cheffish 1.3.1 → 1.4.0

data/lib/chef/provider/chef_resolved_cookbooks.rb

@@ -1,41 +1,46 @@
-require 'chef/provider/lwrp_base'
-require 'chef_zero'
-
-class Chef::Provider::ChefResolvedCookbooks < Chef::Provider::LWRPBase
-
-  action :resolve do
-    new_resource.cookbooks_from.each do |path|
-      ::Dir.entries(path).each do |name|
-        if ::File.directory?(::File.join(path, name)) && name != '.' && name != '..'
-          new_resource.berksfile.cookbook name, :path => ::File.join(path, name)
-        end
-      end
-    end
-
-    new_resource.berksfile.install
-
-    # Ridley really really wants a key :/
-    if new_resource.chef_server[:options][:signing_key_filename]
-      new_resource.berksfile.upload(
-        :server_url => new_resource.chef_server[:chef_server_url],
-        :client_name => new_resource.chef_server[:options][:client_name],
-        :client_key => new_resource.chef_server[:options][:signing_key_filename])
-    else
-      file = Tempfile.new('privatekey')
-      begin
-        file.write(ChefZero::PRIVATE_KEY)
-        file.close
-
-        new_resource.berksfile.upload(
-          :server_url => new_resource.chef_server[:chef_server_url],
-          :client_name => new_resource.chef_server[:options][:client_name] || 'me',
-          :client_key => file.path)
-
-      ensure
-        file.close
-        file.unlink
-      end
-    end
-  end
-
-end
+require 'chef/provider/lwrp_base'
+require 'chef_zero'
+
+class Chef
+  class Provider
+    class ChefResolvedCookbooks < Chef::Provider::LWRPBase
+      provides :chef_resolved_cookbooks
+
+      action :resolve do
+        new_resource.cookbooks_from.each do |path|
+          ::Dir.entries(path).each do |name|
+            if ::File.directory?(::File.join(path, name)) && name != '.' && name != '..'
+              new_resource.berksfile.cookbook name, :path => ::File.join(path, name)
+            end
+          end
+        end
+
+        new_resource.berksfile.install
+
+        # Ridley really really wants a key :/
+        if new_resource.chef_server[:options][:signing_key_filename]
+          new_resource.berksfile.upload(
+            :server_url => new_resource.chef_server[:chef_server_url],
+            :client_name => new_resource.chef_server[:options][:client_name],
+            :client_key => new_resource.chef_server[:options][:signing_key_filename])
+        else
+          file = Tempfile.new('privatekey')
+          begin
+            file.write(ChefZero::PRIVATE_KEY)
+            file.close
+
+            new_resource.berksfile.upload(
+              :server_url => new_resource.chef_server[:chef_server_url],
+              :client_name => new_resource.chef_server[:options][:client_name] || 'me',
+              :client_key => file.path)
+
+          ensure
+            file.close
+            file.unlink
+          end
+        end
+      end
+
+    end
+  end
+end

data/lib/chef/provider/chef_role.rb

@@ -1,79 +1,84 @@
-require 'cheffish/chef_provider_base'
-require 'chef/resource/chef_role'
-require 'chef/chef_fs/data_handler/role_data_handler'
-
-class Chef::Provider::ChefRole < Cheffish::ChefProviderBase
-
-  def whyrun_supported?
-    true
-  end
-
-  action :create do
-    differences = json_differences(current_json, new_json)
-
-    if current_resource_exists?
-      if differences.size > 0
-        description = [ "update role #{new_resource.name} at #{rest.url}" ] + differences
-        converge_by description do
-          rest.put("roles/#{new_resource.name}", normalize_for_put(new_json))
-        end
-      end
-    else
-      description = [ "create role #{new_resource.name} at #{rest.url}" ] + differences
-      converge_by description do
-        rest.post("roles", normalize_for_post(new_json))
-      end
-    end
-  end
-
-  action :delete do
-    if current_resource_exists?
