formatron 0.1.14 → 0.1.15

data/lib/formatron/chef/keys.rb

@@ -5,19 +5,18 @@ class Formatron
     # Download the Chef Server keys
     class Keys
       # rubocop:disable Metrics/ParameterLists
-      def initialize(aws:, bucket:, name:, target:, guid:, ec2_key:)
+      def initialize(directory:, aws:, bucket:, name:, target:, guid:, ec2_key:)
         @aws = aws
         @bucket = bucket
         @name = name
         @target = target
         @guid = guid
         @ec2_key = ec2_key
+        @directory = directory
       end
       # rubocop:enable Metrics/ParameterLists
 
-      # rubocop:disable Metrics/MethodLength
       def init
-        @directory = Dir.mktmpdir 'formatron-chef-server-keys-'
         S3::ChefServerKeys.get(
           aws: @aws,
           bucket: @bucket,
@@ -29,23 +28,20 @@ class Formatron
         File.write ec2_key, @ec2_key
         File.chmod 0600, ec2_key
       end
-      # rubocop:enable Metrics/MethodLength
 
       def user_key
         S3::ChefServerKeys.user_pem_path directory: @directory
       end
 
       def organization_key
-        S3::ChefServerKeys.organization_pem_path directory: @directory
+        S3::ChefServerKeys.organization_pem_path(
+          directory: @directory
+        )
       end
 
       def ec2_key
         File.join @directory, 'ec2_key'
       end
-
-      def unlink
-        FileUtils.rm_rf @directory unless @directory.nil?
-      end
     end
   end
 end

data/lib/formatron/chef/knife.rb

@@ -7,10 +7,18 @@ class Formatron
     # Wrapper for the knife cli
     # rubocop:disable Metrics/ClassLength
     class Knife
+      CONFIG_FILE = 'knife.rb'
+      DATABAG_SECRET_FILE = 'databag_secret'
+      DATABAG_DIRECTORY = 'databag'
+      DATABAG_ITEM_SUFFIX = '.json'
+
       # rubocop:disable Metrics/MethodLength
       # rubocop:disable Metrics/ParameterLists
       def initialize(
+        directory:,
         keys:,
+        administrator_name:,
+        administrator_password:,
         chef_server_url:,
         username:,
         organization:,
@@ -18,7 +26,12 @@ class Formatron
         databag_secret:,
         configuration:
       )
+        @knife_file = File.join directory, CONFIG_FILE
+        @databag_secret_file = File.join directory, DATABAG_SECRET_FILE
+        @databag_directory = File.join directory, DATABAG_DIRECTORY
         @keys = keys
+        @administrator_name = administrator_name
+        @administrator_password = administrator_password
         @chef_server_url = chef_server_url
         @username = username
         @organization = organization
@@ -31,8 +44,7 @@ class Formatron
 
       # rubocop:disable Metrics/MethodLength
       def init
-        @knife_file = Tempfile.new 'formatron-knife-'
-        @knife_file.write <<-EOH.gsub(/^ {10}/, '')
+        File.write @knife_file, <<-EOH.gsub(/^ {10}/, '')
           chef_server_url '#{@chef_server_url}'
           validation_client_name '#{@organization}-validator'
           validation_key '#{@keys.organization_key}'
@@ -41,28 +53,25 @@ class Formatron
           verify_api_cert #{@ssl_verify}
           ssl_verify_mode #{@ssl_verify ? ':verify_peer' : ':verify_none'}
         EOH
-        @knife_file.close
-        @databag_secret_file = Tempfile.new 'formatron-databag-secret-'
-        @databag_secret_file.write @databag_secret
-        @databag_secret_file.close
+        File.write @databag_secret_file, @databag_secret
+        FileUtils.mkdir_p @databag_directory
       end
       # rubocop:enable Metrics/MethodLength
 
