RubyGems - cloud-mu - Versions diffs - 2.1.0beta → 3.0.0beta - Mend

cloud-mu 2.1.0beta → 3.0.0beta

Files changed (291) hide show

checksums.yaml +5 -5
data/Berksfile +4 -5
data/Berksfile.lock +179 -0
data/README.md +1 -6
data/ansible/roles/geerlingguy.firewall/templates/firewall.bash.j2 +0 -0
data/ansible/roles/mu-installer/README.md +33 -0
data/ansible/roles/mu-installer/defaults/main.yml +2 -0
data/ansible/roles/mu-installer/handlers/main.yml +2 -0
data/ansible/roles/mu-installer/meta/main.yml +60 -0
data/ansible/roles/mu-installer/tasks/main.yml +13 -0
data/ansible/roles/mu-installer/tests/inventory +2 -0
data/ansible/roles/mu-installer/tests/test.yml +5 -0
data/ansible/roles/mu-installer/vars/main.yml +2 -0
data/bin/mu-adopt +125 -0
data/bin/mu-aws-setup +4 -4
data/bin/mu-azure-setup +265 -0
data/bin/mu-azure-tests +43 -0
data/bin/mu-cleanup +20 -8
data/bin/mu-configure +224 -98
data/bin/mu-deploy +8 -3
data/bin/mu-gcp-setup +16 -8
data/bin/mu-gen-docs +92 -8
data/bin/mu-load-config.rb +52 -12
data/bin/mu-momma-cat +36 -0
data/bin/mu-node-manage +34 -27
data/bin/mu-self-update +2 -2
data/bin/mu-ssh +12 -8
data/bin/mu-upload-chef-artifacts +11 -4
data/bin/mu-user-manage +3 -0
data/cloud-mu.gemspec +8 -11
data/cookbooks/firewall/libraries/helpers_iptables.rb +2 -2
data/cookbooks/firewall/metadata.json +1 -1
data/cookbooks/firewall/recipes/default.rb +5 -9
data/cookbooks/mu-firewall/attributes/default.rb +2 -0
data/cookbooks/mu-firewall/metadata.rb +1 -1
data/cookbooks/mu-glusterfs/templates/default/mu-gluster-client.erb +0 -0
data/cookbooks/mu-master/Berksfile +2 -2
data/cookbooks/mu-master/files/default/check_mem.pl +0 -0
data/cookbooks/mu-master/files/default/cloudamatic.png +0 -0
data/cookbooks/mu-master/metadata.rb +5 -4
data/cookbooks/mu-master/recipes/389ds.rb +1 -1
data/cookbooks/mu-master/recipes/basepackages.rb +30 -10
data/cookbooks/mu-master/recipes/default.rb +59 -7
data/cookbooks/mu-master/recipes/firewall-holes.rb +1 -1
data/cookbooks/mu-master/recipes/init.rb +65 -47
data/cookbooks/mu-master/recipes/{eks-kubectl.rb → kubectl.rb} +4 -10
data/cookbooks/mu-master/recipes/sssd.rb +2 -1
data/cookbooks/mu-master/recipes/update_nagios_only.rb +6 -6
data/cookbooks/mu-master/templates/default/web_app.conf.erb +2 -2
data/cookbooks/mu-master/templates/mods/ldap.conf.erb +4 -0
data/cookbooks/mu-php54/Berksfile +1 -2
data/cookbooks/mu-php54/metadata.rb +4 -5
data/cookbooks/mu-php54/recipes/default.rb +1 -1
data/cookbooks/mu-splunk/templates/default/splunk-init.erb +0 -0
data/cookbooks/mu-tools/Berksfile +3 -2
data/cookbooks/mu-tools/files/default/Mu_CA.pem +33 -0
data/cookbooks/mu-tools/libraries/helper.rb +20 -8
data/cookbooks/mu-tools/metadata.rb +5 -2
data/cookbooks/mu-tools/recipes/apply_security.rb +2 -3
data/cookbooks/mu-tools/recipes/eks.rb +1 -1
data/cookbooks/mu-tools/recipes/gcloud.rb +5 -30
data/cookbooks/mu-tools/recipes/nagios.rb +1 -1
data/cookbooks/mu-tools/recipes/rsyslog.rb +1 -0
data/cookbooks/mu-tools/recipes/selinux.rb +19 -0
data/cookbooks/mu-tools/recipes/split_var_partitions.rb +0 -1
data/cookbooks/mu-tools/recipes/windows-client.rb +256 -122
data/cookbooks/mu-tools/resources/disk.rb +3 -1
data/cookbooks/mu-tools/templates/amazon/sshd_config.erb +1 -1
data/cookbooks/mu-tools/templates/default/etc_hosts.erb +1 -1
data/cookbooks/mu-tools/templates/default/{kubeconfig.erb → kubeconfig-eks.erb} +0 -0
data/cookbooks/mu-tools/templates/default/kubeconfig-gke.erb +27 -0
data/cookbooks/mu-tools/templates/windows-10/sshd_config.erb +137 -0
data/cookbooks/mu-utility/recipes/nat.rb +4 -0
data/extras/alpha.png +0 -0
data/extras/beta.png +0 -0
data/extras/clean-stock-amis +2 -2
data/extras/generate-stock-images +131 -0
data/extras/git-fix-permissions-hook +0 -0
data/extras/image-generators/AWS/centos6.yaml +17 -0
data/extras/image-generators/{aws → AWS}/centos7-govcloud.yaml +0 -0
data/extras/image-generators/{aws → AWS}/centos7.yaml +0 -0
data/extras/image-generators/{aws → AWS}/rhel7.yaml +0 -0
data/extras/image-generators/{aws → AWS}/win2k12.yaml +0 -0
data/extras/image-generators/{aws → AWS}/win2k16.yaml +0 -0
data/extras/image-generators/{aws → AWS}/windows.yaml +0 -0
data/extras/image-generators/{gcp → Google}/centos6.yaml +1 -0
data/extras/image-generators/Google/centos7.yaml +18 -0
data/extras/python_rpm/build.sh +0 -0
data/extras/release.png +0 -0
data/extras/ruby_rpm/build.sh +0 -0
data/extras/ruby_rpm/muby.spec +1 -1
data/install/README.md +43 -5
data/install/deprecated-bash-library.sh +0 -0
data/install/installer +1 -1
data/install/jenkinskeys.rb +0 -0
data/install/mu-master.yaml +55 -0
data/modules/mommacat.ru +41 -7
data/modules/mu.rb +444 -149
data/modules/mu/adoption.rb +500 -0
data/modules/mu/cleanup.rb +235 -158
