RubyGems - chef-metal-fog - Versions diffs - 0.4 → 0.5.beta - Mend

chef-metal-fog 0.4 → 0.5.beta

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

checksums.yaml +4 -4
data/README.md +1 -1
data/lib/chef/provider/fog_key_pair.rb +45 -21
data/lib/chef/resource/fog_key_pair.rb +2 -7
data/lib/chef_metal/driver_init/fog.rb +3 -0
data/lib/chef_metal_fog/aws_credentials.rb +65 -0
data/lib/chef_metal_fog/fog_driver.rb +622 -0
data/lib/chef_metal_fog/fog_driver_aws.rb +133 -0
data/lib/chef_metal_fog/recipe_dsl.rb +23 -0
data/lib/chef_metal_fog/version.rb +1 -1
data/lib/chef_metal_fog.rb +2 -19
metadata +11 -8
data/lib/chef_metal/provisioner_init/fog_init.rb +0 -4
data/lib/chef_metal_fog/fog_provisioner.rb +0 -558

data/lib/chef_metal_fog/fog_driver_aws.rb ADDED Viewed

@@ -0,0 +1,133 @@
+require 'chef_metal_fog/aws_credentials'
+require 'chef/log'
+require 'fog/aws'
+module ChefMetalFog
+  module FogDriverAWS
+    def self.get_aws_profile(driver_options, compute_options, aws_account_id)
+      aws_credentials = get_aws_credentials(driver_options)
+      # Grab the given profile
+      aws_access_key_id = compute_options[:aws_access_key_id] || ENV['AWS_ACCESS_KEY_ID']
+      if aws_access_key_id
+        aws_profile = aws_credentials.select { |profile| profile[:aws_access_key_id] == aws_access_key_id }.first
+        if !aws_profile
+          aws_profile = {
+            :aws_access_key_id => aws_access_key_id,
+            :aws_secret_access_key => compute_options[:aws_secret_access_key] || ENV['AWS_SECRET_ACCESS_KEY'],
+            :aws_security_token => compute_options[:aws_security_token] || ENV['AWS_SECURITY_TOKEN']
+          }
+        end
+        Chef::Log.debug("Using AWS profile #{aws_profile[:name]}")
+      elsif driver_options[:aws_profile]
+        aws_profile = aws_credentials[driver_options[:aws_profile]]
+        if !aws_profile
+          raise "AWS profile #{driver_options[:aws_profile]} does not exist! Perhaps your configuration is incorrect?"
+        end
+        Chef::Log.info("Using AWS profile #{driver_options[:aws_profile]} ...")
+      else
+        aws_profile = aws_credentials.default
+        Chef::Log.info("Using default AWS profile ...")
+      end
+      # Merge in account info
+      if aws_profile
+        aws_profile = aws_profile.merge(aws_account_info_for(aws_profile))
+      end
+      # If no profile is found (or the profile is not the right account), search
+      # for a profile that matches the given account ID
+      if aws_account_id && (!aws_profile || aws_profile[:aws_account_id] != aws_account_id)
+        aws_profile = find_aws_profile_for_account_id(aws_credentials, aws_account_id)
+      end
+      if !aws_profile
+        raise "No AWS profile specified!  Are you missing something in the Chef config or ~/.aws/config?"
+      end
+      # Set region
+      region = compute_options[:region] || ENV['AWS_DEFAULT_REGION']
+      aws_profile[:region] = region if region
+      aws_profile.delete_if { |key, value| value.nil? }
+      aws_profile
+    end
+    def self.find_aws_profile_for_account_id(aws_credentials, aws_account_id)
+      aws_profile = nil
+      aws_credentials.each do |profile_name, profile|
+        begin
+          aws_account_info = aws_account_info_for(profile)
+        rescue
+          Chef::Log.warn("Could not connect to AWS profile #{aws_credentials[:name]}: #{$!}")
+          Chef::Log.debug($!.backtrace.join("\n"))
+          next
+        end
+        if aws_account_info[:aws_account_id] == aws_account_id
+          aws_profile = profile
+          aws_profile[:name] = profile_name
+          aws_profile = aws_profile.merge(aws_account_info)
+          break
+        end
+      end
+      if aws_profile
+        Chef::Log.info("Discovered AWS profile #{aws_profile[:name]} pointing at account #{aws_account_id}.  Using ...")
+      else
+        raise "No AWS profile leads to account ##{aws_account_id}.  Do you need to add profiles to ~/.aws/config?"
+      end
+      aws_profile
+    end
+    def self.aws_account_info_for(aws_profile)
+      @@aws_account_info ||= {}
+      @@aws_account_info[aws_profile[:aws_access_key_id]] ||= begin
+        options = {
+          :aws_access_key_id => aws_profile[:aws_access_key_id],
+          :aws_secret_access_key => aws_profile[:aws_secret_access_key],
+          :aws_session_token => aws_profile[:aws_security_token]
+        }
+        options.delete_if { |key, value| value.nil? }
+        iam = Fog::AWS::IAM.new(options)
+        arn = begin
+          # TODO it would be nice if Fog let you do this normally ...
+          iam.send(:request, {
+            'Action'    => 'GetUser',
+            :parser     => Fog::Parsers::AWS::IAM::GetUser.new
+          }).body['User']['Arn']
+        rescue Fog::AWS::IAM::Error
+          # TODO Someone tell me there is a better way to find out your current
+          # user ID than this!  This is what happens when you use an IAM user
+          # with default privileges.
+          if $!.message =~ /AccessDenied.+(arn:aws:iam::\d+:\S+)/
+            arn = $1
+          else
+            raise
+          end
+        end
+        arn_split = arn.split(':', 6)
+        {
+          :aws_account_id => arn_split[4],
+          :aws_username => arn_split[5],
+          :aws_user_arn => arn
+        }
+      end
+    end
+    def self.get_aws_credentials(driver_options)
+      # Grab the list of possible credentials
+      if driver_options[:aws_credentials]
+        aws_credentials = driver_options[:aws_credentials]
+      else
+        aws_credentials = AWSCredentials.new
+        if driver_options[:aws_config_file]
+          aws_credentials.load_ini(driver_options.delete(:aws_config_file))
+        elsif driver_options[:aws_csv_file]
+          aws_credentials.load_csv(driver_options.delete(:aws_csv_file))
+        else
+          aws_credentials.load_default
+        end
+      end
+      aws_credentials
+    end
+  end
+end

