clc-cheffish 0.8.clc

data/lib/cheffish/actor_provider_base.rb

@@ -0,0 +1,131 @@
+require 'cheffish/key_formatter'
+require 'cheffish/chef_provider_base'
+
+class Cheffish::ActorProviderBase < Cheffish::ChefProviderBase
+
+  def create_actor
+    if new_resource.before
+      new_resource.before.call(new_resource)
+    end
+
+    # Create or update the client/user
+    current_public_key = new_json['public_key']
+    differences = json_differences(current_json, new_json)
+    if current_resource_exists?
+      # Update the actor if it's different
+      if differences.size > 0
+        description = [ "update #{actor_type} #{new_resource.name} at #{actor_path}" ] + differences
+        converge_by description do
+          result = rest.put("#{actor_path}/#{new_resource.name}", normalize_for_put(new_json))
+          current_public_key, current_public_key_format = Cheffish::KeyFormatter.decode(result['public_key']) if result['public_key']
+        end
+      end
+    else
+      # Create the actor if it's missing
+      if !new_public_key
+        raise "You must specify a public key to create a #{actor_type}!  Use the private_key resource to create a key, and pass it in with source_key_path."
+      end
+      description = [ "create #{actor_type} #{new_resource.name} at #{actor_path}" ] + differences
+      converge_by description do
+        result = rest.post("#{actor_path}", normalize_for_post(new_json))
+        current_public_key, current_public_key_format = Cheffish::KeyFormatter.decode(result['public_key']) if result['public_key']
+      end
+    end
+
+    # Write out the public key
+    if new_resource.output_key_path
+      # TODO use inline_resource
+      key_content = Cheffish::KeyFormatter.encode(current_public_key, { :format => new_resource.output_key_format })
+      if !current_resource.output_key_path
+        action = 'create'
+      elsif key_content != IO.read(current_resource.output_key_path)
+        action = 'overwrite'
+      else
+        action = nil
+      end
+      if action
+        converge_by "#{action} public key #{new_resource.output_key_path}" do
+          IO.write(new_resource.output_key_path, key_content)
+        end
+      end
+      # TODO permissions?
+    end
+
+    if new_resource.after
+      new_resource.after.call(self, new_json, server_private_key, server_public_key)
+    end
+  end
+
+  def delete_actor
+    if current_resource_exists?
+      converge_by "delete #{actor_type} #{new_resource.name} at #{actor_path}" do
+        rest.delete("#{actor_path}/#{new_resource.name}")
+        Chef::Log.info("#{new_resource} deleted #{actor_type} #{new_resource.name} at #{rest.url}")
+      end
+    end
+    if current_resource.output_key_path
+      converge_by "delete public key #{current_resource.output_key_path}" do
+        ::File.unlink(current_resource.output_key_path)
+      end
+    end
+  end
+
+  def new_public_key
+    @new_public_key ||= begin
+      if new_resource.source_key
+        if new_resource.source_key.is_a?(String)
+          key, key_format = Cheffish::KeyFormatter.decode(new_resource.source_key)
+
+          if key.private?
+            key.public_key
+          else
+            key
+          end
+        elsif new_resource.source_key.private?
+          new_resource.source_key.public_key
+        else
+          new_resource.source_key
+        end
+      elsif new_resource.source_key_path
+        source_key_path = new_resource.source_key_path
+        if Pathname.new(source_key_path).relative?
+          source_key_str, source_key_path = Cheffish.get_private_key_with_path(source_key_path, run_context.config)
+        else
+          source_key_str = IO.read(source_key_path)
+        end
+        source_key, source_key_format = Cheffish::KeyFormatter.decode(source_key_str, new_resource.source_key_pass_phrase, source_key_path)
+        if source_key.private?
