chef-workflow 0.1.0

data/lib/chef-workflow/support/attr.rb

@@ -0,0 +1,31 @@
+#
+# Mixin to make exposing attr modification via `instance_eval` easier.
+#
+module AttrSupport
+  #
+  # Defines an attribute that is both a standard writer, but with an overloaded
+  # reader that accepts an optional argument. Equivalent to this code for `foo`:
+  #
+  #     attr_writer :foo
+  #
+  #     def foo(*args)
+  #       if args.count > 0
+  #         @foo = arg
+  #       end
+  #
+  #       @foo
+  #     end
+  #
+  def fancy_attr(name)
+    class_eval <<-EOF
+      attr_writer :#{name}
+      def #{name}(*args)
+        if args.count > 0
+          @#{name} = args.first
+        end
+
+        @#{name}
+      end
+    EOF
+  end
+end

data/lib/chef-workflow/support/debug.rb

@@ -0,0 +1,51 @@
+#
+# mixin to assist with adding debug messages.
+#
+module DebugSupport
+
+  CHEF_WORKFLOW_DEBUG_DEFAULT = 2
+
+  #
+  # Conditionally executes based on the level of debugging requested.
+  #
+  # `CHEF_WORKFLOW_DEBUG` in the environment is converted to an integer. This
+  # integer is compared to the first argument. If it is higher than the first
+  # argument, the block supplied will execute.
+  #
+  # Optionally, if there is a `else_block`, this block will be executed if the
+  # condition is *not* met. This allows a slightly more elegant (if less ugly)
+  # variant of dealing with the situation where if debugging is on, do one
+  # thing, and if not, do something else.
+  #
+  # Examples:
+  #
+  #     if_debug(1) do
+  #       $stderr.puts "Here's a debug message"
+  #     end
+  #
+  # This will print "here's a debug message" to standard error if debugging is
+  # set to 1 or greater.
+  #
+  #     do_thing = lambda { run_thing }
+  #     if_debug(2, &do_thing) do
+  #       $stderr.puts "Doing this thing"
+  #       do_thing.call
+  #     end
+  #
+  # If debugging is set to 2 or higher, "Doing this thing" will be printed to
+  # standard error and then `run_thing` will be executed. If lower than 2 or
+  # off, will just execute `run_thing`.
+  #
+  def if_debug(minimum=1, else_block=nil)
+    $CHEF_WORKFLOW_DEBUG ||= 
+      ENV.has_key?("CHEF_WORKFLOW_DEBUG") ? 
+        ENV["CHEF_WORKFLOW_DEBUG"].to_i : 
+        CHEF_WORKFLOW_DEBUG_DEFAULT
+
+    if $CHEF_WORKFLOW_DEBUG >= minimum
+      yield if block_given?
+    elsif else_block
+      else_block.call
+    end
+  end
+end

