cult 0.1.4.pre → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 69eca6bb220e6610aabe66cfa4727881535bf8d0
-  data.tar.gz: 90b206c03fa2fb8b9f7c6f743b9edaaca0ce643e
+  metadata.gz: 3bae39f7261b8ac419611d39c3279b8d2c7fe54f
+  data.tar.gz: 67ff3a53fdb223ee7f69928b85d2aba336e8bb07
 SHA512:
-  metadata.gz: 43ca3f870a7cad5335fbaa4785e29973364cc0a3a0410586f33c0fd24f61b628123078d8d09f8cfd6565fba29f1cc550d59fac142048c463ec25f424295115e4
-  data.tar.gz: e1e79c67bdb9b968f6d19a1c62a4c198f6828d2449df4fd33c3d2dd3e25ca644a1e77b8e6ba853eb58cb4cd088499f1515c331a5a554a27995149c5f37dd9827
+  metadata.gz: 53363d45cdaac8dfe9508fd1704e7f4308a6ff174d15a9aea7ebdf12fd4f03b779683d02d820850499afb0b0e0fed19d9672ba54a0b4c17e5ff9aba2a1a16b55
+  data.tar.gz: 5ca3ee8783f987edd25ab13495f8b750234c677ddb3d2f42c913ee033d169bae521da2d1515228a4dcee33de2a02e70e6acf5c125adff17afbe6eacffbb8ece0

data/cult

@@ -1 +1 @@
-exe/cult
+./exe/cult

data/cult.gemspec

@@ -27,14 +27,15 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
-  spec.required_ruby_version = '>= 2.2'
+  spec.required_ruby_version = '>= 2.4'
 
-  spec.add_dependency "cri", "~> 2.7"
-  spec.add_dependency "net-ssh", "~> 3.2"
+  spec.add_dependency "cri", "~> 2.8"
+  spec.add_dependency "net-ssh", "~> 4.1"
   spec.add_dependency "net-scp", "~> 1.2"
-  spec.add_dependency "rainbow", "~> 2.1"
-  spec.add_dependency "erubis", "~> 2.7.0"
+  spec.add_dependency "rainbow", "~> 2.2.2"
+  spec.add_dependency "erubi", "~> 1.6.0"
+  spec.add_dependency "terminal-table", "~> 1.7.2"
 
-  spec.add_development_dependency "bundler", "~> 1.12"
-  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "bundler", "~> 1.14"
+  spec.add_development_dependency "rake", "~> 12.0"
 end

data/doc/future.md

@@ -0,0 +1,73 @@
+# Future Plans
+
+Here's some stuff I'd like to add to Cult:
+
+  * `cult node disable /NODE+/` and `cult node enable /NODE+/` in a clean way.
+    This means tasks won't see disabled nodes, so a node can be taken out of
+    the set without destroying it.  `fetch_item[s]` probably needs to see the
+    whole set (otherwise, how could you re-enable a disabled item?), but
+    things like `nodes.each` need to skip them.  This should work:
+
+    ```bash
+    cult node disable /pgpool/
+    cult node sync
+    # Now all nodes connect directly to master
+    cult node enable /pgpool/
+    cult node sync
+    # Now we're back to be first setup
+    ```
+
+  * A node needs a way to finish a task by saying "It's all good, but I'm gonna
+    have to reboot, so do your SSH loop again".  The use case is a fresh node
+    created from an image that has security updates available immediately.
+
+  * Partition sets.  Lets say you have ten front-end servers ->
+    two load balancers like pgpool -> three backend servers.  There needs to be
+    a way for a front-end task to ask which load balancer to use that'd
+    consistently put equal weight on each one.  If a load balancer is added or
+    removed, it'd answer the question differently.  I'm thinking something
+    like:
+
+    ```ruby
+    node.fair(role, :zone)
+    ```
+
+    Would return a node with that role, in that zone, and return a balanced
+    list depending on 'node'.  For bonus points we could have weights on a
+    per-node basis that `fair` would take into account.
+
+  * Fully document `NamedArray` and its usage in both code and the command
+    line. It's one of my favorite things about Cult, but I add features and
+    syntax haphazardly that are awesome, but not fully explained.
+
+  * Leader promotion/avoidance.  I should be able to do something like:
+    `cult node promote -r some-role some-node`, and that'll make some-node the
+    zone_leader? of some-role.  I should be able to `cult node demote` the
+    node out of leader position, if it was previously promoted, OR if it were
+    naturally selected.
+
+  * Generalized events: Now `sync` is sort of baked-in.  It should just be a
+    specific case of a generalized event-running system.
+
+  * More environment separation: There should be warnings/confirmations in
+    production, and be totally hard to fat-finger fuck up production.  I type
+    `cult node rm //` dozens of times a day.  That doesn't need to work in
+    production.  This might go as far as "cult env <something>" checking out
+    a branch.  I don't have a problem tying Cult to git as an integral part of
+    its operations.  We can always allow outside contributions for SCM adapters
+    later.
+
+  * General code clean-up.  Luckily, there aren't any huge architectural
+    problems, but older code written while the vision was still up in the air
+    isn't exactly stuff I'd put in my portfolio.  Particularly, we need a way
+    to save and load nodes and roles without it being hard-coded into the CLI
+    commands.  This would make stuff more usable from the console, too.
+
+  * Some way to set project-global settings.  For example, in our instance,
+    you can search the project for our OpenSSL cipher string and find it
+    duplicated in 8-10 places.  We should be able to set that somewhere
+    besides `base/role.json` and have a fast, convenient way to reference it
+    from tasks or the console.
+
+  * Adding roles:  With properly-written tasks, we should be able to add a role
+    to an existing node.  We shouldn't even attempt to remove one.

