RubyGems - cloud-mu - Versions diffs - 2.1.0beta → 3.0.0beta - Mend

cloud-mu 2.1.0beta → 3.0.0beta

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (291) hide show

checksums.yaml +5 -5
data/Berksfile +4 -5
data/Berksfile.lock +179 -0
data/README.md +1 -6
data/ansible/roles/geerlingguy.firewall/templates/firewall.bash.j2 +0 -0
data/ansible/roles/mu-installer/README.md +33 -0
data/ansible/roles/mu-installer/defaults/main.yml +2 -0
data/ansible/roles/mu-installer/handlers/main.yml +2 -0
data/ansible/roles/mu-installer/meta/main.yml +60 -0
data/ansible/roles/mu-installer/tasks/main.yml +13 -0
data/ansible/roles/mu-installer/tests/inventory +2 -0
data/ansible/roles/mu-installer/tests/test.yml +5 -0
data/ansible/roles/mu-installer/vars/main.yml +2 -0
data/bin/mu-adopt +125 -0
data/bin/mu-aws-setup +4 -4
data/bin/mu-azure-setup +265 -0
data/bin/mu-azure-tests +43 -0
data/bin/mu-cleanup +20 -8
data/bin/mu-configure +224 -98
data/bin/mu-deploy +8 -3
data/bin/mu-gcp-setup +16 -8
data/bin/mu-gen-docs +92 -8
data/bin/mu-load-config.rb +52 -12
data/bin/mu-momma-cat +36 -0
data/bin/mu-node-manage +34 -27
data/bin/mu-self-update +2 -2
data/bin/mu-ssh +12 -8
data/bin/mu-upload-chef-artifacts +11 -4
data/bin/mu-user-manage +3 -0
data/cloud-mu.gemspec +8 -11
data/cookbooks/firewall/libraries/helpers_iptables.rb +2 -2
data/cookbooks/firewall/metadata.json +1 -1
data/cookbooks/firewall/recipes/default.rb +5 -9
data/cookbooks/mu-firewall/attributes/default.rb +2 -0
data/cookbooks/mu-firewall/metadata.rb +1 -1
data/cookbooks/mu-glusterfs/templates/default/mu-gluster-client.erb +0 -0
data/cookbooks/mu-master/Berksfile +2 -2
data/cookbooks/mu-master/files/default/check_mem.pl +0 -0
data/cookbooks/mu-master/files/default/cloudamatic.png +0 -0
data/cookbooks/mu-master/metadata.rb +5 -4
data/cookbooks/mu-master/recipes/389ds.rb +1 -1
data/cookbooks/mu-master/recipes/basepackages.rb +30 -10
data/cookbooks/mu-master/recipes/default.rb +59 -7
data/cookbooks/mu-master/recipes/firewall-holes.rb +1 -1
data/cookbooks/mu-master/recipes/init.rb +65 -47
data/cookbooks/mu-master/recipes/{eks-kubectl.rb → kubectl.rb} +4 -10
data/cookbooks/mu-master/recipes/sssd.rb +2 -1
data/cookbooks/mu-master/recipes/update_nagios_only.rb +6 -6
data/cookbooks/mu-master/templates/default/web_app.conf.erb +2 -2
data/cookbooks/mu-master/templates/mods/ldap.conf.erb +4 -0
data/cookbooks/mu-php54/Berksfile +1 -2
data/cookbooks/mu-php54/metadata.rb +4 -5
data/cookbooks/mu-php54/recipes/default.rb +1 -1
data/cookbooks/mu-splunk/templates/default/splunk-init.erb +0 -0
data/cookbooks/mu-tools/Berksfile +3 -2
data/cookbooks/mu-tools/files/default/Mu_CA.pem +33 -0
data/cookbooks/mu-tools/libraries/helper.rb +20 -8
data/cookbooks/mu-tools/metadata.rb +5 -2
data/cookbooks/mu-tools/recipes/apply_security.rb +2 -3
data/cookbooks/mu-tools/recipes/eks.rb +1 -1
data/cookbooks/mu-tools/recipes/gcloud.rb +5 -30
data/cookbooks/mu-tools/recipes/nagios.rb +1 -1
data/cookbooks/mu-tools/recipes/rsyslog.rb +1 -0
data/cookbooks/mu-tools/recipes/selinux.rb +19 -0
data/cookbooks/mu-tools/recipes/split_var_partitions.rb +0 -1
data/cookbooks/mu-tools/recipes/windows-client.rb +256 -122
data/cookbooks/mu-tools/resources/disk.rb +3 -1
data/cookbooks/mu-tools/templates/amazon/sshd_config.erb +1 -1
data/cookbooks/mu-tools/templates/default/etc_hosts.erb +1 -1
data/cookbooks/mu-tools/templates/default/{kubeconfig.erb → kubeconfig-eks.erb} +0 -0
data/cookbooks/mu-tools/templates/default/kubeconfig-gke.erb +27 -0
data/cookbooks/mu-tools/templates/windows-10/sshd_config.erb +137 -0
data/cookbooks/mu-utility/recipes/nat.rb +4 -0
data/extras/alpha.png +0 -0
data/extras/beta.png +0 -0
data/extras/clean-stock-amis +2 -2
data/extras/generate-stock-images +131 -0
data/extras/git-fix-permissions-hook +0 -0
data/extras/image-generators/AWS/centos6.yaml +17 -0
data/extras/image-generators/{aws → AWS}/centos7-govcloud.yaml +0 -0
data/extras/image-generators/{aws → AWS}/centos7.yaml +0 -0
data/extras/image-generators/{aws → AWS}/rhel7.yaml +0 -0
data/extras/image-generators/{aws → AWS}/win2k12.yaml +0 -0
data/extras/image-generators/{aws → AWS}/win2k16.yaml +0 -0
data/extras/image-generators/{aws → AWS}/windows.yaml +0 -0
data/extras/image-generators/{gcp → Google}/centos6.yaml +1 -0
data/extras/image-generators/Google/centos7.yaml +18 -0
data/extras/python_rpm/build.sh +0 -0
data/extras/release.png +0 -0
data/extras/ruby_rpm/build.sh +0 -0
data/extras/ruby_rpm/muby.spec +1 -1
data/install/README.md +43 -5
data/install/deprecated-bash-library.sh +0 -0
data/install/installer +1 -1
data/install/jenkinskeys.rb +0 -0
data/install/mu-master.yaml +55 -0
data/modules/mommacat.ru +41 -7
data/modules/mu.rb +444 -149
data/modules/mu/adoption.rb +500 -0
