formatron 0.1.0

data/lib/formatron/chef/knife.rb

@@ -0,0 +1,169 @@
+require 'formatron/util/shell'
+require 'English'
+require 'json'
+
+class Formatron
+  class Chef
+    # Wrapper for the knife cli
+    # rubocop:disable Metrics/ClassLength
+    class Knife
+      # rubocop:disable Metrics/MethodLength
+      # rubocop:disable Metrics/ParameterLists
+      def initialize(
+        keys:,
+        chef_server_url:,
+        username:,
+        organization:,
+        ssl_verify:,
+        name:,
+        databag_secret:,
+        configuration:
+      )
+        @keys = keys
+        @chef_server_url = chef_server_url
+        @username = username
+        @organization = organization
+        @ssl_verify = ssl_verify
+        @name = name
+        @databag_secret = databag_secret
+        @configuration = configuration
+      end
+      # rubocop:enable Metrics/ParameterLists
+      # rubocop:enable Metrics/MethodLength
+
+      # rubocop:disable Metrics/MethodLength
+      def init
+        @knife_file = Tempfile.new 'formatron-knife-'
+        @knife_file.write <<-EOH.gsub(/^ {10}/, '')
+          chef_server_url '#{@chef_server_url}'
+          validation_client_name '#{@organization}-validator'
+          validation_key '#{@keys.organization_key}'
+          node_name '#{@username}'
+          client_key '#{@keys.user_key}'
+          verify_api_cert #{@ssl_verify}
+          ssl_verify_mode #{@ssl_verify ? ':verify_peer' : ':verify_none'}
+        EOH
+        @knife_file.close
+        @databag_secret_file = Tempfile.new 'formatron-databag-secret-'
+        @databag_secret_file.write @databag_secret
+        @databag_secret_file.close
+        @databag_file = Tempfile.new ['formatron-databag-', '.json']
+        @databag_file.write @configuration.merge(id: @name).to_json
+        @databag_file.close
+      end
+      # rubocop:enable Metrics/MethodLength
+
+      def deploy_databag
+        _attempt_to_create_databag unless _databag_exists
+        _attempt_to_create_databag_item
+      end
+
+      def _databag_exists
+        Util::Shell.exec "knife data bag show formatron -c #{@knife_file.path}"
+      end
+
+      def _attempt_to_create_databag
+        fail 'failed to create data bag: formatron' unless _create_databag
+      end
+
+      def _create_databag
+        # rubocop:disable Metrics/LineLength
+        Util::Shell.exec "knife data bag create formatron -c #{@knife_file.path}"
+        # rubocop:enable Metrics/LineLength
+      end
+
+      def _attempt_to_create_databag_item
+        # rubocop:disable Metrics/LineLength
+        fail "failed to create data bag item: #{@name}" unless _create_databag_item
+        # rubocop:enable Metrics/LineLength
+      end
+
+      def _create_databag_item
+        # rubocop:disable Metrics/LineLength
+        Util::Shell.exec "knife data bag from file formatron #{@databag_file.path} --secret-file #{@databag_secret_file.path} -c #{@knife_file.path}"
+        # rubocop:enable Metrics/LineLength
+      end
+
+      def create_environment(environment:)
+        # rubocop:disable Metrics/LineLength
+        _attempt_to_create_environment environment unless _environment_exists environment
+        # rubocop:enable Metrics/LineLength
+      end
+
+      def _environment_exists(environment)
+        # rubocop:disable Metrics/LineLength
+        Util::Shell.exec "knife environment show #{environment} -c #{@knife_file.path}"
+        # rubocop:enable Metrics/LineLength
+      end
+
+      def _attempt_to_create_environment(environment)
+        # rubocop:disable Metrics/LineLength
+        fail "failed to create opscode environment: #{environment}" unless _create_environment environment
+        # rubocop:enable Metrics/LineLength
+      end
+
+      def _create_environment(environment)
+        # rubocop:disable Metrics/LineLength
+        Util::Shell.exec "knife environment create #{environment} -c #{@knife_file.path} -d '#{environment} environment created by formatron'"
+        # rubocop:enable Metrics/LineLength
+      end
+
+      def bootstrap(
+        environment:,
+        bastion_hostname:,
+        cookbook:,
+        hostname:
+      )
+        # rubocop:disable Metrics/LineLength
+        command = "knife bootstrap #{hostname} --sudo -x ubuntu -i #{@keys.ec2_key} -E #{environment} -r #{cookbook} -N #{environment} -c #{@knife_file.path}#{@ssl_verify ? '' : ' --node-ssl-verify-mode none'} --secret-file #{@databag_secret_file.path}"
+        command = "#{command} -G ubuntu@#{bastion_hostname}" unless bastion_hostname.eql? hostname
+        fail "failed to bootstrap instance: #{hostname}" unless Util::Shell.exec command
+        # rubocop:enable Metrics/LineLength
+      end
+
+      def delete_databag
+        # rubocop:disable Metrics/LineLength
+        command = "knife data bag delete formatron #{@name} -y -c #{@knife_file.path}"
+        fail "failed to delete data bag item: #{@name}" unless Util::Shell.exec command
+        # rubocop:enable Metrics/LineLength
+      end
+
+      def delete_node(node:)
+        command = "knife node delete #{node} -y -c #{@knife_file.path}"
+        fail "failed to delete node: #{node}" unless Util::Shell.exec command
+      end
+
+      def delete_client(client:)
+        # rubocop:disable Metrics/LineLength
+        command = "knife client delete #{client} -y -c #{@knife_file.path}"
+        fail "failed to delete client: #{client}" unless Util::Shell.exec command
+        # rubocop:enable Metrics/LineLength
+      end
+
+      def delete_environment(environment:)
+        # rubocop:disable Metrics/LineLength
+        command = "knife environment delete #{environment} -y -c #{@knife_file.path}"
+        fail "failed to delete environment: #{environment}" unless Util::Shell.exec command
+        # rubocop:enable Metrics/LineLength
+      end
+
+      def unlink
+        @knife_file.unlink unless @knife_file.nil?
+        @databag_secret_file.unlink unless @databag_secret_file.nil?
+        @databag_file.unlink unless @databag_file.nil?
+      end
+
+      private(
+        :_create_databag,
+        :_create_databag_item,
+        :_attempt_to_create_databag,
+        :_attempt_to_create_databag_item,
+        :_databag_exists,
+        :_create_environment,
+        :_attempt_to_create_environment,
+        :_environment_exists
+      )
+    end
+    # rubocop:enable Metrics/ClassLength
+  end
+end

