furnish-ssh 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 1cb22d00eeea3ce171e12a7dd969c507c9f995a9
+  data.tar.gz: 7a26d0d19e35979e24dff3d60c40c19457c6d517
+SHA512:
+  metadata.gz: 093bf39088928118a7e1fcf3934731b9c6aa5474fd9bdd5803213e6471559b75836efdcf7873636d38a52656e2d1102345ea93e5c5d838b3bfe4c88275aec429
+  data.tar.gz: b3b0554ef1b98939deb781ccf660ff39d9a5a1544ffc1df4c29900bf2ffdd8c3015698fb70251b8041ddc57a62b53d9f23893ac2c768583b599e2039d12514e3

data/.gitignore

@@ -0,0 +1,18 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+html

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in furnish-ssh.gemspec
+gemspec

data/Guardfile

@@ -0,0 +1,10 @@
+# vim: ft=ruby
+guard 'minitest' do
+  # with Minitest::Unit
+  watch(%r!^test/(.*)\/?test_(.*)\.rb!)
+  watch(%r!^test/helper\.rb!) { "test" }
+end
+
+guard 'rake', :run_on_all => false, :task => 'rdoc_cov' do
+  watch(%r!^lib/(.*)([^/]+)\.rb!)
+end

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2013 Erik Hollensbe
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,71 @@
+# furnish-ssh
+
+Inject SSH remote commands into your provisioning pipeline. See
+[furnish](https://github.com/chef-workflow/furnish/) for information on what
+furnish is.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'furnish-ssh'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install furnish-ssh
+
+## Usage
+
+SSH requires ip addresses, which implies machines and possibly something like
+[furnish-ip](https://github.com/chef-workflow/furnish-ip) to manage a pool of
+them. This example will use AutoIP and Vagrant from
+[furnish-vagrant](https://github.com/chef-workflow/furnish-vagrant).
+
+It doesn't have to be this complicated (and won't be in most cases), this is
+just a complete example.
+
+```ruby
+require 'furnish'
+require 'furnish/ip'
+require 'furnish/provisioners/ip'
+require 'furnish/provisioners/vagrant'
+require 'furnish/provisioners/ssh'
+
+Furnish.init
+sched = Furnish::Scheduler.new
+# Furnish::IP is a database of allocated addresses and more will be allocated
+# by the AutoIP provisioner.
+ip    = Furnish::IP.new('10.10.10.0/24')
+# allocate gateway and network IPs so Vagrant can NAT properly
+[0, 1].each { |x| ip.allocate("10.10.10.#{x}") }
+
+# create our group - get an ip, hand it to vagrant which creates a machine,
+# hand it to ssh which updates the box.
+group = Furnish::ProvisionerGroup.new(
+  'test',
+  [
+    Furnish::Provisioner::AutoIP.new(:ip => ip, :number_of_addresses => 1),
+    Furnish::Provisioner::Vagrant.new(:box => "precise64", :number_of_machines => 1),
+    Furnish::Provisioner::SSH.new(
+      :username => "vagrant",
+      :password => "vagrant",
+      :startup_command => "sudo apt-get update; sudo apt-get dist-upgrade -y"
+    )
+  ]
+)
+
+sched << group
+sched.run
+```
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,46 @@
+require "bundler/gem_tasks"
+require 'rake/testtask'
+require 'rdoc/task'
+
+Rake::TestTask.new do |t|
+  t.libs << "test"
+  files = FileList["test/test_*.rb"]
+
+  if ENV["TEST_SMALL"]
+    files.reject! { |f| File.basename(f) =~ /^test_multi/ }
+  end
+
+  t.test_files = files
+  t.verbose = true
+end
+
+RDoc::Task.new do |rdoc|
+  rdoc.title = "Run SSH commands as a Furnish Provisioner"
+  rdoc.main = "README.md"
+  rdoc.rdoc_files.include("README.md", "lib/**/*.rb")
+  rdoc.rdoc_files -= ["lib/furnish/ssh/version.rb"]
+  if ENV["RDOC_COVER"]
+    rdoc.options << "-C"
+  end
+end
+
+desc "run tests with coverage report"
+task "test:coverage" do
+  ENV["COVERAGE"] = "1"
+  Rake::Task["test"].invoke
+end
+
+desc "run rdoc with coverage report"
+task :rdoc_cov do
+  # ugh
+  ENV["RDOC_COVER"] = "1"
+  ruby "-S rake rerdoc"
+end
+
+namespace :test do
+  desc "Run a shorter test suite that's not as exhaustive."
+  task :small do
+    ENV["TEST_SMALL"] = "1"
+    ruby "-S rake test"
+  end
+end