data/modules/mu/cleanup.rb +235 -158
data/modules/mu/cloud.rb +675 -138
data/modules/mu/clouds/aws.rb +156 -24
data/modules/mu/clouds/aws/alarm.rb +4 -14
data/modules/mu/clouds/aws/bucket.rb +60 -18
data/modules/mu/clouds/aws/cache_cluster.rb +8 -20
data/modules/mu/clouds/aws/collection.rb +12 -22
data/modules/mu/clouds/aws/container_cluster.rb +209 -118
data/modules/mu/clouds/aws/database.rb +120 -45
data/modules/mu/clouds/aws/dnszone.rb +7 -18
data/modules/mu/clouds/aws/endpoint.rb +5 -15
data/modules/mu/clouds/aws/firewall_rule.rb +144 -72
data/modules/mu/clouds/aws/folder.rb +4 -11
data/modules/mu/clouds/aws/function.rb +6 -16
data/modules/mu/clouds/aws/group.rb +4 -12
data/modules/mu/clouds/aws/habitat.rb +11 -13
data/modules/mu/clouds/aws/loadbalancer.rb +40 -28
data/modules/mu/clouds/aws/log.rb +5 -13
data/modules/mu/clouds/aws/msg_queue.rb +9 -24
data/modules/mu/clouds/aws/nosqldb.rb +4 -12
data/modules/mu/clouds/aws/notifier.rb +6 -13
data/modules/mu/clouds/aws/role.rb +69 -40
data/modules/mu/clouds/aws/search_domain.rb +17 -20
data/modules/mu/clouds/aws/server.rb +184 -94
data/modules/mu/clouds/aws/server_pool.rb +33 -38
data/modules/mu/clouds/aws/storage_pool.rb +5 -12
data/modules/mu/clouds/aws/user.rb +59 -33
data/modules/mu/clouds/aws/userdata/linux.erb +18 -30
data/modules/mu/clouds/aws/userdata/windows.erb +9 -9
data/modules/mu/clouds/aws/vpc.rb +214 -145
data/modules/mu/clouds/azure.rb +978 -44
data/modules/mu/clouds/azure/container_cluster.rb +413 -0
data/modules/mu/clouds/azure/firewall_rule.rb +500 -0
data/modules/mu/clouds/azure/habitat.rb +167 -0
data/modules/mu/clouds/azure/loadbalancer.rb +205 -0
data/modules/mu/clouds/azure/role.rb +211 -0
data/modules/mu/clouds/azure/server.rb +810 -0
data/modules/mu/clouds/azure/user.rb +257 -0
data/modules/mu/clouds/azure/userdata/README.md +4 -0
data/modules/mu/clouds/azure/userdata/linux.erb +137 -0
data/modules/mu/clouds/azure/userdata/windows.erb +275 -0
data/modules/mu/clouds/azure/vpc.rb +782 -0
data/modules/mu/clouds/cloudformation.rb +12 -9
data/modules/mu/clouds/cloudformation/firewall_rule.rb +5 -13
data/modules/mu/clouds/cloudformation/server.rb +10 -1
data/modules/mu/clouds/cloudformation/server_pool.rb +1 -0
data/modules/mu/clouds/cloudformation/vpc.rb +0 -2
data/modules/mu/clouds/google.rb +554 -117
data/modules/mu/clouds/google/bucket.rb +173 -32
data/modules/mu/clouds/google/container_cluster.rb +1112 -157
data/modules/mu/clouds/google/database.rb +24 -47
data/modules/mu/clouds/google/firewall_rule.rb +344 -89
data/modules/mu/clouds/google/folder.rb +156 -79
data/modules/mu/clouds/google/group.rb +272 -82
data/modules/mu/clouds/google/habitat.rb +177 -52
data/modules/mu/clouds/google/loadbalancer.rb +9 -34
data/modules/mu/clouds/google/role.rb +1211 -0
data/modules/mu/clouds/google/server.rb +491 -227
data/modules/mu/clouds/google/server_pool.rb +233 -48
data/modules/mu/clouds/google/user.rb +479 -125
data/modules/mu/clouds/google/userdata/linux.erb +3 -3
data/modules/mu/clouds/google/userdata/windows.erb +9 -9
data/modules/mu/clouds/google/vpc.rb +381 -223
data/modules/mu/config.rb +689 -214
data/modules/mu/config/bucket.rb +1 -1
data/modules/mu/config/cache_cluster.rb +1 -1
data/modules/mu/config/cache_cluster.yml +0 -4
data/modules/mu/config/container_cluster.rb +18 -9
data/modules/mu/config/database.rb +6 -23
data/modules/mu/config/firewall_rule.rb +9 -15
data/modules/mu/config/folder.rb +22 -21
data/modules/mu/config/habitat.rb +22 -21
data/modules/mu/config/loadbalancer.rb +2 -2
data/modules/mu/config/role.rb +9 -40
data/modules/mu/config/server.rb +26 -5
data/modules/mu/config/server_pool.rb +1 -1
data/modules/mu/config/storage_pool.rb +2 -2
data/modules/mu/config/user.rb +4 -0
data/modules/mu/config/vpc.rb +350 -110
data/modules/mu/defaults/{amazon_images.yaml → AWS.yaml} +37 -39
data/modules/mu/defaults/Azure.yaml +17 -0
data/modules/mu/defaults/Google.yaml +24 -0
data/modules/mu/defaults/README.md +1 -1
data/modules/mu/deploy.rb +168 -125
data/modules/mu/groomer.rb +2 -1
data/modules/mu/groomers/ansible.rb +104 -32
data/modules/mu/groomers/chef.rb +96 -44
data/modules/mu/kittens.rb +20602 -0
data/modules/mu/logger.rb +38 -11
data/modules/mu/master.rb +90 -8
data/modules/mu/master/chef.rb +2 -3
data/modules/mu/master/ldap.rb +0 -1
data/modules/mu/master/ssl.rb +250 -0
data/modules/mu/mommacat.rb +917 -513
data/modules/scratchpad.erb +1 -1
data/modules/tests/super_complex_bok.yml +0 -0
data/modules/tests/super_simple_bok.yml +0 -0
data/roles/mu-master.json +2 -1
data/spec/azure_creds +5 -0
data/spec/mu.yaml +56 -0
data/spec/mu/clouds/azure_spec.rb +164 -27
data/spec/spec_helper.rb +5 -0
data/test/clean_up.py +0 -0
data/test/exec_inspec.py +0 -0
data/test/exec_mu_install.py +0 -0
