hybrid_platforms_conductor 32.16.3 → 33.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (93) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +42 -0
  3. data/README.md +6 -3
  4. data/bin/last_deploys +4 -1
  5. data/bin/nodes_to_deploy +5 -5
  6. data/docs/config_dsl.md +45 -1
  7. data/docs/executables.md +6 -7
  8. data/docs/executables/check-node.md +3 -3
  9. data/docs/executables/deploy.md +3 -3
  10. data/docs/executables/dump_nodes_json.md +3 -3
  11. data/docs/executables/test.md +3 -3
  12. data/docs/executables/topograph.md +3 -3
  13. data/docs/gen/mermaid/README.md-0.png +0 -0
  14. data/docs/gen/mermaid/docs/executables/check-node.md-0.png +0 -0
  15. data/docs/gen/mermaid/docs/executables/deploy.md-0.png +0 -0
  16. data/docs/gen/mermaid/docs/executables/free_ips.md-0.png +0 -0
  17. data/docs/gen/mermaid/docs/executables/get_impacted_nodes.md-0.png +0 -0
  18. data/docs/gen/mermaid/docs/executables/last_deploys.md-0.png +0 -0
  19. data/docs/gen/mermaid/docs/executables/nodes_to_deploy.md-0.png +0 -0
  20. data/docs/gen/mermaid/docs/executables/report.md-0.png +0 -0
  21. data/docs/gen/mermaid/docs/executables/run.md-0.png +0 -0
  22. data/docs/gen/mermaid/docs/executables/ssh_config.md-0.png +0 -0
  23. data/docs/gen/mermaid/docs/executables/test.md-0.png +0 -0
  24. data/docs/plugins.md +47 -0
  25. data/docs/plugins/connector/ssh.md +1 -1
  26. data/docs/plugins/log/remote_fs.md +26 -0
  27. data/docs/plugins/secrets_reader/cli.md +31 -0
  28. data/docs/plugins/secrets_reader/thycotic.md +46 -0
  29. data/docs/plugins/test/bitbucket_conf.md +1 -1
  30. data/docs/plugins/test/check_deploy_and_idempotence.md +1 -1
  31. data/docs/plugins/test/connection.md +1 -0
  32. data/docs/plugins/test/deploy_removes_root_access.md +1 -1
  33. data/docs/plugins/test/file_system.md +1 -0
  34. data/docs/plugins/test/github_ci.md +48 -0
  35. data/docs/plugins/test/hostname.md +1 -0
  36. data/docs/plugins/test/ip.md +1 -0
  37. data/docs/plugins/test/jenkins_ci_conf.md +1 -1
  38. data/docs/plugins/test/jenkins_ci_masters_ok.md +1 -1
  39. data/docs/plugins/test/local_users.md +1 -0
  40. data/docs/plugins/test/mounts.md +1 -0
  41. data/docs/plugins/test/orphan_files.md +1 -0
  42. data/docs/plugins/test/ports.md +1 -0
  43. data/docs/plugins/test/spectre.md +1 -0
  44. data/docs/plugins/test/vulnerabilities.md +1 -0
  45. data/lib/hybrid_platforms_conductor/actions_executor.rb +8 -1
  46. data/lib/hybrid_platforms_conductor/common_config_dsl/github.rb +62 -0
  47. data/lib/hybrid_platforms_conductor/deployer.rb +193 -141
  48. data/lib/hybrid_platforms_conductor/hpc_plugins/connector/ssh.rb +3 -3
  49. data/lib/hybrid_platforms_conductor/hpc_plugins/log/my_log_plugin.rb.sample +100 -0
  50. data/lib/hybrid_platforms_conductor/hpc_plugins/log/remote_fs.rb +179 -0
  51. data/lib/hybrid_platforms_conductor/hpc_plugins/secrets_reader/cli.rb +75 -0
  52. data/lib/hybrid_platforms_conductor/hpc_plugins/secrets_reader/my_secrets_reader_plugin.rb.sample +46 -0
  53. data/lib/hybrid_platforms_conductor/hpc_plugins/secrets_reader/thycotic.rb +87 -0
  54. data/lib/hybrid_platforms_conductor/hpc_plugins/test/check_deploy_and_idempotence.rb +1 -1
  55. data/lib/hybrid_platforms_conductor/hpc_plugins/test/connection.rb +3 -1
  56. data/lib/hybrid_platforms_conductor/hpc_plugins/test/deploy_freshness.rb +7 -20
  57. data/lib/hybrid_platforms_conductor/hpc_plugins/test/deploy_removes_root_access.rb +1 -1
