cook 2.0.1

data/lib/rake/cookUtils.rb

@@ -0,0 +1,322 @@
+
+require 'openssl';
+require 'securerandom';
+require 'base64';
+
+class CookEncryptionError < StandardError; end
+class CookDecryptionError < StandardError; end
+
+def areYouSure?(prompt, defaultAnswer = false, askUser = true)
+  if askUser then
+    defaultPrompt = "yN";
+    defaultRegExp = /^[yY]/;
+    if defaultAnswer then
+      defaultPrompt = "Yn" 
+      defaultRegExp = /^[nN]/;
+    end
+    puts "\n*************************************************************\n#{prompt}\n\tAre you sure you want to do this? [#{defaultPrompt}]";
+    return !defaultAnswer if STDIN.gets =~ defaultRegExp;
+  end
+  defaultAnswer;
+end
+
+def ensureDirExists(aDirectory)
+  unless File.directory?(aDirectory)
+    Rake::Task.local_sh("mkdir -p #{aDirectory}");
+  end
+end
+
+# encryptData2File and decryptFile2Data are both based on: 
+# "Encrypting and decrypting some data"
+# at: http://www.ruby-doc.org/stdlib-1.9.3/libdoc/openssl/rdoc/OpenSSL/Cipher.html
+# see also:
+# http://www.ruby-doc.org/stdlib-1.9.3/libdoc/openssl/rdoc/OpenSSL/PKCS5.html
+
+def openSslEncryptData2File(plainText, encryptedFilePath)
+  # check to ensure the file name conforms to our naming conventions...
+  #
+  if encryptedFilePath !~ /\.enc$/ then
+    raise CookEncryptionError, "The file in which to store the encrypted data (#{encryptedFilePath}) MUST have the file extension '.enc'";
+  end
+
+  salt = SecureRandom.random_bytes(32);
+
+  encrypter = OpenSSL::Cipher.new('AES-256-CBC');
+  encrypter.encrypt;
+  encrypter.key = OpenSSL::PKCS5.pbkdf2_hmac_sha1(Conf.get_pass_phrase(true),
+                                                  salt, 2000, 256);
+  iv = encrypter.random_iv;
+
+  encrypted = encrypter.update plainText;
+  encrypted << encrypter.final
+
+  File.open(encryptedFilePath, 'w') do | cypherFile |
+    cypherFile.puts "--salt32bytes-iv-cypherText--";
+    cypherFile.puts Base64.encode64(salt);
+    cypherFile.puts Base64.encode64(iv);
+    cypherFile.puts Base64.encode64(encrypted);
+  end
+end
+
+def openSslDecryptFile2Data(encryptedFilePath)
+
+  # check to ensure the file name conforms to our naming conventions...
+  #
+  if encryptedFilePath !~ /\.enc$/ then
+    raise CookDecryptionError, "The encrypted file (#{encryptedFilePath}) MUST have the file extension '.enc' ";
+  end
+
+  # check to make sure the file exists...