data/furnish-ssh.gemspec

@@ -0,0 +1,34 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'furnish/ssh/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "furnish-ssh"
+  spec.version       = Furnish::SSH::VERSION
+  spec.authors       = ["Erik Hollensbe"]
+  spec.email         = ["erik+github@hollensbe.org"]
+  spec.description   = %q{Run SSH commands as a Furnish Provisioner}
+  spec.summary       = %q{Run SSH commands as a Furnish Provisioner}
+  spec.homepage      = "https://github.com/chef-workflow/furnish-ssh"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency 'furnish', '~> 0.1.1'
+  spec.add_dependency 'net-ssh', '~> 2.0'
+
+  spec.add_development_dependency 'furnish-vagrant', '~> 0.1.0'
+  spec.add_development_dependency 'furnish-ip', '~> 0.1.0'
+  spec.add_development_dependency 'bundler', '~> 1.3'
+  spec.add_development_dependency 'rake'
+  spec.add_development_dependency 'minitest'
+  spec.add_development_dependency 'guard-minitest'
+  spec.add_development_dependency 'guard-rake', '~> 0.0.8'
+  spec.add_development_dependency 'rdoc', '~> 4.0'
+  spec.add_development_dependency 'rb-fsevent'
+  spec.add_development_dependency 'simplecov'
+end

