hocho 0.3.0 → 0.3.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +15 -1
- data/hocho.gemspec +3 -3
- data/lib/hocho/drivers/mitamae.rb +1 -1
- data/lib/hocho/drivers/ssh_base.rb +10 -4
- data/lib/hocho/host.rb +27 -2
- data/lib/hocho/property_providers/ruby_script.rb +27 -0
- data/lib/hocho/version.rb +1 -1
- metadata +14 -13
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 2f61962a1136d9599c8cecf5befa6700f5ae547847a2b38e3a4a3aaeba849438
|
4
|
+
data.tar.gz: ed1d9cb144c79c3589ecfef262d45e367c35c109d7d4280233e64e2f844dbe6a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c057b7c3a289dfbc0a9dac7bf294cec8807af1d26744ff098f76b963df4626763eabeec0a7482c0186c09c99656b5bbfdbbfea92ec7c2c4cdfa93f42149c4c25
|
7
|
+
data.tar.gz: 7423407b1f272b38ba82c31041e3010206a71f05c1d2b07a3dea40c9a49cf58ecc2b16473d3d07aa0fe648d2aadc6fdad59c299038c22840cefed169d8d9cdca
|
data/README.md
CHANGED
@@ -27,18 +27,30 @@ Or install it yourself as:
|
|
27
27
|
|
28
28
|
$ gem install hocho
|
29
29
|
|
30
|
-
##
|
30
|
+
## Usage
|
31
31
|
|
32
32
|
``` yaml
|
33
33
|
# hocho.yml
|
34
34
|
inventory_providers:
|
35
35
|
file:
|
36
36
|
path: './hosts'
|
37
|
+
|
37
38
|
property_providers:
|
39
|
+
## Provide default values to host properties (reverse_merge).
|
38
40
|
- add_default:
|
39
41
|
properties:
|
40
42
|
blah: blahblah
|
41
43
|
# preferred_driver: mitamae
|
44
|
+
attributes:
|
45
|
+
node_attributes_goes_here: hello
|
46
|
+
|
47
|
+
## Run ruby script to mutate host properties
|
48
|
+
- ruby_script:
|
49
|
+
name: name-for-your-convenience # optional
|
50
|
+
script: 'host.properties[:hello] = Time.now.xmlschema'
|
51
|
+
## or
|
52
|
+
# file: path/to/script.rb
|
53
|
+
|
42
54
|
# driver_options:
|
43
55
|
# mitamae:
|
44
56
|
# mitamae_prepare_script: 'wget -O /usr/local/bin/mitamae https://...'
|
@@ -52,6 +64,8 @@ test.example.org:
|
|
52
64
|
properties:
|
53
65
|
# preferred_driver: bundler
|
54
66
|
# preferred_driver: mitamae
|
67
|
+
attributes:
|
68
|
+
node_attributes_goes_here: hello
|
55
69
|
run_list:
|
56
70
|
- roles/app/default.rb
|
57
71
|
```
|
data/hocho.gemspec
CHANGED
@@ -20,10 +20,10 @@ Gem::Specification.new do |spec|
|
|
20
20
|
|
21
21
|
spec.add_dependency "thor"
|
22
22
|
spec.add_dependency "itamae"
|
23
|
-
spec.add_dependency "net-ssh"
|
23
|
+
spec.add_dependency "net-ssh", ">= 4.1.0"
|
24
24
|
spec.add_dependency "hashie"
|
25
25
|
|
26
|
-
spec.add_development_dependency "bundler"
|
27
|
-
spec.add_development_dependency "rake"
|
26
|
+
spec.add_development_dependency "bundler"
|
27
|
+
spec.add_development_dependency "rake"
|
28
28
|
spec.add_development_dependency "rspec"
|
29
29
|
end
|
@@ -25,7 +25,7 @@ module Hocho
|
|
25
25
|
exitstatus, _ = if @mitamae_path.start_with?('/')
|
26
26
|
ssh_run("test -x #{@mitamae_path.shellescape}", error: false)
|
27
27
|
else
|
28
|
-
ssh_run("
|
28
|
+
ssh_run("#{@mitamae_path.shellescape} version 2>/dev/null >/dev/null", error: false)
|
29
29
|
end
|
30
30
|
exitstatus == 0
|
31
31
|
end
|
@@ -21,14 +21,15 @@ module Hocho
|
|
21
21
|
|
22
22
|
ssh_cmd = ['ssh', *host.openssh_config.flat_map { |l| ['-o', "\"#{l}\""] }].join(' ')
|
23
23
|
shm_exclude = shm_prefix.map{ |_| "--exclude=#{_}" }
|
24
|
-
|
24
|
+
compress = host.compress? ? ['-z'] : []
|
25
|
+
rsync_cmd = [*%w(rsync -a --copy-links --copy-unsafe-links --delete --exclude=.git), *compress, *shm_exclude, '--rsh', ssh_cmd, '.', "#{host.hostname}:#{host_basedir}"]
|
25
26
|
|
26
27
|
puts "=> $ #{rsync_cmd.shelljoin}"
|
27
28
|
system(*rsync_cmd, chdir: base_dir) or raise 'failed to rsync'
|
28
29
|
|
29
30
|
unless shm_prefix.empty?
