chef-umami 0.0.3

data/lib/chef-umami/client.rb

@@ -0,0 +1,50 @@
+#   Copyright 2017 Bloomberg Finance, L.P.
+#
+#   Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#   You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#   Unless required by applicable law or agreed to in writing, software
+#   distributed under the License is distributed on an "AS IS" BASIS,
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#   See the License for the specific language governing permissions and
+#   limitations under the License.
+
+require 'chef'
+
+module Umami
+  class Client
+
+    attr_reader :client
+    def initialize
+      @client = client
+    end
+
+    def client
+      @client ||= Chef::Client.new
+    end
+
+    # Perform the steps required prior to compiling resources, including
+    # running Ohai and building up the node object.
+    def prep
+      client.run_ohai
+      client.load_node # from the server
+      client.build_node
+    end
+
+    # Execute the compile phase of a Chef client run.
+    def compile
+      prep
+      client.setup_run_context
+    end
+
+    # TODO: This can only be called after #prep completes successfully.
+    # Add some check to determine if the client is actually prepped.
+    def resource_collection
+      client.run_status.run_context.resource_collection
+    end
+
+  end
+end

data/lib/chef-umami/exceptions.rb

@@ -0,0 +1,20 @@
+#   Copyright 2017 Bloomberg Finance, L.P.
+#
+#   Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#   You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#   Unless required by applicable law or agreed to in writing, software
+#   distributed under the License is distributed on an "AS IS" BASIS,
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#   See the License for the specific language governing permissions and
+#   limitations under the License.
+
+module Umami
+
+  class InvalidPolicyfileLockFilename < StandardError
+  end
+
+end

data/lib/chef-umami/helpers.rb

@@ -0,0 +1,18 @@
+#   Copyright 2017 Bloomberg Finance, L.P.
+#
+#   Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#   You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#   Unless required by applicable law or agreed to in writing, software
+#   distributed under the License is distributed on an "AS IS" BASIS,
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#   See the License for the specific language governing permissions and
+#   limitations under the License.
+
+module Umami
+  module Helper
+  end
+end

data/lib/chef-umami/helpers/filetools.rb

@@ -0,0 +1,46 @@
+#   Copyright 2017 Bloomberg Finance, L.P.
+#
+#   Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#   You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#   Unless required by applicable law or agreed to in writing, software
+#   distributed under the License is distributed on an "AS IS" BASIS,
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#   See the License for the specific language governing permissions and
+#   limitations under the License.
+
+module Umami
+  module Helper
+    module FileTools
+
+    require 'fileutils'
+    require 'rubocop'
+
+    def write_file(path = nil, content = '')
+      parent_dir = File.dirname(path)
+      FileUtils.mkdir_p(parent_dir) unless ::File.exist?(parent_dir)
+      f = File.open(path, 'w') # Write with prejudice.
+      f.write(content)
+      f.close
+    end
+
+    # Call Rubocop to ensure proper indentation and thus legibility.
+    def enforce_styling(path = 'spec/umami/')
+      puts "Running Rubocop over '#{path}' to enforce styling..."
+      r = RuboCop::CLI.new
+      # Don't output to STDOUT.
+      args = [
+        '--only', 'Style/IndentationWidth,Style/IndentationConsistency',
+        '--auto-correct',
+        '--out', '/dev/null',
+        path
+      ]
+      r.run(args)
+    end
+
+    end
+  end
+end