+          source_key.public_key
+        else
+          source_key
+        end
+      else
+        nil
+      end
+    end
+  end
+
+  def augment_new_json(json)
+    if new_public_key
+      json['public_key'] = new_public_key.to_pem
+    end
+    json
+  end
+
+  def load_current_resource
+    begin
+      json = rest.get("#{actor_path}/#{new_resource.name}")
+      @current_resource = json_to_resource(json)
+    rescue Net::HTTPServerException => e
+      if e.response.code == "404"
+        @current_resource = not_found_resource
+      else
+        raise
+      end
+    end
+
+    if new_resource.output_key_path && ::File.exist?(new_resource.output_key_path)
+      current_resource.output_key_path = new_resource.output_key_path
+    end
+  end
+end

data/lib/cheffish/basic_chef_client.rb

@@ -0,0 +1,115 @@
+require 'cheffish/version'
+require 'chef/dsl/recipe'
+require 'chef/event_dispatch/base'
+require 'chef/event_dispatch/dispatcher'
+require 'chef/node'
+require 'chef/run_context'
+require 'chef/runner'
+require 'forwardable'
+require 'chef/providers'
+require 'chef/resources'
+
+module Cheffish
+  class BasicChefClient
+    include Chef::DSL::Recipe
+
+    def initialize(node = nil, events = nil)
+      if !node
+        node = Chef::Node.new
+        node.name 'basic_chef_client'
+        node.automatic[:platform] = 'basic_chef_client'
+        node.automatic[:platform_version] = Cheffish::VERSION
+      end
+
+      @event_catcher = BasicChefClientEvents.new
+      dispatcher = Chef::EventDispatch::Dispatcher.new(@event_catcher)
+      dispatcher.register(events) if events
+      @run_context = Chef::RunContext.new(node, {}, dispatcher)
+      @updated = []
+      @cookbook_name = 'basic_chef_client'
+    end
+
+    extend Forwardable
+
+    # Stuff recipes need
+    attr_reader :run_context
+    attr_accessor :cookbook_name
+    attr_accessor :recipe_name
+    def_delegators :@run_context, :resource_collection, :immediate_notifications, :delayed_notifications
+
+    def add_resource(resource)
+      resource.run_context = run_context
+      run_context.resource_collection.insert(resource)
+    end
+
+    def load_block(&block)
+      @recipe_name = 'block'
+      instance_eval(&block)
+    end
+
+    def converge
+      Chef::Runner.new(self).converge
+    end
+
+    def updates
+      @event_catcher.updates
+    end
+
+    def updated?
+      @event_catcher.updates.size > 0
+    end
+
+    # Builds a resource sans context, which can be later used in a new client's
+    # add_resource() method.
+    def self.build_resource(type, name, created_at=nil, &resource_attrs_block)
+      created_at ||= caller[0]
+      result = BasicChefClient.new.build_resource(type, name, created_at, &resource_attrs_block)
+      result
+    end
+
+    def self.inline_resource(provider, provider_action, *resources, &block)
+      events = ProviderEventForwarder.new(provider, provider_action)
+      client = BasicChefClient.new(provider.node, events)
+      resources.each do |resource|
+        client.add_resource(resource)
+      end
+      client.load_block(&block) if block
+      client.converge
+      client.updated?
+    end
+
+    def self.converge_block(node = nil, events = nil, &block)
+      client = BasicChefClient.new(node, events)
+      client.load_block(&block)
+      client.converge
+      client.updated?
+    end
+
+    class BasicChefClientEvents < Chef::EventDispatch::Base
+      def initialize
+        @updates = []
+      end
+
+      attr_reader :updates
+
+      # Called after a resource has been completely converged.