  58. data/lib/hybrid_platforms_conductor/hpc_plugins/test/file_system.rb +2 -1
  59. data/lib/hybrid_platforms_conductor/hpc_plugins/test/github_ci.rb +32 -0
  60. data/lib/hybrid_platforms_conductor/hpc_plugins/test/hostname.rb +3 -1
  61. data/lib/hybrid_platforms_conductor/hpc_plugins/test/ip.rb +3 -1
  62. data/lib/hybrid_platforms_conductor/hpc_plugins/test/local_users.rb +3 -1
  63. data/lib/hybrid_platforms_conductor/hpc_plugins/test/mounts.rb +3 -1
  64. data/lib/hybrid_platforms_conductor/hpc_plugins/test/orphan_files.rb +3 -1
  65. data/lib/hybrid_platforms_conductor/hpc_plugins/test/ports.rb +3 -1
  66. data/lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb +3 -1
  67. data/lib/hybrid_platforms_conductor/hpc_plugins/test/vulnerabilities.rb +2 -1
  68. data/lib/hybrid_platforms_conductor/log.rb +31 -0
  69. data/lib/hybrid_platforms_conductor/plugins.rb +1 -0
  70. data/lib/hybrid_platforms_conductor/secrets_reader.rb +31 -0
  71. data/lib/hybrid_platforms_conductor/test_only_remote_node.rb +18 -0
  72. data/lib/hybrid_platforms_conductor/version.rb +1 -1
  73. data/spec/hybrid_platforms_conductor_test.rb +27 -6
  74. data/spec/hybrid_platforms_conductor_test/api/actions_executor/connectors/ssh/connections_spec.rb +3 -3
  75. data/spec/hybrid_platforms_conductor_test/api/deployer/config_dsl_spec.rb +46 -4
  76. data/spec/hybrid_platforms_conductor_test/api/deployer/deploy_spec.rb +187 -212
  77. data/spec/hybrid_platforms_conductor_test/api/deployer/log_plugins/remote_fs_spec.rb +223 -0
  78. data/spec/hybrid_platforms_conductor_test/api/deployer/provisioner_spec.rb +4 -4
  79. data/spec/hybrid_platforms_conductor_test/api/deployer/secrets_reader_plugins/cli_spec.rb +63 -0
  80. data/spec/hybrid_platforms_conductor_test/api/deployer/secrets_reader_plugins/thycotic_spec.rb +253 -0
  81. data/spec/hybrid_platforms_conductor_test/api/tests_runner/global_spec.rb +1 -1
  82. data/spec/hybrid_platforms_conductor_test/api/tests_runner/test_plugins/github_ci_spec.rb +72 -0
  83. data/spec/hybrid_platforms_conductor_test/executables/last_deploys_spec.rb +146 -98
  84. data/spec/hybrid_platforms_conductor_test/executables/nodes_to_deploy_spec.rb +240 -83
  85. data/spec/hybrid_platforms_conductor_test/executables/options/common_spec.rb +2 -1
  86. data/spec/hybrid_platforms_conductor_test/executables/options/deployer_spec.rb +0 -182
  87. data/spec/hybrid_platforms_conductor_test/helpers/connector_ssh_helpers.rb +1 -1
  88. data/spec/hybrid_platforms_conductor_test/helpers/deployer_helpers.rb +40 -53
  89. data/spec/hybrid_platforms_conductor_test/helpers/deployer_test_helpers.rb +251 -15
  90. data/spec/hybrid_platforms_conductor_test/test_log_no_read_plugin.rb +82 -0
  91. data/spec/hybrid_platforms_conductor_test/test_log_plugin.rb +103 -0
  92. data/spec/hybrid_platforms_conductor_test/test_secrets_reader_plugin.rb +45 -0
  93. metadata +41 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 22f6bf2ee85b7db6649e517503f00dd71f0604d4afb3a12bee347820af4d90e2
4
- data.tar.gz: 7804ffa80bb56697c98970b1d781a5e3be12b27bc8c38a3df9eb26b666791ed8
3
+ metadata.gz: ae17e600c52586447071f6f463ee1525754327c0be4a147bec7d3ebcb13b018d
4
+ data.tar.gz: 9e4dc83a6d37fc9c17b99fd9a16eae20b73673dd492dde52679a159ed922a3d5
5
5
  SHA512:
6
- metadata.gz: a89d17b28222ca1e32a132d42167a9b7b78e59b8ddb281f2805200e2a6a356e6547ee316fdacedc2c00d53ee14956027ea17b0a0424bd7fd8ad3260ba071d873
7
