cloud-mu 3.5.0 → 3.6.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Berksfile +5 -2
- data/Berksfile.lock +135 -0
- data/ansible/roles/mu-base/README.md +33 -0
- data/ansible/roles/mu-base/defaults/main.yml +2 -0
- data/ansible/roles/mu-base/files/check_apm.cfg +1 -0
- data/ansible/roles/mu-base/files/check_apm.sh +18 -0
- data/ansible/roles/mu-base/files/check_disk.cfg +1 -0
- data/ansible/roles/mu-base/files/check_elastic_shards.cfg +1 -0
- data/ansible/roles/mu-base/files/check_elastic_shards.sh +12 -0
- data/ansible/roles/mu-base/files/check_logstash.cfg +1 -0
- data/ansible/roles/mu-base/files/check_logstash.sh +14 -0
- data/ansible/roles/mu-base/files/check_mem.cfg +1 -0
- data/ansible/roles/mu-base/files/check_updates.cfg +1 -0
- data/ansible/roles/mu-base/files/logrotate.conf +35 -0
- data/ansible/roles/mu-base/files/nrpe-apm-sudo +1 -0
- data/ansible/roles/mu-base/files/nrpe-elasticshards-sudo +2 -0
- data/ansible/roles/mu-base/handlers/main.yml +5 -0
- data/ansible/roles/mu-base/meta/main.yml +53 -0
- data/ansible/roles/mu-base/tasks/main.yml +113 -0
- data/ansible/roles/mu-base/templates/nrpe.cfg.j2 +231 -0
- data/ansible/roles/mu-base/tests/inventory +2 -0
- data/ansible/roles/mu-base/tests/test.yml +5 -0
- data/ansible/roles/mu-base/vars/main.yml +1 -0
- data/ansible/roles/mu-compliance/README.md +33 -0
- data/ansible/roles/mu-compliance/defaults/main.yml +2 -0
- data/ansible/roles/mu-compliance/files/U_MS_Windows_Server_2016_V2R1_STIG_SCAP_1-2_Benchmark.xml +15674 -0
- data/ansible/roles/mu-compliance/files/U_MS_Windows_Server_2019_V2R1_STIG_SCAP_1-2_Benchmark.xml +17553 -0
- data/ansible/roles/mu-compliance/handlers/main.yml +2 -0
- data/ansible/roles/mu-compliance/meta/main.yml +53 -0
- data/ansible/roles/mu-compliance/tasks/main.yml +45 -0
- data/ansible/roles/mu-compliance/tests/inventory +2 -0
- data/ansible/roles/mu-compliance/tests/test.yml +5 -0
- data/ansible/roles/mu-compliance/vars/main.yml +4 -0
- data/ansible/roles/mu-elastic/README.md +51 -0
- data/ansible/roles/mu-elastic/defaults/main.yml +2 -0
- data/ansible/roles/mu-elastic/files/jvm.options +93 -0
- data/ansible/roles/mu-elastic/handlers/main.yml +10 -0
- data/ansible/roles/mu-elastic/meta/main.yml +52 -0
- data/ansible/roles/mu-elastic/tasks/main.yml +186 -0
- data/ansible/roles/mu-elastic/templates/elasticsearch.yml.j2 +110 -0
- data/ansible/roles/mu-elastic/templates/kibana.yml.j2 +131 -0
- data/ansible/roles/mu-elastic/templates/password_set.expect.j2 +19 -0
- data/ansible/roles/mu-elastic/tests/inventory +2 -0
- data/ansible/roles/mu-elastic/tests/test.yml +5 -0
- data/ansible/roles/mu-elastic/vars/main.yml +2 -0
- data/ansible/roles/mu-logstash/README.md +51 -0
- data/ansible/roles/mu-logstash/defaults/main.yml +2 -0
- data/ansible/roles/mu-logstash/files/02-beats-input.conf +5 -0
- data/ansible/roles/mu-logstash/files/10-rails-filter.conf +16 -0
- data/ansible/roles/mu-logstash/files/jvm.options +84 -0
- data/ansible/roles/mu-logstash/files/logstash.yml +304 -0
- data/ansible/roles/mu-logstash/handlers/main.yml +20 -0
- data/ansible/roles/mu-logstash/meta/main.yml +52 -0
- data/ansible/roles/mu-logstash/tasks/main.yml +254 -0
- data/ansible/roles/mu-logstash/templates/20-cloudtrail.conf.j2 +28 -0
- data/ansible/roles/mu-logstash/templates/30-elasticsearch-output.conf.j2 +19 -0
- data/ansible/roles/mu-logstash/templates/apm-server.yml.j2 +33 -0
- data/ansible/roles/mu-logstash/templates/heartbeat.yml.j2 +29 -0
- data/ansible/roles/mu-logstash/templates/nginx/apm.conf.j2 +25 -0
- data/ansible/roles/mu-logstash/templates/nginx/default.conf.j2 +56 -0
- data/ansible/roles/mu-logstash/templates/nginx/elastic.conf.j2 +27 -0
- data/ansible/roles/mu-logstash/tests/inventory +2 -0
- data/ansible/roles/mu-logstash/tests/test.yml +5 -0
- data/ansible/roles/mu-logstash/vars/main.yml +2 -0
- data/ansible/roles/mu-rdp/README.md +33 -0
- data/ansible/roles/mu-rdp/meta/main.yml +53 -0
- data/ansible/roles/mu-rdp/tasks/main.yml +9 -0
- data/ansible/roles/mu-rdp/tests/inventory +2 -0
- data/ansible/roles/mu-rdp/tests/test.yml +5 -0
- data/ansible/roles/mu-windows/tasks/main.yml +3 -0
- data/bin/mu-ansible-secret +1 -1
- data/bin/mu-aws-setup +4 -3
- data/bin/mu-azure-setup +5 -5
- data/bin/mu-configure +25 -17
- data/bin/mu-firewall-allow-clients +1 -0
- data/bin/mu-gcp-setup +3 -3
- data/bin/mu-load-config.rb +1 -0
- data/bin/mu-node-manage +66 -33
- data/bin/mu-self-update +2 -2
- data/bin/mu-upload-chef-artifacts +6 -1
- data/bin/mu-user-manage +1 -1
- data/cloud-mu.gemspec +25 -23
- data/cookbooks/firewall/CHANGELOG.md +417 -224
- data/cookbooks/firewall/LICENSE +202 -0
- data/cookbooks/firewall/README.md +153 -126
- data/cookbooks/firewall/TODO.md +6 -0
- data/cookbooks/firewall/attributes/firewalld.rb +7 -0
- data/cookbooks/firewall/attributes/iptables.rb +3 -3
- data/cookbooks/firewall/chefignore +115 -0
- data/cookbooks/firewall/libraries/helpers.rb +5 -0
- data/cookbooks/firewall/libraries/helpers_firewalld.rb +1 -1
- data/cookbooks/firewall/libraries/helpers_firewalld_dbus.rb +72 -0
