cheftacular 2.0.0

data/lib/cheftacular/stateless_action.rb

@@ -0,0 +1,16 @@
+
+class Cheftacular
+  class StatelessActionDocumentation
+    def initialize options, config
+      @options, @config = options, config
+    end
+  end
+
+  class StatelessAction
+    include RbConfig
+    
+    def initialize options, config
+      @options, @config = options, config
+    end
+  end
+end

data/lib/cheftacular/stateless_actions/add_ssh_key_to_bag.rb

@@ -0,0 +1,44 @@
+#refresh the authorized_keys in the authentication data bag from the chef server
+class Cheftacular
+  class StatelessActionDocumentation
+    def add_ssh_key_to_bag
+      @config['documentation']['stateless_action'] <<  [
+        "`cft add_ssh_key_to_bag \"<NEW SSH PUB KEY>\" [SPECIFIC_REPOSITORY]` this command will add the given ssh key to the default authentication data bag. " +
+        "After this your server recipes should read the contents of the 'default' 'authentication' bag for the authorized_keys array.",
+
+        [
+          "    1. `SPECIFIC_REPOSITORY` is a special argument, if left blank the key will be placed in the authorized_keys array in the bag, otherwise it will " +
+          "be placed in the specific_authorized_keys hash under a key named for the repository that is passed. The script will error if SPECIFIC_REPOSITORY " +
+          "does not exist in the cheftacular.yml respositories hash. You can then use this data to give users selective ssh access to certain servers."
+        ]
+      ]
+    end
+  end
+
+  class StatelessAction
+    #TODO key for environment specific deploys?
+    def add_ssh_key_to_bag specific_repository=""
+      raise "This action can only be performed if the mode is set to devops" unless @config['helper'].running_in_mode?('devops')
+      
+      raise "Please put quotes around your SSH public key!" if ARGV[1].length < 25 #TODO REFACTOR to accurate length of shortest key
+
+      specific_repository = ARGV[2] if ARGV[2] && specific_repository.empty?
+      
+      unless @config['helper'].get_array_of_repo_names_for_repositories.include?(specific_repository)
+        puts "The repository passed (#{ specific_repository }) is not listed in the cheftacular.yml repositories hash! Please update the hash or check your spelling!"
+
+        return false
+      end
+
+      public_ssh_key = ARGV[1]
+
+      if specific_repository.blank?
+        @config['default']['authentication_bag_hash']["authorized_keys"] << pub_ssh_key
+      else
+        @config['default']['authentication_bag_hash']["specific_authorized_keys"] << pub_ssh_key
+      end
+
+      @config['ChefDataBag'].save_authentication_bag
+    end
+  end
+end

