cloud-mu 3.1.2 → 3.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Dockerfile +15 -3
- data/ansible/roles/mu-windows/README.md +33 -0
- data/ansible/roles/mu-windows/defaults/main.yml +2 -0
- data/ansible/roles/mu-windows/files/LaunchConfig.json +9 -0
- data/ansible/roles/mu-windows/files/config.xml +76 -0
- data/ansible/roles/mu-windows/handlers/main.yml +2 -0
- data/ansible/roles/mu-windows/meta/main.yml +53 -0
- data/ansible/roles/mu-windows/tasks/main.yml +36 -0
- data/ansible/roles/mu-windows/tests/inventory +2 -0
- data/ansible/roles/mu-windows/tests/test.yml +5 -0
- data/ansible/roles/mu-windows/vars/main.yml +2 -0
- data/bin/mu-adopt +10 -13
- data/bin/mu-azure-tests +57 -0
- data/bin/mu-cleanup +2 -4
- data/bin/mu-configure +52 -0
- data/bin/mu-deploy +3 -3
- data/bin/mu-findstray-tests +25 -0
- data/bin/mu-gen-docs +2 -4
- data/bin/mu-load-config.rb +2 -3
- data/bin/mu-node-manage +15 -16
- data/bin/mu-run-tests +135 -37
- data/cloud-mu.gemspec +22 -20
- data/cookbooks/mu-activedirectory/resources/domain.rb +4 -4
- data/cookbooks/mu-activedirectory/resources/domain_controller.rb +4 -4
- data/cookbooks/mu-tools/libraries/helper.rb +3 -2
- data/cookbooks/mu-tools/libraries/monkey.rb +35 -0
- data/cookbooks/mu-tools/recipes/apply_security.rb +14 -14
- data/cookbooks/mu-tools/recipes/aws_api.rb +9 -0
- data/cookbooks/mu-tools/recipes/eks.rb +2 -2
- data/cookbooks/mu-tools/recipes/google_api.rb +2 -2
- data/cookbooks/mu-tools/recipes/selinux.rb +2 -1
- data/cookbooks/mu-tools/recipes/windows-client.rb +163 -164
- data/cookbooks/mu-tools/resources/disk.rb +1 -1
- data/cookbooks/mu-tools/resources/windows_users.rb +44 -43
- data/extras/clean-stock-amis +25 -19
- data/extras/generate-stock-images +1 -0
- data/extras/image-generators/AWS/win2k12.yaml +18 -13
- data/extras/image-generators/AWS/win2k16.yaml +18 -13
- data/extras/image-generators/AWS/win2k19.yaml +21 -0
- data/extras/image-generators/Google/centos6.yaml +1 -0
- data/extras/image-generators/Google/centos7.yaml +1 -1
- data/modules/mommacat.ru +6 -16
- data/modules/mu.rb +165 -111
- data/modules/mu/adoption.rb +401 -68
- data/modules/mu/cleanup.rb +199 -306
- data/modules/mu/cloud.rb +100 -1632
- data/modules/mu/cloud/database.rb +49 -0
- data/modules/mu/cloud/dnszone.rb +46 -0
- data/modules/mu/cloud/machine_images.rb +212 -0
- data/modules/mu/cloud/providers.rb +81 -0
- data/modules/mu/cloud/resource_base.rb +920 -0
- data/modules/mu/cloud/server.rb +40 -0
- data/modules/mu/cloud/server_pool.rb +1 -0
- data/modules/mu/cloud/ssh_sessions.rb +228 -0
- data/modules/mu/cloud/winrm_sessions.rb +237 -0
- data/modules/mu/cloud/wrappers.rb +165 -0
- data/modules/mu/config.rb +171 -1767
- data/modules/mu/config/alarm.rb +2 -6
- data/modules/mu/config/bucket.rb +4 -4
- data/modules/mu/config/cache_cluster.rb +1 -1
- data/modules/mu/config/collection.rb +4 -4
- data/modules/mu/config/container_cluster.rb +9 -4
- data/modules/mu/config/database.rb +83 -104
- data/modules/mu/config/database.yml +1 -2
- data/modules/mu/config/dnszone.rb +6 -6
- data/modules/mu/config/doc_helpers.rb +516 -0
- data/modules/mu/config/endpoint.rb +4 -4
- data/modules/mu/config/firewall_rule.rb +103 -4
- data/modules/mu/config/folder.rb +4 -4
- data/modules/mu/config/function.rb +3 -3
- data/modules/mu/config/group.rb +4 -4
- data/modules/mu/config/habitat.rb +4 -4
- data/modules/mu/config/loadbalancer.rb +60 -14
- data/modules/mu/config/log.rb +4 -4
- data/modules/mu/config/msg_queue.rb +4 -4
- data/modules/mu/config/nosqldb.rb +4 -4
- data/modules/mu/config/notifier.rb +3 -3
- data/modules/mu/config/ref.rb +365 -0
- data/modules/mu/config/role.rb +4 -4
- data/modules/mu/config/schema_helpers.rb +509 -0
- data/modules/mu/config/search_domain.rb +4 -4
- data/modules/mu/config/server.rb +97 -70
- data/modules/mu/config/server.yml +1 -0
- data/modules/mu/config/server_pool.rb +5 -9
- data/modules/mu/config/storage_pool.rb +1 -1
- data/modules/mu/config/tail.rb +200 -0
- data/modules/mu/config/user.rb +4 -4
- data/modules/mu/config/vpc.rb +70 -27
- data/modules/mu/config/vpc.yml +0 -1
- data/modules/mu/defaults/AWS.yaml +83 -60
