cheftacular 2.5.0 → 2.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 7233d8cadcae175bcd92d273a3605839a2d53ad9
-  data.tar.gz: fdb827fd1402bdd10a00a6825562a73141bb6061
+  metadata.gz: c5bcc816f796287851b09a9aae84f8c0c870d0a5
+  data.tar.gz: b88ae2e25f2732f9204f5d1fe425290472cfb0a0
 SHA512:
-  metadata.gz: cb98181f78e93dffaed9569a924a5bd405e350af1379cffb0ccb44f1230c59ec54d34651b77d1b40b747c6a02e4e56a4e2a085a2613edd639bd285ece64bf17d
-  data.tar.gz: 775787e78bc7d997d94eabaa5011e72bc78aeb9b6295ae73d91f14d00c8acb5f5b634e917cb660880c5d2787aa23a49a18a91696216d5870a09e53062155003b
+  metadata.gz: cea832a9a9c55ab8bd3f20a3b8ea76cedc7fcb7227d55437eb510ae8047912bab1f04d46f79492058d1af2c85f415c611d8fd9bba8d1a92d939de61dc6950eaa
+  data.tar.gz: 197bfb84446358b86921378c0777fec8b8542988df3e0b0fe78d361517105db64e61832cb1fc44a3c19e068739a31ecb11d9f467788b77405f4d6240ceb29e52

data/lib/cheftacular/README.md

@@ -60,11 +60,25 @@
 
 ## Commands that can be run in the application context
 
-1. `cft backup [activate|deactivate]` this command sets the fetch_backups and restore_backups flags in your config data bag for an environment. These can be used to give application developers a way to trigger / untrigger restores in an environment
+1. [NYI]`cft get_active_ssh_connections` will fetch the active ssh connections from every server and output it into your log directory.
 
-2. `cft check` Checks the commits for all servers for a repository (for an environment) and returns them in a simple chart. Also shows when these commits were deployed to the server.
+2. `cft backup [activate|deactivate]` this command sets the fetch_backups and restore_backups flags in your config data bag for an environment. These can be used to give application developers a way to trigger / untrigger restores in an environment
 
-3. `cft client_list` Allows you check the basic information for all the servers setup via chef. Shows the server's short name, its public ip address and roles (run_list) by default.
+3. `cft check` Checks the commits for all servers for a repository (for an environment) and returns them in a simple chart. Also shows when these commits were deployed to the server.
+
+4. `cft chef_server [restart|processes|memory]` this command can be used to query the chef server for stats if the cheftacular.yml has the chef_server key filled out. Useful for low resource chef-servers.
+
+    1. `restart` restarts all chef processes on the chef server which may alleviate slow cheftacular load times for some users. (NOTE) do not run this command while the chef-server is performing actions or instability may result! Not tested for high volume chef servers.
+
+    2. `processes` runs `ps aux` on the server to return the running processes and their stats.
+
+    3. `memory` runs `free -m` on the server to return the current memory usage.
+
+    4. NOTE! This command (and all arguments to it) bypass the normal environment loading like the help command.
+
+    5. NOTE 2! Cheftacular does not (and will not) support accessing your chef server over ssh with password auth. If you have done this, you should feel bad and immediately switch ssh access to key authentication...
+
+5. `cft client_list` Allows you check the basic information for all the servers setup via chef. Shows the server's short name, its public ip address and roles (run_list) by default.
 
     1. `-v` option will make this command display the server's domain name, whether its password is stored on the chef server and what that password is.
 
@@ -72,21 +86,23 @@
 
     3. This command is aliased to `client-list` with no arguments or cft prefix.
 
-4. `cft console` will create a pry session on the first node found for a codebase.
+6. `cft console` will create a pry session on the first node found for a codebase.
 
-5. `cft db_console` will create a database console session on the first node found for a database stack in the current environment.
+7. `cft db_console` will create a database console session on the first node found for a database stack in the current environment.
 
     1. This command is aliased to psql, typing `cft psql` will drop you into a rails stack database psql session.
 
-6. `cft deploy` will do a simple chef-client run on the servers for a role. Logs of the run itself will be sent to the local log directory in the application (or chef-repo) where the run was conducted.
+8. `cft deploy` will do a simple chef-client run on the servers for a role. Logs of the run itself will be sent to the local log directory in the application (or chef-repo) where the run was conducted.
 
     1.  This command also restarts services on the server and updates the code. Changes behavior slightly with the `-z|-Z` args but only if your cookbooks support switching revisions based on tags / branch names.
 
     2.  This command will also run migrations on both an role's normal servers and its split servers if certain conditions are met (such as the role having a database, etc).
 
-7. `cft disk_report` will fetch useful statistics from every server for every environment and output it into your log directory.
+    3. The `-v|--verbose` option will cause failed deploys to output to the terminal window and to their normal log file. Useful for debugging.
 
-8. `cft environment boot|destroy` will boot / destroy the current environment
+9. `cft disk_report` will fetch useful statistics from every server for every environment and output it into your log directory.
+
+10. `cft environment boot|destroy` will boot / destroy the current environment
 
     1. `boot` will spin up servers and bring them to a stable state. This includes setting up their subdomains for the target environment.
 