+  #
+  if !File.exists?(encryptedFilePath) then
+    raise CookDecryptionError, "The encrypted file (#{encryptedFilePath}) does not exist";
+  end
+
+  cypherFile = File.open(encryptedFilePath);
+  headerLine = cypherFile.gets;
+  if headerLine !~ /^--salt32bytes-iv-cypherText--$/ then
+    raise CookDecryptionError, "Attempting to decrypt a file which was not encrypted using cookUtils openSslEncryptData2File (header line: [#{headerLine}]).";
+  end
+  salt = Base64.decode64(cypherFile.gets);
+  iv = Base64.decode64(cypherFile.gets);
+  cypherText = Base64.decode64(cypherFile.read);
+
+  decrypter = OpenSSL::Cipher.new('AES-256-CBC');
+  decrypter.decrypt;
+  decrypter.key = OpenSSL::PKCS5.pbkdf2_hmac_sha1(Conf.get_pass_phrase,
+                                                  salt, 2000, 256);
+  decrypter.iv = iv;
+
+  decrypted = decrypter.update cypherText;
+  decrypted << decrypter.final
+
+  return decrypted;
+end
+
+# gpgEncryptData2File and gpgDecryptFile2Data are both based on the 
+# ruby gpgme bindings documentation. (See: 
+
+def gpgEncryptData2File(plainText, encryptedFilePath)
+
+  if !Conf.gpg.has_key?(:recipientUID) then
+    raise CookEncryptionError, "No GnuPG recipient UID specified in configuration";
+  end
+
+  if !ENV.has_key?("GPG_AGENT_INFO") then
+    raise CookEncryptionError, "Could not find GnuPG agent (GPG_AGENT_INFO environment variable), is it running?";
+  end
+
+  begin 
+    require 'gpgme';
+  rescue LoadError
+    raise CookEncryptionError, "The required gpgme (GnuPG Made Easy) ruby gem could not be loaded";
+  end
+
+  crypto = GPGME::Crypto.new
+  encrypted = crypto.encrypt(plainText, { :recipients => Conf.gpg.recipientUID, :always_trust => true } ).read;
+
+  File.open(encryptedFilePath, 'w') do | cypherFile |
+    cypherFile.puts "--gpgRecipientUID-cypherText--";
+    cypherFile.puts Conf.gpg.recipientUID;
+    cypherFile.puts Base64.encode64(encrypted);
+  end
+end
+
+def gpgDecryptFile2Data(encryptedFilePath)
+
+  if !Conf.gpg.has_key?(:recipientUID) then
+    raise CookDecryptionError, "No GnuPG recipient UID (Conf.gpg.recipientUID) specified in configuration";
+  end
+
+  if !ENV.has_key?("GPG_AGENT_INFO") then
+    raise CookDecryptionError, "Could not find GnuPG agent (GPG_AGENT_INFO environment variable), is it running?";
+  end
+
+  begin 
+    require 'gpgme';
+  rescue LoadError
+    raise CookDecryptionError, "The required gpgme (GnuPG Made Easy) ruby gem could not be loaded";
+  end
+
+  # check to ensure the file name conforms to our naming conventions...
+  #
+  if encryptedFilePath !~ /\.enc$/ then
+    raise CookDecryptionError, "The encrypted file (#{encryptedFilePath}) MUST have the file extension '.enc'";
+  end
+
+  # check to make sure the file exists...
+  #
+  if !File.exists?(encryptedFilePath) then
+    raise CookDecryptionError, "The encrypted file (#{encryptedFilePath}) does not exist";
+  end
+
+  cypherFile = File.open(encryptedFilePath);
+  header = cypherFile.gets;
+  if header !~ /^--gpgRecipientUID-cypherText--$/ then
+    raise CookDecryptionError, "Attempting to decrypt a file which was not encrypted using cookUtils gpgEncryptData2File (header: [#{header}]).";
+  end
+  recipientUID = cypherFile.gets.chomp;
+  if recipientUID != Conf.gpg.recipientUID then
+    require 'pp';
+    pp recipientUID;
+    pp Conf.gpg.recipientUID;
+    raise CookDecryptionError, "Configured recipient UID (#{Conf.gpg.recipientUID}) does not match the recipient UID (#{recipientUID}) used to encrypt the file: [#{encryptedFilePath}]";
+  end
