cheftacular 2.1.2 → 2.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 10f51fe71394a87e42196c9a3180865a43f652f9
-  data.tar.gz: 8ab142943a10fd6f16a9b75519fc5f5dcc7a9633
+  metadata.gz: 432e618db73dd2f0c3c13dde66a0ba2d48139404
+  data.tar.gz: 24eba2f067f13d14f95075101b1eaabdbd2b767d
 SHA512:
-  metadata.gz: 1c66d87535954bfc01de4ee4b68b54559fbeb83a206d244fa3e3cf7d80600bf53003c6661b2d3f1f9c5cf7d5a26b38831c0ecd966cab7a0a7607eb674c72be96
-  data.tar.gz: 26289288c791fd916fe04cbab2d6e40e77d1c5fab4e2a92ff8f542d03f74d7e0d6f46b31d5e4fce4161a2e87183d40240e53c807dd5b09b694c2258edc8904cc
+  metadata.gz: 879cda27b14935f3e68ef5570d24c1e60bcfd2e33b3a25fd0126fb25b0f1669b4b5f8f9d55716f7b5e9de50046d7099fbaebc710c6074aca7e0e710630efa874
+  data.tar.gz: 745b5247a4393cda8a083a8215230d9e6d1a41c0653e91e8d537c13fd2f7ab7be8b387ac1d11cde2c71cf9e73f5bb52d32a66ade4c3f8b7519714bdb6449a6bb

data/lib/cheftacular/README.md

@@ -1,10 +1,10 @@
 # Table of Contents for Cheftacular Commands
 
-1. [Cheftacular Arguments and Flags](https://github.com/SocialCentivPublic/cheftacular/blob/master/lib/cheftacular/README.md#arguments-and-flags-for-cheftacular))
+1. [Cheftacular Arguments and Flags](https://github.com/SocialCentivPublic/cheftacular/blob/master/lib/cheftacular/README.md#arguments-and-flags-for-cheftacular)
 
 2. [Application Commands](https://github.com/SocialCentivPublic/cheftacular/blob/master/lib/cheftacular/README.md#commands-that-can-be-run-in-the-application-context)
 
-3. [DevOps Commands](https://github.com/SocialCentivPublic/cheftacular/blob/master/lib/cheftacular/README.md#commands-that-can-only-be-run-in-the-devops-context))
+3. [DevOps Commands](https://github.com/SocialCentivPublic/cheftacular/blob/master/lib/cheftacular/README.md#commands-that-can-only-be-run-in-the-devops-context)
 
 
 ## Arguments and flags for cheftacular
@@ -51,14 +51,12 @@
 
 1.  `-e|--except-role ROLE_NAME` will *prevent* any server with this role from being *deployed to* for the deploy command. Other commands will ignore this argument.
 
-2.  `-z|--unset-revision` will unset a custom revision specified in the arg below and make the codebase utilize the default (staging branch for staging and master for production)
+2.  `-z|--unset-revision` will unset a custom revision specified in the arg below and make the codebase utilize the default.
 
 3.  `-Z|--revision REVISION` will force the role you're deploying to to utilize the revision specified here. This can be a specific commit or a branch name.
 
     1. Note: The system does not check if the revision exists, if you pass a non-existent revision no one will be able to deploy to that role until -Z with a correction revision or -z is passed.
 
-    2. *You will not be able to set a custom revision for beta environments.* The beta environments are tied to split-staging and splita/b/c/d respectively.
-
 
 ## Commands that can be run in the application context
 
@@ -82,7 +80,7 @@
 
 6. `cft deploy` will do a simple chef-client run on the servers for a role. Logs of the run itself will be sent to the local log directory in the application (or chef-repo) where the run was conducted.
 
-    1.  This command also restarts services on the server and updates the code. Changes behavior slightly with the `-z|-Z` args.
+    1.  This command also restarts services on the server and updates the code. Changes behavior slightly with the `-z|-Z` args but only if your cookbooks support switching revisions based on tags / branch names.
 
 7. `cft disk_report` will fetch useful statistics from every server for every environment and output it into your log directory.
 
@@ -128,9 +126,7 @@
 
 18. `cft reinitialize IP_ADDRESS NODE_NAME` will reconnect a server previously managed by chef to a new chef server. The node name MUST MATCH THE NODE'S ORIGINAL NODE NAME for the roles to be setup correctly.
 