@@ -94,7 +110,7 @@
 
     3. This command will prompt when attempting to destroy servers in staging or production
 
-9. `cft file NODE_NAME LOCATION_ALIAS MODE FILE_NAME` interacts with a file on the remote server
+11. `cft file NODE_NAME LOCATION_ALIAS MODE FILE_NAME` interacts with a file on the remote server
 
     1. `LOCATION_ALIAS` will be parsed as a path if it has backslash characters. Otherwise it will be parsed from your location_aliases hash in your cheftacular.yml
 
@@ -124,23 +140,25 @@
 
         1. `--save-to-file FILE_PATH` can also be used in the `fetch` context to specify where exactly to save the file and what to name it as.
 
-10. `cft fix_known_hosts [HOSTNAME]` this command will delete entries in your known_hosts file for all the servers that are in our system (ip addresses AND dns names)
+12. `cft fix_known_hosts [HOSTNAME]` this command will delete entries in your known_hosts file for all the servers that are in our system (ip addresses AND dns names)
 
     1. Passing in a hostname will make the command only remove entries with that hostname / ip specifically
 
-11. `cft get_active_ssh_connections` will fetch the active ssh connections from every server and output it into your log directory.
-
-12. `cft get_haproxy_log` this command will generate a haproxy html file for the load balancer(s) associated with a repository in the log directory. Opening this log file in the browser will show the status of that haproxy at the time of the log. 
+13. `cft get_haproxy_log` this command will generate a haproxy html file for the load balancer(s) associated with a repository in the log directory. Opening this log file in the browser will show the status of that haproxy at the time of the log. 
 
     1. In devops mode, this command will not do anything without the -R repository passed.
 
-13. `cft get_log_from_bag <NODE_NAME-COMMAND_TYPE>` this command grabs the latest command run log from the data bags and saves it to your log directory. There are different types of logs saved per server depending on command.
+14. `cft get_log_from_bag <NODE_NAME-COMMAND_TYPE>` this command grabs the latest command run log from the data bags and saves it to your log directory. There are different types of logs saved per server depending on command.
+
+15. `cft get_pg_pass ['clip']` command will output the current environment's pg_password to your terminal. Optionally you can pass in clip like `cft get_pg_pass clip` to have it also copy the pass to your clipboard.
+
+16. `cft help COMMAND|MODE` this command returns the documentation for a specific command if COMMAND matches the name of a command. Alternatively, it can be passed `action|arguments|application|current|devops|stateless_action` to fetch the commands for a specific mode.Misspellings of commands will display near hits.
 
-14. `cft get_pg_pass ['clip']` command will output the current environment's pg_password to your terminal. Optionally you can pass in clip like `cft get_pg_pass clip` to have it also copy the pass to your clipboard.
+17. `cft list_toggleable_roles NODE_NAME` This command will allow you to see all toggleable roles for a node
 
-15. `cft help COMMAND|MODE` this command returns the documentation for a specific command if COMMAND matches the name of a command. Alternatively, it can be passed `action|arguments|application|current|devops|stateless_action` to fetch the commands for a specific mode.Misspellings of commands will display near hits.
+18. `cft location_aliases` will list all location aliases listed in your cheftacular.yml. These aliases can be used in the `cft file` command.
 
-16. `cft log` this command will output the last 500 lines of logs from every server set for CODEBASE (can be given additional args to specify) to the log directory
+19. `cft log` this command will output the last 500 lines of logs from every server set for CODEBASE (can be given additional args to specify) to the log directory
 
     1.  `--nginx` will fetch the nginx logs as well as the application logs
 
@@ -152,13 +170,25 @@
 
     4. `--fetch-backup` If doing a pg_data log, this will fetch the latest logs from the pg_data log directory for each database.
 
-17. `cft migrate` this command will grab the first alphabetical node for a repository and run a migration that will hit the database primary server.
+20. `cft migrate` this command will grab the first alphabetical node for a repository and run a migration that will hit the database primary server.
+
+21. `cft pass NODE_NAME` will drop the server's sudo password into your clipboard. Useful for when you need to ssh into the server itself and try advanced linux commands
+
+22. `cft reinitialize IP_ADDRESS NODE_NAME` will reconnect a server previously managed by chef to a new chef server. The node name MUST MATCH THE NODE'S ORIGINAL NODE NAME for the roles to be setup correctly.
+
+23. `cft role_toggle NODE_NAME ROLE_NAME activate|deactivate` This command will allow you to **toggle** roles on nodes without using `cft upload_nodes`
 
-18. `cft pass NODE_NAME` will drop the server's sudo password into your clipboard. Useful for when you need to ssh into the server itself and try advanced linux commands
+    1. This command uses your *role_toggling:deactivated_role_suffix* attribute set in your cheftacular.yml to toggle the role, it checks to see if the toggled name exists then sets the node's run_list to include the toggled role
 
-19. `cft reinitialize IP_ADDRESS NODE_NAME` will reconnect a server previously managed by chef to a new chef server. The node name MUST MATCH THE NODE'S ORIGINAL NODE NAME for the roles to be setup correctly.
+    2. EX: `cft role_toggle apisc01 worker activate` will find the node apisc01 and attempt to toggle the worker role to on. If the node does NOT have the worker_deactivate role, then it will add it if *role_toggling:strict_roles* is set to **false**
 
-20. `cft run COMMAND [--all]` will trigger the command on the first server in the role. Can be used to run rake commands or anything else.
+        1. If *role_toggling:strict_roles* is set to true, then cheftacular would raise an error saying this role is unsettable on the node. On the other hand, if the node already has the worker_deactivaterole, then this command will succeed even if *strict_roles* is set.
+
+    3. In case it isn't obvious, this command ONLY supports deactivation suffix roles like worker_deactivate or worker_off, with theiron counterpart just being the role itself, like "worker".
+
+        1. Please run `cft list_toggleable_roles NODE_NAME` to get a list of your org's toggleable roles for a node.
+
+24. `cft run COMMAND [--all]` will trigger the command on the first server in the role. Can be used to run rake commands or anything else.
 