|
30
31
|
shm_include = shm_prefix.map{ |_| "--include=#{_.sub(%r{/\z},'')}/***" }
|
31
|
-
rsync_cmd = [*%w(rsync -
|
32
|
+
rsync_cmd = [*%w(rsync -a --copy-links --copy-unsafe-links --delete), *compress, *shm_include, '--exclude=*', '--rsh', ssh_cmd, '.', "#{host.hostname}:#{host_shm_basedir}"]
|
32
33
|
puts "=> $ #{rsync_cmd.shelljoin}"
|
33
34
|
system(*rsync_cmd, chdir: base_dir) or raise 'failed to rsync'
|
34
35
|
shm_prefix.each do |x|
|
@@ -70,7 +71,12 @@ module Hocho
|
|
70
71
|
|
71
72
|
temporary_passphrase = SecureRandom.base64(129).chomp
|
72
73
|
|
73
|
-
|
74
|
+
local_supports_pbkdf2 = system(*%w(openssl enc -pbkdf2), in: File::NULL, out: File::NULL, err: [:child, :out])
|
75
|
+
remote_supports_pbkdf2 = begin
|
76
|
+
exitstatus, * = ssh_run("openssl enc -pbkdf2", error: false, &:eof!)
|
77
|
+
exitstatus == 0
|
78
|
+
end
|
79
|
+
derive = local_supports_pbkdf2 && remote_supports_pbkdf2 ? %w(-pbkdf2) : []
|
74
80
|
|
75
81
|
encrypted_password = IO.pipe do |r,w|
|
76
82
|
w.write temporary_passphrase
|
@@ -88,7 +94,7 @@ module Hocho
|
|
88
94
|
raise unless temp_executable.start_with?('/')
|
89
95
|
|
90
96
|
ssh_run("chmod 0700 #{temp_executable.shellescape}; cat > #{temp_executable.shellescape}; chmod +x #{temp_executable.shellescape}") do |ch|
|
91
|
-
ch.send_data("#!/bin/bash\nexec openssl enc -aes-128-cbc -d -a -md sha256 -pass env:#{passphrase_env_name} <<< #{encrypted_password.shellescape}\n")
|
97
|
+
ch.send_data("#!/bin/bash\nexec openssl enc -aes-128-cbc -d -a -md sha256 #{derive.shelljoin} -pass env:#{passphrase_env_name} <<< #{encrypted_password.shellescape}\n")
|
92
98
|
ch.eof!
|
93
99
|
end
|
94
100
|
|
data/lib/hocho/host.rb
CHANGED
@@ -1,6 +1,7 @@
|
|
1
1
|
require 'hocho/utils/symbolize'
|
2
2
|
require 'hashie'
|
3
3
|
require 'net/ssh'
|
4
|
+
require 'net/ssh/proxy/jump'
|
4
5
|
require 'net/ssh/proxy/command'
|
5
6
|
|
6
7
|
module Hocho
|
@@ -150,6 +151,8 @@ module Hocho
|
|
150
151
|
[["Port", value]]
|
151
152
|
when :proxy
|
152
153
|
case value
|
154
|
+
when Net::SSH::Proxy::Jump
|
155
|
+
[["ProxyJump", value.jump_proxies]]
|
153
156
|
when Net::SSH::Proxy::Command
|
154
157
|
[["ProxyCommand", value.command_line_template]]
|
155
158
|
when false
|
@@ -163,6 +166,17 @@ module Hocho
|
|
163
166
|
[["User", value]]
|
164
167
|
when :user_known_hosts_file
|
165
168
|
[["UserKnownHostsFile", value]]
|
169
|
+
when :verify_host_key
|
170
|
+
case value
|
171
|
+
when :never
|
172
|
+
[["StrictHostKeyChecking", "no"]]
|
173
|
+
when :accept_new_or_local_tunnel
|
174
|
+
[["StrictHostKeyChecking", "accept-new"]]
|
175
|
+
when :accept_new
|
176
|
+
[["StrictHostKeyChecking", "accept-new"]]
|
177
|
+
when :always
|
178
|
+
[["StrictHostKeyChecking", "yes"]]
|
179
|
+
end
|
166
180
|
end
|
167
181
|
end.compact.map do |keyval|
|
168
182
|
keyval.join(separator)
|
@@ -195,9 +209,16 @@ module Hocho
|
|
195
209
|
|
196
210
|
def make_ssh_connection
|
197
211
|
alt = false
|
212
|
+
# A workaround for a bug on net-ssh: https://github.com/net-ssh/net-ssh/issues/764
|
213
|
+
# :strict_host_key_checking is translated from ssh config. However, Net::SSH.start does not accept
|
214
|
+
# the option as valid one. Remove this part when net-ssh fixes the bug.
|
215
|
+
options = ssh_options
|
216
|
+
unless Net::SSH::VALID_OPTIONS.include?(:strict_host_key_checking)
|
217
|
+
options.delete(:strict_host_key_checking)
|
218
|
+
end
|
198
219
|
begin
|
199
|
-
Net::SSH.start(name, nil,
|
200
|
-
rescue Net::SSH::Exception => e
|
220
|
+
Net::SSH.start(name, nil, options)
|
221
|
+
rescue Net::SSH::Exception, Errno::ECONNREFUSED, Net::SSH::Proxy::ConnectError => e
|
201
222
|
raise if alt
|
202
223
|
raise unless alternate_ssh_options_available?
