chef-metal 0.14.2 → 0.15

data/lib/chef_metal/convergence_strategy/install_cached.rb

@@ -1,157 +1 @@
-require 'chef_metal/convergence_strategy/precreate_chef_objects'
-require 'pathname'
-require 'fileutils'
-require 'digest/md5'
-require 'thread'
-
-module ChefMetal
-  class ConvergenceStrategy
-    class InstallCached < PrecreateChefObjects
-      # convergence_options is a hash of setup convergence_options, including:
-      # - :chef_server
-      # - :allow_overwrite_keys
-      # - :source_key, :source_key_path, :source_key_pass_phrase
-      # - :private_key_options
-      # - :ohai_hints
-      # - :public_key_path, :public_key_format
-      # - :admin, :validator
-      # - :chef_client_timeout
-      # - :client_rb_path, :client_pem_path
-      # - :chef_version, :prerelease, :package_cache_path
-      def initialize(convergence_options, config)
-        convergence_options = Cheffish::MergedConfig.new(convergence_options, {
-          :client_rb_path => '/etc/chef/client.rb',
-          :client_pem_path => '/etc/chef/client.pem'
-        })
-        super(convergence_options, config)
-        @chef_version ||= convergence_options[:chef_version]
-        @prerelease ||= convergence_options[:prerelease]
-        @package_cache_path ||= convergence_options[:package_cache_path] || "#{ENV['HOME']}/.chef/package_cache"
-        @package_cache = {}
-        @tmp_dir = '/tmp'
-        @chef_client_timeout = convergence_options.has_key?(:chef_client_timeout) ? convergence_options[:chef_client_timeout] : 120*60 # Default: 2 hours
-        FileUtils.mkdir_p(@package_cache_path)
-        @package_cache_lock = Mutex.new
-      end
-
-      attr_reader :client_rb_path
-      attr_reader :client_pem_path
-
-      def setup_convergence(action_handler, machine)
-        super
-
-        # Install chef-client.  TODO check and update version if not latest / not desired
-        if machine.execute_always('chef-client -v').exitstatus != 0
-          platform, platform_version, machine_architecture = machine.detect_os(action_handler)
-          package_file = download_package_for_platform(action_handler, machine, platform, platform_version, machine_architecture)
-          remote_package_file = "#{@tmp_dir}/#{File.basename(package_file)}"
-          machine.upload_file(action_handler, package_file, remote_package_file)
-          install_package(action_handler, machine, remote_package_file)
-        end
-      end
-
-      def converge(action_handler, machine)
-        super
-
-        action_handler.open_stream(machine.node['name']) do |stdout|
-          action_handler.open_stream(machine.node['name']) do |stderr|
-            command_line = "chef-client"
-            command_line << " -l #{config[:log_level].to_s}" if config[:log_level]
-            machine.execute(action_handler, command_line,
-              :stream_stdout => stdout,
-              :stream_stderr => stderr,
-              :timeout => @chef_client_timeout)
-          end
-        end
-      end
-
-      private
-
-      def download_package_for_platform(action_handler, machine, platform, platform_version, machine_architecture)
-        @package_cache_lock.synchronize do
-          @package_cache ||= {}
-          @package_cache[platform] ||= {}
-          @package_cache[platform][platform_version] ||= {}
-          @package_cache[platform][platform_version][machine_architecture] ||= { :lock => Mutex.new }
-        end