data/test/exec_retry.py +0 -0
data/test/smoke_test.rb +0 -0
metadata +90 -118
data/cookbooks/mu-jenkins/Berksfile +0 -14
data/cookbooks/mu-jenkins/CHANGELOG.md +0 -13
data/cookbooks/mu-jenkins/LICENSE +0 -37
data/cookbooks/mu-jenkins/README.md +0 -105
data/cookbooks/mu-jenkins/attributes/default.rb +0 -42
data/cookbooks/mu-jenkins/files/default/cleanup_deploy_config.xml +0 -73
data/cookbooks/mu-jenkins/files/default/deploy_config.xml +0 -44
data/cookbooks/mu-jenkins/metadata.rb +0 -21
data/cookbooks/mu-jenkins/recipes/default.rb +0 -195
data/cookbooks/mu-jenkins/recipes/node-ssh-config.rb +0 -54
data/cookbooks/mu-jenkins/recipes/public_key.rb +0 -24
data/cookbooks/mu-jenkins/templates/default/example_job.config.xml.erb +0 -24
data/cookbooks/mu-jenkins/templates/default/org.jvnet.hudson.plugins.SSHBuildWrapper.xml.erb +0 -14
data/cookbooks/mu-jenkins/templates/default/ssh_config.erb +0 -6
data/cookbooks/nagios/Berksfile +0 -11
data/cookbooks/nagios/CHANGELOG.md +0 -589
data/cookbooks/nagios/CONTRIBUTING.md +0 -11
data/cookbooks/nagios/LICENSE +0 -37
data/cookbooks/nagios/README.md +0 -328
data/cookbooks/nagios/TESTING.md +0 -2
data/cookbooks/nagios/attributes/config.rb +0 -171
data/cookbooks/nagios/attributes/default.rb +0 -228
data/cookbooks/nagios/chefignore +0 -102
data/cookbooks/nagios/definitions/command.rb +0 -33
data/cookbooks/nagios/definitions/contact.rb +0 -33
data/cookbooks/nagios/definitions/contactgroup.rb +0 -33
data/cookbooks/nagios/definitions/host.rb +0 -33
data/cookbooks/nagios/definitions/hostdependency.rb +0 -33
data/cookbooks/nagios/definitions/hostescalation.rb +0 -34
data/cookbooks/nagios/definitions/hostgroup.rb +0 -33
data/cookbooks/nagios/definitions/nagios_conf.rb +0 -38
data/cookbooks/nagios/definitions/resource.rb +0 -33
data/cookbooks/nagios/definitions/service.rb +0 -33
data/cookbooks/nagios/definitions/servicedependency.rb +0 -33
data/cookbooks/nagios/definitions/serviceescalation.rb +0 -34
data/cookbooks/nagios/definitions/servicegroup.rb +0 -33
data/cookbooks/nagios/definitions/timeperiod.rb +0 -33
data/cookbooks/nagios/libraries/base.rb +0 -314
data/cookbooks/nagios/libraries/command.rb +0 -91
data/cookbooks/nagios/libraries/contact.rb +0 -230
data/cookbooks/nagios/libraries/contactgroup.rb +0 -112
data/cookbooks/nagios/libraries/custom_option.rb +0 -36
data/cookbooks/nagios/libraries/data_bag_helper.rb +0 -23
data/cookbooks/nagios/libraries/default.rb +0 -90
data/cookbooks/nagios/libraries/host.rb +0 -412
data/cookbooks/nagios/libraries/hostdependency.rb +0 -181
data/cookbooks/nagios/libraries/hostescalation.rb +0 -173
data/cookbooks/nagios/libraries/hostgroup.rb +0 -119
data/cookbooks/nagios/libraries/nagios.rb +0 -282
data/cookbooks/nagios/libraries/resource.rb +0 -59
data/cookbooks/nagios/libraries/service.rb +0 -455
data/cookbooks/nagios/libraries/servicedependency.rb +0 -215
data/cookbooks/nagios/libraries/serviceescalation.rb +0 -195
data/cookbooks/nagios/libraries/servicegroup.rb +0 -144
data/cookbooks/nagios/libraries/timeperiod.rb +0 -160
data/cookbooks/nagios/libraries/users_helper.rb +0 -54
data/cookbooks/nagios/metadata.rb +0 -25
data/cookbooks/nagios/recipes/_load_databag_config.rb +0 -153
data/cookbooks/nagios/recipes/_load_default_config.rb +0 -241
data/cookbooks/nagios/recipes/apache.rb +0 -48
data/cookbooks/nagios/recipes/default.rb +0 -204
data/cookbooks/nagios/recipes/nginx.rb +0 -82
data/cookbooks/nagios/recipes/pagerduty.rb +0 -143
data/cookbooks/nagios/recipes/server_package.rb +0 -40
data/cookbooks/nagios/recipes/server_source.rb +0 -164
data/cookbooks/nagios/templates/default/apache2.conf.erb +0 -96
data/cookbooks/nagios/templates/default/cgi.cfg.erb +0 -266
data/cookbooks/nagios/templates/default/commands.cfg.erb +0 -13
data/cookbooks/nagios/templates/default/contacts.cfg.erb +0 -37
data/cookbooks/nagios/templates/default/hostgroups.cfg.erb +0 -25
data/cookbooks/nagios/templates/default/hosts.cfg.erb +0 -15
data/cookbooks/nagios/templates/default/htpasswd.users.erb +0 -6
data/cookbooks/nagios/templates/default/nagios.cfg.erb +0 -22
data/cookbooks/nagios/templates/default/nginx.conf.erb +0 -62
data/cookbooks/nagios/templates/default/pagerduty.cgi.erb +0 -185
data/cookbooks/nagios/templates/default/resource.cfg.erb +0 -27
data/cookbooks/nagios/templates/default/servicedependencies.cfg.erb +0 -15
data/cookbooks/nagios/templates/default/servicegroups.cfg.erb +0 -14
data/cookbooks/nagios/templates/default/services.cfg.erb +0 -14
data/cookbooks/nagios/templates/default/templates.cfg.erb +0 -31
data/cookbooks/nagios/templates/default/timeperiods.cfg.erb +0 -13
data/extras/image-generators/aws/centos6.yaml +0 -18
data/modules/mu/defaults/google_images.yaml +0 -16
data/roles/mu-master-jenkins.json +0 -24

