hybrid_platforms_conductor 32.13.0 → 32.14.0

data/spec/hybrid_platforms_conductor_test/api/platform_handlers/serverless_chef/packaging_spec.rb

@@ -0,0 +1,213 @@
+describe HybridPlatformsConductor::HpcPlugins::PlatformHandler::ServerlessChef do
+
+  context 'checking services packaging' do
+
+    # Expect a repository to be packaged and mock it
+    #
+    # Parameters::
+    # * *repository* (String): Repository to be packaged
+    # * *policy* (String): Expected policy to be packaged [default: 'test_policy']
+    # * *install* (Boolean): Are we expecting the chef install stage? [default: true]
+    # * *export* (Boolean): Are we expecting the chef export stage? [default: true]
+    # * *data_bags* (Boolean): Do we expect data bags copy? [default: false]
+    # * Proc: Code called with mock in place
+    def with_packaging_mocked(
+      repository,
+      policy: 'test_policy',
+      install: true,
+      export: true,
+      data_bags: false
+    )
+      with_cmd_runner_mocked(
+        if install
+          [
+            [
+              "cd #{repository} && /opt/chef-workstation/bin/chef install policyfiles/#{policy}.rb",
+              proc do
+                File.write("#{repository}/policyfiles/#{policy}.lock.json", '{}')
+                [0, 'Chef install done', '']
+              end
+            ]
+          ]
+        else
+          []
+        end +
+        if export
+          [
+            [
+              /^cd #{Regexp.escape(repository)} &&\s+sudo rm -rf dist\/prod\/#{Regexp.escape(policy)} &&\s+\/opt\/chef-workstation\/bin\/chef export policyfiles\/#{Regexp.escape(policy)}.rb dist\/prod\/#{Regexp.escape(policy)}#{data_bags ? " && cp -ar data_bags/ dist/prod/#{Regexp.escape(policy)}/" : ''}$/,
+              proc do
+                FileUtils.mkdir_p "#{repository}/dist/prod/#{policy}"
+                FileUtils.cp_r("#{repository}/data_bags", "#{repository}/dist/prod/#{policy}/") if data_bags
+                [0, 'Chef export done', '']
+              end
+            ]
+          ]
+        else
+          []
+        end
+      ) do
+        yield
+      end
+    end
+
+    context 'with an empty platform' do
+
+      it 'packages the repository doing nothing' do
+        with_serverless_chef_platforms('empty') do |platform, repository|
+          with_cmd_runner_mocked([]) do
+            platform.package(services: {}, secrets: {}, local_environment: false)
+          end
+        end
+      end
+
+    end
+
+    context 'with a platform having 1 node' do
+
+      it 'packages the repository for a given node and service' do
+        with_serverless_chef_platforms('1_node') do |platform, repository|
+          with_packaging_mocked(repository) do
+            platform.package(services: { 'node' => %w[test_policy] }, secrets: {}, local_environment: false)
+          end
+        end
+      end
+
+      it 'packages the repository without resolving dependencies when the lock file already exists' do
+        with_serverless_chef_platforms('1_node') do |platform, repository|
+          File.write("#{repository}/policyfiles/test_policy.lock.json", '{}')
+          with_packaging_mocked(repository, install: false) do
+            platform.package(services: { 'node' => %w[test_policy] }, secrets: {}, local_environment: false)
+          end
+        end
+      end
+
+      it 'packages the repository with secrets' do
+        with_serverless_chef_platforms('1_node') do |platform, repository|
+          with_packaging_mocked(repository) do
+            platform.package(services: { 'node' => %w[test_policy] }, secrets: { secret: 'value' }, local_environment: false)
+            secret_file = "#{repository}/dist/prod/test_policy/data_bags/hpc_secrets/hpc_secrets.json"
+            expect(File.exist?(secret_file)).to eq true
+            expect(JSON.parse(File.read(secret_file))).to eq(
+              'id' => 'hpc_secrets',
+              'secret' => 'value'
+            )
+          end
+        end
+      end
+
+      it 'does not package the repository twice for the same config' do
