RubyGems - cloud-mu - Versions diffs - 2.1.0beta → 3.0.0beta - Mend

cloud-mu 2.1.0beta → 3.0.0beta

Files changed (291) hide show

checksums.yaml +5 -5
data/Berksfile +4 -5
data/Berksfile.lock +179 -0
data/README.md +1 -6
data/ansible/roles/geerlingguy.firewall/templates/firewall.bash.j2 +0 -0
data/ansible/roles/mu-installer/README.md +33 -0
data/ansible/roles/mu-installer/defaults/main.yml +2 -0
data/ansible/roles/mu-installer/handlers/main.yml +2 -0
data/ansible/roles/mu-installer/meta/main.yml +60 -0
data/ansible/roles/mu-installer/tasks/main.yml +13 -0
data/ansible/roles/mu-installer/tests/inventory +2 -0
data/ansible/roles/mu-installer/tests/test.yml +5 -0
data/ansible/roles/mu-installer/vars/main.yml +2 -0
data/bin/mu-adopt +125 -0
data/bin/mu-aws-setup +4 -4
data/bin/mu-azure-setup +265 -0
data/bin/mu-azure-tests +43 -0
data/bin/mu-cleanup +20 -8
data/bin/mu-configure +224 -98
data/bin/mu-deploy +8 -3
data/bin/mu-gcp-setup +16 -8
data/bin/mu-gen-docs +92 -8
data/bin/mu-load-config.rb +52 -12
data/bin/mu-momma-cat +36 -0
data/bin/mu-node-manage +34 -27
data/bin/mu-self-update +2 -2
data/bin/mu-ssh +12 -8
data/bin/mu-upload-chef-artifacts +11 -4
data/bin/mu-user-manage +3 -0
data/cloud-mu.gemspec +8 -11
data/cookbooks/firewall/libraries/helpers_iptables.rb +2 -2
data/cookbooks/firewall/metadata.json +1 -1
data/cookbooks/firewall/recipes/default.rb +5 -9
data/cookbooks/mu-firewall/attributes/default.rb +2 -0
data/cookbooks/mu-firewall/metadata.rb +1 -1
data/cookbooks/mu-glusterfs/templates/default/mu-gluster-client.erb +0 -0
data/cookbooks/mu-master/Berksfile +2 -2
data/cookbooks/mu-master/files/default/check_mem.pl +0 -0
data/cookbooks/mu-master/files/default/cloudamatic.png +0 -0
data/cookbooks/mu-master/metadata.rb +5 -4
data/cookbooks/mu-master/recipes/389ds.rb +1 -1
data/cookbooks/mu-master/recipes/basepackages.rb +30 -10
data/cookbooks/mu-master/recipes/default.rb +59 -7
data/cookbooks/mu-master/recipes/firewall-holes.rb +1 -1
data/cookbooks/mu-master/recipes/init.rb +65 -47
data/cookbooks/mu-master/recipes/{eks-kubectl.rb → kubectl.rb} +4 -10
data/cookbooks/mu-master/recipes/sssd.rb +2 -1
data/cookbooks/mu-master/recipes/update_nagios_only.rb +6 -6
data/cookbooks/mu-master/templates/default/web_app.conf.erb +2 -2
data/cookbooks/mu-master/templates/mods/ldap.conf.erb +4 -0
data/cookbooks/mu-php54/Berksfile +1 -2
data/cookbooks/mu-php54/metadata.rb +4 -5
data/cookbooks/mu-php54/recipes/default.rb +1 -1
data/cookbooks/mu-splunk/templates/default/splunk-init.erb +0 -0
data/cookbooks/mu-tools/Berksfile +3 -2
data/cookbooks/mu-tools/files/default/Mu_CA.pem +33 -0
data/cookbooks/mu-tools/libraries/helper.rb +20 -8
data/cookbooks/mu-tools/metadata.rb +5 -2
data/cookbooks/mu-tools/recipes/apply_security.rb +2 -3
data/cookbooks/mu-tools/recipes/eks.rb +1 -1
data/cookbooks/mu-tools/recipes/gcloud.rb +5 -30
data/cookbooks/mu-tools/recipes/nagios.rb +1 -1
data/cookbooks/mu-tools/recipes/rsyslog.rb +1 -0
data/cookbooks/mu-tools/recipes/selinux.rb +19 -0
data/cookbooks/mu-tools/recipes/split_var_partitions.rb +0 -1
data/cookbooks/mu-tools/recipes/windows-client.rb +256 -122
data/cookbooks/mu-tools/resources/disk.rb +3 -1
data/cookbooks/mu-tools/templates/amazon/sshd_config.erb +1 -1
data/cookbooks/mu-tools/templates/default/etc_hosts.erb +1 -1
data/cookbooks/mu-tools/templates/default/{kubeconfig.erb → kubeconfig-eks.erb} +0 -0
data/cookbooks/mu-tools/templates/default/kubeconfig-gke.erb +27 -0
data/cookbooks/mu-tools/templates/windows-10/sshd_config.erb +137 -0
data/cookbooks/mu-utility/recipes/nat.rb +4 -0
