ec2_amitools 1.0.2

data/lib/ec2/amitools/decryptmanifest.rb

@@ -0,0 +1,20 @@
+# Copyright 2008-2014 Amazon.com, Inc. or its affiliates.  All Rights
+# Reserved.  Licensed under the Amazon Software License (the
+# "License").  You may not use this file except in compliance with the
+# License. A copy of the License is located at
+# http://aws.amazon.com/asl or in the "license" file accompanying this
+# file.  This file is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See
+# the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'ec2/amitools/crypto'
+
+USAGE = "Usage: decryptmanifest private-key-path"
+
+if ARGV.size < 1
+  puts USAGE
+  exit 1
+end
+
+puts Crypto::decryptasym( $stdin.read, ARGV[0] )

data/lib/ec2/amitools/defaults.rb

@@ -0,0 +1,12 @@
+# Copyright 2008-2014 Amazon.com, Inc. or its affiliates.  All Rights
+# Reserved.  Licensed under the Amazon Software License (the
+# "License").  You may not use this file except in compliance with the
+# License. A copy of the License is located at
+# http://aws.amazon.com/asl or in the "license" file accompanying this
+# file.  This file is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See
+# the License for the specific language governing permissions and
+# limitations under the License.
+
+EC2_HOME = ENV['EC2_AMITOOL_HOME'] || ENV['EC2_HOME']
+EC2_X509_CERT = '#{EC2_HOME}/etc/ec2/amitools/cert-ec2.pem'