- data/modules/mu/defaults/Azure.yaml +1 -0
- data/modules/mu/defaults/Google.yaml +3 -2
- data/modules/mu/deploy.rb +30 -26
- data/modules/mu/groomer.rb +17 -2
- data/modules/mu/groomers/ansible.rb +188 -41
- data/modules/mu/groomers/chef.rb +116 -55
- data/modules/mu/logger.rb +127 -148
- data/modules/mu/master.rb +389 -2
- data/modules/mu/master/chef.rb +3 -4
- data/modules/mu/master/ldap.rb +3 -3
- data/modules/mu/master/ssl.rb +12 -3
- data/modules/mu/mommacat.rb +217 -2612
- data/modules/mu/mommacat/daemon.rb +397 -0
- data/modules/mu/mommacat/naming.rb +473 -0
- data/modules/mu/mommacat/search.rb +495 -0
- data/modules/mu/mommacat/storage.rb +722 -0
- data/modules/mu/{clouds → providers}/README.md +1 -1
- data/modules/mu/{clouds → providers}/aws.rb +271 -112
- data/modules/mu/{clouds → providers}/aws/alarm.rb +5 -3
- data/modules/mu/{clouds → providers}/aws/bucket.rb +26 -22
- data/modules/mu/{clouds → providers}/aws/cache_cluster.rb +33 -67
- data/modules/mu/{clouds → providers}/aws/collection.rb +24 -23
- data/modules/mu/{clouds → providers}/aws/container_cluster.rb +681 -721
- data/modules/mu/providers/aws/database.rb +1744 -0
- data/modules/mu/{clouds → providers}/aws/dnszone.rb +64 -63
- data/modules/mu/{clouds → providers}/aws/endpoint.rb +22 -27
- data/modules/mu/{clouds → providers}/aws/firewall_rule.rb +214 -244
- data/modules/mu/{clouds → providers}/aws/folder.rb +7 -7
- data/modules/mu/{clouds → providers}/aws/function.rb +17 -22
- data/modules/mu/{clouds → providers}/aws/group.rb +23 -23
- data/modules/mu/{clouds → providers}/aws/habitat.rb +17 -14
- data/modules/mu/{clouds → providers}/aws/loadbalancer.rb +57 -48
- data/modules/mu/{clouds → providers}/aws/log.rb +15 -12
- data/modules/mu/{clouds → providers}/aws/msg_queue.rb +17 -16
- data/modules/mu/{clouds → providers}/aws/nosqldb.rb +18 -11
- data/modules/mu/{clouds → providers}/aws/notifier.rb +11 -6
- data/modules/mu/{clouds → providers}/aws/role.rb +112 -86
- data/modules/mu/{clouds → providers}/aws/search_domain.rb +39 -33
- data/modules/mu/{clouds → providers}/aws/server.rb +835 -1133
- data/modules/mu/{clouds → providers}/aws/server_pool.rb +56 -60
- data/modules/mu/{clouds → providers}/aws/storage_pool.rb +24 -42
- data/modules/mu/{clouds → providers}/aws/user.rb +21 -22
- data/modules/mu/{clouds → providers}/aws/userdata/README.md +0 -0
- data/modules/mu/{clouds → providers}/aws/userdata/linux.erb +0 -0
- data/modules/mu/{clouds → providers}/aws/userdata/windows.erb +2 -1
- data/modules/mu/{clouds → providers}/aws/vpc.rb +523 -929
- data/modules/mu/providers/aws/vpc_subnet.rb +286 -0
- data/modules/mu/{clouds → providers}/azure.rb +29 -9
- data/modules/mu/{clouds → providers}/azure/container_cluster.rb +3 -8
- data/modules/mu/{clouds → providers}/azure/firewall_rule.rb +18 -11
- data/modules/mu/{clouds → providers}/azure/habitat.rb +8 -6
- data/modules/mu/{clouds → providers}/azure/loadbalancer.rb +5 -5
- data/modules/mu/{clouds → providers}/azure/role.rb +8 -10
- data/modules/mu/{clouds → providers}/azure/server.rb +95 -48
- data/modules/mu/{clouds → providers}/azure/user.rb +6 -8
- data/modules/mu/{clouds → providers}/azure/userdata/README.md +0 -0
- data/modules/mu/{clouds → providers}/azure/userdata/linux.erb +0 -0
- data/modules/mu/{clouds → providers}/azure/userdata/windows.erb +0 -0
- data/modules/mu/{clouds → providers}/azure/vpc.rb +16 -21
- data/modules/mu/{clouds → providers}/cloudformation.rb +18 -7
- data/modules/mu/{clouds → providers}/cloudformation/alarm.rb +3 -3
- data/modules/mu/{clouds → providers}/cloudformation/cache_cluster.rb +3 -3
- data/modules/mu/{clouds → providers}/cloudformation/collection.rb +3 -3
- data/modules/mu/{clouds → providers}/cloudformation/database.rb +6 -17
- data/modules/mu/{clouds → providers}/cloudformation/dnszone.rb +3 -3
- data/modules/mu/{clouds → providers}/cloudformation/firewall_rule.rb +3 -3
- data/modules/mu/{clouds → providers}/cloudformation/loadbalancer.rb +3 -3
- data/modules/mu/{clouds → providers}/cloudformation/log.rb +3 -3
- data/modules/mu/{clouds → providers}/cloudformation/server.rb +7 -7