data/cookbooks/mu-jenkins/Berksfile DELETED

@@ -1,14 +0,0 @@
-source 'https://supermarket.chef.io'
-source chef_repo: ".."
-metadata
-# Mu Cookbooks
-cookbook 'mu-master'
-cookbook 'mu-utility'
-cookbook 'mu-tools'
-# Supermarket Cookbooks
-cookbook 'java', '~> 2.2.0'
-cookbook 'jenkins', '~> 6.2.0'
-cookbook 'chef-vault', '~> 3.1.1'

data/cookbooks/mu-jenkins/CHANGELOG.md DELETED

@@ -1,13 +0,0 @@
-mu-jenkins CHANGELOG
-====================
-This file is used to list changes made in each version of the mu-jenkins cookbook.
-0.1.0
------
-- [your_name] - Initial release of mu-jenkins
-- - -
-Check the [Markdown Syntax Guide](http://daringfireball.net/projects/markdown/syntax) for help with Markdown.
-The [Github Flavored Markdown page](http://github.github.com/github-flavored-markdown/) describes the differences between markdown on github and standard markdown.

data/cookbooks/mu-jenkins/LICENSE DELETED

@@ -1,37 +0,0 @@
-Through accessing, reading, or utilizing this software in any manner whatsoever
-or through any means whatsoever, whether the access, reading or use is either
-solely looking at this software or this software has been integrated into any
-derivative work, the party accessing,  reading, or utilizing the software
-directly or indirectly agrees to abide by the following license.
-The eGlobalTech Cloud Automation Platform is the Copyright (c) 2014 of Global
-Tech Inc. All rights reserved.
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
-1. Redistributions of source code must retain the above copyright notice, this
-list of conditions and the following disclaimer.
-2. Redistributions in binary form must reproduce the above copyright notice,
-this list of conditions and the following disclaimer in the documentation
-and/or other materials provided with the distribution.
-3. Neither the name of the copyright holder nor the names of its contributors
-may be used to endorse or promote products derived from this software without
-specific prior written permission.
-Global Tech, Inc. is the co-owner of any derivative works created with this
-software.
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
-OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

