chef-metal-fog 0.4 → 0.5.beta

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,133 @@
1
+ require 'chef_metal_fog/aws_credentials'
2
+ require 'chef/log'
3
+ require 'fog/aws'
4
+
5
+ module ChefMetalFog
6
+ module FogDriverAWS
7
+ def self.get_aws_profile(driver_options, compute_options, aws_account_id)
8
+ aws_credentials = get_aws_credentials(driver_options)
9
+
10
+ # Grab the given profile
11
+ aws_access_key_id = compute_options[:aws_access_key_id] || ENV['AWS_ACCESS_KEY_ID']
12
+ if aws_access_key_id
13
+ aws_profile = aws_credentials.select { |profile| profile[:aws_access_key_id] == aws_access_key_id }.first
14
+ if !aws_profile
15
+ aws_profile = {
16
+ :aws_access_key_id => aws_access_key_id,
17
+ :aws_secret_access_key => compute_options[:aws_secret_access_key] || ENV['AWS_SECRET_ACCESS_KEY'],
18
+ :aws_security_token => compute_options[:aws_security_token] || ENV['AWS_SECURITY_TOKEN']
19
+ }
20
+ end
21
+ Chef::Log.debug("Using AWS profile #{aws_profile[:name]}")
22
+ elsif driver_options[:aws_profile]
23
+ aws_profile = aws_credentials[driver_options[:aws_profile]]
24
+ if !aws_profile
25
+ raise "AWS profile #{driver_options[:aws_profile]} does not exist! Perhaps your configuration is incorrect?"
26
+ end
27
+ Chef::Log.info("Using AWS profile #{driver_options[:aws_profile]} ...")
28
+ else
29
+ aws_profile = aws_credentials.default
30
+ Chef::Log.info("Using default AWS profile ...")
31
+ end
32
+
33
+ # Merge in account info
34
+ if aws_profile
35
+ aws_profile = aws_profile.merge(aws_account_info_for(aws_profile))
36
+ end
37
+
38
+ # If no profile is found (or the profile is not the right account), search
39
+ # for a profile that matches the given account ID
40
+ if aws_account_id && (!aws_profile || aws_profile[:aws_account_id] != aws_account_id)
41
+ aws_profile = find_aws_profile_for_account_id(aws_credentials, aws_account_id)
42
+ end
43
+
44
+ if !aws_profile
45
+ raise "No AWS profile specified! Are you missing something in the Chef config or ~/.aws/config?"
46
+ end
47
+
48
+ # Set region
49
+ region = compute_options[:region] || ENV['AWS_DEFAULT_REGION']
50
+ aws_profile[:region] = region if region
51
+ aws_profile.delete_if { |key, value| value.nil? }
52
+ aws_profile
53
+ end
54
+
55
+ def self.find_aws_profile_for_account_id(aws_credentials, aws_account_id)
56
+ aws_profile = nil
57
+ aws_credentials.each do |profile_name, profile|
58
+ begin
59
+ aws_account_info = aws_account_info_for(profile)
60
+ rescue
61
+ Chef::Log.warn("Could not connect to AWS profile #{aws_credentials[:name]}: #{$!}")
62
+ Chef::Log.debug($!.backtrace.join("\n"))
63
+ next
64
+ end
65
+ if aws_account_info[:aws_account_id] == aws_account_id
66
+ aws_profile = profile
67
+ aws_profile[:name] = profile_name
68
+ aws_profile = aws_profile.merge(aws_account_info)
69
+ break
70
+ end
71
+ end
72
+ if aws_profile
73
+ Chef::Log.info("Discovered AWS profile #{aws_profile[:name]} pointing at account #{aws_account_id}. Using ...")
74
+ else
75
+ raise "No AWS profile leads to account ##{aws_account_id}. Do you need to add profiles to ~/.aws/config?"
76
+ end
77
+ aws_profile
78
+ end
79
+
80
+ def self.aws_account_info_for(aws_profile)
81
+ @@aws_account_info ||= {}
82
+ @@aws_account_info[aws_profile[:aws_access_key_id]] ||= begin
83
+ options = {
84
+ :aws_access_key_id => aws_profile[:aws_access_key_id],
85
+ :aws_secret_access_key => aws_profile[:aws_secret_access_key],
86
+ :aws_session_token => aws_profile[:aws_security_token]
87
+ }
88
+ options.delete_if { |key, value| value.nil? }
89
+
90
+ iam = Fog::AWS::IAM.new(options)
91
+ arn = begin
92
+ # TODO it would be nice if Fog let you do this normally ...
93
+ iam.send(:request, {
94
+ 'Action' => 'GetUser',
95
+ :parser => Fog::Parsers::AWS::IAM::GetUser.new
96
+ }).body['User']['Arn']
97
+ rescue Fog::AWS::IAM::Error
98
+ # TODO Someone tell me there is a better way to find out your current
99
+ # user ID than this! This is what happens when you use an IAM user
100
+ # with default privileges.