data/extras/alpha.png +0 -0
data/extras/beta.png +0 -0
data/extras/clean-stock-amis +2 -2
data/extras/generate-stock-images +131 -0
data/extras/git-fix-permissions-hook +0 -0
data/extras/image-generators/AWS/centos6.yaml +17 -0
data/extras/image-generators/{aws → AWS}/centos7-govcloud.yaml +0 -0
data/extras/image-generators/{aws → AWS}/centos7.yaml +0 -0
data/extras/image-generators/{aws → AWS}/rhel7.yaml +0 -0
data/extras/image-generators/{aws → AWS}/win2k12.yaml +0 -0
data/extras/image-generators/{aws → AWS}/win2k16.yaml +0 -0
data/extras/image-generators/{aws → AWS}/windows.yaml +0 -0
data/extras/image-generators/{gcp → Google}/centos6.yaml +1 -0
data/extras/image-generators/Google/centos7.yaml +18 -0
data/extras/python_rpm/build.sh +0 -0
data/extras/release.png +0 -0
data/extras/ruby_rpm/build.sh +0 -0
data/extras/ruby_rpm/muby.spec +1 -1
data/install/README.md +43 -5
data/install/deprecated-bash-library.sh +0 -0
data/install/installer +1 -1
data/install/jenkinskeys.rb +0 -0
data/install/mu-master.yaml +55 -0
data/modules/mommacat.ru +41 -7
data/modules/mu.rb +444 -149
data/modules/mu/adoption.rb +500 -0
data/modules/mu/cleanup.rb +235 -158
data/modules/mu/cloud.rb +675 -138
data/modules/mu/clouds/aws.rb +156 -24
data/modules/mu/clouds/aws/alarm.rb +4 -14
data/modules/mu/clouds/aws/bucket.rb +60 -18
data/modules/mu/clouds/aws/cache_cluster.rb +8 -20
data/modules/mu/clouds/aws/collection.rb +12 -22
data/modules/mu/clouds/aws/container_cluster.rb +209 -118
data/modules/mu/clouds/aws/database.rb +120 -45
data/modules/mu/clouds/aws/dnszone.rb +7 -18
data/modules/mu/clouds/aws/endpoint.rb +5 -15
data/modules/mu/clouds/aws/firewall_rule.rb +144 -72
data/modules/mu/clouds/aws/folder.rb +4 -11
data/modules/mu/clouds/aws/function.rb +6 -16
data/modules/mu/clouds/aws/group.rb +4 -12
data/modules/mu/clouds/aws/habitat.rb +11 -13
data/modules/mu/clouds/aws/loadbalancer.rb +40 -28
data/modules/mu/clouds/aws/log.rb +5 -13
data/modules/mu/clouds/aws/msg_queue.rb +9 -24
data/modules/mu/clouds/aws/nosqldb.rb +4 -12
data/modules/mu/clouds/aws/notifier.rb +6 -13
data/modules/mu/clouds/aws/role.rb +69 -40
data/modules/mu/clouds/aws/search_domain.rb +17 -20
data/modules/mu/clouds/aws/server.rb +184 -94
data/modules/mu/clouds/aws/server_pool.rb +33 -38
data/modules/mu/clouds/aws/storage_pool.rb +5 -12
data/modules/mu/clouds/aws/user.rb +59 -33
data/modules/mu/clouds/aws/userdata/linux.erb +18 -30
data/modules/mu/clouds/aws/userdata/windows.erb +9 -9
data/modules/mu/clouds/aws/vpc.rb +214 -145
data/modules/mu/clouds/azure.rb +978 -44
data/modules/mu/clouds/azure/container_cluster.rb +413 -0
data/modules/mu/clouds/azure/firewall_rule.rb +500 -0
data/modules/mu/clouds/azure/habitat.rb +167 -0
data/modules/mu/clouds/azure/loadbalancer.rb +205 -0
data/modules/mu/clouds/azure/role.rb +211 -0
data/modules/mu/clouds/azure/server.rb +810 -0
data/modules/mu/clouds/azure/user.rb +257 -0
data/modules/mu/clouds/azure/userdata/README.md +4 -0
data/modules/mu/clouds/azure/userdata/linux.erb +137 -0
data/modules/mu/clouds/azure/userdata/windows.erb +275 -0
data/modules/mu/clouds/azure/vpc.rb +782 -0
data/modules/mu/clouds/cloudformation.rb +12 -9
data/modules/mu/clouds/cloudformation/firewall_rule.rb +5 -13
data/modules/mu/clouds/cloudformation/server.rb +10 -1
data/modules/mu/clouds/cloudformation/server_pool.rb +1 -0
data/modules/mu/clouds/cloudformation/vpc.rb +0 -2
data/modules/mu/clouds/google.rb +554 -117
data/modules/mu/clouds/google/bucket.rb +173 -32
data/modules/mu/clouds/google/container_cluster.rb +1112 -157
