cheffish 1.6.0 → 2.0.0

data/lib/chef/provider/chef_organization.rb

@@ -1,155 +0,0 @@
-require 'cheffish/chef_provider_base'
-require 'chef/resource/chef_organization'
-require 'chef/chef_fs/data_handler/data_handler_base'
-
-class Chef
-  class Provider
-    class ChefOrganization < Cheffish::ChefProviderBase
-      provides :chef_organization
-
-      def whyrun_supported?
-        true
-      end
-
-      action :create do
-        differences = json_differences(current_json, new_json)
-
-        if current_resource_exists?
-          if differences.size > 0
-            description = [ "update organization #{new_resource.name} at #{rest.url}" ] + differences
-            converge_by description do
-              rest.put("#{rest.root_url}/organizations/#{new_resource.name}", normalize_for_put(new_json))
-            end
-          end
-        else
-          description = [ "create organization #{new_resource.name} at #{rest.url}" ] + differences
-          converge_by description do
-            rest.post("#{rest.root_url}/organizations", normalize_for_post(new_json))
-          end
-        end
-
-        # Revoke invites and memberships when asked
-        invites_to_remove.each do |user|
-          if outstanding_invites.has_key?(user)
-            converge_by "revoke #{user}'s invitation to organization #{new_resource.name}" do
-              rest.delete("#{rest.root_url}/organizations/#{new_resource.name}/association_requests/#{outstanding_invites[user]}")
-            end
-          end
-        end
-        members_to_remove.each do |user|
-          if existing_members.include?(user)
-            converge_by "remove #{user} from organization #{new_resource.name}" do
-              rest.delete("#{rest.root_url}/organizations/#{new_resource.name}/users/#{user}")
-            end
-          end
-        end
-
-        # Invite and add members when asked
-        new_resource.invites.each do |user|
-          if !existing_members.include?(user) && !outstanding_invites.has_key?(user)
-            converge_by "invite #{user} to organization #{new_resource.name}" do
-              rest.post("#{rest.root_url}/organizations/#{new_resource.name}/association_requests", { 'user' => user })
-            end
-          end
-        end
-        new_resource.members.each do |user|
-          if !existing_members.include?(user)
-            converge_by "Add #{user} to organization #{new_resource.name}" do
-              rest.post("#{rest.root_url}/organizations/#{new_resource.name}/users/", { 'username' => user })
-            end
-          end
-        end
-      end
-
-      def existing_members
-        @existing_members ||= rest.get("#{rest.root_url}/organizations/#{new_resource.name}/users").map { |u| u['user']['username'] }
-      end
-
-      def outstanding_invites
-        @outstanding_invites ||= begin
-          invites = {}
-          rest.get("#{rest.root_url}/organizations/#{new_resource.name}/association_requests").each do |r|
-            invites[r['username']] = r['id']
-          end
-          invites
-        end
-      end
-
-      def invites_to_remove
-        if new_resource.complete
-          if new_resource.invites_specified? || new_resource.members_specified?
-            outstanding_invites.keys - (new_resource.invites | new_resource.members)
-          else
-            []
-          end
-        else
-          new_resource.remove_members
-        end
-      end
-
-      def members_to_remove
-        if new_resource.complete
-          if new_resource.members_specified?
-            existing_members - (new_resource.invites | new_resource.members)
-          else
-            []
-          end
-        else
-          new_resource.remove_members
-        end
-      end
-
-      action :delete do
-        if current_resource_exists?
-          converge_by "delete organization #{new_resource.name} at #{rest.url}" do
-            rest.delete("#{rest.root_url}/organizations/#{new_resource.name}")
-          end
-        end
-      end
-
-      def load_current_resource
-        begin
-          @current_resource = json_to_resource(rest.get("#{rest.root_url}/organizations/#{new_resource.name}"))
-        rescue Net::HTTPServerException => e
-          if e.response.code == "404"
-            @current_resource = not_found_resource
-          else
-            raise
-          end
-        end
-      end
-
-      #
-      # Helpers
-      #
-
-      def resource_class
-        Chef::Resource::ChefOrganization
-      end
-
-      def data_handler
-        OrganizationDataHandler.new
-      end
-
-      def keys
-        {
-          'name' => :name,
-          'full_name' => :full_name
-        }
-      end
-
-      class OrganizationDataHandler < Chef::ChefFS::DataHandler::DataHandlerBase
-        def normalize(organization, entry)
-          # Normalize the order of the keys for easier reading
-          normalize_hash(organization, {
-            'name' => remove_dot_json(entry.name),
-            'full_name' => remove_dot_json(entry.name),
-            'org_type' => 'Business',
-            'clientname' => "#{remove_dot_json(entry.name)}-validator",
-            'billing_plan' => 'platform-free'
-          })
-        end
-      end
-    end
-  end
-end

