cheffish 0.1

data/lib/cheffish/chef_provider_base.rb

@@ -0,0 +1,222 @@
+require 'chef/config'
+require 'chef/run_list'
+require 'cheffish/cheffish_server_api'
+
+module Cheffish
+  class ChefProviderBase < Chef::Provider::LWRPBase
+    def rest
+      @rest ||= CheffishServerAPI.new(new_resource.chef_server)
+    end
+
+    def current_resource_exists?
+      Array(current_resource.action) != [ :delete ]
+    end
+
+    def not_found_resource
+      resource = resource_class.new(new_resource.name)
+      resource.action :delete
+      resource
+    end
+
+    def normalize_for_put(json)
+      data_handler.normalize_for_put(json, fake_entry)
+    end
+
+    def normalize_for_post(json)
+      data_handler.normalize_for_post(json, fake_entry)
+    end
+
+    def new_json
+      @new_json ||= begin
+        if new_resource.complete
+          result = normalize(resource_to_json(new_resource))
+        else
+          # If resource is incomplete, use current json to fill any holes
+          result = current_json.merge(resource_to_json(new_resource))
+        end
+        augment_new_json(result)
+      end
+    end
+
+    # Meant to be overridden
+    def augment_new_json(json)
+      json
+    end
+
+    def current_json
+      @current_json ||= begin
+        result = normalize(resource_to_json(current_resource))
+        result = augment_current_json(result)
+        result
+      end
+    end
+
+    # Meant to be overridden
+    def augment_current_json(json)
+      json
+    end
+
+    def resource_to_json(resource)
+      json = resource.raw_json || {}
+      keys.each do |json_key, resource_key|
+        value = resource.send(resource_key)
+        json[json_key] = value if value
+      end
+      json
+    end
+
+    def json_to_resource(json)
+      resource = resource_class.new(new_resource.name)
+      keys.each do |json_key, resource_key|
+        resource.send(resource_key, json[json_key])
+      end
+      resource
+    end
+
+    def normalize(json)
+      data_handler.normalize(json, fake_entry)
+    end
+
+    def json_differences(old_json, new_json, print_values=true, name = '', result = nil)
+      result ||= []
+      json_differences_internal(old_json, new_json, print_values, name, result)
+      result
+    end
+
+    def json_differences_internal(old_json, new_json, print_values, name, result)
+      if old_json.kind_of?(Hash) && new_json.kind_of?(Hash)
+        removed_keys = old_json.keys.inject({}) { |hash, key| hash[key] = true; hash }
+        new_json.each_pair do |new_key, new_value|
+          if old_json.has_key?(new_key)
+            removed_keys.delete(new_key)
+            if new_value != old_json[new_key]
+              json_differences_internal(old_json[new_key], new_value, print_values, name == '' ? new_key : "#{name}.#{new_key}", result)
+            end
+          else
+            if print_values
+              result << "add #{name == '' ? new_key : "#{name}.#{new_key}"} = #{new_value.inspect}"
+            else
+              result << "add #{name == '' ? new_key : "#{name}.#{new_key}"}"
+            end
+          end
+        end
+        removed_keys.keys.each do |removed_key|
+          result << "remove #{name == '' ? removed_key : "#{name}.#{removed_key}"}"
+        end
+      else
+        old_json = old_json.to_s if old_json.kind_of?(Symbol)
+        new_json = new_json.to_s if new_json.kind_of?(Symbol)
+        if old_json != new_json
+          if print_values
+            result << "update #{name} from #{old_json.inspect} to #{new_json.inspect}"
+          else
+            result << "update #{name}"
+          end
+        end
+      end
+    end
+