- data/cookbooks/firewall/libraries/helpers_iptables.rb +3 -3
- data/cookbooks/firewall/libraries/helpers_nftables.rb +170 -0
- data/cookbooks/firewall/libraries/helpers_ufw.rb +7 -0
- data/cookbooks/firewall/libraries/helpers_windows.rb +8 -9
- data/cookbooks/firewall/libraries/provider_firewall_firewalld.rb +9 -9
- data/cookbooks/firewall/libraries/provider_firewall_iptables.rb +7 -7
- data/cookbooks/firewall/libraries/provider_firewall_iptables_ubuntu.rb +12 -8
- data/cookbooks/firewall/libraries/provider_firewall_iptables_ubuntu1404.rb +13 -9
- data/cookbooks/firewall/libraries/provider_firewall_rule.rb +1 -1
- data/cookbooks/firewall/libraries/provider_firewall_ufw.rb +5 -5
- data/cookbooks/firewall/libraries/provider_firewall_windows.rb +4 -4
- data/cookbooks/firewall/libraries/resource_firewall_rule.rb +3 -3
- data/cookbooks/firewall/metadata.json +40 -1
- data/cookbooks/firewall/metadata.rb +15 -0
- data/cookbooks/firewall/recipes/default.rb +7 -7
- data/cookbooks/firewall/recipes/disable_firewall.rb +1 -1
- data/cookbooks/firewall/recipes/firewalld.rb +87 -0
- data/cookbooks/firewall/renovate.json +18 -0
- data/cookbooks/firewall/resources/firewalld.rb +28 -0
- data/cookbooks/firewall/resources/firewalld_config.rb +39 -0
- data/cookbooks/firewall/resources/firewalld_helpers.rb +106 -0
- data/cookbooks/firewall/resources/firewalld_icmptype.rb +88 -0
- data/cookbooks/firewall/resources/firewalld_ipset.rb +104 -0
- data/cookbooks/firewall/resources/firewalld_policy.rb +115 -0
- data/cookbooks/firewall/resources/firewalld_service.rb +98 -0
- data/cookbooks/firewall/resources/firewalld_zone.rb +118 -0
- data/cookbooks/firewall/resources/nftables.rb +71 -0
- data/cookbooks/firewall/resources/nftables_rule.rb +113 -0
- data/cookbooks/mu-activedirectory/Berksfile +1 -1
- data/cookbooks/mu-activedirectory/metadata.rb +1 -1
- data/cookbooks/mu-firewall/metadata.rb +2 -2
- data/cookbooks/mu-master/Berksfile +4 -3
- data/cookbooks/mu-master/attributes/default.rb +5 -2
- data/cookbooks/mu-master/files/default/check_elastic.sh +761 -0
- data/cookbooks/mu-master/files/default/check_kibana.rb +45 -0
- data/cookbooks/mu-master/libraries/mu.rb +24 -0
- data/cookbooks/mu-master/metadata.rb +5 -5
- data/cookbooks/mu-master/recipes/default.rb +31 -20
- data/cookbooks/mu-master/recipes/firewall-holes.rb +5 -0
- data/cookbooks/mu-master/recipes/init.rb +58 -19
- data/cookbooks/mu-master/recipes/update_nagios_only.rb +251 -178
- data/cookbooks/mu-master/templates/default/nagios.conf.erb +5 -11
- data/cookbooks/mu-master/templates/default/web_app.conf.erb +3 -0
- data/cookbooks/mu-php54/Berksfile +1 -1
- data/cookbooks/mu-php54/metadata.rb +2 -2
- data/cookbooks/mu-tools/Berksfile +2 -3
- data/cookbooks/mu-tools/attributes/default.rb +3 -4
- data/cookbooks/mu-tools/files/amazon/etc/bashrc +90 -0
- data/cookbooks/mu-tools/files/amazon/etc/login.defs +292 -0
- data/cookbooks/mu-tools/files/amazon/etc/profile +77 -0
- data/cookbooks/mu-tools/files/amazon/etc/security/limits.conf +63 -0
- data/cookbooks/mu-tools/files/amazon/etc/sysconfig/init +19 -0
- data/cookbooks/mu-tools/files/amazon/etc/sysctl.conf +82 -0
- data/cookbooks/mu-tools/files/amazon-2023/etc/login.defs +294 -0
- data/cookbooks/mu-tools/files/default/logrotate.conf +35 -0
- data/cookbooks/mu-tools/files/default/nrpe_conf_d.pp +0 -0
- data/cookbooks/mu-tools/libraries/helper.rb +21 -9
- data/cookbooks/mu-tools/metadata.rb +4 -4
- data/cookbooks/mu-tools/recipes/apply_security.rb +3 -2
- data/cookbooks/mu-tools/recipes/aws_api.rb +23 -5
- data/cookbooks/mu-tools/recipes/base_repositories.rb +4 -1
- data/cookbooks/mu-tools/recipes/gcloud.rb +56 -56
- data/cookbooks/mu-tools/recipes/nagios.rb +1 -1
- data/cookbooks/mu-tools/recipes/nrpe.rb +20 -2
- data/cookbooks/mu-tools/recipes/rsyslog.rb +12 -1
- data/cookbooks/mu-tools/recipes/set_local_fw.rb +1 -1
- data/data_bags/nagios_services/apm_backend_connect.json +5 -0
- data/data_bags/nagios_services/apm_listen.json +5 -0
- data/data_bags/nagios_services/elastic_shards.json +5 -0
- data/data_bags/nagios_services/logstash.json +5 -0
- data/data_bags/nagios_services/rhel7_updates.json +8 -0
- data/extras/image-generators/AWS/centos7.yaml +1 -0
- data/extras/image-generators/AWS/rhel7.yaml +21 -0
- data/extras/image-generators/AWS/win2k12r2.yaml +1 -0
- data/extras/image-generators/AWS/win2k16.yaml +1 -0
- data/extras/image-generators/AWS/win2k19.yaml +1 -0
- data/extras/list-stock-amis +0 -0
- data/extras/ruby_rpm/muby.spec +8 -5
- data/extras/vault_tools/export_vaults.sh +1 -1
- data/extras/vault_tools/recreate_vaults.sh +0 -0
- data/extras/vault_tools/test_vaults.sh +0 -0
- data/install/deprecated-bash-library.sh +1 -1
- data/install/installer +4 -2
- data/modules/mommacat.ru +3 -1
- data/modules/mu/adoption.rb +1 -1
- data/modules/mu/cloud/dnszone.rb +2 -2
- data/modules/mu/cloud/machine_images.rb +26 -25
- data/modules/mu/cloud/resource_base.rb +213 -182
- data/modules/mu/cloud/server_pool.rb +1 -1
- data/modules/mu/cloud/ssh_sessions.rb +7 -5
