chef-core 0.0.1

data/lib/chef_core/log.rb

@@ -0,0 +1,42 @@
+#
+# Copyright:: Copyright (c) 2017 Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require "mixlib/log"
+
+module ChefCore
+  class Log
+    extend Mixlib::Log
+
+    def self.setup(location, log_level)
+      if location.is_a?(String)
+        if location.casecmp("stdout") == 0
+          location = $stdout
+        else
+          location = File.open(location, "w+")
+        end
+      end
+      @location = location
+      init(location)
+      Log.level = log_level
+    end
+
+    def self.location
+      @location
+    end
+
+  end
+end

data/lib/chef_core/target_host/linux.rb

@@ -0,0 +1,63 @@
+
+
+module ChefCore
+  class TargetHost
+    module Linux
+      def omnibus_manifest_path
+        # TODO - if habitat install on target, this won't work
+        # Note that we can't use File::Join, because that will render for the
+        # CURRENT platform - not the platform of the target.
+        "/opt/chef/version-manifest.json"
+      end
+
+      def mkdir(path)
+        run_command!("mkdir -p #{path}")
+      end
+
+      def chown(path, owner)
+        owner ||= user()
+        run_command!("chown #{owner} '#{path}'")
+        nil
+      end
+
+      def make_temp_dir
+        # We will cache this so that we only
+        @tempdir ||= begin
+          res = run_command!("bash -c '#{MKTEMP_COMMAND}'")
+          res.stdout.chomp.strip
+        end
+      end
+
+      def install_package(target_package_path)
+        install_cmd = case File.extname(target_package_path)
+                      when ".rpm"
+                        "rpm -Uvh #{target_package_path}"
+                      when ".deb"
+                        "dpkg -i #{target_package_path}"
+                      end
+        run_command!(install_cmd)
+        nil
+      end
+
+      def del_file(path)
+        run_command!("rm -rf #{path}")
+      end
+
+      def del_dir(path)
+        del_file(path)
+      end
+
+      def ws_cache_path
+        "/var/chef-workstation"
+      end
+
+      # Nothing to escape in a linux-based path
+      def normalize_path(path)
+        path
+      end
+
+      MKTEMP_COMMAND = "d=$(mktemp -d -p${TMPDIR:-/tmp} chef_XXXXXX); echo $d".freeze
+
+    end
+  end
+end

data/lib/chef_core/target_host/windows.rb

@@ -0,0 +1,62 @@
+
+module ChefCore
+  class TargetHost
+    module Windows
+      def omnibus_manifest_path
+        # TODO - use a proper method to query the win installation path -
+        #        currently we're assuming the default, but this can be customized
+        #        at install time.
+        #        A working approach is below - but it runs very slowly (~10s) in testing
+        #        on a virtualbox windows vm:
+        #        (over winrm) Get-WmiObject Win32_Product | Where {$_.Name -match 'Chef Client'}
+        # TODO - if habitat install on target, this won't work
+        "c:\\opscode\\chef\\version-manifest.json"
+      end
+
+      def mkdir(path)
+        run_command!("New-Item -ItemType Directory -Force -Path #{path}")
+      end
+
+      def chown(path, owner)
+        # This implementation left intentionally blank.
+        # To date, we have not needed chown functionality on windows;
+        # when/if that changes we'll need to implement it here.
+        nil
+      end
+
+      def make_temp_dir
+        @tmpdir ||= begin
+          res = run_command!(MKTEMP_COMMAND)
+          res.stdout.chomp.strip
+        end
+      end
+
+      def install_package(target_package_path)
+        # While powershell does not mind the mixed path separators \ and /,
+        # 'cmd.exe' definitely does - so we'll make the path cmd-friendly
+        # before running the command
+        cmd = "cmd /c msiexec /package #{target_package_path.tr("/", "\\")} /quiet"
+        run_command!(cmd)
+        nil
+      end
+
+      def del_file(path)
+        run_command!("If (Test-Path #{path}) { Remove-Item -Force -Path #{path} }")
+      end
+
+      def del_dir(path)
+        run_command!("Remove-Item -Recurse -Force –Path #{path}")
+      end
+
+      def ws_cache_path
+        '#{ENV[\'APPDATA\']}/chef-workstation'
+      end
+
+      MKTEMP_COMMAND = "$parent = [System.IO.Path]::GetTempPath();" +
+        "[string] $name = [System.Guid]::NewGuid();" +
+        "$tmp = New-Item -ItemType Directory -Path " +
+        "(Join-Path $parent $name);" +
+        "$tmp.FullName".freeze
+    end
+  end
+end