-19. `cft remove_client -n NODE_NAME` removes a client (and its node data) from the chef-server. It also removes its dns records from the cloud service (if possible). This should not be done lightly as you will have to wipe the server and trigger another chef-client run to get it to register again
-
-20. `cft run COMMAND [--all]` will trigger the command on the first server in the role. Can be used to run rake commands or anything else.
+19. `cft run COMMAND [--all]` will trigger the command on the first server in the role. Can be used to run rake commands or anything else.
 
     1. `--all` will make the command run against all servers in a role rather than the first server it comes across. Don't do this if you're modifying the database with the command.
 
@@ -140,11 +136,11 @@
 
     4. IMPORTANT NOTE: You cannot run `cft run rake -T` as is, you have to enclose any command that uses command line dash arguments in quotes like `cft run "rake -T"`
 
-21. `cft scale up|down [NUM_TO_SCALE]` will add (or remove) NUM_TO_SCALE servers from the server array. This command will not let you scale down below 1 server.
+20. `cft scale up|down [NUM_TO_SCALE]` will add (or remove) NUM_TO_SCALE servers from the server array. This command will not let you scale down below 1 server.
 
     1. In the case of server creation, this command takes a great deal of time to execute. It will output what stage it is currently on to the terminal but <b>you must not kill this command while it is executing</b>.A failed build may require the server to be destroyed / examined by a DevOps engineer.
 
-22. `cft tail` will tail the logs (return continuous output) of the first node if finds that has an application matching the repository running on it. Currently only supports rails stacks
+21. `cft tail` will tail the logs (return continuous output) of the first node if finds that has an application matching the repository running on it. Currently only supports rails stacks
 
     1. pass `-n NODE_NAME` to grab the output of a node other than the first.
 
@@ -189,7 +185,7 @@
 
     3. This command is aliased to `client-list` with no arguments or cft prefix.
 
-9. `cft cloud <FIRST_LEVEL_ARG> [<SECOND_LEVEL_ARG>[:<SECOND_LEVEL_ARG_QUERY>]*] ` this command handles talking to various cloud apis. If no args are passed nothing will happen.
+9. `cft cloud <FIRST_LEVEL_ARG> [<SECOND_LEVEL_ARG>[:<SECOND_LEVEL_ARG_QUERY>]*] ` this command handles talking to various cloud APIs. If no args are passed nothing will happen.
 
     1. `domain` 1st level argument for interacting with cloud domains
 
@@ -307,21 +303,27 @@
 
 21. `cft get_pg_pass ['clip']` command will output the current environment's pg_password to your terminal. Optionally you can pass in clip like `cft get_pg_pass clip` to have it also copy the pass to your clipboard.
 
-22. `cft help COMMAND|MODE` this command returns the documentation for a specific command if COMMAND matches the name of a command. Alternatively, it can be passed `action|arguments|application|current|devops|stateless_action` to fetch the commands for a specific mode.Misspellings of commands will display near hits.
+22. `cft get_shorewall_allowed_connections` command will query a single server and return all of its ACCEPT connections from shorewall in it's syslog and return the results in a CSV format. Useful for tracking IP activity.
+
+    1. This command will attempt to `dig` each ip address to give you the most likely culprit.
+
+23. `cft help COMMAND|MODE` this command returns the documentation for a specific command if COMMAND matches the name of a command. Alternatively, it can be passed `action|arguments|application|current|devops|stateless_action` to fetch the commands for a specific mode.Misspellings of commands will display near hits.
+
+24. `cft initialize_data_bag_contents ENVIRONMENT_NAME` will ensure the data bags always have the correct structure before each run. This command is run every time the gem is started and if called directly, will exit after completion.
 
-23. `cft initialize_data_bag_contents ENVIRONMENT_NAME` will ensure the data bags always have the correct structure before each run. This command is run every time the gem is started and if called directly, will exit after completion.
+25. `cft knife_upload` will resync the chef-server with the local chef-repo code. This command is analog for `knife upload /`
 
-24. `cft knife_upload` will resync the chef-server with the local chef-repo code. This command is analog for `knife upload /`
+26. `cft pass NODE_NAME` will drop the server's sudo password into your clipboard. Useful for when you need to ssh into the server itself and try advanced linux commands
 
-25. `cft pass NODE_NAME` will drop the server's sudo password into your clipboard. Useful for when you need to ssh into the server itself and try advanced linux commands
+27. `cft remove_client -n NODE_NAME` removes a client (and its node data) from the chef-server. It also removes its dns records from the cloud service (if possible). This should not be done lightly as you will have to wipe the server and trigger another chef-client run to get it to register again
 
-26. `cft replication_status` will check the status of the database master and slaves in every environment. Also lists how far behind the slaves are from the master in milliseconds.
+28. `cft replication_status` will check the status of the database master and slaves in every environment. Also lists how far behind the slaves are from the master in milliseconds.
 