data/lib/chef/provider/chef_resolved_cookbooks.rb

@@ -1,46 +0,0 @@
-require 'chef/provider/lwrp_base'
-require 'chef_zero'
-
-class Chef
-  class Provider
-    class ChefResolvedCookbooks < Chef::Provider::LWRPBase
-      provides :chef_resolved_cookbooks
-
-      action :resolve do
-        new_resource.cookbooks_from.each do |path|
-          ::Dir.entries(path).each do |name|
-            if ::File.directory?(::File.join(path, name)) && name != '.' && name != '..'
-              new_resource.berksfile.cookbook name, :path => ::File.join(path, name)
-            end
-          end
-        end
-
-        new_resource.berksfile.install
-
-        # Ridley really really wants a key :/
-        if new_resource.chef_server[:options][:signing_key_filename]
-          new_resource.berksfile.upload(
-            :server_url => new_resource.chef_server[:chef_server_url],
-            :client_name => new_resource.chef_server[:options][:client_name],
-            :client_key => new_resource.chef_server[:options][:signing_key_filename])
-        else
-          file = Tempfile.new('privatekey')
-          begin
-            file.write(ChefZero::PRIVATE_KEY)
-            file.close
-
-            new_resource.berksfile.upload(
-              :server_url => new_resource.chef_server[:chef_server_url],
-              :client_name => new_resource.chef_server[:options][:client_name] || 'me',
-              :client_key => file.path)
-
-          ensure
-            file.close
-            file.unlink
-          end
-        end
-      end
-
-    end
-  end
-end

data/lib/chef/provider/chef_role.rb

@@ -1,84 +0,0 @@
-require 'cheffish/chef_provider_base'
-require 'chef/resource/chef_role'
-require 'chef/chef_fs/data_handler/role_data_handler'
-
-class Chef
-  class Provider
-    class ChefRole < Cheffish::ChefProviderBase
-      provides :chef_role
-
-      def whyrun_supported?
-        true
-      end
-
-      action :create do
-        differences = json_differences(current_json, new_json)
-
-        if current_resource_exists?
-          if differences.size > 0
-            description = [ "update role #{new_resource.name} at #{rest.url}" ] + differences
-            converge_by description do
-              rest.put("roles/#{new_resource.name}", normalize_for_put(new_json))
-            end
-          end
-        else
-          description = [ "create role #{new_resource.name} at #{rest.url}" ] + differences
-          converge_by description do
-            rest.post("roles", normalize_for_post(new_json))
-          end
-        end
-      end
-
-      action :delete do
-        if current_resource_exists?
-          converge_by "delete role #{new_resource.name} at #{rest.url}" do
-            rest.delete("roles/#{new_resource.name}")
-          end
-        end
-      end
-
-      def load_current_resource
-        begin
-          @current_resource = json_to_resource(rest.get("roles/#{new_resource.name}"))
-        rescue Net::HTTPServerException => e
-          if e.response.code == "404"
-            @current_resource = not_found_resource
-          else
-            raise
-          end
-        end
-      end
-
-      def augment_new_json(json)
-        # Apply modifiers
-        json['run_list'] = apply_run_list_modifiers(new_resource.run_list_modifiers, new_resource.run_list_removers, json['run_list'])
-        json['default_attributes'] = apply_modifiers(new_resource.default_attribute_modifiers, json['default_attributes'])
-        json['override_attributes'] = apply_modifiers(new_resource.override_attribute_modifiers, json['override_attributes'])
-        json
-      end
-
-      #
-      # Helpers
-      #
-
-      def resource_class
-        Chef::Resource::ChefRole
-      end
-
-      def data_handler
-        Chef::ChefFS::DataHandler::RoleDataHandler.new
-      end
-
-      def keys
-        {
-          'name' => :name,
-          'description' => :description,
-          'run_list' => :run_list,
-          'env_run_lists' => :env_run_lists,
-          'default_attributes' => :default_attributes,
-          'override_attributes' => :override_attributes
-        }
-      end
-    end
-  end
-end