data/lib/cult/cli/common.rb

@@ -1,6 +1,6 @@
 require 'io/console'
 require 'shellwords'
-
+require 'cult/cli/table_extensions'
 require 'cult/cli/cri_extensions'
 
 module Cult

data/lib/cult/cli/console_cmd.rb

@@ -40,10 +40,6 @@ module Cult
       def cult(*argv)
         system $0, *argv
       end
-
-      def binding
-        super
-      end
     end
 
     module_function
@@ -84,23 +80,24 @@ module Cult
           end
 
           context.load_rc
+          context_binding = context.instance_eval { binding }
 
           if opts[:ripl]
             require 'ripl'
             ARGV.clear
             # Look, something reasonable:
-            Ripl.start(binding: context.binding)
+            Ripl.start(binding: context_binding)
 
           elsif opts[:pry]
             require 'pry'
-            context.binding.pry
+            context_binding.pry
           else
             # irb: This is ridiculous.
             require 'irb'
             ARGV.clear
             IRB.setup(nil)
 
-            irb = IRB::Irb.new(IRB::WorkSpace.new(context.binding))
+            irb = IRB::Irb.new(IRB::WorkSpace.new(context_binding))
             IRB.conf[:MAIN_CONTEXT] = irb.context
             IRB.conf[:IRB_RC].call(irb.context) if IRB.conf[:IRB_RC]
 

data/lib/cult/cli/node_cmd.rb

@@ -1,6 +1,7 @@
 require 'securerandom'
 require 'fileutils'
 require 'json'
+require 'terminal-table'
 
 module Cult
   module CLI
@@ -67,6 +68,11 @@ module Cult
           concurrent = interactive || nodes.size == 1 ? 1 : nil
 
           Cult.paramap(nodes, concurrent: concurrent) do |node|
+            # Through source control, etc, these sometimes end up with improper
+            # permissions.  OpenSSH won't let us use it otherwise, and there's
+            # no option to disable the check.
+            File.chmod(0600, node.ssh_private_key_file)
+
             ssh_args = 'ssh', '-i', esc.(node.ssh_private_key_file),
                        '-p', esc.(node.ssh_port.to_s),
                        '-o', "UserKnownHostsFile=#{esc.(node.ssh_known_hosts_file)}",
@@ -242,7 +248,7 @@ module Cult
       node_ls = Cri::Command.define do
         name        'ls'
         summary     'List nodes'
-        usage       'ls /NODE+/ ...'
+        usage       'ls /NODE*/ ...'
         description <<~EOD.format_description
           This command lists the nodes in the project.
         EOD
@@ -261,19 +267,24 @@ module Cult
             end
           end
 
