chef-dk 0.5.1 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 67e3d7e8d8c597e81964b15ae422a88eb0932d6f
-  data.tar.gz: 304cb60cbec0463d2871ef35b6459fd6847d83ee
+  metadata.gz: c6b56f8142a1f44e274b102d857a291813f4808b
+  data.tar.gz: 64405a6fee63415614dc9d98073866d0c89d849f
 SHA512:
-  metadata.gz: 4ea74018cf4e8a23c0bebd202878c760ac9dd4f45051de067e5f349951ab68bf1f27443eb0e81953f43d942f72c57565471719fab8c85f53bf83dea65459adb9
-  data.tar.gz: 5de85053352e6003cac0101ff2648f86b4a32715a2a9539b30be7f7ac1a97786d513e7676820ba37023df9a85cfcc70373419e25d1b33efe4418d2c7da42904d
+  metadata.gz: 5dd5c2a1d046ef6252b2115b2c2db68365a55d047563ef1269c5bcab7be6c514bb5a8183fe6147e935dfac529e4f548271c32fab91cfc26fb4b3ab19a37f5b3c
+  data.tar.gz: 63805b53f8a1f61ea924c4960d81f4c770e0d86093b0b50313e20dbd1b589b6d97130b6d0589d1e36440e05d6a52485f6ad646b68c30c2316f40850efda4e12a

data/lib/chef-dk/builtin_commands.rb

@@ -35,6 +35,8 @@ ChefDK.commands do |c|
 
   c.builtin "diff", :Diff, desc: "Generate an itemized diff of two Policyfile lock documents"
 
+  c.builtin "provision", :Provision, desc: "Provision VMs and clusters via cookbook"
+
   c.builtin "export", :Export, desc: "Export a policy lock as a Chef Zero code repo"
 
   c.builtin "verify", :Verify, desc: "Test the embedded ChefDK applications"

data/lib/chef-dk/chef_runner.rb

@@ -16,6 +16,7 @@
 #
 
 require 'chef-dk/exceptions'
+require 'chef-dk/service_exceptions'
 require 'chef'
 
 module ChefDK
@@ -58,7 +59,10 @@ module ChefDK
     end
 
     def formatter
-      @formatter ||= Chef::Formatters.new(:doc, stdout, stderr)
+      @formatter ||=
+        Chef::EventDispatch::Dispatcher.new.tap do |d|
+          d.register(Chef::Formatters.new(:doc, stdout, stderr))
+        end
     end
 