     1. `--all` will make the command run against all servers in a role rather than the first server it comes across. Don't do this if you're modifying the database with the command.
 
@@ -168,11 +198,11 @@
 
     4. IMPORTANT NOTE: You cannot run `cft run rake -T` as is, you have to enclose any command that uses command line dash arguments in quotes like `cft run "rake -T"`
 
-21. `cft scale up|down [NUM_TO_SCALE]` will add (or remove) NUM_TO_SCALE servers from the server array. This command will not let you scale down below 1 server.
+25. `cft scale up|down [NUM_TO_SCALE]` will add (or remove) NUM_TO_SCALE servers from the server array. This command will not let you scale down below 1 server.
 
     1. In the case of server creation, this command takes a great deal of time to execute. It will output what stage it is currently on to the terminal but <b>you must not kill this command while it is executing</b>.A failed build may require the server to be destroyed / examined by a DevOps engineer.
 
-22. `cft tail` will tail the logs (return continuous output) of the first node if finds that has an application matching the repository running on it. Currently only supports rails stacks
+26. `cft tail` will tail the logs (return continuous output) of the first node if finds that has an application matching the repository running on it. Currently only supports rails stacks
 
     1. pass `-n NODE_NAME` to grab the output of a node other than the first.
 
@@ -183,21 +213,39 @@
 
 1. [NYI]`cft clean_sensu_plugins` will checkout / update the sensu community plugins github repo on your local machine and sync any sensu plugin files in your wrapper cookbook directory with what is in the repo.
 
-2. `cft add_ssh_key_to_bag "<NEW SSH PUB KEY>" [SPECIFIC_REPOSITORY]` this command will add the given ssh key to the default authentication data bag. After this your server recipes should read the contents of the 'default' 'authentication' bag for the authorized_keys array.
+2. [NYI]`cft get_active_ssh_connections` will fetch the active ssh connections from every server and output it into your log directory.
+
+3. [NYI]`cft update_chef_client` attempts to update the chef-client of all nodes to the latest version. Should be done with caution and with the chef_server's version in mind.
+
+4. `cft add_ssh_key_to_bag "<NEW SSH PUB KEY>" [SPECIFIC_REPOSITORY]` this command will add the given ssh key to the default authentication data bag. After this your server recipes should read the contents of the 'default' 'authentication' bag for the authorized_keys array.
 
     1. `SPECIFIC_REPOSITORY` is a special argument, if left blank the key will be placed in the authorized_keys array in the bag, otherwise it will be placed in the specific_authorized_keys hash under a key named for the repository that is passed. The script will error if SPECIFIC_REPOSITORY does not exist in the cheftacular.yml respositories hash. You can then use this data to give users selective ssh access to certain servers.
 
-3. `cft backup [activate|deactivate]` this command sets the fetch_backups and restore_backups flags in your config data bag for an environment. These can be used to give application developers a way to trigger / untrigger restores in an environment
+5. `cft backup [activate|deactivate]` this command sets the fetch_backups and restore_backups flags in your config data bag for an environment. These can be used to give application developers a way to trigger / untrigger restores in an environment
+
+6. `cft check_cheftacular_yml_keys` allows you to check to see if your cheftacular yml keys are valid to the current version of cheftacular. It will also set your missing keys to their likely default and let you know to update the cheftacular.yml file.
+
+7. `cft chef_bootstrap ADDRESS NODE_NAME` allows you to register a node in the chef system, remove any lingering data that may be associated with it and update the node's runlist if it has an entry in nodes_dir for its NODE_NAME.
 
-4. `cft chef_bootstrap ADDRESS NODE_NAME` allows you to register a node in the chef system, remove any lingering data that may be associated with it and update the node's runlist if it has an entry in nodes_dir for its NODE_NAME.
+8. `cft chef_server [restart|processes|memory]` this command can be used to query the chef server for stats if the cheftacular.yml has the chef_server key filled out. Useful for low resource chef-servers.
 
-5. `cft clean_cookbooks [force] [remove_cookbooks]` allows you to update the internal chef-repo's cookbooks easily. By default this script will force you to decide what to do with each cookbook individually (shows version numbers and whether to overwrite it to cookbooks or not).
+    1. `restart` restarts all chef processes on the chef server which may alleviate slow cheftacular load times for some users. (NOTE) do not run this command while the chef-server is performing actions or instability may result! Not tested for high volume chef servers.
+
+    2. `processes` runs `ps aux` on the server to return the running processes and their stats.
+
+    3. `memory` runs `free -m` on the server to return the current memory usage.
+
+    4. NOTE! This command (and all arguments to it) bypass the normal environment loading like the help command.
+
+    5. NOTE 2! Cheftacular does not (and will not) support accessing your chef server over ssh with password auth. If you have done this, you should feel bad and immediately switch ssh access to key authentication...
+
+9. `cft clean_cookbooks [force] [remove_cookbooks]` allows you to update the internal chef-repo's cookbooks easily. By default this script will force you to decide what to do with each cookbook individually (shows version numbers and whether to overwrite it to cookbooks or not).
 
     1. `force` argument will cause the downloaded cookbooks to *always* overwrite the chef-repo's cookbooks as long as the downloaded cookbook has a higher version number.
 