data/modules/mu/cloud.rb +675 -138
data/modules/mu/clouds/aws.rb +156 -24
data/modules/mu/clouds/aws/alarm.rb +4 -14
data/modules/mu/clouds/aws/bucket.rb +60 -18
data/modules/mu/clouds/aws/cache_cluster.rb +8 -20
data/modules/mu/clouds/aws/collection.rb +12 -22
data/modules/mu/clouds/aws/container_cluster.rb +209 -118
data/modules/mu/clouds/aws/database.rb +120 -45
data/modules/mu/clouds/aws/dnszone.rb +7 -18
data/modules/mu/clouds/aws/endpoint.rb +5 -15
data/modules/mu/clouds/aws/firewall_rule.rb +144 -72
data/modules/mu/clouds/aws/folder.rb +4 -11
data/modules/mu/clouds/aws/function.rb +6 -16
data/modules/mu/clouds/aws/group.rb +4 -12
data/modules/mu/clouds/aws/habitat.rb +11 -13
data/modules/mu/clouds/aws/loadbalancer.rb +40 -28
data/modules/mu/clouds/aws/log.rb +5 -13
data/modules/mu/clouds/aws/msg_queue.rb +9 -24
data/modules/mu/clouds/aws/nosqldb.rb +4 -12
data/modules/mu/clouds/aws/notifier.rb +6 -13
data/modules/mu/clouds/aws/role.rb +69 -40
data/modules/mu/clouds/aws/search_domain.rb +17 -20
data/modules/mu/clouds/aws/server.rb +184 -94
data/modules/mu/clouds/aws/server_pool.rb +33 -38
data/modules/mu/clouds/aws/storage_pool.rb +5 -12
data/modules/mu/clouds/aws/user.rb +59 -33
data/modules/mu/clouds/aws/userdata/linux.erb +18 -30
data/modules/mu/clouds/aws/userdata/windows.erb +9 -9
data/modules/mu/clouds/aws/vpc.rb +214 -145
data/modules/mu/clouds/azure.rb +978 -44
data/modules/mu/clouds/azure/container_cluster.rb +413 -0
data/modules/mu/clouds/azure/firewall_rule.rb +500 -0
data/modules/mu/clouds/azure/habitat.rb +167 -0
data/modules/mu/clouds/azure/loadbalancer.rb +205 -0
data/modules/mu/clouds/azure/role.rb +211 -0
data/modules/mu/clouds/azure/server.rb +810 -0
data/modules/mu/clouds/azure/user.rb +257 -0
data/modules/mu/clouds/azure/userdata/README.md +4 -0
data/modules/mu/clouds/azure/userdata/linux.erb +137 -0
data/modules/mu/clouds/azure/userdata/windows.erb +275 -0
data/modules/mu/clouds/azure/vpc.rb +782 -0
data/modules/mu/clouds/cloudformation.rb +12 -9
data/modules/mu/clouds/cloudformation/firewall_rule.rb +5 -13
data/modules/mu/clouds/cloudformation/server.rb +10 -1
data/modules/mu/clouds/cloudformation/server_pool.rb +1 -0
data/modules/mu/clouds/cloudformation/vpc.rb +0 -2
data/modules/mu/clouds/google.rb +554 -117
data/modules/mu/clouds/google/bucket.rb +173 -32
data/modules/mu/clouds/google/container_cluster.rb +1112 -157
data/modules/mu/clouds/google/database.rb +24 -47
data/modules/mu/clouds/google/firewall_rule.rb +344 -89
data/modules/mu/clouds/google/folder.rb +156 -79
data/modules/mu/clouds/google/group.rb +272 -82
data/modules/mu/clouds/google/habitat.rb +177 -52
data/modules/mu/clouds/google/loadbalancer.rb +9 -34
data/modules/mu/clouds/google/role.rb +1211 -0
data/modules/mu/clouds/google/server.rb +491 -227
data/modules/mu/clouds/google/server_pool.rb +233 -48
data/modules/mu/clouds/google/user.rb +479 -125
data/modules/mu/clouds/google/userdata/linux.erb +3 -3
data/modules/mu/clouds/google/userdata/windows.erb +9 -9
data/modules/mu/clouds/google/vpc.rb +381 -223
data/modules/mu/config.rb +689 -214
data/modules/mu/config/bucket.rb +1 -1
data/modules/mu/config/cache_cluster.rb +1 -1
data/modules/mu/config/cache_cluster.yml +0 -4
data/modules/mu/config/container_cluster.rb +18 -9
data/modules/mu/config/database.rb +6 -23
data/modules/mu/config/firewall_rule.rb +9 -15
data/modules/mu/config/folder.rb +22 -21
data/modules/mu/config/habitat.rb +22 -21
data/modules/mu/config/loadbalancer.rb +2 -2
data/modules/mu/config/role.rb +9 -40
data/modules/mu/config/server.rb +26 -5
data/modules/mu/config/server_pool.rb +1 -1
data/modules/mu/config/storage_pool.rb +2 -2
data/modules/mu/config/user.rb +4 -0
data/modules/mu/config/vpc.rb +350 -110
data/modules/mu/defaults/{amazon_images.yaml → AWS.yaml} +37 -39
data/modules/mu/defaults/Azure.yaml +17 -0
data/modules/mu/defaults/Google.yaml +24 -0
data/modules/mu/defaults/README.md +1 -1
data/modules/mu/deploy.rb +168 -125
data/modules/mu/groomer.rb +2 -1
data/modules/mu/groomers/ansible.rb +104 -32
data/modules/mu/groomers/chef.rb +96 -44
data/modules/mu/kittens.rb +20602 -0
data/modules/mu/logger.rb +38 -11
data/modules/mu/master.rb +90 -8
data/modules/mu/master/chef.rb +2 -3
data/modules/mu/master/ldap.rb +0 -1
data/modules/mu/master/ssl.rb +250 -0
data/modules/mu/mommacat.rb +917 -513
data/modules/scratchpad.erb +1 -1
data/modules/tests/super_complex_bok.yml +0 -0
data/modules/tests/super_simple_bok.yml +0 -0
data/roles/mu-master.json +2 -1
data/spec/azure_creds +5 -0
data/spec/mu.yaml +56 -0
data/spec/mu/clouds/azure_spec.rb +164 -27
data/spec/spec_helper.rb +5 -0
data/test/clean_up.py +0 -0
data/test/exec_inspec.py +0 -0
data/test/exec_mu_install.py +0 -0