+    def apply_modifiers(modifiers, json)
+      return json if !modifiers || modifiers.size == 0
+
+      # If the attributes have nothing, set them to {} so we have something to add to
+      if json
+        json = Marshal.load(Marshal.dump(json)) # Deep copy
+      else
+        json = {}
+      end
+
+      modifiers.each do |path, value|
+        path = [path] if !path.kind_of?(Array)
+        path = path.map { |path_part| path_part.to_s }
+        parent = path[0..-2].inject(json) { |hash, path_part| hash ? hash[path_part] : nil }
+        existing_value = parent ? parent[path[-1]] : nil
+
+        if value.is_a?(Proc)
+          value = value.call(existing_value)
+        end
+        if value == :delete
+          parent.delete(path[-1]) if parent
+          # TODO clean up parent chain if hash is completely emptied
+        else
+          if !parent
+            # Create parent if necessary
+            parent = path[0..-2].inject(json) do |hash, path_part|
+              hash[path_part] = {} if !hash[path_part]
+              hash[path_part]
+            end
+          end
+          parent[path[-1]] = value
+        end
+      end
+      json
+    end
+
+    def apply_run_list_modifiers(add_to_run_list, delete_from_run_list, run_list)
+      return run_list if (!add_to_run_list || add_to_run_list.size == 0) && (!delete_from_run_list || !delete_from_run_list.size)
+      delete_from_run_list ||= []
+      add_to_run_list ||= []
+
+      run_list = Chef::RunList.new(*run_list)
+
+      result = []
+      add_to_run_list_index = 0
+      run_list_index = 0
+      while run_list_index < run_list.run_list_items.size do
+        # See if the desired run list has this item
+        found_desired = add_to_run_list.index { |item| same_run_list_item(item, run_list[run_list_index]) }
+        if found_desired
+          # If so, copy all items up to that desired run list (to preserve order).
+          # If a run list item is out of order (run_list = X, B, Y, A, Z and desired = A, B)
+          # then this will give us X, A, B.  When A is found later, nothing will be copied
+          # because found_desired will be less than add_to_run_list_index.  The result will
+          # be X, A, B, Y, Z.
+          if found_desired >= add_to_run_list_index
+            result += add_to_run_list[add_to_run_list_index..found_desired].map { |item| item.to_s }
+            add_to_run_list_index = found_desired+1
+          end
+        else
+          # If not, just copy it in
+          unless delete_from_run_list.index { |item| same_run_list_item(item, run_list[run_list_index]) }
+            result << run_list[run_list_index].to_s
+          end
+        end
+        run_list_index += 1
+      end
+
+      # Copy any remaining desired items at the end
+      result += add_to_run_list[add_to_run_list_index..-1].map { |item| item.to_s }
+      result
+    end
+
+    def same_run_list_item(a, b)
+      a_name = a.name
+      b_name = b.name
+      # Handle "a::default" being the same as "a"
+      if a.type == :recipe && a_name =~ /(.+)::default$/
+        a_name = $1
+      elsif b.type == :recipe && b_name =~ /(.+)::default$/
+        b_name = $1
+      end
+
+      a_name == b_name && a.type == b.type # We want to replace things with same name and different version
+    end
+
+    private
+
+    # Needed to be able to use DataHandler classes
+    def fake_entry
+      FakeEntry.new("#{new_resource.send(keys.values.first)}.json")
+    end
+
+    class FakeEntry
+      def initialize(name, parent = nil)
+        @name = name
+        @parent = parent
+      end
+
+      attr_reader :name
+      attr_reader :parent
+    end
+  end
+end