-27. `cft restart_swap` will restart the swap on every server that doesn't have swap currently on. Useful if you notice servers with no swap activated from `cft disk_report`
+29. `cft restart_swap` will restart the swap on every server that doesn't have swap currently on. Useful if you notice servers with no swap activated from `cft disk_report`
 
     1. There is no risk in running this command. Sometimes swap doesnt reactivate if the server was rebooted and this command fixes that.
 
-28. `cft rvm [COMMAND] [ADDITIONAL_COMMANDS]*` will run rvm commands on the remote servers. Output from this command for each server will go into your rvm directory under the log directory. Please refer to [the rvm help page](https://rvm.io/rvm) for more information on rvm commands.
+30. `cft rvm [COMMAND] [ADDITIONAL_COMMANDS]*` will run rvm commands on the remote servers. Output from this command for each server will go into your rvm directory under the log directory. Please refer to [the rvm help page](https://rvm.io/rvm) for more information on rvm commands.
 
     1. When no commands are passed, rvm will just run `rvm list` on each server on all servers in the current environment.
 
@@ -337,11 +339,11 @@
 
     7. `upgrade_rvm` will run `rvm get stable --auth-dotfiles` on all servers for the current environment. It will also check and attempt to upgrade pre 1.25 installations of RVM to 1.26+ (which requires a GPG key).
 
-29. `cft server_update [restart]` allows you to force update all nodes' packages for a specific environment. This should be done with caution as this *might* break something.
+31. `cft server_update [restart]` allows you to force update all nodes' packages for a specific environment. This should be done with caution as this *might* break something.
 
     1. `hip apt_update restart` will prompt to ask if you also want to restart all servers in a rolling restart. This should be done with extreme caution and only in a worst-case scenario.
 
-30. `cft service [COMMAND] [SERVICE]` will run service commands on remote servers. This command only runs on the first server it comes across. Specify others with -n NODE_NAME.
+32. `cft service [COMMAND] [SERVICE]` will run service commands on remote servers. This command only runs on the first server it comes across. Specify others with -n NODE_NAME.
 
     1. When no commands are passed, the command will list all the services in the /etc/init directory
 
@@ -349,9 +351,13 @@
 
     3. When `restart|stop|start SERVICE` is passed, the command will attempt to restart|stop|start the service if it has a .conf file on the remote server in the /etc/init directory.
 
-31. `cft slack "MESSAGE" [CHANNEL]` will attempt to post the message to the webhook set in your cheftacular.yml. Slack posts to your default channel by default but if the CHANNEL argument is supplied the message will post there.
+33. `cft slack "MESSAGE" [CHANNEL]` will attempt to post the message to the webhook set in your cheftacular.yml. Slack posts to your default channel by default but if the CHANNEL argument is supplied the message will post there.
 
-32. `cft test_env [TARGET_ENV] boot|destroy` will create (or destroy) the test nodes for a particular environment (defaults to staging, prod split-envs can be set with `-p`). Please read below for how TARGET_ENV works
+    1. NOTE: To prevent confusing spam from many possible sources, the username posted to slack will always be *Cheftacular*. This can be overloaded in the StatelessAction method "slack" but this is not recommended.
+
+    2. Remember, if you have auditing turned on in your cheftacular.yml, you can track who sends what to slack.
+
+34. `cft test_env [TARGET_ENV] boot|destroy` will create (or destroy) the test nodes for a particular environment (defaults to staging, prod split-envs can be set with `-p`). Please read below for how TARGET_ENV works
 
     1. TARGET_ENV changes functionality depending on the overall (like staging / production) environment
 
@@ -361,9 +367,15 @@
 
         3. The default tld used should change depending on which environment you are booting / destroying. This is set in the environment's config data bag under the tld key
 