data/cookbooks/mu-jenkins/README.md DELETED

@@ -1,105 +0,0 @@
-mu-jenkins Cookbook
-===================
-This cookbook creates a working Jenkins installation.  It can be deployed on a standalone node (see demo/jenkins.yaml) or as a Jenkins server on the mu-master itself.
-Requirements
-------------
-This is a wrapper cookbook that is meant to be run after a Jenkins install using the Jenkins community cookbook. The recipe uses some groovy scripts to manage jenkins authentication from chef itself, and create an additional administrave Jenkins user for interactive work.
-A jenkins vault must be present before invoking.  Two items are required
--  A users item containing passwords for each user enumerated in the default.jenkins_users attribute (see below).  The mu-user password is required, as we need at least one interactive Jenkins user
--  An admin item containing a public and private keypair that will be used by chef to authenticate to Jenkins after disabling anonymous authentication, and a username for this user
-A third optional ssh item is used to store a keypair used by Jenkins to SSH to other nodes, to allow Jenkins to run code locally as part of a Jenkins job.
-Create the vault items along these lines:
-admin:
-```
-#!/usr/local/ruby-current/bin/ruby
-require "openssl"
-require 'net/ssh'
-key = OpenSSL::PKey::RSA.new 2048
-public_key = "#{key.public_key.ssh_type} #{[key.public_key.to_blob].pack('m0')}"
-vault_opts="--mode client -u mu -F json"
-vault_cmd = "knife vault create jenkins admin '{ \"public_key\":\"#{public_key}\", \"private_key\":\"#{key.to_pem.chomp!.gsub(/\n/, "\\n")}\", \"username\": \"master_user\" }' #{vault_opts} --search name:MU-MASTER"
-exec vault_cmd
-```
-users:
-```knife vault create jenkins users '{"mu_user_password":"feefiefoefum"}'  --mode client -F json -u mu --search name:MU-MASTER```
-#### packages
-- `java` - jenkins needs Java to run
-- `jenkins` - mu-jenkins needs jenkins to actually be installed
-Attributes
-----------
-Some basic attributes on the java install and node address, plus Jenkins specifics:
-#### mu-jenkins::default
-<table>
-  <tr>
-    <th>Key</th>
-    <th>Type</th>
-    <th>Description</th>
-    <th>Default</th>
-  </tr>
-  <tr>
-    <td><tt>default.jenkins_users</tt></td>
-    <td>Hash</td>
-    <td>Jenkins users to create with their properties (excepting password) and a single vault to retrieve creds from</td>
-    <td><tt>:user_name => "mu_user", :fullname => "Mu-Demo-User", :email => "mu-developers@googlegroups.com", :vault => "jenkins", :vault_item => "users"}</tt></td>
-  </tr>
-  <tr>
-    <td><tt>default.jenkins_ssh_urls</tt></td>
-    <td>Array</td>
-    <td>IP addresses / DNS names of nodes Jenkins will SSH into</td>
-    <td><tt>[node[:ipaddress]]</tt></td>
-  </tr>
-  <tr>
-    <td><tt>default.jenkins_plugins</tt></td>
-    <td>Whitespace string</td>
-    <td>plugins to install</td>
-    <td><tt>%w{github ssh deploy}</tt></td>
-  </tr>
-  <tr>
-    <td><tt>default.jenkins_ssh_vault</tt></td>
-    <td>Hash</td>
-    <td>Preexisting vault containing a public private keypair that will be used to SSH to other nodes</td>
-    <td><tt>:vault => "jenkins", :item => "ssh"</tt></td>
-  </tr>
-  <tr>
-    <td><tt>default.jenkins_admin_vault</tt></td>
-    <td>Hash</td>
-    <td>Preexisting vault containing a public private keypair used by Chef to authenticate to Jenkins. This also include the username of the Jenkins user</td>
-    <td><tt>:vault => "jenkins", :item => "admin"</tt></td>
-  </tr>
-</table>
-Usage
------
-#### mu-jenkins::default
-This cookbook can run in a standalone mode which creates a basic Jenkins install on a target node, or a mu-master mode which creates a Jenkins server on a mu master.
-In either case the runlist will look like:
-```    run_list:
-    - recipe[java]
-    - recipe[jenkins::master]
-    - recipe[mu-jenkins]
-```
-In the mu-master mode the cookbook is invoked with the role[mu-master-jenkins], which adds some attributes to trigger the jenkins-apache recipe, which places Jenkins behind a mu-master apache reverse proxy:
-    chef-client -l info -o recipe[java],recipe[jenkins::master],recipe[mu-jenkins]
-Contributing
-------------
-Usual Cloudamatic process via pull request
-License and Authors
--------------------
-Authors: Ami Rahav, Robert Patt-Corner

data/cookbooks/mu-jenkins/attributes/default.rb DELETED

@@ -1,42 +0,0 @@
-default['jenkins_users'] = [
-#  {:user_name => "mu_user", :fullname => "Mu-Demo-User", :email => ENV['MU_ADMIN_EMAIL'], :vault => "jenkins", :vault_item => "users"}
-]
-default['jenkins_ssh_urls'] = [node['ipaddress']]
-default['jenkins_plugins'] = %w{
-  token-macro git github deploy ldap scm-api git-client active-directory
-  ansicolor matrix-auth matrix-project workflow-scm-step junit workflow-api
-  workflow-step-api ssh credentials ssh-credentials plain-credentials mailer
-  display-url-api structs script-security jackson2-api
-}
-default['jenkins_ports_direct'] = %w{8080 443}
-default['jenkins']['master']['jenkins_args'] = "" if default['jenkins']['master']['jenkins_args'].nil?
-jenkins_args = "" if node['jenkins']['master']['jenkins_args'].nil?
-override['jenkins']['master']['jenkins_args'] = "#{jenkins_args} --prefix=/jenkins"
-default['jenkins']['master']['jvm_options'] = '-Xmx1024m -Djenkins.install.runSetupWizard=false'
-alpn_version = '8.1.11.v20170118'
-default['jenkins']['alpn']['version'] = alpn_version
-default['jenkins']['alpn']['download_link'] = "http://central.maven.org/maven2/org/mortbay/jetty/alpn/alpn-boot/#{alpn_version}/alpn-boot-#{alpn_version}.jar"
-# This isn't really true, but the Java libraries lose their minds over
-# self-signed SSL certs like the one you'll usually find on
-# https://#{$MU_CFG['public_address']}/jenkins (the real URL)
-default['jenkins']['master']['endpoint'] = "http://localhost:8080/jenkins"
-default['jenkins_ssh_vault'] = {
-    :vault => "jenkins", :item => "ssh"
-}
-default['jenkins_admin_vault'] = {
-    :vault => "jenkins", :item => "admin"
-}
-override['java']['jdk_version'] = 8
-override['java']['flavor'] = 'oracle'
-override['java']['jdk']['8']['x86_64']['url'] = 'http://download.oracle.com/otn-pub/java/jdk/8u131-b11/d54c1d3a095b4ff2b6607d096fa80163/jdk-8u131-linux-x64.tar.gz'
-override['java']['jdk']['8']['x86_64']['checksum'] = '75b2cb2249710d822a60f83e28860053'
-override["java"]["oracle"]["accept_oracle_download_terms"] = true
-override['java']['oracle']['jce']['enabled'] = true