-          Cult.paramap(nodes) do |node|
-            role_string = node.build_order.map do |role|
+          table = Terminal::Table.new(headings:
+            ['Node', 'Provider', 'Zone', 'Public IPv4', 'Private IPv4', 'Roles']
+          )
+
+          table.rows = Cult.paramap(nodes) do |node|
+            role_string = node.build_order.reject(&:node?).map do |role|
               if node.zone_leader?(role)
                 Rainbow('*' + role.name).cyan
               else
-                '=' + role.name
+                role.name
               end
-            end.join(', ')
+            end.join(' ')
 
-            puts "#{node.name}\t#{node.provider&.name}\t" +
-                "#{node.zone}\t#{node.addr(:public)}\t#{node.addr(:private)}\t" +
-                "#{role_string}"
+            [ node.name, node.provider&.name, node.zone,
+              node.addr(:public), node.addr(:private), role_string]
           end
+
+          puts table
         end
       end
       node.add_command(node_ls)
@@ -281,7 +292,7 @@ module Cult
 
       node_sync = Cri::Command.define do
         name        'sync'
-        usage       'sync /NODE+/ ...'
+        usage       'sync /NODE*/ ...'
         summary     'Synchronize host information across fleet'
         description <<~EOD.format_description
           Computes, pre-processes, and executes "sync" tasks on every NODE,
@@ -340,7 +351,7 @@ module Cult
       node_ping = Cri::Command.define do
         name        'ping'
         summary     'Check the responsiveness of each node'
-        usage       'ping /NODE+/'
+        usage       'ping /NODE*/'
 
         flag :d, :destroy, 'Destroy nodes that are not responding.'
 
@@ -351,16 +362,15 @@ module Cult
         run(arguments: unlimited) do |opts, args, cmd|
           nodes = args.empty? ? Cult.project.nodes
                               : CLI.fetch_items(args, from: Node)
-          Cult.paramap(nodes) do |node|
+
+          table = Terminal::Table.new(headings: ["Node", "Status"])
+          table.rows = Cult.paramap(nodes, quiet: true) do |node|
             c = Commander.new(project: Cult.project, node: node)
-            if (r = c.ping)
-              puts Rainbow(node.name).green + ": #{r}"
-              nil
-            else
-              puts Rainbow(node.name).red + ": Unreachable"
-              node
-            end
+            status = c.ping
+            [ node.name, status ? Rainbow(status).green
+                                : Rainbow("unreachable").red ]
           end
+          puts table
         end
       end
       node.add_command(node_ping)

data/lib/cult/cli/role_cmd.rb

@@ -80,8 +80,7 @@ module Cult
                                               from: Role).map(&:name)
           end
           FileUtils.mkdir_p(role.path)
-          File.write(role.definition_file,
-                     JSON.pretty_generate(data))
+          File.write(role.role_file, JSON.pretty_generate(data))
 
           FileUtils.mkdir_p(File.join(role.path, "files"))
           File.write(File.join(role.path, "files", ".keep"), '')
@@ -132,16 +131,16 @@ module Cult
             roles = CLI.fetch_items(*args, from: Role)
           end
 
-          roles.each do |r|
-            fmt = "%-20s %s\n"
-            printf fmt, r.name, r.build_order.map(&:name).join(', ')
+          table = Terminal::Table.new(headings: ['Role', 'Build Order'])
+          table.rows = roles.map do |r|
+            [r.name, r.build_order.map(&:name).join(', ')]
           end
+          puts table
 
         end
       end
       role.add_command(role_ls)
 
-
       role
     end
   end

data/lib/cult/cli/table_extensions.rb

@@ -0,0 +1,24 @@
+require 'terminal-table'
+
+# This extends Terminal::Table to do plain tab-separated columns if Rainbow
+# is disabled, which roughly translates to isatty?
+
+module Cult
+  module TableExtensions
+    def render_plain
+      rows.map do |row|
+        row.cells.map do |cell|
+          cell.value
+        end.join("\t")
+      end.join("\n")
+    end
+
+    def render
+      Rainbow.enabled ? super : render_plain
+    end
+
+    alias_method :to_s, :render
+
+    ::Terminal::Table.prepend(self)
+  end
+end

data/lib/cult/commander.rb

@@ -132,7 +132,7 @@ module Cult
 
     def ping
       connect do |ssh|
-        ssh.exec! "uptime"
+        ssh.exec!("uptime").chomp
       end
     rescue
       nil