+      def resource_updated(resource, action)
+        updates << [ resource, action ]
+      end
+    end
+
+    class ProviderEventForwarder < Chef::EventDispatch::Base
+      def initialize(provider, provider_action)
+        @provider = provider
+        @provider_action = provider_action
+      end
+
+      attr_reader :provider
+      attr_reader :provider_action
+
+      def resource_update_applied(resource, action, update)
+        provider.run_context.events.resource_update_applied(provider.new_resource, provider_action, update)
+      end
+    end
+  end
+end

data/lib/cheffish/chef_provider_base.rb

@@ -0,0 +1,231 @@
+require 'chef/config'
+require 'chef/run_list'
+require 'chef/provider/lwrp_base'
+
+module Cheffish
+  class ChefProviderBase < Chef::Provider::LWRPBase
+    def rest
+      @rest ||= Cheffish.chef_server_api(new_resource.chef_server)
+    end
+
+    def current_resource_exists?
+      Array(current_resource.action) != [ :delete ]
+    end
+
+    def not_found_resource
+      resource = resource_class.new(new_resource.name, run_context)
+      resource.action :delete
+      resource
+    end
+
+    def normalize_for_put(json)
+      data_handler.normalize_for_put(json, fake_entry)
+    end
+
+    def normalize_for_post(json)
+      data_handler.normalize_for_post(json, fake_entry)
+    end
+
+    def new_json
+      @new_json ||= begin
+        if new_resource.complete
+          result = normalize(resource_to_json(new_resource))
+        else
+          # If resource is incomplete, use current json to fill any holes
+          result = Chef::Mixin::DeepMerge.hash_only_merge(current_json, resource_to_json(new_resource))
+        end
+        augment_new_json(result)
+      end
+    end
+
+    # Meant to be overridden
+    def augment_new_json(json)
+      json
+    end
+
+    def current_json
+      @current_json ||= begin
+        result = normalize(resource_to_json(current_resource))
+        result = augment_current_json(result)
+        result
+      end
+    end
+
+    # Meant to be overridden
+    def augment_current_json(json)
+      json
+    end
+
+    def resource_to_json(resource)
+      json = resource.raw_json || {}
+      keys.each do |json_key, resource_key|
+        value = resource.send(resource_key)
+        json[json_key] = value if value
+      end
+      json
+    end
+
+    def json_to_resource(json)
+      resource = resource_class.new(new_resource.name, run_context)
+      keys.each do |json_key, resource_key|
+        resource.send(resource_key, json.delete(json_key))
+      end
+      # Set the leftover to raw_json
+      resource.raw_json json
+      resource
+    end
+
+    def normalize(json)
+      data_handler.normalize(json, fake_entry)
+    end
+
+    def json_differences(old_json, new_json, print_values=true, name = '', result = nil)
+      result ||= []
+      json_differences_internal(old_json, new_json, print_values, name, result)
+      result
+    end
+
+    def json_differences_internal(old_json, new_json, print_values, name, result)
+      if old_json.kind_of?(Hash) && new_json.kind_of?(Hash)
+        removed_keys = old_json.keys.inject({}) { |hash, key| hash[key] = true; hash }
+        new_json.each_pair do |new_key, new_value|
+          if old_json.has_key?(new_key)
+            removed_keys.delete(new_key)
+            if new_value != old_json[new_key]
+              json_differences_internal(old_json[new_key], new_value, print_values, name == '' ? new_key : "#{name}.#{new_key}", result)
+            end
+          else
+            if print_values
+              result << "  add #{name == '' ? new_key : "#{name}.#{new_key}"} = #{new_value.inspect}"
+            else
+              result << "  add #{name == '' ? new_key : "#{name}.#{new_key}"}"
+            end
+          end
+        end
+        removed_keys.keys.each do |removed_key|
+          result << "  remove #{name == '' ? removed_key : "#{name}.#{removed_key}"}"
+        end
+      else
+        old_json = old_json.to_s if old_json.kind_of?(Symbol)
+        new_json = new_json.to_s if new_json.kind_of?(Symbol)
+        if old_json != new_json
