conify 0.0.1

data/lib/conify/sso.rb

@@ -0,0 +1,89 @@
+require 'restclient'
+require 'uri'
+
+module Conify
+  class Sso
+    attr_accessor :external_uuid, :url, :proxy_port, :timestamp, :token
+
+    def initialize(data)
+      @external_uuid = data[:external_uuid]
+      @external_username = data[:external_username]
+      @salt = data['api']['sso_salt']
+      env = data.fetch('env', 'test')
+
+      if @url = data['api'][env]['sso_url']
+        @use_post = true
+        @proxy_port = find_available_port
+      else
+        @url = data['api'][env].chomp('/')
+      end
+
+      @timestamp  = Time.now.to_i
+      @token = make_token(@timestamp)
+    end
+
+    def path
+      self.POST? ? URI.parse(url).path : "/conflux/resources/#{external_uuid}"
+    end
+
+    def POST?
+      @use_post
+    end
+
+    def sso_url
+      self.POST? ? "http://localhost:#{@proxy_port}/" : full_url
+    end
+
+    def full_url
+      [ url, path, querystring ].join
+    end
+    alias get_url full_url
+
+    def post_url
+      url
+    end
+
+    def timestamp=(other)
+      @timestamp = other
+      @token = make_token(@timestamp)
+    end
+
+    def make_token(t)
+      Digest::SHA1.hexdigest([external_uuid, @salt, t].join(':'))
+    end
+
+    def querystring
+      return '' unless @salt
+      '?' + query_data
+    end
+
+    def query_data
+      query_params.map{|p| p.join('=')}.join('&')
+    end
+
+    def query_params
+      {
+        'id' => external_uuid,
+        'token' => @token,
+        'timestamp' => @timestamp.to_s,
+        'email' => @external_username
+      }
+    end
+
+    def message
+      if self.POST?
+        "POSTing #{query_data} to #{post_url} via proxy on port #{@proxy_port}"
+      else
+        "Opening #{full_url}"
+      end
+    end
+
+    def find_available_port
+      server = TCPServer.new('127.0.0.1', 0)
+      server.addr[1]
+    ensure
+      server.close if server
+    end
+
+  end
+end

data/lib/conify/test.rb

@@ -0,0 +1,52 @@
+require 'conify/helpers'
+require 'uri'
+
+module Conify
+  class Test
+    attr_accessor :data
+    include Conify::Helpers
+
+    def initialize(data)
+      @data = data
+    end
+
+    def env
+      @data.fetch('env', 'test')
+    end
+
+    def test(msg, &block)
+      raise "Failed: #{msg}" unless block.call
+    end
+
+    def run(klass, data)
+      test_name = klass.to_s.gsub('Conify::', '').split(/(?=[A-Z])/).join(' ')
+
+      begin
+        klass.new(data).call
+      rescue Exception => e
+        error "#{test_name} #{e.message}"
+      end
+
+      if klass.const_defined?('OUTPUT_COMPLETION') && klass.const_get('OUTPUT_COMPLETION')
+        display "#{test_name}: Looks good..."
+      end
+    end
+
+    def url
+      if data['api'][env].is_a? Hash
+        base = data['api'][env]['base_url']
+        uri = URI.parse(base)
+        uri.query = nil
+        uri.path = ''
+        uri.to_s
+      else
+        data['api'][env].chomp('/')
+      end
+    end
+
+    def api_requires?(feature)
+      data['api'].fetch('requires', []).include?(feature)
+    end
+  end
+
+end

data/lib/conify/test/all_test.rb

@@ -0,0 +1,23 @@
+require 'conify/test'
+require 'conify/test/manifest_test'
+require 'conify/test/provision_test'
+require 'conify/test/plan_change_test'
+require 'conify/test/deprovision_test'
+require 'conify/test/sso_test'
+
+class Conify::AllTest < Conify::Test
+
+  def call
+    run(Conify::ManifestTest, data)
+    run(Conify::ProvisionTest, data)
+
+    # data[:provision_response] has already been set from the above test,
+    # so add 'external_uuid' returned from inside this hash to the data object.
+    data[:external_uuid] = data[:provision_response]['id']
+
+    run(Conify::PlanChangeTest, data)
+    run(Conify::SsoTest, data)
+    run(Conify::DeprovisionTest, data)
+  end
+
+end