- data/modules/mu/{clouds → providers}/cloudformation/server_pool.rb +5 -5
- data/modules/mu/{clouds → providers}/cloudformation/vpc.rb +5 -7
- data/modules/mu/{clouds → providers}/docker.rb +0 -0
- data/modules/mu/{clouds → providers}/google.rb +67 -30
- data/modules/mu/{clouds → providers}/google/bucket.rb +13 -15
- data/modules/mu/{clouds → providers}/google/container_cluster.rb +84 -77
- data/modules/mu/{clouds → providers}/google/database.rb +10 -20
- data/modules/mu/{clouds → providers}/google/firewall_rule.rb +15 -14
- data/modules/mu/{clouds → providers}/google/folder.rb +20 -17
- data/modules/mu/{clouds → providers}/google/function.rb +139 -167
- data/modules/mu/{clouds → providers}/google/group.rb +29 -34
- data/modules/mu/{clouds → providers}/google/habitat.rb +21 -22
- data/modules/mu/{clouds → providers}/google/loadbalancer.rb +18 -20
- data/modules/mu/{clouds → providers}/google/role.rb +92 -58
- data/modules/mu/{clouds → providers}/google/server.rb +242 -155
- data/modules/mu/{clouds → providers}/google/server_pool.rb +25 -44
- data/modules/mu/{clouds → providers}/google/user.rb +95 -31
- data/modules/mu/{clouds → providers}/google/userdata/README.md +0 -0
- data/modules/mu/{clouds → providers}/google/userdata/linux.erb +0 -0
- data/modules/mu/{clouds → providers}/google/userdata/windows.erb +0 -0
- data/modules/mu/{clouds → providers}/google/vpc.rb +103 -79
- data/modules/tests/bucket.yml +4 -0
- data/modules/tests/centos6.yaml +11 -0
- data/modules/tests/centos7.yaml +11 -0
- data/modules/tests/centos8.yaml +12 -0
- data/modules/tests/ecs.yaml +23 -0
- data/modules/tests/includes-and-params.yaml +2 -1
- data/modules/tests/rds.yaml +108 -0
- data/modules/tests/regrooms/aws-iam.yaml +201 -0
- data/modules/tests/regrooms/bucket.yml +19 -0
- data/modules/tests/regrooms/rds.yaml +123 -0
- data/modules/tests/server-with-scrub-muisms.yaml +1 -0
- data/modules/tests/super_simple_bok.yml +1 -3
- data/modules/tests/win2k12.yaml +17 -5
- data/modules/tests/win2k16.yaml +25 -0
- data/modules/tests/win2k19.yaml +25 -0
- data/requirements.txt +1 -0
- data/spec/mu/clouds/azure_spec.rb +2 -2
- metadata +232 -154
- data/extras/image-generators/AWS/windows.yaml +0 -18
- data/modules/mu/clouds/aws/database.rb +0 -1985
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: fd9a15a0e94a578919c0cb22bf5c95ee86b5b4a03fcc0ea1c35da2c161e8cf31
|
4
|
+
data.tar.gz: 04cdc9d9a70de97fdaf12021166b707921ec981d7ab2dc92cd1ebce491a9e130
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: adfef4f231a946a3929b7f8026a9e338658dadfef3482942a46e8fdb9b10c4ca7d68aa457d135815a3878882d88a103ec1ebacea4bcb1ae4c45b070d85ceee06
|
7
|
+
data.tar.gz: 3a7b04d7d2486b05e8d413b78029b610bb7ba6bd8a33a1c24cf7b8bdf63dabaf9e0a1baab8408a66f995d05df719261248cbf27ee5b230a350109053ddb0420a
|
data/Dockerfile
CHANGED
@@ -4,22 +4,34 @@ RUN mkdir -p /opt/mu/etc/ /home/mu /usr/local/ruby-current/lib/ruby/gems/2.5.0/g
|
|
4
4
|
|
5
5
|
WORKDIR /home/mu
|
6
6
|
|
7
|
+
RUN df -h
|
8
|
+
|
7
9
|
RUN apt-get update
|
8
10
|
|
9
|
-
RUN apt-get install -y ruby2.5-dev dnsutils ansible build-essential
|
11
|
+
RUN apt-get install -y ruby2.5-dev dnsutils ansible build-essential python-pip curl
|
10
12
|
|
11
13
|
RUN apt-get upgrade -y
|
12
14
|
|
15
|
+
RUN df -h
|
16
|
+
|
13
17
|
COPY ./cloud-mu-*.gem /home/mu
|
14
18
|
|
15
|
-
RUN gem install ./cloud-mu-*.gem
|
19
|
+
RUN gem install ./cloud-mu-*.gem -N
|
20
|
+
|
21
|
+
RUN df -h
|
16
22
|
|
17
|
-
RUN
|
23
|
+
RUN ls -la
|
24
|
+
|
25
|
+
#RUN rm --verbose -f cloud-mu-*.gem
|
26
|
+
|
27
|
+
RUN pip install pywinrm
|
18
28
|
|
19
29
|
RUN apt-get remove -y build-essential ruby2.5-dev
|
20
30
|
|
21
31
|
RUN apt-get autoremove -y
|
22
32
|
|
33
|
+
RUN curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.17.4/bin/linux/amd64/kubectl && mv kubectl /usr/bin && chmod +x /usr/bin/kubectl
|
34
|
+
|
23
35
|
EXPOSE 2260
|
24
36
|
|
25
37
|
CMD /usr/sbin/init
|
@@ -0,0 +1,33 @@
|
|
1
|
+
Role Name
|
2
|
+
=========
|
3
|
+
|
4
|
+
Used during image builds for Windows 2012R2, 2016, and 2019. Runs all updates and installs chocolatey, git, openssh, and ruby.
