chef-metal-fog 0.4 → 0.5.beta
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/lib/chef/provider/fog_key_pair.rb +45 -21
- data/lib/chef/resource/fog_key_pair.rb +2 -7
- data/lib/chef_metal/driver_init/fog.rb +3 -0
- data/lib/chef_metal_fog/aws_credentials.rb +65 -0
- data/lib/chef_metal_fog/fog_driver.rb +622 -0
- data/lib/chef_metal_fog/fog_driver_aws.rb +133 -0
- data/lib/chef_metal_fog/recipe_dsl.rb +23 -0
- data/lib/chef_metal_fog/version.rb +1 -1
- data/lib/chef_metal_fog.rb +2 -19
- metadata +11 -8
- data/lib/chef_metal/provisioner_init/fog_init.rb +0 -4
- data/lib/chef_metal_fog/fog_provisioner.rb +0 -558
@@ -0,0 +1,133 @@
|
|
1
|
+
require 'chef_metal_fog/aws_credentials'
|
2
|
+
require 'chef/log'
|
3
|
+
require 'fog/aws'
|
4
|
+
|
5
|
+
module ChefMetalFog
|
6
|
+
module FogDriverAWS
|
7
|
+
def self.get_aws_profile(driver_options, compute_options, aws_account_id)
|
8
|
+
aws_credentials = get_aws_credentials(driver_options)
|
9
|
+
|
10
|
+
# Grab the given profile
|
11
|
+
aws_access_key_id = compute_options[:aws_access_key_id] || ENV['AWS_ACCESS_KEY_ID']
|
12
|
+
if aws_access_key_id
|
13
|
+
aws_profile = aws_credentials.select { |profile| profile[:aws_access_key_id] == aws_access_key_id }.first
|
14
|
+
if !aws_profile
|
15
|
+
aws_profile = {
|
16
|
+
:aws_access_key_id => aws_access_key_id,
|
17
|
+
:aws_secret_access_key => compute_options[:aws_secret_access_key] || ENV['AWS_SECRET_ACCESS_KEY'],
|
18
|
+
:aws_security_token => compute_options[:aws_security_token] || ENV['AWS_SECURITY_TOKEN']
|
19
|
+
}
|
20
|
+
end
|
21
|
+
Chef::Log.debug("Using AWS profile #{aws_profile[:name]}")
|
22
|
+
elsif driver_options[:aws_profile]
|
23
|
+
aws_profile = aws_credentials[driver_options[:aws_profile]]
|
24
|
+
if !aws_profile
|
25
|
+
raise "AWS profile #{driver_options[:aws_profile]} does not exist! Perhaps your configuration is incorrect?"
|
26
|
+
end
|
27
|
+
Chef::Log.info("Using AWS profile #{driver_options[:aws_profile]} ...")
|
28
|
+
else
|
29
|
+
aws_profile = aws_credentials.default
|
30
|
+
Chef::Log.info("Using default AWS profile ...")
|
31
|
+
end
|
32
|
+
|
33
|
+
# Merge in account info
|
34
|
+
if aws_profile
|
35
|
+
aws_profile = aws_profile.merge(aws_account_info_for(aws_profile))
|
36
|
+
end
|
37
|
+
|
38
|
+
# If no profile is found (or the profile is not the right account), search
|
39
|
+
# for a profile that matches the given account ID
|
40
|
+
if aws_account_id && (!aws_profile || aws_profile[:aws_account_id] != aws_account_id)
|
41
|
+
aws_profile = find_aws_profile_for_account_id(aws_credentials, aws_account_id)
|
42
|
+
end
|
43
|
+
|
44
|
+
if !aws_profile
|
45
|
+
raise "No AWS profile specified! Are you missing something in the Chef config or ~/.aws/config?"