data/lib/chef_core/target_host.rb

@@ -0,0 +1,351 @@
+#
+# Copyright:: Copyright (c) 2017-2019 Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require "chef_core/log"
+require "chef_core/error"
+require "train"
+
+module ChefCore
+  class TargetHost
+    attr_reader :config, :reporter, :backend, :transport_type
+    # These values may exist in .ssh/config but will be ignored by train
+    # in favor of its defaults unless we specify them explicitly.
+    # See #apply_ssh_config
+    SSH_CONFIG_OVERRIDE_KEYS = [:user, :port, :proxy].freeze
+
+    # We're borrowing a page from train here - because setting up a
+    # reliable connection for testing is a multi-step process,
+    # we'll provide this method which instantiates a TargetHost connected
+    # to a train mock backend. If the family/name provided resolves to a suported
+    # OS, this instance will mix-in the supporting methods for the given platform;
+    # otherwise those methods will raise NotImplementedError.
+    def self.mock_instance(url, family: "unknown", name: "unknown",
+                                release: "unknown", arch: "x86_64")
+      # Specifying sudo: false ensures that attempted operations
+      # don't fail because the mock platform doesn't support sudo
+      target_host = TargetHost.new(url, { sudo: false })
+
+      # Don't pull in the platform-specific mixins automatically during connect
+      # Otherwise, it will raise since it can't resolve the OS without the mock.
+      target_host.instance_variable_set(:@mocked_connection, true)
+      target_host.connect!
+
+      # We need to provide this mock before invoking mix_in_target_platform,
+      # otherwise it will fail with an unknown OS (since we don't have a real connection).
+      target_host.backend.mock_os(
+        family: family,
+        name: name,
+        release: release,
+        arch: arch
+      )
+
+      # Only mix-in if we can identify the platform.  This
+      # prevents mix_in_target_platform! from raising on unknown platform during
+      # tests that validate unsupported platform behaviors.
+      if target_host.base_os != :other
+        target_host.mix_in_target_platform!
+      end
+
+      target_host
+    end
+
+    def initialize(host_url, opts = {}, logger = nil)
+      @config = connection_config(host_url, opts, logger)
+      @transport_type = Train.validate_backend(@config)
+      apply_ssh_config(@config, opts) if @transport_type == "ssh"
+      @train_connection = Train.create(@transport_type, config)
+    end
+
+    def connection_config(host_url, opts_in, logger)
+      connection_opts = { target: host_url,
+                          sudo: opts_in[:sudo] === false ? false : true,
+                          www_form_encoded_password: true,
+                          key_files: opts_in[:identity_file] || opts_in[:key_files],
+                          non_interactive: true, # Prevent password prompts
+                          connection_retries: 2,
+                          connection_retry_sleep: 1,
+                          logger: opts_in[:logger] || ChefCore::Log }
+
+      target_opts = Train.unpack_target_from_uri(host_url)
+      if opts_in.key?(:ssl) && opts_in[:ssl]
+        connection_opts[:ssl] = opts_in[:ssl]
+        connection_opts[:self_signed] = opts_in[:self_signed] || (opts_in[:ssl_verify] === false ? true : false)
+      end
+
+      target_opts[:host] = host_url if target_opts[:host].nil?
+      target_opts[:backend] = "ssh" if target_opts[:backend].nil?
+      connection_opts = connection_opts.merge(target_opts)
+
+      # From WinRM gem: It is recommended that you :disable_sspi => true if you are using the plaintext or ssl transport.
+      #                 See note here: https://github.com/mwrock/WinRM#example
+      if ["ssl", "plaintext"].include?(target_opts[:winrm_transport])
+        target_opts[:winrm_disable_sspi] = true
+      end
+
+      connection_opts = connection_opts.merge(target_opts)
+
+      # Anything we haven't explicitly set already, pass through to train.
+      Train.options(target_opts[:backend]).keys.each do |key|
+        if opts_in.key?(key) && !connection_opts.key?(key)