|
5
|
+
|
6
|
+
Requirements
|
7
|
+
------------
|
8
|
+
|
9
|
+
Windows host with internet connectivity and no other major services running.
|
10
|
+
|
11
|
+
License
|
12
|
+
-------
|
13
|
+
|
14
|
+
Copyright:: Copyright (c) 2020 eGlobalTech, Inc., all rights reserved
|
15
|
+
|
16
|
+
Licensed under the BSD-3 license (the "License");
|
17
|
+
you may not use this file except in compliance with the License.
|
18
|
+
You may obtain a copy of the License in the root of the project or at
|
19
|
+
|
20
|
+
http://egt-labs.com/mu/LICENSE.html
|
21
|
+
|
22
|
+
Unless required by applicable law or agreed to in writing, software
|
23
|
+
distributed under the License is distributed on an "AS IS" BASIS,
|
24
|
+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
25
|
+
See the License for the specific language governing permissions and
|
26
|
+
limitations under the License.
|
27
|
+
|
28
|
+
Author Information
|
29
|
+
------------------
|
30
|
+
|
31
|
+
Current developers: John Stange, Robert Patt-Corner, Ryan Bolyard
|
32
|
+
|
33
|
+
egt-labs-admins@egt-labs.com
|
@@ -0,0 +1,76 @@
|
|
1
|
+
<?xml version="1.0" encoding="utf-8"?>
|
2
|
+
<Ec2ConfigurationSettings>
|
3
|
+
<Plugins>
|
4
|
+
<Plugin>
|
5
|
+
<Name>Ec2SetPassword</Name>
|
6
|
+
<State>Enabled</State>
|
7
|
+
</Plugin>
|
8
|
+
<Plugin>
|
9
|
+
<Name>Ec2SetComputerName</Name>
|
10
|
+
<State>Disabled</State>
|
11
|
+
</Plugin>
|
12
|
+
<Plugin>
|
13
|
+
<Name>Ec2InitializeDrives</Name>
|
14
|
+
<State>Enabled</State>
|
15
|
+
</Plugin>
|
16
|
+
<Plugin>
|
17
|
+
<Name>Ec2EventLog</Name>
|
18
|
+
<State>Disabled</State>
|
19
|
+
</Plugin>
|
20
|
+
<Plugin>
|
21
|
+
<Name>Ec2ConfigureRDP</Name>
|
22
|
+
<State>Disabled</State>
|
23
|
+
</Plugin>
|
24
|
+
<Plugin>
|
25
|
+
<Name>Ec2OutputRDPCert</Name>
|
26
|
+
<State>Enabled</State>
|
27
|
+
</Plugin>
|
28
|
+
<Plugin>
|
29
|
+
<Name>Ec2SetDriveLetter</Name>
|
30
|
+
<State>Enabled</State>
|
31
|
+
</Plugin>
|
32
|
+
<Plugin>
|
33
|
+
<Name>Ec2WindowsActivate</Name>
|
34
|
+
<State>Enabled</State>
|
35
|
+
</Plugin>
|
36
|
+
<Plugin>
|
37
|
+
<Name>Ec2DynamicBootVolumeSize</Name>
|
38
|
+
<State>Disabled</State>
|
39
|
+
</Plugin>
|
40
|
+
<Plugin>
|
41
|
+
<Name>Ec2SetHibernation</Name>
|
42
|
+
<State>Enabled</State>
|
43
|
+
</Plugin>
|
44
|
+
<Plugin>
|
45
|
+
<Name>Ec2SetMonitorAlwaysOn</Name>
|
46
|
+
<State>Disabled</State>
|
47
|
+
</Plugin>
|
48
|
+
<Plugin>
|
49
|
+
<Name>Ec2ElasticGpuSetup</Name>
|
50
|
+
<State>Enabled</State>
|
51
|
+
</Plugin>
|
52
|
+
<Plugin>
|
53
|
+
<Name>Ec2FeatureLogging</Name>
|
54
|
+
<State>Enabled</State>
|
55
|
+
</Plugin>
|
56
|
+
<Plugin>
|
57
|
+
<Name>Ec2SetENAConfig</Name>
|
58
|
+
<State>Enabled</State>
|
59
|
+
</Plugin>
|
60
|
+
<Plugin>
|
61
|
+
<Name>Ec2HandleUserData</Name>
|
62
|
+
<State>Enabled</State>
|
63
|
+
</Plugin>
|
64
|
+
<Plugin>
|
65
|
+
<Name>AWS.EC2.Windows.CloudWatch.PlugIn</Name>
|
66
|
+
<State>Disabled</State>
|
67
|
+
</Plugin>
|
68
|
+
</Plugins>
|
69
|
+
<GlobalSettings>
|
70
|
+
<ManageShutdown>true</ManageShutdown>
|
71
|
+
<SetDnsSuffixList>true</SetDnsSuffixList>
|
72
|
+
<WaitForMetaDataAvailable>true</WaitForMetaDataAvailable>
|
73
|
+
<ShouldAddRoutes>true</ShouldAddRoutes>
|
74
|
+
<RemoveCredentialsfromSysprepOnStartup>true</RemoveCredentialsfromSysprepOnStartup>
|
75
|
+
</GlobalSettings>
|
76
|
+
</Ec2ConfigurationSettings>
|
@@ -0,0 +1,53 @@
|
|
1
|
+
galaxy_info:
|
2
|
+
author: your name
|
3
|
+
description: your description
|
4
|
+
company: your company (optional)
|
5
|
+
|
6
|
+
# If the issue tracker for your role is not on github, uncomment the
|
7
|
+
# next line and provide a value
|
8
|
+
# issue_tracker_url: http://example.com/issue/tracker
|
9
|
+
|
10
|
+