data/lib/furnish/provisioners/ssh.rb

@@ -0,0 +1,482 @@
+require 'furnish/provisioners/api'
+require 'furnish/logger'
+require 'net/ssh'
+require 'net/ssh/verifiers/no_save_strict' # XXX this is provided by this gem
+require 'timeout'
+require 'set'
+
+module Furnish # :nodoc:
+  module Provisioner # :nodoc:
+
+    #
+    # Provisioner to execute SSH commands on remote targets during startup and
+    # shutdown. See ::new for construction requirements.
+    #
+    # Please see Net::SSH::Verifiers::NoSaveStrict and #paranoid about how host
+    # keys are handled in a surprising way.
+    #
+    # Startup::
+    #   * requires:
+    #     * ips (Set<String>):: list of IP addresses to target
+    #   * yields:
+    #     * ssh_exit_statuses (Hash<String, Integer>):: IP -> exit status map
+    #     * ssh_output (Hash<String, String>):: IP -> command output map
+    #
+    # Shutdown::
+    #   * accepts:
+    #     * ips (Set<String>):: list of IP addresses to target
+    #   * yields:
+    #     * ssh_exit_statuses (Hash<String, Integer>):: IP -> exit status map
+    #     * ssh_output (Hash<String, String>):: IP -> command output map
+    #
+    class SSH < API
+
+      include Furnish::Logger::Mixins
+
+      configure_startup do
+        requires :ips,
+          "String IP addresses to connect to",
+          Set
+
+        yields :ssh_exit_statuses,
+          "Exit codes, mapped IP<String> -> Code<Integer>",
+          Hash
+
+        # FIXME mute output option
+        yields :ssh_output,
+          "output of SSH, mapped IP<String> -> Output<String>",
+          Hash
+      end
+
+      configure_shutdown do
+        accepts_from_any true
+
+        accepts :ips,
+          "String IP addresses to connect to",
+          Set
+
+        yields :ssh_exit_statuses,
+          "Exit codes, mapped IP<String> -> Code<Integer>",
+          Hash
+
+        # FIXME mute output option
+        yields :ssh_output,
+          "output of SSH, mapped IP<String> -> Output<String>",
+          Hash
+      end
+
+      ##
+      # :attr: provision_wait
+      #
+      # How long to wait before giving up on SSH returning. Default is 300
+      # seconds. Fractional values OK.
+      #
+      furnish_property :provision_wait,
+        "How long to wait before giving up on SSH returning. Default is 300 seconds. Fractional values OK.",
+        Numeric
+
+      ##
+      # :attr: username
+      #
+      # Username which to SSH in as. Required, no default.
+      #
+      furnish_property :username,
+        "Username which to SSH in as. Required, no default.",
+        String
+
+      ##
+      # :attr: password
+      #
+      # Password to use when authenticating. Optional, but this or #private_key
+      # or #private_key_path must be provided.
+      #
+      furnish_property :password,
+        "Password to use when authenticating. Optional, but this or private_key or private_key_path must be provided.",
+        String
+
+      ##
+      # :attr: private_key
+      #
+      # Private key to use when authenticating. Optional, but this or #password
+      # or #private_key_path must be provided.
+      #
+      furnish_property :private_key,
+        "Private key to use when authenticating. Optional, but this or password or private_key_path must be provided.",
+        String
+
+      ##
+      # :attr: private_key_path
+      #
+      # Path to file on disk containing the private key to use when
+      # authenticating. Optional, but this or #password or #private_key must be
+      # provided.
+      #
+      furnish_property :private_key_path,
+        "Path to file on disk containing the private key to use when authenticating. Optional, but this or password or private_key must be provided.",
+        String
+
+      ##
+      # :attr: startup_command
+      #
+      # The command to run on each remote host when this provisioner runs
+      # startup. Either #startup_command or #shutdown_command must be provided.
+      #
+      furnish_property :startup_command,
+        "The command to run on each remote host when this provisioner runs startup. Either startup_command or shutdown_command must be provided.",
+        String
+
+      ##
+      # :attr: shutdown_command
+      #
+      # The command to run on each remote host when this provisioner runs
+      # shutdown. Either #startup_command or #shutdown_command must be provided.
+      #
+      furnish_property :shutdown_command,
+        "The command to run on each remote host when this provisioner runs shutdown. Either startup_command or shutdown_command must be provided.",
+        String
+
+      ##
+      # :attr: require_pty
+      #
+      # If true, attempts to allocate a pty after connecting. If this fails,
+      # fails the provision. Default is false. Cannot be used with #stdin.
+      #
+      furnish_property :require_pty,
+        "If true, attempts to allocate a pty after connecting. If this fails, fails the provision. Default is false. Cannot be used with stdin."
+
+      ##
+      # :attr: stdin
+      #
+      # If a string is provided, will be provided to the executing command as
+      # standard input. Cannot be used with #require_pty.
+      #
+      furnish_property :stdin,
+        "If a string is provided, will be provided to the executing command as standard input. Cannot be used with require_pty.",
+        String
+
+      ##
+      # :attr: merge_output
+      #
+      # If true, will merge stdout and stderr for purposes of output.
+      #
+      furnish_property :merge_output,
+        "If true, will merge stdout and stderr for purposes of output."
+
+      ##
+      # :attr: log_output
+      #
+      # If true, will send all output to the furnish logger. Use #merge_output
+      # to get stderr as well.
+      #
+      furnish_property :log_output,
+        "If true, will send all output to the furnish logger. Use merge_output to get stderr as well."
+
+      ##
+      # :attr: paranoid
+      #
+      # Maps to Net::SSH.start's :paranoid option. If :no_save_strict is
+      # assigned (the default), will use our
+      # Net::SSH::Verifiers::NoSaveStrict verifier which will not attempt to
+      # save any host keys that we do not recognize. Any that do exist
+      # however will be checked appropriately.
+      #
+      furnish_property :paranoid,
+        "Maps to Net::SSH.start's :paranoid option, used for host key validation. Use :no_save_strict (the default) to get something similar to :strict that doesn't save on an unknown key."
+
+      ##
+      # :attr: mute_output
+      #
+      # If true, output will not be stored or relayed. Useful for commands
+      # which will perform lots of output. log_output is not affected."
+      #
+      furnish_property :mute_output,
+        "If true, output will not be stored or relayed. Useful for commands which will perform lots of output. log_output is not affected."
+
+      ##
+      # :attr: success
+      #
+      # If non-nil, exit statuses that are in the set will be considered
+      # successes. Default is to only treat 0 as a success.
+      #
+      furnish_property :success,
+        "If non-nil, exit statuses that are in the set will be considered successes.",
+        Set
+
+      # a stored list of the IPs dealt with by this provisioner
+      attr_reader :ips
+
+      # a hash of ip -> output, accessible after provision. overwritten on both
+      # startup and shutdown.
+      attr_reader :output
+
+      #--
+      # TODO host key verifier, allowable exit codes (other than zero of
+      #      course), attr_reader for output
+      #++
+
+      #
+      # Construct the SSH provisioner.
+      #