data/lib/cheffish/cheffish_server_api.rb

@@ -0,0 +1,21 @@
+require 'chef/http'
+require 'chef/http/authenticator'
+require 'chef/http/cookie_manager'
+require 'chef/http/decompressor'
+require 'chef/http/json_input'
+require 'chef/http/json_output'
+
+module Cheffish
+  # Just like ServerAPI, except it does not default the server URL or options
+  class CheffishServerAPI < Chef::HTTP
+    def initialize(chef_server)
+      super(chef_server[:chef_server_url], chef_server[:options] || {})
+    end
+
+    use Chef::HTTP::JSONInput
+    use Chef::HTTP::JSONOutput
+    use Chef::HTTP::CookieManager
+    use Chef::HTTP::Decompressor
+    use Chef::HTTP::Authenticator
+  end
+end

data/lib/cheffish/inline_resource.rb

@@ -0,0 +1,88 @@
+module Cheffish
+  class InlineResource
+    def initialize(provider)
+      @provider = provider
+    end
+
+    attr_reader :provider
+
+    def run_context
+      provider.run_context
+    end
+
+    def method_missing(method_symbol, *args, &block)
+      # Stolen ruthlessly from Chef's chef/dsl/recipe.rb
+
+      # Checks the new platform => short_name => resource mapping initially
+      # then fall back to the older approach (Chef::Resource.const_get) for
+      # backward compatibility
+      resource_class = Chef::Resource.resource_for_node(method_symbol, provider.run_context.node)
+
+      super unless resource_class
+      raise ArgumentError, "You must supply a name when declaring a #{method_symbol} resource" unless args.size > 0
+
+      # If we have a resource like this one, we want to steal its state
+      args << run_context
+      resource = resource_class.new(*args)
+      resource.source_line = caller[0]
+      resource.load_prior_resource
+      resource.cookbook_name = provider.cookbook_name
+      resource.recipe_name = @recipe_name
+      resource.params = @params
+      # Determine whether this resource is being created in the context of an enclosing Provider
+      resource.enclosing_provider = provider.is_a?(Chef::Provider) ? provider : nil
+      # Evaluate resource attribute DSL
+      resource.instance_eval(&block) if block
+
+      # Run optional resource hook
+      resource.after_created
+
+      # Do NOT put this in the resource collection.
+      #run_context.resource_collection.insert(resource)
+
+      # Instead, run the action directly.
+      Array(resource.action).each do |action|
+        resource.updated_by_last_action(false)
+        run_provider_action(resource.provider_for_action(action))
+        provider.new_resource.updated_by_last_action(true) if resource.updated_by_last_action?
+      end
+      resource
+    end
+
+    # Do Chef::Provider.run_action, but without events
+    def run_provider_action(inline_provider)
+      if !inline_provider.whyrun_supported?
+        raise "#{inline_provider} is not why-run-safe.  Only why-run-safe resources are supported in inline_resource."
+      end
+
+      # Blatantly ripped off from chef/provider run_action
+
+      # TODO: it would be preferable to get the action to be executed in the
+      # constructor...
+
+      # user-defined LWRPs may include unsafe load_current_resource methods that cannot be run in whyrun mode
+      inline_provider.load_current_resource
+      inline_provider.define_resource_requirements
+      inline_provider.process_resource_requirements
+
+      # user-defined providers including LWRPs may
+      # not include whyrun support - if they don't support it
+      # we can't execute any actions while we're running in
+      # whyrun mode. Instead we 'fake' whyrun by documenting that
+      # we can't execute the action.
+      # in non-whyrun mode, this will still cause the action to be
+      # executed normally.
+      if inline_provider.whyrun_supported? && !inline_provider.requirements.action_blocked?(@action)
+        inline_provider.send("action_#{inline_provider.action}")
+      elsif !inline_provider.whyrun_mode?
+        inline_provider.send("action_#{inline_provider.action}")
+      end
+
+      if inline_provider.resource_updated?
+        inline_provider.new_resource.updated_by_last_action(true)
+      end
+
+      inline_provider.cleanup_after_converge
+    end
+  end
+end

data/lib/cheffish/key_formatter.rb

@@ -0,0 +1,93 @@
+require 'openssl'
+require 'net/ssh'
+require 'etc'
+require 'socket'
+require 'digest/md5'
+
+module Cheffish
+  class KeyFormatter
+    # Returns nil or key, format
+    def self.decode(str, pass_phrase=nil, filename='')
+      key_format = {}
+      key_format[:format] = format_of(str)
+
+      case key_format[:format]
+      when :openssh
+        key = decode_openssh_key(str, filename)
+      else
+        begin
+          key = OpenSSL::PKey.read(str) { pass_phrase }
+        rescue
+          return nil
+        end
+      end
+
+      key_format[:type] = type_of(key)
+      key_format[:size] = size_of(key)
+      key_format[:pass_phrase] = pass_phrase if pass_phrase
+      # TODO cipher, exponent
+
+      [key, key_format]
+    end
+
+    def self.encode(key, key_format)
+      format = key_format[:format] || :pem
+      case format
+      when :openssh
+        encode_openssh_key(key)
+      when :pem
+        if key_format[:pass_phrase]
+          cipher = key_format[:cipher] || 'DES-EDE3-CBC'
+          key.to_pem(OpenSSL::Cipher.new(cipher), key_format[:pass_phrase])
+        else
+          key.to_pem
+        end
+      when :der
+        key.to_der
+      when :fingerprint
+        hexes = Digest::MD5.hexdigest(key.to_der)
+        # Put : between every pair of hexes
+        hexes.scan(/../).join(':')
+      else
+        raise "Unrecognized key format #{format}"
+      end
+    end
+
+    private
+
+    def self.encode_openssh_key(key)
+      # TODO there really isn't a method somewhere in net/ssh or openssl that does this??
+      type = key.ssh_type
+      data = [ key.to_blob ].pack('m0')
+      "#{type} #{data} #{Etc.getlogin}@#{Socket.gethostname}"
+    end
+
+    def self.decode_openssh_key(str, filename='')
+      Net::SSH::KeyFactory.load_data_public_key(str, filename)
+    end
+
+    def self.format_of(key_contents)
+      if key_contents.start_with?('-----BEGIN ')
+        :pem
+      elsif key_contents.start_with?('ssh-rsa ') || key_contents.start_with?('ssh-dss ')
+        :openssh
+      else
+        :der
+      end
+    end
+
+    def self.type_of(key)
+      case key.class
+      when OpenSSL::PKey::RSA
+        :rsa
+      when OpenSSL::PKey::DSA
+        :dsa
+      end
+    end
+
+    def self.size_of(key)
+      # TODO DSA -- this is RSA only
+      key.n.num_bytes * 8
+    end
+  end
+end