data/lib/chef-umami/helpers/inspec.rb

@@ -0,0 +1,153 @@
+#   Copyright 2017 Bloomberg Finance, L.P.
+#
+#   Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#   You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#   Unless required by applicable law or agreed to in writing, software
+#   distributed under the License is distributed on an "AS IS" BASIS,
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#   See the License for the specific language governing permissions and
+#   limitations under the License.
+
+module Umami
+  module Helper
+    module InSpec
+
+      # Call on a resource's #identity method to help describe the resource.
+      # This saves us from having to know/code the identity attribute for each
+      # resource (i.e. File is :path, User is :username, etc).
+      def desciption(resource)
+        identity = resource.identity
+        if identity.is_a? Hash # #identity could return a Hash. Take the first value.
+          identity = identity.values.first
+        end
+        "describe #{resource.declared_type}('#{identity}') do"
+      end
+
+      # All test methods should follow the naming convention 'test_<resource type>'
+      #  1. The methods should build up an array of lines defining the test.
+      #  1. The first element should be the result of a call to
+      #  #description(resource) except in cases where it is not appropriate
+      #  (i.e. testing a directory resource requires defining a file test).
+      #  2. The method should should return a string joined by newlines.
+      #
+      #def test_wutang(resource)
+      #  test = [desciption(resource)]
+      #  test << "it { should be_financially_sound }"
+      #  test << "it { should be_diverisified }"
+      #  test.join("\n")
+      #end
+
+      # InSpec can evaluate if a gem is installed via the system `gem` (default)
+      # or via some other `gem` binary, defined by either the path to the gem
+      # binary of a symbol representing that context.
+      def test_gem_package(resource, gem_binary=nil)
+        package_name = resource.package_name
+        if gem_binary
+          if gem_binary.is_a? Symbol
+            gem_binary = gem_binary.inspect # Stringify the symbol.
+          else
+            gem_binary = "'#{gem_binary}'"
+          end
+          test = ["Gem '#{package_name}' is installed via the #{gem_binary} gem"]
+          test << "describe gem('#{package_name}', #{gem_binary}) do"
+        else
+          test = ["Gem '#{package_name}' is installed via the #{gem_binary} gem"]
+          test << "describe gem('#{package_name}') do"
+        end
+        test << 'it { should be_installed }'
+        test << 'end'
+        test.join("\n")
+      end
+
+      def test_chef_gem(resource)
+        test_gem_package(resource, ':chef')
+      end
+
+      def test_cron(resource)
+        test = [desciption(resource)]
+        cron_entry = "#{resource.minute} "  \
+                     "#{resource.hour} "    \
+                     "#{resource.day} "     \
+                     "#{resource.month} "   \
+                     "#{resource.weekday} " \
+                     "#{resource.command}"
+        test << "it { should have_entry('#{cron_entry}').with_user('#{resource.user}') }"
+        test << "end"
+        test.join("\n")
+      end
+
+      def test_file(resource)
+        test = ["describe file('#{resource.path}') do"]
+        if resource.declared_type =~ /directory/
+          test << "it { should be_directory }"
+        else
+          test << "it { should be_file }"
+        end
+        # Sometimes we see GIDs instead of group names.
+        if !resource.group.nil?
+          unless resource.group.is_a?(String) && resource.group.empty?
+            test << "it { should be_grouped_into '#{resource.group}' }"
+          end
+        end
+        # Guard for UIDs versus usernames as well.
+        if !resource.owner.nil?
+          unless resource.owner.is_a?(String) && resource.owner.empty?
+            test << "it { should be_owned_by '#{resource.owner}' }"
+          end
+        end
+        if !resource.mode.nil?
+          unless resource.mode.is_a?(String) && !resource.mode.empty?
+            test << "it { should be_mode '#{resource.mode}' }"
+          end
+        end
+        test << "end"
+        test.join("\n")
+      end
+      alias_method :test_cookbook_file, :test_file
+      alias_method :test_directory, :test_file
+      alias_method :test_remote_file, :test_file
+      alias_method :test_remote_directory, :test_file
+      alias_method :test_template, :test_file
+
+      def test_group(resource)
+        test = [desciption(resource)]
+        test << "it { should exist }"
+        test << "end"
+        test.join("\n")
+      end
+
+      def test_package(resource)
+        test = [desciption(resource)]
+        if !resource.version.nil? && !resource.version.empty?
+          test << "it { should be_installed.with_version('#{resource.version}') }"
+        else
+          test << "it { should be_installed }"
+        end
+        test << "end"
+        test.join("\n")
+      end
+
+      def test_user(resource)
+        test = [desciption(resource)]
+        test << "it { should exist }"
+        # Guard for GIDs rather than strings. Chef aliases the #group method
+        # to the #gid method.
+        if !resource.gid.nil?
+          unless resource.gid.is_a?(String) && !resource.gid.empty?
+            test << "it { should belong_to_primary_group '#{resource.gid}' }"
+          end
+        end
+        if !resource.home.nil? && !resource.home.empty?
+          test << "it { should have_home_directory '#{resource.home}' }"
+        end
+        test << "end"
+        test.join("\n")
+      end
+
+    end
+  end
+end