     def configure

data/lib/chef-dk/command/provision.rb

@@ -0,0 +1,399 @@
+#
+# Copyright:: Copyright (c) 2014 Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef-dk/command/base'
+require 'chef-dk/configurable'
+require 'chef-dk/chef_runner'
+require 'chef-dk/policyfile_services/push'
+
+require 'chef/provisioning'
+
+module ChefDK
+
+  module ProvisioningData
+
+    def self.reset
+      @context = nil
+    end
+
+    def self.context
+      @context ||= Context.new
+    end
+
+    class Context
+
+      attr_accessor :action
+
+      attr_accessor :node_name
+
+      attr_accessor :enable_policyfile
+
+      attr_accessor :policy_group
+
+      attr_accessor :policy_name
+
+      attr_accessor :extra_chef_config
+
+      def initialize
+        @extra_chef_config = ""
+      end
+
+      def convergence_options
+        {
+          chef_server: Chef::Config.chef_server_url,
+          chef_config: chef_config
+        }
+      end
+
+      def chef_config
+        config=<<-CONFIG
+# SSL Settings:
+ssl_verify_mode #{Chef::Config.ssl_verify_mode.inspect}
+
+CONFIG
+        if enable_policyfile
+          policyfile_config=<<-CONFIG
+# Policyfile Settings:
+use_policyfile true
+policy_document_native_api true
+
+policy_group "#{policy_group}"
+policy_name "#{policy_name}"
+
+CONFIG
+          config << policyfile_config
+        end
+
+        config << extra_chef_config.to_s
+        config
+      end
+
+    end
+  end
+
+  module Command
+
+    class Provision < Base
+
+      banner(<<-E)
+Usage: chef provision POLICY_GROUP --policy-name POLICY_NAME [options]
+       chef provision POLICY_GROUP --sync [POLICYFILE_PATH] [options]
+       chef provision --no-policy [options]
+
+`chef provision` invokes an embedded chef-client run to provision machines
+using Chef Provisioning. If not otherwise specified, `chef provision` will
+expect to find a cookbook named 'provision' in the current working directory.
+It runs a recipe in this cookbook which should use Chef Provisioning to create
+one or more machines (or other infrastructure).
+
+`chef provision` provides three forms of operation:
+
+### chef provision POLICY_GROUP --policy-name POLICY_NAME
+
+In the first form of the command, `chef provision` creates machines that will
+operate in policyfile mode. The chef configuration passed to the cookbook will
+set the policy group and policy name as given.
+
+### chef provision POLICY_GROUP --sync [POLICYFILE_PATH] [options]
+
+In the second form of the command, `chef provision` create machines that will
+operate in policyfile mode and syncronizes a local policyfile to the server
+before converging the machine(s) defined in the provision cookbook.
+
+### chef provision --no-policy [options]
+
+In the third form of the command, `chef provision` expects to create machines
+that will not operate in policyfile mode.
+
+Note that this command is considered beta. Behavior, the APIs that pass CLI
+data to chef-client, and argument names may change as more experience is gained
+from real-world usage.
+
+Chef Provisioning is documented at https://docs.chef.io/provisioning.html
+
+Options:
+
+E
+      include Configurable
+
+      option :config_file,
+        short:        "-c CONFIG_FILE",
+        long:         "--config CONFIG_FILE",
+        description:  "Path to configuration file"
+
+      option :policy_name,
+        short:        "-p POLICY_NAME",
+        long:         "--policy-name POLICY_NAME",
+        description:  "Set the default policy name for provisioned machines"
+
+      option :sync,
+        short:        "-s [POLICYFILE_PATH]",
+        long:         "--sync [POLICYFILE_PATH]",
+        description:  "Push policyfile to the server before converging node(s)"
+
+      option :enable_policyfile,
+        long:         "--[no-]policy",
+        description:  "Enable/disable policyfile integration (defaults to enabled, use --no-policy to disable)",
+        default:      true
+
+      option :destroy,
+        short:        "-d",
+        long:         "--destroy",
+        description:  "Set default machine action to :destroy",
+        default:      false,
+        boolean:      true
+
+      option :machine_recipe,
+        short:        "-r RECIPE",
+        long:         "--recipe RECIPE",
+        description:  "Machine recipe to use",
+        default:      "default"
+
+      option :cookbook,
+        long:         "--cookbook COOKBOOK_PATH",
+        description:  "Path to your provisioning cookbook",
+        default:      "./provision"
+
+      option :node_name,
+        short:        "-n NODE_NAME",
+        long:         "--node-name NODE_NAME",
+        description:  "Set default node name (may be overriden by provisioning cookbook)"
+
+      option :debug,
+        short:       "-D",
+        long:        "--debug",
+        description: "Enable stacktraces and other debug output",
+        default:     false
+
+
+      attr_reader :params
+      attr_reader :policyfile_relative_path
+      attr_reader :policy_group
+
+      attr_accessor :ui
+
+      def initialize(*args)
+        super
+
+        @ui = UI.new
+
+        @policyfile_relative_path = nil
+        @policy_group = nil
+
+        @provisioning_cookbook_path = nil
+        @provisioning_cookbook_name = nil
+      end
+
+      def run(params = [])
+        return 1 unless apply_params!(params)
+        chef_config # force chef config to load
+        return 1 unless check_cookbook_and_recipe_path
+
+        push.run if sync_policy?
+
+        setup_context
+
+        chef_runner.converge
+        0