       def deploy_databag(name:)
-        databag_file = Tempfile.new ['formatron-databag-', '.json']
-        databag_file.write @configuration.merge(id: name).to_json
-        databag_file.close
+        databag_file = File.join(
+          @databag_directory, "#{name}#{DATABAG_ITEM_SUFFIX}"
+        )
+        File.write databag_file, @configuration.merge(id: name).to_json
         _attempt_to_create_databag unless _databag_exists
         _attempt_to_create_databag_item(
           name: name,
           databag_file: databag_file
         )
-      ensure
-        databag_file.unlink unless databag_file.nil?
       end
 
       def _databag_exists
-        Util::Shell.exec "knife data bag show formatron -c #{@knife_file.path}"
+        Util::Shell.exec "knife data bag show formatron -c #{@knife_file}"
       end
 
       def _attempt_to_create_databag
@@ -70,9 +79,7 @@ class Formatron
       end
 
       def _create_databag
-        # rubocop:disable Metrics/LineLength
-        Util::Shell.exec "knife data bag create formatron -c #{@knife_file.path}"
-        # rubocop:enable Metrics/LineLength
+        Util::Shell.exec "knife data bag create formatron -c #{@knife_file}"
       end
 
       def _attempt_to_create_databag_item(name:, databag_file:)
@@ -83,7 +90,7 @@ class Formatron
 
       def _create_databag_item(databag_file:)
         # rubocop:disable Metrics/LineLength
-        Util::Shell.exec "knife data bag from file formatron #{databag_file.path} --secret-file #{@databag_secret_file.path} -c #{@knife_file.path}"
+        Util::Shell.exec "knife data bag from file formatron #{databag_file} --secret-file #{@databag_secret_file} -c #{@knife_file}"
         # rubocop:enable Metrics/LineLength
       end
 
@@ -95,7 +102,7 @@ class Formatron
 
       def _environment_exists(environment)
         # rubocop:disable Metrics/LineLength
-        Util::Shell.exec "knife environment show #{environment} -c #{@knife_file.path}"
+        Util::Shell.exec "knife environment show #{environment} -c #{@knife_file}"
         # rubocop:enable Metrics/LineLength
       end
 
@@ -107,59 +114,61 @@ class Formatron
 
       def _create_environment(environment)
         # rubocop:disable Metrics/LineLength
-        Util::Shell.exec "knife environment create #{environment} -c #{@knife_file.path} -d '#{environment} environment created by formatron'"
+        Util::Shell.exec "knife environment create #{environment} -c #{@knife_file} -d '#{environment} environment created by formatron'"
         # rubocop:enable Metrics/LineLength
       end
 
+      # rubocop:disable Metrics/MethodLength
       def bootstrap(
+        os:,
         guid:,
         bastion_hostname:,
         cookbook:,
         hostname:
       )
         # rubocop:disable Metrics/LineLength
-        command = "knife bootstrap #{hostname} --sudo -x ubuntu -i #{@keys.ec2_key} -E #{guid} -r #{cookbook} -N #{guid} -c #{@knife_file.path}#{@ssl_verify ? '' : ' --node-ssl-verify-mode none'} --secret-file #{@databag_secret_file.path}"
-        command = "#{command} -G ubuntu@#{bastion_hostname}" unless bastion_hostname.eql? hostname
+        if os.eql? 'windows'
+          command = "knife bootstrap windows winrm #{hostname} -x #{@administrator_name} -P '#{@administrator_password}' -E #{guid} -r #{cookbook} -N #{guid} -c #{@knife_file} --secret-file #{@databag_secret_file}"
+        else
+          command = "knife bootstrap #{hostname} --sudo -x ubuntu -i #{@keys.ec2_key} -E #{guid} -r #{cookbook} -N #{guid} -c #{@knife_file}#{@ssl_verify ? '' : ' --node-ssl-verify-mode none'} --secret-file #{@databag_secret_file}"
+          command = "#{command} -G ubuntu@#{bastion_hostname}" unless bastion_hostname.eql? hostname
+        end
         fail "failed to bootstrap instance: #{guid}" unless Util::Shell.exec command
         # rubocop:enable Metrics/LineLength
       end
+      # rubocop:enable Metrics/MethodLength
 