data/lib/cheftacular/stateless_actions/arguments.rb

@@ -0,0 +1,68 @@
+class Cheftacular
+  class StatelessActionDocumentation
+    def arguments
+      @config['documentation']['arguments'] <<  [
+        '## Arguments and flags for cheftacular',
+
+        '### Environment flags',
+
+        '1.  `-d|--dev-remote` toggles on dev-remote mode. Commands passed to cft will hit the devremote server(s) instead of the default server(s)',
+
+        '2.  `--env ENV` sets the environment commands hit to one you specify instead of the default one.',
+
+        '3.  `-p|--prod` toggles on production mode. Commands passed to cft will hit the production server(s) instead of the default server(s)',
+
+        '4.  `-Q|--qa` toggles on QA mode. Commands passed to cft will hit the QA server(s) instead of the default server(s)',
+
+        '5.  `-s|--staging` toggles on staging mode. Commands passed to cft will hit the staging server(s) instead of the default server(s)',
+
+        '6.  `--split-env SPLIT_ENV_NAME` sets the sub-environment to SPLIT_ENV_NAME. This only slightly affects certain commands.',
+
+        '7.  `-t|--test` toggles on test mode. Commands passed to cft will hit the test server(s) instead of the default server(s)',
+
+        '### General Flags',
+
+        '1.  `-a|--address ADDRESS` will force the command to only run against the specified address if it belongs to a node',
+
+        '2.  `-D|--debug` toggles on extremely verbose logging. Chef-client runs will generate ~10 times the amounts of logs including any additional effects that the `-v` flag will activate',
+
+        '3. `--no-logs` will make the cft commands not generate log files, you must still specify `-v` if you want output of most verbose commands to your terminal.',
+
+        '4.  `-n|--node-name NODE_NAME` will force the command to only run against the specified name if it belongs to a node',
+
+        '5.  `-q|--quiet` will make the cft commands only output information that is a direct result of the command being run',
+
+        "6.  `-r|--role-name ROLE_NAME` will force the command to only run against the specified role if it exists (this argument is generally not needed though it can be used to deploy a codebase for an application you're not currently cd'd into when running this as a gem)",
+
+        '7.  `-R|--repository NAME` will make the command run against a specific repository or context (automatically set for application mode)',
+
+        '8.  `-v|--verbose` toggles on verbose logging. All commands that write logs will also output to terminal AND write the logs.',
+
+        '### Help Related',
+
+        '1. `-h|--help` Displays the full readme and exits.',
+
+        '### Action Flags',
+
+        '1.  `-e|--except-role ROLE_NAME` will *prevent* any server with this role from being *deployed to* for the deploy command. Other commands will ignore this argument.',
+
+        '2.  `-z|--unset-revision` will unset a custom revision specified in the arg below and make the codebase utilize the default (staging branch for staging and master for production)',
+
+        "3.  `-Z|--revision REVISION` will force the role you're deploying to to utilize the revision specified here. This can be a specific commit or a branch name.",
+
+        '    1. Note: The system does not check if the revision exists, if you pass a non-existent revision no one will be able to deploy to that role until -Z with a correction revision or -z is passed.',
+
+        '    2. *You will not be able to set a custom revision for beta environments.* The beta environments are tied to split-staging and splita/b/c/d respectively.',
+      ]
+    end
+
+    alias_method :stateless_arguments, :arguments
+  end
+
+  class StatelessAction
+    def arguments
+      #TODO point this command to it's help and display?
+      raise "This command currently does nothing, do not try to run it."
+    end
+  end
+end