+        with_serverless_chef_platforms('1_node', as_git: true) do |platform, repository|
+          with_packaging_mocked(repository) do
+            platform.package(services: { 'node' => %w[test_policy] }, secrets: {}, local_environment: false)
+          end
+          with_cmd_runner_mocked([]) do
+            platform.package(services: { 'node' => %w[test_policy] }, secrets: {}, local_environment: false)
+          end
+        end
+      end
+
+      it 'packages the repository twice when the platform is not taken from git' do
+        with_serverless_chef_platforms('1_node') do |platform, repository|
+          with_packaging_mocked(repository) do
+            platform.package(services: { 'node' => %w[test_policy] }, secrets: {}, local_environment: false)
+          end
+          # Wait 2 seconds so that we are sure later Time.now will return different timestamps
+          sleep 2
+          with_packaging_mocked(repository, install: false) do
+            platform.package(services: { 'node' => %w[test_policy] }, secrets: {}, local_environment: false)
+          end
+        end
+      end
+
+      it 'packages the repository twice when the platform needs different secrets' do
+        with_serverless_chef_platforms('1_node', as_git: true) do |platform, repository|
+          with_packaging_mocked(repository) do
+            platform.package(services: { 'node' => %w[test_policy] }, secrets: { secret: 'value1' }, local_environment: false)
+          end
+          with_packaging_mocked(repository, install: false) do
+            platform.package(services: { 'node' => %w[test_policy] }, secrets: { secret: 'value2' }, local_environment: false)
+          end
+        end
+      end
+
+      it 'packages the repository twice when the platform has new local files' do
+        with_serverless_chef_platforms('1_node', as_git: true) do |platform, repository|
+          with_packaging_mocked(repository) do
+            platform.package(services: { 'node' => %w[test_policy] }, secrets: {}, local_environment: false)
+          end
+          # Make sure we clean the cache (this mocks another Platform Handler instance running)
+          platform.remove_instance_variable :@info
+          with_packaging_mocked(repository, install: false) do
+            File.write("#{repository}/new_file", 'New file')
+            platform.package(services: { 'node' => %w[test_policy] }, secrets: {}, local_environment: false)
+          end
+        end
+      end
+
+      it 'packages the repository twice when the platform has modified local files' do
+        with_serverless_chef_platforms('1_node', as_git: true) do |platform, repository|
+          with_packaging_mocked(repository) do
+            platform.package(services: { 'node' => %w[test_policy] }, secrets: {}, local_environment: false)
+          end
+          # Wait 2 seconds so that we are sure the modified file will return a different timestamp
+          sleep 2
+          with_packaging_mocked(repository, install: false) do
+            File.write("#{repository}/chef_versions.yml", File.read("#{repository}/chef_versions.yml") + "\n\n")
+            platform.package(services: { 'node' => %w[test_policy] }, secrets: {}, local_environment: false)
+          end
+        end
+      end
+
+    end
+
+    context 'with a platform having several nodes' do
+
+      it 'packages 1 service independently from another' do
+        with_serverless_chef_platforms('several_nodes') do |platform, repository|
+          with_packaging_mocked(repository, policy: 'test_policy_1') do
+            platform.package(services: { 'node1' => %w[test_policy_1] }, secrets: {}, local_environment: false)
+          end
+          with_packaging_mocked(repository, policy: 'test_policy_2') do
+            platform.package(services: { 'node2' => %w[test_policy_2] }, secrets: {}, local_environment: false)
+          end
+          with_cmd_runner_mocked([]) do
+            platform.package(services: { 'node1' => %w[test_policy_1] }, secrets: {}, local_environment: false)
+          end
+        end