data/lib/cult/drivers/virtual_box_driver.rb

@@ -9,8 +9,10 @@ module Cult
 
 
       def sizes_map
+        # Cores = GB Ram is a pretty good scaling factor, and
+        # closely maps what VPS providers are doing.
         [1, 2, 4, 6, 8, 10, 12, 16].map do |size|
-          ["#{size}gb", size * 1024 * 1024]
+          [ "#{size}gb", { ram: size * 1024, cores: size } ]
         end.to_h
       end
       with_id_mapping :sizes_map
@@ -83,6 +85,8 @@ module Cult
 
 
       def guest_copy(name, src, dst)
+        # NOTE: Bug in current (Sep 2016) VBox has a fucked copyto, where
+        # setting target-directory to the full path is a workaround
         cmd = "VBoxManage guestcontrol #{esc(name)} " +
               "--username root --password password " +
               "copyto #{esc(src)} --target-directory #{esc(dst)}"
@@ -101,38 +105,50 @@ module Cult
 
 
       def provision!(name:, size:, zone:, image:, ssh_public_key:)
-        system 'VBoxManage', 'clonevm',
-                fetch_mapped(name: :image, from: images_map, key: image),
-               '--name', name, '--register'
-
-        system 'VBoxManage', 'modifyvm', name, '--groups', '/Cult'
-        system 'VBoxManage', 'startvm', name, '--type', 'headless'
-
-        public_ip  = await_ip_address(name, 0, :ipv4)
-        private_ip = public_ip
-
-        await_ssh(public_ip)
-
-        guest_command(name, "mkdir -m 0600 /root/.ssh")
-        guest_copy(name, ssh_public_key, "/root/.ssh/authorized_keys")
-        guest_command(name, "chmod 0644 /root/.ssh/authorized_keys")
-        guest_command(name, "passwd -l root")
+        transaction do |xac|
+          # Todo: transaction
+          system 'VBoxManage', 'clonevm',
+                  fetch_mapped(name: :image, from: images_map, key: image),
+                 '--name', name, '--register'
+
+          xac.rollback do
+            destroy!(id: name, ssh_key_id: nil)
+          end
 
-        return {
-            name:          name,
-            size:          size,
-            zone:          zone,
-            image:         image,
-
-            id:           name,
-            created_at:   Time.now.iso8601,
-            host:         public_ip,
-            ipv4_public:  public_ip,
-            ipv4_private: private_ip,
-            ipv6_public:  nil,
-            ipv6_private: nil,
-            meta:         {}
-        }
+          system_spec = sizes_map[size]
+          system 'VBoxManage', 'modifyvm', name,
+                               '--groups', '/Cult',
+                               '--memory', system_spec[:ram].to_s,
+                               '--cpus', system_spec[:cores].to_s
+
+          system 'VBoxManage', 'startvm', name, '--type', 'headless'
+
+          public_ip  = await_ip_address(name, 0, :ipv4)
+          private_ip = public_ip
+
+          await_ssh(public_ip)
+
+          guest_command(name, "mkdir -m 0600 /root/.ssh")
+          guest_copy(name, ssh_public_key, "/root/.ssh/authorized_keys")
+          guest_command(name, "chmod 0644 /root/.ssh/authorized_keys")
+          guest_command(name, "passwd -l root")
+
+          return {
+              name:          name,
+              size:          size,
+              zone:          zone,
+              image:         image,
+
+              id:           name,
+              created_at:   Time.now.iso8601,
+              host:         public_ip,
+              ipv4_public:  public_ip,
+              ipv4_private: private_ip,
+              ipv6_public:  nil,
+              ipv6_private: nil,
+              meta:         {}
+          }
+        end
       end
 
       def self.setup!

data/lib/cult/named_array.rb

@@ -197,7 +197,7 @@ module Cult
 
     # first matching item, or raises KeyError
     def fetch(key)
-      first(key) or raise KeyError
+      first(key) or raise KeyError, "Not found: #{key.inspect}"
     end
 
 

data/lib/cult/node.rb

@@ -53,6 +53,10 @@ module Cult
     delegate_to_definition :created_at
 
 
+    def node?
+      true
+    end
+
     def self.path(project)
       File.join(project.path, 'nodes')
     end
@@ -188,6 +192,14 @@ module Cult
       c.first
     end
 