data/modules/mu/clouds/google/database.rb +24 -47
data/modules/mu/clouds/google/firewall_rule.rb +344 -89
data/modules/mu/clouds/google/folder.rb +156 -79
data/modules/mu/clouds/google/group.rb +272 -82
data/modules/mu/clouds/google/habitat.rb +177 -52
data/modules/mu/clouds/google/loadbalancer.rb +9 -34
data/modules/mu/clouds/google/role.rb +1211 -0
data/modules/mu/clouds/google/server.rb +491 -227
data/modules/mu/clouds/google/server_pool.rb +233 -48
data/modules/mu/clouds/google/user.rb +479 -125
data/modules/mu/clouds/google/userdata/linux.erb +3 -3
data/modules/mu/clouds/google/userdata/windows.erb +9 -9
data/modules/mu/clouds/google/vpc.rb +381 -223
data/modules/mu/config.rb +689 -214
data/modules/mu/config/bucket.rb +1 -1
data/modules/mu/config/cache_cluster.rb +1 -1
data/modules/mu/config/cache_cluster.yml +0 -4
data/modules/mu/config/container_cluster.rb +18 -9
data/modules/mu/config/database.rb +6 -23
data/modules/mu/config/firewall_rule.rb +9 -15
data/modules/mu/config/folder.rb +22 -21
data/modules/mu/config/habitat.rb +22 -21
data/modules/mu/config/loadbalancer.rb +2 -2
data/modules/mu/config/role.rb +9 -40
data/modules/mu/config/server.rb +26 -5
data/modules/mu/config/server_pool.rb +1 -1
data/modules/mu/config/storage_pool.rb +2 -2
data/modules/mu/config/user.rb +4 -0
data/modules/mu/config/vpc.rb +350 -110
data/modules/mu/defaults/{amazon_images.yaml → AWS.yaml} +37 -39
data/modules/mu/defaults/Azure.yaml +17 -0
data/modules/mu/defaults/Google.yaml +24 -0
data/modules/mu/defaults/README.md +1 -1
data/modules/mu/deploy.rb +168 -125
data/modules/mu/groomer.rb +2 -1
data/modules/mu/groomers/ansible.rb +104 -32
data/modules/mu/groomers/chef.rb +96 -44
data/modules/mu/kittens.rb +20602 -0
data/modules/mu/logger.rb +38 -11
data/modules/mu/master.rb +90 -8
data/modules/mu/master/chef.rb +2 -3
data/modules/mu/master/ldap.rb +0 -1
data/modules/mu/master/ssl.rb +250 -0
data/modules/mu/mommacat.rb +917 -513
data/modules/scratchpad.erb +1 -1
data/modules/tests/super_complex_bok.yml +0 -0
data/modules/tests/super_simple_bok.yml +0 -0
data/roles/mu-master.json +2 -1
data/spec/azure_creds +5 -0
data/spec/mu.yaml +56 -0
data/spec/mu/clouds/azure_spec.rb +164 -27
data/spec/spec_helper.rb +5 -0
data/test/clean_up.py +0 -0
data/test/exec_inspec.py +0 -0
data/test/exec_mu_install.py +0 -0
data/test/exec_retry.py +0 -0
data/test/smoke_test.rb +0 -0
metadata +90 -118
data/cookbooks/mu-jenkins/Berksfile +0 -14
data/cookbooks/mu-jenkins/CHANGELOG.md +0 -13
data/cookbooks/mu-jenkins/LICENSE +0 -37
data/cookbooks/mu-jenkins/README.md +0 -105
data/cookbooks/mu-jenkins/attributes/default.rb +0 -42
data/cookbooks/mu-jenkins/files/default/cleanup_deploy_config.xml +0 -73
data/cookbooks/mu-jenkins/files/default/deploy_config.xml +0 -44
data/cookbooks/mu-jenkins/metadata.rb +0 -21
data/cookbooks/mu-jenkins/recipes/default.rb +0 -195
data/cookbooks/mu-jenkins/recipes/node-ssh-config.rb +0 -54
data/cookbooks/mu-jenkins/recipes/public_key.rb +0 -24
data/cookbooks/mu-jenkins/templates/default/example_job.config.xml.erb +0 -24
data/cookbooks/mu-jenkins/templates/default/org.jvnet.hudson.plugins.SSHBuildWrapper.xml.erb +0 -14
data/cookbooks/mu-jenkins/templates/default/ssh_config.erb +0 -6
data/cookbooks/nagios/Berksfile +0 -11
data/cookbooks/nagios/CHANGELOG.md +0 -589
data/cookbooks/nagios/CONTRIBUTING.md +0 -11
data/cookbooks/nagios/LICENSE +0 -37
data/cookbooks/nagios/README.md +0 -328
data/cookbooks/nagios/TESTING.md +0 -2
data/cookbooks/nagios/attributes/config.rb +0 -171