# Choose a valid license ID from https://spdx.org - some suggested licenses:
|
11
|
+
# - BSD-3-Clause (default)
|
12
|
+
# - MIT
|
13
|
+
# - GPL-2.0-or-later
|
14
|
+
# - GPL-3.0-only
|
15
|
+
# - Apache-2.0
|
16
|
+
# - CC-BY-4.0
|
17
|
+
license: license (GPL-2.0-or-later, MIT, etc)
|
18
|
+
|
19
|
+
min_ansible_version: 2.4
|
20
|
+
|
21
|
+
# If this a Container Enabled role, provide the minimum Ansible Container version.
|
22
|
+
# min_ansible_container_version:
|
23
|
+
|
24
|
+
#
|
25
|
+
# Provide a list of supported platforms, and for each platform a list of versions.
|
26
|
+
# If you don't wish to enumerate all versions for a particular platform, use 'all'.
|
27
|
+
# To view available platforms and versions (or releases), visit:
|
28
|
+
# https://galaxy.ansible.com/api/v1/platforms/
|
29
|
+
#
|
30
|
+
# platforms:
|
31
|
+
# - name: Fedora
|
32
|
+
# versions:
|
33
|
+
# - all
|
34
|
+
# - 25
|
35
|
+
# - name: SomePlatform
|
36
|
+
# versions:
|
37
|
+
# - all
|
38
|
+
# - 1.0
|
39
|
+
# - 7
|
40
|
+
# - 99.99
|
41
|
+
|
42
|
+
galaxy_tags: []
|
43
|
+
# List tags for your role here, one per line. A tag is a keyword that describes
|
44
|
+
# and categorizes the role. Users find roles by searching for tags. Be sure to
|
45
|
+
# remove the '[]' above, if you add tags to this list.
|
46
|
+
#
|
47
|
+
# NOTE: A tag is limited to a single word comprised of alphanumeric characters.
|
48
|
+
# Maximum 20 tags per role.
|
49
|
+
|
50
|
+
dependencies: []
|
51
|
+
# List your role dependencies here, one per line. Be sure to remove the '[]' above,
|
52
|
+
# if you add dependencies to this list.
|
53
|
+
|
@@ -0,0 +1,36 @@
|
|
1
|
+
---
|
2
|
+
- name: Install all updates with automatic reboots
|
3
|
+
win_updates:
|
4
|
+
reboot: yes
|
5
|
+
reboot_timeout: 1800
|
6
|
+
|
7
|
+
- name: Install git
|
8
|
+
win_chocolatey:
|
9
|
+
name: git
|
10
|
+
state: present
|
11
|
+
|
12
|
+
- name: Install ruby
|
13
|
+
win_chocolatey:
|
14
|
+
name: ruby
|
15
|
+
state: present
|
16
|
+
|
17
|
+
- name: Install openssh
|
18
|
+
win_chocolatey:
|
19
|
+
name: openssh
|
20
|
+
state: present
|
21
|
+
|
22
|
+
- name: "Tell EC2Config to set a random password on next boot (Windows 2012)"
|
23
|
+
when: ((ansible_facts['distribution_major_version'] | int) < 10 and mu_build_image is defined and mu_build_image == True)
|
24
|
+
win_copy:
|
25
|
+
src: config.xml
|
26
|
+
dest: "c:/Program Files/Amazon/EC2ConfigService/Settings/config.xml"
|
27
|
+
|
28
|
+
- name: "Tell EC2Launch to set a random password (Windows 2016+)"
|
29
|
+
when: ((ansible_facts['distribution_major_version'] | int) >= 10 and mu_build_image is defined and mu_build_image == True)
|
30
|
+
win_copy:
|
31
|
+
src: LaunchConfig.json
|
32
|
+
dest: "c:/ProgramData/Amazon/EC2-Windows/Launch/Config/LaunchConfig.json"
|
33
|
+
|
34
|
+
- name: "Tell EC2Launch to run on next boot (Windows 2016+)"
|
35
|
+
when: ((ansible_facts['distribution_major_version'] | int) >= 10 and mu_build_image is defined and mu_build_image == True)
|
36
|
+
win_shell: C:\ProgramData\Amazon\EC2-Windows\Launch\Scripts\InitializeInstance.ps1 -Schedule
|
data/bin/mu-adopt
CHANGED
@@ -21,12 +21,6 @@ require 'bundler/setup'
|
|
21
21
|
require 'optimist'
|
22
22
|
require 'mu'
|
23
23
|
|
24
|
-
available_clouds = MU::Cloud.supportedClouds
|
25
|
-
available_clouds.reject! { |cloud|
|
26
|
-
cloudclass = Object.const_get("MU").const_get("Cloud").const_get(cloud)
|
27
|
-
cloudclass.listCredentials.nil? or cloudclass.listCredentials.size == 0
|
28
|
-
}
|
29
|
-
|
30
24
|
available_types = MU::Cloud.resource_types.keys.map { |t| t.to_s }
|
31
25
|
grouping_options = {
|
32
26
|
"logical" => "Group resources in logical layers (folders and habitats together, users/roles/groups together, network resources together, etc)",