+      # Requirements::
+      #   * #username must be provided.
+      #   * #password, #private_key, or #private_key_path must be provided, but only one of them.
+      #   * #startup_command or #shutdown_command must be provided. You may provide both.
+      #   * #stdin and #require_pty cannot be provided together.
+      #
+      def initialize(args)
+        super
+        check_auth_args
+        check_command_args
+        check_stdin_pty
+
+        @paranoid         = args.has_key?(:paranoid) ? args[:paranoid] : :no_save_strict
+        @provision_wait ||= 300
+        @success        ||= Set[0]
+      end
+
+      #
+      # Predicate for determining requirements for ::new.
+      #
+      def check_stdin_pty
+        if stdin and require_pty
+          raise ArgumentError, "stdin and require_pty are incompatible -- if used together, will hang the provision."
+        end
+      end
+
+      #
+      # Predicate for determining requirements for ::new.
+      #
+      def check_command_args
+        unless startup_command or shutdown_command
+          raise ArgumentError, "startup_command or shutdown_command must be provided at minimum."
+        end
+      end
+
+      #
+      # Predicate for determining requirements for ::new.
+      #
+      def check_auth_args
+        unless username
+          raise ArgumentError, "username must be provided"
+        end
+
+        unless password or private_key or private_key_path
+          raise ArgumentError, "password, private_key, or private_key_path must be provided"
+        end
+
+        if [password, private_key, private_key_path].compact.count > 1
+          raise ArgumentError, "You may only supply one of password, private_key, or private_key_path."
+        end
+      end
+
+      #
+      # Checks #log_output and logs the output with the host if set.
+      #
+      def log(host, output)
+        if log_output
+          if_debug do
+            print "[#{host}] #{output}"
+            flush
+          end
+        end
+      end
+
+      #
+      # Constructs the proper hash for Net::SSH.start options.
+      #
+      def ssh_options
+        opts = {
+          :config     => false,
+          :keys_only  => private_key_path || private_key
+        }
+
+        if password
+          opts[:password] = password
+        elsif private_key
+          opts[:key_data] = [private_key]
+        elsif private_key_path
+          opts[:keys] = private_key_path
+        end
+
+        opts[:paranoid] = paranoid
+
+        if opts[:paranoid] == :no_save_strict
+          opts[:paranoid] = Net::SSH::Verifiers::NoSaveStrict.new
+        end
+
+        return opts
+      end
+
+      #
+      # Performs the actual connection and execution.
+      #
+      def ssh(host, cmd)
+        ret = {
+          :exit_status => 0,
+          :stdout      => "",
+          :stderr      => ""
+        }
+
+        Net::SSH.start(host, username, ssh_options) do |ssh|
+          ssh.open_channel do |ch|
+            if stdin
+              ch.send_data(stdin)
+              ch.eof!
+            end
+
+            if require_pty
+              ch.request_pty do |ch, success|
+                unless success
+                  raise "The use_sudo setting requires a PTY, and your SSH is rejecting our attempt to get one."
+                end
+              end
+            end
+
+            ch.on_open_failed do |ch, code, desc|
+              raise "Connection Error to #{username}@#{host}: #{desc}"
+            end
+
+            ch.exec(cmd) do |ch, success|
+              unless success
+                raise "Could not execute command '#{cmd}' on #{username}@#{host}"
+              end
+
+              if merge_output
+                ch.on_data do |ch, data|
+                  log(host, data)
+                  ret[:stdout] << data
+                end
+
+                ch.on_extended_data do |ch, type, data|
+                  if type == 1
+                    log(host, data)
+                    ret[:stdout] << data
+                  end
+                end
+              else
+                ch.on_data do |ch, data|
+                  log(host, data)
+                  ret[:stdout] << data
+                end
+
+                ch.on_extended_data do |ch, type, data|
+                  ret[:stderr] << data if type == 1
+                end
+              end
+
+              ch.on_request("exit-status") do |ch, data|
+                ret[:exit_status] = data.read_long
+              end
+            end
+          end
+
+          ssh.loop
+        end
+
+        return ret
+      end
+
+      #
+      # Runs multiple ssh commands in threads, monitors those threads and
+      # stuffs status information. Will return #noop unless a command is
+      # provided. Called by #startup and #shutdown.
+      #
+      def run_ssh_provision(provision_command)
+        unless provision_command
+          return noop
+        end
+
+        #
+        # XXX sorry for the ugly. creates a IP => Thread map for tracking return values.
+        #
+        thread_map = Hash[
+          ips.map do |ip|
+            [
+              ip,
+              Thread.new do
+                ssh(ip, provision_command)
+              end
+            ]
+          end
+        ]
+
+        # FIXME see TODO about output handling
+        exit_statuses = { }
+        @output       = { }
+
+        begin
+          Timeout.timeout(provision_wait) do
+            thread_map.each do |ip, thr|
+              result = thr.value # exception will happen here.
+
+              output[ip]        = mute_output ? "" : result[:stdout]
+              exit_statuses[ip] = result[:exit_status]
+            end
+          end
+        rescue TimeoutError
+          thread_map.values.each { |t| t.kill if t.alive? }
+          raise "timeout reached waiting for hosts '#{ips.join(', ')}'"
+        end
+
+        if exit_statuses.values.all? { |x| success.any? { |c| x == c } }
+          return({ :ssh_exit_statuses => exit_statuses, :ssh_output => output })
+        else
+          # FIXME log
+          return false
+        end
+      end
+
+      #
+      # What happens when we can't execute something (e.g., because of a
+      # missing command). Just some boilerplate values.
+      #
+      def noop
+        exit_statuses = Hash[ips.map { |ip| [ip, 0] }]
+        @output       = Hash[ips.map { |ip| [ip, ""] }]
+
+        return({ :ssh_exit_statuses => exit_statuses, :ssh_output => output })
+      end
+
+      #
+      # Provision: run the command on all hosts and return the status from
+      # #run_ssh_provision. Will stuff the ips if passed regardless, so they
+      # can be used for #shutdown when nothing is expected to run in #startup.
+      #
+      def startup(args={})
+        @ips = args[:ips]
+        run_ssh_provision(startup_command)
+      end
+
+      #
+      # Deprovision: run the command. If no ips are provided from a previous
+      # provisioner, use the IPs gathered during startup.
+      #
+      def shutdown(args={})
+        # XXX use the IPs we got during startup if we didn't get a new set.
+        if args[:ips] and !args[:ips].empty?
+          @ips = args[:ips]
+        end
+
+        return false if !ips or ips.empty?
+        run_ssh_provision(shutdown_command)
+      end
+
+      #
+      # Outputs the commands if they exist.
+      #
+      def report
+        a = []
+
+        if startup_command
+          a.push("startup: '#{startup_command}'")
+        end
+
+        if shutdown_command
+          a.push("shutdown: '#{shutdown_command}'")
+        end
+
+        return a
+      end
+    end
+  end
+end