|
203
224
|
puts "[#{name}] Trying alternate_ssh_options due to #{e.inspect}"
|
@@ -206,5 +227,9 @@ module Hocho
|
|
206
227
|
retry
|
207
228
|
end
|
208
229
|
end
|
230
|
+
|
231
|
+
def compress?
|
232
|
+
properties.fetch(:compress, true)
|
233
|
+
end
|
209
234
|
end
|
210
235
|
end
|
@@ -0,0 +1,27 @@
|
|
1
|
+
module Hocho
|
2
|
+
module PropertyProviders
|
3
|
+
class RubyScript
|
4
|
+
def initialize(name: nil, script: nil, file: nil)
|
5
|
+
@template = case
|
6
|
+
when script
|
7
|
+
compile(script, "(#{name || 'ruby_script'})")
|
8
|
+
when file
|
9
|
+
compile(File.read(file), name ? "(#{name})" : file)
|
10
|
+
end
|
11
|
+
end
|
12
|
+
|
13
|
+
def determine(host)
|
14
|
+
@template.new(host).run
|
15
|
+
nil
|
16
|
+
end
|
17
|
+
|
18
|
+
private
|
19
|
+
|
20
|
+
Template = Struct.new(:host)
|
21
|
+
|
22
|
+
def compile(script, name)
|
23
|
+
binding.eval("Class.new(Template) { def run;\n#{script}\nend; }", name, 0)
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
data/lib/hocho/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: hocho
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.3.
|
4
|
+
version: 0.3.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- sorah (Shota Fukumori)
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2020-06-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: thor
|
@@ -44,14 +44,14 @@ dependencies:
|
|
44
44
|
requirements:
|
45
45
|
- - ">="
|
46
46
|
- !ruby/object:Gem::Version
|
47
|
-
version:
|
47
|
+
version: 4.1.0
|
48
48
|
type: :runtime
|
49
49
|
prerelease: false
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
51
51
|
requirements:
|
52
52
|
- - ">="
|
53
53
|
- !ruby/object:Gem::Version
|
54
|
-
version:
|
54
|
+
version: 4.1.0
|
55
55
|
- !ruby/object:Gem::Dependency
|
56
56
|
name: hashie
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
@@ -70,30 +70,30 @@ dependencies:
|
|
70
70
|
name: bundler
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|
72
72
|
requirements:
|
73
|
-
- - "
|
73
|
+
- - ">="
|
74
74
|
- !ruby/object:Gem::Version
|
75
|
-
version: '
|
75
|
+
version: '0'
|
76
76
|
type: :development
|
77
77
|
prerelease: false
|
78
78
|
version_requirements: !ruby/object:Gem::Requirement
|
79
79
|
requirements:
|
80
|
-
- - "
|
80
|
+
- - ">="
|
81
81
|
- !ruby/object:Gem::Version
|
82
|
-
version: '
|
82
|
+
version: '0'
|
83
83
|
- !ruby/object:Gem::Dependency
|
84
84
|
name: rake
|
85
85
|
requirement: !ruby/object:Gem::Requirement
|
86
86
|
requirements:
|
87
|
-
- - "
|
87
|
+
- - ">="
|
88
88
|
- !ruby/object:Gem::Version
|
89
|
-
version: '
|
89
|
+
version: '0'
|
90
90
|
type: :development
|
91
91
|
prerelease: false
|
92
92
|
version_requirements: !ruby/object:Gem::Requirement
|
93
93
|
requirements:
|
94
|
-
- - "
|
94
|
+
- - ">="
|
95
95
|
- !ruby/object:Gem::Version
|
96
|
-
version: '
|
96
|
+
version: '0'
|
97
97
|
- !ruby/object:Gem::Dependency
|
98
98
|
name: rspec
|
99
99
|
requirement: !ruby/object:Gem::Requirement
|
@@ -142,6 +142,7 @@ files:
|
|
142
142
|
- lib/hocho/property_providers.rb
|
143
143
|
- lib/hocho/property_providers/add_default.rb
|
144
144
|
- lib/hocho/property_providers/base.rb
|
145
|
+
- lib/hocho/property_providers/ruby_script.rb
|
145
146
|
- lib/hocho/runner.rb
|
146
147
|
- lib/hocho/utils/finder.rb
|
147
148
|
- lib/hocho/utils/symbolize.rb
|
@@ -167,7 +168,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
167
168
|
- !ruby/object:Gem::Version
|
168
169
|
version: '0'
|
169
170
|
requirements: []
|
170
|
-
rubygems_version: 3.
|
171
|
+
rubygems_version: 3.1.2
|
171
172
|
signing_key:
|
172
173
|
specification_version: 4
|
173
174
|
summary: Server provisioning tool with itamae
|