data/lib/ec2/amitools/deletebundle.rb

@@ -0,0 +1,212 @@
+# Copyright 2008-2014 Amazon.com, Inc. or its affiliates.  All Rights
+# Reserved.  Licensed under the Amazon Software License (the
+# "License").  You may not use this file except in compliance with the
+# License. A copy of the License is located at
+# http://aws.amazon.com/asl or in the "license" file accompanying this
+# file.  This file is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See
+# the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'ec2/amitools/crypto'
+require 'ec2/amitools/exception'
+require 'ec2/amitools/deletebundleparameters'
+require 'net/https'
+require 'rexml/document'
+require 'tempfile'
+require 'uri'
+require 'ec2/common/s3support'
+require 'ec2/amitools/tool_base'
+
+DELETE_BUNDLE_NAME = 'ec2-delete-bundle'
+
+#------------------------------------------------------------------------------#
+
+DELETE_BUNDLE_MANUAL=<<TEXT
+#{DELETE_BUNDLE_NAME} is a command line tool to delete a bundled Amazon Image from S3 storage.
+An Amazon Image may be one of the following:
+- Amazon Machine Image (AMI)
+- Amazon Kernel Image (AKI)
+- Amazon Ramdisk Image (ARI)
+
+#{DELETE_BUNDLE_NAME} will delete a bundled AMI specified by either its manifest file or the
+prefix of the bundled AMI filenames.
+
+#{DELETE_BUNDLE_NAME} will:
+- delete the manifest and parts from the s3 bucket
+- remove the bucket if and only if it is empty and you request its deletion
+TEXT
+
+#------------------------------------------------------------------------------#
+
+RETRY_WAIT_PERIOD = 5
+
+#------------------------------------------------------------------------------#
+
+class DeleteFileError < AMIToolExceptions::EC2FatalError
+  def initialize(file, reason)
+    super(5,"Could not delete file '#{file}': #{reason}")
+  end
+end
+
+class BundleDeleter < AMITool
+  #----------------------------------------------------------------------------#
+
+  # Delete the specified file.
+  def delete(bucket, key, retry_delete)
+    retry_s3(retry_delete) do
+      begin
+        response = @s3_conn.delete(bucket, key)
+        return if response.success?
+        raise "HTTP DELETE returned #{response.code}"
+      rescue => e
+        raise TryFailed.new("Failed to delete \"#{key}\": #{e.message}")
+      end
+    end
+  end
+
+  #----------------------------------------------------------------------------#
+
+  # Return a list of bundle part filenames from the manifest.
+  def get_part_filenames(manifest)
+    parts = []
+    manifest_doc = REXML::Document.new(manifest).root
+    REXML::XPath.each(manifest_doc, 'image/parts/part/filename/text()') do |part|
+      parts << part.to_s
+    end
+    return parts
+  end
+
+  #------------------------------------------------------------------------------#
+
+  def uri2string(uri)
+    s = "#{uri.scheme}://#{uri.host}:#{uri.port}#{uri.path}"
+    # Remove the trailing '/'.
+    return (s[-1..-1] == "/" ? s[0..-2] : s)
+  end
+
+  #------------------------------------------------------------------------------#
+
+  def get_file_list_from_s3(bucket, keyprefix, prefix)
+    s3prefix = keyprefix+prefix
+    files_to_delete = []
+    response = @s3_conn.list_bucket(bucket, s3prefix)
+    unless response.success?
+      raise "unable to list contents of bucket #{bucket}: HTTP #{response.code} response: #{response.body}"
+    end
+    REXML::XPath.each(REXML::Document.new(response.body), "//Key/text()") do |entry|
+      entry = entry.to_s
+      if entry[0,s3prefix.length] == s3prefix
+        test_str = entry[(s3prefix.length)..-1]
+        if (test_str =~ /^\.part\.[0-9]+$/ or
+            test_str =~ /^\.manifest(\.xml)?$/)
+          files_to_delete << entry[(keyprefix.length)..-1]
+        end
+      end
+    end
+    files_to_delete
+  end
+
+  #------------------------------------------------------------------------------#
+  
+  def make_s3_connection(s3_url, user, pass, method, sigv, region)
+    EC2::Common::S3Support.new(s3_url, user, pass, method, @debug, sigv, region)
+  end
+
+  #------------------------------------------------------------------------------#
+  
+  def delete_bundle(url, bucket, keyprefix, user, pass, manifest, prefix, yes, clear, retry_stuff, sigv, region)
+    begin
+      # Get the S3 URL.
+      s3_uri = URI.parse(url)
+      s3_url = uri2string(s3_uri)
+      retry_delete = retry_stuff
+      v2_bucket = EC2::Common::S3Support::bucket_name_s3_v2_safe?(bucket)
+      @s3_conn = make_s3_connection(s3_url, user, pass, (v2_bucket ? nil : :path), sigv, region)
+      
+      files_to_delete = []
+      
+      if manifest
+        # Get list of files to delete from the AMI manifest.
+        xml = String.new
+        manifest_path = manifest
+        File.open(manifest_path) { |f| xml << f.read }
+        files_to_delete << File::basename(manifest)
+        get_part_filenames( xml ).each do |part_info|
+          files_to_delete << part_info
+        end
+      else
+        files_to_delete = get_file_list_from_s3(bucket, keyprefix, prefix)
+      end
+      
+      if files_to_delete.empty?
+        $stdout.puts "No files to delete."
+      else
+        $stdout.puts "Deleting files:"
+        files_to_delete.each { |file| $stdout.puts("   - #{file}") }
+        continue = yes
+        unless continue
+          begin
+            $stdout.print "Continue [y/N]: "
+            $stdout.flush
+            Timeout::timeout(PROMPT_TIMEOUT) do
+              continue = gets.strip =~ /^y/i
+            end
+          rescue Timeout::Error
+            $stdout.puts "\nNo response given, skipping the files."
+            continue = false
+          end
+        end
+        if continue
+          files_to_delete.each do |file|
+            delete(bucket, keyprefix+file, retry_delete)
+            $stdout.puts "Deleted #{file}"
+          end
+        end
+      end
+      
+      if clear
+        $stdout.puts "Attempting to delete bucket #{bucket}..."
+        @s3_conn.delete(bucket)
+      end
+    rescue EC2::Common::HTTP::Error => e
+      $stderr.puts e.backtrace if @debug
+      raise S3Error.new(e.message)
+    end  
+    $stdout.puts "#{DELETE_BUNDLE_NAME} complete."
+  end
+
+  #------------------------------------------------------------------------------#
+  # Overrides
+  #------------------------------------------------------------------------------#
+
+  def get_manual()
+    DELETE_BUNDLE_MANUAL
+  end
+
+  def get_name()
+    DELETE_BUNDLE_NAME
+  end
+
+  def main(p)
+    delete_bundle(p.url,
+                  p.bucket,
+                  p.keyprefix,
+                  p.user,
+                  p.pass,
+                  p.manifest,
+                  p.prefix,
+                  p.yes,
+                  p.clear,
+                  p.retry,
+                  p.sigv,
+                  p.region)
+  end
+
+end
+
+#------------------------------------------------------------------------------#
+# Script entry point. Execute only if this file is being executed.
+if __FILE__ == $0 || $0.match(/bin\/ec2-delete-bundle/)
+  BundleDeleter.new().run(DeleteBundleParameters)
+end