data/lib/formatron/chef_clients.rb

@@ -0,0 +1,73 @@
+class Formatron
+  # creates chef clients
+  class ChefClients
+    # rubocop:disable Metrics/ParameterLists
+    # rubocop:disable Metrics/AbcSize
+    # rubocop:disable Metrics/MethodLength
+    def initialize(
+      aws:,
+      bucket:,
+      name:,
+      target:,
+      ec2_key:,
+      hosted_zone_name:,
+      vpc:,
+      external:,
+      configuration:,
+      databag_secret:
+    )
+      @chef_clients = {}
+      if external.nil?
+        bastions = Util::VPC.instances :bastion, vpc
+        chef_servers = Util::VPC.instances :chef_server, vpc
+      else
+        bastions = Util::VPC.instances :bastion, external, vpc
+        chef_servers = Util::VPC.instances :chef_server, external, vpc
+      end
+      bastions = Hash[bastions.map { |k, v| [k, v.sub_domain] }]
+      chef_servers.each do |key, chef_server|
+        @chef_clients[key] = Chef.new(
+          aws: aws,
+          bucket: bucket,
+          name: name,
+          target: target,
+          username: chef_server.username,
+          organization: chef_server.organization.short_name,
+          ssl_verify: chef_server.ssl_verify,
+          chef_sub_domain: chef_server.sub_domain,
+          ec2_key: ec2_key,
+          bastions: bastions,
+          hosted_zone_name: hosted_zone_name,
+          server_stack: chef_server.stack || name,
+          guid: chef_server.guid,
+          configuration: configuration,
+          databag_secret: databag_secret
+        )
+      end
+    end
+    # rubocop:enable Metrics/MethodLength
+    # rubocop:enable Metrics/AbcSize
+    # rubocop:enable Metrics/ParameterLists
+
+    def get(key = nil)
+      key ||= @chef_clients.keys[0]
+      @chef_clients[key]
+    end
+
+    def init
+      @chef_clients.values.each(&:init)
+    end
+
+    def unlink
+      @chef_clients.values.each(&:unlink)
+    end
+
+    def deploy_databags
+      @chef_clients.values.each(&:deploy_databag)
+    end
+
+    def delete_databags
+      @chef_clients.values.each(&:delete_databag)
+    end
+  end
+end