data/lib/chef-umami/helpers/os.rb

@@ -0,0 +1,71 @@
+#   Copyright 2017 Bloomberg Finance, L.P.
+#
+#   Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#   You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#   Unless required by applicable law or agreed to in writing, software
+#   distributed under the License is distributed on an "AS IS" BASIS,
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#   See the License for the specific language governing permissions and
+#   limitations under the License.
+
+module Umami
+  module Helper
+    module OS
+      require 'rbconfig'
+
+      # Attempt to determine the appropriate platform to use when instantiating
+      # a ChefSpec runner object.
+      # Refer to https://github.com/chefspec/fauxhai/blob/master/PLATFORMS.md
+      def os
+        @os ||= (
+          host_os = RbConfig::CONFIG['host_os']
+          case host_os
+          when /aix/
+            # `oslevel` => '7.1.0.0'
+            version = `oslevel`[0..2]
+            {platform: 'aix', version: version}
+          when /darwin|mac os/
+            version = `sw_vers -productVersion`.chomp
+            {platform: 'mac_os_x', version: version}
+          when /linux/
+            # Perform very basic tests to determine distribution.
+            if File.exist?('/etc/centos-release')
+              version = File.read('/etc/redhat-release').split[2]
+              {platform: 'centos', version: version}
+            elsif File.exist?('/etc/redhat-release') # True for CentOS too...
+              version = File.read('/etc/redhat-release').split[6]
+              {platform: 'redhat', version: version}
+            else
+              {platform: 'centos', version: '7.3.1611'} # Default to something reasonably sane.
+            end
+          when /solaris/
+            version = `uname -r`.chomp # Release level (i.e. 5.11).
+            {platform: 'solaris', version: version}
+          when /mswin|msys|mingw|cygwin|bccwin|wince|emc/
+            # Refer to https://en.wikipedia.org/wiki/Ver_(command)
+            win_version = `ver`.chomp.split("Version ")[1].gsub(/]/, '')
+            case win_version
+            when /^6.1.7/
+              version = '2008R2' # Also Win 7
+            when /^6.2/
+              version = '2012' # Also Win 8
+            when /^6.3/
+              version = '2012R2' # Also Win 8.1
+            when /^(6.4|10)/
+              version = '10'
+            end
+            {platform: 'windows', version: version}
+          else
+            # Default to something reasonably sane.
+            {platform: 'centos', version: '7.3.1611'}
+          end
+        )
+      end
+
+    end
+  end
+end

data/lib/chef-umami/logger.rb

@@ -0,0 +1,24 @@
+#   Copyright 2017 Bloomberg Finance, L.P.
+#
+#   Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#   You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#   Unless required by applicable law or agreed to in writing, software
+#   distributed under the License is distributed on an "AS IS" BASIS,
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#   See the License for the specific language governing permissions and
+#   limitations under the License.
+
+module Umami
+  module Logger
+
+    # Print messages.
+    # TODO: Flesh this out so it supports different levels (i.e. info, warn).
+    def log(msg = '', level = nil)
+      puts msg
+    end
+  end
+end