data/cookbooks/nagios/attributes/default.rb +0 -228
data/cookbooks/nagios/chefignore +0 -102
data/cookbooks/nagios/definitions/command.rb +0 -33
data/cookbooks/nagios/definitions/contact.rb +0 -33
data/cookbooks/nagios/definitions/contactgroup.rb +0 -33
data/cookbooks/nagios/definitions/host.rb +0 -33
data/cookbooks/nagios/definitions/hostdependency.rb +0 -33
data/cookbooks/nagios/definitions/hostescalation.rb +0 -34
data/cookbooks/nagios/definitions/hostgroup.rb +0 -33
data/cookbooks/nagios/definitions/nagios_conf.rb +0 -38
data/cookbooks/nagios/definitions/resource.rb +0 -33
data/cookbooks/nagios/definitions/service.rb +0 -33
data/cookbooks/nagios/definitions/servicedependency.rb +0 -33
data/cookbooks/nagios/definitions/serviceescalation.rb +0 -34
data/cookbooks/nagios/definitions/servicegroup.rb +0 -33
data/cookbooks/nagios/definitions/timeperiod.rb +0 -33
data/cookbooks/nagios/libraries/base.rb +0 -314
data/cookbooks/nagios/libraries/command.rb +0 -91
data/cookbooks/nagios/libraries/contact.rb +0 -230
data/cookbooks/nagios/libraries/contactgroup.rb +0 -112
data/cookbooks/nagios/libraries/custom_option.rb +0 -36
data/cookbooks/nagios/libraries/data_bag_helper.rb +0 -23
data/cookbooks/nagios/libraries/default.rb +0 -90
data/cookbooks/nagios/libraries/host.rb +0 -412
data/cookbooks/nagios/libraries/hostdependency.rb +0 -181
data/cookbooks/nagios/libraries/hostescalation.rb +0 -173
data/cookbooks/nagios/libraries/hostgroup.rb +0 -119
data/cookbooks/nagios/libraries/nagios.rb +0 -282
data/cookbooks/nagios/libraries/resource.rb +0 -59
data/cookbooks/nagios/libraries/service.rb +0 -455
data/cookbooks/nagios/libraries/servicedependency.rb +0 -215
data/cookbooks/nagios/libraries/serviceescalation.rb +0 -195
data/cookbooks/nagios/libraries/servicegroup.rb +0 -144
data/cookbooks/nagios/libraries/timeperiod.rb +0 -160
data/cookbooks/nagios/libraries/users_helper.rb +0 -54
data/cookbooks/nagios/metadata.rb +0 -25
data/cookbooks/nagios/recipes/_load_databag_config.rb +0 -153
data/cookbooks/nagios/recipes/_load_default_config.rb +0 -241
data/cookbooks/nagios/recipes/apache.rb +0 -48
data/cookbooks/nagios/recipes/default.rb +0 -204
data/cookbooks/nagios/recipes/nginx.rb +0 -82
data/cookbooks/nagios/recipes/pagerduty.rb +0 -143
data/cookbooks/nagios/recipes/server_package.rb +0 -40
data/cookbooks/nagios/recipes/server_source.rb +0 -164
data/cookbooks/nagios/templates/default/apache2.conf.erb +0 -96
data/cookbooks/nagios/templates/default/cgi.cfg.erb +0 -266
data/cookbooks/nagios/templates/default/commands.cfg.erb +0 -13
data/cookbooks/nagios/templates/default/contacts.cfg.erb +0 -37
data/cookbooks/nagios/templates/default/hostgroups.cfg.erb +0 -25
data/cookbooks/nagios/templates/default/hosts.cfg.erb +0 -15
data/cookbooks/nagios/templates/default/htpasswd.users.erb +0 -6
data/cookbooks/nagios/templates/default/nagios.cfg.erb +0 -22
data/cookbooks/nagios/templates/default/nginx.conf.erb +0 -62
data/cookbooks/nagios/templates/default/pagerduty.cgi.erb +0 -185
data/cookbooks/nagios/templates/default/resource.cfg.erb +0 -27
data/cookbooks/nagios/templates/default/servicedependencies.cfg.erb +0 -15
data/cookbooks/nagios/templates/default/servicegroups.cfg.erb +0 -14
data/cookbooks/nagios/templates/default/services.cfg.erb +0 -14
data/cookbooks/nagios/templates/default/templates.cfg.erb +0 -31
data/cookbooks/nagios/templates/default/timeperiods.cfg.erb +0 -13
data/extras/image-generators/aws/centos6.yaml +0 -18
data/modules/mu/defaults/google_images.yaml +0 -16
data/roles/mu-master-jenkins.json +0 -24