- data.tar.gz: b29e79b9d21b8b9019307918c05c73c8d422c5fb942e6f3dc0c9fd317c293430e7a4658ed5551503f9bbf9fdf7bd17394904e0e7aabcb664101b555309c6b912
6
+ metadata.gz: d9b89fc3f6ed1fe6e87f23aa1519b32dc62bdcf861b0332088909b1ac8945adf273425c97860c0df5131069921c6adfed60d265cbfe9c1d50a6e4cd5099cc420
7
+ data.tar.gz: d9b3d6d66250552aaec66672b2b9fc97843eb39fc5578a34b74c44f9a4511bccf7978ef59559a4a21b276557e6293418e3350b8151308000d478e22aba84ab56
data/CHANGELOG.md CHANGED
@@ -1,3 +1,45 @@
1
+ # [v33.0.0](https://github.com/sweet-delights/hybrid-platforms-conductor/compare/v32.18.0...v33.0.0) (2021-06-15 16:10:47)
2
+
3
+ ### Breaking changes
4
+
5
+ * [[Breaking] Add secrets reader plugins with 2 default plugins: cli and thycotic](https://github.com/sweet-delights/hybrid-platforms-conductor/commit/2cfacebe8cfac57de40ef003877da5b99aca5b5e)
6
+
7
+ # [v32.18.0](https://github.com/sweet-delights/hybrid-platforms-conductor/compare/v32.17.1...v32.18.0) (2021-06-14 15:01:02)
8
+
9
+ ## Global changes
10
+ ### Patches
11
+
12
+ * [[Feature(log_remote_fs)] [#60] Add new plugins type log with a first log plugin remote_fs to extend deployment logs save functionality](https://github.com/sweet-delights/hybrid-platforms-conductor/commit/20187c6da577c932b5205204187af883140995fe)
13
+
14
+ ## Changes for log_remote_fs
15
+ ### Features
16
+
17
+ * [[Feature(log_remote_fs)] [#60] Add new plugins type log with a first log plugin remote_fs to extend deployment logs save functionality](https://github.com/sweet-delights/hybrid-platforms-conductor/commit/20187c6da577c932b5205204187af883140995fe)
18
+
19
+ # [v32.17.1](https://github.com/sweet-delights/hybrid-platforms-conductor/compare/v32.17.0...v32.17.1) (2021-06-03 16:20:09)
20
+
21
+ ### Patches
22
+
23
+ * [[Hotfix] Don't run remote nodes tests on local nodes](https://github.com/sweet-delights/hybrid-platforms-conductor/commit/fe8e34a4d74f21d4903c14b1e156b9730f4b5fee)
24
+
25
+ # [v32.17.0](https://github.com/sweet-delights/hybrid-platforms-conductor/compare/v32.16.4...v32.17.0) (2021-06-02 12:57:44)
26
+
27
+ ## Global changes
28
+ ### Patches
29
+
30
+ * [[Feature(test_github_ci)] [#61] Add the github_ci test plugin to check for CI/CD of projects on Github](https://github.com/sweet-delights/hybrid-platforms-conductor/commit/a0082efe5c138ca88ca91a3c10f777f47fca5034)
31
+
32
+ ## Changes for test_github_ci
33
+ ### Features
34
+
35
+ * [[Feature(test_github_ci)] [#61] Add the github_ci test plugin to check for CI/CD of projects on Github](https://github.com/sweet-delights/hybrid-platforms-conductor/commit/a0082efe5c138ca88ca91a3c10f777f47fca5034)
36
+
37
+ # [v32.16.4](https://github.com/sweet-delights/hybrid-platforms-conductor/compare/v32.16.3...v32.16.4) (2021-06-01 13:25:19)
38
+
39
+ ### Patches
40
+
41
+ * [[Hotfix] Fixed boolean values incorrectly used as strings](https://github.com/sweet-delights/hybrid-platforms-conductor/commit/a107f3e0fe4c1512ce7607a303fdf0753d92ddac)
42
+
1
43
  # [v32.16.3](https://github.com/sweet-delights/hybrid-platforms-conductor/compare/v32.16.2...v32.16.3) (2021-06-01 11:19:50)
2
44
 
3
45
  ## Global changes
data/README.md CHANGED
@@ -216,13 +216,13 @@ Connector ssh options:
216
216
  --ssh-gateways-conf
217
217
 
218
218
  Deployer options:
219
- -e, --secrets SECRETS_LOCATION Specify a secrets location. Can be specified several times. Location can be:
220
- * Local path to a JSON file
221
- * URL of the form http[s]://<url>:<secret_id> to get a secret JSON file from a Thycotic Secret Server at the given URL.