data/lib/chef-workflow/support/ec2.rb

@@ -0,0 +1,170 @@
+require 'aws'
+require 'chef-workflow/support/generic'
+require 'chef-workflow/support/general'
+require 'chef-workflow/support/debug'
+require 'chef-workflow/support/attr'
+
+class EC2Support
+  extend AttrSupport
+  include DebugSupport
+
+  fancy_attr :access_key_id
+  fancy_attr :secret_access_key
+  fancy_attr :ami
+  fancy_attr :instance_type
+  fancy_attr :region
+  fancy_attr :ssh_key
+  fancy_attr :security_groups
+  fancy_attr :security_group_open_ports
+  fancy_attr :provision_wait
+
+  def initialize
+    self.security_groups :auto
+    self.security_group_open_ports [22, 4000]
+    self.provision_wait 300
+  end
+
+  def ec2_obj
+    args = 
+      if access_key_id and secret_access_key
+        {
+          :access_key_id => access_key_id,
+          :secret_access_key => secret_access_key
+        }
+      else
+        {
+          :access_key_id => ENV["AWS_ACCESS_KEY_ID"],
+          :secret_access_key => ENV["AWS_SECRET_ACCESS_KEY"]
+        }
+      end
+
+    ec2 = AWS::EC2.new(args)
+    ec2.regions[region]
+  end
+
+  #
+  # Only used if security_groups is set to auto. Returns the filename to
+  # marshal the automatically created security groups to.
+  #
+  def security_group_setting_path
+    File.join(GeneralSupport.singleton.workflow_dir, 'security-groups')
+  end
+
+  #
+  # Creates a security group and saves it to the security_group_setting_path.
+  #
+  def create_security_group
+    aws_ec2 = ec2_obj
+
+    name = nil
+
+    loop do
+      name = 'chef-workflow-' + (0..rand(10).to_i).map { rand(0..9).to_s }.join("")
+
+      if_debug(3) do
+        $stderr.puts "Seeing if security group name #{name} is taken"
+      end
+
+      break unless aws_ec2.security_groups[name].exists?
+      sleep 0.3
+    end
+
+    group = aws_ec2.security_groups.create(name)
+
+    security_group_open_ports.each do |port|
+      group.authorize_ingress(:tcp, port)
+      group.authorize_ingress(:udp, port)
+    end
+
+    group.authorize_ingress(:tcp, (0..65535), group)
+    group.authorize_ingress(:udp, (0..65535), group)
+
+    # XXX I think the name should be enough, but maybe this'll cause a problem.
+    File.binwrite(security_group_setting_path, Marshal.dump([name]))
+    return [name]
+  end
+
+  #
+  # Loads any stored security groups. Returns nil if it can't.
+  #
+  def load_security_group
+    Marshal.load(File.binread(security_group_setting_path)) rescue nil
+  end
+
+  #
+  # Ensures security groups exist.
+  #
+  # If @security_groups is :auto, creates one and sets it up with the
+  # security_group_open_ports on TCP and UDP.
+  #
+  # If @security_groups is an array of group names or a single group name,
+  # asserts they exist. If they do not exist, it raises.
+  #
+  def assert_security_groups
+    aws_ec2 = ec2_obj
+
+    if security_groups == :auto
+      loaded_groups = load_security_group
+
+      # this will make it hit the second block everytime from now on (and
+      # bootstrap it recursively)
+      if loaded_groups
+        self.security_groups loaded_groups
+        assert_security_groups
+      else
+        self.security_groups create_security_group
+      end
+    else
+      self.security_groups = [security_groups] unless security_groups.kind_of?(Array)
+
+      self.security_groups.each do |group|
+        #
+        # just retry this until it works -- some stupid flexible proxy in aws-sdk will bark about a missing method otherwise.
+        #
+
+        begin
+          aws_ec2.security_groups[group]
+        rescue
+          sleep 1
+          retry
+        end
+
+        raise "EC2 security group #{group} does not exist and it should." unless aws_ec2.security_groups[group]
+      end
+    end
+  end
+
+  def find_secgroup_running_instances(group_name)
+    # exponential complexity with API calls? NO PROBLEM
+    ec2_obj.instances.select do |i| 
+      i.status != :terminated &&
+        i.security_groups.find { |s| s.name == group_name }
+    end
+  end
+
+  def destroy_security_group
+    if File.exist?(security_group_setting_path)
+      group_name = Marshal.load(File.binread(security_group_setting_path)).first
+
+      until (instances = find_secgroup_running_instances(group_name)).empty?
+        if_debug(1) do
+          $stderr.puts "Trying to destroy security group #{group_name}, but instances are still bound to it."
+          $stderr.puts instances.map(&:id).inspect
+          $stderr.puts "Terminating instances, sleeping, and trying again."
+        end
+        
+        instances.each do |i|
+          i.terminate rescue nil
+        end
+
+        sleep 10
+      end
+
+      ec2_obj.security_groups.find { |g| g.name == group_name }.delete
+    end
+  end
+
+  include GenericSupport
+end
+
+EC2Support.configure

data/lib/chef-workflow/support/general.rb

@@ -0,0 +1,63 @@
+require 'chef-workflow/support/generic'
+require 'chef-workflow/support/attr'
+require 'chef-workflow/support/vm/ec2'
+require 'chef-workflow/support/vm/vagrant'
+
+#
+# General configuration, typically global to all chef-workflow related things.
+# See `GenericSupport` for a rundown of usage.
+#
+class GeneralSupport
+  # Standard chef-workflow dir.
+  DEFAULT_CHEF_WORKFLOW_DIR   = File.join(Dir.pwd, '.chef-workflow')
+  # Location of the VM database.
+  DEFAULT_CHEF_VM_FILE        = File.join(DEFAULT_CHEF_WORKFLOW_DIR, 'vms')
+  # Location of the chef-server prison file (vagrant only).
+  DEFAULT_CHEF_SERVER_PRISON  = File.join(DEFAULT_CHEF_WORKFLOW_DIR, 'chef-server')
+
+  extend AttrSupport 
+
+  ##
+  # :attr:
+  # 
+  # configure the workflow directory
+  fancy_attr :workflow_dir
+
+  ##
+  # :attr:
+  #
+  # configure the location of the vm file
+  fancy_attr :vm_file
+
+  ##
+  # :attr:
+  #
+  # configure the location of the chef server prison.
+  fancy_attr :chef_server_prison
+
+  def initialize(opts={})
+    @workflow_dir       = opts[:workflow_dir]       || DEFAULT_CHEF_WORKFLOW_DIR 
+    @vm_file            = opts[:vm_file]            || DEFAULT_CHEF_VM_FILE
+    @chef_server_prison = opts[:chef_server_prison] || DEFAULT_CHEF_SERVER_PRISON
+    machine_provisioner :vagrant
+  end
+
+  def machine_provisioner(*args)
+    if args.count > 0
+      @machine_provisioner = case args.first
+                             when :ec2
+                               VM::EC2Provisioner
+                             when :vagrant
+                               VM::VagrantProvisioner
+                             else
+                               args.first
+                             end
+    end
+
+    @machine_provisioner
+  end
+
+  include GenericSupport
+end
+
+GeneralSupport.configure