- data/modules/mu/cloud/wrappers.rb +2 -2
- data/modules/mu/cloud.rb +1 -1
- data/modules/mu/config/bucket.rb +1 -1
- data/modules/mu/config/function.rb +6 -1
- data/modules/mu/config/loadbalancer.rb +24 -2
- data/modules/mu/config/ref.rb +12 -0
- data/modules/mu/config/role.rb +1 -1
- data/modules/mu/config/schema_helpers.rb +42 -9
- data/modules/mu/config/server.rb +43 -27
- data/modules/mu/config/tail.rb +19 -10
- data/modules/mu/config.rb +6 -5
- data/modules/mu/defaults/AWS.yaml +78 -114
- data/modules/mu/deploy.rb +9 -2
- data/modules/mu/groomer.rb +12 -4
- data/modules/mu/groomers/ansible.rb +104 -20
- data/modules/mu/groomers/chef.rb +15 -6
- data/modules/mu/master.rb +9 -4
- data/modules/mu/mommacat/daemon.rb +4 -2
- data/modules/mu/mommacat/naming.rb +1 -2
- data/modules/mu/mommacat/storage.rb +7 -2
- data/modules/mu/mommacat.rb +33 -6
- data/modules/mu/providers/aws/database.rb +161 -8
- data/modules/mu/providers/aws/dnszone.rb +11 -6
- data/modules/mu/providers/aws/endpoint.rb +81 -6
- data/modules/mu/providers/aws/firewall_rule.rb +254 -172
- data/modules/mu/providers/aws/function.rb +65 -3
- data/modules/mu/providers/aws/loadbalancer.rb +39 -28
- data/modules/mu/providers/aws/log.rb +2 -1
- data/modules/mu/providers/aws/role.rb +25 -7
- data/modules/mu/providers/aws/server.rb +36 -12
- data/modules/mu/providers/aws/server_pool.rb +237 -127
- data/modules/mu/providers/aws/storage_pool.rb +7 -1
- data/modules/mu/providers/aws/user.rb +1 -1
- data/modules/mu/providers/aws/userdata/linux.erb +6 -2
- data/modules/mu/providers/aws/userdata/windows.erb +7 -5
- data/modules/mu/providers/aws/vpc.rb +49 -25
- data/modules/mu/providers/aws.rb +13 -8
- data/modules/mu/providers/azure/container_cluster.rb +1 -1
- data/modules/mu/providers/azure/loadbalancer.rb +2 -2
- data/modules/mu/providers/azure/server.rb +5 -2
- data/modules/mu/providers/azure/userdata/linux.erb +1 -1
- data/modules/mu/providers/azure.rb +11 -8
- data/modules/mu/providers/cloudformation/dnszone.rb +1 -1
- data/modules/mu/providers/google/container_cluster.rb +15 -2
- data/modules/mu/providers/google/folder.rb +2 -1
- data/modules/mu/providers/google/function.rb +130 -4
- data/modules/mu/providers/google/habitat.rb +2 -1
- data/modules/mu/providers/google/loadbalancer.rb +407 -160
- data/modules/mu/providers/google/role.rb +16 -3
- data/modules/mu/providers/google/server.rb +5 -1
- data/modules/mu/providers/google/user.rb +25 -18
- data/modules/mu/providers/google/userdata/linux.erb +1 -1
- data/modules/mu/providers/google/vpc.rb +53 -7
- data/modules/mu/providers/google.rb +39 -39
- data/modules/mu.rb +8 -8
- data/modules/tests/elk.yaml +46 -0
- data/test/mu-master-test/controls/all_in_one.rb +1 -1
- metadata +207 -112
- data/cookbooks/firewall/CONTRIBUTING.md +0 -2
- data/cookbooks/firewall/MAINTAINERS.md +0 -19
- data/cookbooks/firewall/libraries/matchers.rb +0 -30
- data/extras/image-generators/AWS/rhel71.yaml +0 -17
data/bin/mu-aws-setup
CHANGED
@@ -239,10 +239,10 @@ end
|
|
239
239
|
if $opts[:optdisk] and !File.open("/etc/mtab").read.match(/ \/opt[\s\/]/)
|
240
240
|
wd = Dir.getwd
|
241
241
|
Dir.chdir("/")
|
242
|
-
if File.
|
242
|
+
if File.exist?("/opt/opscode/bin/chef-server-ctl")
|
243
243
|
system("/opt/opscode/bin/chef-server-ctl stop")
|
244
244
|
end
|
245
|
-
if !File.
|
245
|
+
if !File.exist?("/sbin/mkfs.xfs")
|
246
246
|
system("/usr/bin/yum -y install xfsprogs")
|
247
247
|
end
|
248
248
|
MU::Master.disk("/dev/xvdj", "/opt_tmp", 30)
|
@@ -251,6 +251,7 @@ if $opts[:optdisk] and !File.open("/etc/mtab").read.match(/ \/opt[\s\/]/)
|
|
251
251
|
MU.log "Failed to retrieve UUID of block device xvdj", MU::ERR, details: MU::Cloud::AWS.realDevicePath("/dev/xvdj")
|
252
252
|
exit 1
|
253
253
|
end
|
254
|
+
|
254
255
|
MU.log "Moving contents of /opt to /opt_tmp", MU::NOTICE
|
255
256
|
system("/bin/mv /opt/* /opt_tmp/")
|
256
257
|
exit 1 if $?.exitstatus != 0
|
@@ -260,7 +261,7 @@ if $opts[:optdisk] and !File.open("/etc/mtab").read.match(/ \/opt[\s\/]/)
|
|
260
261
|
system("echo '#{uuid} /opt xfs defaults 0 0' >> /etc/fstab")
|
261
262
|
system("/bin/mount -a")
|
262
263
|
exit 1 if $?.exitstatus != 0
|
263
|
-
if File.
|
264
|
+
if File.exist?("/opt/opscode/bin/chef-server-ctl")
|
264
265
|
system("/opt/opscode/bin/chef-server-ctl start")
|
265
266
|
end
|
266
267
|
Dir.chdir(wd)
|
data/bin/mu-azure-setup
CHANGED
@@ -47,12 +47,12 @@ Usage:
|
|
47
47
|
opt :optdisk, "Create a block volume for /opt and slide our installation onto it", :require => false, :default => false, :type => :boolean
|
48
48
|
end
|
49
49
|
|
50
|
-
if MU::Cloud::Azure.hosted? and !$MU_CFG['
|
50
|
+
if MU::Cloud::Azure.hosted? and !$MU_CFG['azure']
|
51
51
|
new_cfg = $MU_CFG.dup
|
52
52
|
cfg_blob = MU::Cloud::Azure.hosted_config
|
53
53
|
if cfg_blob
|
54
54
|
cfg_blob['log_bucket_name'] ||= $MU_CFG['hostname']
|
55
|
-
new_cfg["
|
55
|
+
new_cfg["azure"] = { "default" => cfg_blob }
|
56
56
|
MU.log "Adding auto-detected Azure stanza to #{cfgPath}", MU::NOTICE
|
57
57
|
if new_cfg != $MU_CFG or !cfgExists?