222
219
  -p, --parallel Execute the commands in parallel (put the standard output in files <hybrid-platforms-dir>/run_logs/*.stdout)
223
220
  -t, --timeout SECS Timeout in seconds to wait for each chef run. Only used in why-run mode. (defaults to no timeout)
224
221
  -W, --why-run Use the why-run mode to see what would be the result of the deploy instead of deploying it for real.
225
222
  --retries-on-error NBR Number of retries in case of non-deterministic errors (defaults to 0)
223
+
224
+ Secrets reader cli options:
225
+ -e, --secrets JSON_FILE Specify a secrets location from a local JSON file. Can be specified several times.
226
226
  ```
227
227
 
228
228
  All executables also have the `--debug` switch to display more verbose and debugging information.
@@ -263,6 +263,7 @@ participant PlatformHandler as Platform Handler
263
263
  participant PlatformRepo as Platform repository (ie Chef)
264
264
  participant Connector as Connector (ie SSH)
265
265
  participant Node as Provisioned node (my_node)
266
+ participant Log as Log
266
267
 
267
268
  Deploy->>+CMDB: Get services to be deployed on my_node
268
269
  CMDB->>+PlatformHandler: Get my_node metadata from the platform
@@ -276,6 +277,8 @@ Deploy->>+Connector: Connect to my_node to execute actions
276
277
  Connector->>+Node: Execute actions through SSH to deploy my_web_app on my_node
277
278
  Node-->>-Connector: my_web_app is deployed successfully
278
279
  Connector-->>-Deploy: Close connection
280
+ Deploy->>+Log: Save deployment logs
281
+ Log-->>-Deploy: Deployment logs saved
279
282
  ```
280
283
  </details>
281
284
  <!-- Mermaid generator - Section end -->
data/bin/last_deploys CHANGED
@@ -36,7 +36,10 @@ sorted_deploy_info = Hash[
36
36
  deployer.deployment_info_from(nodes_handler.select_nodes(executable.selected_nodes.empty? ? [{ all: true }] : executable.selected_nodes)).
37
37
  map do |node, deploy_info|
38
38
  decorated_deploy_info = deploy_info.merge(node: node)
39
- decorated_deploy_info[:date] = deploy_info[:date].strftime('%F %T') if deploy_info.key?(:date)
39
+ if deploy_info.key?(:deployment_info)
40
+ decorated_deploy_info.merge!(deploy_info[:deployment_info])
41
+ decorated_deploy_info[:date] = deploy_info[:date].strftime('%F %T') if deploy_info.key?(:date)
42
+ end
40
43
  decorated_deploy_info[:services] = deploy_info[:services].join(', ') if deploy_info.key?(:services)
41
44
  [node, decorated_deploy_info]
42
45
  end
data/bin/nodes_to_deploy CHANGED
@@ -60,16 +60,16 @@ unless ignore_deploy_info
60
60
  if node_deploy_info.key?(:error)
61
61
  executable.log_warn "[ #{node} ] - Deployment in error: #{node_deploy_info[:error]}"
62
62
  true
63
- elsif !node_deploy_info.key?(:exit_status) || node_deploy_info[:exit_status] != '0'
63
+ elsif !node_deploy_info.key?(:exit_status) || node_deploy_info[:exit_status] != 0
64
64
  executable.log_warn "[ #{node} ] - Last deployment did not end successfully: #{node_deploy_info[:exit_status]}"
65
65
  true
66
- elsif node_deploy_info.key?(:repo_name_0)
66
+ elsif node_deploy_info[:deployment_info].key?(:repo_name_0)
67
67
  node_impacted = false
68
68
  # Loop over all possible repositories concerned by this deployment
69
69
  repo_idx = 0
70
- while node_deploy_info.key?("repo_name_#{repo_idx}".to_sym) do
71
- repo_name = node_deploy_info["repo_name_#{repo_idx}".to_sym]
72
- commit_id = node_deploy_info["commit_id_#{repo_idx}".to_sym]
70
+ while node_deploy_info[:deployment_info].key?("repo_name_#{repo_idx}".to_sym) do
71
+ repo_name = node_deploy_info[:deployment_info]["repo_name_#{repo_idx}".to_sym]
72
+ commit_id = node_deploy_info[:deployment_info]["commit_id_#{repo_idx}".to_sym]
73
73
  impacted_nodes = cache_impacted_nodes.dig(repo_name, commit_id)
74
74
  if impacted_nodes.nil?
