chef-dk 0.5.0.rc.1 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ba6c0ab110f7a9fdc6434c4999a965e966a6d764
-  data.tar.gz: 1cdc0b41d6847ad1db3f23a83bcc02eaa33f5c1c
+  metadata.gz: f4c7157bf3d3e4ddd0f51f9250986b3bf63acc43
+  data.tar.gz: 02544f6eef80b3a956f1adb70b4804a0ff63e548
 SHA512:
-  metadata.gz: 74ad30f7c8a851fec368a512fb64c352b5bd9e6275598658680394469933a8b9af12fbdeb510f5d04b358ea21ef97ff8afc1b418cf389034944234b6e87fff6c
-  data.tar.gz: a621d898759ebe1527bf1b4c43e7619bbc2c6a4ca001c0fc625aea937c2b9087d55262f15f8a7e19428c2e57cadbcf0f5bd2f2aa1657e15007a4f8fbd5ca46c4
+  metadata.gz: ad02bbd68abf16906f4d04dfcd2514c606783a391d5d782576e5c0493819fad22a59ea0efdde4c96d12761a9db13df49e69bdf18ada982b8dd2d5540c2d45e2d
+  data.tar.gz: bf912bf1c52def5d04f34ab29b7d18ddcf2a689679b067e4c9e70f401e5e01db4814eb24e09b96183dd064e98da580b091b23315eb9bf9bb6747f1eaaa955229

data/README.md

@@ -87,21 +87,6 @@ executables included with a gem you install will be created in
 `chef exec`, or use `chef shell-init` to add ChefDK's paths to your
 environment. Those commands are documented below.
 
-#### `chef verify`
-`chef verify` tests the embedded applications. By default it runs a
-quick "smoke test" to verify that the embedded applications are
-installed correctly and can run basic commands. As an end user this is
-probably all you'll ever need, but `verify` can also optionally run unit
-and integration tests by supplying the `--unit` and `--integration`
-flags, respectively.
-
-*WARNING:* The integration tests will do dangerous things like start
-HTTP servers with access to your filesystem and even create users and
-groups if run with sufficient privileges. The tests may also be
-sensitive to your machine's configuration. If you choose to run these,
-we recommend to only run them on dedicated, isolated hosts (we do this
-in our build cluster to verify each build).
-
 ### `chef exec`
 `chef exec <command>` runs any arbitrary shell command with the PATH
 environment variable and the ruby environment variables (`GEM_HOME`,
@@ -109,9 +94,10 @@ environment variable and the ruby environment variables (`GEM_HOME`,
 
 ### `chef shell-init`
 `chef shell-init SHELL_NAME` emits shell commands that modify your
-environment to make ChefDK your primary ruby. For more information to
-help you decide if this is desirable and instructions, see "Using ChefDK
-as Your Primary Development Environment" below.
+environment to make ChefDK your primary ruby. It supports bash, zsh,
+fish and PowerShell (posh). For more information to help you decide if
+this is desirable and instructions, see "Using ChefDK as Your Primary
+Development Environment" below.
 
 ### `chef install`
 `chef install` reads a `Policyfile.rb` document, which contains a
@@ -122,11 +108,7 @@ run list and locked cookbook set. The `Policyfile.lock.json` can be used
 to install the cookbooks on another machine. The policy lock can be
 uploaded to a Chef Server (via the `chef push` command) to apply the
 expanded run list and locked cookbook set to nodes in your
-infrastructure. The Policyfile feature is currently incomplete and of
-beta quality; changes to the Chef Server APIs will need to be
-implemented before the feature is production-ready. The feature
-currently operates in a compatibility mode. See the POLICYFILE_README.md
-for further details.
+infrastructure. See the POLICYFILE_README.md for further details.
 
 ### `chef push`
 `chef push POLICY_GROUP` uploads a Policyfile.lock.json along with the cookbooks it
@@ -136,6 +118,31 @@ cookbook set. This command operates in compatibility mode and has the
 same caveats as `chef install`. See the POLICYFILE_README.md for further
 details.
 