-33. `cft ubuntu_bootstrap ADDRESS ROOT_PASS` This command will bring a fresh server to a state where chef-client can be run on it via `cft chef-bootstrap`. It should be noted that it is in this step where a server's randomized deploy_user sudo password is generated.
+35. `cft ubuntu_bootstrap ADDRESS ROOT_PASS` This command will bring a fresh server to a state where chef-client can be run on it via `cft chef-bootstrap`. It should be noted that it is in this step where a server's randomized deploy_user sudo password is generated.
+
+36. `cft update_cloudflare_dns_from_cloud` command will force a full dns update for cloudflare. 
+
+    1. It will ensure all the subdomain entries are correct (based on the contents of the addresses data bag) and update them if they are not. It will also create the local subdomain for the entry as well if it does exist and point it to the correct private address for an environment.
+
+    2. This command will also ensure any dns records on your cloud are also migrated over to cloudflare as well. This also includes the reverse in the event you would like to turn off cloudflare.
 
-34. `cft update_split_branches` will perform a series of git commands that will merge all the split branches for your split_branch enabled repositories with what is currently on master and push them.
+37. `cft update_split_branches` will perform a series of git commands that will merge all the split branches for your split_branch enabled repositories with what is currently on master and push them.
 
     1. Repository must be set with `-R REPOSITORY_NAME` for this command to work.
 
@@ -373,9 +385,9 @@
 
     4. This command will return a helpful error statement if you attempt to run the command with changes to your current working directory. You must commit these changes before running this command.
 
-35. `cft update_tld TLD` command will force a full dns update for a tld in the preferred cloud. It will ensure all the subdomain entries are correct (based on the contents of the addresses data bag) and update them if they are not. It will also create the local subdomain for the entry as well if it does exist and point it to the correct private address.
+38. `cft update_tld TLD` command will force a full dns update for a tld in the preferred cloud. It will ensure all the subdomain entries are correct (based on the contents of the addresses data bag) and update them if they are not. It will also create the local subdomain for the entry as well if it does exist and point it to the correct private address.
 
-36. `cft upload_nodes` This command will resync the chef server's nodes with the data in our chef-repo/node_roles. 
+39. `cft upload_nodes` This command will resync the chef server's nodes with the data in our chef-repo/node_roles. 
 
     1. This command changes behavior depending on several factors about both your mode and the state of your environment
 
@@ -387,4 +399,4 @@
 
         1. Due to this, only users running this against their chef-repo need to worry about having a nodes_dir, the way it should be.
 
-37. `cft upload_roles` This command will resync the chef server's roles with the data in the chef-repo/roles.
+40. `cft upload_roles` This command will resync the chef server's roles with the data in the chef-repo/roles.

data/lib/cheftacular/actions/deploy.rb

@@ -6,7 +6,8 @@ class Cheftacular
         "Logs of the run itself will be sent to the local log directory in the application (or chef-repo) where the run was conducted.",
         
         [
-          "    1.  This command also restarts services on the server and updates the code. Changes behavior slightly with the `-z|-Z` args."
+          "    1.  This command also restarts services on the server and updates the code. Changes behavior slightly with the `-z|-Z` args " +
+          "but only if your cookbooks support switching revisions based on tags / branch names."
         ]
       ]
     end

data/lib/cheftacular/actions/migrate.rb

@@ -43,7 +43,9 @@ class Cheftacular
     end
 
     def migrate_wordpress nodes=[]
-      raise "Not yet implemented"
+      puts "Method #{ __migrate_wordpress__ } isb ot yet implemented"
+
+      exit
     end
 
     def migrate_nodejs nodes=[]