       def delete_databag(name:)
         # rubocop:disable Metrics/LineLength
-        command = "knife data bag delete formatron #{name} -y -c #{@knife_file.path}"
+        command = "knife data bag delete formatron #{name} -y -c #{@knife_file}"
         fail "failed to delete data bag item: #{name}" unless Util::Shell.exec command
         # rubocop:enable Metrics/LineLength
       end
 
       def delete_node(node:)
-        command = "knife node delete #{node} -y -c #{@knife_file.path}"
+        command = "knife node delete #{node} -y -c #{@knife_file}"
         fail "failed to delete node: #{node}" unless Util::Shell.exec command
       end
 
       def delete_client(client:)
         # rubocop:disable Metrics/LineLength
-        command = "knife client delete #{client} -y -c #{@knife_file.path}"
+        command = "knife client delete #{client} -y -c #{@knife_file}"
         fail "failed to delete client: #{client}" unless Util::Shell.exec command
         # rubocop:enable Metrics/LineLength
       end
 
       def delete_environment(environment:)
         # rubocop:disable Metrics/LineLength
-        command = "knife environment delete #{environment} -y -c #{@knife_file.path}"
+        command = "knife environment delete #{environment} -y -c #{@knife_file}"
         fail "failed to delete environment: #{environment}" unless Util::Shell.exec command
         # rubocop:enable Metrics/LineLength
       end
 
       def node_exists?(guid:)
-        command = "knife node show #{guid} -c #{@knife_file.path}"
+        command = "knife node show #{guid} -c #{@knife_file}"
         Util::Shell.exec command
       end
 
-      def unlink
-        @knife_file.unlink unless @knife_file.nil?
-        @databag_secret_file.unlink unless @databag_secret_file.nil?
-      end
-
       private(
         :_create_databag,
         :_create_databag_item,

data/lib/formatron/chef/ssh.rb

@@ -11,12 +11,15 @@ class Formatron
       end
 
       def run_chef_client(hostname:, bastion_hostname:)
+        # use the first-boot.json to ensure the runlist is correct
+        # if the node fails to converge the first time (in which case
+        # the server will show an empty run list for the node)
         Formatron::Util::SSH.exec(
           hostname: hostname,
           bastion_hostname: bastion_hostname,
           user: SSH_USER,
           key: @keys.ec2_key,
-          command: 'sudo chef-client'
+          command: 'sudo chef-client -j /etc/chef/first-boot.json'
         )
       end
 

data/lib/formatron/chef/winrm.rb

@@ -0,0 +1,37 @@
+require 'formatron/util/winrm'
+
+class Formatron
+  class Chef
+    # Perform commands on chef nodes over WinRM
+    class WinRM
+      def initialize(administrator_name:, administrator_password:)
+        @administrator_name = administrator_name
+        @administrator_password = administrator_password
+      end
+
+      def run_chef_client(hostname:)
+        # use the first-boot.json to ensure the runlist is correct
+        # if the node fails to converge the first time (in which case
+        # the server will show an empty run list for the node)
+        Formatron::Util::WinRM.exec(
+          hostname: hostname,
+          administrator_name: @administrator_name,
+          administrator_password: @administrator_password,
+          command: 'chef-client -j C:\chef\first-boot.json'
+        )
+      end
+
+      def bootstrapped?(hostname:)
+        Formatron::Util::WinRM.exec(
+          hostname: hostname,
+          administrator_name: @administrator_name,
+          administrator_password: @administrator_password,
+          command: 'if (-not (Test-Path C:\chef\client.pem)) { exit 1 }'
+        )
+        true
+      rescue
+        false
+      end
+    end
+  end
+end