+### `chef update`
+`chef update` updates a Policyfile.lock.json with the latest cookbooks
+from upstream sources. It supports an `--attributes` flag which will
+cause only attributes from the Policyfile.rb to be updated.
+
+### `chef diff`
+`chef diff` shows an itemized diff between Policyfile locks. It can
+compare Policyfile locks from local disk, git, and/or the Chef Server,
+based on the options given.
+
+#### `chef verify`
+`chef verify` tests the embedded applications. By default it runs a
+quick "smoke test" to verify that the embedded applications are
+installed correctly and can run basic commands. As an end user this is
+probably all you'll ever need, but `verify` can also optionally run unit
+and integration tests by supplying the `--unit` and `--integration`
+flags, respectively.
+
+*WARNING:* The integration tests will do dangerous things like start
+HTTP servers with access to your filesystem and even create users and
+groups if run with sufficient privileges. The tests may also be
+sensitive to your machine's configuration. If you choose to run these,
+we recommend to only run them on dedicated, isolated hosts (we do this
+in our build cluster to verify each build).
+
 ### Using ChefDK as Your Primary Development Environment
 
 By default, ChefDK only adds a few select applications to your `PATH`
@@ -177,6 +184,38 @@ echo 'eval "$(chef shell-init SHELL_NAME)"' >> ~/.YOUR_SHELL_PROFILE
 Where `YOUR_SHELL_PROFILE` is `~/.bash_profile` for most bash users,
 `~/.zshrc` for zsh, and `~/.bashrc` on Ubuntu.
 
+#### Powershell
+
+You can use `chef shell-init` with PowerShell on Windows.
+
+To try it in your current session:
+
+```posh
+chef shell-init powershell | Invoke-Expression
+```
+
+To enable it permanently:
+
+```posh
+"chef shell-init powershell | Invoke-Expression" >> $PROFILE
+```
+
+#### Fish
+
+`chef shell-init` also supports fish.
+
+To try it:
+
+```fish
+eval (chef shell-init fish)
+```
+
+To permanently enable:
+
+```fish
+echo 'eval (chef shell-init SHELL_NAME)' >> ~/.config/fish/config.fish
+```
+
 ## Uninstallation Instructions
 
 ### Mac OS X
@@ -225,7 +264,7 @@ dpkg -P chefdk
 
 [Berkshelf]: http://berkshelf.com "Berkshelf"
 [Chef]: https://www.chef.io "Chef"
-[ChefDK]: https://www.chef.io/downloads/chef-dk "Chef Development Kit"
+[ChefDK]: https://downloads.chef.io/chef-dk "Chef Development Kit"
 [Chef Documentation]: http://docs.chef.io "Chef Documentation"
 [ChefSpec]: http://chefspec.org "ChefSpec"
 [Foodcritic]: http://foodcritic.io "Foodcritic"

data/lib/chef-dk/builtin_commands.rb

@@ -33,6 +33,8 @@ ChefDK.commands do |c|
 
   c.builtin "push", :Push, desc: "Push a local policy lock to a policy group on the server"
 
+  c.builtin "diff", :Diff, desc: "Generate an itemized diff of two Policyfile lock documents"
+
   c.builtin "export", :Export, desc: "Export a policy lock as a Chef Zero code repo"
 
   c.builtin "verify", :Verify, desc: "Test the embedded ChefDK applications"