|
@@ -39,15 +33,18 @@ $opt = Optimist::options do
|
|
39
33
|
EOS
|
40
34
|
opt :appname, "The overarching name of the application stack we will generate", :required => false, :default => "mu", :type => :string
|
41
35
|
opt :types, "The resource types to scan and import. Valid types: #{available_types.join(", ")}", :required => false, :type => :strings, :default => available_types
|
42
|
-
opt :clouds, "The cloud providers to scan and import.", :required => false, :type => :strings, :default =>
|
36
|
+
opt :clouds, "The cloud providers to scan and import.", :required => false, :type => :strings, :default => MU::Cloud.availableClouds
|
43
37
|
opt :parent, "Where applicable, resources which reside in the root folder or organization are configured with the specified parent in our target BoK", :required => false, :type => :string
|
44
38
|
opt :billing, "Force-set this billing entity on created resources, instead of copying from the live resources", :required => false, :type => :string
|
45
39
|
opt :sources, "One or more sets of credentials to use when importing resources. By default we will search and import from all sets of available credentials for each cloud provider specified with --clouds", :required => false, :type => :strings
|
46
40
|
opt :credentials, "Override the 'credentials' value in our generated Baskets of Kittens to target a single, specific account. Our default behavior is to set each resource to deploy into the account from which it was sourced.", :required => false, :type => :string
|
47
41
|
opt :savedeploys, "Generate actual deployment metadata in #{MU.dataDir}/deployments, as though the resources we found were created with mu-deploy. If we are generating more than one configuration, and a resource needs to reference another resource (e.g. to declare a VPC in which to reside), this will allow us to reference them as virtual resource, rather than by raw cloud identifier.", :required => false, :type => :boolean, :default => false
|
48
42
|
opt :diff, "List the differences between what we find and an existing, saved deploy from a previous run, if one exists.", :required => false, :type => :boolean
|
43
|
+
opt :merge_changes, "When using --diff, merge detected changes into the baseline deploy after reporting on them.", :required => false, :type => :boolean, :default => false
|
49
44
|
opt :grouping, "Methods for grouping found resources into separate Baskets.\n\n"+MU::Adoption::GROUPMODES.keys.map { |g| "* "+g.to_s+": "+MU::Adoption::GROUPMODES[g] }.join("\n")+"\n\n", :required => false, :type => :string, :default => "logical"
|
50
45
|
opt :habitats, "Limit scope of searches to the named accounts/projects/subscriptions, instead of search all habitats visible to our credentials.", :required => false, :type => :strings
|
46
|
+
opt :regions, "Restrict to operating on a subset of available regions, instead of all that we know about.", :require => false, :type => :strings
|
47
|
+
opt :scrub, "Whether to set scrub_mu_isms in the BoKs we generate", :default => $MU_CFG.has_key?('adopt_scrub_mu_isms') ? $MU_CFG['adopt_scrub_mu_isms'] : false
|
51
48
|
end
|
52
49
|
|
53
50
|
ok = true
|
@@ -101,9 +98,12 @@ if !ok
|
|
101
98
|
exit 1
|
102
99
|
end
|
103
100
|
|
104
|
-
|
105
|
-
|
106
|
-
|
101
|
+
adoption = MU::Adoption.new(clouds: clouds, types: types, parent: $opt[:parent], billing: $opt[:billing], sources: $opt[:sources], credentials: $opt[:credentials], group_by: $opt[:grouping].to_sym, savedeploys: $opt[:savedeploys], diff: $opt[:diff], habitats: $opt[:habitats], scrub_mu_isms: $opt[:scrub], regions: $opt[:regions], merge: $opt[:merge_changes])
|
102
|
+
found = adoption.scrapeClouds
|
103
|
+
if found.nil? or found.empty?