-        @package_cache[platform][platform_version][machine_architecture][:lock].synchronize do
-          if !@package_cache[platform][platform_version][machine_architecture][:file]
-            #
-            # Grab metadata
-            #
-            metadata = download_metadata_for_platform(machine, platform, platform_version, machine_architecture)
-
-            # Download actual package desired by metadata
-            package_file = "#{@package_cache_path}/#{URI(metadata['url']).path.split('/')[-1]}"
-
-            ChefMetal.inline_resource(action_handler) do
-              remote_file package_file do
-                source metadata['url']
-                checksum metadata['sha256']
-              end
-            end
-
-            @package_cache[platform][platform_version][machine_architecture][:file] = package_file
-          end
-        end
-        @package_cache[platform][platform_version][machine_architecture][:file]
-      end
-
-      def download_metadata_for_platform(machine, platform, platform_version, machine_architecture)
-        #
-        # Figure out the URL to the metadata
-        #
-        metadata_url="https://www.opscode.com/chef/metadata"
-        metadata_url << "?v=#{@chef_version}"
-        metadata_url << "&prerelease=#{@prerelease ? 'true' : 'false'}"
-        metadata_url << "&p=#{platform.strip}"
-        metadata_url << "&pv=#{platform_version.strip}"
-        metadata_url << "&m=#{machine_architecture.strip}"
-        use_ssl = true
-
-        # solaris 9 lacks openssl, solaris 10 lacks recent enough credentials - your base O/S is completely insecure, please upgrade
-        if platform == 'solaris2' && (platform_version == '5.9' || platform_version == '5.10')
-          metadata_url.sub(/^https/, 'http')
-          use_ssl = false
-        end
-
-        # Download and parse the metadata
-        Chef::Log.debug("Getting metadata for machine #{machine.node['name']}: #{metadata_url}")
-        uri = URI(metadata_url)
-        http = Net::HTTP.new(uri.host, uri.port)
-        http.use_ssl = use_ssl
-        request = Net::HTTP::Get.new(uri.request_uri)
-        response = http.request(request)
-        metadata_str = response.body
-        metadata = {}
-        metadata_str.each_line do |line|
-          key, value = line.split("\t", 2)
-          metadata[key] = value
-        end
-        metadata
-      end
-
-      def install_package(action_handler, machine, remote_package_file)
-        extension = File.extname(remote_package_file)
-        result = case extension
-        when '.rpm'
-          machine.execute(action_handler, "rpm -Uvh --oldpackage --replacepkgs \"#{remote_package_file}\"")
-        when '.deb'
-          machine.execute(action_handler, "dpkg -i \"#{remote_package_file}\"")
-        when '.solaris'
-          machine.write_file(action_handler, "#{@tmp_dir}/nocheck", <<EOM)
-conflict=nocheck
-action=nocheck
-mail=
-EOM
-          machine.execute(action_handler, "pkgrm -a \"#{@tmp_dir}/nocheck\" -n chef")
-          machine.execute(action_handler, "pkgadd -n -d \"#{remote_package_file}\" -a \"#{@tmp_dir}/nocheck\" chef")
-        when '.sh'
-          machine.execute(action_handler, "sh \"#{remote_package_file}\"")
-        else
-          raise "Unknown package extension '#{extension}' for file #{remote_package_file}"
-        end
-      end
-    end
-  end
-end
+require "chef/provisioning/convergence_strategy/install_cached"