+      rescue ChefRunnerError, PolicyfileServiceError => e
+        handle_error(e)
+        1
+        # Chef Provisioning doesn't fail gracefully when a driver is missing:
+        # https://github.com/chef/chef-provisioning/issues/338
+      rescue StandardError, LoadError => error
+        ui.err("Error: #{error.message}")
+        1
+      end
+
+      # An instance of ChefRunner. Calling ChefRunner#converge will trigger
+      # convergence and generate the desired code.
+      def chef_runner
+        @chef_runner ||= ChefRunner.new(provisioning_cookbook_path, ["recipe[#{provisioning_cookbook_name}::#{recipe}]"])
+      end
+
+      def push
+        @push ||= PolicyfileServices::Push.new(policyfile: policyfile_relative_path,
+                                               ui: ui,
+                                               policy_group: policy_group,
+                                               config: chef_config,
+                                               root_dir: Dir.pwd)
+      end
+
+      def setup_context
+        ProvisioningData.context.tap do |c|
+
+          c.action = default_action
+          c.node_name = node_name
+
+          c.enable_policyfile = enable_policyfile?
+
+          if enable_policyfile?
+            c.policy_group = policy_group
+            c.policy_name = policy_name
+          end
+
+        end
+      end
+
+      def policy_name
+        if sync_policy?
+          push.policy_data["name"]
+        else
+          config[:policy_name]
+        end
+      end
+
+      def default_action
+        if config[:destroy]
+          :destroy
+        else
+          :converge
+        end
+      end
+
+      def node_name
+        config[:node_name]
+      end
+
+      def recipe
+        config[:machine_recipe]
+      end
+
+      # Gives the `cookbook_path` in the chef-client sense, which is the
+      # directory that contains the provisioning cookbook.
+      def provisioning_cookbook_path
+        detect_provisioning_cookbook_name_and_path! unless @provisioning_cookbook_path
+        @provisioning_cookbook_path
+      end
+
+      # The name of the provisioning cookbook
+      def provisioning_cookbook_name
+        detect_provisioning_cookbook_name_and_path! unless @provisioning_cookbook_name
+        @provisioning_cookbook_name
+      end
+
+      def cookbook_path
+        config[:cookbook]
+      end
+
+      def enable_policyfile?
+        config[:enable_policyfile]
+      end
+
+      def apply_params!(params)
+        remaining_args = parse_options(params)
+        if enable_policyfile?
+          handle_policy_argv(remaining_args)
+        else
+          handle_no_policy_argv(remaining_args)
+        end
+      end
+
+      def debug?
+        !!config[:debug]
+      end
+
+      def sync_policy?
+        config.key?(:sync)
+      end
+
+      private
+
+      def detect_provisioning_cookbook_name_and_path!
+        given_path = File.expand_path(cookbook_path, Dir.pwd)
+        @provisioning_cookbook_name = File.basename(given_path)
+        @provisioning_cookbook_path = File.dirname(given_path)
+      end
+
+      def check_cookbook_and_recipe_path
+        if !File.exist?(cookbook_expanded_path)
+          ui.err("ERROR: Provisioning cookbook not found at path #{cookbook_expanded_path}")
+          false
+        elsif !File.exist?(provisioning_recipe_path)
+          ui.err("ERROR: Provisioning recipe not found at path #{provisioning_recipe_path}")
+          false
+        else
+          true
+        end
+      end
+
+      def provisioning_recipe_path
+        File.join(cookbook_expanded_path, 'recipes', "#{recipe}.rb")
+      end
+
+      def cookbook_expanded_path
+        File.join(chef_runner.cookbook_path, provisioning_cookbook_name)
+      end
+
+      def handle_no_policy_argv(remaining_args)
+        if remaining_args.empty?
+          true
+        else
+          ui.err("The --no-policy flag cannot be combined with policyfile arguments")
+          ui.err("")
+          ui.err(opt_parser)
+          return false
+        end
+      end
+
+      def handle_policy_argv(remaining_args)
+        if remaining_args.size > 1
+          ui.err("Too many arguments")
+          ui.err("")
+          ui.err(opt_parser)
+          false
+        elsif remaining_args.size < 1
+          ui.err("You must specify a POLICY_GROUP or disable policyfiles with --no-policy")
+          ui.err("")
+          ui.err(opt_parser)
+          false
+        elsif !sync_policy? && config[:policy_name].nil?
+          ui.err("You must pass either --sync or --policy-name to provision machines in policyfile mode")
+          ui.err("")
+          ui.err(opt_parser)
+          false
+        elsif sync_policy? && config[:policy_name]
+          ui.err("The --policy-name and --sync arguments cannot be combined")
+          ui.err("")
+          ui.err(opt_parser)
+          false
+        elsif sync_policy?
+          @policy_group = remaining_args[0]
+          @policyfile_relative_path = config[:sync]
+          true
+        elsif config[:policy_name]
+          @policy_group = remaining_args[0]
+          true
+        else
+          raise BUG, "Cannot properly parse input argv '#{ARGV.inspect}'"
+        end
+      end
+
+      def handle_error(error)
+        ui.err("Error: #{error.message}")
+        if error.respond_to?(:reason)
+          ui.err("Reason: #{error.reason}")
+          ui.err("")
+          ui.err(error.extended_error_info) if debug?
+          ui.err(error.cause.backtrace.join("\n")) if debug?
+        end
+      end
+
+    end
+  end
+end
+