-      converge_by "delete role #{new_resource.name} at #{rest.url}" do
-        rest.delete("roles/#{new_resource.name}")
-      end
-    end
-  end
-
-  def load_current_resource
-    begin
-      @current_resource = json_to_resource(rest.get("roles/#{new_resource.name}"))
-    rescue Net::HTTPServerException => e
-      if e.response.code == "404"
-        @current_resource = not_found_resource
-      else
-        raise
-      end
-    end
-  end
-
-  def augment_new_json(json)
-    # Apply modifiers
-    json['run_list'] = apply_run_list_modifiers(new_resource.run_list_modifiers, new_resource.run_list_removers, json['run_list'])
-    json['default_attributes'] = apply_modifiers(new_resource.default_attribute_modifiers, json['default_attributes'])
-    json['override_attributes'] = apply_modifiers(new_resource.override_attribute_modifiers, json['override_attributes'])
-    json
-  end
-
-  #
-  # Helpers
-  #
-
-  def resource_class
-    Chef::Resource::ChefRole
-  end
-
-  def data_handler
-    Chef::ChefFS::DataHandler::RoleDataHandler.new
-  end
-
-  def keys
-    {
-      'name' => :name,
-      'description' => :description,
-      'run_list' => :run_list,
-      'env_run_lists' => :env_run_lists,
-      'default_attributes' => :default_attributes,
-      'override_attributes' => :override_attributes
-    }
-  end
-end
+require 'cheffish/chef_provider_base'
+require 'chef/resource/chef_role'
+require 'chef/chef_fs/data_handler/role_data_handler'
+
+class Chef
+  class Provider
+    class ChefRole < Cheffish::ChefProviderBase
+      provides :chef_role
+
+      def whyrun_supported?
+        true
+      end
+
+      action :create do
+        differences = json_differences(current_json, new_json)
+
+        if current_resource_exists?
+          if differences.size > 0
+            description = [ "update role #{new_resource.name} at #{rest.url}" ] + differences
+            converge_by description do
+              rest.put("roles/#{new_resource.name}", normalize_for_put(new_json))
+            end
+          end
+        else
+          description = [ "create role #{new_resource.name} at #{rest.url}" ] + differences
+          converge_by description do
+            rest.post("roles", normalize_for_post(new_json))
+          end
+        end
+      end
+
+      action :delete do
+        if current_resource_exists?
+          converge_by "delete role #{new_resource.name} at #{rest.url}" do
+            rest.delete("roles/#{new_resource.name}")
+          end
+        end
+      end
+
+      def load_current_resource
+        begin
+          @current_resource = json_to_resource(rest.get("roles/#{new_resource.name}"))
+        rescue Net::HTTPServerException => e
+          if e.response.code == "404"
+            @current_resource = not_found_resource
+          else
+            raise
+          end
+        end
+      end
+
+      def augment_new_json(json)
+        # Apply modifiers
+        json['run_list'] = apply_run_list_modifiers(new_resource.run_list_modifiers, new_resource.run_list_removers, json['run_list'])
+        json['default_attributes'] = apply_modifiers(new_resource.default_attribute_modifiers, json['default_attributes'])
+        json['override_attributes'] = apply_modifiers(new_resource.override_attribute_modifiers, json['override_attributes'])
+        json
+      end
+
+      #
+      # Helpers
+      #
+
+      def resource_class
+        Chef::Resource::ChefRole
+      end
+
+      def data_handler
+        Chef::ChefFS::DataHandler::RoleDataHandler.new
+      end
+
+      def keys
+        {
+          'name' => :name,
+          'description' => :description,
+          'run_list' => :run_list,
+          'env_run_lists' => :env_run_lists,
+          'default_attributes' => :default_attributes,
+          'override_attributes' => :override_attributes
+        }
+      end
+    end
+  end
+end

data/lib/chef/provider/chef_user.rb

@@ -1,54 +1,59 @@
-require 'cheffish/actor_provider_base'
-require 'chef/resource/chef_user'
-require 'chef/chef_fs/data_handler/user_data_handler'
-
-class Chef::Provider::ChefUser < Cheffish::ActorProviderBase
-
-  def whyrun_supported?
-    true
-  end
-
-  action :create do
-    create_actor
-  end
-
-  action :delete do
-    delete_actor
-  end
-
-  #
-  # Helpers
-  #
-  # Gives us new_json, current_json, not_found_json, etc.