data/test/exec_retry.py +0 -0
data/test/smoke_test.rb +0 -0
metadata +90 -118
data/cookbooks/mu-jenkins/Berksfile +0 -14
data/cookbooks/mu-jenkins/CHANGELOG.md +0 -13
data/cookbooks/mu-jenkins/LICENSE +0 -37
data/cookbooks/mu-jenkins/README.md +0 -105
data/cookbooks/mu-jenkins/attributes/default.rb +0 -42
data/cookbooks/mu-jenkins/files/default/cleanup_deploy_config.xml +0 -73
data/cookbooks/mu-jenkins/files/default/deploy_config.xml +0 -44
data/cookbooks/mu-jenkins/metadata.rb +0 -21
data/cookbooks/mu-jenkins/recipes/default.rb +0 -195
data/cookbooks/mu-jenkins/recipes/node-ssh-config.rb +0 -54
data/cookbooks/mu-jenkins/recipes/public_key.rb +0 -24
data/cookbooks/mu-jenkins/templates/default/example_job.config.xml.erb +0 -24
data/cookbooks/mu-jenkins/templates/default/org.jvnet.hudson.plugins.SSHBuildWrapper.xml.erb +0 -14
data/cookbooks/mu-jenkins/templates/default/ssh_config.erb +0 -6
data/cookbooks/nagios/Berksfile +0 -11
data/cookbooks/nagios/CHANGELOG.md +0 -589
data/cookbooks/nagios/CONTRIBUTING.md +0 -11
data/cookbooks/nagios/LICENSE +0 -37
data/cookbooks/nagios/README.md +0 -328
data/cookbooks/nagios/TESTING.md +0 -2
data/cookbooks/nagios/attributes/config.rb +0 -171
data/cookbooks/nagios/attributes/default.rb +0 -228
data/cookbooks/nagios/chefignore +0 -102
data/cookbooks/nagios/definitions/command.rb +0 -33
data/cookbooks/nagios/definitions/contact.rb +0 -33
data/cookbooks/nagios/definitions/contactgroup.rb +0 -33
data/cookbooks/nagios/definitions/host.rb +0 -33
data/cookbooks/nagios/definitions/hostdependency.rb +0 -33
data/cookbooks/nagios/definitions/hostescalation.rb +0 -34
data/cookbooks/nagios/definitions/hostgroup.rb +0 -33
data/cookbooks/nagios/definitions/nagios_conf.rb +0 -38
data/cookbooks/nagios/definitions/resource.rb +0 -33
data/cookbooks/nagios/definitions/service.rb +0 -33
data/cookbooks/nagios/definitions/servicedependency.rb +0 -33
data/cookbooks/nagios/definitions/serviceescalation.rb +0 -34
data/cookbooks/nagios/definitions/servicegroup.rb +0 -33
data/cookbooks/nagios/definitions/timeperiod.rb +0 -33
data/cookbooks/nagios/libraries/base.rb +0 -314
data/cookbooks/nagios/libraries/command.rb +0 -91
data/cookbooks/nagios/libraries/contact.rb +0 -230
data/cookbooks/nagios/libraries/contactgroup.rb +0 -112
data/cookbooks/nagios/libraries/custom_option.rb +0 -36
data/cookbooks/nagios/libraries/data_bag_helper.rb +0 -23
data/cookbooks/nagios/libraries/default.rb +0 -90
data/cookbooks/nagios/libraries/host.rb +0 -412
data/cookbooks/nagios/libraries/hostdependency.rb +0 -181
data/cookbooks/nagios/libraries/hostescalation.rb +0 -173
data/cookbooks/nagios/libraries/hostgroup.rb +0 -119
data/cookbooks/nagios/libraries/nagios.rb +0 -282
data/cookbooks/nagios/libraries/resource.rb +0 -59
data/cookbooks/nagios/libraries/service.rb +0 -455
data/cookbooks/nagios/libraries/servicedependency.rb +0 -215
data/cookbooks/nagios/libraries/serviceescalation.rb +0 -195
data/cookbooks/nagios/libraries/servicegroup.rb +0 -144
data/cookbooks/nagios/libraries/timeperiod.rb +0 -160
data/cookbooks/nagios/libraries/users_helper.rb +0 -54
data/cookbooks/nagios/metadata.rb +0 -25
data/cookbooks/nagios/recipes/_load_databag_config.rb +0 -153
data/cookbooks/nagios/recipes/_load_default_config.rb +0 -241
data/cookbooks/nagios/recipes/apache.rb +0 -48
data/cookbooks/nagios/recipes/default.rb +0 -204
data/cookbooks/nagios/recipes/nginx.rb +0 -82
data/cookbooks/nagios/recipes/pagerduty.rb +0 -143
data/cookbooks/nagios/recipes/server_package.rb +0 -40
data/cookbooks/nagios/recipes/server_source.rb +0 -164
data/cookbooks/nagios/templates/default/apache2.conf.erb +0 -96
data/cookbooks/nagios/templates/default/cgi.cfg.erb +0 -266
data/cookbooks/nagios/templates/default/commands.cfg.erb +0 -13
data/cookbooks/nagios/templates/default/contacts.cfg.erb +0 -37
data/cookbooks/nagios/templates/default/hostgroups.cfg.erb +0 -25
data/cookbooks/nagios/templates/default/hosts.cfg.erb +0 -15
data/cookbooks/nagios/templates/default/htpasswd.users.erb +0 -6
data/cookbooks/nagios/templates/default/nagios.cfg.erb +0 -22
data/cookbooks/nagios/templates/default/nginx.conf.erb +0 -62
data/cookbooks/nagios/templates/default/pagerduty.cgi.erb +0 -185
data/cookbooks/nagios/templates/default/resource.cfg.erb +0 -27
data/cookbooks/nagios/templates/default/servicedependencies.cfg.erb +0 -15
data/cookbooks/nagios/templates/default/servicegroups.cfg.erb +0 -14
data/cookbooks/nagios/templates/default/services.cfg.erb +0 -14
data/cookbooks/nagios/templates/default/templates.cfg.erb +0 -31
data/cookbooks/nagios/templates/default/timeperiods.cfg.erb +0 -13
data/extras/image-generators/aws/centos6.yaml +0 -18
data/modules/mu/defaults/google_images.yaml +0 -16
data/roles/mu-master-jenkins.json +0 -24