data/lib/chef-dk/cookbook_profiler/git.rb

@@ -27,6 +27,8 @@ module ChefDK
 
       def initialize(cookbook_path)
         @cookbook_path = cookbook_path
+        @unborn_branch = nil
+        @unborn_branch_ref = nil
       end
 
       def profile_data
@@ -46,6 +48,15 @@ module ChefDK
 
       def revision
         git!("rev-parse HEAD").stdout.strip
+      rescue Mixlib::ShellOut::ShellCommandFailed => e
+        # We may have an "unborn" branch, i.e. one with no commits.
+        if unborn_branch_ref
+          nil
+        else
+          # if we got here, but verify_ref_cmd didn't error, we don't know why
+          # the original git command failed, so re-raise.
+          raise e
+        end
       end
 
       def clean?
@@ -58,6 +69,15 @@ module ChefDK
 
       def synchronized_remotes
         @synchronized_remotes ||= git!("branch -r --contains #{revision}").stdout.lines.map(&:strip)
+      rescue Mixlib::ShellOut::ShellCommandFailed => e
+        # We may have an "unborn" branch, i.e. one with no commits.
+        if unborn_branch_ref
+          []
+        else
+          # if we got here, but verify_ref_cmd didn't error, we don't know why
+          # the original git command failed, so re-raise.
+          raise e
+        end
       end
 
       def remote
@@ -78,18 +98,54 @@ module ChefDK
       end
 
       def current_branch
-        @current_branch ||= git!('rev-parse --abbrev-ref HEAD').stdout.strip
+        @current_branch ||= detect_current_branch
       end
 
       private
 
       def git!(subcommand, options={})
-        options = { cwd: cookbook_path }.merge(options)
-        cmd = system_command("git #{subcommand}", options)
+        cmd = git(subcommand, options)
         cmd.error!
         cmd
       end
 
+      def git(subcommand, options={})
+        options = { cwd: cookbook_path }.merge(options)
+        system_command("git #{subcommand}", options)
+      end
+
+      def detect_current_branch
+        branch = git!('rev-parse --abbrev-ref HEAD').stdout.strip
+        @unborn_branch = false
+        branch
+      rescue Mixlib::ShellOut::ShellCommandFailed => e
+        # We may have an "unborn" branch, i.e. one with no commits.
+        if unborn_branch_ref
+          unborn_branch_ref
+        else
+          # if we got here, but verify_ref_cmd didn't error, we don't know why
+          # the original git command failed, so re-raise.
+          raise e
+        end
+      end
+
+      def unborn_branch_ref
+        @unborn_branch_ref ||=
+          begin
+            strict_branch_ref = git!("symbolic-ref -q HEAD").stdout.strip
+            verify_ref_cmd = git("show-ref --verify #{strict_branch_ref}")
+            if verify_ref_cmd.error?
+              @unborn_branch = true
+              strict_branch_ref
+            else
+              # if we got here, but verify_ref_cmd didn't error, then `git
+              # rev-parse` is probably failing for a reason we haven't anticipated.
+              # Calling code should detect this and re-raise.
+              nil
+            end
+          end
+      end
+
     end
   end
 end