|
104
|
+
MU.log "No resources found to adopt", MU::WARN, details: {"clouds" => clouds, "types" => types }
|
105
|
+
exit
|
106
|
+
end
|
107
107
|
MU.log "Generating baskets", MU::DEBUG
|
108
108
|
boks = adoption.generateBaskets(prefix: $opt[:appname])
|
109
109
|
|
@@ -112,10 +112,7 @@ boks.each_pair { |appname, bok|
|
|
112
112
|
File.open("#{appname}.yaml", "w") { |f|
|
113
113
|
f.write JSON.parse(JSON.generate(bok)).to_yaml
|
114
114
|
}
|
115
|
-
conf_engine = MU::Config.new("#{appname}.yaml")
|
116
|
-
stack_conf = conf_engine.config
|
117
115
|
# puts stack_conf.to_yaml
|
118
|
-
MU.log "#{appname}.yaml validated successfully", MU::NOTICE
|
119
116
|
MU::Cloud.resource_types.each_pair { |type, cfg|
|
120
117
|
if bok[cfg[:cfg_plural]]
|
121
118
|
MU.log "#{bok[cfg[:cfg_plural]].size.to_s} #{cfg[:cfg_plural]}", MU::NOTICE
|
data/bin/mu-azure-tests
ADDED
@@ -0,0 +1,57 @@
|
|
1
|
+
#!/usr/local/ruby-current/bin/ruby
|
2
|
+
# Copyright:: Copyright (c) 2014 eGlobalTech, Inc., all rights reserved
|
3
|
+
#
|
4
|
+
# Licensed under the BSD-3 license (the "License");
|
5
|
+
# you may not use this file except in compliance with the License.
|
6
|
+
# You may obtain a copy of the License in the root of the project or at
|
7
|
+
#
|
8
|
+
# http://egt-labs.com/mu/LICENSE.html
|
9
|
+
#
|
10
|
+
# Unless required by applicable law or agreed to in writing, software
|
11
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
12
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
13
|
+
# See the License for the specific language governing permissions and
|
14
|
+
# limitations under the License.
|
15
|
+
|
16
|
+
require 'rubygems'
|
17
|
+
require 'bundler/setup'
|
18
|
+
require 'json'
|
19
|
+
require 'erb'
|
20
|
+
require 'optimist'
|
21
|
+
require 'json-schema'
|
22
|
+
require File.realpath(File.expand_path(File.dirname(__FILE__)+"/mu-load-config.rb"))
|
23
|
+
require 'mu'
|
24
|
+
|
25
|
+
(0..100000).to_a.each { |n|
|
26
|
+
retries = 0
|
27
|
+
seed = nil
|
28
|
+
# begin
|
29
|
+
# raise MuError, "Failed to allocate an unused MU-ID after #{retries} tries!" if retries > 70
|
30
|
+
# seedsize = 1 + (retries/10).abs
|
31
|
+
# seed = (0...seedsize+1).map { ('a'..'z').to_a[rand(26)] }.join
|
32
|
+
# end while seed == "mu" or seed[0] == seed[1]
|
33
|
+
seed = "nn"
|
34
|
+
handle = MU::MommaCat.generateHandle(seed)
|
35
|
+
puts handle
|
36
|
+
}
|
37
|
+
exit
|
38
|
+
|
39
|
+
#pp MU::Cloud::Azure.listRegions
|
40
|
+
#pp MU::Cloud::Azure::Habitat.testcalls
|
41
|
+
#pp MU::Cloud::Azure::VPC.find(cloud_id: MU::Cloud::Azure::Id.new(resource_group: "mu", name: "mu-vnet"))
|
42
|
+
#pp MU::Cloud::Azure.authorization.role_assignments.list_for_resource_group("AKS-DEV-2019062015-KA-EASTUS")
|
43
|
+
#pp MU::Cloud::Azure::Role.find(role_name: "Azure Kubernetes Service Cluster Admin Role")
|
44
|
+
#puts MU::Cloud::Azure.default_subscription
|
45
|
+
#pp MU::Cloud::Azure.fetchPublicIP("MYVPC-DEV-2019061911-XI-EASTUS", "ip-addr-thingy")
|
46
|
+
#pp MU::Cloud::Azure.ensureProvider("egtazure", "Microsoft.ContainerService", force: true)
|
47
|
+
pp MU::Cloud::Azure::Server.find(cloud_id: "mu")
|
48
|
+
exit
|
49
|
+
pp MU::Cloud::Azure::Server.fetchImage("OpenLogic/CentOS/6")
|
50
|
+
pp MU::Cloud::Azure::Server.fetchImage("OpenLogic/CentOS/7")
|
51
|
+
pp MU::Cloud::Azure::Server.fetchImage("RedHat/RHEL/8")
|
52
|
+
pp MU::Cloud::Azure::Server.fetchImage("RedHat/RHEL/7")
|
53
|
+
pp MU::Cloud::Azure::Server.fetchImage("RedHat/RHEL/6")
|
54
|
+
pp MU::Cloud::Azure::Server.fetchImage("Debian/debian-10/10")
|
55
|
+
pp MU::Cloud::Azure::Server.fetchImage("MicrosoftWindowsServer/WindowsServer/2012-R2-Datacenter")
|
56
|
+
pp MU::Cloud::Azure::Server.fetchImage("MicrosoftWindowsServer/WindowsServer/2016-Datacenter")
|
57
|
+
pp MU::Cloud::Azure::Server.fetchImage("MicrosoftWindowsServer/WindowsServer/2019-Datacenter")
|
data/bin/mu-cleanup
CHANGED
@@ -24,10 +24,8 @@ require 'mu'
|
|
24
24
|
Dir.chdir(MU.installDir)
|
25
25
|
|
26
26
|
credentials = []
|
27
|
-
MU::Cloud.