data/lib/ec2/amitools/deletebundleparameters.rb

@@ -0,0 +1,78 @@
+# Copyright 2008-2014 Amazon.com, Inc. or its affiliates.  All Rights
+# Reserved.  Licensed under the Amazon Software License (the
+# "License").  You may not use this file except in compliance with the
+# License. A copy of the License is located at
+# http://aws.amazon.com/asl or in the "license" file accompanying this
+# file.  This file is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See
+# the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'ec2/amitools/s3toolparameters'
+
+#------------------------------------------------------------------------------#
+
+class DeleteBundleParameters < S3ToolParameters
+    
+  MANIFEST_DESCRIPTION = "The path to the unencrypted manifest file."  
+  PREFIX_DESCRIPTION = "The bundled AMI part filename prefix."  
+  RETRY_DESCRIPTION = "Automatically retry failed deletes. Use with caution."  
+  YES_DESCRIPTION = "Automatically answer 'y' without asking."
+  CLEAR_DESCRIPTION = "Delete the bucket if empty. Not done by default."
+  
+  attr_accessor :manifest,
+                :prefix,
+                :retry,
+                :yes,
+                :clear
+    
+  #----------------------------------------------------------------------------#
+
+  def mandatory_params()
+    super()
+  end
+  
+  #----------------------------------------------------------------------------#
+
+  def optional_params()
+    super()
+    
+    on('-m', '--manifest PATH', String, MANIFEST_DESCRIPTION) do |manifest|
+      assert_file_exists(manifest, '--manifest')
+      @manifest = manifest
+    end
+    
+    on('-p', '--prefix PREFIX', String, PREFIX_DESCRIPTION) do |prefix|
+      assert_good_key(prefix, '--prefix')
+      @prefix = prefix
+    end
+    
+    on('--clear', CLEAR_DESCRIPTION) do
+      @clear = true
+    end
+    
+    on('--retry', RETRY_DESCRIPTION) do
+      @retry = true
+    end
+    
+    on('-y', '--yes', YES_DESCRIPTION) do
+      @yes = true
+    end
+  end
+
+  #----------------------------------------------------------------------------#
+
+  def validate_params()
+    super()
+    raise MissingMandatory.new('--manifest or --prefix') unless @manifest or @prefix
+    raise InvalidCombination.new('--prefix', '--manifest') if (@prefix and @manifest)
+  end
+
+  #----------------------------------------------------------------------------#
+
+  def set_defaults()
+    super()
+    @clear ||= false
+  end
+
+end