-
-  def actor_type
-    'user'
-  end
-
-  def actor_path
-    "#{rest.root_url}/users"
-  end
-
-  def resource_class
-    Chef::Resource::ChefUser
-  end
-
-  def data_handler
-    Chef::ChefFS::DataHandler::UserDataHandler.new
-  end
-
-  def keys
-    {
-      'name' => :name,
-      'username' => :name,
-      'display_name' => :display_name,
-      'admin' => :admin,
-      'email' => :email,
-      'password' => :password,
-      'external_authentication_uid' => :external_authentication_uid,
-      'recovery_authentication_enabled' => :recovery_authentication_enabled,
-      'public_key' => :source_key
-    }
-  end
-
-end
+require 'cheffish/actor_provider_base'
+require 'chef/resource/chef_user'
+require 'chef/chef_fs/data_handler/user_data_handler'
+
+class Chef
+  class Provider
+    class ChefUser < Cheffish::ActorProviderBase
+      provides :chef_user
+
+      def whyrun_supported?
+        true
+      end
+
+      action :create do
+        create_actor
+      end
+
+      action :delete do
+        delete_actor
+      end
+
+      #
+      # Helpers
+      #
+      # Gives us new_json, current_json, not_found_json, etc.
+
+      def actor_type
+        'user'
+      end
+
+      def actor_path
+        "#{rest.root_url}/users"
+      end
+
+      def resource_class
+        Chef::Resource::ChefUser
+      end
+
+      def data_handler
+        Chef::ChefFS::DataHandler::UserDataHandler.new
+      end
+
+      def keys
+        {
+          'name' => :name,
+          'username' => :name,
+          'display_name' => :display_name,
+          'admin' => :admin,
+          'email' => :email,
+          'password' => :password,
+          'external_authentication_uid' => :external_authentication_uid,
+          'recovery_authentication_enabled' => :recovery_authentication_enabled,
+          'public_key' => :source_key
+        }
+      end
+
+    end
+  end
+end

data/lib/chef/provider/private_key.rb

@@ -1,220 +1,225 @@
-require 'chef/provider/lwrp_base'
-require 'openssl'
-require 'cheffish/key_formatter'
-
-class Chef::Provider::PrivateKey < Chef::Provider::LWRPBase
-
-  action :create do
-    create_key(false, :create)
-  end
-
-  action :regenerate do
-    create_key(true, :regenerate)
-  end
-
-  action :delete do
-    if current_resource.path
-      converge_by "delete private key #{new_path}" do
-        ::File.unlink(new_path)
-      end
-    end
-  end
-
-  use_inline_resources
-
-  def whyrun_supported?
-    true
-  end
-
-  def create_key(regenerate, action)
-    if @should_create_directory
-      Cheffish.inline_resource(self, action) do
-        directory run_context.config[:private_key_write_path]
-      end
-    end
-
-    final_private_key = nil
-    if new_source_key
-      #
-      # Create private key from source
-      #
-      desired_output = encode_private_key(new_source_key)
-      if current_resource.path == :none || desired_output != IO.read(new_path)
-        converge_by "reformat key at #{new_resource.source_key_path} to #{new_resource.format} private key #{new_path} (#{new_resource.pass_phrase ? ", #{new_resource.cipher} password" : ""})" do
-          IO.write(new_path, desired_output)
-        end
-      end
-
-      final_private_key = new_source_key
-
-    else
-      #
-      # Generate a new key
-      #
-      if current_resource.action == [ :delete ] || regenerate ||
-        (new_resource.regenerate_if_different &&
-          (!current_private_key ||
-           current_resource.size != new_resource.size ||
-           current_resource.type != new_resource.type))
-
-       case new_resource.type
-        when :rsa
-          if new_resource.exponent
-            final_private_key = OpenSSL::PKey::RSA.generate(new_resource.size, new_resource.exponent)
-          else
-            final_private_key = OpenSSL::PKey::RSA.generate(new_resource.size)
-          end
-        when :dsa
-          final_private_key = OpenSSL::PKey::DSA.generate(new_resource.size)
-        end
-
-        generated_key = true
-      elsif !current_private_key
-        raise "Could not read private key from #{current_resource.path}: missing pass phrase?"