+  cypherText = Base64.decode64(cypherFile.read);
+
+  crypto = GPGME::Crypto.new
+  decrypted = crypto.decrypt(cypherText, :recipients => Conf.gpg.recipientUID).read;
+
+  return decrypted;  
+end
+
+#############################################################################
+# Walk resources, scripts and binaries
+
+def walkResourceScriptTemplates(templateType, serverType, targetServer, targetMachine, &aBlock)
+  mesg "";
+  targetResourceScriptsDir = 'upload/' + targetMachine.to_s + '/' + targetServer.to_s + '/' + templateType.to_s + '/resourceScripts';
+  targetDir = 'upload/' + targetMachine.to_s + '/' + targetServer.to_s + '/' + templateType.to_s + '/resources';
+  ensureDirExists(targetResourceScriptsDir);
+  ensureDirExists(targetDir);
+  resourceScripts = Hash.new();
+  each_resource(templateType + '/' + serverType.to_s + '/resourceScriptTemplates') do | aResourceScriptPath |
+    mesg "walking resource scripts in [#{aResourceScriptPath}]";
+    Dir.glob(aResourceScriptPath + '/*.erb').sort.each do | aResourceScriptERB |
+      baseName = File.basename(aResourceScriptERB, '.erb');
+      resourceScripts[baseName] = aResourceScriptERB;
+    end
+  end
+  resourceScripts.keys.sort.each do | aResourceScriptBaseName |
+    aResourceScriptName = targetResourceScriptsDir + '/' + aResourceScriptBaseName;
+    aResourceName = targetDir + '/' + aResourceScriptBaseName;
+    aBlock.call(resourceScripts[aResourceScriptBaseName], aResourceScriptName, aResourceName);
+  end
+end
+
+def walkScriptTemplates(templateType, serverType, targetServer, targetMachine, &aBlock)
+  mesg "";
+  targetDir = 'upload/' + targetMachine.to_s + '/' + targetServer.to_s + '/' + templateType.to_s + '/scripts';
+  ensureDirExists(targetDir);
+  scripts = Hash.new();
+  each_resource(templateType.to_s + '/' + serverType.to_s + '/scriptTemplates') do | aResourcePath |
+    mesg "walking scripts in [#{aResourcePath}]";
+    Dir.glob(aResourcePath + '/*.erb').sort.each do | aScriptERB |
+      baseName = File.basename(aScriptERB, '.erb');
+      scripts[serverType+baseName] = aScriptERB;
+    end
+  end
+  scripts.keys.sort.each do | aScriptBaseName |
+    aScriptName = targetDir + '/' + aScriptBaseName;
+    aBlock.call(scripts[aScriptBaseName], aScriptName);
+  end
+end
+
+def walkResourceTemplates(templateType, serverType, targetServer, targetMachine, &aBlock)
+  mesg "";
+  targetDir = 'upload/' + targetMachine.to_s + '/' + targetServer.to_s + '/' + templateType.to_s + '/resources';
+  ensureDirExists(targetDir);
+  resources = Hash.new();
+  each_resource(templateType.to_s + '/' + serverType.to_s + '/resourceTemplates') do | aResourcePath |
+    mesg "walking resources in [#{aResourcePath}]";
+    Dir.glob(aResourcePath + '/*.erb').sort.each do | aResourceERB |
+      baseName = File.basename(aResourceERB, '.erb');
+      resources[baseName] = aResourceERB;
+    end
+  end
+  resources.keys.sort.each do | aResourceBaseName |
+    aResourceName = targetDir + '/' + aResourceBaseName;
+    aBlock.call(resources[aResourceBaseName], aResourceName);
+  end
+end
+
+def walkResourceBinaries(templateType, serverType, targetServer, targetMachine, &aBlock)
+  mesg "";
+  targetDir = 'upload/' + targetMachine.to_s + '/' + targetServer.to_s + '/' + templateType.to_s + '/resources';
+  ensureDirExists(targetDir);
+  resources = Hash.new();
+  each_resource(templateType.to_s + '/' + serverType.to_s + '/resourceTemplates') do | aResourcePath |
+    mesg "walking binaries in [#{aResourcePath}]";
+    Dir.glob(aResourcePath + '/*.bin').sort.each do | aResourceBIN |