data/bin/mu-deploy CHANGED

@@ -42,6 +42,8 @@ Usage:
   opt :cloudformation_output, "When emitting a CloudFormation template, put the final product in this location instead of in /tmp. Takes a local file path or an s3:// URI. S3 uploads will be given AUTHENTICATED-READ permissions.", :require => false, :type => :string
   opt :verbose, "Display debugging output.", :require => false, :default => false, :type => :boolean
   opt :quiet, "Display minimal output.", :require => false, :default => false, :type => :boolean
+  opt :color, "Display log output in human-friendly colors.", :require => false, :default => true, :type => :boolean
+  opt :credentials, "Set the default credential set to use for resources which do not specify a default", :require => false, :type => :string
 end
 verbosity = MU::Logger::NORMAL
 verbosity = MU::Logger::LOUD if $opts[:verbose]
@@ -58,7 +60,7 @@ if $opts[:liveupdate] and !$opts[:update]
 end
 MU.setVar("curRegion", $opts[:region]) if $opts[:region]
-MU.setLogging(verbosity, $opts[:web])
+MU.setLogging(verbosity, $opts[:web], STDOUT, $opts[:color])
 # Parse any paramater options into something useable.
 params = Hash.new
@@ -87,11 +89,11 @@ end
 MU.log "Loading #{config}", html: $opts[:web], details: $opts
-conf_engine = MU::Config.new(config, $opts[:skipinitialupdates], params: params, updating: $opts[:update])
+conf_engine = MU::Config.new(config, $opts[:skipinitialupdates], params: params, updating: $opts[:update], default_credentials: $opts[:credentials])
 stack_conf = conf_engine.config
 if $opts[:dryrun] or $opts[:verbose]
-  puts stack_conf.to_yaml
+  puts MU::Config.stripConfig(stack_conf).to_yaml
   conf_engine.visualizeDependencies
 end
@@ -112,6 +114,7 @@ if $opts[:dryrun]
       cost_dummy_deploy = MU::Deploy.new(
         $opts[:environment],
         verbosity: MU::Logger::SILENT,
+        color: $opts[:color],
         force_cloudformation: true,
         cloudformation_path: "/dev/null",
         nocleanup: false,
@@ -135,6 +138,7 @@ if $opts[:update]
   deployer = MU::Deploy.new(
     deploy.environment,
     verbosity: verbosity,
+    color: $opts[:color],
     webify_logs: $opts[:web],
     nocleanup: true, # don't accidentally blow up an existing deploy
     stack_conf: stack_conf,
@@ -156,6 +160,7 @@ end
 deployer = MU::Deploy.new(
   $opts[:environment],
   verbosity: verbosity,
+  color: $opts[:color],
   webify_logs: $opts[:web],
   nocleanup: $opts[:nocleanup],
   cloudformation_path: cfm_path,

data/bin/mu-gcp-setup CHANGED

@@ -31,6 +31,7 @@ require 'erb'
 require 'optimist'
 require 'json-schema'
 require 'mu'
+require 'mu/master/ssl'
 Dir.chdir(MU.installDir)
 $opts = Optimist::options do
@@ -64,7 +65,7 @@ my_instance_id = MU::Cloud::AWS.getAWSMetaData("instance-id")
 if MU::Cloud::Google.hosted?
   instance = MU.myCloudDescriptor
-  admin_sg_name = "mu-master-"+MU.myInstanceId+"-ingress-allow"
+  admin_sg_name = MU.myInstanceId+"-"+MU.myVPC+"-ingress-allow"
   if !instance.tags.items or !instance.tags.items.include?(admin_sg_name)
     newitems = instance.tags.items ? instance.tags.items.dup : []
     newitems << admin_sg_name
@@ -87,9 +88,10 @@ end
 # Create a security group, or manipulate an existing one, so that we have all
 # of the appropriate network holes.
 if $opts[:sg]
-  open_ports = [80, 443, 2260, 7443, 8443, 9443, 8200]
+  open_ports = [80, 443, MU.mommaCatPort, 7443, 8443, 9443, 8200]
   found = MU::MommaCat.findStray("Google", "firewall_rule", dummy_ok: true, cloud_id: admin_sg_name)
+  found.reject! { |v| v.cloud_desc.network != MU.myVPC }
   admin_sg = found.first if !found.nil? and found.size > 0
   rules = []
@@ -108,21 +110,27 @@ if $opts[:sg]
   }
   cfg = {
     "name" => admin_sg_name,
+    "scrub_mu_isms" => true,
     "cloud" => "Google",
     "rules" => rules,
     "project" => MU::Cloud::Google.myProject,
     "target_tags" => [admin_sg_name],
     "vpc" => {
-      "vpc_id" => instance.network_interfaces.first.network
+      "id" => MU.myVPC
     }
   }
   if !admin_sg
-    admin_sg = MU::Cloud::FirewallRule.new(kitten_cfg: cfg, mu_name: "mu-master-"+MU.myInstanceId)
-    admin_sg.create
-    admin_sg.groom
+    admin_sg = MU::Cloud::FirewallRule.new(kitten_cfg: cfg, mu_name: admin_sg_name)
+    begin
+      admin_sg.create
+    rescue ::Google::Apis::ClientError => e
+      raise e if !e.message.match(/alreadyExists: /)
+    ensure
+      admin_sg.groom
+    end
   else
-# TODO Make sure the rules and tags are up to date
+    admin_sg.groom
   end
 end
@@ -208,7 +216,7 @@ end
 if $opts[:uploadlogs]
   today = Time.new.strftime("%Y%m%d").to_s
   ["master.log", "nodes.log"].each { |log|
-    if File.exists?("/Mu_Logs/#{log}-#{today}")
+    if File.exist?("/Mu_Logs/#{log}-#{today}")
       MU.log "Uploading /Mu_Logs/#{log}-#{today} to bucket #{$bucketname}"
       MU::Cloud::AWS.s3.put_object(
           bucket: $bucketname,