data/lib/formatron/cli.rb

@@ -0,0 +1,33 @@
+require 'commander'
+require 'formatron/version'
+
+class Formatron
+  # CLI interface
+  class CLI
+    include Commander::Methods
+
+    def global_options
+      global_option '-c', '--credentials FILE', 'The credentials file'
+      global_option(
+        '-d',
+        '--directory DIRECTORY',
+        'The Formatron configuration directory'
+      )
+    end
+
+    def commands
+      self.class.instance_methods.each do |method|
+        send(method) if method =~ /_formatron_command$/
+      end
+    end
+
+    def run
+      program :version, Formatron::VERSION
+      program :description, 'Quickly deploy AWS CloudFormation ' \
+                            'stacks backed by a Chef Server'
+      global_options
+      commands
+      run!
+    end
+  end
+end

data/lib/formatron/cli/completion.rb

@@ -0,0 +1,26 @@
+require 'formatron/completion'
+
+class Formatron
+  class CLI
+    # CLI command for completion enabling script
+    module Completion
+      def completion_script_action(c)
+        c.action do |args|
+          command = args[0] || 'formatron'
+          print Formatron::Completion.script command, defined_commands.keys
+        end
+      end
+
+      def completion_script_formatron_command
+        command :'completion-script' do |c|
+          c.syntax = 'formatron completion-script [COMMAND]'
+          c.summary = 'Output a bash script to ' \
+                      'enable command completion'
+          c.description = 'Output a bash script to ' \
+                          'enable command completion'
+          completion_script_action c
+        end
+      end
+    end
+  end
+end

data/lib/formatron/cli/deploy.rb

@@ -0,0 +1,57 @@
+require 'formatron/config'
+require 'formatron'
+
+class Formatron
+  class CLI
+    # CLI command for deploy
+    module Deploy
+      def deploy_directory(options)
+        options.directory || Dir.pwd
+      end
+
+      def deploy_credentials(options)
+        options.credentials ||
+          Generators::Credentials.default_credentials(
+            deploy_directory(options)
+          )
+      end
+
+      def deploy_target(target, directory)
+        target || choose(
+          'Target?',
+          *Config.targets(directory: directory)
+        )
+      end
+
+      def deploy_ok(formatron, target)
+        !formatron.protected? || agree(
+          "Are you sure you wish to deploy protected target: #{target}?"
+        ) do |q|
+          q.default = 'no'
+        end
+      end
+
+      def deploy_action(c)
+        c.action do |args, options|
+          directory = deploy_directory options
+          target = deploy_target args[0], directory
+          formatron = Formatron.new(
+            credentials: deploy_credentials(options),
+            directory: directory,
+            target: target
+          )
+          formatron.deploy if deploy_ok(formatron, target)
+        end
+      end
+
+      def deploy_formatron_command
+        command :deploy do |c|
+          c.syntax = 'formatron deploy [options] [TARGET]'
+          c.summary = 'Deploy or update a Formatron stack'
+          c.description = 'Deploy or update a Formatron stack'
+          deploy_action c
+        end
+      end
+    end
+  end
+end