     2. If you would like to remove all the cookbooks on the chef server, run `knife cookbook bulk delete '.*' -p -c ~/.chef/knife.rb`
 
-6. `cft client_list` Allows you check the basic information for all the servers setup via chef. Shows the server's short name, its public ip address and roles (run_list) by default.
+10. `cft client_list` Allows you check the basic information for all the servers setup via chef. Shows the server's short name, its public ip address and roles (run_list) by default.
 
     1. `-v` option will make this command display the server's domain name, whether its password is stored on the chef server and what that password is.
 
@@ -205,7 +253,7 @@
 
     3. This command is aliased to `client-list` with no arguments or cft prefix.
 
-7. `cft cloud <FIRST_LEVEL_ARG> [<SECOND_LEVEL_ARG>[:<SECOND_LEVEL_ARG_QUERY>]*] ` this command handles talking to various cloud APIs. If no args are passed nothing will happen.
+11. `cft cloud <FIRST_LEVEL_ARG> [<SECOND_LEVEL_ARG>[:<SECOND_LEVEL_ARG_QUERY>]*] ` this command handles talking to various cloud APIs. If no args are passed nothing will happen.
 
     1. `domain` first level argument for interacting with cloud domains
 
@@ -277,7 +325,31 @@
 
             1. Standard servers are listed as XGB with no spaces in their size, performance servers are listed as X GB with a space in their size. If you are about to create a server and are unsure, query flavors first.
 
-8. `cft cloud_bootstrap NODE_NAME FLAVOR_NAME [DESCRIPTOR] [--with-dn DOMAIN]` uses a cloud api to create a server and attaches its DOMAIN_NAME to the TLD specified for that environment (IE: example-staging.com for staging)
+    5. `image` first level argument for listing the images available on the cloud service
+
+        1. `list` default behavior
+
+        2. `read:NAME` behaves the same as list unless a specific image name is supplied
+
+    6. `region` first level argument for listing the regions available on the cloud service (only supported by DigitalOcean)
+
+        1. `list` default behavior
+
+        2. `read:REGION` behaves the same as list unless a specific region name is supplied
+
+    7. `sshkey` first level argument for listing the sshkeys added to the cloud service (only supported by DigitalOcean)
+
+        1. `list` default behavior
+
+        2. `read:KEY_NAME` behaves the same as list unless a specific sshkey name is supplied
+
+        3. `"create:KEY_NAME:KEY_STRING"` creates an sshkey object. KEY_STRING must contain the entire value of the ssh public key file. The command must be enclosed in quotes.
+
+        4. `destroy:KEY_NAME` destroys the sshkey object
+
+        5. `bootstrap` captures the current computer's hostname and checks to see if a key matching this hostname exists on the cloud service. If the key does not exist, the command attempts to read the contents of the ~/.ssh/id_rsa.pub file and create a new key with that data and the hostname of the current computer. Run automatically when creating DigitalOcean servers. It's worth noting that if the computer's key already exists on DigitalOcean under a different name, this specific command will fail with a generic error. Please check your keys.
+
+12. `cft cloud_bootstrap NODE_NAME FLAVOR_NAME [DESCRIPTOR] [--with-dn DOMAIN]` uses a cloud api to create a server and attaches its DOMAIN_NAME to the TLD specified for that environment (IE: example-staging.com for staging)
 
     1. If no DOMAIN_NAME is supplied it will use the node's NODE_NAME (IE: api01.example-staging.com)
 
@@ -287,19 +359,21 @@
 
     4. DESCRIPTOR is used as an internal tag for the node, if left blank it will become the name of the node. It is recommended to enter a custom repository-dependent tag here to make nodes easier to load-balance like "lb:[CODEBASE_NAME]"
 
-9. `cft compile_audit_log [clean]` compiles the audit logs in each environment's audit data bag a audit-log-CURRENTDAY.md file in the log folder of the application. Bear in mind that the bag can only hold 100K bytes and will need to have that data removed to store more than that.
+13. `cft compile_audit_log [clean]` compiles the audit logs in each environment's audit data bag a audit-log-CURRENTDAY.md file in the log folder of the application. Bear in mind that the bag can only hold 100K bytes and will need to have that data removed to store more than that.
 
-10. `cft compile_readme` compiles all documentation methods and creates a README.md file in the log folder of the application.
+14. `cft compile_readme` compiles all documentation methods and creates a README.md file in the log folder of the application.
 
-11. `cft create_git_key ID_RSA_FILE [OAUTH_TOKEN]` This command will update the default/authentication data bag with new credentials. The [ID_RSA_FILE](https://help.github.com/articles/generating-ssh-keys) needs to exist beforehand.
+15. `cft create_git_key ID_RSA_FILE [OAUTH_TOKEN]` This command will update the default/authentication data bag with new credentials. The [ID_RSA_FILE](https://help.github.com/articles/generating-ssh-keys) needs to exist beforehand.
 
     1. This command will upload both the private and public key to the data bag. The public key should be the one that matches the github user for your deployment github user.
 
     2. `OAUTH_TOKEN` *must* be generated by logging into github and generating an access token in the account settings -> applications -> personal access tokens
 
-12. `cft disk_report` will fetch useful statistics from every server for every environment and output it into your log directory.
+    3. NOTE! The ID_RSA_FILE should be in your .chef folder in the root of your home directory!
+
+16. `cft disk_report` will fetch useful statistics from every server for every environment and output it into your log directory.
 
-13. `cft environment boot|destroy` will boot / destroy the current environment
+17. `cft environment boot|destroy` will boot / destroy the current environment
 
     1. `boot` will spin up servers and bring them to a stable state. This includes setting up their subdomains for the target environment.
 