data/lib/furnish/ssh/version.rb

@@ -0,0 +1,6 @@
+module Furnish # :nodoc:
+  module SSH # :nodoc:
+    # the version of furnish-ssh
+    VERSION = "0.0.1"
+  end
+end

data/lib/net/ssh/verifiers/no_save_strict.rb

@@ -0,0 +1,34 @@
+require 'net/ssh/errors'
+require 'net/ssh/known_hosts'
+require 'net/ssh/verifiers/secure'
+
+
+module Net #:nodoc:
+  module SSH #:nodoc:
+    module Verifiers #:nodoc:
+      #
+      # This is similar to Net::SSH::Verifiers::Strict, but does not save the
+      # host key if it does not already exist in the known hosts file(s),
+      # making it ideal for repeat provisions of varied VMs that re-use IP
+      # addresses.
+      #
+      # It still goes through normal verification for those keys that do exist
+      # in the known hosts files, however.
+      #
+      #--
+      # XXX the inheritance here is correct. Strict inherits from secure, but saves
+      #     instead. We're just like strict but we don't save.
+      #++
+      class NoSaveStrict < Secure
+        #
+        # Verify the connection. See NoSaveStrict.
+        #
+        def verify(arguments)
+          super
+        rescue HostKeyUnknown
+          return true
+        end
+      end
+    end
+  end
+end

data/test/data/vagrant

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEogIBAAKCAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzI
+w+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoP
+kcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2
+hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NO
+Td0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcW
+yLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQIBIwKCAQEA4iqWPJXtzZA68mKd
+ELs4jJsdyky+ewdZeNds5tjcnHU5zUYE25K+ffJED9qUWICcLZDc81TGWjHyAqD1
+Bw7XpgUwFgeUJwUlzQurAv+/ySnxiwuaGJfhFM1CaQHzfXphgVml+fZUvnJUTvzf
+TK2Lg6EdbUE9TarUlBf/xPfuEhMSlIE5keb/Zz3/LUlRg8yDqz5w+QWVJ4utnKnK
+iqwZN0mwpwU7YSyJhlT4YV1F3n4YjLswM5wJs2oqm0jssQu/BT0tyEXNDYBLEF4A
+sClaWuSJ2kjq7KhrrYXzagqhnSei9ODYFShJu8UWVec3Ihb5ZXlzO6vdNQ1J9Xsf
+4m+2ywKBgQD6qFxx/Rv9CNN96l/4rb14HKirC2o/orApiHmHDsURs5rUKDx0f9iP
+cXN7S1uePXuJRK/5hsubaOCx3Owd2u9gD6Oq0CsMkE4CUSiJcYrMANtx54cGH7Rk
+EjFZxK8xAv1ldELEyxrFqkbE4BKd8QOt414qjvTGyAK+OLD3M2QdCQKBgQDtx8pN
+CAxR7yhHbIWT1AH66+XWN8bXq7l3RO/ukeaci98JfkbkxURZhtxV/HHuvUhnPLdX
+3TwygPBYZFNo4pzVEhzWoTtnEtrFueKxyc3+LjZpuo+mBlQ6ORtfgkr9gBVphXZG
+YEzkCD3lVdl8L4cw9BVpKrJCs1c5taGjDgdInQKBgHm/fVvv96bJxc9x1tffXAcj
+3OVdUN0UgXNCSaf/3A/phbeBQe9xS+3mpc4r6qvx+iy69mNBeNZ0xOitIjpjBo2+
+dBEjSBwLk5q5tJqHmy/jKMJL4n9ROlx93XS+njxgibTvU6Fp9w+NOFD/HvxB3Tcz
+6+jJF85D5BNAG3DBMKBjAoGBAOAxZvgsKN+JuENXsST7F89Tck2iTcQIT8g5rwWC
+P9Vt74yboe2kDT531w8+egz7nAmRBKNM751U/95P9t88EDacDI/Z2OwnuFQHCPDF
+llYOUI+SpLJ6/vURRbHSnnn8a/XG+nzedGH5JGqEJNQsz+xT2axM0/W/CRknmGaJ
+kda/AoGANWrLCz708y7VYgAtW2Uf1DPOIYMdvo6fxIB5i9ZfISgcJ/bbCUkFrhoH
++vq/5CIWxCPp0f85R4qxxQ5ihxJ0YDQT9Jpx4TMss4PSavPaBH3RXow5Ohe+bYoQ
+NE5OgEXk2wVfZczCZpigBKbKZHNYcelXtTt/nP3rsCuGcM4h53s=
+-----END RSA PRIVATE KEY-----