data/cookbooks/mu-jenkins/Berksfile DELETED

@@ -1,14 +0,0 @@
-source 'https://supermarket.chef.io'
-source chef_repo: ".."
-metadata
-# Mu Cookbooks
-cookbook 'mu-master'
-cookbook 'mu-utility'
-cookbook 'mu-tools'
-# Supermarket Cookbooks
-cookbook 'java', '~> 2.2.0'
-cookbook 'jenkins', '~> 6.2.0'
-cookbook 'chef-vault', '~> 3.1.1'

data/cookbooks/mu-jenkins/CHANGELOG.md DELETED

@@ -1,13 +0,0 @@
-mu-jenkins CHANGELOG
-====================
-This file is used to list changes made in each version of the mu-jenkins cookbook.
-0.1.0
------
-- [your_name] - Initial release of mu-jenkins
-- - -
-Check the [Markdown Syntax Guide](http://daringfireball.net/projects/markdown/syntax) for help with Markdown.
-The [Github Flavored Markdown page](http://github.github.com/github-flavored-markdown/) describes the differences between markdown on github and standard markdown.

data/cookbooks/mu-jenkins/LICENSE DELETED

@@ -1,37 +0,0 @@
-Through accessing, reading, or utilizing this software in any manner whatsoever
-or through any means whatsoever, whether the access, reading or use is either
-solely looking at this software or this software has been integrated into any
-derivative work, the party accessing,  reading, or utilizing the software
-directly or indirectly agrees to abide by the following license.
-The eGlobalTech Cloud Automation Platform is the Copyright (c) 2014 of Global
-Tech Inc. All rights reserved.
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
-1. Redistributions of source code must retain the above copyright notice, this
-list of conditions and the following disclaimer.
-2. Redistributions in binary form must reproduce the above copyright notice,
-this list of conditions and the following disclaimer in the documentation
-and/or other materials provided with the distribution.
-3. Neither the name of the copyright holder nor the names of its contributors
-may be used to endorse or promote products derived from this software without
-specific prior written permission.
-Global Tech, Inc. is the co-owner of any derivative works created with this
-software.
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
-OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

