module holds extensions and refinements to Ruby and the Ruby stdlib
-module CemAcpt::CoreExtensions
+module CemAcpt::CoreExt
   # Refines the Hash class with some convenience methods.
   # Must call `using CemAcpt::CoreExtensions::HashExtensions`
   # before these methods will be available.
@@ -15,6 +15,8 @@ module CemAcpt::CoreExtensions
         transform_values! do |value|
           if value.is_a?(Hash)
             value.format!
+          elsif value.is_a?(Array)
+            value.map { |v| v.is_a?(Hash) ? v.format! : v }
           else
             value
           end

data/lib/cem_acpt/image_builder/exec.rb

@@ -0,0 +1,60 @@
+# frozen_string_literal: true
+
+require 'json'
+require 'open3'
+require_relative '../logging'
+
+module CemAcpt
+  module ImageBuilder
+    module Exec
+      def self.new_exec(config)
+        executor = config.get('exec') || 'gcloud'
+        case executor
+        when 'gcloud'
+          CemAcpt::ImageBuilder::Exec::Gcloud.new(config)
+        else
+          raise ArgumentError, "Unknown exec #{executor}"
+        end
+      end
+
+      class Gcloud
+        include CemAcpt::Logging
+
+        def initialize(config)
+          @config = config
+          verify_gcloud!
+        end
+
+        # Run a gcloud command
+        # @raise [RuntimeError] if the command fails
+        # @return [Hash] JSON output of the command
+        def run(*command)
+          formatted = format_command(*command)
+          logger.debug('Exec') { "Running command: #{formatted}" }
+          gcloud(formatted)
+        end
+
+        private
+
+        def verify_gcloud!
+          return if system('gcloud --version')
+
+          raise 'gcloud not found in PATH'
+        end
+
+        def format_command(*command)
+          command.unshift('gcloud')
+          command.push('--format=json')
+          command.join(' ')
+        end
+
+        def gcloud(formatted_command)
+          stdout, stderr, status = Open3.capture3(formatted_command)
+          raise "gcloud command failed: #{stderr}" unless status.success?
+
+          JSON.parse(stdout)
+        end
+      end
+    end
+  end
+end

data/lib/cem_acpt/image_builder/provision_commands.rb

@@ -0,0 +1,97 @@
+# frozen_string_literal: true
+
+module CemAcpt
+  module ImageBuilder
+    # Holds methods for determining the provision commands for each supported OS / Puppet version
+    module ProvisionCommands
+      class EnterpriseLinuxFamily
+        def initialize(config, image_name, base_image, os_major_version, puppet_version)
+          @config = config
+          @image_name = image_name
+          @base_image = base_image
+          @os_major_version = os_major_version
+          @puppet_version = puppet_version
+        end
+
+        def default_provision_commands
+          [enable_puppet_repository_command, install_puppet_agent_command]
+        end
+
+        def provision_commands
+          commands_from_config = @config.get("images.#{@image_name}.provision_commands") || []
+          (default_provision_commands + commands_from_config).compact
+        end
+        alias to_a provision_commands
+
+        private
+
+        def package_manager
+          @package_manager ||= @os_major_version.to_i >= 8 ? 'dnf' : 'yum'
+        end
+
+        def package_manager_utils
+          @package_manager_utils ||= @os_major_version.to_i >= 8 ? 'dnf-utils' : 'yum-utils'
+        end
+
+        def upgrade_packages_command
+          "sudo #{package_manager} upgrade -y"
+        end
+
+        def install_package_manager_utils_command
+          "sudo #{package_manager} install -y #{package_manager_utils}"
+        end
+
+        def puppet_platform_repository_url
+          "https://yum.puppet.com/puppet#{@puppet_version}-release-el-#{@os_major_version}.noarch.rpm"
+        end
+
+        def enable_puppet_repository_command
+          "sudo rpm -U #{puppet_platform_repository_url}"
+        end
+
+        def install_puppet_agent_command
+          "sudo #{package_manager} install -y puppet-agent"
+        end
+      end
+
+      class WindowsFamily
+        def initialize(config, image_name, base_image, os_major_version, puppet_version)
+          @config = config
+          @image_name = image_name
+          @base_image = base_image
+          @os_major_version = os_major_version
+          @puppet_version = puppet_version
+        end
+
+        def default_provision_commands
+          []
+        end
+
+        def provision_commands
+          commands_from_config = @config.get("images.#{@image_name}.provision_commands") || []
+          (default_provision_commands + commands_from_config).compact
+        end
+        alias to_a provision_commands
+      end
+
+      class << self
+        # Map of OS to class that holds the provision commands for that OS
+        OS_CLASS_MAP = {
+          'centos' => 'EnterpriseLinuxFamily',
+          'rhel' => 'EnterpriseLinuxFamily',
+          'alma' => 'EnterpriseLinuxFamily',
+          'windows' => 'WindowsFamily',
+        }.freeze
+
+        def provision_commands(config, image_name:, base_image:, os:, os_major_version:, puppet_version:)
+          os_major_version = os_major_version.to_s
+          puppet_version = puppet_version.to_s
+          cmd_klass = OS_CLASS_MAP[os.to_s]
+          raise "Unsupported OS: #{os}" unless cmd_klass
+
+          const_get(cmd_klass).new(config, image_name, base_image, os_major_version, puppet_version).provision_commands
+        end
+      end
+    end
+  end
+end