@@ -307,7 +381,7 @@
 
     3. This command will prompt when attempting to destroy servers in staging or production
 
-14. `cft file NODE_NAME LOCATION_ALIAS MODE FILE_NAME` interacts with a file on the remote server
+18. `cft file NODE_NAME LOCATION_ALIAS MODE FILE_NAME` interacts with a file on the remote server
 
     1. `LOCATION_ALIAS` will be parsed as a path if it has backslash characters. Otherwise it will be parsed from your location_aliases hash in your cheftacular.yml
 
@@ -337,23 +411,21 @@
 
         1. `--save-to-file FILE_PATH` can also be used in the `fetch` context to specify where exactly to save the file and what to name it as.
 
-15. `cft fix_known_hosts [HOSTNAME]` this command will delete entries in your known_hosts file for all the servers that are in our system (ip addresses AND dns names)
+19. `cft fix_known_hosts [HOSTNAME]` this command will delete entries in your known_hosts file for all the servers that are in our system (ip addresses AND dns names)
 
     1. Passing in a hostname will make the command only remove entries with that hostname / ip specifically
 
-16. `cft full_bootstrap ADDRESS ROOT_PASS NODE_NAME` This command performs both ubuntu_bootstrap and chef_bootstrap.
+20. `cft full_bootstrap ADDRESS ROOT_PASS NODE_NAME` This command performs both ubuntu_bootstrap and chef_bootstrap.
 
-17. `cft get_active_ssh_connections` will fetch the active ssh connections from every server and output it into your log directory.
-
-18. `cft get_haproxy_log` this command will generate a haproxy html file for the load balancer(s) associated with a repository in the log directory. Opening this log file in the browser will show the status of that haproxy at the time of the log. 
+21. `cft get_haproxy_log` this command will generate a haproxy html file for the load balancer(s) associated with a repository in the log directory. Opening this log file in the browser will show the status of that haproxy at the time of the log. 
 
     1. In devops mode, this command will not do anything without the -R repository passed.
 
-19. `cft get_log_from_bag <NODE_NAME-COMMAND_TYPE>` this command grabs the latest command run log from the data bags and saves it to your log directory. There are different types of logs saved per server depending on command.
+22. `cft get_log_from_bag <NODE_NAME-COMMAND_TYPE>` this command grabs the latest command run log from the data bags and saves it to your log directory. There are different types of logs saved per server depending on command.
 
-20. `cft get_pg_pass ['clip']` command will output the current environment's pg_password to your terminal. Optionally you can pass in clip like `cft get_pg_pass clip` to have it also copy the pass to your clipboard.
+23. `cft get_pg_pass ['clip']` command will output the current environment's pg_password to your terminal. Optionally you can pass in clip like `cft get_pg_pass clip` to have it also copy the pass to your clipboard.
 
-21. `cft get_shorewall_allowed_connections [PATH_TO_LOCAL_FILE] -n NODE_NAME` command will query a single server and return all of its ACCEPT connections from shorewall in it's syslog and return the results in a CSV format. Useful for tracking IP activity.
+24. `cft get_shorewall_allowed_connections [PATH_TO_LOCAL_FILE] -n NODE_NAME` command will query a single server and return all of its ACCEPT connections from shorewall in it's syslog and return the results in a CSV format. Useful for tracking IP activity.
 
     1. You must pass in a node name to query with `-n NODE_NAME`
 
@@ -361,23 +433,43 @@
 
     3. If `PATH_TO_LOCAL_FILE` is not blank, the command will use that file instead of building a file on the remote server
 
-22. `cft help COMMAND|MODE` this command returns the documentation for a specific command if COMMAND matches the name of a command. Alternatively, it can be passed `action|arguments|application|current|devops|stateless_action` to fetch the commands for a specific mode.Misspellings of commands will display near hits.
+25. `cft help COMMAND|MODE` this command returns the documentation for a specific command if COMMAND matches the name of a command. Alternatively, it can be passed `action|arguments|application|current|devops|stateless_action` to fetch the commands for a specific mode.Misspellings of commands will display near hits.
+
+26. `cft initialize_cheftacular_yml` will create a cheftacular.yml file in your config folder (and create theconfig folder if it does not exist). If you already have a cheftacular.yml file in the config folder, it will create a cheftacular.example.yml file that will contain the new changes / keys in the latest cheftacular version.
+
+27. `cft initialize_data_bag_contents ENVIRONMENT_NAME` will ensure the data bags always have the correct structure before each run. This command is run every time the gem is started and if called directly, will exit after completion.
+
+28. `cft knife_upload` will resync the chef-server with the local chef-repo code. This command is analog for `knife upload /`
+
+29. `cft list_toggleable_roles NODE_NAME` This command will allow you to see all toggleable roles for a node
 
-23. `cft initialize_data_bag_contents ENVIRONMENT_NAME` will ensure the data bags always have the correct structure before each run. This command is run every time the gem is started and if called directly, will exit after completion.
+30. `cft location_aliases` will list all location aliases listed in your cheftacular.yml. These aliases can be used in the `cft file` command.
 