data/lib/cheftacular/stateless_actions/backups.rb

@@ -0,0 +1,116 @@
+
+class Cheftacular
+  class StatelessActionDocumentation
+    def backups
+      @config['documentation']['stateless_action'] <<  [
+        "`cft backup [activate|deactivate]` this command " +
+        "sets the fetch_backups and restore_backups flags in your config data bag for an environment. " +
+        "These can be used to give application developers a way to trigger / untrigger restores in an environment"
+      ]
+
+      @config['documentation']['application'] << @config['documentation']['stateless_action'].last
+    end
+  end
+
+  class StatelessAction
+    def backups force_fetch_and_restore=false
+      fetch_backup   = @config[@options['env']]['config_bag_hash'][@options['sub_env']]['fetch_backups']
+      restore_backup = @config[@options['env']]['config_bag_hash'][@options['sub_env']]['restore_backups']
+
+      puts "For #{ @options['env'] } (sub-env: #{ @options['sub_env'] }) fetch backups was set to #{ fetch_backup ? 'on' : 'off' } and restoring backups was set to #{ restore_backup ? 'on' : 'off' }"
+
+      case ARGV[1]
+      when 'activate'   then restore_backup, fetch_backup = true, true
+      when 'deactivate' then restore_backup, fetch_backup = false, false
+      end
+
+      puts "For #{ @options['env'] } (sub-env: #{ @options['sub_env'] }) fetch backups is now set to #{ fetch_backup ? 'on' : 'off' } and restoring backups is now set to #{ restore_backup ? 'on' : 'off' }"
+
+      @config[@options['env']]['config_bag_hash'][@options['sub_env']]['fetch_backups']   = fetch_backup
+      @config[@options['env']]['config_bag_hash'][@options['sub_env']]['restore_backups'] = restore_backup
+
+      @config['ChefDataBag'].save_config_bag
+
+      if force_fetch_and_restore
+        nodes = @config['getter'].get_true_node_objects true
+
+        db_primary_nodes = @config['parser'].exclude_nodes( nodes, [{ unless: 'role[db_primary]' }, { if: { not_env: 'production' } }])
+
+        backup_slave_local_ip = @config['cheftacular']['backup_server']
+
+        if backup_slave_local_ip == 'first_production_slave'
+          backup_slave = @config['parser'].exclude_nodes( nodes, [{ unless: 'role[db_slave]' }, { if: { not_env: 'production' } }], true)
+
+          backup_slave_local_ip = @config['getter'].get_address_hash(backup_slave.first.hostname)['priv']
+        end
+
+        options, locs, ridley, logs_bag_hash, pass_bag_hash, bundle_command, cheftacular, passwords = set_local_instance_vars
+
+        on ( db_primary_nodes.map { |n| "deploy@" + n.public_ipaddress } ) do |host|
+          n = get_node_from_address(nodes, host.hostname)
+
+          puts("Beginning db fetch_and_restore for #{ n.name } (#{ n.public_ipaddress }) for env #{ options['env'] }") unless options['quiet']
+
+          start_db_fetch_and_restore( n.name, n.public_ipaddress, options, locs, cheftacular, passwords, backup_slave_local_ip)
+        end
+
+        @config['action'].migrate
+      else
+        puts "Triggering deploy on databases to refresh backup setting..."
+
+        @options['role'] = 'db_primary'
+
+        @config['action'].deploy
+      end
+    end
+  end
+end
+
+module SSHKit
+  module Backend
+    class Netssh
+      def start_db_fetch_and_restore name, ip_address, options, locs, cheftacular, passwords, global_backup_ip, out=[]
+        log_loc, timestamp = set_log_loc_and_timestamp(locs)
+
+        puts("Generating pg_restore log file for #{ name } (#{ ip_address }) at #{ log_loc }/#{ name }-fetch-and-restore-#{ timestamp }.txt") unless options['quiet']
+
+        cheftacular['db_primary_backup_database_stacks'].each do |target_database_stack|
+          compile_database_backups_hash(cheftacular, target_database_stack, global_backup_ip).each_pair do |app_name, app_hash|
+
+            out << sudo_capture( passwords[ip_address], 'scp', "#{ cheftacular['deploy_user'] }@#{ app_hash['backup_server'] }:#{ location }", backup_dir )
+
+            puts(out.last) if options['output'] || options['verbose']
+
+            commands = [
+              "pg_restore --verbose --clean --no-acl --no-owner -j 4 -h localhost -U #{ cheftacular['deploy_user'] } -d #{ app_hash['repo_name'] }_#{ options['env'] } #{ app_hash['restore_backup_file_name'] }",
+              "service postgresql restart"
+            ]
+
+            commands.each do |command|
+              out << sudo_capture( passwords[ip_address], command )
+
+              puts(out.last) if options['output'] || options['verbose']
+            end
+          end
+        end
+
+        #TODO fetch and restore other database types
+
+        ::File.open("#{ log_loc }/#{ name }-fetch-and-restore-#{ timestamp }.txt", "w") { |f| f.write(out.join("\n").scrub_pretty_text) } unless options['no_logs']
+
+        puts "Succeeded fetch and restore of #{ name } (#{ ip_address })"
+
+        [out.join("\n"), timestamp]
+      end
+
+      def compile_database_backups_hash cheftacular, target_database_stack, global_backup_ip, ret={}
+        cheftacular['repositories'].each_pair do |app_name, app_hash|
+          ret[app_name] = app_hash if app_hash['restore_backup_file_name'] && app_hash['database'] == target_database_stack
+          ret[app_name]['backup_server'] = global_backup_ip unless ret[app_name]['backup_server']
+        end
+
+        ret
+      end
+    end
+  end
+end

data/lib/cheftacular/stateless_actions/bootstrappers/centos_bootstrap.rb

@@ -0,0 +1,7 @@
+class Cheftacular
+  class StatelessAction
+    def redhat_bootstrap out=[]
+      raise "Not yet implemented!"
+    end
+  end
+end

data/lib/cheftacular/stateless_actions/bootstrappers/coreos_bootstrap.rb

@@ -0,0 +1,7 @@
+class Cheftacular
+  class StatelessAction
+    def coreos_bootstrap out=[]
+      raise "Not yet implemented!"
+    end
+  end
+end

data/lib/cheftacular/stateless_actions/bootstrappers/fedora_bootstrap.rb

@@ -0,0 +1,7 @@
+class Cheftacular
+  class StatelessAction
+    def fedora_bootstrap out=[]
+      raise "Not yet implemented!"
+    end
+  end
+end