75
75
  begin
data/docs/config_dsl.md CHANGED
@@ -2,7 +2,7 @@
2
2
 
3
3
  The DSL used in configuration files is comprised of Ruby methods that can be called directly in the main `hpc_config.rb` file.
4
4
 
5
- This DSL can also be completed by plugins. Check [the plugins documentations](plugins) to know about DSL extensions brought by plugins.
5
+ This DSL can also be completed by plugins. Check [the plugins documentations](plugins.md) to know about DSL extensions brought by plugins.
6
6
 
7
7
  # Table of Contents
8
8
  * [`<platform_type>_platform`](#platform_type_platform)
@@ -13,6 +13,8 @@ This DSL can also be completed by plugins. Check [the plugins documentations](pl
13
13
  * [`hybrid_platforms_dir`](#hybrid_platforms_dir)
14
14
  * [`tests_provisioner`](#tests_provisioner)
15
15
  * [`expect_tests_to_fail`](#expect_tests_to_fail)
16
+ * [`read_secrets_from`](#read_secrets_from)
17
+ * [`send_logs_to`](#send_logs_to)
16
18
  * [`retry_deploy_for_errors_on_stdout`](#retry_deploy_for_errors_on_stdout)
17
19
  * [`retry_deploy_for_errors_on_stderr`](#retry_deploy_for_errors_on_stderr)
18
20
  * [`packaging_timeout`](#packaging_timeout)
@@ -200,6 +202,48 @@ for_nodes('/tst/') do
200
202
  end
201
203
  ```
202
204
 
205
+ <a name="read_secrets_from"></a>
206
+ ## `read_secrets_from`
207
+
208
+ Set the list of [secrets reader plugins](plugins.md#secrets_reader) to use.
209
+ By default (if no plugins is specifically set) the [secrets reader plugin `cli`](plugins/secrets_reader/cli.md) is being used.
210
+
211
+ Takes the list of secrets reader plugin names, as symbols, as a parameter.
212
+
213
+ Can be applied to subset of nodes using the [`for_nodes` DSL method](#for_nodes).
214
+
215
+ Examples:
216
+ ```ruby
217
+ # By default, get secrets from the command-line
218
+ read_secrets_from :cli
219
+
220
+ # All our production nodes also have their secrets stored on a secured Thycotic server
221
+ for_nodes('/prd/') do
222
+ read_secrets_from :thycotic
223
+ end
224
+ ```
225
+
226
+ <a name="send_logs_to"></a>
227
+ ## `send_logs_to`
228
+
229
+ Set the list of [log plugins](plugins.md#log) to use to save logs.
230
+ By default (if no plugins is specifically set) the [log plugin `remote_fs`](plugins/log/remote_fs.md) is being used.
231
+
232
+ Takes the list of log plugin names, as symbols, as a parameter.
233
+
234
+ Can be applied to subset of nodes using the [`for_nodes` DSL method](#for_nodes).
235
+
236
+ Examples:
237
+ ```ruby
238
+ # By default, everything gets logged on the nodes
239
+ send_logs_to :remote_fs
240
+
241
+ # All our production nodes also have their logs uploaded on our logs servers
242
+ for_nodes('/prd/') do
243
+ send_logs_to :datadog_log_server, :loggly
244
+ end
245
+ ```
246
+
203
247
  <a name="retry_deploy_for_errors_on_stdout"></a>
204
248
  ## `retry_deploy_for_errors_on_stdout`
205
249
 
data/docs/executables.md CHANGED
@@ -132,25 +132,22 @@ The Deployer options are used to drive a deployment (be it in why-run mode or no
132
132
 
133
133
  ```
134
134
  Deployer options:
135
- -e, --secrets SECRETS_LOCATION Specify a secrets location. Can be specified several times. Location can be:
136
- * Local path to a JSON file
137
- * URL of the form http[s]://<url>:<secret_id> to get a secret JSON file from a Thycotic Secret Server at the given URL.
138
135
  -p, --parallel Execute the commands in parallel (put the standard output in files <hybrid-platforms-dir>/run_logs/*.stdout)
139
136
  -t, --timeout SECS Timeout in seconds to wait for each chef run. Only used in why-run mode. (defaults to no timeout)
140
137
  -W, --why-run Use the why-run mode to see what would be the result of the deploy instead of deploying it for real.