+      baseName = File.basename(aResourceBIN, '.bin');
+      resources[baseName] = aResourceBIN;
+    end
+  end
+  resources.keys.sort.each do | aResourceBaseName |
+    aResourceName = targetDir + '/' + aResourceBaseName;
+    aBlock.call(resources[aResourceBaseName], aResourceName);
+  end
+end
+
+#############################################################################
+# Apply templates and/or copy resources
+
+def applyTemplate(templateFileName, resultFileName, mode = nil, owner = nil, group = nil)
+  require 'erubis'
+  mesg "Applying erubis template: [#{templateFileName}]\nto produce: [#{resultFileName}]";
+  eruby = Erubis::Eruby.new(IO.read(templateFileName));
+  File.open(resultFileName, 'w') do | io |
+    io.write(eruby.result(binding()));        
+  end
+end
+
+def useOverrideOrApplyTemplate(templatePath, resultPath)
+  overridePath = resultPath.sub(/^upload/, 'override');
+  if File.exists?(overridePath) then
+    local_sh("cp #{overridePath} #{resultPath}");
+  else
+    applyTemplate(templatePath, resultPath);
+  end
+end
+
+def copyOverrideOrBinary(binaryPath, resultPath)
+  overridePath = resultPath.sub(/^upload/, 'override');
+  if File.exists?(overridePath) then
+    local_sh("cp #{overridePath} #{resultPath}");
+  else
+    local_sh("cp #{binaryPath} #{resultPath}");
+  end
+end
+
+def fileMatches(fileName, aRegExp)
+  fileContents = File.open(fileName, "r").read;
+  fileContents =~ aRegExp;
+end
+
+def replaceLines(fileName, replaceLinesHash)
+  tmpFileName = fileName + '.tmp';
+  inFile = File.open(fileName, 'r');
+  outFile = File.open(tmpFileName, 'w');
+  inFile.each_line() do | aLine |
+    replaceLinesHash.keys.each() do | aRegExp |
+      if aRegExp.match(aLine) then
+        aLine = replaceLinesHash[aRegExp];
+      end
+    end
+    outFile.puts aLine;
+  end
+  outFile.close();
+  inFile.close();
+  File.rename(tmpFileName, fileName);
+end
+
+def walkThroughDirectoriesDoing(curDir, &aBlock)
+  Dir.entries(curDir).sort.each do | aFile |
+    next if aFile =~ /^\.$/;
+    next if aFile =~ /^\.\.$/;
+    fullPath = curDir + '/' + aFile;
+    aBlock.call(fullPath);
+    if File.directory?(fullPath) then
+      walkThroughDirectoriesDoing(fullPath, &aBlock);
+    end
+  end
+end
+
+def toSymbolHash(aHash)
+  aHash.keys.each do | anOldKey |
+    next if anOldKey.is_a?(Symbol);
+    if anOldKey.is_a?(String) then
+      aHash[anOldKey.to_sym] = aHash.delete(anOldKey);
+    end
+  end
+end

data/lib/rake/extensions.rb

@@ -0,0 +1,199 @@
+require 'logger';
+require 'pp'
+require 'stringio'
+require 'greenletters';
+
+module Greenletters
+  #
+  # We need to add the Greenletters::Process#result method to return the 
+  # contents of the output_buffer...
+  #
+  class Process
+    def result
+      @output_buffer.string
+    end
+
+    def recentResult
+      @history.buffer
+    end
+  end
+  #
+  # Monkey patch GreenLetters so that we can optionally ignore the 
+  # exist status using the :any pattern.
+  #
+  class ExitTrigger < Trigger
+    def call(process)
+      if process.status then 
+        if pattern == :any then
+          @block.call(process, process.status)
+          true
+        elsif pattern === process.status.exitstatus
+          @block.call(process, process.status)
+          true
+        else
+          false
+        end
+      else
+        false
+      end
+    end
+  end
+end
+
+module Rake
+  ##
+  # Base error class for all Vlad errors.
+  class Error < RuntimeError; end
+
+  ##
+  # Raised when a remote command fails.