+          if print_values
+            result << "  update #{name} from #{old_json.inspect} to #{new_json.inspect}"
+          else
+            result << "  update #{name}"
+          end
+        end
+      end
+    end
+
+    def apply_modifiers(modifiers, json)
+      return json if !modifiers || modifiers.size == 0
+
+      # If the attributes have nothing, set them to {} so we have something to add to
+      if json
+        json = Marshal.load(Marshal.dump(json)) # Deep copy
+      else
+        json = {}
+      end
+
+      modifiers.each do |path, value|
+        path = [path] if !path.kind_of?(Array)
+        path = path.map { |path_part| path_part.to_s }
+        parent = path[0..-2].inject(json) { |hash, path_part| hash ? hash[path_part] : nil }
+        existing_value = parent ? parent[path[-1]] : nil
+
+        if value.is_a?(Proc)
+          value = value.call(existing_value)
+        end
+        if value == :delete
+          parent.delete(path[-1]) if parent
+          # TODO clean up parent chain if hash is completely emptied
+        else
+          if !parent
+            # Create parent if necessary
+            parent = path[0..-2].inject(json) do |hash, path_part|
+              hash[path_part] = {} if !hash[path_part]
+              hash[path_part]
+            end
+          end
+          parent[path[-1]] = value
+        end
+      end
+      json
+    end
+
+    def apply_run_list_modifiers(add_to_run_list, delete_from_run_list, run_list)
+      return run_list if (!add_to_run_list || add_to_run_list.size == 0) && (!delete_from_run_list || !delete_from_run_list.size)
+      delete_from_run_list ||= []
+      add_to_run_list ||= []
+
+      run_list = Chef::RunList.new(*run_list)
+
+      result = []
+      add_to_run_list_index = 0
+      run_list_index = 0
+      while run_list_index < run_list.run_list_items.size do
+        # See if the desired run list has this item
+        found_desired = add_to_run_list.index { |item| same_run_list_item(item, run_list[run_list_index]) }
+        if found_desired
+          # If so, copy all items up to that desired run list (to preserve order).
+          # If a run list item is out of order (run_list = X, B, Y, A, Z and desired = A, B)
+          # then this will give us X, A, B.  When A is found later, nothing will be copied
+          # because found_desired will be less than add_to_run_list_index.  The result will
+          # be X, A, B, Y, Z.
+          if found_desired >= add_to_run_list_index
+            result += add_to_run_list[add_to_run_list_index..found_desired].map { |item| item.to_s }
+            add_to_run_list_index = found_desired+1
+          end
+        else
+          # If not, just copy it in
+          unless delete_from_run_list.index { |item| same_run_list_item(item, run_list[run_list_index]) }
+            result << run_list[run_list_index].to_s
+          end
+        end
+        run_list_index += 1
+      end
+
+      # Copy any remaining desired items at the end
+      result += add_to_run_list[add_to_run_list_index..-1].map { |item| item.to_s }
+      result
+    end
+
+    def same_run_list_item(a, b)
+      a_name = a.name
+      b_name = b.name
+      # Handle "a::default" being the same as "a"
+      if a.type == :recipe && a_name =~ /(.+)::default$/
+        a_name = $1
+      elsif b.type == :recipe && b_name =~ /(.+)::default$/
+        b_name = $1
+      end
+
+      a_name == b_name && a.type == b.type # We want to replace things with same name and different version
+    end
+
+    private
+
+    # Needed to be able to use DataHandler classes
+    def fake_entry
+      FakeEntry.new("#{new_resource.send(keys.values.first)}.json")
+    end
+
+    class FakeEntry
+      def initialize(name, parent = nil)
+        @name = name
+        @parent = parent
+        @org = nil
+      end
+
+      attr_reader :name
+      attr_reader :parent
+      attr_reader :org
+    end
+  end
+
+  # We are not interested in Chef's cloning behavior here.
+  def load_prior_resource
+    Chef::Log.debug("Overloading #{resource_name}.load_prior_resource with NOOP")
+  end
+end