+      end
+
+      it 'packages 1 service independently of the node on which it is to be deployed' do
+        with_serverless_chef_platforms('several_nodes') do |platform, repository|
+          with_packaging_mocked(repository, policy: 'test_policy_1') do
+            platform.package(services: { 'node1' => %w[test_policy_1] }, secrets: {}, local_environment: false)
+          end
+          with_cmd_runner_mocked([]) do
+            platform.package(services: { 'node2' => %w[test_policy_1] }, secrets: {}, local_environment: false)
+          end
+        end
+      end
+
+    end
+
+    context 'with a platform having data bags' do
+
+      it 'packages data bags' do
+        with_serverless_chef_platforms('data_bags') do |platform, repository|
+          with_packaging_mocked(repository, data_bags: true) do
+            platform.package(services: { 'node' => %w[test_policy] }, secrets: {}, local_environment: false)
+            data_bag_file = "#{repository}/dist/prod/test_policy/data_bags/my_bag/my_item.json"
+            expect(File.exist?(data_bag_file)).to eq true
+            expect(JSON.parse(File.read(data_bag_file))).to eq(
+              'id' => 'my_item',
+              'content' => 'Bag content'
+            )
+          end
+        end
+      end
+
+    end
+
+  end
+
+end

data/spec/hybrid_platforms_conductor_test/api/platform_handlers/serverless_chef/services_deployment_spec.rb

@@ -0,0 +1,268 @@
+describe HybridPlatformsConductor::HpcPlugins::PlatformHandler::ServerlessChef do
+
+  context 'checking services deployment' do
+
+    # Simulate a packaging of a given repository
+    #
+    # Parameters::
+    # * *repository* (String): The repository we package
+    # * *service* (String): The service being packaged in this repository [default: 'test_policy']
+    def mock_package(repository, service: 'test_policy')
+      FileUtils.mkdir_p "#{repository}/dist/prod/#{service}"
+    end
+
+    # Get expected actions to deploy a service on a given node
+    #
+    # Parameters::
+    # * *repository* (String): Platform repository
+    # * *check_mode* (Boolean): Are we expected check-mode? [default: false]
+    # * *sudo* (String): sudo prefix command [default: 'sudo -u root ']
+    # * *env* (String): Environment expected to be packaged [default: 'prod']
+    # * *policy* (String): Expected policy to be packaged [default: 'test_policy']
+    # * *node* (String): Expected node to be deployed [default: 'node']
+    # Result::
+    # * Array: Expected actions
+    def expected_actions_to_deploy_chef(
+      repository,
+      check_mode: false,
+      sudo: 'sudo -u root ',
+      env: 'prod',
+      policy: 'test_policy',
+      node: 'node'
+    )
+      [
+        {
+          remote_bash: [
+            'set -e',
+            'set -o pipefail',
+            "if [ -n \"$(command -v apt)\" ]; then #{sudo}apt update && #{sudo}apt install -y curl build-essential ; else #{sudo}yum groupinstall 'Development Tools' && #{sudo}yum install -y curl ; fi",
+            'mkdir -p ./hpc_deploy',
+            "curl --location https://omnitruck.chef.io/install.sh | tac | tac | #{sudo}bash -s -- -d /opt/artefacts -v 17.0 -s once"
+          ]
+        },
+        {
+          scp: { "#{repository}/dist/#{env}/#{policy}" => './hpc_deploy' },
+          remote_bash: [
+            'set -e',
+            "cd ./hpc_deploy/#{policy}",
+            "#{sudo}SSL_CERT_DIR=/etc/ssl/certs /opt/chef/bin/chef-client --local-mode --chef-license=accept --json-attributes nodes/#{node}.json#{check_mode ? ' --why-run' : ''}",
+            'cd ..',
+            "#{sudo}rm -rf #{policy}"
+          ]
+        }
+      ]
+    end
+
+    context 'with an empty platform' do
+
+      it 'prepares for deploy' do
+        with_serverless_chef_platforms('empty') do |platform, repository|
+          platform.prepare_for_deploy(
+            services: {},
+            secrets: {},
+            local_environment: false,
+            why_run: false
+          )
+        end
+      end
+
+      it 'prepares for deploy in why-run mode' do