-      else
-        final_private_key = current_private_key
-        generated_key = false
-      end
-
-      if generated_key
-        generated_description = " (#{new_resource.size} bits#{new_resource.pass_phrase ? ", #{new_resource.cipher} password" : ""})"
-
-        if new_path != :none
-          action = current_resource.path == :none ? 'create' : 'overwrite'
-          converge_by "#{action} #{new_resource.type} private key #{new_path}#{generated_description}" do
-            write_private_key(final_private_key)
-          end
-        else
-          converge_by "generate private key#{generated_description}" do
-          end
-        end
-      else
-        # Warn if existing key has different characteristics than expected
-        if current_resource.size != new_resource.size
-          Chef::Log.warn("Mismatched key size!  #{current_resource.path} is #{current_resource.size} bytes, desired is #{new_resource.size} bytes.  Use action :regenerate to force key regeneration.")
-        elsif current_resource.type != new_resource.type
-          Chef::Log.warn("Mismatched key type!  #{current_resource.path} is #{current_resource.type}, desired is #{new_resource.type} bytes.  Use action :regenerate to force key regeneration.")
-        end
-
-        if current_resource.format != new_resource.format
-          converge_by "change format of #{new_resource.type} private key #{new_path} from #{current_resource.format} to #{new_resource.format}" do
-            write_private_key(current_private_key)
-          end
-        elsif (@current_file_mode & 0077) != 0
-          new_mode = @current_file_mode & 07700
-          converge_by "change mode of private key #{new_path} to #{new_mode.to_s(8)}" do
-            ::File.chmod(new_mode, new_path)
-          end
-        end
-      end
-    end
-
-    if new_resource.public_key_path
-      public_key_path = new_resource.public_key_path
-      public_key_format = new_resource.public_key_format
-      Cheffish.inline_resource(self, action) do
-        public_key public_key_path do
-          source_key final_private_key
-          format public_key_format
-        end
-      end
-    end
-
-    if new_resource.after
-      new_resource.after.call(new_resource, final_private_key)
-    end
-  end
-
-  def encode_private_key(key)
-    key_format = {}
-    key_format[:format] = new_resource.format if new_resource.format
-    key_format[:pass_phrase] = new_resource.pass_phrase if new_resource.pass_phrase
-    key_format[:cipher] = new_resource.cipher if new_resource.cipher
-    Cheffish::KeyFormatter.encode(key, key_format)
-  end
-
-  def write_private_key(key)
-    ::File.open(new_path, 'w') do |file|
-      file.chmod(0600)
-      file.write(encode_private_key(key))
-    end
-  end
-
-  def new_source_key
-    @new_source_key ||= begin
-      if new_resource.source_key.is_a?(String)
-        source_key, source_key_format = Cheffish::KeyFormatter.decode(new_resource.source_key, new_resource.source_key_pass_phrase)
-        source_key
-      elsif new_resource.source_key
-        new_resource.source_key
-      elsif new_resource.source_key_path
-        source_key, source_key_format = Cheffish::KeyFormatter.decode(IO.read(new_resource.source_key_path), new_resource.source_key_pass_phrase, new_resource.source_key_path)
-        source_key
-      else
-        nil
-      end
-    end
-  end
-
-  attr_reader :current_private_key
-
-  def new_path
-    new_key_with_path[1]
-  end
-
-  def new_key_with_path
-    path = new_resource.path
-    if path.is_a?(Symbol)
-      return [ nil, path ]
-    elsif Pathname.new(path).relative?
-      private_key, private_key_path = Cheffish.get_private_key_with_path(path, run_context.config)
-      if private_key
-        return [ private_key, (private_key_path || :none) ]
-      elsif run_context.config[:private_key_write_path]
-        @should_create_directory = true
-        path = ::File.join(run_context.config[:private_key_write_path], path)
-        return [ nil, path ]
-      else
-        raise "Could not find key #{path} and Chef::Config.private_key_write_path is not set."