data/cookbooks/mu-jenkins/README.md DELETED

@@ -1,105 +0,0 @@
-mu-jenkins Cookbook
-===================
-This cookbook creates a working Jenkins installation.  It can be deployed on a standalone node (see demo/jenkins.yaml) or as a Jenkins server on the mu-master itself.
-Requirements
-------------
-This is a wrapper cookbook that is meant to be run after a Jenkins install using the Jenkins community cookbook. The recipe uses some groovy scripts to manage jenkins authentication from chef itself, and create an additional administrave Jenkins user for interactive work.
-A jenkins vault must be present before invoking.  Two items are required
--  A users item containing passwords for each user enumerated in the default.jenkins_users attribute (see below).  The mu-user password is required, as we need at least one interactive Jenkins user
--  An admin item containing a public and private keypair that will be used by chef to authenticate to Jenkins after disabling anonymous authentication, and a username for this user
-A third optional ssh item is used to store a keypair used by Jenkins to SSH to other nodes, to allow Jenkins to run code locally as part of a Jenkins job.
-Create the vault items along these lines:
-admin:
-```
-#!/usr/local/ruby-current/bin/ruby
-require "openssl"
-require 'net/ssh'
-key = OpenSSL::PKey::RSA.new 2048
-public_key = "#{key.public_key.ssh_type} #{[key.public_key.to_blob].pack('m0')}"
-vault_opts="--mode client -u mu -F json"
-vault_cmd = "knife vault create jenkins admin '{ \"public_key\":\"#{public_key}\", \"private_key\":\"#{key.to_pem.chomp!.gsub(/\n/, "\\n")}\", \"username\": \"master_user\" }' #{vault_opts} --search name:MU-MASTER"
-exec vault_cmd
-```
-users:
-```knife vault create jenkins users '{"mu_user_password":"feefiefoefum"}'  --mode client -F json -u mu --search name:MU-MASTER```
-#### packages
-- `java` - jenkins needs Java to run
-- `jenkins` - mu-jenkins needs jenkins to actually be installed
-Attributes
-----------
-Some basic attributes on the java install and node address, plus Jenkins specifics:
-#### mu-jenkins::default
-<table>
-  <tr>
-    <th>Key</th>
-    <th>Type</th>
-    <th>Description</th>
-    <th>Default</th>
-  </tr>
-  <tr>
-    <td><tt>default.jenkins_users</tt></td>
-    <td>Hash</td>
-    <td>Jenkins users to create with their properties (excepting password) and a single vault to retrieve creds from</td>
-    <td><tt>:user_name => "mu_user", :fullname => "Mu-Demo-User", :email => "mu-developers@googlegroups.com", :vault => "jenkins", :vault_item => "users"}</tt></td>
-  </tr>
-  <tr>
-    <td><tt>default.jenkins_ssh_urls</tt></td>
-    <td>Array</td>
-    <td>IP addresses / DNS names of nodes Jenkins will SSH into</td>
-    <td><tt>[node[:ipaddress]]</tt></td>
-  </tr>
-  <tr>
-    <td><tt>default.jenkins_plugins</tt></td>
-    <td>Whitespace string</td>
-    <td>plugins to install</td>
-    <td><tt>%w{github ssh deploy}</tt></td>
-  </tr>
-  <tr>
-    <td><tt>default.jenkins_ssh_vault</tt></td>
-    <td>Hash</td>
-    <td>Preexisting vault containing a public private keypair that will be used to SSH to other nodes</td>
-    <td><tt>:vault => "jenkins", :item => "ssh"</tt></td>
-  </tr>
-  <tr>
-    <td><tt>default.jenkins_admin_vault</tt></td>
-    <td>Hash</td>
-    <td>Preexisting vault containing a public private keypair used by Chef to authenticate to Jenkins. This also include the username of the Jenkins user</td>
-    <td><tt>:vault => "jenkins", :item => "admin"</tt></td>
-  </tr>
-</table>
-Usage
------
-#### mu-jenkins::default
-This cookbook can run in a standalone mode which creates a basic Jenkins install on a target node, or a mu-master mode which creates a Jenkins server on a mu master.
-In either case the runlist will look like:
-```    run_list:
-    - recipe[java]
-    - recipe[jenkins::master]
-    - recipe[mu-jenkins]
-```
-In the mu-master mode the cookbook is invoked with the role[mu-master-jenkins], which adds some attributes to trigger the jenkins-apache recipe, which places Jenkins behind a mu-master apache reverse proxy:
-    chef-client -l info -o recipe[java],recipe[jenkins::master],recipe[mu-jenkins]
-Contributing
-------------
-Usual Cloudamatic process via pull request
-License and Authors
--------------------
-Authors: Ami Rahav, Robert Patt-Corner

data/cookbooks/mu-jenkins/attributes/default.rb DELETED

@@ -1,42 +0,0 @@
-default['jenkins_users'] = [
-#  {:user_name => "mu_user", :fullname => "Mu-Demo-User", :email => ENV['MU_ADMIN_EMAIL'], :vault => "jenkins", :vault_item => "users"}
-]
-default['jenkins_ssh_urls'] = [node['ipaddress']]
-default['jenkins_plugins'] = %w{
-  token-macro git github deploy ldap scm-api git-client active-directory
-  ansicolor matrix-auth matrix-project workflow-scm-step junit workflow-api
-  workflow-step-api ssh credentials ssh-credentials plain-credentials mailer
-  display-url-api structs script-security jackson2-api
-}
-default['jenkins_ports_direct'] = %w{8080 443}
-default['jenkins']['master']['jenkins_args'] = "" if default['jenkins']['master']['jenkins_args'].nil?
-jenkins_args = "" if node['jenkins']['master']['jenkins_args'].nil?
-override['jenkins']['master']['jenkins_args'] = "#{jenkins_args} --prefix=/jenkins"
-default['jenkins']['master']['jvm_options'] = '-Xmx1024m -Djenkins.install.runSetupWizard=false'
-alpn_version = '8.1.11.v20170118'
-default['jenkins']['alpn']['version'] = alpn_version
-default['jenkins']['alpn']['download_link'] = "http://central.maven.org/maven2/org/mortbay/jetty/alpn/alpn-boot/#{alpn_version}/alpn-boot-#{alpn_version}.jar"
-# This isn't really true, but the Java libraries lose their minds over
-# self-signed SSL certs like the one you'll usually find on
-# https://#{$MU_CFG['public_address']}/jenkins (the real URL)
-default['jenkins']['master']['endpoint'] = "http://localhost:8080/jenkins"
-default['jenkins_ssh_vault'] = {
-    :vault => "jenkins", :item => "ssh"
-}
-default['jenkins_admin_vault'] = {
-    :vault => "jenkins", :item => "admin"
-}
-override['java']['jdk_version'] = 8
-override['java']['flavor'] = 'oracle'
-override['java']['jdk']['8']['x86_64']['url'] = 'http://download.oracle.com/otn-pub/java/jdk/8u131-b11/d54c1d3a095b4ff2b6607d096fa80163/jdk-8u131-linux-x64.tar.gz'
-override['java']['jdk']['8']['x86_64']['checksum'] = '75b2cb2249710d822a60f83e28860053'
-override["java"]["oracle"]["accept_oracle_download_terms"] = true
-override['java']['oracle']['jce']['enabled'] = true