data/lib/chef/provider/chef_user.rb

@@ -1,59 +0,0 @@
-require 'cheffish/actor_provider_base'
-require 'chef/resource/chef_user'
-require 'chef/chef_fs/data_handler/user_data_handler'
-
-class Chef
-  class Provider
-    class ChefUser < Cheffish::ActorProviderBase
-      provides :chef_user
-
-      def whyrun_supported?
-        true
-      end
-
-      action :create do
-        create_actor
-      end
-
-      action :delete do
-        delete_actor
-      end
-
-      #
-      # Helpers
-      #
-      # Gives us new_json, current_json, not_found_json, etc.
-
-      def actor_type
-        'user'
-      end
-
-      def actor_path
-        "#{rest.root_url}/users"
-      end
-
-      def resource_class
-        Chef::Resource::ChefUser
-      end
-
-      def data_handler
-        Chef::ChefFS::DataHandler::UserDataHandler.new
-      end
-
-      def keys
-        {
-          'name' => :name,
-          'username' => :name,
-          'display_name' => :display_name,
-          'admin' => :admin,
-          'email' => :email,
-          'password' => :password,
-          'external_authentication_uid' => :external_authentication_uid,
-          'recovery_authentication_enabled' => :recovery_authentication_enabled,
-          'public_key' => :source_key
-        }
-      end
-
-    end
-  end
-end