-      end
-    elsif ::File.exist?(path)
-      return [ IO.read(path), path ]
-    else
-      return [ nil, path ]
-    end
-  end
-
-  def load_current_resource
-    resource = Chef::Resource::PrivateKey.new(new_resource.name, run_context)
-
-    new_key, new_path = new_key_with_path
-    if new_path != :none && ::File.exist?(new_path)
-      resource.path new_path
-      @current_file_mode = ::File.stat(new_path).mode
-    else
-      resource.path :none
-    end
-
-    if new_key
-      begin
-        key, key_format = Cheffish::KeyFormatter.decode(new_key, new_resource.pass_phrase, new_path)
-        if key
-          @current_private_key = key
-          resource.format key_format[:format]
-          resource.type key_format[:type]
-          resource.size key_format[:size]
-          resource.exponent key_format[:exponent]
-          resource.pass_phrase key_format[:pass_phrase]
-          resource.cipher key_format[:cipher]
-        end
-      rescue
-        # If there's an error reading, we assume format and type are wrong and don't futz with them
-        Chef::Log.warn("Error reading #{new_path}: #{$!}")
-      end
-    else
-      resource.action :delete
-    end
-
-    @current_resource = resource
-  end
-end
+require 'chef/provider/lwrp_base'
+require 'openssl'
+require 'cheffish/key_formatter'
+
+class Chef
+  class Provider
+    class PrivateKey < Chef::Provider::LWRPBase
+      provides :private_key
+
+      action :create do
+        create_key(false, :create)
+      end
+
+      action :regenerate do
+        create_key(true, :regenerate)
+      end
+
+      action :delete do
+        if current_resource.path
+          converge_by "delete private key #{new_path}" do
+            ::File.unlink(new_path)
+          end
+        end
+      end
+
+      use_inline_resources
+
+      def whyrun_supported?
+        true
+      end
+
+      def create_key(regenerate, action)
+        if @should_create_directory
+          Cheffish.inline_resource(self, action) do
+            directory run_context.config[:private_key_write_path]
+          end
+        end
+
+        final_private_key = nil
+        if new_source_key
+          #
+          # Create private key from source
+          #
+          desired_output = encode_private_key(new_source_key)
+          if current_resource.path == :none || desired_output != IO.read(new_path)
+            converge_by "reformat key at #{new_resource.source_key_path} to #{new_resource.format} private key #{new_path} (#{new_resource.pass_phrase ? ", #{new_resource.cipher} password" : ""})" do
+              IO.write(new_path, desired_output)
+            end
+          end
+
+          final_private_key = new_source_key
+
+        else
+          #
+          # Generate a new key
+          #
+          if current_resource.action == [ :delete ] || regenerate ||
+            (new_resource.regenerate_if_different &&
+              (!current_private_key ||
+               current_resource.size != new_resource.size ||
+               current_resource.type != new_resource.type))
+
+           case new_resource.type
+            when :rsa
+              if new_resource.exponent
+                final_private_key = OpenSSL::PKey::RSA.generate(new_resource.size, new_resource.exponent)
+              else
+                final_private_key = OpenSSL::PKey::RSA.generate(new_resource.size)
+              end
+            when :dsa
+              final_private_key = OpenSSL::PKey::DSA.generate(new_resource.size)
+            end
+
+            generated_key = true
+          elsif !current_private_key
+            raise "Could not read private key from #{current_resource.path}: missing pass phrase?"
+          else
+            final_private_key = current_private_key
+            generated_key = false
+          end
+
+          if generated_key
+            generated_description = " (#{new_resource.size} bits#{new_resource.pass_phrase ? ", #{new_resource.cipher} password" : ""})"
+
+            if new_path != :none
+              action = current_resource.path == :none ? 'create' : 'overwrite'
+              converge_by "#{action} #{new_resource.type} private key #{new_path}#{generated_description}" do
+                write_private_key(final_private_key)
+              end
+            else
+              converge_by "generate private key#{generated_description}" do
+              end
+            end
+          else
+            # Warn if existing key has different characteristics than expected
+            if current_resource.size != new_resource.size
+              Chef::Log.warn("Mismatched key size!  #{current_resource.path} is #{current_resource.size} bytes, desired is #{new_resource.size} bytes.  Use action :regenerate to force key regeneration.")
+            elsif current_resource.type != new_resource.type
+              Chef::Log.warn("Mismatched key type!  #{current_resource.path} is #{current_resource.type}, desired is #{new_resource.type} bytes.  Use action :regenerate to force key regeneration.")