+    def role_leader(role)
+      leader(role)
+    end
+
+    def role_leader?(role)
+      role_leader(role) == self
+    end
+
 
     def provider_leader(role = nil)
       leader(role, :provider)

data/lib/cult/paramap.rb

@@ -18,11 +18,11 @@
 module Cult
   class Paramap
     class Job
-      attr_reader :ident, :value, :block
+      attr_reader :ident, :value, :rebind, :block
       attr_reader :pid, :pipe
 
-      def initialize(ident, value, block)
-        @ident, @value, @block = ident, value, block
+      def initialize(ident, value, rebind: {}, &block)
+        @ident, @value, @rebind, @block = ident, value, rebind, block
 
         @pipe = IO.pipe
         @pid = fork do
@@ -37,7 +37,22 @@ module Cult
         @pipe[1].close
       end
 
+      def rebind_streams!
+        names = {
+          stdout: STDOUT,
+          stdin: STDIN,
+          stderr: STDERR,
+          nil => '/dev/null'
+        }
+        rebind.each do |k, v|
+          src, dst = names[k], names[v]
+          dst = File.open(dst, 'w+') if dst.is_a?(String)
+          src.reopen(dst)
+        end
+      end
+
       def prepare_forked_environment!
+        rebind_streams!
         # Stub out things that have caused a problem in the past.
         Kernel.send(:define_method, :exec) do |*a|
           fail "don't use Kernel\#exec inside of a paramap job"
@@ -92,6 +107,7 @@ module Cult
     end
 
     attr_reader :enum, :iter
+    attr_reader :rebind
     attr_reader :block
     attr_reader :job_queue
     attr_reader :exception_strategy
@@ -99,14 +115,16 @@ module Cult
     attr_reader :results
     attr_reader :concurrent
 
-    def initialize(enum, concurrent: nil, exception_strategy:, &block)
+    def initialize(enum, rebind: {}, concurrent: nil, exception_strategy:, &block)
       @enum = enum
+      @rebind = rebind
       @iter = @enum.to_enum
       @concurrent = concurrent || max_concurrent
       @exception_strategy = exception_strategy
       @block = block
       @exceptions, @results = [], []
       @job_queue = []
+
     end
 
     def max_concurrent
@@ -144,7 +162,7 @@ module Cult
     end
 
     def add_job(value)
-      job_queue.push(Job.new(new_job_index, value, block))
+      job_queue.push(Job.new(new_job_index, value, rebind: rebind, &block))
     end
 
     def job_by_pid(pid)
@@ -202,8 +220,11 @@ module Cult
   private_constant :Paramap
 
   module_function
-  def paramap(enum, concurrent: nil, exception: :raise, &block)
-    Paramap.new(enum, concurrent: concurrent,
+  def paramap(enum, quiet: false, concurrent: nil, exception: :raise, &block)
+    rebind = quiet ? { stdout: nil, stderr: nil } : {}
+    Paramap.new(enum,
+                rebind: rebind,
+                concurrent: concurrent,
                 exception_strategy: exception, &block).run
   end
 end

data/lib/cult/project.rb

@@ -83,9 +83,19 @@ module Cult
       end
     end
 
+    # We allow setting to a lookup value instead of an instance
     attr_writer :default_provider
     def default_provider
-      @default_provider ||= providers[0]
+      @default_provider_instance ||= begin
+        case @default_provider
+          when Cult::Provider
+            @default_provider
+          when nil;
+            providers.first
+          else
+            providers[@default_provider]
+        end
+      end
     end
 
 
@@ -126,6 +136,13 @@ module Cult
       end
     end
 
+    def git_commit_id(short: false)
+      short = short ? "--short" : ''
+      cmd = "git -C #{Shellwords.escape(path)} rev-parse #{short} " +
+            "--verify HEAD"
+      %x(#{cmd}).chomp
+    end
+
 
     def env
       ENV['CULT_ENV'] || begin

data/lib/cult/project_context.rb

@@ -1,6 +1,11 @@
 require 'forwardable'
+require 'etc'
+require 'socket'
 
 module Cult
+  # Project Context is a binding useful for "cult console" and templates.  It
+  # makes it so "nodes" and "roles" return something useful.
+
   class ProjectContext
     extend Forwardable
     def_delegators :project, :methods, :respond_to?, :to_s, :inspect
@@ -9,9 +14,9 @@ module Cult
 
     def initialize(project, **extra)
       @project = project
-
       extra.each do |k, v|
-        define_singleton_method(k) { v }
+        v.respond_to?(:call) ? define_singleton_method(k, &v)
+                             : define_singleton_method(k) { v }
       end
     end
 