data/lib/chef_metal/convergence_strategy/install_msi.rb

@@ -1,56 +1 @@
-require 'chef_metal/convergence_strategy/precreate_chef_objects'
-require 'pathname'
-
-module ChefMetal
-  class ConvergenceStrategy
-    class InstallMsi < PrecreateChefObjects
-      @@install_msi_cache = {}
-
-      def initialize(convergence_options, config)
-        super
-        @install_msi_url = convergence_options[:install_msi_url] || 'http://www.opscode.com/chef/install.msi'
-        @install_msi_path = convergence_options[:install_msi_path] || "$env:TEMP\\#{File.basename(@install_msi_url)}"
-        @chef_client_timeout = convergence_options.has_key?(:chef_client_timeout) ? convergence_options[:chef_client_timeout] : 120*60 # Default: 2 hours
-      end
-
-      attr_reader :install_msi_url
-      attr_reader :install_msi_path
-
-      def setup_convergence(action_handler, machine)
-        if !convergence_options.has_key?(:client_rb_path) || !convergence_options.has_key?(:client_pem_path)
-          system_drive = machine.execute_always('$env:SystemDrive').stdout.strip
-          @convergence_options = Cheffish::MergedConfig.new(convergence_options, {
-            :client_rb_path => "#{system_drive}\\chef\\client.rb",
-            :client_pem_path => "#{system_drive}\\chef\\client.pem"
-          })
-        end
-
-        super
-
-        # Install chef-client.  TODO check and update version if not latest / not desired
-        if machine.execute_always('chef-client -v').exitstatus != 0
-          # TODO ssh verification of install.msi before running arbtrary code would be nice?
-          # TODO find a way to cache this on the host like with the Unix stuff.
-          # Limiter is we don't know how to efficiently upload large files to
-          # the remote machine with WMI.
-          machine.execute(action_handler, "(New-Object System.Net.WebClient).DownloadFile(#{machine.escape(install_msi_url)}, #{machine.escape(install_msi_path)})")
-          machine.execute(action_handler, "msiexec /qn /i #{machine.escape(install_msi_path)}")
-        end
-      end
-
-      def converge(action_handler, machine)
-        super
-
-        # TODO For some reason I get a 500 back if I don't do -l debug
-        action_handler.open_stream(machine.node['name']) do |stdout|
-          action_handler.open_stream(machine.node['name']) do |stderr|
-            machine.execute(action_handler, "chef-client -l debug",
-              :stream_stdout => stdout,
-              :stream_stderr => stderr,
-              :timeout => @chef_client_timeout)
-          end
-        end
-      end
-    end
-  end
-end
+require "chef/provisioning/convergence_strategy/install_msi"

data/lib/chef_metal/convergence_strategy/install_sh.rb

@@ -1,53 +1 @@
-require 'chef_metal/convergence_strategy/precreate_chef_objects'
-require 'pathname'
-
-module ChefMetal
-  class ConvergenceStrategy
-    class InstallSh < PrecreateChefObjects
-      @@install_sh_cache = {}
-
-      def initialize(convergence_options, config)
-        convergence_options = Cheffish::MergedConfig.new(convergence_options, {
-          :client_rb_path => '/etc/chef/client.rb',
-          :client_pem_path => '/etc/chef/client.pem'
-        })
-        super(convergence_options, config)
-        @install_sh_url = convergence_options[:install_sh_url] || 'http://www.opscode.com/chef/install.sh'
-        @install_sh_path = convergence_options[:install_sh_path] || '/tmp/chef-install.sh'
-        @bootstrap_env = convergence_options[:bootstrap_proxy] ? "http_proxy=#{convergence_options[:bootstrap_proxy]}" : ""
-        @chef_client_timeout = convergence_options.has_key?(:chef_client_timeout) ? convergence_options[:chef_client_timeout] : 120*60 # Default: 2 hours
-      end
-
-      attr_reader :install_sh_url
-      attr_reader :install_sh_path
-      attr_reader :bootstrap_env
-
-      def setup_convergence(action_handler, machine)
-        super
-
-        # Install chef-client.  TODO check and update version if not latest / not desired
-        if machine.execute_always('chef-client -v').exitstatus != 0
-          # TODO ssh verification of install.sh before running arbtrary code would be nice?
-          @@install_sh_cache[install_sh_url] ||= Net::HTTP.get(URI(install_sh_url))
-          machine.write_file(action_handler, install_sh_path, @@install_sh_cache[install_sh_url], :ensure_dir => true)
-          machine.execute(action_handler, "bash -c '#{bootstrap_env} bash #{install_sh_path}'")
-        end
-      end
-
-      def converge(action_handler, machine)
-        super
-
-        action_handler.open_stream(machine.node['name']) do |stdout|
-          action_handler.open_stream(machine.node['name']) do |stderr|
-            command_line = "chef-client"
-            command_line << " -l #{config[:log_level].to_s}" if config[:log_level]
-            machine.execute(action_handler, command_line,
-              :stream_stdout => stdout,
-              :stream_stderr => stderr,
-              :timeout => @chef_client_timeout)
-          end
-        end
-      end
-    end
-  end
-end
+require "chef/provisioning/convergence_strategy/install_sh"