+  class CommandFailedError < Error
+    attr_reader :status
+    def initialize( status )
+      @status = status
+    end
+  end
+
+  class Application
+
+    def self.openLogger(logFileBaseName)
+      timeStamp = Time.now.utc.strftime("%Y-%m-%d-%H-%M-%S-%L.log");
+      @logFile = File.open(logFileBaseName+'-'+timeStamp, 'w');
+      @logger = Logger.new(@logFile);
+      @logger.datetime_format = "%H-%M-%S-%L";
+      @logToStderr = true;
+    end
+
+    def self.catchStdout()
+      @oldStdout = $stdout;
+      $stdout = @logFile;
+    end
+
+    def self.catchStderr()
+      @logToStderr = false;
+      @oldStderr = $stderr;
+      $stderr = @logFile;
+    end
+
+    def self.setLogToStderr(logToStderr)
+      @logToStderr = logToStderr;
+    end
+
+    def self.flushLog()
+      @logFile.flush();
+    end
+    
+    def self.logger()
+      return @logger;
+    end
+    def self.logFile()
+      return @logFile;
+    end
+    def self.logData(someData)
+      @logFile.write(someData) if @logFile;
+    end
+    def self.set_logger(aLogger, aLogFile=nil)
+      @logFile = aLogFile;
+      oldLogger = @logger;
+      @logger = aLogger;
+      return oldLogger;
+    end
+    def self.log(*args)
+      @logger.log(*args) if @logger;
+    end
+    def self.fatal(*args)
+      @logger.fatal(*args) if @logger;
+    end
+    def self.error(*args)
+      @logger.error(*args) if @logger;
+    end
+    def self.warn(*args)
+      @logger.warn(*args) if @logger;
+    end
+    def self.info(*args)
+      @logger.info(*args) if @logger;
+    end
+    def self.debug(*args)
+      @logger.debug(*args) if @logger;
+    end
+    def self.mesg(*args)
+      @logger.info(*args) if @logger;
+      $stderr.puts(*args) if @logToStderr;
+    end
+
+    # taken from http://www.ruby-forum.com/topic/43725 (2012/01/21)
+    def self.mesg_pp(*args)
+      old_out = $stdout
+      begin
+        s=StringIO.new
+        $stdout=s
+        pp(*args)
+      ensure
+        $stdout=old_out
+      end
+      @logger.info(s.string);
+      $stderr.puts(s.string) if @logToStderr;
+    end
+
+  end
+
+  module DSL
+
+    def mesg(*args)
+      Rake::Application.mesg(*args);
+    end
+
+    def mesg_pp(*args)
+      Rake::Application.mesg_pp(*args);
+    end
+
+  end
+
+  class Task
+
+    # Same as invoke, but explicitly pass a call chain to detect
+    # circular dependencies.
+    def invoke_with_call_chain(task_args, invocation_chain) # :nodoc:
+      new_chain = InvocationChain.append(self, invocation_chain)
+      @lock.synchronize do
+        if application.options.trace
+          Rake::Application.mesg "** Invoke #{name} #{format_trace_flags}"
+        end
+        return if @already_invoked
+        @already_invoked = true
+        invoke_prerequisites(task_args, new_chain)
+        execute(task_args) if needed?
+      end
+    rescue Exception => ex
+      add_chain_to(ex, new_chain)
+      raise ex
+    end
+
+    # Execute the actions associated with this task.
+    def execute(args=nil)
+      args ||= EMPTY_TASK_ARGS
+      if application.options.dryrun
+        Rake::Application.mesg "** Execute (dry run) #{name}"
+        return
+      end
+      if application.options.trace
+        Rake::Application.mesg "** Execute #{name}"
+      end
+      application.enhance_with_matching_rule(name) if @actions.empty?
+      @actions.each do |act|
+        case act.arity
+        when 1
+          act.call(self)
+        else
+          act.call(self, args)
+        end
+      end
+    end
+
+  end
+
+end
+
+self.extend Rake::DSL
+
+