data/cookbooks/mu-jenkins/files/default/cleanup_deploy_config.xml DELETED

@@ -1,73 +0,0 @@
-<?xml version='1.0' encoding='UTF-8'?>
-<project>
-  <actions/>
-  <description>Clean up an extant Cloudamatic Deploy</description>
-  <keepDependencies>false</keepDependencies>
-  <properties>
-    <hudson.security.AuthorizationMatrixProperty>
-      <blocksInheritance>true</blocksInheritance>
-      <permission>hudson.model.Item.Cancel:master_user</permission>
-      <permission>hudson.model.Item.Cancel:mu_user</permission>
-      <permission>hudson.model.Item.Delete:master_user</permission>
-      <permission>hudson.model.Item.Delete:mu_user</permission>
-      <permission>hudson.model.Item.Read:master_user</permission>
-      <permission>hudson.model.Item.Read:mu_user</permission>
-      <permission>hudson.model.Item.Workspace:master_user</permission>
-      <permission>hudson.model.Item.Workspace:mu_user</permission>
-      <permission>hudson.model.Item.Build:master_user</permission>
-      <permission>hudson.model.Item.Build:mu_user</permission>
-      <permission>hudson.model.Item.Move:master_user</permission>
-      <permission>hudson.model.Item.Move:mu_user</permission>
-      <permission>hudson.model.Item.Configure:master_user</permission>
-      <permission>hudson.model.Item.Configure:mu_user</permission>
-      <permission>hudson.model.Item.Discover:master_user</permission>
-      <permission>hudson.model.Item.Discover:mu_user</permission>
-    </hudson.security.AuthorizationMatrixProperty>
-    <hudson.model.ParametersDefinitionProperty>
-      <parameterDefinitions>
-        <com.seitenbau.jenkins.plugins.dynamicparameter.ChoiceParameterDefinition plugin="dynamicparameter@0.2.0">
-          <name>Target_Deploy</name>
-          <description></description>
-          <__uuid>8a5d5b3c-c975-44f8-a1e2-7d3c4f3306f8</__uuid>
-          <__remote>false</__remote>
-          <__script>def proc = &quot;ls -1a /home/jenkins/.mu/var/deployments/&quot;.execute()
-            def b = new StringBuffer()
-            proc.consumeProcessErrorStream(b)
-            def list = proc.text.readLines()
-          </__script>
-          <__localBaseDirectory serialization="custom">
-            <hudson.FilePath>
-              <default>
-                <remote>/home/jenkins/dynamic_parameter/classpath</remote>
-              </default>
-              <boolean>true</boolean>
-            </hudson.FilePath>
-          </__localBaseDirectory>
-          <__remoteBaseDirectory>dynamic_parameter_classpath</__remoteBaseDirectory>
-          <__classPath></__classPath>
-          <readonlyInputField>false</readonlyInputField>
-        </com.seitenbau.jenkins.plugins.dynamicparameter.ChoiceParameterDefinition>
-      </parameterDefinitions>
-    </hudson.model.ParametersDefinitionProperty>
-  </properties>
-  <scm class="hudson.scm.NullSCM"/>
-  <canRoam>true</canRoam>
-  <disabled>false</disabled>
-  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
-  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
-  <triggers/>
-  <concurrentBuild>false</concurrentBuild>
-  <builders>
-    <hudson.tasks.Shell>
-      <command>source ~/.murc
-        mu-cleanup $Target_Deploy
-      </command>
-    </hudson.tasks.Shell>
-  </builders>
-  <publishers/>
-  <buildWrappers>
-    <hudson.plugins.ansicolor.AnsiColorBuildWrapper plugin="ansicolor@0.4.1">
-      <colorMapName>xterm</colorMapName>
-    </hudson.plugins.ansicolor.AnsiColorBuildWrapper>
-  </buildWrappers>
-</project>

data/cookbooks/mu-jenkins/files/default/deploy_config.xml DELETED

@@ -1,44 +0,0 @@
-<project>
-  <actions/>
-  <description></description>
-  <keepDependencies>false</keepDependencies>
-  <properties>
-    <hudson.security.AuthorizationMatrixProperty>
-      <blocksInheritance>true</blocksInheritance>
-      <permission>hudson.model.Item.Cancel:master_user</permission>
-      <permission>hudson.model.Item.Cancel:mu_user</permission>
-      <permission>hudson.model.Item.Delete:master_user</permission>
-      <permission>hudson.model.Item.Delete:mu_user</permission>
-      <permission>hudson.model.Item.Read:master_user</permission>
-      <permission>hudson.model.Item.Read:mu_user</permission>
-      <permission>hudson.model.Item.Workspace:master_user</permission>
-      <permission>hudson.model.Item.Workspace:mu_user</permission>
-      <permission>hudson.model.Item.Build:master_user</permission>
-      <permission>hudson.model.Item.Build:mu_user</permission>
-      <permission>hudson.model.Item.Move:master_user</permission>
-      <permission>hudson.model.Item.Move:mu_user</permission>
-      <permission>hudson.model.Item.Configure:master_user</permission>
-      <permission>hudson.model.Item.Configure:mu_user</permission>
-      <permission>hudson.model.Item.Discover:master_user</permission>
-      <permission>hudson.model.Item.Discover:mu_user</permission>
-    </hudson.security.AuthorizationMatrixProperty>
-  </properties>
-  <scm class="hudson.scm.NullSCM"/>
-  <canRoam>true</canRoam>
-  <disabled>false</disabled>
-  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
-  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
-  <triggers/>
-  <concurrentBuild>false</concurrentBuild>
-  <builders>
-    <hudson.tasks.Shell>
-      <command>/opt/mu/bin/mu-deploy /opt/mu/lib/demo/simple-server.yaml</command>
-    </hudson.tasks.Shell>
-  </builders>
-  <publishers/>
-  <buildWrappers>
-    <hudson.plugins.ansicolor.AnsiColorBuildWrapper plugin="ansicolor@0.4.1">
-      <colorMapName>xterm</colorMapName>
-    </hudson.plugins.ansicolor.AnsiColorBuildWrapper>
-  </buildWrappers>
-</project>