data/lib/conify/test/api_test.rb

@@ -0,0 +1,46 @@
+require 'conify/test'
+require 'conify/http'
+require 'uri'
+
+class Conify::ApiTest < Conify::Test
+  include Conify::HTTPForTests
+
+  def base_path
+    if data['api'][env].is_a?(Hash)
+      URI.parse(data['api'][env]['base_url']).path
+    else
+      '/conflux/resources'
+    end
+  end
+
+  def conflux_id
+    "app#{rand(10000)}@conify.goconflux.com"
+  end
+
+  def credentials
+    [ data['id'], data['api']['password'] ]
+  end
+
+  def invalid_creds
+    ['wrong', 'secret']
+  end
+
+  def callback
+    'http://localhost:7779/callback/999'
+  end
+
+  def create_provision_payload
+    payload = {
+      conflux_id: conflux_id,
+      plan: 'test',
+      callback_url: callback,
+      logplex_token: nil,
+      uuid: SecureRandom.uuid
+    }
+
+    payload[:log_drain_token] = SecureRandom.hex if api_requires?('syslog_drain')
+
+    payload
+  end
+
+end

data/lib/conify/test/deprovision_test.rb

@@ -0,0 +1,30 @@
+require 'conify/test/api_test'
+
+class Conify::DeprovisionTest < Conify::ApiTest
+
+  OUTPUT_COMPLETION = true
+
+  def call
+    external_uuid = data[:external_uuid]
+    raise ArgumentError, 'Deprovision Test: No external_uuid specified' if external_uuid.nil?
+    path = "#{base_path}/#{external_uuid.to_s}"
+
+    test 'response' do
+      code, _ = delete(credentials, path, nil)
+      if code == 200
+        true
+      elsif code == -1
+        error "Deprovision Test: unable to connect to #{url}"
+      else
+        error "Deprovision Test: expected 200, got #{code}"
+      end
+    end
+
+    test 'authentication' do
+      code, _ = delete(invalid_creds, path, nil)
+      error "Deprovision Test: expected 401, got #{code}" if code != 401
+      true
+    end
+  end
+
+end

data/lib/conify/test/manifest_test.rb

@@ -0,0 +1,88 @@
+require 'conify/test'
+
+class Conify::ManifestTest < Conify::Test
+
+  OUTPUT_COMPLETION = true
+
+  def call
+    test 'id key exists' do
+      data.has_key?('id')
+    end
+
+    test 'id is a string' do
+      data['id'].is_a?(String)
+    end
+
+    test 'id is not blank' do
+      !data['id'].empty?
+    end
+
+    test 'api key exists' do
+      data.has_key?('api')
+    end
+
+    test 'api is a hash' do
+      data['api'].is_a?(Hash)
+    end
+
+    test 'api contains password' do
+      data['api'].has_key?('password') && data['api']['password'] != ''
+    end
+
+    test 'api contains sso_salt' do
+      data['api'].has_key?('sso_salt') && data['api']['sso_salt'] != ''
+    end
+
+    test 'api contains test url' do
+      data['api'].has_key?('test')
+    end
+
+    test 'api contains production url' do
+      data['api'].has_key?('production')
+    end
+
+    if data['api']['production'].is_a?(Hash)
+      test 'production url uses SSL' do
+        data['api']['production']['base_url'] =~ /^https:/
+      end
+
+      test 'sso url uses SSL' do
+        data['api']['production']['sso_url'] =~ /^https:/
+      end
+    else
+      test 'production url uses SSL' do
+        data['api']['production'] =~ /^https:/
+      end
+    end
+
+    if data['api'].has_key?('config_vars')
+      test 'contains config_vars array' do
+        data['api']['config_vars'].is_a?(Array)
+      end
+
+      test 'all config vars are uppercase strings' do
+        data['api']['config_vars'].each do |k, v|
+          if k =~ /^[A-Z][0-9A-Z_]+$/
+            true
+          else
+            error "#{k.inspect} is not a valid ENV key"
+          end
+        end
+      end
+
+      test 'all config vars are prefixed with the addon id' do
+        data['api']['config_vars'].each do |k|
+          prefix = data['id'].upcase.gsub('-', '_')
+
+          if k =~ /^#{prefix}_/
+            true
+          else
+            error "#{k} is not a valid ENV key - must be prefixed with #{prefix}_"
+          end
+        end
+      end
+    end
+
+  end
+
+end