-24. `cft knife_upload` will resync the chef-server with the local chef-repo code. This command is analog for `knife upload /`
+31. `cft pass NODE_NAME` will drop the server's sudo password into your clipboard. Useful for when you need to ssh into the server itself and try advanced linux commands
 
-25. `cft pass NODE_NAME` will drop the server's sudo password into your clipboard. Useful for when you need to ssh into the server itself and try advanced linux commands
+32. `cft remove_client NODE_NAME [destroy]` removes a client (and its node data) from the chef-server. It also removes its dns records from the cloud service (if possible). This should not be done lightly as you will have to wipe the server and trigger another chef-client run to get it to register again. Alternatively, you can run `cft reinitialize IP_ADDRESS NODE_NAME as well.
 
-26. `cft remove_client -n NODE_NAME` removes a client (and its node data) from the chef-server. It also removes its dns records from the cloud service (if possible). This should not be done lightly as you will have to wipe the server and trigger another chef-client run to get it to register again
+    1. `destroy` deletes the server as well as removing it from the chef environment.
 
-27. `cft replication_status` will check the status of the database master and slaves in every environment. Also lists how far behind the slaves are from the master in milliseconds.
+33. `cft replication_status` will check the status of the database master and slaves in every environment. Also lists how far behind the slaves are from the master in milliseconds.
 
-28. `cft restart_swap` will restart the swap on every server that doesn't have swap currently on. Useful if you notice servers with no swap activated from `cft disk_report`
+34. `cft restart_swap` will restart the swap on every server that doesn't have swap currently on. Useful if you notice servers with no swap activated from `cft disk_report`
 
     1. There is no risk in running this command. Sometimes swap doesnt reactivate if the server was rebooted and this command fixes that.
 
-29. `cft rvm [COMMAND] [ADDITIONAL_COMMANDS]*` will run rvm commands on the remote servers. Output from this command for each server will go into your rvm directory under the log directory. Please refer to [the rvm help page](https://rvm.io/rvm) for more information on rvm commands.
+35. `cft role_toggle NODE_NAME ROLE_NAME activate|deactivate` This command will allow you to **toggle** roles on nodes without using `cft upload_nodes`
+
+    1. This command uses your *role_toggling:deactivated_role_suffix* attribute set in your cheftacular.yml to toggle the role, it checks to see if the toggled name exists then sets the node's run_list to include the toggled role
+
+    2. EX: `cft role_toggle apisc01 worker activate` will find the node apisc01 and attempt to toggle the worker role to on. If the node does NOT have the worker_deactivate role, then it will add it if *role_toggling:strict_roles* is set to **false**
+
+        1. If *role_toggling:strict_roles* is set to true, then cheftacular would raise an error saying this role is unsettable on the node. On the other hand, if the node already has the worker_deactivaterole, then this command will succeed even if *strict_roles* is set.
+
+    3. In case it isn't obvious, this command ONLY supports deactivation suffix roles like worker_deactivate or worker_off, with theiron counterpart just being the role itself, like "worker".
+
+        1. Please run `cft list_toggleable_roles NODE_NAME` to get a list of your org's toggleable roles for a node.
+
+36. `cft rvm [COMMAND] [ADDITIONAL_COMMANDS]*` will run rvm commands on the remote servers. Output from this command for each server will go into your rvm directory under the log directory. Please refer to [the rvm help page](https://rvm.io/rvm) for more information on rvm commands.
 
     1. When no commands are passed, rvm will just run `rvm list` on each server on all servers in the current environment.
 
@@ -393,11 +485,11 @@
 
     7. `upgrade_rvm` will run `rvm get stable --auth-dotfiles` on all servers for the current environment. It will also check and attempt to upgrade pre 1.25 installations of RVM to 1.26+ (which requires a GPG key).
 
-30. `cft server_update [restart]` allows you to force update all nodes' packages for a specific environment. This should be done with caution as this *might* break something.
+37. `cft server_update [restart]` allows you to force update all nodes' packages for a specific environment. This should be done with caution as this *might* break something.
 
-    1. `hip apt_update restart` will prompt to ask if you also want to restart all servers in a rolling restart. This should be done with extreme caution and only in a worst-case scenario.
+    1. `cft apt_update restart` will prompt to ask if you also want to restart all servers in a rolling restart. This should be done with extreme caution and only in a worst-case scenario.
 
-31. `cft service [COMMAND] [SERVICE]` will run service commands on remote servers. This command only runs on the first server it comes across. Specify others with -n NODE_NAME.
+38. `cft service [COMMAND] [SERVICE]` will run service commands on remote servers. This command only runs on the first server it comes across. Specify others with -n NODE_NAME.
 
     1. When no commands are passed, the command will list all the services in the /etc/init directory
 
@@ -405,13 +497,13 @@
 
     3. When `restart|stop|start SERVICE` is passed, the command will attempt to restart|stop|start the service if it has a .conf file on the remote server in the /etc/init directory.
 
-32. `cft slack "MESSAGE" [CHANNEL]` will attempt to post the message to the webhook set in your cheftacular.yml. Slack posts to your default channel by default but if the CHANNEL argument is supplied the message will post there.
+39. `cft slack "MESSAGE" [CHANNEL]` will attempt to post the message to the webhook set in your cheftacular.yml. Slack posts to your default channel by default but if the CHANNEL argument is supplied the message will post there.
 
     1. NOTE: To prevent confusing spam from many possible sources, the username posted to slack will always be *Cheftacular*. This can be overloaded in the StatelessAction method "slack" but this is not recommended.
 