data/lib/chef_metal/convergence_strategy/no_converge.rb

@@ -1,37 +1 @@
-require 'chef_metal/convergence_strategy'
-require 'pathname'
-require 'cheffish'
-
-module ChefMetal
-  class ConvergenceStrategy
-    class NoConverge < ConvergenceStrategy
-      def initialize(convergence_options, config)
-        super
-      end
-
-      def chef_server
-        @chef_server ||= convergence_options[:chef_server] || Cheffish.default_chef_server(config)
-      end
-
-      def setup_convergence(action_handler, machine)
-      end
-
-      def converge(action_handler, machine)
-      end
-
-      def cleanup_convergence(action_handler, machine_spec)
-        _self = self
-        ChefMetal.inline_resource(action_handler) do
-          chef_node machine_spec.name do
-            chef_server _self.chef_server
-            action :delete
-          end
-          chef_client machine_spec.name do
-            chef_server _self.chef_server
-            action :delete
-          end
-        end
-      end
-    end
-  end
-end
+require "chef/provisioning/convergence_strategy/no_converge"

data/lib/chef_metal/convergence_strategy/precreate_chef_objects.rb

@@ -1,181 +1 @@
-require 'chef_metal/convergence_strategy'
-require 'pathname'
-require 'cheffish'
-
-module ChefMetal
-  class ConvergenceStrategy
-    class PrecreateChefObjects < ConvergenceStrategy
-      def initialize(convergence_options, config)
-        super
-      end
-
-      def chef_server
-        @chef_server ||= convergence_options[:chef_server] || Cheffish.default_chef_server(config)
-      end
-
-      def setup_convergence(action_handler, machine)
-        # Create keys on machine
-        public_key = create_keys(action_handler, machine)
-        # Create node and client on chef server
-        create_chef_objects(action_handler, machine, public_key)
-
-        # If the chef server lives on localhost, tunnel the port through to the guest
-        # (we need to know what got tunneled!)
-        chef_server_url = chef_server[:chef_server_url]
-        chef_server_url = machine.make_url_available_to_remote(chef_server_url)
-
-        # Support for multiple ohai hints, required on some platforms
-        create_ohai_files(action_handler, machine)
-
-        # Create client.rb and client.pem on machine
-        content = client_rb_content(chef_server_url, machine.node['name'])
-        machine.write_file(action_handler, convergence_options[:client_rb_path], content, :ensure_dir => true)
-      end
-
-      def converge(action_handler, machine)
-        machine.make_url_available_to_remote(chef_server[:chef_server_url])
-      end
-
-      def cleanup_convergence(action_handler, machine_spec)
-        _self = self
-        ChefMetal.inline_resource(action_handler) do
-          chef_node machine_spec.name do
-            chef_server _self.chef_server
-            action :delete
-          end
-          chef_client machine_spec.name do
-            chef_server _self.chef_server
-            action :delete
-          end
-        end
-      end
-
-      protected
-
-      def create_keys(action_handler, machine)
-        server_private_key = machine.read_file(convergence_options[:client_pem_path])
-        if server_private_key
-          begin
-            server_private_key, format = Cheffish::KeyFormatter.decode(server_private_key)
-          rescue
-            server_private_key = nil
-          end
-        end
-
-        if server_private_key
-          if source_key && server_private_key.to_pem != source_key.to_pem
-            # If the server private key does not match our source key, overwrite it
-            server_private_key = source_key
-            if convergence_options[:allow_overwrite_keys]
-              machine.write_file(action_handler, convergence_options[:client_pem_path], server_private_key.to_pem, :ensure_dir => true)
-            else
-              raise "Private key on machine #{machine.name} does not match desired input key."
-            end
-          end
-
-        else
-
-          # If the server does not already have keys, create them and upload