data/lib/cheftacular/stateless_actions/bootstrappers/redhat_bootstrap.rb

@@ -0,0 +1,7 @@
+class Cheftacular
+  class StatelessAction
+    def redhat_bootstrap out=[]
+      raise "Not yet implemented!"
+    end
+  end
+end

data/lib/cheftacular/stateless_actions/bootstrappers/ubuntu_bootstrap.rb

@@ -0,0 +1,102 @@
+class Cheftacular
+  class StatelessActionDocumentation
+    def ubuntu_bootstrap
+      @config['documentation']['stateless_action'] <<  [
+        "`cft ubuntu_bootstrap ADDRESS ROOT_PASS` This command will bring a fresh server to a state " +
+        "where chef-client can be run on it via `cft chef-bootstrap`. It should be noted that it is in "+
+        "this step where a server's randomized deploy_user sudo password is generated."
+      ]
+    end
+  end
+
+  class StatelessAction
+    def ubuntu_bootstrap out=[]
+      raise "This action can only be performed if the mode is set to devops" if !@config['helper'].running_in_mode?('devops') && !@options['in_scaling']
+
+      @options['address']     = ARGV[1] unless @options['address']
+      @options['client_pass'] = ARGV[2] unless @options['address']
+
+      if `which sshpass`.empty?
+        raise "sshpass not installed! Please run brew install https://raw.github.com/eugeneoden/homebrew/eca9de1/Library/Formula/sshpass.rb (or get it from your repo for linux)"
+      end
+
+      new_deploy_pass = @config['helper'].gen_pass(@config['cheftacular']['server_pass_length'])
+
+      deploy_user = @config['cheftacular']['deploy_user']
+
+      root_commands = [
+        "cd /home",
+        "adduser #{ deploy_user } --gecos \",,,,\" --disabled-password",
+        "echo #{ deploy_user }:#{ new_deploy_pass } | chpasswd",
+        "adduser #{ deploy_user } www-data",
+        "adduser #{ deploy_user } sudo",
+        "mkdir -p /home/#{ deploy_user }/.ssh",
+        "touch /home/#{ deploy_user }/.ssh/authorized_keys && touch /home/#{ deploy_user }/.ssh/known_hosts",
+        "chown -R #{ deploy_user }:www-data /home/#{ deploy_user }/.ssh",
+        'sed -i "s/StrictModes yes/StrictModes yes\nPasswordAuthentication no\nUseDNS no\nAllowUsers deploy postgres\n/" /etc/ssh/sshd_config'.gsub('deploy', deploy_user),
+        'sed -i "s/PermitRootLogin yes/PermitRootLogin no/" /etc/ssh/sshd_config'
+      ]
+
+      @config['default']['authentication_bag_hash']['authorized_keys'].each do |line|
+        root_commands << "echo \"#{ line }\" >> /home/#{ deploy_user }/.ssh/authorized_keys"
+      end
+
+      sudo = "echo #{ new_deploy_pass } | sudo -S"
+
+      deploy_commands = [
+        "#{ sudo } apt-get update",
+        "#{ sudo } apt-get install curl git-core shorewall -y",
+        "#{ sudo } apt-get upgrade -y"
+      ]
+
+      final_commands = []
+
+      if @config['cheftacular']['install_rvm_on_boot'] == 'true'
+        deploy_commands << "gpg --keyserver hkp://keys.gnupg.net --recv-keys #{ @config['cheftacular']['rvm_gpg_key'] }"
+        deploy_commands << "curl -L https://get.rvm.io | bash -s stable"
+
+        final_commands
+
+        rvm_source = "source /home/deploy/.rvm/scripts/rvm &&"
+
+        final_commands = [
+          "#{ rvm_source } echo '#{ new_deploy_pass }' | rvmsudo -S rvm requirements",
+          "#{ rvm_source } rvm install #{ @config['cheftacular']['ruby_version'] }",
+          "#{ rvm_source } rvm install 1.9.3-p327" #chef's default ruby, we'll need it in a place rvm can find it until the symlink is made 
+        ]
+      end
+
+      out << `sshpass -p "#{ @options['client_pass'] }" ssh -t -oStrictHostKeyChecking=no root@#{ @options['address'] } '#{ root_commands.join(' && ') } && service ssh restart'`
+
+      puts("Finished initial setup...stage 1 of 3 for server #{ @options['address'] }") if @options['in_scaling']
+
+      puts(out.last) unless @options['quiet'] || @options['in_scaling']
+
+      deploy_commands.each do |cmnd|
+        puts("(#{ @options['address'] }) Running #{ cmnd.gsub("#{ new_deploy_pass }", "sudo password") }") unless @options['quiet'] || @options['in_scaling']
+        out << `ssh -t -oStrictHostKeyChecking=no #{ deploy_user }@#{ @options['address'] } "#{ cmnd }"`
+
+        puts(out.last) unless @options['quiet'] || @options['in_scaling']
+      end
+
+      puts("Finished deploy setup....stage 2 of 3 for server #{ @options['address'] }") if @options['in_scaling']
+
+      final_commands.each do |cmnd|
+        puts "(#{ @options['address'] }) Running #{ cmnd.gsub("#{ new_deploy_pass }", "sudo password") }"
+        out << `ssh -t -oStrictHostKeyChecking=no #{ deploy_user }@#{ @options['address'] } "#{ cmnd }"`
+
+        puts(out.last) unless @options['quiet'] || @options['in_scaling']
+      end
+
+      puts("Finished ruby setup......stage 3 of 3 for server #{ @options['address'] }") if @options['in_scaling']
+
+      @config[@options['env']]['server_passwords_bag_hash']["#{ @options['address'] }-root-pass"] = @options['client_pass']
+
+      @config[@options['env']]['server_passwords_bag_hash']["#{ @options['address'] }-deploy-pass"] = new_deploy_pass
+
+      @config[@options['env']]['server_passwords_bag_hash']["#{ @options['address'] }-name"] = @options['node_name'] if @options['node_name']
+
+      @config['ChefDataBag'].save_server_passwords_bag unless @options['in_scaling']
+    end
+  end
+end