     2. Remember, if you have auditing turned on in your cheftacular.yml, you can track who sends what to slack.
 
-33. `cft test_env [TARGET_ENV] boot|destroy` will create (or destroy) the test nodes for a particular environment (defaults to staging, prod split-envs can be set with `-p`). Please read below for how TARGET_ENV works
+40. `cft test_env [TARGET_ENV] boot|destroy` will create (or destroy) the test nodes for a particular environment (defaults to staging, prod split-envs can be set with `-p`). Please read below for how TARGET_ENV works
 
     1. TARGET_ENV changes functionality depending on the overall (like staging / production) environment
 
@@ -421,9 +513,9 @@
 
         3. The default tld used should change depending on which environment you are booting / destroying. This is set in the environment's config data bag under the tld key
 
-34. `cft ubuntu_bootstrap ADDRESS ROOT_PASS` This command will bring a fresh server to a state where chef-client can be run on it via `cft chef-bootstrap`. It should be noted that it is in this step where a server's randomized deploy_user sudo password is generated.
+41. `cft ubuntu_bootstrap ADDRESS ROOT_PASS` This command will bring a fresh server to a state where chef-client can be run on it via `cft chef-bootstrap`. It should be noted that it is in this step where a server's randomized deploy_user sudo password is generated.
 
-35. `cft update_cloudflare_dns_from_cloud [skip_update_tld]` command will force a full dns update for cloudflare. 
+42. `cft update_cloudflare_dns_from_cloud [skip_update_tld]` command will force a full dns update for cloudflare. 
 
     1. It will ensure all the subdomain entries are correct (based on the contents of the addresses data bag) and update them if they are not. It will also create the local subdomain for the entry as well if it does exist and point it to the correct private address for an environment.
 
@@ -431,7 +523,7 @@
 
     3. The argument `skip_update_tld` will stop the long process of checking and updating all the server domains _before_ cloudflare is updated. Only skip if you believe your domain info on your cloud is accurate.
 
-36. `cft update_split_branches` will perform a series of git commands that will merge all the split branches for your split_branch enabled repositories with what is currently on master and push them.
+43. `cft update_split_branches` will perform a series of git commands that will merge all the split branches for your split_branch enabled repositories with what is currently on master and push them.
 
     1. Repository must be set with `-R REPOSITORY_NAME` for this command to work.
 
@@ -441,9 +533,9 @@
 
     4. This command will return a helpful error statement if you attempt to run the command with changes to your current working directory. You must commit these changes before running this command.
 
-37. `cft update_tld TLD` command will force a full dns update for a tld in the preferred cloud. It will ensure all the subdomain entries are correct (based on the contents of the addresses data bag) and update them if they are not. It will also create the local subdomain for the entry as well if it does exist and point it to the correct private address.
+44. `cft update_tld TLD` command will force a full dns update for a tld in the preferred cloud. It will ensure all the subdomain entries are correct (based on the contents of the addresses data bag) and update them if they are not. It will also create the local subdomain for the entry as well if it does exist and point it to the correct private address.
 
-38. `cft upload_nodes` This command will resync the chef server's nodes with the data in our chef-repo/node_roles. 
+45. `cft upload_nodes` This command will resync the chef server's nodes with the data in our chef-repo/node_roles. 
 
     1. This command changes behavior depending on several factors about both your mode and the state of your environment
 
@@ -455,4 +547,4 @@
 
         1. Due to this, only users running this against their chef-repo need to worry about having a nodes_dir, the way it should be.
 
-39. `cft upload_roles` This command will resync the chef server's roles with the data in the chef-repo/roles.
+46. `cft upload_roles` This command will resync the chef server's roles with the data in the chef-repo/roles.

data/lib/cheftacular/actions/db_console.rb

@@ -18,12 +18,12 @@ class Cheftacular
     end
 
     def db_console_postgresql
-      nodes = @config['getter'].get_true_node_objects
+      nodes = @config['getter'].get_true_node_objects(true)
 
       #must have rails stack to run migrations and not be a db, only want ONE node
-      psqlable_nodes = @config['parser'].exclude_nodes( nodes, [{ unless: "role[#{ @options['role'] }]" }, { unless: 'role[rails]' }], true )
+      psqlable_nodes = @config['parser'].exclude_nodes( nodes, [{ unless: "role[#{ @options['role'] }]" }, { unless: 'role[rails]' }, { if: { not_env: @options['env'] } }], true )
 
-      database_host  = @config['parser'].exclude_nodes( nodes, [{ unless: "role[#{ @config['getter'].get_current_repo_config['db_primary_host_role'] }]"}], true).first
+      database_host  = @config['parser'].exclude_nodes( nodes, [{ unless: "role[#{ @config['getter'].get_current_repo_config['db_primary_host_role'] }]"}, { if: { not_env: @options['env'] } }], true).first
 
       private_database_host_address = @config['getter'].get_address_hash(database_host.name)[database_host.name]['priv']
 

data/lib/cheftacular/actions/deploy.rb

@@ -10,7 +10,9 @@ class Cheftacular
           "but only if your cookbooks support switching revisions based on tags / branch names.",
 
           "    2.  This command will also run migrations on both an role's normal servers and its split servers if certain " +
-          "conditions are met (such as the role having a database, etc)."
+          "conditions are met (such as the role having a database, etc).",
+
+          "    3. The `-v|--verbose` option will cause failed deploys to output to the terminal window and to their normal log file. Useful for debugging."
         ]
       ]
     end
@@ -49,20 +51,22 @@ class Cheftacular
 
       split_nodes_hash = {}
 
-      @config['cheftacular']['run_list_environments'][@options['env']].each_key do |role_name|
-        split_nodes_hash[role_name] = @config['parser'].exclude_nodes( nodes, [{ unless: "role[#{ role_name }]" }])
-      end
+      if @config['cheftacular']['run_list_environments'].has_key?(@options['env'])
+        @config['cheftacular']['run_list_environments'][@options['env']].each_key do |role_name|
+          split_nodes_hash[role_name] = @config['parser'].exclude_nodes( nodes, [{ unless: "role[#{ role_name }]" }])
+        end
 
-      split_nodes_hash.each_pair do |role, split_nodes|
-        next if split_nodes.empty?
+        split_nodes_hash.each_pair do |role, split_nodes|
+          next if split_nodes.empty?
 