data/lib/cheftacular/dns.rb

@@ -0,0 +1,283 @@
+
+class Cheftacular
+  class DNS
+    def initialize options, config
+      @options, @config  = options, config
+    end
+
+    def update_cloudflare_from_array_of_domain_hashes target_domain, target_domain_records
+      unless @config['helper'].does_cheftacular_config_have?(['cloudflare:api_key', 'cloudflare:user_email'])
+        puts "Critical! You tried to run update_cloudflare but have not set a cloudflare_api_key or cloudflare_user_email! Please set these keys and run this method again!"
+
+        exit
+      end
+
+      if @config[@options['env']]['config_bag_hash'][@options['sub_env']]['cloudflare_activated_domains'].empty?
+        puts "Critical! Tere are no entries in the 'cloudflare_activated_domains' array for domain #{ target_domain }! Please open the #{ @options['env'] } data bag item " +
+        "\"config\" and add the domains you want to be protected by cloudflare to the array as strings!"
+
+        exit
+      end
+
+      @config['cloudflare'] = CloudFlare::connection(@config['cheftacular']['cloudflare']['api_key'], @config['cheftacular']['cloudflare']['user_email'])
+
+      puts("Preparing to update cloudflare for domain #{ target_domain }...") unless @options['quiet']
+
+      cloudflare_records_hash = fetch_cloudflare_records_as_hash target_domain
+
+      puts('#'.ljust(4) + 'subdomain'.ljust(50) + 'type'.ljust(6) + 'ttl'.ljust(5) + 'mode'.ljust(20) + 'value') unless @options['quiet']
+
+      domain_count = 1
+
+      target_domain_records.each do |record_hash|
+        next if record_hash['type'] =~ /NS/
+
+        if record_hash['type'] =~ /A/
+          record_hash['activate_cloudflare'] = @config[@options['env']]['config_bag_hash'][@options['sub_env']]['cloudflare_activated_domains'].include?(record_hash['name'])
+        end
+
+        print(domain_count.to_s.ljust(4, '_') + record_hash['name'].ljust(50, '_') + record_hash['type'].ljust(6, '_') + record_hash['ttl'].to_s.ljust(5, '_'))
+
+        if cloudflare_records_hash.has_key?("#{ record_hash['name'] }-#{ record_hash['type'] }") && ( !cloudflare_records_hash["#{ record_hash['name'] }-#{ record_hash['type'] }"].empty? ||
+          cloudflare_record_does_include_value?(cloudflare_records_hash["#{ record_hash['name'] }-#{ record_hash['type'] }"], record_hash['value']) )
+
+          edit_cloudflare_record target_domain, record_hash, cloudflare_records_hash
+        else
+          compile_cloudflare_record_srv_attributes_on_record_hash record_hash, target_domain
+
+          @config['cloudflare'].rec_new(
+            target_domain,
+            record_hash['type'],
+            record_hash['name'],
+            record_hash['value'],
+            record_hash['ttl'],
+            record_hash['SRV_service'],
+            record_hash['SRV_srvname'],
+            record_hash['SRV_protocol'],
+            record_hash['SRV_weight'],
+            record_hash['SRV_port'],
+            record_hash['SRV_target'],
+            (record_hash['activate_cloudflare'] ? '1' : '0') #service_mode
+          )
+
+          print 'create'.ljust(20, '_')
+        end
+
+        domain_count += 1
+
+        print record_hash['value'] unless @options['quiet']
+
+        puts unless @options['quiet']
+      end
+    end
+
+    def create_dns_record_for_domain_from_address_hash domain, address_hash, *args
+      domain_obj = PublicSuffix.parse domain
+
+      if args.include?('specific_domain_mode')
+        puts("running cloud domain create_record:#{ domain_obj.domain }:#{ domain_obj.trd }:#{ address_hash['public'] }") if @options['verbose']
+
+        @config['stateless_action'].cloud "domain", "create_record:#{ domain_obj.domain }:#{ domain_obj.trd }:#{ address_hash['public'] }"
+
+        sleep 5
+
+        puts("running cloud domain create_record:#{ domain_obj.domain }:local.#{ domain_obj.trd }:#{ address_hash['address'] }") if @options['verbose']
+
+        @config['stateless_action'].cloud "domain", "create_record:#{ domain_obj.domain }:local.#{ domain_obj.trd }:#{ address_hash['address'] }"
+
+        #set the wildcard domain for frontend load balancers
+        if should_route_wildcard_requests?(address_hash['name'], @options['env'], address_hash['descriptor'])
+          puts("running cloud domain create_record:#{ domain_obj.domain }:*:#{ address_hash['public'] }") if @options['verbose']
+          
+          @config['stateless_action'].cloud "domain", "create_record:#{ domain_obj.domain }:*:#{ address_hash['public'] }"
+        end
+      elsif args.empty?
+        puts("running cloud domain create_record:#{ domain }:#{ address_hash['name'] }:#{ address_hash['public'] }") if @options['verbose']