141
138
  --retries-on-error NBR Number of retries in case of non-deterministic errors (defaults to 0)
139
+
140
+ Secrets reader cli options:
141
+ -e, --secrets JSON_FILE Specify a secrets location from a local JSON file. Can be specified several times.
142
142
  ```
143
143
 
144
- * `--secrets SECRETS_LOCATION`: Specify a JSON file storing secrets that can be used by the deployment process. Secrets are values that are needed for deployment but that should not be part of the platforms repositories (such as passwords, API keys, SSL certificates...).
145
- The location can be:
146
- * A local file path (for example /path/to/file.json).
147
- * A Thycotic Secret Server URL followed by a secret id (for example https://portal.muc.msp.my_company.net/SecretServer:8845).
148
144
  * `--parallel`: Specify that the deployment process should perform concurrently on the different nodes it has to deploy to.
149
145
  * `--timeout SECS`: Specify the timeout (in seconds) to apply while deploying. This can be set only in why-run mode.
150
146
  * `--why-run`: Specify the why-run mode. The why-run mode is used to simulate a deployment on the nodes, and report what a real deployment would have changed on the node.
151
147
  * `--retries-on-error NBR`: Specify the number of retries deploys can do in case of non-deterministic errors.
152
148
  Non-deterministic errors are matched using a set of strings or regular expressions that can be configured in the `hpc_config.rb` file of any platform, using the `retry_deploy_for_errors_on_stdout` and `retry_deploy_for_errors_on_stderr` properties:
153
149
  For example:
150
+
154
151
  ```ruby
155
152
  retry_deploy_for_errors_on_stdout [
156
153
  'This is a raw string error that will be matched against stdout',
@@ -161,6 +158,8 @@ retry_deploy_for_errors_on_stderr [
161
158
  ]
162
159
  ```
163
160
 
161
+ * `--secrets SECRETS_LOCATION`: Specify a JSON file storing secrets that can be used by the deployment process. Secrets are values that are needed for deployment but that should not be part of the platforms repositories (such as passwords, API keys, SSL certificates...). This option is used by the [`cli` secrets reader plugin](plugins/secrets_reader/cli.md). See [secrets reader plugins](plugins.md#secrets_reader) for more info about secrets retrieval.
162
+
164
163
  ## JSON dump options
165
164
 
166
165
  The JSON dump options drive the way nodes' JSON information is being dumped.
@@ -65,11 +65,11 @@ Connector ssh options:
65
65
  --ssh-gateways-conf
66
66
 
67
67
  Deployer options:
68
- -e, --secrets SECRETS_LOCATION Specify a secrets location. Can be specified several times. Location can be:
69
- * Local path to a JSON file
70
- * URL of the form http[s]://<url>:<secret_id> to get a secret JSON file from a Thycotic Secret Server at the given URL.
71
68
  -t, --timeout SECS Timeout in seconds to wait for each chef run. Only used in why-run mode. (defaults to no timeout)
72
69
  --retries-on-error NBR Number of retries in case of non-deterministic errors (defaults to 0)
70
+
71
+ Secrets reader cli options:
72
+ -e, --secrets JSON_FILE Specify a secrets location from a local JSON file. Can be specified several times.
73
73
  ```
74
74
 
75
75
  ## Examples
@@ -82,13 +82,13 @@ Connector ssh options:
82
82
  --ssh-gateways-conf
83
83
 
84
84
  Deployer options:
85
- -e, --secrets SECRETS_LOCATION Specify a secrets location. Can be specified several times. Location can be:
86
- * Local path to a JSON file
87
- * URL of the form http[s]://<url>:<secret_id> to get a secret JSON file from a Thycotic Secret Server at the given URL.
88
85
  -p, --parallel Execute the commands in parallel (put the standard output in files <hybrid-platforms-dir>/run_logs/*.stdout)
89
86
  -t, --timeout SECS Timeout in seconds to wait for each chef run. Only used in why-run mode. (defaults to no timeout)
90
87
  -W, --why-run Use the why-run mode to see what would be the result of the deploy instead of deploying it for real.
91
88
  --retries-on-error NBR Number of retries in case of non-deterministic errors (defaults to 0)
89
+
90
+ Secrets reader cli options:
91
+ -e, --secrets JSON_FILE Specify a secrets location from a local JSON file. Can be specified several times.