data/lib/chef_metal_fog/recipe_dsl.rb ADDED Viewed

@@ -0,0 +1,23 @@
+require 'chef_metal_fog/fog_driver'
+require 'chef/resource/fog_key_pair'
+require 'chef/provider/fog_key_pair'
+class Chef
+  module DSL
+    module Recipe
+      def with_fog_driver(provider, driver_options = nil, &block)
+        config = Cheffish::MergedConfig.new({ :driver_options => driver_options }, run_context.config)
+        driver = ChefMetalFog::FogDriver.from_provider(provider, config)
+        run_context.chef_metal.with_driver(driver, &block)
+      end
+      def with_fog_ec2_driver(driver_options = nil, &block)
+        with_fog_driver('AWS', driver_options, &block)
+      end
+      def with_fog_openstack_driver(driver_options = nil, &block)
+        with_fog_driver('OpenStack', driver_options, &block)
+      end
+    end
+  end
+end

data/lib/chef_metal_fog/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module ChefMetalFog
-  VERSION = '0.4'
+  VERSION = '0.5.beta'
 end

data/lib/chef_metal_fog.rb CHANGED Viewed

@@ -1,20 +1,3 @@
 require 'chef_metal'
-require 'chef/resource/fog_key_pair'
-require 'chef/provider/fog_key_pair'
-require 'chef_metal_fog/fog_provisioner'
-class Chef
-  class Recipe
-    def with_fog_provisioner(options = {}, &block)
-      run_context.chef_metal.with_provisioner(ChefMetalFog::FogProvisioner.new(options), &block)
-    end
-    def with_fog_ec2_provisioner(options = {}, &block)
-      with_fog_provisioner({ :provider => 'AWS' }.merge(options), &block)
-    end
-    def with_fog_openstack_provisioner(options = {}, &block)
-      with_fog_provisioner({ :provider => 'OpenStack' }.merge(options), &block)
-    end
-  end
-end
+require 'chef_metal_fog/fog_driver'
+require 'chef_metal_fog/recipe_dsl'

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: chef-metal-fog
 version: !ruby/object:Gem::Version
-  version: '0.4'
+  version: 0.5.beta
 platform: ruby
 authors:
 - John Keiser
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-05-01 00:00:00.000000000 Z
+date: 2014-05-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: chef
@@ -80,7 +80,7 @@ dependencies:
     - - '>='
       - !ruby/object:Gem::Version
         version: '0'
-description: Provisioner for creating Fog instances in Chef Metal.
+description: Driver for creating Fog instances in Chef Metal.
 email: jkeiser@getchef.com
 executables: []
 extensions: []
@@ -93,8 +93,11 @@ files:
 - README.md
 - lib/chef/provider/fog_key_pair.rb
 - lib/chef/resource/fog_key_pair.rb
-- lib/chef_metal/provisioner_init/fog_init.rb
-- lib/chef_metal_fog/fog_provisioner.rb
+- lib/chef_metal/driver_init/fog.rb
+- lib/chef_metal_fog/aws_credentials.rb
+- lib/chef_metal_fog/fog_driver.rb
+- lib/chef_metal_fog/fog_driver_aws.rb
+- lib/chef_metal_fog/recipe_dsl.rb
 - lib/chef_metal_fog/version.rb
 - lib/chef_metal_fog.rb
 homepage: https://github.com/opscode/chef-metal-fog
@@ -111,14 +114,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - '>'
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubyforge_project:
 rubygems_version: 2.0.3
 signing_key:
 specification_version: 4
-summary: Provisioner for creating Fog instances in Chef Metal.
+summary: Driver for creating Fog instances in Chef Metal.
 test_files: []
 has_rdoc:

data/lib/chef_metal/provisioner_init/fog_init.rb DELETED Viewed

@@ -1,4 +0,0 @@
-require 'chef_metal_fog/fog_provisioner'
-ChefMetal.add_registered_provisioner_class("fog",
-  ChefMetalFog::FogProvisioner)