+        with_serverless_chef_platforms('empty') do |platform, repository|
+          platform.prepare_for_deploy(
+            services: {},
+            secrets: {},
+            local_environment: false,
+            why_run: true
+          )
+        end
+      end
+
+      it 'prepares for deploy in local mode' do
+        with_serverless_chef_platforms('empty') do |platform, repository|
+          platform.prepare_for_deploy(
+            services: {},
+            secrets: {},
+            local_environment: true,
+            why_run: false
+          )
+        end
+      end
+
+    end
+
+    context 'with a platform having 1 node' do
+
+      it 'returns actions to deploy on this node' do
+        with_serverless_chef_platforms('1_node') do |platform, repository|
+          mock_package(repository)
+          platform.prepare_for_deploy(
+            services: { 'node' => %w[test_policy] },
+            secrets: {},
+            local_environment: false,
+            why_run: false
+          )
+          expect(platform.actions_to_deploy_on('node', 'test_policy', use_why_run: false)).to eq expected_actions_to_deploy_chef(repository)
+        end
+      end
+
+      it 'returns actions to deploy on this node with node attributes setup from metadata' do
+        with_serverless_chef_platforms('1_node') do |platform, repository|
+          test_nodes_handler.override_metadata_of 'node', :new_metadata, 'new_value'
+          mock_package(repository)
+          platform.prepare_for_deploy(
+            services: { 'node' => %w[test_policy] },
+            secrets: {},
+            local_environment: false,
+            why_run: false
+          )
+          expect(platform.actions_to_deploy_on('node', 'test_policy', use_why_run: false)).to eq expected_actions_to_deploy_chef(repository)
+          attributes_file = "#{repository}/dist/prod/test_policy/nodes/node.json"
+          expect(File.exist?(attributes_file)).to eq true
+          expect(JSON.parse(File.read(attributes_file))).to eq(
+            'description' => 'Single test node',
+            'image' => 'debian_9',
+            'new_metadata' => 'new_value',
+            'private_ips' => ['172.16.0.1'],
+            'property1' => { 'property11' => 'value11' },
+            'property2' => 'value2',
+          )
+        end
+      end
+
+      it 'returns actions to deploy on this node with secrets' do
+        with_serverless_chef_platforms('1_node') do |platform, repository|
+          mock_package(repository)
+          platform.prepare_for_deploy(
+            services: { 'node' => %w[test_policy] },
+            secrets: { 'my_secret' => 'secret_value' },
+            local_environment: false,
+            why_run: false
+          )
+          expect(platform.actions_to_deploy_on('node', 'test_policy', use_why_run: false)).to eq expected_actions_to_deploy_chef(repository)
+        end
+      end
+
+      it 'returns actions to deploy on this node in why-run mode' do
+        with_serverless_chef_platforms('1_node') do |platform, repository|
+          mock_package(repository)
+          platform.prepare_for_deploy(
+            services: { 'node' => %w[test_policy] },
+            secrets: {},
+            local_environment: false,
+            why_run: true
+          )
+          expect(platform.actions_to_deploy_on('node', 'test_policy', use_why_run: true)).to eq expected_actions_to_deploy_chef(repository, check_mode: true)
+        end
+      end
+
+      it 'returns actions to deploy on this node using local mode' do
+        with_serverless_chef_platforms('1_node') do |platform, repository|
+          mock_package(repository)
+          platform.prepare_for_deploy(
+            services: { 'node' => %w[test_policy] },
+            secrets: {},
+            local_environment: true,
+            why_run: false
+          )
+          expect(platform.actions_to_deploy_on('node', 'test_policy', use_why_run: false)).to eq expected_actions_to_deploy_chef(repository, env: 'local')
+        end
+      end
+