+
+        @config['stateless_action'].cloud "domain", "create_record:#{ domain }:#{ address_hash['name'] }:#{ address_hash['public'] }"
+
+        sleep 5
+
+        puts("running cloud domain create:create_record:#{ domain }:local.#{ address_hash['name'] }:#{ address_hash['address'] }") if @options['verbose']
+
+        @config['stateless_action'].cloud "domain", "create_record:#{ domain }:local.#{ address_hash['name'] }:#{ address_hash['address'] }"
+      end
+
+      unless @config[@options['env']]['config_bag_hash'][@options['sub_env']]['cloudflare_activated_domains'].empty?
+        return true unless @config[@options['env']]['config_bag_hash'][@options['sub_env']]['tld'] != domain_obj.tld
+
+        target_domain_records  = []
+        target_domain_records << {
+          'name' => "#{ domain_obj.trd }.#{ domain_obj.domain }",
+          'type' => 'A',
+          'value' => address_hash['public'],
+          'ttl'   => 300
+        }
+
+        target_domain_records << {
+          'name' => "local.#{ domain_obj.trd }.#{ domain_obj.domain }",
+          'type' => 'A',
+          'value' => address_hash['address'],
+          'ttl'   => 300
+        }
+
+        update_cloudflare_from_array_of_domain_hashes domain_obj.tld, target_domain_records
+      end
+    end
+
+    def should_route_wildcard_requests? node_name, env, descriptor, should_route_requests=false
+      repository_hash = descriptor.blank? ? {} : @config['parser'].parse_repository_hash_from_string(descriptor)
+
+      if repository_hash.empty?
+        puts "Blank repository hash parsed for #{ node_name } in #{ env } with descriptor #{ descriptor }. Setting should route wildcard requests for server to false."
+      end
+
+      #puts "repositories:#{ repository_hash['role'] }:#{ repository_hash['repo_name'] }:route_wildcard_requests_for_tld"
+
+      if @config['helper'].does_cheftacular_config_have?(["repositories:#{ repository_hash['role'] }:route_wildcard_requests_for_tld"])
+        should_route_requests = @config['cheftacular']['repositories'][repository_hash['role']]['route_wildcard_requests_for_tld'] == 'true'
+      end
+
+      should_route_requests
+    end
+
+    def compile_address_hash_for_server_from_options *args
+      target_serv_index = nil
+      tld               = @config[@options['env']]['config_bag_hash'][@options['sub_env']]['tld']
+
+      args.each do |arg|
+        if arg.include?('set_specific_domain:')
+          full_domain = arg.split(':').last
+
+          args << 'set_domain_name'
+        end
+      end
+
+      full_domain ||= "#{ @options['node_name'] }.#{ tld }"
+
+      @config[@options['env']]['addresses_bag_hash']['addresses'].each do |serv_hash|
+        target_serv_index = @config[@options['env']]['addresses_bag_hash']['addresses'].index(serv_hash) if serv_hash['name'] == @options['node_name']
+      end
+
+      #EX: "name": "api1", "public": "1.2.3.4", "address": "10.208.1.2", "dn":"api1.example.com", "descriptor": "lb:my-backend-codebase"
+      @config[@options['env']]['addresses_bag_hash']['addresses'][target_serv_index] ||= {}                                      unless args.include?('set_hash_to_nil')
+      @config[@options['env']]['addresses_bag_hash']['addresses'][target_serv_index]['name']       = @options['node_name']       if args.include?('set_node_name') || args.include?('set_all_attributes')
+      @config[@options['env']]['addresses_bag_hash']['addresses'][target_serv_index]['public']     = @options['address']         if args.include?('set_public_address') || args.include?('set_all_attributes')
+      @config[@options['env']]['addresses_bag_hash']['addresses'][target_serv_index]['address']    = @options['private_address'] if args.include?('set_private_address') || args.include?('set_all_attributes')
+      @config[@options['env']]['addresses_bag_hash']['addresses'][target_serv_index]['dn']         = full_domain                 if args.include?('set_domain_name') || args.include?('set_all_attributes')
+      @config[@options['env']]['addresses_bag_hash']['addresses'][target_serv_index]['descriptor'] = (@options['descriptor'].nil? ? @options['node_name'] : @options['descriptor']) if args.include?('set_descriptor') || args.include?('set_all_attributes')
+
+      if !target_serv_index.nil? && target_serv_index.is_a?(Fixnum) && !@options['dont_remove_address_or_server'] && args.include?('set_hash_to_nil')
+        puts("Found entry in addresses data bag corresponding to #{ @options['node_name'] } for #{ @options['env'] }, removing...") unless @options['quiet']
+