data/lib/formatron/cli/destroy.rb

@@ -0,0 +1,57 @@
+require 'formatron'
+require 'formatron/config'
+
+class Formatron
+  class CLI
+    # CLI command for destroy
+    module Destroy
+      def destroy_directory(options)
+        options.directory || Dir.pwd
+      end
+
+      def destroy_credentials(options)
+        options.credentials ||
+          Generators::Credentials.default_credentials(
+            destroy_directory(options)
+          )
+      end
+
+      def destroy_target(target, directory)
+        target || choose(
+          'Target?',
+          *Config.targets(directory: directory)
+        )
+      end
+
+      def destroy_ok(formatron, target)
+        !formatron.protected? || agree(
+          "Are you sure you wish to destroy protected target: #{target}?"
+        ) do |q|
+          q.default = 'no'
+        end
+      end
+
+      def destroy_action(c)
+        c.action do |args, options|
+          directory = destroy_directory options
+          target = destroy_target args[0], directory
+          formatron = Formatron.new(
+            credentials: destroy_credentials(options),
+            directory: directory,
+            target: target
+          )
+          formatron.destroy if destroy_ok formatron, target
+        end
+      end
+
+      def destroy_formatron_command
+        command :destroy do |c|
+          c.syntax = 'formatron destroy [options] [TARGET]'
+          c.summary = 'Destroy a Formatron stack'
+          c.description = 'Destroy a Formatron stack'
+          destroy_action c
+        end
+      end
+    end
+  end
+end