data/lib/cheftacular/stateless_actions/bootstrappers/vyatta_bootstrap.rb

@@ -0,0 +1,7 @@
+class Cheftacular
+  class StatelessAction
+    def vyatta_bootstrap out=[]
+      raise "Not yet implemented!"
+    end
+  end
+end

data/lib/cheftacular/stateless_actions/chef_bootstrap.rb

@@ -0,0 +1,40 @@
+
+class Cheftacular
+  class StatelessActionDocumentation
+    def chef_bootstrap
+      @config['documentation']['stateless_action'] <<  [
+        "`cft chef_bootstrap ADDRESS NODE_NAME` allows you to register a node in the chef system, " + 
+        "remove any lingering data that may be associated with it and update the node's runlist if it has an entry in nodes_dir for its NODE_NAME."
+      ]
+    end
+  end
+
+  class StatelessAction
+    def chef_bootstrap out=[]
+      raise "This action can only be performed if the mode is set to devops" if !@config['helper'].running_in_mode?('devops') && !@options['in_scaling']
+        
+      @options['address'] = ARGV[1] unless @options['address']
+      @options['node_name'] = ARGV[2] unless @options['node_name']
+
+      @config['stateless_action'].remove_client #just in case
+
+      puts("Starting chef-client initialization...") unless @options['quiet']
+
+      out << `#{ @config['helper'].knife_bootstrap_command }`
+
+      puts(out.last) unless @options['quiet'] || @options['in_scaling']
+
+      puts("Sending up data_bag_key file...") unless @options['quiet']
+
+      out << `scp -oStrictHostKeyChecking=no #{ @config['locs']['chef'] }/#{ @config['cheftacular']['data_bag_key_file'] } #{ @config['cheftacular']['deploy_user'] }@#{ @options['address'] }:/home/#{ @config['cheftacular']['deploy_user'] }`
+
+      puts("Moving key file to chef directory on server...") unless @options['quiet']
+
+      out << `ssh -t -oStrictHostKeyChecking=no #{ @config['cheftacular']['deploy_user'] }@#{ @options['address'] } "#{ @config['helper'].sudo(@options['address']) } mv -f /home/#{ @config['cheftacular']['deploy_user'] }/#{  @config['cheftacular']['data_bag_key_file'] } /etc/chef"`
+
+      @options['force_yes'] = true # have the upload_nodes grab the new nodes
+
+      @config['stateless_action'].upload_nodes
+    end
+  end
+end