+      it 'returns actions to deploy on this node in why-run mode and local mode' do
+        with_serverless_chef_platforms('1_node') do |platform, repository|
+          mock_package(repository)
+          platform.prepare_for_deploy(
+            services: { 'node' => %w[test_policy] },
+            secrets: {},
+            local_environment: true,
+            why_run: true
+          )
+          expect(platform.actions_to_deploy_on('node', 'test_policy', use_why_run: true)).to eq expected_actions_to_deploy_chef(repository, env: 'local', check_mode: true)
+        end
+      end
+
+      it 'returns actions to deploy on this node using root user' do
+        with_serverless_chef_platforms('1_node') do |platform, repository|
+          test_actions_executor.connector(:ssh).ssh_user = 'root'
+          mock_package(repository)
+          platform.prepare_for_deploy(
+            services: { 'node' => %w[test_policy] },
+            secrets: {},
+            local_environment: false,
+            why_run: false
+          )
+          expect(platform.actions_to_deploy_on('node', 'test_policy', use_why_run: false)).to eq expected_actions_to_deploy_chef(repository, sudo: '')
+        end
+      end
+
+      it 'fails with a nice message when chef_versions.yml is missing' do
+        with_serverless_chef_platforms('1_node') do |platform, repository|
+          mock_package(repository)
+          platform.prepare_for_deploy(
+            services: { 'node' => %w[test_policy] },
+            secrets: {},
+            local_environment: false,
+            why_run: false
+          )
+          File.unlink("#{repository}/chef_versions.yml")
+          expect { platform.actions_to_deploy_on('node', 'test_policy', use_why_run: false) }.to raise_error "Missing file #{repository}/chef_versions.yml specifying the Chef Infra Client version to be deployed"
+        end
+      end
+
+    end
+
+    context 'with a platform having several nodes' do
+
+      it 'deploys services declared on 1 node on another node if asked' do
+        with_serverless_chef_platforms('several_nodes') do |platform, repository|
+          mock_package(repository)
+          platform.prepare_for_deploy(
+            services: { 'node2' => %w[test_policy_1] },
+            secrets: {},
+            local_environment: false,
+            why_run: false
+          )
+          expect(platform.actions_to_deploy_on('node2', 'test_policy_1', use_why_run: false)).to eq expected_actions_to_deploy_chef(repository, policy: 'test_policy_1', node: 'node2')
+        end
+      end
+
+      it 'deploys local nodes' do
+        with_serverless_chef_platforms('several_nodes') do |platform, repository|
+          mock_package(repository)
+          platform.prepare_for_deploy(
+            services: { 'local' => %w[test_policy_1] },
+            secrets: {},
+            local_environment: false,
+            why_run: false
+          )
+          expect(platform.actions_to_deploy_on('local', 'test_policy_1', use_why_run: false)).to eq [
+            {
+              bash: "cd #{repository}/dist/prod/test_policy_1 && sudo SSL_CERT_DIR=/etc/ssl/certs /opt/chef-workstation/bin/chef-client --local-mode --json-attributes nodes/local.json"
+            }
+          ]
+        end
+      end
+
+    end
+
+    context 'with 2 platforms' do
+
+      it 'deploys a service on a node belonging to another platform' do
+        with_serverless_chef_platforms({ 'p1' => '1_node', 'p2' => 'several_nodes' }) do |repositories|
+          platform_p1, repository_p1 = repositories.find { |platform, _repository| platform.name == 'p1' }
+          mock_package(repository_p1)
+          platform_p1.prepare_for_deploy(
+            services: { 'node2' => %w[test_policy_1] },
+            secrets: {},
+            local_environment: false,
+            why_run: false
+          )
+          expect(platform_p1.actions_to_deploy_on('node2', 'test_policy_1', use_why_run: false)).to eq expected_actions_to_deploy_chef(repository_p1, policy: 'test_policy_1', node: 'node2')
+        end
+      end
+
+    end
+
+  end
+
+end