101
+ if $!.message =~ /AccessDenied.+(arn:aws:iam::\d+:\S+)/
102
+ arn = $1
103
+ else
104
+ raise
105
+ end
106
+ end
107
+ arn_split = arn.split(':', 6)
108
+ {
109
+ :aws_account_id => arn_split[4],
110
+ :aws_username => arn_split[5],
111
+ :aws_user_arn => arn
112
+ }
113
+ end
114
+ end
115
+
116
+ def self.get_aws_credentials(driver_options)
117
+ # Grab the list of possible credentials
118
+ if driver_options[:aws_credentials]
119
+ aws_credentials = driver_options[:aws_credentials]
120
+ else
121
+ aws_credentials = AWSCredentials.new
122
+ if driver_options[:aws_config_file]
123
+ aws_credentials.load_ini(driver_options.delete(:aws_config_file))
124
+ elsif driver_options[:aws_csv_file]
125
+ aws_credentials.load_csv(driver_options.delete(:aws_csv_file))
126
+ else
127
+ aws_credentials.load_default
128
+ end
129
+ end
130
+ aws_credentials
131
+ end
132
+ end
133
+ end
@@ -0,0 +1,23 @@
1
+ require 'chef_metal_fog/fog_driver'
2
+ require 'chef/resource/fog_key_pair'
3
+ require 'chef/provider/fog_key_pair'
4
+
5
+ class Chef
6
+ module DSL
7
+ module Recipe
8
+ def with_fog_driver(provider, driver_options = nil, &block)
9
+ config = Cheffish::MergedConfig.new({ :driver_options => driver_options }, run_context.config)
10
+ driver = ChefMetalFog::FogDriver.from_provider(provider, config)
11
+ run_context.chef_metal.with_driver(driver, &block)
12
+ end
13
+
14
+ def with_fog_ec2_driver(driver_options = nil, &block)
15
+ with_fog_driver('AWS', driver_options, &block)
16
+ end
17
+
18
+ def with_fog_openstack_driver(driver_options = nil, &block)
19
+ with_fog_driver('OpenStack', driver_options, &block)
20
+ end
21
+ end
22
+ end
23
+ end
@@ -1,3 +1,3 @@
1
1
  module ChefMetalFog
2
- VERSION = '0.4'
2
+ VERSION = '0.5.beta'
3
3
  end
@@ -1,20 +1,3 @@
1
1
  require 'chef_metal'
2
- require 'chef/resource/fog_key_pair'
3
- require 'chef/provider/fog_key_pair'
4
- require 'chef_metal_fog/fog_provisioner'
5
-
6
- class Chef
7
- class Recipe
8
- def with_fog_provisioner(options = {}, &block)
9
- run_context.chef_metal.with_provisioner(ChefMetalFog::FogProvisioner.new(options), &block)
10
- end
11
-
12
- def with_fog_ec2_provisioner(options = {}, &block)
13
- with_fog_provisioner({ :provider => 'AWS' }.merge(options), &block)
14
- end
15
-
16
- def with_fog_openstack_provisioner(options = {}, &block)
17
- with_fog_provisioner({ :provider => 'OpenStack' }.merge(options), &block)
18
- end
19
- end
20
- end
2
+ require 'chef_metal_fog/fog_driver'
3
+ require 'chef_metal_fog/recipe_dsl'
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: chef-metal-fog
3
3
  version: !ruby/object:Gem::Version
4
- version: '0.4'
4
+ version: 0.5.beta
5
5
  platform: ruby
6
6
  authors:
7
7
  - John Keiser
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-05-01 00:00:00.000000000 Z
11
+ date: 2014-05-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: chef
@@ -80,7 +80,7 @@ dependencies:
80
80
  - - '>='
81
81
  - !ruby/object:Gem::Version
82
82
  version: '0'
83
- description: Provisioner for creating Fog instances in Chef Metal.
83
+ description: Driver for creating Fog instances in Chef Metal.
84
84
  email: jkeiser@getchef.com
85
85
  executables: []
86
86
  extensions: []
@@ -93,8 +93,11 @@ files:
93
93
  - README.md
94
94
  - lib/chef/provider/fog_key_pair.rb
95
95
  - lib/chef/resource/fog_key_pair.rb
96
- - lib/chef_metal/provisioner_init/fog_init.rb
97
- - lib/chef_metal_fog/fog_provisioner.rb
96
+ - lib/chef_metal/driver_init/fog.rb
97
+ - lib/chef_metal_fog/aws_credentials.rb
98
+ - lib/chef_metal_fog/fog_driver.rb
99
+ - lib/chef_metal_fog/fog_driver_aws.rb
100
+ - lib/chef_metal_fog/recipe_dsl.rb
98
101
  - lib/chef_metal_fog/version.rb
99
102
  - lib/chef_metal_fog.rb
100
103
  homepage: https://github.com/opscode/chef-metal-fog
@@ -111,14 +114,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
111
114
  version: '0'
112
115
  required_rubygems_version: !ruby/object:Gem::Requirement
113
116
  requirements:
114
- - - '>='
117
+ - - '>'
115
118
  - !ruby/object:Gem::Version
116
- version: '0'
119
+ version: 1.3.1
117
120
  requirements: []
118
121
  rubyforge_project:
119
122
  rubygems_version: 2.0.3
120
123
  signing_key:
121
124
  specification_version: 4
122
- summary: Provisioner for creating Fog instances in Chef Metal.
125
+ summary: Driver for creating Fog instances in Chef Metal.
123
126
  test_files: []
124
127
  has_rdoc:
@@ -1,4 +0,0 @@
1
- require 'chef_metal_fog/fog_provisioner'
2
-
3
- ChefMetal.add_registered_provisioner_class("fog",
4
- ChefMetalFog::FogProvisioner)