data/cookbooks/mu-jenkins/files/default/cleanup_deploy_config.xml DELETED

@@ -1,73 +0,0 @@
-<?xml version='1.0' encoding='UTF-8'?>
-<project>
-  <actions/>
-  <description>Clean up an extant Cloudamatic Deploy</description>
-  <keepDependencies>false</keepDependencies>
-  <properties>
-    <hudson.security.AuthorizationMatrixProperty>
-      <blocksInheritance>true</blocksInheritance>
-      <permission>hudson.model.Item.Cancel:master_user</permission>
-      <permission>hudson.model.Item.Cancel:mu_user</permission>
-      <permission>hudson.model.Item.Delete:master_user</permission>
-      <permission>hudson.model.Item.Delete:mu_user</permission>
-      <permission>hudson.model.Item.Read:master_user</permission>
-      <permission>hudson.model.Item.Read:mu_user</permission>
-      <permission>hudson.model.Item.Workspace:master_user</permission>
-      <permission>hudson.model.Item.Workspace:mu_user</permission>
-      <permission>hudson.model.Item.Build:master_user</permission>
-      <permission>hudson.model.Item.Build:mu_user</permission>
-      <permission>hudson.model.Item.Move:master_user</permission>
-      <permission>hudson.model.Item.Move:mu_user</permission>
-      <permission>hudson.model.Item.Configure:master_user</permission>
-      <permission>hudson.model.Item.Configure:mu_user</permission>
-      <permission>hudson.model.Item.Discover:master_user</permission>
-      <permission>hudson.model.Item.Discover:mu_user</permission>
-    </hudson.security.AuthorizationMatrixProperty>
-    <hudson.model.ParametersDefinitionProperty>
-      <parameterDefinitions>
-        <com.seitenbau.jenkins.plugins.dynamicparameter.ChoiceParameterDefinition plugin="dynamicparameter@0.2.0">
-          <name>Target_Deploy</name>
-          <description></description>
-          <__uuid>8a5d5b3c-c975-44f8-a1e2-7d3c4f3306f8</__uuid>
-          <__remote>false</__remote>
-          <__script>def proc = &quot;ls -1a /home/jenkins/.mu/var/deployments/&quot;.execute()
-            def b = new StringBuffer()
-            proc.consumeProcessErrorStream(b)
-            def list = proc.text.readLines()
-          </__script>
-          <__localBaseDirectory serialization="custom">
-            <hudson.FilePath>
-              <default>
-                <remote>/home/jenkins/dynamic_parameter/classpath</remote>
-              </default>
-              <boolean>true</boolean>
-            </hudson.FilePath>
-          </__localBaseDirectory>
-          <__remoteBaseDirectory>dynamic_parameter_classpath</__remoteBaseDirectory>
-          <__classPath></__classPath>
-          <readonlyInputField>false</readonlyInputField>
-        </com.seitenbau.jenkins.plugins.dynamicparameter.ChoiceParameterDefinition>
-      </parameterDefinitions>
-    </hudson.model.ParametersDefinitionProperty>
-  </properties>
-  <scm class="hudson.scm.NullSCM"/>
-  <canRoam>true</canRoam>
-  <disabled>false</disabled>
-  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
-  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
-  <triggers/>
-  <concurrentBuild>false</concurrentBuild>
-  <builders>
-    <hudson.tasks.Shell>
-      <command>source ~/.murc
-        mu-cleanup $Target_Deploy
-      </command>
-    </hudson.tasks.Shell>
-  </builders>
-  <publishers/>
-  <buildWrappers>
-    <hudson.plugins.ansicolor.AnsiColorBuildWrapper plugin="ansicolor@0.4.1">
-      <colorMapName>xterm</colorMapName>
-    </hudson.plugins.ansicolor.AnsiColorBuildWrapper>
-  </buildWrappers>
-</project>

data/cookbooks/mu-jenkins/files/default/deploy_config.xml DELETED

@@ -1,44 +0,0 @@
-<project>
-  <actions/>
-  <description></description>
-  <keepDependencies>false</keepDependencies>
-  <properties>
-    <hudson.security.AuthorizationMatrixProperty>
-      <blocksInheritance>true</blocksInheritance>
-      <permission>hudson.model.Item.Cancel:master_user</permission>
-      <permission>hudson.model.Item.Cancel:mu_user</permission>
-      <permission>hudson.model.Item.Delete:master_user</permission>
-      <permission>hudson.model.Item.Delete:mu_user</permission>
-      <permission>hudson.model.Item.Read:master_user</permission>
-      <permission>hudson.model.Item.Read:mu_user</permission>
-      <permission>hudson.model.Item.Workspace:master_user</permission>
-      <permission>hudson.model.Item.Workspace:mu_user</permission>
-      <permission>hudson.model.Item.Build:master_user</permission>
-      <permission>hudson.model.Item.Build:mu_user</permission>
-      <permission>hudson.model.Item.Move:master_user</permission>
-      <permission>hudson.model.Item.Move:mu_user</permission>
-      <permission>hudson.model.Item.Configure:master_user</permission>
-      <permission>hudson.model.Item.Configure:mu_user</permission>
-      <permission>hudson.model.Item.Discover:master_user</permission>
-      <permission>hudson.model.Item.Discover:mu_user</permission>
-    </hudson.security.AuthorizationMatrixProperty>
-  </properties>
-  <scm class="hudson.scm.NullSCM"/>
-  <canRoam>true</canRoam>
-  <disabled>false</disabled>
-  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
-  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
-  <triggers/>
-  <concurrentBuild>false</concurrentBuild>
-  <builders>
-    <hudson.tasks.Shell>
-      <command>/opt/mu/bin/mu-deploy /opt/mu/lib/demo/simple-server.yaml</command>
-    </hudson.tasks.Shell>
-  </builders>
-  <publishers/>
-  <buildWrappers>
-    <hudson.plugins.ansicolor.AnsiColorBuildWrapper plugin="ansicolor@0.4.1">
-      <colorMapName>xterm</colorMapName>
-    </hudson.plugins.ansicolor.AnsiColorBuildWrapper>
-  </buildWrappers>
-</project>