data/lib/formatron/cli/generators/bootstrap.rb

@@ -0,0 +1,250 @@
+require 'formatron/generators/bootstrap'
+
+class Formatron
+  class CLI
+    module Generators
+      # CLI command for bootstrap generator
+      # rubocop:disable Metrics/ModuleLength
+      module Bootstrap
+        # rubocop:disable Metrics/MethodLength
+        # rubocop:disable Metrics/AbcSize
+        def bootstrap_options(c)
+          c.option '-n', '--name STRING', 'The name for the configuration'
+          c.option(
+            '-s',
+            '--s3-bucket STRING',
+            'The S3 bucket to store encrypted configuration'
+          )
+          c.option(
+            '-k',
+            '--kms-key STRING',
+            'The KMS key to use for encryption'
+          )
+          c.option(
+            '-e',
+            '--ec2-key-pair STRING',
+            'The EC2 key pair to associate with EC2 instances'
+          )
+          c.option(
+            '-z',
+            '--hosted-zone-id STRING',
+            'The Route53 Hosted Zone ID for the public hosted zone'
+          )
+          c.option(
+            '-a',
+            '--availability-zone STRING',
+            'The AWS availability zone letter (region is already taken ' \
+            'from the AWS credentials)'
+          )
+          c.option(
+            '-b',
+            '--cookbooks-bucket-prefix STRING',
+            'Used to generate target specific S3 bucket names ' \
+            '(PREFIX-TARGET) for the Chef Server to store its ' \
+            'cookbook library'
+          )
+          c.option(
+            '-o',
+            '--organization-short-name STRING',
+            'The short name of the organization to create on the ' \
+            'Chef Server (should not contain spaces, etc)'
+          )
+          c.option(
+            '-w',
+            '--organization-full-name STRING',
+            'The full name of the organization to create on the Chef Server'
+          )
+          c.option(
+            '-u',
+            '--username STRING',
+            'The username to create on the Chef Server'
+          )
+          c.option(
+            '-p',
+            '--password STRING',
+            'The password for the Chef Server user'
+          )
+          c.option(
+            '-m',
+            '--email STRING',
+            'The email address for the Chef Server user'
+          )
+          c.option(
+            '-f',
+            '--first-name STRING',
+            'The first name of the Chef Server user'
+          )
+          c.option(
+            '-l',
+            '--last-name STRING',
+            'The last name of the Chef Server user'
+          )
+          c.option(
+            '-i',
+            '--instance-cookbook STRING',
+            'The instance cookbook to apply additional ' \
+            'configuration to the Chef Server'
+          )
+          c.option(
+            '-x',
+            '--protected-targets LIST',
+            Array,
+            'The protected targets (eg. production)'
+          )
+          c.option(
+            '-y',
+            '--unprotected-targets LIST',
+            Array,
+            'The unprotected targets (eg. test)'
+          )
+        end
+        # rubocop:enable Metrics/AbcSize
+        # rubocop:enable Metrics/MethodLength
+
+        def bootstrap_directory(options)
+          options.directory || ask('Directory? ') do |q|
+            q.default = Dir.pwd
+          end
+        end
+
+        def bootstrap_name(options, directory)
+          options.name || ask('Name? ') do |q|
+            q.default = File.basename directory
+          end
+        end
+
+        def bootstrap_s3_bucket(options)
+          options.s3_bucket || ask('S3 Bucket? ')
+        end
+
+        def bootstrap_kms_key(options)
+          options.kms_key || ask('KMS Key? ')
+        end
+
+        def bootstrap_ec2_key_pair(options)
+          options.ec2_key_pair || ask('EC2 Key Pair? ')
+        end
+
+        def bootstrap_hosted_zone_id(options)
+          options.hosted_zone_id || ask('Hosted Zone ID? ')
+        end
+
+        def bootstrap_availability_zone(options)
+          options.availability_zone || ask('Availability Zone? ')
+        end
+
+        def bootstrap_cookbooks_bucket_prefix(options)
+          options.cookbooks_bucket_prefix || ask(
+            'Chef Server Cookbooks Bucket Prefix? '
+          ) do |q|
+            q.default = "#{options.s3_bucket}-cookbooks"
+          end
+        end
+
+        def bootstrap_organization_short_name(options)
+          options.organization_short_name ||
+            ask('Chef Server Organization Short Name? ')
+        end
+
+        def bootstrap_organization_full_name(options)
+          options.organization_full_name ||
+            ask('Chef Server Organization Full Name? ')
+        end
+
+        def bootstrap_username(options)
+          options.username || ask('Chef Server Username? ')
+        end
+
+        def bootstrap_password(options)
+          options.password || password('Chef Server Password? ')
+        end
+
+        def bootstrap_email(options)
+          options.email || ask('Chef Server User Email? ')
+        end
+
+        def bootstrap_first_name(options)
+          options.first_name || ask('Chef Server User First Name? ')
+        end
+
+        def bootstrap_last_name(options)
+          options.last_name || ask('Chef Server User Last Name? ')
+        end
+
+        def bootstrap_protected_targets(options)
+          options.protected_targets || ask('Protected Targets? ', Array) do |q|
+            q.default = 'production'
+          end
+        end
+
+        def bootstrap_unprotected_targets(options)
+          options.unprotected_targets ||
+            ask('Unprotected Targets? ', Array) do |q|
+              q.default = 'test'
+            end
+        end
+
+        def bootstrap_targets(options)
+          protected_targets = bootstrap_protected_targets options
+          unprotected_targets = bootstrap_unprotected_targets options
+          targets = {}
+          protected_targets.each do |target|
+            targets[target.to_sym] = { protect: true }
+          end
+          unprotected_targets.each do |target|
+            targets[target.to_sym] = { protect: false }
+          end
+          targets
+        end
+
+        # rubocop:disable Metrics/MethodLength
+        def bootstrap_params(options, directory)
+          {
+            name: bootstrap_name(options, directory),
+            s3_bucket: bootstrap_s3_bucket(options),
+            kms_key: bootstrap_kms_key(options),
+            ec2_key_pair: bootstrap_ec2_key_pair(options),
+            hosted_zone_id: bootstrap_hosted_zone_id(options),
+            availability_zone: bootstrap_availability_zone(options),
+            chef_server: {
+              cookbooks_bucket_prefix:
+                bootstrap_cookbooks_bucket_prefix(options),
+              organization: {
+                short_name: bootstrap_organization_short_name(options),
+                full_name: bootstrap_organization_full_name(options)
+              },
+              username: bootstrap_username(options),
+              password: bootstrap_password(options),
+              email: bootstrap_email(options),
+              first_name: bootstrap_first_name(options),
+              last_name: bootstrap_last_name(options)
+            },
+            targets: bootstrap_targets(options)
+          }
+        end
+        # rubocop:enable Metrics/MethodLength
+
+        def bootstrap_action(c)
+          c.action do |_args, options|
+            directory = bootstrap_directory options
+            Formatron::Generators::Bootstrap.generate(
+              directory,
+              bootstrap_params(options, directory)
+            )
+          end
+        end
+
+        def bootstrap_formatron_command
+          command :'generate bootstrap' do |c|
+            c.syntax = 'formatron generate bootstrap [options]'
+            c.summary = 'Generate a bootstrap configuration'
+            c.description = 'Generate a bootstrap configuration'
+            bootstrap_options c
+            bootstrap_action c
+          end
+        end
+      end
+      # rubocop:enable Metrics/ModuleLength
+    end
+  end
+end