data/lib/cheftacular/stateless_actions/chef_environment.rb

@@ -0,0 +1,21 @@
+class Cheftacular
+  class StatelessActionDocumentation
+    def chef_environment
+      @config['documentation']['action'] <<  [
+        "`cft chef_environment ENVIRONMENT_NAME [create|destroy]` will allow you to interact with chef environments on the chef server.",
+      
+        [
+          "    1.  `create` will create an environment if it does not exist.",
+
+          "    2.  `destroy` will destroy a chef environment *IF IT HAS NO NODES*"
+        ]
+      ]
+    end
+  end
+
+  class StatelessAction
+    def chef_environment
+      #TODO
+    end
+  end
+end

data/lib/cheftacular/stateless_actions/clean_cookbooks.rb

@@ -0,0 +1,104 @@
+
+class Cheftacular
+  class StatelessActionDocumentation
+    def clean_cookbooks
+      @config['documentation']['stateless_action'] <<  [
+        "`cft clean_cookbooks [force] [remove_cookbooks]` allows you to update the internal chef-repo's cookbooks easily. " +
+        "By default this script will force you to decide what to do with each cookbook individually (shows version numbers and whether to overwrite it to cookbooks or not).",
+
+        [
+          "    1. `force` argument will cause the downloaded cookbooks to *always* overwrite the chef-repo's cookbooks as long as the downloaded cookbook has a higher version number.",
+
+          "    2. If you would like to remove all the cookbooks on the chef server, run `knife cookbook bulk delete '.*' -p -c ~/.chef/knife.rb`"
+        ]
+      ]
+    end
+  end
+
+  class StatelessAction
+    def clean_cookbooks local_options={'interactive' => true}
+      raise "This action can only be performed if the mode is set to devops" unless @config['helper'].running_in_mode?('devops')
+
+      ARGV.each do |arg|
+        case arg
+        when "force" then local_options['interactive'] = false
+        end
+      end
+
+      @config['cheftacular']['wrapper_cookbooks'].split(',').each do |wrapper_cookbook|
+        wrapper_cookbook_loc = "#{ @config['locs']['cookbooks'] }/#{ wrapper_cookbook }"
+        FileUtils.rm(File.expand_path("#{ wrapper_cookbook_loc }/Berksfile.lock")) if File.exists?(File.expand_path("#{ wrapper_cookbook_loc }/Berksfile.lock"))
+        FileUtils.rm_rf(File.expand_path("#{ @config['locs']['berks'] }/cookbooks")) if File.exists?(File.expand_path("#{ @config['locs']['berks'] }/cookbooks"))
+        
+        Dir.chdir wrapper_cookbook_loc
+        puts "Installing new cookbooks..."
+        out = `berks install`
+        puts "#{out}\nFinished... Beginning directory scanning and conflict resolution..."
+
+        berkshelf_cookbooks = {}
+
+        Dir.foreach(@config['locs']['berks']) do |berkshelf_cookbook|
+          next if @config['helper'].is_junk_filename?(berkshelf_cookbook)
+          skip = false
+
+          berkshelf_cookbooks.keys.each do |processed_berkshelf_cookbook|
+            if processed_berkshelf_cookbook.rpartition('-').first == berkshelf_cookbook.rpartition('-').first
+              cookbook_mtime  = File.mtime(File.expand_path("#{ @config['locs']['berks'] }/#{ berkshelf_cookbook }"))
+              pcookbook_mtime = File.mtime(File.expand_path("#{ @locs['locs']['berks'] }/#{ processed_berkshelf_cookbook }"))
+
+              skip = true if cookbook_mtime < pcookbook_mtime #get only the latest version, berkshelf pulls in multiple commits from git repos for SOME REASON
+            end
+          end
+
+          next if skip
+
+          berkshelf_cookbooks[berkshelf_cookbook] = if File.exists?(File.expand_path("#{ @config['locs']['berks'] }/#{ berkshelf_cookbook }/metadata.rb"))
+                                                      File.read(File.expand_path("#{ @config['locs']['berks'] }/#{ berkshelf_cookbook }/metadata.rb")).gsub('"',"'").gsub(/^version[\s]*('\d[.\d]+')/).peek[/('\d[.\d]+')/].gsub("'",'')
+                                                    else
+                                                      berkshelf_cookbook.split('-').last
+                                                    end
+        end
+
+        chef_repo_cookbooks = {}
+
+        Dir.foreach(@config['locs']['cookbooks']) do |chef_repo_cookbook|
+          next if @config['helper'].is_junk_filename?(berkshelf_cookbook)
+            
+          new_name = chef_repo_cookbook.rpartition('-').first
+
+          chef_repo_cookbooks[chef_repo_cookbook] = if File.exists?(File.expand_path("#{ @config['locs']['cookbooks'] }/#{ chef_repo_cookbook }/metadata.rb"))
+                                                      File.read(File.expand_path("#{ @config['locs']['cookbooks'] }/#{ chef_repo_cookbook }/metadata.rb")).gsub('"',"'").gsub(/^version[\s]*('\d[.\d]+')/).peek[/('\d[.\d]+')/].gsub("'",'')
+                                                    else
+                                                      JSON.parse(File.read(File.expand_path("#{ @config['locs']['cookbooks'] }/#{ chef_repo_cookbook }/metadata.json"))).to_hash['version']
+                                                    end
+        end
+
+        berkshelf_cookbooks.each_pair do |berkshelf_cookbook, version|
+          new_name = berkshelf_cookbook.rpartition('-').first
+
+          if chef_repo_cookbooks.has_key?(new_name) || chef_repo_cookbooks.has_key?(berkshelf_cookbook) #don't overwrite cookbooks without user input
+            if local_options['interactive']
+              puts "COOKBOOK::~~~~#{ new_name }~~~~::VERSION::~~~~~~~~#{ version } VS #{ chef_repo_cookbooks[new_name] }"
+              puts "\nEnter O | o | overwrite to overwrite ~~~~#{ new_name }~~~~ in the chef-repo (THIS SHOULD NOT BE DONE LIGHTLY)"
+              puts "Enter N | n | no        to skip to the next conflict"
+              puts "If you pass force to this script, it will always overwrite."
+              #puts "If you pass a STRING of comma delimited cookbooks, it will skip these cookbooks automatically and overwrite others"
+              #puts "Example: ruby ./executables/clean-cookbooks 'application_ruby,wordpress'"
+              puts "Input:"
+              input = STDIN.gets.chomp
+
+              next if (input =~ /N|n|no/) == 0
+            end
+
+            next if @config['helper'].is_higher_version?(chef_repo_cookbooks[new_name], version)
+          end
+
+          cmnd = "#{ @config['locs']['berks'] }/#{ berkshelf_cookbook } #{ @config['locs']['cookbooks'] }/#{ new_name }"
+          puts "Moving #{ cmnd } (#{ version }:#{ chef_repo_cookbooks[new_name] })" if @options['verbose']
+          `rm -Rf #{ @config['locs']['cookbooks'] }/#{ new_name }`
+          `cp -Rf #{ cmnd }`
+        end
+      end
+    end
+  end
+end