data/cookbooks/mu-jenkins/metadata.rb DELETED

@@ -1,21 +0,0 @@
-name 'mu-jenkins'
-maintainer 'eGlobalTech, Inc'
-maintainer_email 'mu-developers@googlegroups.com'
-license 'BSD-3-Clause'
-description 'Installs/Configures mu-jenkins'
-long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
-source_url 'https://github.com/cloudamatic/mu'
-issues_url 'https://github.com/cloudamatic/mu/issues'
-chef_version '>= 12.1' if respond_to?(:chef_version)
-version '0.6.0'
-%w( amazon centos redhat windows ).each do |os|
-	supports os
-end
-depends 'java', '~> 2.2.0'
-depends 'jenkins', '~> 6.2.0'
-depends 'chef-vault', '~> 3.1.1'
-depends 'mu-master'
-depends 'mu-utility'
-depends 'mu-tools'

data/cookbooks/mu-jenkins/recipes/default.rb DELETED

@@ -1,195 +0,0 @@
-# Cookbook Name:: mu-jenkins
-# Recipe:: default
-#
-# Copyright 2015, eGlobalTech, Inc
-#
-# All rights reserved - Do Not Redistribute
-#
-include_recipe 'mu-tools::disable-requiretty'
-include_recipe 'chef-vault'
-directory "/opt/java_jce" do
-  mode 0755
-end
-admin_vault = chef_vault_item(node['jenkins_admin_vault']['vault'], node['jenkins_admin_vault']['item'])
-directory "Mu Jenkins home #{node['jenkins']['master']['home']}" do
-  path node['jenkins']['master']['home']
-  owner "jenkins"
-  recursive true
-  notifies :restart, 'service[jenkins]', :immediately
-end
-package %w{git bzip2}
-#remote_file "#{node['jenkins']['master']['home']}/plugins/mailer.jpi" do
-#  source "http://updates.jenkins-ci.org/latest/mailer.hpi"
-#  owner "jenkins"
-#end
-ruby_block 'wait for jenkins' do
-  block do
-    sleep 30
-  end
-  action :nothing
-end
-# If security was enabled in a previous chef run then set the private key in the run_state
-# now as required by the Jenkins cookbook
-if node['application_attributes']['jenkins_auth_set']
-ruby_block 'set jenkins private key' do
-  block do
-    Chef::Log.info("Setting the previously enabled jenkins private key")
-    node.run_state[:jenkins_private_key] = admin_vault['private_key'].strip
-  end
-end
-end
-restart_jenkins = false
-directory "mu-jenkins fix #{Chef::Config[:file_cache_path]} perms" do
-  path Chef::Config[:file_cache_path]
-  mode 0755
-end
-cacheparent = File.expand_path("..", Chef::Config[:file_cache_path])
-directory "mu-jenkins fix #{cacheparent} perms" do
-  path cacheparent
-  mode 0755
-end
-# Download ALPN Jar file and fix to JENKINS_JAVA_OPTIONS
-# open_jdk_version = `java -version 2>&1`
-open_jdk_version = shell_out('java -version 2>&1').stdout.str
-if open_jdk_version.include?("openjdk version \"1.8") and node['platform_family'] == 'rhel'
-  remote_file 'download_anlp_jar' do
-    source node['jenkins']['alpn']['download_link']
-    path "/home/jenkins/alpn-boot-#{node['jenkins']['alpn']['version']}.jar"
-    owner "jenkins"
-    notifies :restart, "service[jenkins]",:delayed
-  end
-  service "jenkins" do
-    action :nothing
-  end
-end
-node['jenkins_plugins'].each { |plugin|
-#  if !::File.exist?("#{node['jenkins']['master']['home']}/plugins/#{plugin}.jpi")
-#    restart_jenkins = true
-#  end
-# XXX this runs as the 'jenkins' user, yet download the files as 0600/root
-  jenkins_plugin plugin
-  # do
-    # notifies :restart, 'service[jenkins]', :delayed
-    #not_if { ::File.exist?("#{node['jenkins']['master']['home']}/plugins/#{plugin}.jpi") }
-  # end
-}
-if !node['application_attributes']['jenkins_auth_set']
-  jenkins_command 'safe-restart'
-  jenkins_private_key_credentials admin_vault['username'] do
-    id '1671945-9fa7-4d24-ac87-51ea3b2aef4c'
-    description admin_vault['username']
-    private_key admin_vault['private_key'].strip
-  end
-end
-# The Jenkins service user that this cookbook uses MUST exist in our directory
-mu_master_user admin_vault['username'] do
-  realname admin_vault['username']
-#  email $MU_CFG['jenkins']['admin_email'] || $MU_CFG['admin_email']
-  email "mu-developers@googlegroups.com"
-end
-# Add the admin user only if it has not been added already then notify the resource
-# to configure the permissions for the admin user.  Note that we check for existence of jenkins_auth_set,
-# not value
-jenkins_user admin_vault['username'] do
-  full_name admin_vault['username']
-  email "mu-developers@googlegroups.com"
-  public_keys [admin_vault['public_key'].strip]
-  #not_if { node['application_attributes'].attribute?('jenkins_auth_set') }