data/bin/mu-gen-docs CHANGED

@@ -20,10 +20,9 @@ end
 require 'rubygems'
 require 'bundler/setup'
-require 'json'
 require 'erb'
-require 'optimist'
-require 'json-schema'
+require 'tempfile'
+require 'fileutils'
 require File.realpath(File.expand_path(File.dirname(__FILE__)+"/mu-load-config.rb"))
 require 'mu'
@@ -43,19 +42,104 @@ rescue
   yard = File.dirname(Gem.ruby)+'/yard'
 end
+docdir = Process.uid == 0 ? "/var/www/html/docs" : MU.dataDir+"/docs"
+if !Dir.exist?(docdir)
+  FileUtils.mkdir_p(docdir, mode: 0755)
+end
 MU::Config.emitSchemaAsRuby
-MU.log "Generating YARD documentation in /var/www/html/docs (see http://#{$MU_CFG['public_address']}/docs/frames.html)"
+if Process.uid == 0
+  MU.log "Generating YARD documentation in #{docdir} (see http://#{$MU_CFG['public_address']}/docs/frames.html)"
+else
+  MU.log "Generating YARD documentation in #{docdir}"
+end
 File.umask 0022
 Dir.chdir(MU.myRoot) do
-  #exec "env -i PATH=#{ENV['PATH']} HOME=#{ENV['HOME']} #{yard} doc modules -m markdown -o /var/www/html/docs" THIS DOESNT WORK IN CICD
+  imgs = %w{alpha.png beta.png release.png}
+  FileUtils.cp(imgs.map { |f| "extras/"+f }, docdir)
+  FileUtils.chmod(0644, imgs.map { |f| docdir+"/"+f })
+  readme = File.read("README.md")
+  readme += <<EOF
+# Supported resources
+EOF
-  system(%Q{#{yard} doc modules -m markdown -o /var/www/html/docs})
+  impl_counts = {}
+  cloudlist = MU::Cloud.supportedClouds.sort { |a, b|
+    counts = {
+      a => 0,
+      b => 0
+    }
+    MU::Cloud.resource_types.each_pair { |type, cfg|
+      impl_counts[type] ||= 0
+      [a, b].each { |cloud|
+        begin
+          myclass = Object.const_get("MU").const_get("Cloud").const_get(cloud).const_get(type)
+          case myclass.quality
+          when MU::Cloud::RELEASE
+            counts[cloud] += 4
+            impl_counts[type] += 4
+          when MU::Cloud::BETA
+            counts[cloud] += 2
+            impl_counts[type] += 2
+          when MU::Cloud::ALPHA
+            counts[cloud] += 1
+            impl_counts[type] += 1
+          end
+        rescue MU::Cloud::MuCloudResourceNotImplemented
+        end
+      }
+    }
+    counts[b] <=> counts[a]
+  }
-  system(%Q{chcon -R -h -t httpd_sys_script_exec_t /var/www/html/})
+  readme += "\n\n<table><tr><th></th>"
+  cloudlist.each { |cloud|
+    readme += "<th>"+cloud+"</th>"
+  }
+  readme += "</tr>\n"
+  icon_style = 'height:2.2em;width:2.2em;padding:0px;'
+  MU::Cloud.resource_types.keys.sort { |a, b| impl_counts[b] <=> impl_counts[a] }.each { |type|
+    readme += "<tr><td><strong>{MU::Config::BasketofKittens::#{MU::Cloud.resource_types[type][:cfg_plural]} #{type.to_s}}</strong></td>"
+    cloudlist.each { |cloud|
+      readme += "<td><center>"
+      begin
+        myclass = Object.const_get("MU").const_get("Cloud").const_get(cloud).const_get(type)
+        case myclass.quality
+        when MU::Cloud::RELEASE
+          readme += "<img src='release.png' style='#{icon_style}' title='Release Quality' alt='[Release Quality]'>"
+        when MU::Cloud::BETA
+          readme += "<img src='beta.png' style='#{icon_style}' title='Beta Quality' alt='[Beta Quality]'>"
+        when MU::Cloud::ALPHA
+          readme += "<img src='alpha.png' style='#{icon_style}' title='Alpha Quality' alt='[Alpha Quality]'>"
+        else
+          readme += "?"
+        end
+      rescue MU::Cloud::MuCloudResourceNotImplemented
+        readme += "-"
+      end
+      readme += "</center></td>"
+    }
+    readme += "</tr>\n"
+  }
+  readme += "</table>\n\n"
+  idx = Tempfile.new('mu-gen-docs-index', MU.myRoot)
+  idx.write(readme)
+  idx.rewind
+  idx.close
+  idx_short = idx.path.gsub(/.*?\/([^\/]+)$/, '\1')
+  system(%Q{#{yard} doc modules --readme #{idx_short} --markup markdown --output-dir #{docdir}})
+  # --exclude seems to just... not work
+  FileUtils.rm(docdir+"/file."+idx_short+".html")
+  if Process.uid == 0
+    system(%Q{chcon -R -h -t httpd_sys_script_exec_t /var/www/html/})
+  end
   system(%Q{#{yard} stats --list-undoc modules})
 end