data/lib/chef-workflow/support/generic.rb

@@ -0,0 +1,30 @@
+#
+# mixin for supplying a consistent interface to singleton configuration classes.
+#
+
+module GenericSupport
+  #-- 
+  # it's cool; this isn't absolutely evil or anything.
+  #++
+  def self.included(klass)
+    class << klass
+      # The singleton object that is supplying the current configuration.
+      # Always reference this when working with classes that use this
+      # interface.
+      attr_reader :singleton
+
+      # circular references, oh my
+      attr_accessor :supported_class
+
+      #
+      # Configure the singleton. Instance evals a block that you can set stuff on.
+      #
+      def configure(&block)
+        @singleton ||= self.supported_class.new
+        @singleton.instance_eval(&block) if block
+      end
+    end
+
+    klass.supported_class = klass
+  end
+end

data/lib/chef-workflow/support/ip.rb

@@ -0,0 +1,129 @@
+require 'delegate'
+require 'fileutils'
+require 'chef-workflow/support/generic'
+require 'chef-workflow/support/attr'
+
+ENV["TEST_CHEF_SUBNET"] ||= "10.10.10.0"
+
+#
+# IP allocation database. Uses `GenericSupport`.
+#
+class IPSupport < DelegateClass(Hash)
+  extend AttrSupport
+
+  ##
+  # :attr:
+  #
+  # The subnet used for calculating assignable IP addresses. You really want to
+  # set `TEST_CHEF_SUBNET` in your environment instead of changing this.
+  #
+  fancy_attr :subnet
+
+  ##
+  # :attr:
+  #
+  # The location of the ip database.
+  #
+  fancy_attr :ip_file
+
+  def initialize(subnet=ENV["TEST_CHEF_SUBNET"], ip_file=File.join(Dir.pwd, '.chef-workflow', 'ips'))
+    @subnet = subnet
+    reset
+    @ip_file = ip_file
+    super(@ip_assignment)
+  end
+
+  #
+  # Resets (clears) the IP database.
+  #
+  def reset
+    @ip_assignment = { }
+  end
+
+  #
+  # Loads the IP database from disk. Location is based on the `ip_file` accessor.
+  #
+  def load
+    if File.exist?(ip_file)
+      @ip_assignment = Marshal.load(File.binread(ip_file))
+    end
+  end
+
+  #
+  # Saves the IP database to disk. Location is based on the `ip_file` accessor.
+  #
+  def write
+    FileUtils.mkdir_p(File.dirname(ip_file))
+    File.binwrite(ip_file, Marshal.dump(@ip_assignment))
+  end
+
+  #
+  # Gets the next unallocated IP, given an IP to start with.
+  #
+  def next_ip(arg)
+    octets = arg.split(/\./, 4).map(&:to_i)
+    octets[3] += 1
+    raise "out of ips!" if octets[3] > 255
+    return octets.map(&:to_s).join(".")
+  end
+
+  #
+  # Gets the next un-used IP. This basically calls `next_ip` with knowledge of
+  # the database.
+  #
+  def unused_ip
+    ip = next_ip(@subnet)
+
+    while ip_used?(ip)
+      ip = next_ip(ip)
+    end
+
+    return ip
+  end
+
+  #
+  # Predicate to determine if an IP is in use.
+  #
+  def ip_used?(ip)
+    @ip_assignment.values.flatten.include?(ip)
+  end
+
+  #
+  # Appends an IP to a role.
+  #
+  def assign_role_ip(role, ip)
+    @ip_assignment[role] ||= []
+    @ip_assignment[role].push(ip)
+  end
+
+  #
+  # Removes the role and all associated IPs.
+  #
+  def delete_role(role)
+    @ip_assignment.delete(role)
+  end
+
+  #
+  # Gets all the IPs for a role, as an array of strings.
+  #
+  def get_role_ips(role)
+    @ip_assignment[role] || []
+  end
+
+  #
+  # Helper method for vagrant. Vagrant always occupies .1 of any subnet it
+  # configures host-only networking on. This takes care of doing that.
+  #
+  def seed_vagrant_ips
+    # vagrant requires that .1 be used by vagrant. ugh.
+    dot_one_ip = @subnet.gsub(/\.\d+$/, '.1')
+    unless ip_used?(dot_one_ip)
+      assign_role_ip("vagrant-reserved", dot_one_ip)
+    end
+  end
+
+  include GenericSupport
+end
+
+IPSupport.configure
+IPSupport.singleton.load