-end
-# Configure the permissions so that login is required and the admin user is an administrator
-# after this point the private key will be required to execute jenkins scripts (including querying
-# if users exist) so we notify the `set the security_enabled flag` resource to set this up.
-# Also note that since Jenkins 1.556 the private key cannot be used until after the admin user
-# has been added to the security realm
-uidsearch = "uid={0}"
-uidsearch = "sAMAccountName={0}" if $MU_CFG['ldap']['type'] == "Active Directory"
-membersearch = "(| (member={0}) (uniqueMember={0}) (memberUid={1}))"
-membersearch = "memberUid={0}" if $MU_CFG['ldap']['type'] == "389 Directory Services"
-bind_creds = chef_vault_item($MU_CFG['ldap']['bind_creds']['vault'], $MU_CFG['ldap']['bind_creds']['item'])
-jenkins_admins = ::MU::Master.listUsers.delete_if { |_u, data| !data['admin'] }.keys
-#jenkins_regular = ::MU::Master.listUsers.delete_if { |u, data| data['admin'] or u == "jenkins" }.keys
-regular_user_perms = ["Item.BUILD", "Item.CREATE", "Item.DISCOVER", "Item.READ"]
-jenkins_script 'configure_jenkins_auth' do
-  command <<-EOH.gsub(/^ {4}/, '')
-  import jenkins.model.*
-  import hudson.security.*
-  import org.jenkinsci.plugins.*
-  def instance = Jenkins.getInstance()
-  def hudsonRealm = new HudsonPrivateSecurityRealm(false)
-  String groupSearchFilter = 'memberUid={0}'
-  SecurityRealm ldapRealm = new LDAPSecurityRealm(server='ldap://#{$MU_CFG['ldap']['dcs'].first}', rootDN = '#{$MU_CFG['ldap']['base_dn']}', userSearchBase='#{$MU_CFG['ldap']['user_ou'].sub(/,.*/, "")}', userSearch="#{uidsearch}", groupSearchBase='#{$MU_CFG['ldap']['group_ou'].sub(/,.*/, "")}', groupSearchFilter="", groupMembershipFilter = '#{membersearch}', managerDN = '#{bind_creds[$MU_CFG['ldap']['bind_creds']['username_field']]}', managerPasswordSecret = '#{bind_creds[$MU_CFG['ldap']['bind_creds']['password_field']]}', inhibitInferRootDN = false, disableMailAddressResolver = false, cache = null)
-  instance.setSecurityRealm(ldapRealm)
-  def strategy = new ProjectMatrixAuthorizationStrategy()
-  strategy.add(Jenkins.ADMINISTER, "#{$MU_CFG['ldap']['admin_group_name']}")
-  strategy.add(Jenkins.ADMINISTER, "#{admin_vault['username']}")
-  #{jenkins_admins.map { |u| "strategy.add(Jenkins.ADMINISTER, \"#{u}\")" }.join("\n")}
-  strategy.add(Jenkins.READ, "authenticated")
-  #{regular_user_perms.map { |p| "strategy.add(hudson.model.#{p}, \"authenticated\")" }.join("\n")}
-  instance.setAuthorizationStrategy(strategy)
-  instance.save()
-  EOH
-#  not_if "grep managerDN #{node['jenkins']['master']['home']}/config.xml | grep #{bind_creds[$MU_CFG['ldap']['bind_creds']['username_field']]}"
-  notifies :run, 'ruby_block[configure_jenkins_auth_set]', :immediately
-  action :nothing unless !::File.size?("#{node['jenkins']['master']['home']}/config.xml") or !::File.read("#{node['jenkins']['master']['home']}/config.xml").match(bind_creds[$MU_CFG['ldap']['bind_creds']['username_field']])
-end
-file "#{node['jenkins']['master']['home']}/user-list-chef-guard" do
-  content "
-#{jenkins_admins.map { |u| "strategy.add(Jenkins.ADMINISTER, \"#{u}\")" }.join("\n")}
-#{regular_user_perms.map { |p| "strategy.add(Jenkins.#{p}, \"authenticated\")" }.join("\n")}
-#{bind_creds[$MU_CFG['ldap']['bind_creds']['username_field']]}
-"
-  notifies :execute, "jenkins_script[configure_jenkins_auth]", :immediately
-end
-# Set the security enabled flag and set the run_state to use the configured private key
-ruby_block 'configure_jenkins_auth_set' do
-  block do
-    node.run_state[:jenkins_private_key] = admin_vault['private_key'].strip
-    node.normal['application_attributes']['jenkins_auth_set'] = true
-    node.save
-  end
-  action :nothing
-end
-# Configure users from the vault
-#node['jenkins_users'].each { |user|
-#  user_vault = chef_vault_item(user[:vault], user[:vault_item])
-#
-#  # XXX This is dangerous. What if we stupidly step on the account of a
-#  # "real" user?
-#  ::MU::Master::LDAP.manageUser(user[:user_name], name: user[:fullname], password: user_vault[user[:user_name]+"_password"], admin: false, email: user[:email])
-#  jenkins_user user[:user_name] do
-#    full_name user[:fullname]
-#    email user[:email]
-#    password user_vault["#{user[:user_name]}_password"]
-#    sensitive true
-#  end
-#}