data/test/helper.rb

@@ -0,0 +1,25 @@
+require 'bundler/setup'
+
+if ENV["COVERAGE"]
+  require 'simplecov'
+  SimpleCov.start do
+    add_filter '/test/'
+  end
+end
+
+unless ENV["FURNISH_DEBUG"]
+  $stderr.puts <<-EOF
+
+  These tests are *SLOW* and take some time to run with very little feedback.
+  If you want output of what is going on in the test suite, set FURNISH_DEBUG
+  in your environment.
+
+  EOF
+end
+
+require 'furnish/test'
+require 'furnish/provisioners/auto_ip'
+require 'furnish/provisioners/vagrant'
+require 'furnish/provisioners/ssh'
+require 'tc'
+require 'minitest/autorun'

data/test/tc.rb

@@ -0,0 +1,40 @@
+#
+# This is a specialized test case for orchestrating against furnish-ssh
+# with a vagrant box.
+#
+class Furnish::SSHTestCase < Furnish::SchedulerTestCase
+  BOX_URL = "http://files.vagrantup.com/precise64.box"
+  PRIVATE_KEY_PATH = "test/data/vagrant" # path to private keys that work on vagrant
+
+  def setup
+    super
+    @machine_count = 1
+    @ip = nil
+    @klass = Furnish::Provisioner::SSH
+    sched.serial = true
+  end
+
+  def teardown
+    sched.teardown
+    super
+  end
+
+  def ssh_provisioner(extra_args={ :startup_command => "ls", :log_output => true })
+    args = { :username => "vagrant", :password => "vagrant" }
+    @klass.new(args.merge(extra_args))
+  end
+
+  def ip
+    @ip ||= Furnish::IP.new("10.10.10.0/24")
+    @ip.allocate("10.10.10.0")
+    @ip.allocate("10.10.10.1")
+    @ip
+  end
+
+  def machine_provisioner(num=@machine_count)
+    [
+      Furnish::Provisioner::AutoIP.new(:ip => ip, :number_of_addresses => num),
+      Furnish::Provisioner::Vagrant.new(:box_url => BOX_URL, :number_of_servers => num)
+    ]
+  end
+end

data/test/test_api.rb

@@ -0,0 +1,69 @@
+require 'helper'
+
+class TestAPI < Furnish::SSHTestCase
+  def test_protocol
+    sp = @klass.startup_protocol
+    assert_nil(sp[:accepts_from_any])
+    assert_includes(sp[:requires], :ips)
+    assert_equal(Set, sp[:requires][:ips][:type])
+    assert_includes(sp[:yields], :ssh_exit_statuses)
+    assert_equal(Hash, sp[:yields][:ssh_exit_statuses][:type])
+
+    sp = @klass.shutdown_protocol
+    assert_includes(sp[:yields], :ssh_exit_statuses)
+    assert_equal(Hash, sp[:yields][:ssh_exit_statuses][:type])
+    assert(sp[:accepts_from_any])
+  end
+
+  def test_properties
+    fp = @klass.furnish_properties
+    {
+      :username         => String,
+      :password         => String,
+      :private_key      => String,
+      :private_key_path => String,
+      :startup_command  => String,
+      :shutdown_command => String,
+      :provision_wait   => Numeric
+    }.each do |key, value|
+      assert_includes(fp, key)
+      assert_equal(value, fp[key][:type])
+    end
+  end
+
+  def test_constructor
+    passing_auth_opts = { :username => "foo", :password => "quux" }
+    passing_cmd_opts  = { :startup_command => "ls" }
+
+    assert_raises(ArgumentError) { @klass.new }
+    assert_raises(ArgumentError) { @klass.new(:username => "foo") }
+    assert_raises(ArgumentError) { @klass.new(:password => "bar") }
+
+    # XXX permutations of auth options
+    assert_raises(ArgumentError) { @klass.new(passing_cmd_opts.merge(:username => "foo", :password => "quux", :private_key_path => "frob")) }
+    assert_raises(ArgumentError) { @klass.new(passing_cmd_opts.merge(:username => "foo", :password => "quux", :private_key => "frob")) }
+    assert_raises(ArgumentError) { @klass.new(passing_cmd_opts.merge(:username => "foo", :private_key_path => "quux", :private_key => "frob")) }
+    assert_raises(ArgumentError) { @klass.new(passing_cmd_opts.merge(:username => "foo", :private_key_path => "quux", :private_key => "frob", :password => "heyooo")) }
+
+    # same as above, just with valid arguments
+    %w[password private_key private_key_path].each do |arg|
+      @klass.new(passing_cmd_opts.merge(:username => "foo", arg.to_sym => "quux"))
+    end
+
+    assert_raises(ArgumentError) { @klass.new(passing_auth_opts) }
+
+    cmd_opts = %w[startup_command shutdown_command]
+
+    cmd_opts.each do |arg|
+      @klass.new(passing_auth_opts.merge(arg.to_sym => "ls"))
+    end
+
+    @klass.new(passing_auth_opts.merge(Hash[cmd_opts.map { |arg| [arg.to_sym, "ls"] }]))
+
+    obj = @klass.new(passing_auth_opts.merge(passing_cmd_opts))
+    assert_equal(300, obj.provision_wait)
+
+    obj = @klass.new(passing_auth_opts.merge(passing_cmd_opts.merge(:provision_wait => 10)))
+    assert_equal(10, obj.provision_wait)
+  end
+end