|
58
58
|
MU.log "Generating #{cfgPath}"
|
@@ -251,10 +251,10 @@ if $opts[:optdisk] and !File.open("/etc/mtab").read.match(/ \/opt[\s\/]/)
|
|
251
251
|
# myname = MU::Cloud::Google.getGoogleMetaData("instance/name")
|
252
252
|
# wd = Dir.getwd
|
253
253
|
# Dir.chdir("/")
|
254
|
-
# if File.
|
254
|
+
# if File.exist?("/opt/opscode/bin/chef-server-ctl")
|
255
255
|
# system("/opt/opscode/bin/chef-server-ctl stop")
|
256
256
|
# end
|
257
|
-
# if !File.
|
257
|
+
# if !File.exist?("/sbin/mkfs.xfs")
|
258
258
|
# system("/usr/bin/yum -y install xfsprogs")
|
259
259
|
# end
|
260
260
|
# MU::Master.disk(myname+"-mu-opt", "/opt_tmp", 30)
|
@@ -272,7 +272,7 @@ if $opts[:optdisk] and !File.open("/etc/mtab").read.match(/ \/opt[\s\/]/)
|
|
272
272
|
# system("echo '#{uuid} /opt xfs defaults 0 0' >> /etc/fstab")
|
273
273
|
# system("/bin/mount -a")
|
274
274
|
# exit 1 if $?.exitstatus != 0
|
275
|
-
# if File.
|
275
|
+
# if File.exist?("/opt/opscode/bin/chef-server-ctl")
|
276
276
|
# system("/opt/opscode/bin/chef-server-ctl start")
|
277
277
|
# end
|
278
278
|
# Dir.chdir(wd)
|
data/bin/mu-configure
CHANGED
@@ -49,6 +49,9 @@ GIT_PATTERN = /(((git|ssh|http(s)?)|(git@[\w\.]+))(:(\/\/)?))?([\w\.@\:\/\-~]+)(
|
|
49
49
|
def _system(cmd)
|
50
50
|
puts cmd.bold
|
51
51
|
system(CLEAN_ENV, cmd)
|
52
|
+
if $? != 0
|
53
|
+
exit 1
|
54
|
+
end
|
52
55
|
end
|
53
56
|
|
54
57
|
$IN_GEM = false
|
@@ -103,30 +106,29 @@ $possible_addresses = []
|
|
103
106
|
$impossible_addresses = ['127.0.0.1', 'localhost']
|
104
107
|
begin
|
105
108
|
sys_name = Socket.gethostname
|
106
|
-
official, aliases = Socket.gethostbyname(sys_name)
|
107
109
|
$possible_addresses << sys_name
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
110
|
+
|
111
|
+
addrinfo = Addrinfo.ip(sys_name)
|
112
|
+
official = addrinfo.getnameinfo.first
|
113
|
+
$possible_addresses << official if official and official != sys_name
|
114
|
+
|
113
115
|
end
|
114
116
|
Socket.getifaddrs.each { |iface|
|
115
117
|
if iface.addr and iface.addr.ipv4?
|
116
118
|
$possible_addresses << iface.addr.ip_address
|
117
|
-
|
118
|
-
|
119
|
-
$possible_addresses << addrinfo.first if !addrinfo.first.nil?
|
120
|
-
rescue SocketError
|
121
|
-
# usually no name to look up; that's ok
|
122
|
-
end
|
119
|
+
addrinfo = Addrinfo.ip(iface.addr.ip_address)
|
120
|
+
$possible_addresses << addrinfo.getnameinfo.first if addrinfo.getnameinfo.first
|
123
121
|
end
|
124
122
|
}
|
125
123
|
|
126
124
|
if $IN_AWS
|
127
125
|
["local-ipv4", "public-ipv4"].each { |addr|
|
128
126
|
ip = URI.open("http://169.254.169.254/latest/meta-data/#{addr}").read.chomp
|
129
|
-
|
127
|
+
if ip and ip =~ /^\d+\.\d+\.\d+\.\d+/
|
128
|
+
$possible_addresses.unshift(ip)
|
129
|
+
addrinfo = Addrinfo.ip(ip)
|
130
|
+
$possible_addresses << addrinfo.getnameinfo.first if addrinfo.getnameinfo.first
|
131
|
+
end
|
130
132
|
}
|
131
133
|
elsif $IN_GOOGLE
|
132
134
|
["ip", "access-configs/0/external-ip"].each { |addr|
|
@@ -184,6 +186,12 @@ $CONFIGURABLES = {
|
|
184
186
|
"desc" => "Disable the Momma Cat grooming daemon. Nodes which require asynchronous Ansible/Chef bootstraps will not function. This option is only honored in gem-based installations.",
|
185
187
|
"boolean" => true
|
186
188
|
},
|
189
|
+
"disable_nagios" => {
|
190
|
+
"title" => "Disable Nagios",
|
191
|
+
"default" => false,
|
192
|
+
"desc" => "Disable Nagios monitoring",
|
193
|
+
"boolean" => true
|
194
|
+
},
|
187
195
|
"adopt_change_notify" => {
|
188
196
|
"title" => "Adoption Change Notifications",
|
189
197
|
"subtree" => {
|
@@ -557,8 +565,8 @@ if !$NOOP
|
|
557
565
|
end
|
558
566
|
exit 1 if $?.exitstatus != 0
|
559
567
|
end
|
560
|
-
_system("cd #{MU_BASE}/lib/modules && umask 0022 && /usr/local/ruby-current/bin/bundle install")
|
561
|
-
_system("cd #{MU_BASE}/lib/modules && umask 0022 && /opt/chef/embedded/bin/bundle install")
|
568
|
+
_system("cd #{MU_BASE}/lib/modules && umask 0022 && env -i PATH=/usr/local/ruby-current/bin:/bin:/usr/bin /usr/local/ruby-current/bin/bundle install")
|
569
|
+
_system("cd #{MU_BASE}/lib/modules && umask 0022 && env -i PATH=/opt/chef/embedded/bin:/bin:/usr/bin /opt/chef/embedded/bin/bundle install")
|
562
570
|
|
563
571
|
KNIFE_TEMPLATE = "log_level :info
|
564
572
|
log_location STDOUT
|
@@ -1377,7 +1385,7 @@ ssl_verify_mode :verify_none
|
|
1377
1385
|
if AMROOT and ($INITIALIZE or $CHANGES.include?("chefartifacts"))
|
1378
1386
|
MU.log "Purging and re-uploading all Chef artifacts", MU::NOTICE
|
1379
1387
|
%x{/sbin/service iptables stop} if $INITIALIZE
|
1380
|
-
if File.