data/lib/chef-dk/command/diff.rb

@@ -0,0 +1,312 @@
+#
+# Copyright:: Copyright (c) 2015 Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef-dk/command/base'
+require 'chef-dk/ui'
+require 'chef-dk/pager'
+require 'chef-dk/policyfile/differ'
+require 'chef-dk/policyfile/comparison_base'
+require 'chef-dk/policyfile/storage_config'
+require 'chef-dk/configurable'
+require 'chef-dk/authenticated_http'
+
+module ChefDK
+  module Command
+
+    class Diff < Base
+
+      include Configurable
+      include Policyfile::StorageConfigDelegation
+
+      banner(<<-BANNER)
+Usage: chef diff [POLICYFILE] [--head | --git GIT_REF | POLICY_GROUP | POLICY_GROUP...POLICY_GROUP ]
+
+`chef diff` displays an itemized diff comparing two revisions of a
+Policyfile lock.
+
+When the `--git` option is given, `chef diff` either compares a given
+git reference against the current lockfile revision on disk or compares
+between two git references. Examples:
+
+* `chef diff --git HEAD`: compares the current lock with the latest
+  commit on the current branch.
+* `chef diff --git master` compares the current lock with the latest
+  commit to master.
+* `chef diff --git v1.0.0`: compares the current lock with the revision
+  as of the `v1.0.0` tag.
+* `chef diff --git master...dev-branch` compares the Policyfile lock on
+  master with the revision on the `dev-branch` branch.
+* `chef diff --git v1.0.0...master` compares the Policyfile lock at the
+  `v1.0.0` tag with the lastest revision on the master branch.
+
+`chef diff --head` is a shortcut for `chef diff --git HEAD`.
+
+When no git-specific flag is given, `chef diff` either compares the
+current lockfile revision on disk to one on the server or compares two
+lockfiles on the server. Lockfiles on the Chef Server are specified by
+Policy Group. Examples:
+
+* `chef diff staging`: compares the current lock with the one currently
+  assigned to the `staging` Policy Group.
+* `chef diff production...staging` compares the lock currently assigned
+  to the `production` Policy Group to the lock currently assigned to the
+  `staging` Policy Group.
+
+Options:
+BANNER
+
+      option :git,
+        short:       "-g GIT_REF",
+        long:        "--git GIT_REF",
+        description: "Compare local lock against GIT_REF, or between two git commits"
+
+      option :head,
+        long:        "--head",
+        description: "Compare local lock against last git commit",
+        boolean:     true
+
+      option :pager,
+        long:        "--[no-]pager",
+        description: "Enable/disable paged diff ouput (default: enabled)",
+        default:     true,
+        boolean:     true
+
+      option :config_file,
+        short:       "-c CONFIG_FILE",
+        long:        "--config CONFIG_FILE",
+        description: "Path to configuration file"
+
+      option :debug,
+        short:       "-D",
+        long:        "--debug",
+        description: "Enable stacktraces and other debug output",
+        default:     false
+
+      attr_accessor :ui
+
+      attr_reader :old_base
+      attr_reader :new_base
+
+      attr_reader :storage_config
+
+      def initialize(*args)
+        super
+
+        @ui = UI.new
+
+        @old_base = nil
+        @new_base = nil
+        @policyfile_relative_path = nil
+        @storage_config = nil
+        @http_client = nil
+
+        @old_lock = nil
+        @new_lock = nil
+      end
+
+      def run(params = [])
+        return 1 unless apply_params!(params)
+        print_diff
+        0
+      rescue PolicyfileServiceError => e
+        handle_error(e)
+        1
+      end
+
+      def handle_error(error)
+        ui.err("Error: #{error.message}")
+        if error.respond_to?(:reason)
+          ui.err("Reason: #{error.reason}")
+          ui.err("")
+          ui.err(error.extended_error_info) if debug?
+          ui.err(error.cause.backtrace.join("\n")) if debug?
+        end
+      end
+
+      def print_diff
+        # eagerly evaluate locks so we hit any errors before we've entered
+        # pagerland. Also, git commands behave weirdly when run while the pager
+        # is active, doing this eagerly also avoids that issue
+        materialize_locks
+        Pager.new(enable_pager: config[:pager]).with_pager do |pager|
+          differ = differ(pager.ui)
+          differ.run_report
+        end
+      end
+
+      def differ(ui = ui())
+        Policyfile::Differ.new(old_name: old_base.name,
+                               old_lock: old_lock,
+                               new_name: new_base.name,
+                               new_lock: new_lock,
+                               ui: ui)
+      end
+
+      def http_client
+        @http_client ||= ChefDK::AuthenticatedHTTP.new(chef_config.chef_server_url,
+                                                       signing_key_filename: chef_config.client_key,
+                                                       client_name: chef_config.node_name)
+      end
+
+      def old_lock