data/lib/chef/provider/private_key.rb

@@ -1,225 +0,0 @@
-require 'chef/provider/lwrp_base'
-require 'openssl'
-require 'cheffish/key_formatter'
-
-class Chef
-  class Provider
-    class PrivateKey < Chef::Provider::LWRPBase
-      provides :private_key
-
-      action :create do
-        create_key(false, :create)
-      end
-
-      action :regenerate do
-        create_key(true, :regenerate)
-      end
-
-      action :delete do
-        if current_resource.path
-          converge_by "delete private key #{new_path}" do
-            ::File.unlink(new_path)
-          end
-        end
-      end
-
-      use_inline_resources
-
-      def whyrun_supported?
-        true
-      end
-
-      def create_key(regenerate, action)
-        if @should_create_directory
-          Cheffish.inline_resource(self, action) do
-            directory run_context.config[:private_key_write_path]
-          end
-        end
-
-        final_private_key = nil
-        if new_source_key
-          #
-          # Create private key from source
-          #
-          desired_output = encode_private_key(new_source_key)
-          if current_resource.path == :none || desired_output != IO.read(new_path)
-            converge_by "reformat key at #{new_resource.source_key_path} to #{new_resource.format} private key #{new_path} (#{new_resource.pass_phrase ? ", #{new_resource.cipher} password" : ""})" do
-              IO.write(new_path, desired_output)
-            end
-          end
-
-          final_private_key = new_source_key
-
-        else
-          #
-          # Generate a new key
-          #
-          if current_resource.action == [ :delete ] || regenerate ||
-            (new_resource.regenerate_if_different &&
-              (!current_private_key ||
-               current_resource.size != new_resource.size ||
-               current_resource.type != new_resource.type))
-
-           case new_resource.type
-            when :rsa
-              if new_resource.exponent
-                final_private_key = OpenSSL::PKey::RSA.generate(new_resource.size, new_resource.exponent)
-              else
-                final_private_key = OpenSSL::PKey::RSA.generate(new_resource.size)
-              end
-            when :dsa
-              final_private_key = OpenSSL::PKey::DSA.generate(new_resource.size)
-            end
-
-            generated_key = true
-          elsif !current_private_key
-            raise "Could not read private key from #{current_resource.path}: missing pass phrase?"
-          else
-            final_private_key = current_private_key
-            generated_key = false
-          end
-
-          if generated_key
-            generated_description = " (#{new_resource.size} bits#{new_resource.pass_phrase ? ", #{new_resource.cipher} password" : ""})"
-
-            if new_path != :none
-              action = current_resource.path == :none ? 'create' : 'overwrite'
-              converge_by "#{action} #{new_resource.type} private key #{new_path}#{generated_description}" do
-                write_private_key(final_private_key)
-              end
-            else
-              converge_by "generate private key#{generated_description}" do
-              end
-            end
-          else
-            # Warn if existing key has different characteristics than expected
-            if current_resource.size != new_resource.size
-              Chef::Log.warn("Mismatched key size!  #{current_resource.path} is #{current_resource.size} bytes, desired is #{new_resource.size} bytes.  Use action :regenerate to force key regeneration.")
-            elsif current_resource.type != new_resource.type
-              Chef::Log.warn("Mismatched key type!  #{current_resource.path} is #{current_resource.type}, desired is #{new_resource.type} bytes.  Use action :regenerate to force key regeneration.")
-            end
-
-            if current_resource.format != new_resource.format
-              converge_by "change format of #{new_resource.type} private key #{new_path} from #{current_resource.format} to #{new_resource.format}" do
-                write_private_key(current_private_key)
-              end
-            elsif (@current_file_mode & 0077) != 0
-              new_mode = @current_file_mode & 07700
-              converge_by "change mode of private key #{new_path} to #{new_mode.to_s(8)}" do
-                ::File.chmod(new_mode, new_path)
-              end
-            end
-          end
-        end
-
-        if new_resource.public_key_path
-          public_key_path = new_resource.public_key_path
-          public_key_format = new_resource.public_key_format
-          Cheffish.inline_resource(self, action) do
-            public_key public_key_path do
-              source_key final_private_key
-              format public_key_format
-            end
-          end
-        end
-
-        if new_resource.after
-          new_resource.after.call(new_resource, final_private_key)
-        end
-      end
-
-      def encode_private_key(key)
-        key_format = {}
-        key_format[:format] = new_resource.format if new_resource.format
-        key_format[:pass_phrase] = new_resource.pass_phrase if new_resource.pass_phrase
-        key_format[:cipher] = new_resource.cipher if new_resource.cipher
-        Cheffish::KeyFormatter.encode(key, key_format)
-      end
-
-      def write_private_key(key)
-        ::File.open(new_path, 'w') do |file|
-          file.chmod(0600)
-          file.write(encode_private_key(key))
-        end
-      end
-
-      def new_source_key
-        @new_source_key ||= begin
-          if new_resource.source_key.is_a?(String)
-            source_key, source_key_format = Cheffish::KeyFormatter.decode(new_resource.source_key, new_resource.source_key_pass_phrase)
-            source_key
-          elsif new_resource.source_key
-            new_resource.source_key
-          elsif new_resource.source_key_path
-            source_key, source_key_format = Cheffish::KeyFormatter.decode(IO.read(new_resource.source_key_path), new_resource.source_key_pass_phrase, new_resource.source_key_path)
-            source_key
-          else
-            nil
-          end
-        end
-      end
-
-      attr_reader :current_private_key
-
-      def new_path
-        new_key_with_path[1]
-      end
-
-      def new_key_with_path
-        path = new_resource.path
-        if path.is_a?(Symbol)
-          return [ nil, path ]
-        elsif Pathname.new(path).relative?
-          private_key, private_key_path = Cheffish.get_private_key_with_path(path, run_context.config)
-          if private_key
-            return [ private_key, (private_key_path || :none) ]
-          elsif run_context.config[:private_key_write_path]
-            @should_create_directory = true
-            path = ::File.join(run_context.config[:private_key_write_path], path)
-            return [ nil, path ]
-          else
-            raise "Could not find key #{path} and Chef::Config.private_key_write_path is not set."
-          end
-        elsif ::File.exist?(path)
-          return [ IO.read(path), path ]
-        else
-          return [ nil, path ]
-        end
-      end
-
-      def load_current_resource
-        resource = Chef::Resource::PrivateKey.new(new_resource.name, run_context)
-
-        new_key, new_path = new_key_with_path
-        if new_path != :none && ::File.exist?(new_path)
-          resource.path new_path
-          @current_file_mode = ::File.stat(new_path).mode
-        else
-          resource.path :none
-        end
-
-        if new_key
-          begin
-            key, key_format = Cheffish::KeyFormatter.decode(new_key, new_resource.pass_phrase, new_path)
-            if key
-              @current_private_key = key
-              resource.format key_format[:format]
-              resource.type key_format[:type]
-              resource.size key_format[:size]
-              resource.exponent key_format[:exponent]
-              resource.pass_phrase key_format[:pass_phrase]
-              resource.cipher key_format[:cipher]
-            end
-          rescue
-            # If there's an error reading, we assume format and type are wrong and don't futz with them
-            Chef::Log.warn("Error reading #{new_path}: #{$!}")
-          end
-        else
-          resource.action :delete
-        end
-
-        @current_resource = resource
-      end
-    end
-  end
-end