|
1388
|
+
if File.exist?("#{CHEF_CTL}")
|
1381
1389
|
_system("#{CHEF_CTL} start")
|
1382
1390
|
end
|
1383
1391
|
output = %x{MU_INSTALLDIR=#{MU_BASE} MU_LIBDIR=#{MU_BASE}/lib MU_DATADIR=#{MU_BASE}/var #{MU_BASE}/lib/bin/mu-upload-chef-artifacts}
|
@@ -1498,7 +1506,7 @@ ssl_verify_mode :verify_none
|
|
1498
1506
|
end
|
1499
1507
|
|
1500
1508
|
begin
|
1501
|
-
if File.
|
1509
|
+
if File.exist?("#{CHEF_CTL}")
|
1502
1510
|
_system("#{CHEF_CTL} start")
|
1503
1511
|
end
|
1504
1512
|
MU::Groomer::Chef.getSecret(vault: "secrets", item: "consul")
|
data/bin/mu-gcp-setup
CHANGED
@@ -140,10 +140,10 @@ if $opts[:optdisk] and !File.open("/etc/mtab").read.match(/ \/opt[\s\/]/)
|
|
140
140
|
myname = MU::Cloud::Google.getGoogleMetaData("instance/name")
|
141
141
|
wd = Dir.getwd
|
142
142
|
Dir.chdir("/")
|
143
|
-
if File.
|
143
|
+
if File.exist?("/opt/opscode/bin/chef-server-ctl")
|
144
144
|
system("/opt/opscode/bin/chef-server-ctl stop")
|
145
145
|
end
|
146
|
-
if !File.
|
146
|
+
if !File.exist?("/sbin/mkfs.xfs")
|
147
147
|
system("/usr/bin/yum -y install xfsprogs")
|
148
148
|
end
|
149
149
|
MU::Master.disk(myname+"-mu-opt", "/opt_tmp", 30)
|
@@ -161,7 +161,7 @@ if $opts[:optdisk] and !File.open("/etc/mtab").read.match(/ \/opt[\s\/]/)
|
|
161
161
|
system("echo '#{uuid} /opt xfs defaults 0 0' >> /etc/fstab")
|
162
162
|
system("/bin/mount -a")
|
163
163
|
exit 1 if $?.exitstatus != 0
|
164
|
-
if File.
|
164
|
+
if File.exist?("/opt/opscode/bin/chef-server-ctl")
|
165
165
|
system("/opt/opscode/bin/chef-server-ctl start")
|
166
166
|
end
|
167
167
|
Dir.chdir(wd)
|
data/bin/mu-load-config.rb
CHANGED
@@ -75,6 +75,7 @@ def loadMuConfig(default_cfg_overrides = nil)
|
|
75
75
|
"chain" => "/opt/mu/var/ssl/Mu_CA.pem"
|
76
76
|
},
|
77
77
|
"mu_admin_email" => "root@localhost",
|
78
|
+
"disable_nagios" => false,
|
78
79
|
"allow_invade_foreign_vpcs" => false,
|
79
80
|
"mu_repo" => "cloudamatic/mu.git",
|
80
81
|
"public_address" => Socket.gethostname || "localhost",
|
data/bin/mu-node-manage
CHANGED
@@ -60,14 +60,15 @@ end
|
|
60
60
|
|
61
61
|
Thread.abort_on_exception = true
|
62
62
|
master_pid = Process.pid
|
63
|
-
|
63
|
+
CHILDREN = {}
|
64
|
+
SUMMARIES = []
|
64
65
|
signals = Signal.list
|
65
66
|
signals.keys.each { |sig|
|
66
67
|
# Ruby 2.3 doesn't want to trap these
|
67
68
|
next if ["ILL", "FPE", "KILL", "BUS", "SEGV", "STOP", "VTALRM"].include?(sig)
|
68
69
|
Signal.trap(signals[sig]) do
|
69
70
|
if Process.pid == master_pid
|
70
|
-
|
71
|
+
CHILDREN.each_pair { |pid, node|
|
71
72
|
if ["INT", "TERM", "EXIT", "ABRT"].include?(sig)
|
72
73
|
Process.kill("KILL", pid) # aka --dammit
|
73
74
|
else
|
@@ -153,7 +154,11 @@ if do_nodes.size > 0
|
|
153
154
|
else
|
154
155
|
do_nodes = avail_nodes
|
155
156
|
end
|
156
|
-
|
157
|
+
|
158
|
+
if do_nodes
|
159
|
+
do_nodes.uniq!
|
160
|
+
do_nodes.sort!
|
161
|
+
end
|
157
162
|
|
158
163
|
#do_nodes.sort!{ |x,y| (x[$opts[:info]] <=> y[$opts[:info]]) }
|
159
164
|
|
@@ -181,6 +186,7 @@ exit 1 if !ok
|
|
181
186
|
def reGroom(deploys = MU::MommaCat.listDeploys, nodes = [], vaults_only: false, groomeronly: false)
|
182
187
|
badnodes = []
|
183
188
|
count = 0
|
189
|
+
pipes = {}
|
184
190
|
deploys.each { |muid|
|
185
191
|
mommacat = MU::MommaCat.new(muid)
|
186
192
|
next if mommacat.kittens.nil? or mommacat.kittens['servers'].nil?
|
@@ -192,7 +198,10 @@ def reGroom(deploys = MU::MommaCat.listDeploys, nodes = [], vaults_only: false,
|
|
192
198
|
fw.groom
|
193
199
|
}
|
194
200
|
count = count + 1
|
201
|
+
# pipe to get our MU::SUMMARY messages across process boundaries
|
202
|
+
reader, writer = IO.pipe
|
195
203
|
child = Process.fork {
|
204
|
+
reader.close
|
196
205
|
begin
|
197
206
|
type = "server"
|
198
207
|
type = "server_pool" if server.config.has_key?("basis")
|
@@ -206,28 +215,41 @@ def reGroom(deploys = MU::MommaCat.listDeploys, nodes = [], vaults_only: false,
|
|
206
215
|
else
|
207
216
|
mommacat.groomNode(server.cloud_id, nodeclass, type, mu_name: mu_name)
|
208
217
|
end
|
218
|
+
if MU.summary
|
219
|
+
MU.summary.each { |msg|
|
220
|
+
writer.puts msg
|
221
|
+
}
|
222
|
+
end
|
223
|
+
writer.close
|
209
224
|
rescue Exception => e
|
225
|
+
writer.close
|
210
226
|
MU.log e.inspect, MU::ERR, details: e.backtrace
|
211
227
|
exit 1
|
212
228
|
end
|
213
229
|
}
|
214
|
-
|
230
|
+
writer.close
|
231
|
+
CHILDREN[child] = mu_name
|
232
|
+
pipes[child] = reader
|
215
233
|
}
|
216
|
-
while
|
234
|
+
while CHILDREN.size >= $opts[:concurrent]-1
|
217
235
|
child = Process.wait
|
236
|
+
SUMMARIES.concat(pipes[child].readlines)
|
237
|
+
pipes[child].close
|
218
238
|
if !$?.success?