data/lib/ec2/amitools/downloadbundle.rb

@@ -0,0 +1,161 @@
+# Copyright 2008-2014 Amazon.com, Inc. or its affiliates.  All Rights
+# Reserved.  Licensed under the Amazon Software License (the
+# "License").  You may not use this file except in compliance with the
+# License. A copy of the License is located at
+# http://aws.amazon.com/asl or in the "license" file accompanying this
+# file.  This file is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See
+# the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'ec2/amitools/crypto'
+require 'ec2/common/s3support'
+require 'ec2/amitools/downloadbundleparameters'
+require 'ec2/amitools/exception'
+require 'ec2/amitools/manifestv20071010'
+require 'getoptlong'
+require 'net/http'
+require 'rexml/document'
+require 'ec2/amitools/tool_base'
+
+# Download AMI downloads the specified AMI from S3.
+
+#------------------------------------------------------------------------------#
+
+DOWNLOAD_BUNDLE_NAME = 'ec2-download-bundle'
+DOWNLOAD_BUNDLE_MANUAL =<<TEXT
+#{DOWNLOAD_BUNDLE_NAME} is a command line tool to download a bundled Amazon Image from
+S3 storage. An Amazon Image may be one of the following:
+- Amazon Machine Image (AMI)
+- Amazon Kernel Image (AKI)
+- Amazon Ramdisk Image (ARI)
+
+#{DOWNLOAD_BUNDLE_NAME} downloads and decrypts the manifest, then fetches all
+the parts referenced in the manifest.
+TEXT
+
+class BundleDownloader < AMITool
+
+  def download_manifest(s3_conn, bucket, manifest_name, manifest_path, privatekey, retry_download=false)
+    $stdout.puts "Downloading manifest #{manifest_name} from #{bucket} to #{manifest_path} ..."
+    download_file(s3_conn, bucket, manifest_name, manifest_path, retry_download)
+    encrypted_manifest = File::open(manifest_path) { |f| f.read() }
+    plaintext_manifest = nil
+    if (encrypted_manifest !~ /^\s*<\?/)
+      $stdout.puts "Decrypting manifest ..."
+      plaintext_manifest = Crypto::decryptasym(encrypted_manifest, privatekey)
+      File::open(manifest_path+'.plaintext', 'w') { |f| f.write(plaintext_manifest) }
+    else
+      plaintext_manifest = encrypted_manifest
+    end
+    plaintext_manifest
+  end
+  
+  #----------------------------------------------------------------------------#
+  
+  def download_part(s3_conn, bucket, part, part_path, retry_download=false)
+    $stdout.puts "Downloading part #{part} to #{part_path} ..."
+    download_file(s3_conn, bucket, part, part_path, retry_download)
+  end
+  
+  #----------------------------------------------------------------------------#
+  
+  def download_file(s3_conn, bucket, file, file_path, retry_download=false)
+    retry_s3(retry_download) do
+      begin
+        s3_conn.get(bucket, file, file_path)
+        return
+      rescue => e
+        raise TryFailed.new("Failed to download \"#{file}\": #{e.message}")
+      end
+    end
+  end
+  
+  #----------------------------------------------------------------------------#
+  
+  def get_part_filenames(manifest_xml)
+    manifest = ManifestV20071010.new(manifest_xml)
+    manifest.parts.collect { |part| part.filename }.sort
+  end
+
+  #----------------------------------------------------------------------------#
+
+  def uri2string( uri )
+    s = "#{uri.scheme}://#{uri.host}:#{uri.port}#{uri.path}"
+    # Remove the trailing '/'.
+    return ( s[-1..-1] == "/" ? s[0..-2] : s )
+  end
+
+  #----------------------------------------------------------------------------#
+
+  def make_s3_connection(s3_url, user, pass, bucket, sigv, region)
+    s3_uri = URI.parse(s3_url)
+    s3_url = uri2string(s3_uri)
+    v2_bucket = EC2::Common::S3Support::bucket_name_s3_v2_safe?(bucket)
+    EC2::Common::S3Support.new(s3_url, user, pass, (v2_bucket ? nil : :path), @debug, sigv, region)
+  end
+
+  #----------------------------------------------------------------------------#
+
+  # Main method.
+  def download_bundle(url,
+                      user,
+                      pass,
+                      bucket,
+                      keyprefix,
+                      directory,
+                      manifest,
+                      privatekey,
+                      retry_stuff,
+                      sigv,
+                      region)
+    begin
+      s3_conn = make_s3_connection(url, user, pass, bucket, sigv, region)
+      # Download and decrypt manifest.
+      manifest_path = File.join(directory, manifest)
+      manifest_xml = download_manifest(s3_conn, bucket, keyprefix+manifest, manifest_path, privatekey, retry_stuff)
+      
+      # Download AMI parts.
+      get_part_filenames(manifest_xml).each do |filename|
+        download_part(s3_conn, bucket, keyprefix+filename, File::join(directory, filename), retry_stuff)
+        $stdout.puts "Downloaded #{filename} from #{bucket}"
+      end
+    rescue EC2::Common::HTTP::Error => e
+      $stderr.puts e.backtrace if @debug
+      raise S3Error.new(e.message)
+    end
+  end
+
+  #------------------------------------------------------------------------------#
+  # Overrides
+  #------------------------------------------------------------------------------#
+
+  def get_manual()
+    DOWNLOAD_BUNDLE_MANUAL
+  end
+
+  def get_name()
+    DOWNLOAD_BUNDLE_NAME
+  end
+
+  def main(p)
+    download_bundle(p.url,
+                    p.user,
+                    p.pass,
+                    p.bucket,
+                    p.keyprefix,
+                    p.directory,
+                    p.manifest,
+                    p.privatekey,
+                    p.retry,
+                    p.sigv,
+                    p.region)
+  end
+
+end
+
+#------------------------------------------------------------------------------#
+# Script entry point. Execute only if this file is being executed.
+if __FILE__ == $0 || $0.match(/bin\/ec2-download-bundle/)
+  BundleDownloader.new().run(DownloadBundleParameters)
+end