data/lib/formatron/chef_clients.rb

@@ -5,11 +5,14 @@ class Formatron
     # rubocop:disable Metrics/AbcSize
     # rubocop:disable Metrics/MethodLength
     def initialize(
+      directory:,
       aws:,
       bucket:,
       name:,
       target:,
       ec2_key:,
+      administrator_name:,
+      administrator_password:,
       hosted_zone_name:,
       vpc:,
       external:,
@@ -27,6 +30,7 @@ class Formatron
       bastions = Hash[bastions.map { |k, v| [k, v.sub_domain] }]
       chef_servers.each do |key, chef_server|
         @chef_clients[key] = Chef.new(
+          directory: directory,
           aws: aws,
           bucket: bucket,
           name: name,
@@ -36,6 +40,8 @@ class Formatron
           ssl_verify: chef_server.ssl_verify,
           chef_sub_domain: chef_server.sub_domain,
           ec2_key: ec2_key,
+          administrator_name: administrator_name,
+          administrator_password: administrator_password,
           bastions: bastions,
           hosted_zone_name: hosted_zone_name,
           server_stack: chef_server.stack || name,
@@ -57,9 +63,5 @@ class Formatron
     def init
       @chef_clients.values.each(&:init)
     end
-
-    def unlink
-      @chef_clients.values.each(&:unlink)
-    end
   end
 end

data/lib/formatron/cli/generators/credentials.rb

@@ -7,7 +7,7 @@ class Formatron
       # CLI command for credentials generator
       module Credentials
         def self.dot_credentials
-          File.join '.formatron', 'credentials.json'
+          File.join Formatron::WORKING_DIRECTORY, 'credentials.json'
         end
 
         def self.global_credentials

data/lib/formatron/cloud_formation/resources/ec2.rb

@@ -1,4 +1,5 @@
 require_relative '../template'
+require_relative '../scripts'
 