+        @config[@options['env']]['addresses_bag_hash']['addresses'][target_serv_index] = nil
+      
+        @config[@options['env']]['addresses_bag_hash']['addresses'] = @config[@options['env']]['addresses_bag_hash']['addresses'].compact
+
+        domain_obj = PublicSuffix.parse @config[@options['env']]['addresses_bag_hash']['addresses'][target_serv_index]['dn']
+
+        @config['stateless_action'].cloud "domain", "destroy_record:#{ domain_obj.tld }:#{ domain_obj.trd }" if domain_obj.tld == @config[@options['env']]['config_bag_hash'][@options['sub_env']]['tld']
+      end
+
+      @config[@options['env']]['addresses_bag_hash']['addresses'][target_serv_index] unless args.include?('set_hash_to_nil')
+    end
+
+    private
+
+    def fetch_cloudflare_records_as_hash target_domain, ret_hash={}
+      request                 = @config['cloudflare'].rec_load_all(target_domain)['response']['recs']
+      original_records, count = [], 0
+
+      while request['has_more']
+        original_records << request['objs']
+
+        count += request['count']
+
+        request = @config['cloudflare'].rec_load_all(target_domain, count)['response']['recs']
+      end
+
+      original_records << request['objs']
+
+      original_records.flatten.each do |record_hash|
+        ret_hash["#{ record_hash['name'] }-#{ record_hash['type'] }"] ||= []
+        ret_hash["#{ record_hash['name'] }-#{ record_hash['type'] }"]  << record_hash
+      end
+
+      ret_hash
+    end
+
+    def edit_cloudflare_record target_domain, record_hash, cloudflare_records_hash
+      possible_matches = cloudflare_records_hash["#{ record_hash['name'] }-#{ record_hash['type'] }"]
+
+      raise "Critical! No cloudflare record was found to edit for #{ target_domain }: #{ record_hash['name'] }!" if possible_matches.nil?
+
+      if possible_matches.count > 1
+        possible_matches.each do |match_hash|
+          if match_hash.has_key?('matched_already')
+            next
+          else
+            compile_cloudflare_record_srv_attributes_on_record_hash record_hash, target_domain
+
+            begin
+              @config['cloudflare'].rec_edit(
+                target_domain,
+                record_hash['type'],
+                match_hash['rec_id'],
+                record_hash['name'],
+                record_hash['value'],
+                record_hash['ttl'],
+                record_hash['activate_cloudflare'],
+                record_hash['priority'],
+                record_hash['SRV_service'],
+                record_hash['SRV_srvname'],
+                record_hash['SRV_protocol'],
+                record_hash['SRV_weight'],
+                record_hash['SRV_port'],
+                record_hash['SRV_target']
+              )
+
+              match_hash['matched_already'] = true
+
+              print 'edit_on_multi_match_'.ljust(19, '_')
+            rescue CloudFlare::RequestError => e
+              if e.message == 'A record with those settings already exists.'
+                print 'edit_fail_match_'
+
+                next
+              else
+                @config['helper'].exception_output "There was an issue updating Cloudflare! Please create an issue on the cheftacular repository with this stacktrace!", e
+              end
+            end
+
+            break
+          end
+        end
+      else
+        print 'edit'.ljust(20, '_')
+
+        @config['cloudflare'].rec_edit(target_domain, record_hash['type'], possible_matches[0]['rec_id'], record_hash['name'], record_hash['value'], record_hash['ttl'])
+      end
+    end
+
+    def cloudflare_record_does_include_value? cloudflare_record, record_hash_value
+      cloudflare_record.each do |match_record|
+        return true if record_hash_value == match_record['content']
+      end
+
+      false
+    end
+
+    def compile_cloudflare_record_srv_attributes_on_record_hash record_hash, target_domain
+      return false unless record_hash['type'].upcase == 'SRV'
+
+      record_hash['SRV_service']  = record_hash['name'].split('.')[0]
+      record_hash['SRV_srvname']  = target_domain
+      record_hash['SRV_protocol'] = record_hash['name'].split('.')[1]
+      record_hash['SRV_weight']   = record_hash['value'].split(' ')[0].to_i
+      record_hash['SRV_port']     = record_hash['value'].split(' ')[1].to_i
+      record_hash['SRV_target']   = record_hash['value'].split(' ')[2]
+      record_hash['value']        = "#{ record_hash['priority'] } IN SRV #{ record_hash['SRV_weight'] } #{ record_hash['SRV_port'] } #{ record_hash['SRV_target'] }."#10 IN SRV 5 8806 somewhere.com
+      #record_hash['name']         = ''
+    end
+  end
+end