|
46
|
+
end
|
47
|
+
|
48
|
+
# Set region
|
49
|
+
region = compute_options[:region] || ENV['AWS_DEFAULT_REGION']
|
50
|
+
aws_profile[:region] = region if region
|
51
|
+
aws_profile.delete_if { |key, value| value.nil? }
|
52
|
+
aws_profile
|
53
|
+
end
|
54
|
+
|
55
|
+
def self.find_aws_profile_for_account_id(aws_credentials, aws_account_id)
|
56
|
+
aws_profile = nil
|
57
|
+
aws_credentials.each do |profile_name, profile|
|
58
|
+
begin
|
59
|
+
aws_account_info = aws_account_info_for(profile)
|
60
|
+
rescue
|
61
|
+
Chef::Log.warn("Could not connect to AWS profile #{aws_credentials[:name]}: #{$!}")
|
62
|
+
Chef::Log.debug($!.backtrace.join("\n"))
|
63
|
+
next
|
64
|
+
end
|
65
|
+
if aws_account_info[:aws_account_id] == aws_account_id
|
66
|
+
aws_profile = profile
|
67
|
+
aws_profile[:name] = profile_name
|
68
|
+
aws_profile = aws_profile.merge(aws_account_info)
|
69
|
+
break
|
70
|
+
end
|
71
|
+
end
|
72
|
+
if aws_profile
|
73
|
+
Chef::Log.info("Discovered AWS profile #{aws_profile[:name]} pointing at account #{aws_account_id}. Using ...")
|
74
|
+
else
|
75
|
+
raise "No AWS profile leads to account ##{aws_account_id}. Do you need to add profiles to ~/.aws/config?"
|
76
|
+
end
|
77
|
+
aws_profile
|
78
|
+
end
|
79
|
+
|
80
|
+
def self.aws_account_info_for(aws_profile)
|
81
|
+
@@aws_account_info ||= {}
|
82
|
+
@@aws_account_info[aws_profile[:aws_access_key_id]] ||= begin
|
83
|
+
options = {
|
84
|
+
:aws_access_key_id => aws_profile[:aws_access_key_id],
|
85
|
+
:aws_secret_access_key => aws_profile[:aws_secret_access_key],
|
86
|
+
:aws_session_token => aws_profile[:aws_security_token]
|
87
|
+
}
|
88
|
+
options.delete_if { |key, value| value.nil? }
|
89
|
+
|
90
|
+
iam = Fog::AWS::IAM.new(options)
|
91
|
+
arn = begin
|
92
|
+
# TODO it would be nice if Fog let you do this normally ...
|
93
|
+
iam.send(:request, {
|
94
|
+
'Action' => 'GetUser',
|
95
|
+
:parser => Fog::Parsers::AWS::IAM::GetUser.new
|
96
|
+
}).body['User']['Arn']
|
97
|
+
rescue Fog::AWS::IAM::Error
|
98
|
+
# TODO Someone tell me there is a better way to find out your current
|
99
|
+
# user ID than this! This is what happens when you use an IAM user
|
100
|
+
# with default privileges.
|
101
|
+
if $!.message =~ /AccessDenied.+(arn:aws:iam::\d+:\S+)/
|
102
|
+
arn = $1
|
103
|
+
else
|
104
|
+
raise
|
105
|
+
end
|
106
|
+
end
|
107
|
+
arn_split = arn.split(':', 6)
|
108
|
+
{
|
109
|
+
:aws_account_id => arn_split[4],
|
110
|
+
:aws_username => arn_split[5],
|
111
|
+
:aws_user_arn => arn
|
112
|
+
}
|
113
|
+
end
|
114
|
+
end
|
115
|
+
|
116
|
+
def self.get_aws_credentials(driver_options)
|
117
|
+
# Grab the list of possible credentials
|
118
|
+
if driver_options[:aws_credentials]
|
119
|
+
aws_credentials = driver_options[:aws_credentials]
|
120
|
+
else
|
121
|
+
aws_credentials = AWSCredentials.new
|
122
|
+
if driver_options[:aws_config_file]
|
123
|
+
aws_credentials.load_ini(driver_options.delete(:aws_config_file))
|
124
|
+
elsif driver_options[:aws_csv_file]
|
125
|
+
aws_credentials.load_csv(driver_options.delete(:aws_csv_file))
|
126
|
+
else
|
127
|
+
aws_credentials.load_default
|
128
|
+
end
|
129
|
+
end
|
130
|
+
aws_credentials
|
131
|
+
end
|
132
|
+
end
|
133
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
require 'chef_metal_fog/fog_driver'
|
2
|
+
require 'chef/resource/fog_key_pair'
|
3
|
+