|
219
|
-
badnodes <<
|
239
|
+
badnodes << CHILDREN[child]
|
220
240
|
end
|
221
|
-
|
241
|
+
CHILDREN.delete(child)
|
222
242
|
end
|
223
243
|
}
|
224
244
|
}
|
225
245
|
}
|
226
246
|
Process.waitall.each { |child|
|
247
|
+
SUMMARIES.concat(pipes[child[0]].readlines)
|
248
|
+
pipes[child[0]].close
|
227
249
|
if !child[1].success?
|
228
|
-
badnodes <<
|
250
|
+
badnodes << CHILDREN[child[0]]
|
229
251
|
end
|
230
|
-
}
|
252
|
+
}
|
231
253
|
|
232
254
|
if badnodes.size > 0
|
233
255
|
MU.log "Not all Momma Cat runs exited cleanly", MU::WARN, details: badnodes
|
@@ -347,19 +369,19 @@ def runCommand(deploys = MU::MommaCat.listDeploys, nodes = [], cmd = nil, print_
|
|
347
369
|
puts "#{nodename} - #{output}" if print_output and output.match(/[^\s]/)
|
348
370
|
|
349
371
|
}
|
350
|
-
|
351
|
-
while
|
372
|
+
CHILDREN[child] = nodename
|
373
|
+
while CHILDREN.size >= $opts[:concurrent] - 1
|
352
374
|
child = Process.wait
|
353
375
|
if !$?.success?
|
354
|
-
badnodes <<
|
376
|
+
badnodes << CHILDREN[child]
|
355
377
|
end
|
356
|
-
|
378
|
+
CHILDREN.delete(child)
|
357
379
|
end
|
358
380
|
}
|
359
381
|
}
|
360
382
|
Process.waitall.each { |child|
|
361
383
|
if !child[1].success?
|
362
|
-
badnodes <<
|
384
|
+
badnodes << CHILDREN[child[0]]
|
363
385
|
end
|
364
386
|
}
|
365
387
|
|
@@ -401,10 +423,10 @@ def updateAWSMetaData(deploys = MU::MommaCat.listDeploys, nodes = [])
|
|
401
423
|
end
|
402
424
|
|
403
425
|
# MU::Cloud::AWS::Server.createIAMProfile(pool_name, base_profile: server['iam_role'], extra_policies: server['iam_policies'])
|
404
|
-
pool_obj = mommacat.findLitterMate(type: "server_pool", mu_name: pool_name)
|
405
|
-
pool_obj.groom
|
426
|
+
pool_obj = mommacat.findLitterMate(type: "server_pool", mu_name: pool_name, credentials: server['credentials'], debug: true)
|
427
|
+
pool_obj.groom if pool_obj
|
406
428
|
|
407
|
-
resp = MU::Cloud::AWS.autoscale.describe_auto_scaling_groups(
|
429
|
+
resp = MU::Cloud::AWS.autoscale(credentials: server['credentials'], region: server['region']).describe_auto_scaling_groups(
|
408
430
|
auto_scaling_group_names: [pool_name]
|
409
431
|
)
|
410
432
|
|
@@ -413,7 +435,7 @@ def updateAWSMetaData(deploys = MU::MommaCat.listDeploys, nodes = [])
|
|
413
435
|
next
|
414
436
|
end
|
415
437
|
resp.auto_scaling_groups.each { |asg|
|
416
|
-
launch = MU::Cloud::AWS.autoscale.describe_launch_configurations(
|
438
|
+
launch = MU::Cloud::AWS.autoscale(credentials: server['credentials'], region: server['region']).describe_launch_configurations(
|
417
439
|
launch_configuration_names: [asg.launch_configuration_name]
|
418
440
|
).launch_configurations.first
|
419
441
|
|
@@ -430,14 +452,16 @@ def updateAWSMetaData(deploys = MU::MommaCat.listDeploys, nodes = [])
|
|
430
452
|
"publicIP" => MU.mu_public_ip,
|
431
453
|
"resourceName" => svr_class,
|
432
454
|
"windowsAdminName" => server['windows_admin_username'],
|
455
|
+
"adminBucketName" => MU::Cloud::AWS.adminBucketName(server['credentials']),
|
433
456
|
"skipApplyUpdates" => server['skipinitialupdates'],
|
457
|
+
"chefVersion" => MU.chefVersion,
|
434
458
|
"resourceType" => "server_pool"
|
435
459
|
},
|
436
460
|
custom_append: server['userdata_script']
|
437
461
|
)
|
438
462
|
|
439
463
|
# Figure out which devices are embedded in the AMI already.
|
440
|
-
image = MU::Cloud::AWS.ec2.describe_images(image_ids: [server["basis"]["launch_config"]["ami_id"]]).images.first
|
464
|
+
image = MU::Cloud::AWS.ec2(credentials: server['credentials'], region: server['region']).describe_images(image_ids: [server["basis"]["launch_config"]["ami_id"]]).images.first
|
441
465
|
|
442
466
|
if image.nil?
|
443
467
|
MU.log "#{server["basis"]["launch_config"]["ami_id"]} does not exist, skipping launch config #{asg.launch_configuration_name}", MU::ERR
|
@@ -483,7 +507,7 @@ def updateAWSMetaData(deploys = MU::MommaCat.listDeploys, nodes = [])
|
|
483
507
|
|
484
508
|
# Put our Autoscale group onto a temporary launch config
|
485
509
|
begin
|
486
|
-
MU::Cloud::AWS.autoscale.create_launch_configuration(
|
510
|
+
MU::Cloud::AWS.autoscale(credentials: server['credentials'], region: server['region']).create_launch_configuration(
|
487
511
|
launch_configuration_name: pool_name+"-TMP",
|
488
512
|
user_data: Base64.encode64(userdata),
|
489
513
|
image_id: server["basis"]["launch_config"]["ami_id"],
|
@@ -505,16 +529,16 @@ def updateAWSMetaData(deploys = MU::MommaCat.listDeploys, nodes = [])
|
|
505
529
|
next
|
506
530
|
end
|
507
531
|
|
508
|
-
MU::Cloud::AWS.autoscale.update_auto_scaling_group(
|
532
|
+
MU::Cloud::AWS.autoscale(credentials: server['credentials'], region: server['region']).update_auto_scaling_group(
|
509
533
|
auto_scaling_group_name: pool_name,
|
510
534
|
launch_configuration_name: pool_name+"-TMP"
|
511
535
|
)
|
512
536
|
|
513
537
|
# ...now back to an identical one with the "real" name
|
514
|
-
MU::Cloud::AWS.autoscale.delete_launch_configuration(
|
538
|
+
MU::Cloud::AWS.autoscale(credentials: server['credentials'], region: server['region']).delete_launch_configuration(
|
515
539
|
launch_configuration_name: pool_name
|
516
540
|
)
|
517
|
-
MU::Cloud::AWS.autoscale.create_launch_configuration(
|
541
|
+
MU::Cloud::AWS.autoscale(credentials: server['credentials'], region: server['region']).create_launch_configuration(
|
518
542
|
launch_configuration_name: pool_name,
|
519
543
|
user_data: Base64.encode64(userdata),
|
520
544
|
image_id: server["basis"]["launch_config"]["ami_id"],
|
@@ -527,11 +551,11 @@ def updateAWSMetaData(deploys = MU::MommaCat.listDeploys, nodes = [])
|
|
527
551
|
ebs_optimized: server["basis"]["launch_config"]["ebs_optimized"],
|
528
552
|
associate_public_ip_address: launch.associate_public_ip_address
|
529
553
|
)
|
530
|
-
MU::Cloud::AWS.autoscale.update_auto_scaling_group(
|
554
|
+
MU::Cloud::AWS.autoscale(credentials: server['credentials'], region: server['region']).update_auto_scaling_group(
|
531
555
|
auto_scaling_group_name: pool_name,
|
532
556
|
launch_configuration_name: pool_name
|
533
557
|
)
|
534
|
-
MU::Cloud::AWS.autoscale.delete_launch_configuration(
|
558
|
+
MU::Cloud::AWS.autoscale(credentials: server['credentials'], region: server['region']).delete_launch_configuration(
|
535
559
|
launch_configuration_name: pool_name+"-TMP"
|
536
560
|
)
|
537
561
|
|
@@ -549,7 +573,7 @@ def updateAWSMetaData(deploys = MU::MommaCat.listDeploys, nodes = [])
|
|
549
573
|
end
|
550
574
|
id = server['cloud_id']
|
551
575
|
id = server['instance_id'] if id.nil?