data/cookbooks/mu-jenkins/metadata.rb DELETED

@@ -1,21 +0,0 @@
-name 'mu-jenkins'
-maintainer 'eGlobalTech, Inc'
-maintainer_email 'mu-developers@googlegroups.com'
-license 'BSD-3-Clause'
-description 'Installs/Configures mu-jenkins'
-long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
-source_url 'https://github.com/cloudamatic/mu'
-issues_url 'https://github.com/cloudamatic/mu/issues'
-chef_version '>= 12.1' if respond_to?(:chef_version)
-version '0.6.0'
-%w( amazon centos redhat windows ).each do |os|
-	supports os
-end
-depends 'java', '~> 2.2.0'
-depends 'jenkins', '~> 6.2.0'
-depends 'chef-vault', '~> 3.1.1'
-depends 'mu-master'
-depends 'mu-utility'
-depends 'mu-tools'

data/cookbooks/mu-jenkins/recipes/default.rb DELETED

@@ -1,195 +0,0 @@
-# Cookbook Name:: mu-jenkins
-# Recipe:: default
-#
-# Copyright 2015, eGlobalTech, Inc
-#
-# All rights reserved - Do Not Redistribute
-#
-include_recipe 'mu-tools::disable-requiretty'
-include_recipe 'chef-vault'
-directory "/opt/java_jce" do
-  mode 0755
-end
-admin_vault = chef_vault_item(node['jenkins_admin_vault']['vault'], node['jenkins_admin_vault']['item'])
-directory "Mu Jenkins home #{node['jenkins']['master']['home']}" do
-  path node['jenkins']['master']['home']
-  owner "jenkins"
-  recursive true
-  notifies :restart, 'service[jenkins]', :immediately
-end
-package %w{git bzip2}
-#remote_file "#{node['jenkins']['master']['home']}/plugins/mailer.jpi" do
-#  source "http://updates.jenkins-ci.org/latest/mailer.hpi"
-#  owner "jenkins"
-#end
-ruby_block 'wait for jenkins' do
-  block do
-    sleep 30
-  end
-  action :nothing
-end
-# If security was enabled in a previous chef run then set the private key in the run_state
-# now as required by the Jenkins cookbook
-if node['application_attributes']['jenkins_auth_set']
-ruby_block 'set jenkins private key' do
-  block do
-    Chef::Log.info("Setting the previously enabled jenkins private key")
-    node.run_state[:jenkins_private_key] = admin_vault['private_key'].strip
-  end
-end
-end
-restart_jenkins = false
-directory "mu-jenkins fix #{Chef::Config[:file_cache_path]} perms" do
-  path Chef::Config[:file_cache_path]
-  mode 0755
-end
-cacheparent = File.expand_path("..", Chef::Config[:file_cache_path])
-directory "mu-jenkins fix #{cacheparent} perms" do
-  path cacheparent
-  mode 0755
-end
-# Download ALPN Jar file and fix to JENKINS_JAVA_OPTIONS
-# open_jdk_version = `java -version 2>&1`
-open_jdk_version = shell_out('java -version 2>&1').stdout.str
-if open_jdk_version.include?("openjdk version \"1.8") and node['platform_family'] == 'rhel'
-  remote_file 'download_anlp_jar' do
-    source node['jenkins']['alpn']['download_link']
-    path "/home/jenkins/alpn-boot-#{node['jenkins']['alpn']['version']}.jar"
-    owner "jenkins"
-    notifies :restart, "service[jenkins]",:delayed
-  end
-  service "jenkins" do
-    action :nothing
-  end
-end
-node['jenkins_plugins'].each { |plugin|
-#  if !::File.exist?("#{node['jenkins']['master']['home']}/plugins/#{plugin}.jpi")
-#    restart_jenkins = true
-#  end
-# XXX this runs as the 'jenkins' user, yet download the files as 0600/root
-  jenkins_plugin plugin
-  # do
-    # notifies :restart, 'service[jenkins]', :delayed
-    #not_if { ::File.exist?("#{node['jenkins']['master']['home']}/plugins/#{plugin}.jpi") }
-  # end
-}
-if !node['application_attributes']['jenkins_auth_set']
-  jenkins_command 'safe-restart'
-  jenkins_private_key_credentials admin_vault['username'] do
-    id '1671945-9fa7-4d24-ac87-51ea3b2aef4c'
-    description admin_vault['username']
-    private_key admin_vault['private_key'].strip
-  end
-end
-# The Jenkins service user that this cookbook uses MUST exist in our directory
-mu_master_user admin_vault['username'] do
-  realname admin_vault['username']
-#  email $MU_CFG['jenkins']['admin_email'] || $MU_CFG['admin_email']
-  email "mu-developers@googlegroups.com"
-end
-# Add the admin user only if it has not been added already then notify the resource
-# to configure the permissions for the admin user.  Note that we check for existence of jenkins_auth_set,
-# not value
-jenkins_user admin_vault['username'] do
-  full_name admin_vault['username']
-  email "mu-developers@googlegroups.com"
-  public_keys [admin_vault['public_key'].strip]
-  #not_if { node['application_attributes'].attribute?('jenkins_auth_set') }