+          connection_opts[key] = opts_in[key]
+        end
+      end
+
+      Train.target_config(connection_opts)
+    end
+
+    def apply_ssh_config(config, opts_in)
+      # If we don't provide certain options, they will be defaulted
+      # within train - in the case of ssh, this will prevent the .ssh/config
+      # values from being picked up.
+      # Here we'll modify the returned @config to specify
+      # values that we get out of .ssh/config if present and if they haven't
+      # been explicitly given.
+      host_cfg = ssh_config_for_host(config[:host])
+      SSH_CONFIG_OVERRIDE_KEYS.each do |key|
+        if host_cfg.key?(key) && opts_in[key].nil?
+          config[key] = host_cfg[key]
+        end
+      end
+    end
+
+    # Establish connection to configured target.
+    #
+    def connect!
+      # Keep existing connections
+      return unless @backend.nil?
+      @backend = train_connection.connection
+      @backend.wait_until_ready
+
+      # When the testing function `mock_instance` is used, it will set
+      # this instance variable to false and handle this function call
+      # of mixin functions based on the mocked platform.
+      mix_in_target_platform! unless @mocked_connection
+    rescue Train::UserError => e
+      raise ConnectionFailure.new(e, config)
+    rescue Train::Error => e
+      # These are typically wrapper errors for other problems,
+      # so we'll prefer to use e.cause over e if available.
+      raise ConnectionFailure.new(e.cause || e, config)
+    end
+
+    def mix_in_target_platform!
+      case base_os
+      when :linux
+        require "chef_core/target_host/linux"
+        class << self; include ChefCore::TargetHost::Linux; end
+      when :windows
+        require "chef_core/target_host/windows"
+        class << self; include ChefCore::TargetHost::Windows; end
+      when :other
+        raise ChefCore::TargetHost::UnsupportedTargetOS.new(platform.name)
+      end
+    end
+
+    # Returns the user being used to connect. Defaults to train's default user if not specified
+    def user
+      return config[:user] unless config[:user].nil?
+      require "train/transports/ssh"
+      # TODO - this should use the right transport, not default to SSH
+      Train::Transports::SSH.default_options[:user][:default]
+    end
+
+    def hostname
+      config[:host]
+    end
+
+    def architecture
+      platform.arch
+    end
+
+    def version
+      platform.release
+    end
+
+    def base_os
+      if platform.windows?
+        :windows
+      elsif platform.linux?
+        :linux
+      else
+        :other
+      end
+    end
+
+    # TODO 2019-01-29  not expose this, it's internal implemenation. Same with #backend.
+    def platform
+      backend.platform
+    end
+
+    def run_command!(command, &data_handler)
+      result = run_command(command, &data_handler)
+      if result.exit_status != 0
+        raise RemoteExecutionFailed.new(@config[:host], command, result)
+      end
+      result
+    end
+
+    def run_command(command, &data_handler)
+      backend.run_command command, &data_handler
+    end
+
+    # TODO spec
+    def save_as_remote_file(content, remote_path)
+       t = Tempfile.new("chef-content")
+       t << content
+       t.close
+       upload_file(t.path, remote_path)
+    ensure
+        t.close
+        t.unlink
+    end
+
+    def upload_file(local_path, remote_path)
+      backend.upload(local_path, remote_path)
+    end
+
+    # Retrieve the contents of a remote file. Returns nil
+    # if the file didn't exist or couldn't be read.
+    def fetch_file_contents(remote_path)
+      result = backend.file(remote_path)
+      if result.exist? && result.file?
+        result.content
+      else
+        nil
+      end
+    end
+
+    # Returns the installed chef version as a Gem::Version,
+    # or raised ChefNotInstalled if chef client version manifest can't
+    # be found.
+    def installed_chef_version
+      return @installed_chef_version if @installed_chef_version
+      # Note: In the case of a very old version of chef (that has no manifest - pre 12.0?)
+      #       this will report as not installed.
+      manifest = read_chef_version_manifest()