data/lib/chef-umami/policyfile.rb

@@ -0,0 +1,18 @@
+#   Copyright 2017 Bloomberg Finance, L.P.
+#
+#   Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#   You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#   Unless required by applicable law or agreed to in writing, software
+#   distributed under the License is distributed on an "AS IS" BASIS,
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#   See the License for the specific language governing permissions and
+#   limitations under the License.
+
+module Umami
+  class Policyfile
+  end
+end

data/lib/chef-umami/policyfile/exporter.rb

@@ -0,0 +1,107 @@
+#   Copyright 2017 Bloomberg Finance, L.P.
+#
+#   Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#   You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#   Unless required by applicable law or agreed to in writing, software
+#   distributed under the License is distributed on an "AS IS" BASIS,
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#   See the License for the specific language governing permissions and
+#   limitations under the License.
+
+require 'chef-dk/policyfile_services/install'
+require 'chef-dk/policyfile_services/export_repo'
+require 'chef-dk/ui'
+require 'tmpdir' # Extends Dir
+
+module Umami
+  class Policyfile
+    class Exporter
+
+      attr_reader   :chef_config_file
+      attr_reader   :cookbook_dir
+      attr_reader   :export_root
+      attr_reader   :export_path
+      attr_accessor :policyfile_lock_file
+      attr_reader   :policyfile
+
+      def initialize(policyfile_lock_file = nil, cookbook_dir = nil, policyfile = nil)
+        @policyfile = policyfile
+        @export_root = Dir.mktmpdir('umami-')
+        # We need the target dir named the same as the source dir so that `chef` commands
+        # work as happily programatically as they would via the command line.
+        # This is because the commands assume they're being run from within a cookbook
+        # directory.
+        @export_path = File.join(export_root, cookbook_dir)
+        @chef_config_file = "#{export_path}/.chef/config.rb"
+      end
+
+      def policyfile
+        @policyfile
+      end
+
+      def ui
+        @ui ||= ChefDK::UI.new
+      end
+
+      # Execute `chef install` to ensure we get a fresh, clean Policyfile lock
+      # file on each run.
+      def install_policy
+        puts "Generating a new Policyfile from '#{policyfile}'..."
+        install_service = ChefDK::PolicyfileServices::Install.new(
+          policyfile: policyfile,
+          ui: ui
+        )
+        @policyfile_lock_file = install_service.storage_config.policyfile_lock_filename
+        install_service.run
+      end
+
+      def fake_client_key
+        "#{export_path}/umami.pem"
+      end
+
+      def cp_fake_client_key
+        # Create a fake client cert based on a dummy cert we have laying around.
+        fake_client_key_src = File.join(File.dirname(__FILE__), %w(.. .. .. support umami.pem))
+        FileUtils.cp(fake_client_key_src, fake_client_key)
+      end
+
+      def update_chef_config
+        File.open(chef_config_file, 'a') do |f|
+          f.puts "chef_server_url 'http://127.0.0.1:8889'"
+          f.puts "cookbook_path ['#{export_path}/cookbook_artifacts']"
+          f.puts "client_key '#{fake_client_key}'"
+          f.puts "node_name 'umami-node'"
+        end
+      end
+
+      # Export the cookbook and prepare a chef-zero-compatible directory.
+      # We'll use this as a temporary launch pad for things, as needed, akin
+      # to test-kitchen's sandbox.
+      def export
+        install_policy
+        export_service = ChefDK::PolicyfileServices::ExportRepo.new(
+          policyfile: policyfile_lock_file,
+          export_dir: export_path
+        )
+        begin
+          export_service.run
+        rescue ChefDK::PolicyfileExportRepoError => e
+          puts "\nFAILED TO EXPORT POLICYFILE: #{e.message} (#{e.class})"
+          puts "CAUSE: #{e.cause}"
+          puts "BACKTRACE:"
+          e.backtrace.each do |line|
+            puts "\t#{line}"
+          end
+          exit(1)
+        end
+        cp_fake_client_key
+        update_chef_config
+      end
+
+    end
+  end
+end