hybrid_platforms_conductor 32.18.0 → 33.0.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +36 -0
- data/README.md +3 -3
- data/bin/check-node +0 -1
- data/bin/deploy +0 -1
- data/bin/get_impacted_nodes +0 -1
- data/bin/last_deploys +8 -7
- data/bin/nodes_to_deploy +2 -2
- data/bin/setup +6 -6
- data/bin/topograph +1 -1
- data/docs/config_dsl.md +23 -1
- data/docs/executables.md +6 -7
- data/docs/executables/check-node.md +3 -3
- data/docs/executables/deploy.md +3 -3
- data/docs/executables/dump_nodes_json.md +3 -3
- data/docs/executables/test.md +3 -3
- data/docs/executables/topograph.md +3 -3
- data/docs/plugins.md +21 -0
- data/docs/plugins/secrets_reader/cli.md +31 -0
- data/docs/plugins/secrets_reader/thycotic.md +46 -0
- data/lib/hybrid_platforms_conductor/action.rb +4 -4
- data/lib/hybrid_platforms_conductor/actions_executor.rb +37 -42
- data/lib/hybrid_platforms_conductor/bitbucket.rb +5 -4
- data/lib/hybrid_platforms_conductor/cmd_runner.rb +26 -23
- data/lib/hybrid_platforms_conductor/cmdb.rb +2 -2
- data/lib/hybrid_platforms_conductor/common_config_dsl/bitbucket.rb +2 -1
- data/lib/hybrid_platforms_conductor/common_config_dsl/confluence.rb +2 -1
- data/lib/hybrid_platforms_conductor/common_config_dsl/file_system_tests.rb +5 -4
- data/lib/hybrid_platforms_conductor/common_config_dsl/github.rb +4 -3
- data/lib/hybrid_platforms_conductor/common_config_dsl/idempotence_tests.rb +2 -2
- data/lib/hybrid_platforms_conductor/config.rb +8 -4
- data/lib/hybrid_platforms_conductor/confluence.rb +1 -1
- data/lib/hybrid_platforms_conductor/connector.rb +5 -2
- data/lib/hybrid_platforms_conductor/core_extensions/cleanroom/fix_kwargs.rb +116 -0
- data/lib/hybrid_platforms_conductor/core_extensions/symbol/zero.rb +24 -0
- data/lib/hybrid_platforms_conductor/credentials.rb +39 -36
- data/lib/hybrid_platforms_conductor/current_dir_monitor.rb +4 -1
- data/lib/hybrid_platforms_conductor/deployer.rb +185 -127
- data/lib/hybrid_platforms_conductor/executable.rb +20 -15
- data/lib/hybrid_platforms_conductor/hpc_plugins/cmdb/config.rb +10 -7
- data/lib/hybrid_platforms_conductor/hpc_plugins/cmdb/host_ip.rb +1 -1
- data/lib/hybrid_platforms_conductor/hpc_plugins/cmdb/host_keys.rb +2 -2
- data/lib/hybrid_platforms_conductor/hpc_plugins/cmdb/platform_handlers.rb +4 -4
- data/lib/hybrid_platforms_conductor/hpc_plugins/connector/local.rb +5 -1
- data/lib/hybrid_platforms_conductor/hpc_plugins/connector/ssh.rb +45 -49
- data/lib/hybrid_platforms_conductor/hpc_plugins/log/remote_fs.rb +6 -5
- data/lib/hybrid_platforms_conductor/hpc_plugins/platform_handler/serverless_chef.rb +77 -79
- data/lib/hybrid_platforms_conductor/hpc_plugins/platform_handler/serverless_chef/dsl_parser.rb +13 -0
- data/lib/hybrid_platforms_conductor/hpc_plugins/platform_handler/serverless_chef/recipes_tree_builder.rb +39 -38
- data/lib/hybrid_platforms_conductor/hpc_plugins/platform_handler/yaml_inventory.rb +5 -4
- data/lib/hybrid_platforms_conductor/hpc_plugins/provisioner/docker.rb +43 -45
- data/lib/hybrid_platforms_conductor/hpc_plugins/provisioner/podman.rb +18 -20
- data/lib/hybrid_platforms_conductor/hpc_plugins/provisioner/proxmox.rb +119 -118
- data/lib/hybrid_platforms_conductor/hpc_plugins/provisioner/proxmox/proxmox_waiter.rb +39 -43
- data/lib/hybrid_platforms_conductor/hpc_plugins/provisioner/proxmox/reserve_proxmox_container +9 -13
- data/lib/hybrid_platforms_conductor/hpc_plugins/report/confluence.rb +2 -2
- data/lib/hybrid_platforms_conductor/hpc_plugins/report/mediawiki.rb +28 -21
- data/lib/hybrid_platforms_conductor/hpc_plugins/report/stdout.rb +26 -22
- data/lib/hybrid_platforms_conductor/hpc_plugins/secrets_reader/cli.rb +77 -0
- data/lib/hybrid_platforms_conductor/hpc_plugins/secrets_reader/my_secrets_reader_plugin.rb.sample +46 -0
- data/lib/hybrid_platforms_conductor/hpc_plugins/secrets_reader/thycotic.rb +90 -0
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/bitbucket_conf.rb +3 -3
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/check_deploy_and_idempotence.rb +4 -2
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/deploy_freshness.rb +0 -1
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/deploy_removes_root_access.rb +21 -19
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/divergence.rb +2 -2
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/executables.rb +2 -2
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/file_system.rb +19 -21
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/file_system_hdfs.rb +19 -21
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/github_ci.rb +2 -3
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/idempotence.rb +2 -2
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/ip.rb +1 -1
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/jenkins_ci_conf.rb +21 -22
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/jenkins_ci_masters_ok.rb +10 -12
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/linear_strategy.rb +9 -9
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/local_users.rb +2 -2
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/mounts.rb +2 -2
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/orphan_files.rb +10 -9