+        materialize_locks unless @old_lock
+        @old_lock
+      end
+
+      def new_lock
+        materialize_locks unless @new_lock
+        @new_lock
+      end
+
+      def policy_name
+        local_lock["name"]
+      end
+
+      def local_lock
+        @local_lock ||= local_lock_comparison_base.lock
+      end
+
+      # ComparisonBase for the local lockfile. This is used to get the
+      # policy_name which is needed to query the server for the lockfile of a
+      # particular policy_group.
+      def local_lock_comparison_base
+        Policyfile::ComparisonBase::Local.new(policyfile_lock_relpath)
+      end
+
+      def policyfile_lock_relpath
+        storage_config.policyfile_lock_filename
+      end
+
+      def apply_params!(params)
+        remaining_args = parse_options(params)
+
+        if no_comparison_specified?(remaining_args)
+          ui.err("No comparison specified")
+          ui.err("")
+          ui.err(opt_parser)
+          false
+        elsif conflicting_args_and_opts_given?(remaining_args)
+          ui.err("Conflicting arguments and options: git and Policy Group comparisons cannot be mixed")
+          ui.err("")
+          ui.err(opt_parser)
+          false
+        elsif conflicting_git_options_given?
+          ui.err("Conflicting git options: --head and --git are exclusive")
+          ui.err("")
+          ui.err(opt_parser)
+
+          false
+        elsif config[:head]
+          set_policyfile_path_from_args(remaining_args)
+          @old_base = Policyfile::ComparisonBase::Git.new("HEAD", policyfile_lock_relpath)
+          @new_base = Policyfile::ComparisonBase::Local.new(policyfile_lock_relpath)
+          true
+        elsif config[:git]
+          set_policyfile_path_from_args(remaining_args)
+          parse_git_comparison(config[:git])
+        else
+          set_policyfile_path_from_args(remaining_args)
+          parse_server_comparison(remaining_args)
+        end
+      end
+
+      def parse_server_comparison(args)
+        comparison_string = args.last
+        if comparison_string.include?("...")
+          old_pgroup, new_pgroup, *extra = comparison_string.split("...")
+          @old_base, @new_base = [old_pgroup, new_pgroup].map do |g|
+            Policyfile::ComparisonBase::PolicyGroup.new(g, policy_name, http_client)
+          end
+
+          unless extra.empty?
+            ui.err("Unable to parse policy group comparison `#{comparison_string}`. Only 2 references can be specified.")
+            return false
+          end
+        else
+          @old_base = Policyfile::ComparisonBase::PolicyGroup.new(comparison_string, policy_name, http_client)
+          @new_base = Policyfile::ComparisonBase::Local.new(policyfile_lock_relpath)
+        end
+        true
+      end
+
+      def parse_git_comparison(git_ref)
+        if git_ref.include?("...")
+          old_ref, new_ref, *extra = git_ref.split("...")
+          @old_base, @new_base = [old_ref, new_ref].map do |r|
+            Policyfile::ComparisonBase::Git.new(r, policyfile_lock_relpath)
+          end
+
+          unless extra.empty?
+            ui.err("Unable to parse git comparison `#{git_ref}`. Only 2 references can be specified.")
+            return false
+          end
+        else
+          @old_base = Policyfile::ComparisonBase::Git.new(git_ref, policyfile_lock_relpath)
+          @new_base = Policyfile::ComparisonBase::Local.new(policyfile_lock_relpath)
+        end
+        true
+      end
+
+      def no_comparison_specified?(args)
+        !policy_group_comparison?(args) && !config[:head] && !config[:git]
+      end
+
+      def conflicting_args_and_opts_given?(args)
+        (config[:git] || config[:head]) && policy_group_comparison?(args)
+      end
+
+      def conflicting_git_options_given?
+        config[:git] && config[:head]
+      end
+
+      def comparing_policy_groups?
+        !(config[:git] || config[:head])
+      end
+
+      # Try to detect if the only argument given is a policyfile path. This is
+      # necessary because we support an optional argument with the path to the
+      # ruby policyfile. It would be easier if we used an option like `-f`, but
+      # that would be inconsistent with other commands (`chef install`, `chef
+      # push`, etc.).
+      def policy_group_comparison?(args)
+        return false if args.empty?
+        return true if args.size > 1
+        !(args.first =~ /\.rb\Z/)
+      end
+
+      def set_policyfile_path_from_args(args)
+        policyfile_relative_path =
+          if !comparing_policy_groups?
+            args.first || "Policyfile.rb"
+          elsif args.size == 1
+            "Policyfile.rb"
+          else
+            args.first
+          end
+        @storage_config = Policyfile::StorageConfig.new.use_policyfile(policyfile_relative_path)
+      end
+
+      def materialize_locks
+        @old_lock = old_base.lock
+        @new_lock = new_base.lock
+      end
+
+    end
+
+  end
+end
+