-end
-# Configure the permissions so that login is required and the admin user is an administrator
-# after this point the private key will be required to execute jenkins scripts (including querying
-# if users exist) so we notify the `set the security_enabled flag` resource to set this up.
-# Also note that since Jenkins 1.556 the private key cannot be used until after the admin user
-# has been added to the security realm
-uidsearch = "uid={0}"
-uidsearch = "sAMAccountName={0}" if $MU_CFG['ldap']['type'] == "Active Directory"
-membersearch = "(| (member={0}) (uniqueMember={0}) (memberUid={1}))"
-membersearch = "memberUid={0}" if $MU_CFG['ldap']['type'] == "389 Directory Services"
-bind_creds = chef_vault_item($MU_CFG['ldap']['bind_creds']['vault'], $MU_CFG['ldap']['bind_creds']['item'])
-jenkins_admins = ::MU::Master.listUsers.delete_if { |_u, data| !data['admin'] }.keys
-#jenkins_regular = ::MU::Master.listUsers.delete_if { |u, data| data['admin'] or u == "jenkins" }.keys
-regular_user_perms = ["Item.BUILD", "Item.CREATE", "Item.DISCOVER", "Item.READ"]
-jenkins_script 'configure_jenkins_auth' do
-  command <<-EOH.gsub(/^ {4}/, '')
-  import jenkins.model.*
-  import hudson.security.*
-  import org.jenkinsci.plugins.*
-  def instance = Jenkins.getInstance()
-  def hudsonRealm = new HudsonPrivateSecurityRealm(false)
-  String groupSearchFilter = 'memberUid={0}'
-  SecurityRealm ldapRealm = new LDAPSecurityRealm(server='ldap://#{$MU_CFG['ldap']['dcs'].first}', rootDN = '#{$MU_CFG['ldap']['base_dn']}', userSearchBase='#{$MU_CFG['ldap']['user_ou'].sub(/,.*/, "")}', userSearch="#{uidsearch}", groupSearchBase='#{$MU_CFG['ldap']['group_ou'].sub(/,.*/, "")}', groupSearchFilter="", groupMembershipFilter = '#{membersearch}', managerDN = '#{bind_creds[$MU_CFG['ldap']['bind_creds']['username_field']]}', managerPasswordSecret = '#{bind_creds[$MU_CFG['ldap']['bind_creds']['password_field']]}', inhibitInferRootDN = false, disableMailAddressResolver = false, cache = null)
-  instance.setSecurityRealm(ldapRealm)
-  def strategy = new ProjectMatrixAuthorizationStrategy()
-  strategy.add(Jenkins.ADMINISTER, "#{$MU_CFG['ldap']['admin_group_name']}")
-  strategy.add(Jenkins.ADMINISTER, "#{admin_vault['username']}")
-  #{jenkins_admins.map { |u| "strategy.add(Jenkins.ADMINISTER, \"#{u}\")" }.join("\n")}
-  strategy.add(Jenkins.READ, "authenticated")
-  #{regular_user_perms.map { |p| "strategy.add(hudson.model.#{p}, \"authenticated\")" }.join("\n")}
-  instance.setAuthorizationStrategy(strategy)
-  instance.save()
-  EOH
-#  not_if "grep managerDN #{node['jenkins']['master']['home']}/config.xml | grep #{bind_creds[$MU_CFG['ldap']['bind_creds']['username_field']]}"
-  notifies :run, 'ruby_block[configure_jenkins_auth_set]', :immediately
-  action :nothing unless !::File.size?("#{node['jenkins']['master']['home']}/config.xml") or !::File.read("#{node['jenkins']['master']['home']}/config.xml").match(bind_creds[$MU_CFG['ldap']['bind_creds']['username_field']])
-end
-file "#{node['jenkins']['master']['home']}/user-list-chef-guard" do
-  content "
-#{jenkins_admins.map { |u| "strategy.add(Jenkins.ADMINISTER, \"#{u}\")" }.join("\n")}
-#{regular_user_perms.map { |p| "strategy.add(Jenkins.#{p}, \"authenticated\")" }.join("\n")}
-#{bind_creds[$MU_CFG['ldap']['bind_creds']['username_field']]}
-"
-  notifies :execute, "jenkins_script[configure_jenkins_auth]", :immediately
-end
-# Set the security enabled flag and set the run_state to use the configured private key
-ruby_block 'configure_jenkins_auth_set' do
-  block do
-    node.run_state[:jenkins_private_key] = admin_vault['private_key'].strip
-    node.normal['application_attributes']['jenkins_auth_set'] = true
-    node.save
-  end
-  action :nothing
-end
-# Configure users from the vault
-#node['jenkins_users'].each { |user|
-#  user_vault = chef_vault_item(user[:vault], user[:vault_item])
-#
-#  # XXX This is dangerous. What if we stupidly step on the account of a
-#  # "real" user?
-#  ::MU::Master::LDAP.manageUser(user[:user_name], name: user[:fullname], password: user_vault[user[:user_name]+"_password"], admin: false, email: user[:email])
-#  jenkins_user user[:user_name] do
-#    full_name user[:fullname]
-#    email user[:email]
-#    password user_vault["#{user[:user_name]}_password"]
-#    sensitive true
-#  end
-#}