@@ -19,5 +24,6 @@ module Cult
       project.send(*args)
     end
 
+    public :binding
   end
 end

data/lib/cult/role.rb

@@ -21,6 +21,9 @@ module Cult
       @path = path
     end
 
+    def node?
+      false
+    end
 
     def exist?
       Dir.exist?(path)
@@ -86,6 +89,9 @@ module Cult
     end
     alias_method :files, :artifacts
 
+    def role_file
+      File.join(path, "role.json")
+    end
 
     def definition
       @definition ||= Definition.new(self)
@@ -94,7 +100,7 @@ module Cult
 
     def definition_path
       [ File.join(path, "extra.json"),
-        File.join(path, "role.json") ]
+        role_file ]
     end
 
 

data/lib/cult/template.rb

@@ -1,4 +1,4 @@
-require 'erubis'
+require 'erubi'
 require 'cult/user_refinements'
 
 module Cult
@@ -11,16 +11,26 @@ module Cult
         super(project, **kw)
       end
 
-      def _process(input, filename: nil)
-        Dir.chdir(@pwd || Dir.pwd) do
-          erb = Erubis::Eruby.new(input)
-          erb.filename = filename
-          erb.result(binding)
+      def cultsrcid
+        loc = caller_locations(1, 1)[0]
+        path = loc.absolute_path
+        if path.start_with?(project.path)
+          path = project.name + "/" + path[project.path.size + 1 .. -1]
         end
+
+        user, host = Etc.getlogin, Socket.gethostname
+        vcs = "#{git_branch}@#{git_commit_id(short: true)}"
+        timestamp = Time.now.iso8601
+
+        "@cultsrcid: #{path}:#{loc.lineno} #{vcs} #{timestamp} #{user}@#{host}"
       end
 
-      def binding
-        super
+      private
+      def _process(input, filename: nil)
+        Dir.chdir(@pwd || Dir.pwd) do
+          erb = Erubi::Engine.new(input, filename: filename)
+          binding.eval(erb.src)
+        end
       end
     end
 
@@ -32,7 +42,7 @@ module Cult
 
 
     def process(text, filename: nil)
-      context._process(text, filename: filename)
+      context.send(:_process, text, filename: filename)
     end
 
   end

data/lib/cult/transaction.rb

@@ -28,7 +28,8 @@ module Cult
         begin
           yield
         rescue Exception => e
-          $stderr.puts "Rolling back actions due to: #{e.inspect}"
+          $stderr.puts "Rolling back actions due to: #{e.inspect}\n" +
+                       e.backtrace
           unwind
           raise
         end

data/lib/cult/user_refinements.rb

@@ -1,4 +1,3 @@
-require 'json'
 require 'shellwords'
 
 # These are refinements we enable in a user-facing context, e.g., the console
@@ -9,16 +8,15 @@ module Cult
     # Alright!  We found a use for refinements!
     module Util
       module_function
+
       def squote(s)
         "'" + s.gsub("'", "\\\\\'") + "'"
       end
 
-
       def dquote(s)
-        s.to_json
+        '"' + s.gsub('"', '\"') + '"'
       end
 
-
       def slash(s)
         Shellwords.escape(s)
       end
@@ -40,6 +38,7 @@ module Cult
       def slash
         Util.slash(self)
       end
+      alias_method :e, :slash
     end
 