data/test/test_basic.rb

@@ -0,0 +1,107 @@
+require 'helper'
+
+class TestBasic < Furnish::SSHTestCase
+  def test_startup
+    sched.s("test1-startup", machine_provisioner)
+    sched.run
+
+    prov = ssh_provisioner
+    assert_equal(["startup: 'ls'"], prov.report)
+
+    target_ips = ip.group_ips("test1-startup")
+    assert_equal(@machine_count, target_ips.count)
+
+    ret = prov.startup(:ips => target_ips)
+    refute_nil(ret)
+    assert_equal(Hash[target_ips.map { |ip| [ip, 0] }], ret[:ssh_exit_statuses])
+
+    target_ips.each do |ip|
+      assert_kind_of(String, ret[:ssh_output][ip])
+      refute_empty(ret[:ssh_output][ip])
+      refute_empty(prov.output[ip])
+    end
+
+    ret = prov.shutdown
+    refute_nil(ret)
+    assert_equal(Hash[target_ips.map { |ip| [ip, 0] }], ret[:ssh_exit_statuses])
+
+    target_ips.each do |ip|
+      assert_kind_of(String, ret[:ssh_output][ip])
+      assert_empty(ret[:ssh_output][ip])
+      assert_empty(prov.output[ip])
+    end
+
+    prov = ssh_provisioner(:startup_command => 'exit 1')
+    refute(prov.startup(:ips => target_ips))
+    assert(prov.shutdown)
+
+    prov = ssh_provisioner(:shutdown_command => 'exit 1')
+    assert(prov.startup(:ips => target_ips))
+    refute(prov.shutdown)
+
+    prov = ssh_provisioner(:startup_command => 'exit 1', :success => Set[0,1])
+    assert(prov.startup(:ips => target_ips))
+  end
+
+  def test_shutdown
+    sched.s("test1-shutdown", machine_provisioner)
+    sched.run
+
+    prov = ssh_provisioner(:shutdown_command => "ls")
+    assert_equal(["shutdown: 'ls'"], prov.report)
+
+    refute(prov.shutdown)
+
+    target_ips = ip.group_ips("test1-shutdown")
+    assert_equal(@machine_count, target_ips.count)
+
+    ret = prov.startup(:ips => Set[])
+    refute_nil(ret)
+    assert_empty(ret[:ssh_exit_statuses])
+    assert_empty(ret[:ssh_output])
+    assert_empty(prov.output)
+
+    refute(prov.shutdown(:ips => Set[]))
+    refute(prov.shutdown)
+
+    ret = prov.shutdown(:ips => target_ips)
+    refute_nil(ret)
+    assert_equal(Hash[target_ips.map { |ip| [ip, 0] }], ret[:ssh_exit_statuses])
+
+    target_ips.each do |ip|
+      assert_kind_of(String, ret[:ssh_output][ip])
+      refute_empty(ret[:ssh_output][ip])
+      refute_empty(prov.output[ip])
+    end
+
+    prov = ssh_provisioner(:shutdown_command => 'exit 1')
+    assert(prov.startup(:ips => Set[]))
+    refute(prov.shutdown(:ips => target_ips))
+
+    prov = ssh_provisioner(:shutdown_command => 'exit 1', :success => Set[0,1])
+    assert(prov.startup(:ips => target_ips))
+    assert(prov.shutdown)
+  end
+
+  def test_basic_provision
+    sched.s("test1-basic", machine_provisioner + [ssh_provisioner, ssh_provisioner(:shutdown_command => "ls")])
+    # these next two will raise if something's not working.
+    sched.run
+    sched.down("test1-basic")
+  end
+
+  def test_failing_provision
+    sched.s("test1-failing", machine_provisioner + [ssh_provisioner(:startup_command => 'exit 1'), ssh_provisioner(:shutdown_command => "ls")])
+    assert_raises(RuntimeError) { sched.run }
+    sched.force_deprovision = true
+    sched.down("test1-failing")
+    sched.force_deprovision = false
+    sched.s("test2-failing", machine_provisioner + [ssh_provisioner, ssh_provisioner(:shutdown_command => "exit 1")])
+    sched.run
+    assert_raises(RuntimeError) { sched.down("test2-failing") }
+    sched.force_deprovision = true
+    sched.down("test2-failing")
+  ensure
+    sched.force_deprovision = false
+  end
+end