+            end
+
+            if current_resource.format != new_resource.format
+              converge_by "change format of #{new_resource.type} private key #{new_path} from #{current_resource.format} to #{new_resource.format}" do
+                write_private_key(current_private_key)
+              end
+            elsif (@current_file_mode & 0077) != 0
+              new_mode = @current_file_mode & 07700
+              converge_by "change mode of private key #{new_path} to #{new_mode.to_s(8)}" do
+                ::File.chmod(new_mode, new_path)
+              end
+            end
+          end
+        end
+
+        if new_resource.public_key_path
+          public_key_path = new_resource.public_key_path
+          public_key_format = new_resource.public_key_format
+          Cheffish.inline_resource(self, action) do
+            public_key public_key_path do
+              source_key final_private_key
+              format public_key_format
+            end
+          end
+        end
+
+        if new_resource.after
+          new_resource.after.call(new_resource, final_private_key)
+        end
+      end
+
+      def encode_private_key(key)
+        key_format = {}
+        key_format[:format] = new_resource.format if new_resource.format
+        key_format[:pass_phrase] = new_resource.pass_phrase if new_resource.pass_phrase
+        key_format[:cipher] = new_resource.cipher if new_resource.cipher
+        Cheffish::KeyFormatter.encode(key, key_format)
+      end
+
+      def write_private_key(key)
+        ::File.open(new_path, 'w') do |file|
+          file.chmod(0600)
+          file.write(encode_private_key(key))
+        end
+      end
+
+      def new_source_key
+        @new_source_key ||= begin
+          if new_resource.source_key.is_a?(String)
+            source_key, source_key_format = Cheffish::KeyFormatter.decode(new_resource.source_key, new_resource.source_key_pass_phrase)
+            source_key
+          elsif new_resource.source_key
+            new_resource.source_key
+          elsif new_resource.source_key_path
+            source_key, source_key_format = Cheffish::KeyFormatter.decode(IO.read(new_resource.source_key_path), new_resource.source_key_pass_phrase, new_resource.source_key_path)
+            source_key
+          else
+            nil
+          end
+        end
+      end
+
+      attr_reader :current_private_key
+
+      def new_path
+        new_key_with_path[1]
+      end
+
+      def new_key_with_path
+        path = new_resource.path
+        if path.is_a?(Symbol)
+          return [ nil, path ]
+        elsif Pathname.new(path).relative?
+          private_key, private_key_path = Cheffish.get_private_key_with_path(path, run_context.config)
+          if private_key
+            return [ private_key, (private_key_path || :none) ]
+          elsif run_context.config[:private_key_write_path]
+            @should_create_directory = true
+            path = ::File.join(run_context.config[:private_key_write_path], path)
+            return [ nil, path ]
+          else
+            raise "Could not find key #{path} and Chef::Config.private_key_write_path is not set."
+          end
+        elsif ::File.exist?(path)
+          return [ IO.read(path), path ]
+        else
+          return [ nil, path ]
+        end
+      end
+
+      def load_current_resource
+        resource = Chef::Resource::PrivateKey.new(new_resource.name, run_context)
+
+        new_key, new_path = new_key_with_path
+        if new_path != :none && ::File.exist?(new_path)
+          resource.path new_path
+          @current_file_mode = ::File.stat(new_path).mode
+        else
+          resource.path :none
+        end
+
+        if new_key
+          begin
+            key, key_format = Cheffish::KeyFormatter.decode(new_key, new_resource.pass_phrase, new_path)
+            if key
+              @current_private_key = key
+              resource.format key_format[:format]
+              resource.type key_format[:type]
+              resource.size key_format[:size]
+              resource.exponent key_format[:exponent]
+              resource.pass_phrase key_format[:pass_phrase]
+              resource.cipher key_format[:cipher]
+            end
+          rescue
+            # If there's an error reading, we assume format and type are wrong and don't futz with them
+            Chef::Log.warn("Error reading #{new_path}: #{$!}")
+          end
+        else
+          resource.action :delete
+        end
+
+        @current_resource = resource
+      end
+    end
+  end
+end