data/lib/cheffish/recipe_dsl.rb

@@ -0,0 +1,98 @@
+require 'cheffish'
+
+require 'chef_zero/server'
+require 'chef/chef_fs/chef_fs_data_store'
+require 'chef/chef_fs/config'
+
+class Chef
+  class Recipe
+    def with_chef_data_bag(name)
+      old_enclosing_data_bag = Cheffish.enclosing_data_bag
+      Cheffish.enclosing_data_bag = name
+      if block_given?
+        begin
+          yield
+        ensure
+          Cheffish.enclosing_data_bag = old_enclosing_data_bag
+        end
+      end
+    end
+
+    def with_chef_environment(name)
+      old_enclosing_environment = Cheffish.enclosing_environment
+      Cheffish.enclosing_environment = name
+      if block_given?
+        begin
+          yield
+        ensure
+          Cheffish.enclosing_environment = old_enclosing_environment
+        end
+      end
+    end
+
+    def with_chef_data_bag_item_encryption(encryption_options)
+      old_enclosing_data_bag_item_encryption = Cheffish.enclosing_data_bag_item_encryption
+      Cheffish.enclosing_data_bag_item_encryption = encryption_options
+      if block_given?
+        begin
+          yield
+        ensure
+          Cheffish.enclosing_data_bag_item_encryption = old_enclosing_data_bag_item_encryption
+        end
+      end
+    end
+
+    def with_chef_server(server_url, options = {})
+      old_enclosing_chef_server = Cheffish.enclosing_chef_server
+      Cheffish.enclosing_chef_server = { :chef_server_url => server_url, :options => options }
+      if block_given?
+        begin
+          yield
+        ensure
+          Cheffish.enclosing_chef_server = old_enclosing_chef_server
+        end
+      end
+    end
+
+    def with_chef_local_server(options, &block)
+      options[:host] ||= '127.0.0.1'
+      options[:log_level] ||= Chef::Log.level
+      options[:port] ||= 8900
+
+      # Create the data store chef-zero will use
+      options[:data_store] ||= begin
+        if !options[:chef_repo_path]
+          raise "chef_repo_path must be specified to with_chef_local_server"
+        end
+
+        # Ensure all paths are given
+        %w(acl client cookbook container data_bag environment group node role).each do |type|
+          options["#{type}_path".to_sym] ||= begin
+            if options[:chef_repo_path].kind_of?(String)
+              Chef::Config.path_join(options[:chef_repo_path], "#{type}s")
+            else
+              options[:chef_repo_path].map { |path| Chef::Config.path_join(path, "#{type}s")}
+            end
+          end
+          # Work around issue in earlier versions of ChefFS where it expects strings for these
+          # instead of symbols
+          options["#{type}_path"] = options["#{type}_path".to_sym]
+        end
+
+        chef_fs = Chef::ChefFS::Config.new(options).local_fs
+        chef_fs.write_pretty_json = true
+        Chef::ChefFS::ChefFSDataStore.new(chef_fs)
+      end
+
+      # Start the chef-zero server
+      Chef::Log.info("Starting chef-zero on port #{options[:port]} with repository at #{options[:data_store].chef_fs.fs_description}")
+      chef_zero_server = ChefZero::Server.new(options)
+      chef_zero_server.start_background
+
+      @@local_servers ||= []
+      @@local_servers << chef_zero_server
+
+      with_chef_server(chef_zero_server.url, &block)
+    end
+  end
+end