-          _convergence_options = convergence_options
-          ChefMetal.inline_resource(action_handler) do
-            private_key 'in_memory' do
-              path :none
-              if _convergence_options[:private_key_options]
-                _convergence_options[:private_key_options].each_pair do |key,value|
-                  send(key, value)
-                end
-              end
-              after { |resource, private_key| server_private_key = private_key }
-            end
-          end
-
-          machine.write_file(action_handler, convergence_options[:client_pem_path], server_private_key.to_pem, :ensure_dir => true)
-        end
-
-        server_private_key.public_key
-      end
-
-      def is_localhost(host)
-        host == '127.0.0.1' || host == 'localhost' || host == '[::1]'
-      end
-
-      def source_key
-        if convergence_options[:source_key].is_a?(String)
-          key, format = Cheffish::KeyFormatter.decode(convergence_options[:source_key], convergence_options[:source_key_pass_phrase])
-          key
-        elsif convergence_options[:source_key]
-          convergence_options[:source_key]
-        elsif convergence_options[:source_key_path]
-          key, format = Cheffish::KeyFormatter.decode(IO.read(convergence_options[:source_key_path]), convergence_options[:source_key_pass_phrase], convergence_options[:source_key_path])
-          key
-        else
-          nil
-        end
-      end
-
-      # Create the ohai file(s)
-      def create_ohai_files(action_handler, machine)
-        if convergence_options[:ohai_hints]
-          convergence_options[:ohai_hints].each_pair do |hint, data|
-            # The location of the ohai hint
-            ohai_hint = "/etc/chef/ohai/hints/#{hint}.json"
-            machine.write_file(action_handler, ohai_hint, data.to_json, :ensure_dir => true)
-          end
-        end
-      end
-
-      def create_chef_objects(action_handler, machine, public_key)
-        _convergence_options = convergence_options
-        _chef_server = chef_server
-        # Save the node and create the client keys and client.
-        ChefMetal.inline_resource(action_handler) do
-          # Create client
-          chef_client machine.name do
-            chef_server _chef_server
-            source_key public_key
-            output_key_path _convergence_options[:public_key_path]
-            output_key_format _convergence_options[:public_key_format]
-            admin _convergence_options[:admin]
-            validator _convergence_options[:validator]
-          end
-
-          # Create node
-          # TODO strip automatic attributes first so we don't race with "current state"
-          chef_node machine.name do
-            chef_server _chef_server
-            raw_json machine.node
-          end
-        end
-
-        # If using enterprise/hosted chef, fix acls
-        if chef_server[:chef_server_url] =~ /\/+organizations\/.+/
-          grant_client_node_permissions(action_handler, chef_server, machine.name, ["read", "update"])
-        end
-      end
-
-      # Grant the client permissions to the node
-      # This procedure assumes that the client name and node name are the same
-      def grant_client_node_permissions(action_handler, chef_server, node_name, perms)
-        api = Cheffish.chef_server_api(chef_server)
-        node_perms = api.get("/nodes/#{node_name}/_acl")
-        perms.each do |p|
-          if !node_perms[p]['actors'].include?(node_name)
-            action_handler.perform_action "Add #{node_name} to client #{p} ACLs" do
-              node_perms[p]['actors'] << node_name
-              api.put("/nodes/#{node_name}/_acl/#{p}", p => node_perms[p])
-            end
-          end
-        end
-      end
-
-      def client_rb_content(chef_server_url, node_name)
-        <<EOM
-chef_server_url #{chef_server_url.inspect}
-node_name #{node_name.inspect}
-client_key #{convergence_options[:client_pem_path].inspect}
-ssl_verify_mode :verify_none
-EOM
-      end
-    end
-  end
-end
+require "chef/provisioning/convergence_strategy/precreate_chef_objects"