data/test/test_features.rb

@@ -0,0 +1,66 @@
+require 'helper'
+
+class TestFeatures < Furnish::SSHTestCase
+  def test_stdin_and_log_and_merge_output
+    if ENV["FURNISH_DEBUG"]
+      $stderr.puts "Log tests are running"
+    end
+
+    io = StringIO.new('', 'w')
+
+    Furnish.logger = Furnish::Logger.new(io, 3)
+
+    sched.s("test1-stdin", machine_provisioner)
+    sched.run
+
+    prov = ssh_provisioner(:startup_command => "cat", :stdin => "fart\n", :log_output => true)
+    target_ips = ip.group_ips("test1-stdin")
+    ret = prov.startup(:ips => target_ips)
+    assert(ret)
+
+    target_ips.each do |ip|
+      assert_kind_of(String, ret[:ssh_output][ip])
+      assert_equal("fart\n", ret[:ssh_output][ip])
+      assert_equal("fart\n", prov.output[ip])
+      assert_match(/^\[#{Regexp.quote(ip)}\] fart$/, io.string)
+    end
+
+    io.string = ''
+
+    prov = ssh_provisioner(:startup_command => "cat >/dev/fd/2", :stdin => "fart\n", :log_output => true)
+    target_ips = ip.group_ips("test1-stdin")
+    ret = prov.startup(:ips => target_ips)
+    assert(ret)
+
+    target_ips.each do |ip|
+      assert_kind_of(String, ret[:ssh_output][ip])
+      assert_empty(ret[:ssh_output][ip])
+      assert_empty(prov.output[ip])
+      assert_empty(io.string)
+    end
+
+    prov = ssh_provisioner(:startup_command => "cat >/dev/fd/2", :stdin => "fart\n", :merge_output => true, :log_output => true)
+    target_ips = ip.group_ips("test1-stdin")
+    ret = prov.startup(:ips => target_ips)
+    assert(ret)
+
+    target_ips.each do |ip|
+      assert_kind_of(String, ret[:ssh_output][ip])
+      assert_equal("fart\n", ret[:ssh_output][ip])
+      assert_equal("fart\n", prov.output[ip])
+      assert_match(/^\[#{Regexp.quote(ip)}\] fart$/, io.string)
+    end
+
+    prov = ssh_provisioner(:startup_command => "cat >/dev/fd/2", :stdin => "fart\n", :merge_output => true, :log_output => true, :mute_output => true)
+    target_ips = ip.group_ips("test1-stdin")
+    ret = prov.startup(:ips => target_ips)
+    assert(ret)
+
+    target_ips.each do |ip|
+      assert_kind_of(String, ret[:ssh_output][ip])
+      assert_empty(ret[:ssh_output][ip])
+      assert_empty(prov.output[ip])
+      assert_match(/^\[#{Regexp.quote(ip)}\] fart$/, io.string)
+    end
+  end
+end

data/test/test_multi_basic.rb

@@ -0,0 +1,9 @@
+require 'helper'
+require 'test_basic'
+
+class TestMultiBasic < TestBasic
+  def setup
+    super
+    @machine_count = 2
+  end
+end

data/test/test_multi_features.rb

@@ -0,0 +1,9 @@
+require 'helper'
+require 'test_features'
+
+class TestMultiFeatures < TestFeatures
+  def setup
+    super
+    @machine_count = 2
+  end
+end

metadata

@@ -0,0 +1,238 @@
+--- !ruby/object:Gem::Specification
+name: furnish-ssh
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Erik Hollensbe
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-04-25 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: furnish
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.1.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.1.1
+- !ruby/object:Gem::Dependency
+  name: net-ssh
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: furnish-vagrant
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+- !ruby/object:Gem::Dependency
+  name: furnish-ip
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: guard-minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: guard-rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.0.8
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.0.8
+- !ruby/object:Gem::Dependency
+  name: rdoc
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '4.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '4.0'
+- !ruby/object:Gem::Dependency
+  name: rb-fsevent
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Run SSH commands as a Furnish Provisioner
+email:
+- erik+github@hollensbe.org
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- Guardfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- furnish-ssh.gemspec
+- lib/furnish/provisioners/ssh.rb
+- lib/furnish/ssh/version.rb
+- lib/net/ssh/verifiers/no_save_strict.rb
+- test/data/vagrant
+- test/helper.rb
+- test/tc.rb
+- test/test_api.rb
+- test/test_basic.rb
+- test/test_features.rb
+- test/test_multi_basic.rb
+- test/test_multi_features.rb
+homepage: https://github.com/chef-workflow/furnish-ssh
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.0.3
+signing_key: 
+specification_version: 4
+summary: Run SSH commands as a Furnish Provisioner
+test_files:
+- test/data/vagrant
+- test/helper.rb
+- test/tc.rb
+- test/test_api.rb
+- test/test_basic.rb
+- test/test_features.rb
+- test/test_multi_basic.rb
+- test/test_multi_features.rb