data/lib/conify/test/plan_change_test.rb

@@ -0,0 +1,33 @@
+require 'conify/test/api_test'
+
+class Conify::PlanChangeTest < Conify::ApiTest
+
+  OUTPUT_COMPLETION = true
+
+  def call
+    external_uuid = data[:external_uuid]
+    raise ArgumentError, 'Plan Change Test: No external_uuid specified' if external_uuid.nil?
+
+    path = "#{base_path}/#{external_uuid.to_s}"
+    payload = { plan: 'new_plan', conflux_id: data[:external_username] }
+
+    test 'response' do
+      code, _ = put(credentials, path, payload)
+
+      if code == 200
+        true
+      elsif code == -1
+        error "Plan Change Test: unable to connect to #{url}"
+      else
+        error "Plan Change Test: expected 200, got #{code}"
+      end
+    end
+
+    test 'authentication' do
+      code, _ = put(invalid_creds, path, payload)
+      error "Plan Change Test: expected 401, got #{code}" if code != 401
+      true
+    end
+  end
+
+end

data/lib/conify/test/provision_response_test.rb

@@ -0,0 +1,89 @@
+require 'conify/test'
+require 'uri'
+
+class Conify::ProvisionResponseTest < Conify::Test
+
+  def call
+    response = data[:provision_response]
+
+    test 'contains an id' do
+      response.is_a?(Hash) && response['id']
+    end
+
+    test 'id does not contain conflux_id' do
+      if response['id'].to_s.include? data[:external_username].scan(/app(\d+)@/).flatten.first
+        error 'id cannot include conflux_id'
+      else
+        true
+      end
+    end
+
+    if response.has_key?('config')
+      test 'is a hash' do
+        response['config'].is_a?(Hash)
+      end
+
+      test 'all config keys were previously defined in the manifest' do
+        response['config'].keys.each do |key|
+          error "#{key} is not in the manifest" unless data['api']['config_vars'].include?(key)
+        end
+        true
+      end
+
+      test 'all keys in the manifest are present' do
+        difference = data['api']['config_vars'] - response['config'].keys
+        unless difference.empty?
+          verb = (difference.size == 1) ? 'is' : 'are'
+          error "Config(s) #{difference.join(', ')} #{verb} missing from the provision response"
+        end
+        true
+      end
+
+      test 'all config values are strings' do
+        response['config'].each do |k, v|
+          if v.is_a?(String)
+            true
+          else
+            error "the key #{k} doesn't contain a string (#{v.inspect})"
+          end
+        end
+      end
+
+      test 'URL configs vars' do
+        response['config'].each do |key, value|
+          next unless key =~ /_URL$/
+          begin
+            uri = URI.parse(value)
+            error "#{value} is not a valid URI - missing host" unless uri.host
+            error "#{value} is not a valid URI - missing scheme" unless uri.scheme
+            error "#{value} is not a valid URI - pointing to localhost" if env == 'production' && uri.host == 'localhost'
+          rescue URI::Error
+            error "#{value} is not a valid URI"
+          end
+        end
+      end
+
+      test 'log_drain_url is returned if required' do
+        if !api_requires?('syslog_drain')
+          true
+        else
+          drain_url = response['log_drain_url']
+
+          if !drain_url || drain_url.empty?
+            error 'must return a log_drain_url'
+          else
+            true
+          end
+
+          unless drain_url =~ /\A(https|syslog):\/\/[\S]+\Z/
+            error 'must return a syslog_drain_url like syslog://log.example.com:9999'
+          else
+            true
+          end
+        end
+      end
+
+    end
+  end
+
+end