 
@@ -55,11 +54,10 @@ module Cult
       end
       alias_method :sq, :squote
 
-
-
       def slash(sep = ' ')
         map {|v| Util.slash(v) }.join(sep)
       end
+      alias_method :e, :slash
     end
   end
 end

data/lib/cult/version.rb

@@ -1,3 +1,3 @@
 module Cult
-  VERSION = '0.1.4.pre'
+  VERSION = '0.2.0'
 end

data/skel/roles/base/tasks/000-do-something-cool

@@ -9,14 +9,24 @@ set -e
 
 # The ERB helper has quite a few methods for shell-escaping, for example:
 
-# The "q" method quotes a string with double-quotes.
+# "e" does shell slash-escaping, e.g., I\'m\ Awesome.  Importantly, it will
+# also escape $ with \$.  It is the most general-purpose for shell scripts,
+# and should be your go-to, even though its results are uglier.
+# AKA: slash
+echo <%= node.name.e %>
+
+# The "q" method quotes a string with double-quotes.  AKA "dq" and "dquote".
+# Quote characters are escaped with a slash, e.g., \"
+# AKA: dq, dquote
 echo <%= node.name.q %>
 
-# The "sq" method single-quotes the string.
+# The "sq" method single-quotes the string.  This usually never what you want
+# in shell-script context, but comes in handy with config files.  We just
+# happen to know it'll work here.  Single-quotes are escaped with a slash,
+# which shells don't like.
+# AKA: squote
 echo <%= node.name.sq %>
 
-# "slash" does shell slash-escaping, e.g., I\'m\ Awesome
-echo <%= node.name.slash %>
 
 # The same methods work on Array (over each item), and have an optional
 # separator argument, which defaults to ' '

data/skel/roles/base/tasks/sync-etc-hosts

@@ -0,0 +1,36 @@
+#!/usr/bin/env bash
+set -e
+
+# This file generates a map of all hosts on each node, in /etc/hosts.  Because
+# it's included in `base`, it'll be executed before your custom roles' sync
+# tasks.  That means you can parse the map instead of using custom Ruby
+# templating, if that's not your thing.
+#
+# Keep in mind that this file is evaluated on the local machine, and its result
+# is sent to the remote host.
+#
+# The output format is:
+#
+# 192.168.1.1 node-name # base *role1 role2 role3
+#
+# Where the * signifies that the node is the zone leader of that role.
+#
+
+CULTMAP="$HOME/cult/hosts"
+mkdir -p $(basename "$CULTMAP")
+sudo rm -f "$CULTMAP"
+
+cat - <<HOSTS | tee "$CULTMAP"
+# <%= cultsrcid %>
+<% nodes.each do |n| %>
+<%
+  role_string = n.build_order.map do |r|
+    (n.zone_leader?(r) ? '*' : '') + r.name
+  end.join(' ')
+%>
+<%= n.addr_from(node) %> <%= n.name %> # cult: <%= role_string %>
+<% end %>
+HOSTS
+
+HOSTS=$(cat /etc/hosts | grep -v '# cult: '; cat "$CULTMAP")
+echo "$HOSTS" | sudo tee /etc/hosts

data/skel/roles/base/tasks/sync-zone-leaders-motd

@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+set -e
+ZONE_LEADERS="$HOME/cult/zone-leaders"
+
+<%
+  leader_of = node.build_order.select do |role|
+    node.zone_leader?(role) && node != role
+  end.map(&:name)
+%>
+
+<% if leader_of.empty? %>
+  rm -f "$ZONE_LEADERS"
+<% else %>
+  echo <%= leader_of.join(" ").e %> | tee "$ZONE_LEADERS"
+<% end %>

data/skel/roles/bootstrap/tasks/001-add-cult-user

@@ -13,3 +13,9 @@ chmod -R 0700 /home/cult/.ssh
 chmod -R 0600 /home/cult/.ssh/*
 
 echo 'cult ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/cult-nopasswd
+
+# disable root account
+passwd -l root
+sed -i.bak -e 's/^PermitRootLogin.*/PermitRootLogin no/' /etc/ssh/sshd_config
+
+systemctl reload sshd