-        unless @options["run_#{ role }_migrations_already"]
-          @options["run_#{ role }_migrations_already"] = true
-          
-          if @config['getter'].get_current_repo_config['database'] != 'none'
-            puts("Running migration on split environment #{ role }...") if !@options['quiet']
+          unless @options["run_#{ role }_migrations_already"]
+            @options["run_#{ role }_migrations_already"] = true
             
-            migrate(split_nodes)
+            if @config['getter'].get_current_repo_config['database'] != 'none'
+              puts("Running migration on split environment #{ role }...") if !@options['quiet']
+              
+              migrate(split_nodes)
+            end
           end
         end
       end
@@ -94,6 +98,8 @@ module SSHKit
       rescue SSHKit::Command::Failed => e
         puts "@@@@@CRITICAL! Deploy failed for #{ name } (#{ ip_address })! Please check your #{ log_loc }/failed-deploy for the logs!@@@@@"
 
+        puts(e.message) if options['verbose']
+
         lines = e.message.split("\n").last(100).join("\n")
 
         ::File.open("#{ log_loc }/failed-deploy/#{ name }-deploy-#{ timestamp }.txt", "w") { |f| f.write(e.message.scrub_pretty_text) }

data/lib/cheftacular/actions/migrate.rb

@@ -62,4 +62,4 @@ class Cheftacular
       return false
     end
   end
-end
+end

data/lib/cheftacular/actions/tail.rb

@@ -51,4 +51,4 @@ class Cheftacular
       `ssh -oStrictHostKeyChecking=no -tt #{ @config['cheftacular']['deploy_user'] }@#{ ip_address } "#{ @config['helper'].sudo(ip_address) } tail -f #{ log_loc }" > /dev/tty`
     end
   end
-end
+end

data/lib/cheftacular/auditor.rb

@@ -17,13 +17,21 @@ class Cheftacular
     end
 
     def write_audit_cache_file
-      File.open( @config['helper'].current_audit_file_path, "w") { |f| f.write( fetch_audit_data_hash ) }
+      File.open( @config['filesystem'].current_audit_file_path, "w") { |f| f.write( fetch_audit_data_hash ) }
     end
 
-    def read_audit_cache_file_to_hash ret_hash={}
-      ret_hash = Hash.class_eval( File.read( @config['helper'].current_audit_file_path ))
+    def read_audit_cache_file_to_hash ret_hash={}, options_to_ignore=[]
+      ret_hash = Hash.class_eval( File.read( @config['filesystem'].current_audit_file_path ))
       ret_hash['command']   = @options['command']
-      ret_hash['options']   = @options.except(:preferred_cloud, :preferred_cloud_region, :preferred_cloud_image) #TODO load preferred_X options if they are not the default?
+      
+      options_to_ignore << :preferred_cloud        if @options['preferred_cloud'] == @config['cheftacular']['preferred_cloud']
+      options_to_ignore << :preferred_cloud_image  if @options['preferred_cloud_image'] == @config['cheftacular']['preferred_cloud_image']
+      options_to_ignore << :preferred_cloud_region if @options['preferred_cloud_region'] == @config['cheftacular']['preferred_cloud_region']
+      options_to_ignore << :virtualization_mode    if @options['virtualization_mode'] == @config['cheftacular']['virtualization_mode']
+      options_to_ignore << :route_dns_changes_via  if @options['route_dns_changes_via'] == @config['cheftacular']['route_dns_changes_via']
+
+      ret_hash['options']   = @options.dup.delete_if { |key, value| options_to_ignore.include?(key.to_sym) }
+
       ret_hash['arguments'] = ARGV[1..ARGV.length]
 
       ret_hash
@@ -34,9 +42,9 @@ class Cheftacular
 
       ret_hash
     rescue StandardError => exception
-      @config['helper'].cleanup_file_caches('current-audit-only')
+      @config['filesystem'].cleanup_file_caches('current-audit-only')
 
-      @config['helper'].exception_output "Unable to finish parsing auditing hash", exception
+      @config['error'].exception_output "Unable to finish parsing auditing hash", exception
     end
   end
 end

data/lib/cheftacular/chef/data_bag.rb

@@ -29,9 +29,6 @@ class Cheftacular
 
       item = @config[env]['logs_bag'].reload
 
-      #TODO use zlib gem to store and display logs https://stackoverflow.com/questions/17882463/compressing-large-string-in-ruby
-      #Zlib::Deflate.deflate(data_to_compress)
-      #Zlib::Inflate.inflate(data_compressed)
       item.attributes = item.attributes.deep_merge(@config[env]['logs_bag_hash'].dup)
 
       begin
@@ -106,7 +103,7 @@ class Cheftacular
     rescue Ridley::Errors::HTTPRequestEntityTooLarge => e
       msg = "FATAL! Bag #{ bag_name } in environment bag #{ bag_env } was not able to be saved because it has grown too large! This bag must cleaned up ASAP!"
       
-      @config['helper'].exception_output msg, e
+      @config['error'].exception_output msg, e
     end
   end
 end