data/bin/mu-load-config.rb CHANGED

@@ -64,6 +64,7 @@ end
 # into the Ruby $LOAD_PATH.
 # @return [Hash]
 def loadMuConfig(default_cfg_overrides = nil)
   # Start with sane defaults
   default_cfg = {
     "installdir" => "/opt/mu",
@@ -109,9 +110,25 @@ def loadMuConfig(default_cfg_overrides = nil)
       "dcs" => ["127.0.0.1"]
     }
   }
+  in_gem = (Gem.paths and Gem.paths.home and File.dirname(__FILE__).match(/^#{Gem.paths.home}/))
+  if in_gem
+    default_cfg.delete("ldap")
+    default_cfg.delete("ssl")
+    default_cfg.delete("scratchpad")
+    default_cfg.delete("libdir")
+    default_cfg.delete("installdir")
+  else
+    if File.exist?("/opt/mu/etc/mu.yaml")
+      default_cfg.merge!(YAML.load(File.read("/opt/mu/etc/mu.yaml")))
+      default_cfg["config_files"] = ["/opt/mu/etc/mu.yaml"]
+    end
+  end
   default_cfg.merge!(default_cfg_overrides) if default_cfg_overrides
-  if !File.exists?(cfgPath) and Process.uid == 0
+  if !File.exist?(cfgPath) and Process.uid == 0
     puts "**** Master config #{cfgPath} does not exist, initializing *****"
     File.open(cfgPath, File::CREAT|File::TRUNC|File::RDWR, 0644){ |f|
       f.puts default_cfg.to_yaml
@@ -119,7 +136,7 @@ def loadMuConfig(default_cfg_overrides = nil)
   end
   global_cfg = { "config_files" => [] }
-  if File.exists?(cfgPath)
+  if File.exist?(cfgPath)
     global_cfg = YAML.load(File.read(cfgPath))
     global_cfg["config_files"] = [cfgPath]
   end
@@ -127,33 +144,39 @@ def loadMuConfig(default_cfg_overrides = nil)
   home = Etc.getpwuid(Process.uid).dir
   username = Etc.getpwuid(Process.uid).name
   if File.readable?("#{home}/.mu.yaml") and cfgPath != "#{home}/.mu.yaml"
-    global_cfg.merge!(YAML.load(File.read("#{home}/.mu.yaml")))
-    global_cfg["config_files"] << "#{home}/.mu.yaml"
+    localfile = YAML.load(File.read("#{home}/.mu.yaml"))
+    if localfile
+      global_cfg.merge!(localfile)
+      global_cfg["config_files"] << "#{home}/.mu.yaml"
+    end
   end
   if !global_cfg.has_key?("installdir")
     if ENV['MU_INSTALLDIR']
       global_cfg["installdir"] = ENV['MU_INSTALLDIR']
-    elsif Gem.paths and Gem.paths.home and !Dir.exists?("/opt/mu/lib")
-      global_cfg["installdir"] = File.realpath(File.expand_path(File.dirname(Gem.paths.home))+"/../../../")
-    else
+    elsif !in_gem
       global_cfg["installdir"] = "/opt/mu"
     end
   end
   if !global_cfg.has_key?("libdir")
     if ENV['MU_INSTALLDIR']
       global_cfg["libdir"] = ENV['MU_INSTALLDIR']+"/lib"
-    else
+    elsif !in_gem
       global_cfg["libdir"] = File.realpath(File.expand_path(File.dirname(__FILE__))+"/..")
     end
   end
   if !global_cfg.has_key?("datadir")
     if username != "root"
-      global_cfg["datadir"] = home+"/.mu"
+      global_cfg["datadir"] = home+"/.mu/var"
     elsif global_cfg.has_key?("installdir")
       global_cfg["datadir"] = global_cfg["installdir"]+"/var"
     else
       global_cfg["datadir"] = "/opt/mu/var"
     end
+    default_cfg["ssl"] = {
+      "cert" => global_cfg["datadir"]+"/ssl/mommacat.crt",
+      "key" => global_cfg["datadir"]+"/ssl/mommacat.key",
+      "chain" => global_cfg["datadir"]+"/ssl/Mu_CA.pem"
+    }
   end
   exit 1 if !validateClouds(global_cfg)
@@ -164,12 +187,29 @@ end
 # Shorthand for locating the path to mu.yaml
 def cfgPath
+  in_gem = false
+  gemwhich = %x{gem which mu 2>&1}.chomp
+  gemwhich = nil if $?.exitstatus != 0
+  mypath = File.realpath(File.expand_path(File.dirname(__FILE__)))
+  if !mypath.match(/^\/opt\/mu/)
+    if Gem.paths and Gem.paths.home and
+       (mypath.match(/^#{Gem.paths.home}/) or gemwhich.match(/^#{Gem.paths.home}/))
+      in_gem = true
+    elsif $?.exitstatus == 0 and gemwhich and !gemwhich.empty?
+      $LOAD_PATH.each { |path|
+        if path.match(/\/cloud-mu-[^\/]+\/modules/) or
+           path.match(/#{Regexp.quote(gemwhich)}/)
+          in_gem = true
+        end
+      }
+    end
+  end
   home = Etc.getpwuid(Process.uid).dir
   username = Etc.getpwuid(Process.uid).name
-  if Process.uid == 0
+  if Process.uid == 0 and !in_gem
     if ENV.include?('MU_INSTALLDIR')
       ENV['MU_INSTALLDIR']+"/etc/mu.yaml"
-    elsif Dir.exists?("/opt/mu")
+    elsif Dir.exist?("/opt/mu")
       "/opt/mu/etc/mu.yaml"
     else
       "#{home}/.mu.yaml"
@@ -180,7 +220,7 @@ def cfgPath
 end
 def cfgExists?
-  File.exists?(cfgPath)
+  File.exist?(cfgPath)
 end
 # Output an in-memory configuration hash to the standard config file location,