require 'chef/provider/fog_key_pair'
|
4
|
+
|
5
|
+
class Chef
|
6
|
+
module DSL
|
7
|
+
module Recipe
|
8
|
+
def with_fog_driver(provider, driver_options = nil, &block)
|
9
|
+
config = Cheffish::MergedConfig.new({ :driver_options => driver_options }, run_context.config)
|
10
|
+
driver = ChefMetalFog::FogDriver.from_provider(provider, config)
|
11
|
+
run_context.chef_metal.with_driver(driver, &block)
|
12
|
+
end
|
13
|
+
|
14
|
+
def with_fog_ec2_driver(driver_options = nil, &block)
|
15
|
+
with_fog_driver('AWS', driver_options, &block)
|
16
|
+
end
|
17
|
+
|
18
|
+
def with_fog_openstack_driver(driver_options = nil, &block)
|
19
|
+
with_fog_driver('OpenStack', driver_options, &block)
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
data/lib/chef_metal_fog.rb
CHANGED
@@ -1,20 +1,3 @@
|
|
1
1
|
require 'chef_metal'
|
2
|
-
require '
|
3
|
-
require '
|
4
|
-
require 'chef_metal_fog/fog_provisioner'
|
5
|
-
|
6
|
-
class Chef
|
7
|
-
class Recipe
|
8
|
-
def with_fog_provisioner(options = {}, &block)
|
9
|
-
run_context.chef_metal.with_provisioner(ChefMetalFog::FogProvisioner.new(options), &block)
|
10
|
-
end
|
11
|
-
|
12
|
-
def with_fog_ec2_provisioner(options = {}, &block)
|
13
|
-
with_fog_provisioner({ :provider => 'AWS' }.merge(options), &block)
|
14
|
-
end
|
15
|
-
|
16
|
-
def with_fog_openstack_provisioner(options = {}, &block)
|
17
|
-
with_fog_provisioner({ :provider => 'OpenStack' }.merge(options), &block)
|
18
|
-
end
|
19
|
-
end
|
20
|
-
end
|
2
|
+
require 'chef_metal_fog/fog_driver'
|
3
|
+
require 'chef_metal_fog/recipe_dsl'
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: chef-metal-fog
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 0.5.beta
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- John Keiser
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-05-
|
11
|
+
date: 2014-05-24 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: chef
|
@@ -80,7 +80,7 @@ dependencies:
|
|
80
80
|
- - '>='
|
81
81
|
- !ruby/object:Gem::Version
|
82
82
|
version: '0'
|
83
|
-
description:
|
83
|
+
description: Driver for creating Fog instances in Chef Metal.
|
84
84
|
email: jkeiser@getchef.com
|
85
85
|
executables: []
|
86
86
|
extensions: []
|
@@ -93,8 +93,11 @@ files:
|
|
93
93
|
- README.md
|
94
94
|
- lib/chef/provider/fog_key_pair.rb
|
95
95
|
- lib/chef/resource/fog_key_pair.rb
|
96
|
-
- lib/chef_metal/
|
97
|
-
- lib/chef_metal_fog/
|
96
|
+
- lib/chef_metal/driver_init/fog.rb
|
97
|
+
- lib/chef_metal_fog/aws_credentials.rb
|
98
|
+
- lib/chef_metal_fog/fog_driver.rb
|
99
|
+
- lib/chef_metal_fog/fog_driver_aws.rb
|
100
|
+
- lib/chef_metal_fog/recipe_dsl.rb
|
98
101
|
- lib/chef_metal_fog/version.rb
|
99
102
|
- lib/chef_metal_fog.rb
|
100
103
|
homepage: https://github.com/opscode/chef-metal-fog
|
@@ -111,14 +114,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
111
114
|
version: '0'
|
112
115
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
113
116
|
requirements:
|
114
|
-
- - '
|
117
|
+
- - '>'
|
115
118
|
- !ruby/object:Gem::Version
|
116
|
-
version:
|
119
|
+
version: 1.3.1
|
117
120
|
requirements: []
|
118
121
|
rubyforge_project:
|
119
122
|
rubygems_version: 2.0.3
|
120
123
|
signing_key:
|
121
124
|
specification_version: 4
|
122
|
-
summary:
|
125
|
+
summary: Driver for creating Fog instances in Chef Metal.
|
123
126
|
test_files: []
|
124
127
|
has_rdoc:
|