data/lib/cheftacular/stateless_actions/clean_sensu_plugins.rb

@@ -0,0 +1,19 @@
+class Cheftacular
+  class StatelessActionDocumentation
+    def clean_sensu_plugins
+      @config['documentation']['stateless_action'] <<  [
+        "`cft clean_sensu_plugins` [NYI] will checkout / update the sensu community plugins github repo on your " +
+        "local machine and sync any sensu plugin files in your wrapper cookbook directory with what is in the repo."
+      ]
+    end
+  end
+
+  class StatelessAction
+    def clean_sensu_plugins
+      raise "This method is not yet implemented"
+      raise "This action can only be performed if the mode is set to devops" unless @config['helper'].running_in_mode?('devops')
+      
+      #TODO use this to keep the cookbook files directory up to date with the sensu community plugins repo
+    end
+  end
+end

data/lib/cheftacular/stateless_actions/clean_server_passwords.rb

@@ -0,0 +1,14 @@
+
+class Cheftacular
+  class StatelessActionDocumentation
+    def clean_server_passwords
+    
+    end
+  end
+
+  class StatelessAction
+    def clean_server_passwords
+      #TODO clean up non-existent entries in all envs server_password bags
+    end
+  end
+end

data/lib/cheftacular/stateless_actions/cleanup_log_files.rb

@@ -0,0 +1,14 @@
+
+class Cheftacular
+  class StatelessActionDocumentation
+    def cleanup_log_files
+
+    end
+  end
+
+  class StatelessAction
+    def cleanup_log_files
+      #TODO
+    end
+  end
+end