data/lib/chef/provider/public_key.rb

@@ -1,88 +0,0 @@
-require 'chef/provider/lwrp_base'
-require 'openssl'
-require 'cheffish/key_formatter'
-
-class Chef
-  class Provider
-    class PublicKey < Chef::Provider::LWRPBase
-      provides :public_key
-
-      action :create do
-        if !new_source_key
-          raise "No source key specified"
-        end
-        desired_output = encode_public_key(new_source_key)
-        if Array(current_resource.action) == [ :delete ] || desired_output != IO.read(new_resource.path)
-          converge_by "write #{new_resource.format} public key #{new_resource.path} from #{new_source_key_publicity} key #{new_resource.source_key_path}" do
-            IO.write(new_resource.path, desired_output)
-            # TODO permissions on file?
-          end
-        end
-      end
-
-      action :delete do
-        if Array(current_resource.action) == [ :create ]
-          converge_by "delete public key #{new_resource.path}" do
-            ::File.unlink(new_resource.path)
-          end
-        end
-      end
-
-      def whyrun_supported?
-        true
-      end
-
-      def encode_public_key(key)
-        key_format = {}
-        key_format[:format] = new_resource.format if new_resource.format
-        Cheffish::KeyFormatter.encode(key, key_format)
-      end
-
-      attr_reader :current_public_key
-      attr_reader :new_source_key_publicity
-
-      def new_source_key
-        @new_source_key ||= begin
-          if new_resource.source_key.is_a?(String)
-            source_key, source_key_format = Cheffish::KeyFormatter.decode(new_resource.source_key, new_resource.source_key_pass_phrase)
-          elsif new_resource.source_key
-            source_key = new_resource.source_key
-          elsif new_resource.source_key_path
-            source_key, source_key_format = Cheffish::KeyFormatter.decode(IO.read(new_resource.source_key_path), new_resource.source_key_pass_phrase, new_resource.source_key_path)
-          else
-            return nil
-          end
-
-          if source_key.private?
-            @new_source_key_publicity = 'private'
-            source_key.public_key
-          else
-            @new_source_key_publicity = 'public'
-            source_key
-          end
-        end
-      end
-
-      def load_current_resource
-        if ::File.exist?(new_resource.path)
-          resource = Chef::Resource::PublicKey.new(new_resource.path, run_context)
-          begin
-            key, key_format = Cheffish::KeyFormatter.decode(IO.read(new_resource.path), nil, new_resource.path)
-            if key
-              @current_public_key = key
-              resource.format key_format[:format]
-            end
-          rescue
-            # If there is an error reading we assume format and such is broken
-          end
-
-          @current_resource = resource
-        else
-          not_found_resource = Chef::Resource::PublicKey.new(new_resource.path, run_context)
-          not_found_resource.action :delete
-          @current_resource = not_found_resource
-        end
-      end
-    end
-  end
-end