data/skel/roles/bootstrap/tasks/002-install-cult-motd

@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/usr/bin/env bash
 set -e
 
 if [ -d "/etc/update-motd.d" ]; then

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cult
 version: !ruby/object:Gem::Version
-  version: 0.1.4.pre
+  version: 0.2.0
 platform: ruby
 authors:
 - Mike Owens
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2016-09-22 00:00:00.000000000 Z
+date: 2017-05-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: cri
@@ -16,28 +16,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.7'
+        version: '2.8'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.7'
+        version: '2.8'
 - !ruby/object:Gem::Dependency
   name: net-ssh
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.2'
+        version: '4.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.2'
+        version: '4.1'
 - !ruby/object:Gem::Dependency
   name: net-scp
   requirement: !ruby/object:Gem::Requirement
@@ -58,56 +58,70 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.1'
+        version: 2.2.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.1'
+        version: 2.2.2
 - !ruby/object:Gem::Dependency
-  name: erubis
+  name: erubi
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.7.0
+        version: 1.6.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.7.0
+        version: 1.6.0
+- !ruby/object:Gem::Dependency
+  name: terminal-table
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.7.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.7.2
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.12'
+        version: '1.14'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.12'
+        version: '1.14'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '12.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '12.0'
 description: 
 email:
 - mike@meter.md
@@ -123,7 +137,7 @@ files:
 - Rakefile
 - cult
 - cult.gemspec
-- doc/welcome.txt
+- doc/future.md
 - exe/cult
 - lib/cult.rb
 - lib/cult/artifact.rb
@@ -136,6 +150,7 @@ files:
 - lib/cult/cli/node_cmd.rb
 - lib/cult/cli/provider_cmd.rb
 - lib/cult/cli/role_cmd.rb
+- lib/cult/cli/table_extensions.rb
 - lib/cult/cli/task_cmd.rb
 - lib/cult/commander.rb
 - lib/cult/commander_sync.rb
@@ -169,13 +184,12 @@ files:
 - skel/providers/.keep
 - skel/roles/base/role.json
 - skel/roles/base/tasks/000-do-something-cool
-- skel/roles/base/tasks/sync-host-map
-- skel/roles/base/tasks/sync-leader-of
+- skel/roles/base/tasks/sync-etc-hosts
+- skel/roles/base/tasks/sync-zone-leaders-motd
 - skel/roles/bootstrap/files/cult-motd
 - skel/roles/bootstrap/role.json
 - skel/roles/bootstrap/tasks/000-set-hostname
 - skel/roles/bootstrap/tasks/001-add-cult-user
-- skel/roles/bootstrap/tasks/002-disable-root-user
 - skel/roles/bootstrap/tasks/002-install-cult-motd
 homepage: https://github.com/metermd/cult
 licenses:
@@ -190,15 +204,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.2'
+      version: '2.4'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.1
+rubygems_version: 2.6.12
 signing_key: 
 specification_version: 4
 summary: Fleet Management like its 1990

data/doc/welcome.txt

@@ -1 +0,0 @@
-Welcome to cult.

data/skel/roles/base/tasks/sync-host-map

@@ -1,24 +0,0 @@
-#!/usr/bin/env bash
-set -e
-
-# This file generates a map of all hosts on each node, in an /etc/hosts like
-# format.  Because it's included in `base`, it'll be executed before your
-# custom roles' sync task.  That means you can parse the cultmap instead of
-# using custom Ruby templating, if that's not your thing.
-#
-# Keep in mind that this file is evaluated on the local machine, and its result
-# is sent to the remote host.
-#
-# The output format is:
-#
-# 192.168.1.1 node-name # base role1 role2 role3
-#
-
-CULTMAP="$HOME/cult/hosts"
-mkdir -p $(basename "$CULTMAP")
-sudo rm -f "$CULTMAP"
-
-<% nodes.each do |n| %>
-  <% roles = n.build_order.map(&:name).join " " %>
-  echo "<%= n.addr_from(node) %> <%= n.name %> # <%= roles %>" | sudo tee -a "$CULTMAP"
-<% end %>

data/skel/roles/base/tasks/sync-leader-of

@@ -1,11 +0,0 @@
-#!/usr/bin/env bash
-set -e
-LEADER_FILE=~cult/cult/leader-of
-
-<% leader_of = roles.select {|r| node.zone_leader?(r) }.map(&:name) %>
-
-<% if leader_of.empty? %>
-  rm -f "$LEADER_FILE"
-<% else %>
-  echo <%= leader_of.join(" ").sq %> | tee "$LEADER_FILE"
-<% end %>

data/skel/roles/bootstrap/tasks/002-disable-root-user

@@ -1,7 +0,0 @@
-#!/bin/sh
-set -e
-
-passwd -l root
-sed -i.bak -e 's/^PermitRootLogin.*/PermitRootLogin no/' /etc/ssh/sshd_config
-
-systemctl reload sshd