92
92
  ```
93
93
 
94
94
  ## Examples
@@ -54,13 +54,13 @@ Connector ssh options:
54
54
  --ssh-gateways-conf
55
55
 
56
56
  Deployer options:
57
- -e, --secrets SECRETS_LOCATION Specify a secrets location. Can be specified several times. Location can be:
58
- * Local path to a JSON file
59
- * URL of the form http[s]://<url>:<secret_id> to get a secret JSON file from a Thycotic Secret Server at the given URL.
60
57
  -t, --timeout SECS Timeout in seconds to wait for each chef run. Only used in why-run mode. (defaults to 30)
61
58
  -W, --why-run Use the why-run mode to see what would be the result of the deploy instead of deploying it for real.
62
59
  --retries-on-error NBR Number of retries in case of non-deterministic errors (defaults to 0)
63
60
 
61
+ Secrets reader cli options:
62
+ -e, --secrets JSON_FILE Specify a secrets location from a local JSON file. Can be specified several times.
63
+
64
64
  JSON dump options:
65
65
  -k, --skip-run Skip the actual gathering of dumps in run_logs. If set, the current run_logs content will be used.
66
66
  -j, --json-dir DIRECTORY Specify the output directory in which JSON files are being written. Defaults to nodes_json.
@@ -93,11 +93,11 @@ Connector ssh options:
93
93
  --ssh-gateways-conf
94
94
 
95
95
  Deployer options:
96
- -e, --secrets SECRETS_LOCATION Specify a secrets location. Can be specified several times. Location can be:
97
- * Local path to a JSON file
98
- * URL of the form http[s]://<url>:<secret_id> to get a secret JSON file from a Thycotic Secret Server at the given URL.
99
96
  --retries-on-error NBR Number of retries in case of non-deterministic errors (defaults to 0)
100
97
 
98
+ Secrets reader cli options:
99
+ -e, --secrets JSON_FILE Specify a secrets location from a local JSON file. Can be specified several times.
100
+
101
101
  Tests runner options:
102
102
  -i, --tests-list FILE_NAME Specify a tests file name. The file should contain a list of tests name (1 per line). Can be used several times.
103
103
  -k, --skip-run Skip running the check-node commands for real, and just analyze existing run logs.
@@ -39,12 +39,12 @@ Connector ssh options:
39
39
  --ssh-gateways-conf
40
40
 
41
41
  Deployer options:
42
- -e, --secrets SECRETS_LOCATION Specify a secrets location. Can be specified several times. Location can be:
43
- * Local path to a JSON file
44
- * URL of the form http[s]://<url>:<secret_id> to get a secret JSON file from a Thycotic Secret Server at the given URL.
45
42
  -t, --timeout SECS Timeout in seconds to wait for each chef run. Only used in why-run mode. (defaults to 30)
46
43
  --retries-on-error NBR Number of retries in case of non-deterministic errors (defaults to 0)
47
44
 
45
+ Secrets reader cli options:
46
+ -e, --secrets JSON_FILE Specify a secrets location from a local JSON file. Can be specified several times.
47
+
48
48
  JSON dump options:
49
49
  -j, --json-dir DIRECTORY Specify the output directory in which JSON files are being written. Defaults to nodes_json.
50
50
 
Binary file
data/docs/plugins.md CHANGED
@@ -10,9 +10,11 @@ Following are all possible plugin types and the plugins shipped by default with
10
10
  * [`action`](#action)
11
11
  * [`cmdb`](#cmdb)
12
12
  * [`connector`](#connector)
13
+ * [`log`](#log)
13
14
  * [`platform_handler`](#platform_handler)
14
15
  * [`provisioner`](#provisioner)
15
16
  * [`report`](#report)
17
+ * [`secrets_reader`](#secrets_reader)
16
18
  * [`test`](#test)
17
19
  * [`test_report`](#test_report)
18
20
 
@@ -79,6 +81,30 @@ Plugins shipped by default:
79
81
  * [`local`](plugins/connector/local.md)
80
82
  * [`ssh`](plugins/connector/ssh.md)
81
83
 
84
+ <a name="log"></a>
85
+ ## Logs
86
+
87
+ Save deployment logs to a given medium (files, log servers...).
88
+
89
+ Corresponding plugin type: `log`.
90
+
91
+ These plugins give ways for the [`Deployer`](../lib/hybrid_platforms_conductor/deployer.rb) to save logs output from services deployments on nodes.
92
+ Information that can be saved is:
93
+ * The deployment stdout.