+
+      # We split the version here because  unstable builds install from)
+      # are in the form "Major.Minor.Build+HASH" which is not a valid
+      # version string.
+      @installed_chef_version = Gem::Version.new(manifest["build_version"].split("+")[0])
+    end
+
+    def read_chef_version_manifest
+      manifest = fetch_file_contents(omnibus_manifest_path)
+      raise ChefNotInstalled.new if manifest.nil?
+      JSON.parse(manifest)
+    end
+
+    # Creates and caches location of temporary directory on the remote host
+    # using platform-specific implementations of make_temp_dir
+    # This will also set ownership to the connecting user instead of default of
+    # root when sudo'd, so that the dir can be used to upload files using scp
+    # as the connecting user.
+    #
+    # The base temp dir is cached and will only be created once per connection lifetime.
+    def temp_dir
+      dir = make_temp_dir()
+      chown(dir, user)
+      dir
+    end
+
+    # create a directory.  because we run all commands as root, this will also set group:owner
+    # to the connecting user if host isn't windows so that scp -- which uses the connecting user --
+    # will have permissions to upload into it.
+    def make_directory(path)
+      mkdir(path)
+      chown(path, user)
+      path
+    end
+
+    # normalizes path across OS's
+    def normalize_path(p) # NOTE BOOTSTRAP: was action::base::escape_windows_path
+      p.tr("\\", "/")
+    end
+
+    # Simplified chown - just sets user, defaults to connection user. Does not touch
+    # group.  Only has effect on non-windows targets
+    def chown(path, owner); raise NotImplementedError; end
+
+    # Platform-specific installation of packages
+    def install_package(target_package_path); raise NotImplementedError; end
+
+    def ws_cache_path; raise NotImplementedError; end
+
+    # Recursively delete directory
+    def del_dir(path); raise NotImplementedError; end
+
+    def del_file(path); raise NotImplementedError; end
+
+    def omnibus_manifest_path(); raise NotImplementedError; end
+
+    private
+
+    def train_connection
+      @train_connection
+    end
+
+    def ssh_config_for_host(host)
+      require "net/ssh"
+      Net::SSH::Config.for(host)
+    end
+
+    class RemoteExecutionFailed < ChefCore::Error
+      attr_reader :stdout, :stderr
+      def initialize(host, command, result)
+        super("CHEFRMT001",
+              command,
+              result.exit_status,
+              host,
+              result.stderr.empty? ? result.stdout : result.stderr)
+      end
+    end
+
+    class ConnectionFailure < ChefCore::Error
+      # TODO: Currently this only handles sudo-related errors;
+      # we should also look at e.cause for underlying connection errors
+      # which are presently only visible in log files.
+      def initialize(original_exception, connection_opts)
+        init_params =
+          #  Comments below show the original_exception.reason values to check for instead of strings,
+          #  after train 1.4.12 is consumable.
+          case original_exception.message # original_exception.reason
+          when /Sudo requires a password/ # :sudo_password_required
+            "CHEFTRN003"
+          when /Wrong sudo password/ #:bad_sudo_password
+            "CHEFTRN004"
+          when /Can't find sudo command/, /No such file/, /command not found/ # :sudo_command_not_found
+            # NOTE: In the /No such file/ case, reason will be nil - we still have
+            # to check message text. (Or PR to train to handle this case)
+            sudo_command = connection_opts[:sudo_command]
+            ["CHEFTRN005", sudo_command] # :sudo_command_not_found
+          when /Sudo requires a TTY.*/   # :sudo_no_tty
+            "CHEFTRN006"
+          when /has no keys added/
+            "CHEFTRN007"
+          else
+            ["CHEFTRN999", original_exception.message]
+          end
+        super(*(Array(init_params).flatten))
+      end
+    end
+    class ChefNotInstalled < StandardError; end
+    class UnsupportedTargetOS < ChefCore::Error
+      def initialize(os_name); super("CHEFTARG001", os_name); end
+    end
+  end
+end