|
28
|
-
|
29
|
-
next if cloudclass.listCredentials.nil? or cloudclass.listCredentials.size == 0
|
30
|
-
credentials.concat(cloudclass.listCredentials)
|
27
|
+
MU::Cloud.availableClouds.each { |cloud|
|
28
|
+
credentials.concat(MU::Cloud.cloudClass(cloud).listCredentials)
|
31
29
|
}
|
32
30
|
credentials.uniq!
|
33
31
|
|
data/bin/mu-configure
CHANGED
@@ -113,6 +113,44 @@ $CONFIGURABLES = {
|
|
113
113
|
"desc" => "Disable the Momma Cat grooming daemon. Nodes which require asynchronous Ansible/Chef bootstraps will not function. This option is only honored in gem-based installations.",
|
114
114
|
"boolean" => true
|
115
115
|
},
|
116
|
+
"adopt_change_notify" => {
|
117
|
+
"title" => "Adoption Change Notifications",
|
118
|
+
"subtree" => {
|
119
|
+
"slack" => {
|
120
|
+
"title" => "Send to Slack",
|
121
|
+
"desc" => "Report modifications to adopted resources, detected by mu-adopt --diff, to the Slack webhook and channel configured under Slack Configuration.",
|
122
|
+
"boolean" => true
|
123
|
+
},
|
124
|
+
"slack_snippet_threshold" => {
|
125
|
+
"title" => "Attachment Threshold",
|
126
|
+
"desc" => "If a list of details about a modified resources is longer than this number of lines (in JSON), it will be sent as an \"attachment,\" which in Slack means a blockquote that displays a few lines with a \"Show more\" button. The internal default is 5 lines."
|
127
|
+
},
|
128
|
+
# "email" => {
|
129
|
+
# "title" => "Send Email",
|
130
|
+
# "desc" => "",
|
131
|
+
# "boolean" => true
|
132
|
+
# }
|
133
|
+
}
|
134
|
+
},
|
135
|
+
"adopt_scrub_mu_isms" => {
|
136
|
+
"title" => "Scrub Mu-isms from Baskets of Kittens",
|
137
|
+
"default" => false,
|
138
|
+
"desc" => "Ordinarily, Mu will automatically name, tag and generate auxiliary resources in a standard Mu-ish fashion that allows for deployment of multiple clones of a given stack. Toggling this flag will change the default behavior of mu-adopt, when it creates stack descriptors from found resources, to enable or disable this behavior (see also mu-adopt's --scrub option).",
|
139
|
+
"boolean" => true
|
140
|
+
},
|
141
|
+
"slack" => {
|
142
|
+
"title" => "Slack Configuration",
|
143
|
+
"subtree" => {
|
144
|
+
"webhook" => {
|
145
|
+
"title" => "Webhook",
|
146
|
+
"desc" => "The hooks.slack.com URL for the webook to which we'll send deploy notifications"
|
147
|
+
},
|
148
|
+
"channel" => {
|
149
|
+
"title" => "Channel",
|
150
|
+
"desc" => "The channel name (without leading #) to which alerts should be sent."
|
151
|
+
}
|
152
|
+
}
|
153
|
+
},
|
116
154
|
"mommacat_port" => {
|
117
155
|
"title" => "Momma Cat Listen Port",
|
118
156
|
"pattern" => /^[0-9]+$/i,
|
@@ -241,11 +279,25 @@ $CONFIGURABLES = {
|
|
241
279
|
"required" => false,
|
242
280
|
"desc" => "For Google Cloud projects which are attached to a GSuite domain. GCP service accounts cannot view or manage GSuite resources (groups, users, etc) directly, but must instead masquerade as a GSuite user which has delegated authority to the service account. See also: https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority"
|
243
281
|
},
|
282
|
+
"org" => {
|
283
|
+
"title" => "Default Org/Domain",
|
284
|
+
"desc" => "For credential sets which have access to multiple GSuite or Cloud Identity orgs, you must specify a default organization (e.g. my.domain.com)."
|
285
|
+
},
|
244
286
|
"customer_id" => {
|
245
287
|
"title" => "GSuite Customer ID",
|
246
288
|
"required" => false,
|
247
289
|
"desc" => "For Google Cloud projects which are attached to a GSuite domain. Some API calls (groups, users, etc) require this identifier. From admin.google.com, choose Security, the Single Sign On, and look for the Entity ID field. The value after idpid= in the URL there should be the customer ID."
|
248
290
|
},
|
291
|
+
"ignore_habitats" => {
|
292
|
+
"title" => "Ignore These Projects",
|
293
|
+
"desc" => "Optional list of projects to ignore, for credentials which have visibility into multiple projects",
|
294
|
+
"array" => true
|
295
|
+
},
|
296
|
+
"restrict_to_habitats" => {
|
297
|
+
"title" => "Operate On Only These Projects",
|
298
|
+
"desc" => "Optional list of projects to which we'll restrict all of our activities.",
|
299
|
+
"array" => true
|
300
|
+
},
|
249
301
|
"default" => {
|
250
302
|
"title" => "Is Default Account",
|
251
303
|
"default" => false,
|