 class Formatron
   module CloudFormation
@@ -274,49 +275,72 @@ class Formatron
         # rubocop:disable Metrics/ParameterLists
         # rubocop:disable Metrics/AbcSize
         def self.instance(
-          scripts: nil,
-          script_variables: nil,
-          files: nil,
           instance_profile:,
           availability_zone:,
           instance_type:,
           key_name:,
+          administrator_name:,
+          administrator_password:,
           subnet:,
           name:,
           wait_condition_handle:,
           security_group:,
           logical_id:,
-          source_dest_check:
+          source_dest_check:,
+          os:
         )
-          files ||= {}
-          scripts.each_index do |index|
-            files["/tmp/formatron/script-#{index}.sh"] = {
-              content: scripts[index],
-              mode: '000755',
-              owner: 'root',
-              group: 'root'
-            }
-          end unless scripts.nil?
-          script_variables_content =
-            script_variables.reduce([]) do |content, (key, value)|
-              content.concat(["#{key}=", value, "\n"])
-            end unless script_variables.nil?
-          files['/tmp/formatron/script-variables'] = {
-            content: Template.join(*script_variables_content),
-            mode: '000644',
-            owner: 'root',
-            group: 'root'
-          } unless script_variables_content.nil?
+          if os.eql? 'windows'
+            user_data = Template.base_64(
+              Template.join(
+                # rubocop:disable Metrics/LineLength
+                "<powershell>\n",
+                "try\n",
+                "{\n",
+                Scripts.windows_administrator(
+                  name: administrator_name,
+                  password: administrator_password
+                ),
+                'winrm quickconfig -q', "\n",
+                "winrm set winrm/config/winrs '@{MaxMemoryPerShellMB=\"1024\"}'", "\n",
+                "winrm set winrm/config '@{MaxTimeoutms=\"1800000\"}'", "\n",
+                "winrm set winrm/config/service '@{AllowUnencrypted=\"true\"}'", "\n",
+                "winrm set winrm/config/service/auth '@{Basic=\"true\"}'", "\n",
+                'netsh advfirewall firewall add rule name="WinRM 5985" protocol=TCP dir=in localport=5985 action=allow', "\n",
+                'netsh advfirewall firewall add rule name="WinRM 5986" protocol=TCP dir=in localport=5986 action=allow', "\n",
+                'Stop-Service winrm', "\n",
+                'Set-Service winrm -startuptype "automatic"', "\n",
+                'Start-Service winrm', "\n",
+                'cfn-init.exe -v -s ', Template.ref('AWS::StackName'),
+                " -r #{logical_id}",
+                ' --region ', Template.ref('AWS::Region'), "\n",
+                "}\n",
+                "catch\n",
+                "{\n",
+                'cfn-signal.exe -e 1 ',
+                Template.base_64(Template.ref(wait_condition_handle)), "\n",
+                "}\n",
+                '</powershell>'
+              # rubocop:enable Metrics/LineLength
+              )
+            )
+          else
+            user_data = Template.base_64(
+              Template.join(
+                # rubocop:disable Metrics/LineLength
+                "#!/bin/bash -v\n",
+                "apt-get -y update\n",
+                "apt-get -y install python-setuptools\n",
+                "easy_install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz\n",
+                "export PATH=$PATH:/opt/aws/bin\n",
+                'cfn-init --region ', Template.ref('AWS::Region'),
+                '    -v -s ', Template.ref('AWS::StackName'), " -r #{logical_id}\n",
+                "cfn-signal -e $? -r 'Formatron instance configuration complete' '", Template.ref(wait_condition_handle), "'\n"
+              # rubocop:enable Metrics/LineLength
+              )
+            )
+          end
           {
             Type: 'AWS::EC2::Instance',
-            Metadata: {
-              Comment1: 'Create setup scripts',
-              'AWS::CloudFormation::Init' => {
-                config: {
-                  files: files
-                }
-              }
-            },
             Properties: {
               IamInstanceProfile: Template.ref(instance_profile),
               AvailabilityZone: Template.join(
@@ -326,7 +350,7 @@ class Formatron
               ImageId: Template.find_in_map(
                 Template::REGION_MAP,
                 Template.ref('AWS::Region'),
-                'ami'
+                os
               ),
               SourceDestCheck: source_dest_check,
               InstanceType: instance_type,
@@ -337,36 +361,13 @@ class Formatron
                 Key: 'Name',
                 Value: name
               }],
-              UserData: Template.base_64(
-                Template.join(
-                  # rubocop:disable Metrics/LineLength
-                  "#!/bin/bash -v\n",
-                  "function error_exit\n",
-                  "{\n",
-                  "  cfn-signal -e 1 -r \"$1\" '", Template.ref(wait_condition_handle), "'\n",
-                  "  exit 1\n",
-                  "}\n",
-                  "apt-get -y update\n",
-                  "apt-get -y install python-setuptools\n",
-                  "easy_install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz\n",
-                  "export PATH=$PATH:/opt/aws/bin\n",
-                  'cfn-init --region ', Template.ref('AWS::Region'),
-                  '    -v -s ', Template.ref('AWS::StackName'), " -r #{logical_id} ",
-                  " || error_exit 'Failed to run cfn-init'\n",
-                  "for file in /tmp/formatron/script-*.sh; do\n",
-                  "  $file || error_exit \"failed to run Formatron setup script: $file\"\n",
-                  "done\n",
-                  "# If all went well, signal success\n",
-                  "cfn-signal -e $? -r 'Formatron instance configuration complete' '", Template.ref(wait_condition_handle), "'\n"
-                # rubocop:enable Metrics/LineLength
-                )
-              )
+              UserData: user_data
             }
           }
         end
-        # rubocop:enable Metrics/AbcSize
         # rubocop:enable Metrics/ParameterLists
         # rubocop:enable Metrics/MethodLength
+        # rubocop:enable Metrics/AbcSize
       end
       # rubocop:enable Metrics/ModuleLength
     end