|
552
|
-
desc = MU::Cloud::AWS.ec2(region: server['region']).describe_instances(instance_ids: [id]).reservations.first.instances.first
|
576
|
+
desc = MU::Cloud::AWS.ec2(credentials: server['conf']['credentials'], region: server['region']).describe_instances(instance_ids: [id]).reservations.first.instances.first
|
553
577
|
|
554
578
|
server['conf']["platform"] = "linux" if !server['conf'].has_key?("platform")
|
555
579
|
next if nodes.size > 0 and !nodes.include?(nodename)
|
@@ -563,7 +587,7 @@ def updateAWSMetaData(deploys = MU::MommaCat.listDeploys, nodes = [])
|
|
563
587
|
server_obj = mommacat.findLitterMate(type: "server", mu_name: nodename)
|
564
588
|
server_obj.groom
|
565
589
|
end
|
566
|
-
olduserdata = Base64.decode64(MU::Cloud::AWS.ec2(region: server['region']).describe_instance_attribute(
|
590
|
+
olduserdata = Base64.decode64(MU::Cloud::AWS.ec2(credentials: server['conf']['credentials'], region: server['region']).describe_instance_attribute(
|
567
591
|
instance_id: id,
|
568
592
|
attribute: "userData"
|
569
593
|
).user_data.value)
|
@@ -576,9 +600,12 @@ def updateAWSMetaData(deploys = MU::MommaCat.listDeploys, nodes = [])
|
|
576
600
|
"muID" => muid,
|
577
601
|
"muUser" => MU.chef_user,
|
578
602
|
"publicIP" => MU.mu_public_ip,
|
603
|
+
"mommaCatPort" => MU.mommaCatPort,
|
579
604
|
"resourceName" => server['conf']['name'],
|
580
605
|
"windowsAdminName" => server['conf']['windows_admin_username'],
|
606
|
+
"adminBucketName" => MU::Cloud::AWS.adminBucketName(server['conf']['credentials']),
|
581
607
|
"skipApplyUpdates" => server['conf']['skipinitialupdates'],
|
608
|
+
"chefVersion" => MU.chefVersion,
|
582
609
|
"resourceType" => mytype
|
583
610
|
},
|
584
611
|
custom_append: server['userdata_script']
|
@@ -600,7 +627,7 @@ def updateAWSMetaData(deploys = MU::MommaCat.listDeploys, nodes = [])
|
|
600
627
|
|
601
628
|
MU.log "Updating #{nodename} userdata (#{server["conf"]["platform"]})"
|
602
629
|
begin
|
603
|
-
MU::Cloud::AWS.ec2(region: server['region']).modify_instance_attribute(
|
630
|
+
MU::Cloud::AWS.ec2(credentials: server['conf']['credentials'], region: server['region']).modify_instance_attribute(
|
604
631
|
instance_id: id,
|
605
632
|
attribute: "userData",
|
606
633
|
value: Base64.encode64(userdata)
|
@@ -656,20 +683,20 @@ def chefUpgrade(deploys = MU::MommaCat.listDeploys, nodes = [])
|
|
656
683
|
rescue Exception
|
657
684
|
end
|
658
685
|
}
|
659
|
-
|
660
|
-
while
|
686
|
+
CHILDREN[child] = nodename
|
687
|
+
while CHILDREN.size >= $opts[:concurrent]-1
|
661
688
|
child = Process.wait
|
662
689
|
if !$?.success?
|
663
|
-
badnodes <<
|
690
|
+
badnodes << CHILDREN[child]
|
664
691
|
end
|
665
|
-
|
692
|
+
CHILDREN.delete(child)
|
666
693
|
end
|
667
694
|
}
|
668
695
|
}
|
669
696
|
|
670
697
|
Process.waitall.each { |child|
|
671
698
|
if !child[1].success?
|
672
|
-
badnodes <<
|
699
|
+
badnodes << CHILDREN[child[0]]
|
673
700
|
end
|
674
701
|
}
|
675
702
|
|
@@ -700,3 +727,9 @@ elsif $opts[:mode] == "userdata" or $opts[:mode] == "awsmeta"
|
|
700
727
|
# Need Google equiv and to select nodes correctly based on what cloud they're in
|
701
728
|
updateAWSMetaData(do_deploys, do_nodes)
|
702
729
|
end
|
730
|
+
|
731
|
+
if !SUMMARIES.empty?