data/bin/mu-momma-cat ADDED

@@ -0,0 +1,36 @@
+#!/usr/local/ruby-current/bin/ruby
+# Copyright:: Copyright (c) 2019 eGlobalTech, Inc., all rights reserved
+#
+# Licensed under the BSD-3 license (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License in the root of the project or at
+#
+#     http://egt-labs.com/mu/LICENSE.html
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+require File.expand_path(File.dirname(__FILE__))+"/mu-load-config.rb"
+require 'rubygems'
+require 'bundler/setup'
+require 'mu'
+if ARGV.size > 1 or !["start", "stop", "restart"].include?(ARGV[0])
+  MU.log "Expecting start, stop, or restart argument", MU::ERR
+  exit 1
+end
+case ARGV[0]
+when "start"
+  MU::MommaCat.start
+when "stop"
+  MU::MommaCat.stop
+when "restart"
+  MU::MommaCat.restart
+when "status"
+  MU::MommaCat.status
+end

data/bin/mu-node-manage CHANGED

@@ -182,36 +182,38 @@ def reGroom(deploys = MU::MommaCat.listDeploys, nodes = [], vaults_only: false)
   deploys.each { |muid|
     mommacat = MU::MommaCat.new(muid)
     next if mommacat.kittens.nil? or mommacat.kittens['servers'].nil?
-    mommacat.kittens['servers'].each_pair { |nodeclass, servers|
-      servers.each_pair { |mu_name, server|
-        next if nodes.size > 0 and !nodes.include?(mu_name)
-        count = count + 1
-        child = Process.fork {
-          begin
-            type = "server"
-            type = "server_pool" if server.config.has_key?("basis")
-            if vaults_only
-              next if !server.config.has_key?("vault_access")
-              server.config["vault_access"].each { |v|
-                MU::Groomer::Chef.grantSecretAccess(mu_name, v['vault'], v['item'])
-              }
-            else
-              mommacat.groomNode(server.cloud_id, nodeclass, type, mu_name: mu_name)
+    mommacat.kittens['servers'].each_pair { |habitat, nodeclasses|
+      nodeclasses.each_pair { |nodeclass, servers|
+        servers.each_pair { |mu_name, server|
+          next if nodes.size > 0 and !nodes.include?(mu_name)
+          count = count + 1
+          child = Process.fork {
+            begin
+              type = "server"
+              type = "server_pool" if server.config.has_key?("basis")
+              if vaults_only
+                next if !server.config.has_key?("vault_access")
+                server.config["vault_access"].each { |v|
+                  MU::Groomer::Chef.grantSecretAccess(mu_name, v['vault'], v['item'])
+                }
+              else
+                mommacat.groomNode(server.cloud_id, nodeclass, type, mu_name: mu_name)
+              end
+            rescue Exception => e
+              MU.log e.inspect, MU::ERR, details: e.backtrace
+              exit 1
             end
-          rescue Exception => e
-            MU.log e.inspect, MU::ERR, details: e.backtrace
-            exit 1
-          end
+          }
+          $children[child] = mu_name
         }
-        $children[child] = mu_name
-      }
-      while $children.size >= $opts[:concurrent]-1
-        child = Process.wait
-        if !$?.success?
-          badnodes << $children[child]
+        while $children.size >= $opts[:concurrent]-1
+          child = Process.wait
+          if !$?.success?
+            badnodes << $children[child]
+          end
+          $children.delete(child)
         end
-        $children.delete(child)
-      end
+      }
     }
   }
   Process.waitall.each { |child|
@@ -240,6 +242,10 @@ def runCommand(deploys = MU::MommaCat.listDeploys, nodes = [], cmd = nil, print_
         done = false
         begin
           serverobj = mommacat.findLitterMate(type: "server", mu_name: nodename)
+          if !serverobj
+            MU.log "Failed to load server object for #{nodename}", MU::ERR
+            next
+          end
           # Generate the command if attemting a chef run
           if chefrun
@@ -419,6 +425,7 @@ def updateAWSMetaData(deploys = MU::MommaCat.listDeploys, nodes = [])
               "deploySSHKey" => mommacat.ssh_public_key,
               "muID" => muid,
               "muUser" => MU.chef_user,
+              "mommaCatPort" => MU.mommaCatPort,
               "publicIP" => MU.mu_public_ip,
               "resourceName" => svr_class,
               "windowsAdminName" => server['windows_admin_username'],