94
+ * The deployment stderr.
95
+ * The deployment exit status.
96
+ * The list of services that have been deployed.
97
+ * Some deployment metadata (like git commits information that have been deployed).
98
+
99
+ Examples of log plugins are:
100
+ * Remote file system: Save logs on the node's remote file system (useful for local debugging).
101
+ * Log servers: Send logs to log servers.
102
+
103
+ Check the [sample plugin file](../lib/hybrid_platforms_conductor/hpc_plugins/log/my_log_plugin.rb.sample) to know more about the API that needs to be implemented by such plugins.
104
+
105
+ Plugins shipped by default:
106
+ * [`remote_fs`](plugins/log/remote_fs.md)
107
+
82
108
  <a name="platform_handler"></a>
83
109
  ## Platform Handlers
84
110
 
@@ -152,6 +178,26 @@ Plugins shipped by default:
152
178
  * [`mediawiki`](plugins/report/mediawiki.md)
153
179
  * [`stdout`](plugins/report/stdout.md)
154
180
 
181
+ <a name="secrets_reader"></a>
182
+ ## Secrets readers
183
+
184
+ Secrets reader are responsible for fetching secrets (passwords, private keys, API tokens...) needed during deployment from various sources (command line, environment, vaults, secrets servers...).
185
+
186
+ Corresponding plugin type: `secrets_reader`.
187
+
188
+ These plugins add new ways to retrieve secrets used by the [`Deployer`](../lib/hybrid_platforms_conductor/deployer.rb)
189
+
190
+ Examples of secrets readers are:
191
+ * Command-line: Give secrets from a local file.
192
+ * Vault: Get secrets from vaults (encrypted databases).
193
+ * Secrets servers: Query secrets servers to retrieve secrets.
194
+
195
+ Check the [sample plugin file](../lib/hybrid_platforms_conductor/hpc_plugins/secrets_reader/my_secrets_reader_plugin.rb.sample) to know more about the API that needs to be implemented by such plugins.
196
+
197
+ Plugins shipped by default:
198
+ * [`cli`](plugins/secrets_reader/cli.md)
199
+ * [`thycotic`](plugins/secrets_reader/thycotic.md)
200
+
155
201
  <a name="test"></a>
156
202
  ## Tests
157
203
 
@@ -182,6 +228,7 @@ Plugins shipped by default:
182
228
  * [`executables`](plugins/test/executables.md)
183
229
  * [`file_system_hdfs`](plugins/test/file_system_hdfs.md)
184
230
  * [`file_system`](plugins/test/file_system.md)
231
+ * [`github_ci`](plugins/test/github_ci.md)
185
232
  * [`hostname`](plugins/test/hostname.md)
186
233
  * [`idempotence`](plugins/test/idempotence.md)
187
234
  * [`ip`](plugins/test/ip.md)
@@ -70,7 +70,7 @@ end
70
70
  | `host_keys` | `Array<String>` | The node's host keys used to generate a `known_hosts` file with those to avoid user confirmations when connecting. |
71
71
  | `hostname` | `String` | Host name used to connect in case no IP address can be found in metadata. |
72
72
  | `private_ips` | `Array<String>` | IP list to connect in case `host_ip` is not defined in metadata. |
73
- | `ssh_session_exec` | `String` | If set to the string `false`, then consider that the node does not have any SSH SessionExec capabilities. This will make sure that remote command executions is done using stdin piping on interactive sessions instead of SSH commands execution. |
73
+ | `ssh_session_exec` | `Boolean` | If set to `false`, then consider that the node does not have any SSH SessionExec capabilities. This will make sure that remote command executions is done using stdin piping on interactive sessions instead of SSH commands execution. |
74
74
 
75
75
  ## Used environment variables
76
76
 
@@ -0,0 +1,26 @@
1
+ # Log plugin: `remote_fs`
2
+
3
+ The `remote_fs` log plugin saves deployment logs in each remote node that has been deployed, in the `/var/log/deployments` directory.
4
+
5
+ ## Config DSL extension
6
+
7
+ None
8
+
9
+ ## Used credentials
10
+
11
+ | Credential | Usage
12
+ | --- | --- |
13
+
14
+ ## Used Metadata
15
+
16
+ | Metadata | Type | Usage
17
+ | --- | --- | --- |
18
+
19
+ ## Used environment variables
20
+
21
+ | Variable | Usage
22
+ | --- | --- |
23
+
24
+ ## External tools dependencies
25
+
26
+ None