|
732
|
+
SUMMARIES.sort.uniq.each { |msg|
|
733
|
+
puts msg
|
734
|
+
}
|
735
|
+
end
|
data/bin/mu-self-update
CHANGED
@@ -159,7 +159,7 @@ git config branch.${branch}.merge refs/heads/$branch
|
|
159
159
|
CHEF_CLIENT_VERSION=`grep '^CHEF_CLIENT_VERSION=' /opt/mu/lib/install/installer |cut -d\" -f2`
|
160
160
|
|
161
161
|
# Make sure any new bootstrappy stuff has been applied
|
162
|
-
chef-apply /opt/mu/lib/cookbooks/mu-master/recipes/init.rb
|
162
|
+
PATH="/opt/chef/embedded/bin:${PATH}" /opt/chef/bin/chef-apply /opt/mu/lib/cookbooks/mu-master/recipes/init.rb
|
163
163
|
|
164
164
|
# Make sure bundler will use a recent git binary
|
165
165
|
if [ -d /usr/local/git-current ];then
|
@@ -213,7 +213,7 @@ else
|
|
213
213
|
fi
|
214
214
|
fi
|
215
215
|
|
216
|
-
/opt/chef/bin/chef-apply $MU_LIBDIR/cookbooks/mu-master/recipes/init.rb
|
216
|
+
PATH="/opt/chef/embedded/bin:${PATH}" /opt/chef/bin/chef-apply $MU_LIBDIR/cookbooks/mu-master/recipes/init.rb
|
217
217
|
|
218
218
|
/bin/rm -rf $MU_DATADIR/tmp/cookbook_changes.$$
|
219
219
|
/bin/rm -rf $MU_DATADIR/tmp/berks_changes.$$
|
@@ -20,7 +20,12 @@ set -e
|
|
20
20
|
#################################################
|
21
21
|
|
22
22
|
scriptpath="`dirname $0`"
|
23
|
-
|
23
|
+
# Chef can't pick a lane
|
24
|
+
if [ -x "/opt/chef/bin/knife" ];then
|
25
|
+
knife="/opt/chef/bin/knife"
|
26
|
+
elif [ -x "/opt/chef/embedded/bin/knife" ];then
|
27
|
+
knife="/opt/chef/embedded/bin/knife"
|
28
|
+
fi
|
24
29
|
|
25
30
|
USER=`whoami`
|
26
31
|
STARTDIR=`pwd`
|
data/bin/mu-user-manage
CHANGED
data/cloud-mu.gemspec
CHANGED
@@ -17,8 +17,8 @@ end
|
|
17
17
|
|
18
18
|
Gem::Specification.new do |s|
|
19
19
|
s.name = 'cloud-mu'
|
20
|
-
s.version = '3.
|
21
|
-
s.date = '
|
20
|
+
s.version = '3.6.3'
|
21
|
+
s.date = '2024-11-26'
|
22
22
|
s.require_paths = ['modules']
|
23
23
|
s.required_ruby_version = '>= 2.4'
|
24
24
|
s.summary = "The eGTLabs Mu toolkit for unified cloud deployments"
|
@@ -31,39 +31,41 @@ EOF
|
|
31
31
|
s.authors = ["John Stange", "Robert Patt-Corner", "Ryan Bolyard", "Zach Rowe"]
|
32
32
|
s.email = 'eGTLabs@eglobaltech.com'
|
33
33
|
s.files = build_file_list(whereami)
|
34
|
-
if Dir.
|
34
|
+
if Dir.exist?(whereami+"/bin")
|
35
35
|
s.executables = Dir.entries(whereami+"/bin").reject { |f| File.directory?(f) }
|
36
36
|
end
|
37
37
|
s.homepage =
|
38
38
|
'https://github.com/cloudamatic/mu'
|
39
39
|
s.license = 'BSD-3-Clause-Attribution'
|
40
|
-
s.add_runtime_dependency 'addressable'
|
41
|
-
s.add_runtime_dependency "aws-sdk", "
|
42
|
-
s.add_runtime_dependency
|
43
|
-
s.add_runtime_dependency '
|
44
|
-
s.add_runtime_dependency '
|
40
|
+
s.add_runtime_dependency 'addressable'#, '~> 2.5'
|
41
|
+
# s.add_runtime_dependency "aws-sdk-core", "< 3.132" # need to pin this so Chef doesn't twist itself in knots
|
42
|
+
s.add_runtime_dependency "aws-sdk", "~> 3"
|
43
|
+
# s.add_runtime_dependency 'azure_sdk', '~> 0.65'
|
44
|
+
s.add_runtime_dependency 'bundler'#, "~> 2.2"
|
45
|
+
s.add_runtime_dependency 'chronic_duration'#, "~> 0.10"
|
45
46
|
s.add_runtime_dependency 'color', "~> 1.8"
|
46
47
|
s.add_runtime_dependency 'colorize', "~> 0.8"
|
47
|
-
s.add_runtime_dependency 'erubis'
|
48
|
-
s.add_runtime_dependency '
|
49
|
-
s.add_runtime_dependency '
|
48
|
+
s.add_runtime_dependency 'erubis'#, "~> 2.7"
|
49
|
+
s.add_runtime_dependency 'faraday-multipart', "<= 1.0.4"
|
50
|
+
s.add_runtime_dependency 'google-api-client', "~> 0.53.0"
|
51
|
+
s.add_runtime_dependency 'googleauth', "~> 1.2.0"
|
50
52
|
s.add_runtime_dependency 'inifile', "~> 3.0"
|
51
53
|
s.add_runtime_dependency 'json-schema', "~> 2.8"
|
52
|
-
s.add_runtime_dependency 'net-ldap'
|
53
|
-
s.add_runtime_dependency 'net-ssh', "~>
|
54
|
-
s.add_runtime_dependency 'net-ssh-multi'
|
55
|
-
s.add_runtime_dependency 'netaddr'
|
56
|
-
s.add_runtime_dependency 'nokogiri'
|
54
|
+
s.add_runtime_dependency 'net-ldap'#, "~> 0.16"
|
55
|
+
s.add_runtime_dependency 'net-ssh', "~> 7.2"
|
56
|
+
s.add_runtime_dependency 'net-ssh-multi'#, '~> 1.2', '>= 1.2.1'
|
57
|
+
s.add_runtime_dependency 'netaddr'#, '~> 2.0'
|
58
|
+
s.add_runtime_dependency 'nokogiri'#, "~> 1.10"
|
57
59
|
s.add_runtime_dependency 'openssl-oaep', "~> 0.1"
|
58
|
-
s.add_runtime_dependency 'optimist'
|
59
|
-
s.add_runtime_dependency 'rack'
|
60
|
+
s.add_runtime_dependency 'optimist'#, "~> 3.0"
|
61
|
+
s.add_runtime_dependency 'rack'#, "~> 2.0"
|
60
62
|
s.add_runtime_dependency 'ruby-graphviz', "~> 1.2"
|
61
|
-
s.add_runtime_dependency 'rubocop'
|
62
|
-
s.add_runtime_dependency 'rubyzip'
|
63
|
+
s.add_runtime_dependency 'rubocop'#, '~> 0.58'
|
64
|
+
s.add_runtime_dependency 'rubyzip'#, "~> 2.3"
|
63
65
|
s.add_runtime_dependency 'simple-password-gen', "~> 0.1"
|
64
66
|
s.add_runtime_dependency 'slack-notifier', "~> 2.3"
|
65
|
-
s.add_runtime_dependency 'solve'
|
66
|
-
s.add_runtime_dependency 'thin'
|
67
|
+
s.add_runtime_dependency 'solve'#, '~> 4.0'
|
68
|
+
s.add_runtime_dependency 'thin'#, "~> 1.7"
|
67
69
|
s.add_runtime_dependency 'winrm', "~> 2.3", ">= 2.3.4"
|
68
|
-
s.add_runtime_dependency 'yard'
|
70
|
+
s.add_runtime_dependency 'yard'#, "~> 0.9"
|
69
71
|
end
|