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/ports.rb +2 -2
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/private_ips.rb +5 -5
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/public_ips.rb +5 -5
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb +4 -6
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/veids.rb +3 -3
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/vulnerabilities.rb +25 -24
- data/lib/hybrid_platforms_conductor/hpc_plugins/test_report/confluence.rb +2 -2
- data/lib/hybrid_platforms_conductor/hpc_plugins/test_report/stdout.rb +8 -6
- data/lib/hybrid_platforms_conductor/io_router.rb +14 -13
- data/lib/hybrid_platforms_conductor/json_dumper.rb +2 -2
- data/lib/hybrid_platforms_conductor/log.rb +2 -2
- data/lib/hybrid_platforms_conductor/logger_helpers.rb +19 -16
- data/lib/hybrid_platforms_conductor/nodes_handler.rb +89 -71
- data/lib/hybrid_platforms_conductor/parallel_threads.rb +7 -11
- data/lib/hybrid_platforms_conductor/platform_handler.rb +7 -7
- data/lib/hybrid_platforms_conductor/platforms_handler.rb +5 -3
- data/lib/hybrid_platforms_conductor/plugin.rb +2 -2
- data/lib/hybrid_platforms_conductor/plugins.rb +14 -8
- data/lib/hybrid_platforms_conductor/provisioner.rb +4 -4
- data/lib/hybrid_platforms_conductor/report.rb +2 -2
- data/lib/hybrid_platforms_conductor/reports_handler.rb +3 -2
- data/lib/hybrid_platforms_conductor/secrets_reader.rb +31 -0
- data/lib/hybrid_platforms_conductor/services_handler.rb +32 -29
- data/lib/hybrid_platforms_conductor/test_only_remote_node.rb +1 -1
- data/lib/hybrid_platforms_conductor/test_report.rb +15 -18
- data/lib/hybrid_platforms_conductor/tests_runner.rb +116 -118
- data/lib/hybrid_platforms_conductor/thycotic.rb +28 -19
- data/lib/hybrid_platforms_conductor/topographer.rb +200 -190
- data/lib/hybrid_platforms_conductor/topographer/plugins/graphviz.rb +8 -8
- data/lib/hybrid_platforms_conductor/topographer/plugins/json.rb +4 -4
- data/lib/hybrid_platforms_conductor/version.rb +1 -1
- data/spec/hybrid_platforms_conductor_test.rb +29 -6
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/actions/bash_spec.rb +18 -11
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/actions/interactive_spec.rb +2 -2
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/actions/remote_bash_spec.rb +32 -21
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/actions/ruby_spec.rb +75 -49
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/actions/scp_spec.rb +27 -15
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/actions_spec.rb +90 -59
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/connection_spec.rb +46 -44
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/connectors/local/connectable_nodes_spec.rb +12 -8
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/connectors/local/remote_actions_spec.rb +4 -7
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/connectors/ssh/cli_options_spec.rb +21 -22
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/connectors/ssh/config_dsl_spec.rb +23 -24
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/connectors/ssh/connectable_nodes_spec.rb +10 -6
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/connectors/ssh/connections_spec.rb +106 -75
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/connectors/ssh/global_helpers_spec.rb +145 -126
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/connectors/ssh/node_helpers_spec.rb +3 -3
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/connectors/ssh/remote_actions_spec.rb +29 -25
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/logging_spec.rb +167 -142
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/parallel_spec.rb +272 -244
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/timeout_spec.rb +16 -16
- data/spec/hybrid_platforms_conductor_test/api/cmd_runner_spec.rb +42 -36
- data/spec/hybrid_platforms_conductor_test/api/config_spec.rb +24 -22
- data/spec/hybrid_platforms_conductor_test/api/deployer/check_spec.rb +4 -2
- data/spec/hybrid_platforms_conductor_test/api/deployer/config_dsl_spec.rb +24 -6
- data/spec/hybrid_platforms_conductor_test/api/deployer/deploy_spec.rb +34 -26
- data/spec/hybrid_platforms_conductor_test/api/deployer/log_plugins/remote_fs_spec.rb +21 -21
- data/spec/hybrid_platforms_conductor_test/api/deployer/parse_deploy_output_spec.rb +55 -59
- data/spec/hybrid_platforms_conductor_test/api/deployer/provisioner_spec.rb +36 -62
- data/spec/hybrid_platforms_conductor_test/api/deployer/provisioners/podman_spec.rb +17 -17
- data/spec/hybrid_platforms_conductor_test/api/deployer/provisioners/proxmox/config_dsl_spec.rb +4 -4
- data/spec/hybrid_platforms_conductor_test/api/deployer/provisioners/proxmox/create_spec.rb +44 -51
- data/spec/hybrid_platforms_conductor_test/api/deployer/provisioners/proxmox/destroy_spec.rb +3 -3
- data/spec/hybrid_platforms_conductor_test/api/deployer/provisioners/proxmox/ip_spec.rb +12 -16
- data/spec/hybrid_platforms_conductor_test/api/deployer/provisioners/proxmox/reserve_proxmox_container/destroy_vm_spec.rb +31 -19
- data/spec/hybrid_platforms_conductor_test/api/deployer/provisioners/proxmox/reserve_proxmox_container/expired_containers_spec.rb +324 -266
- data/spec/hybrid_platforms_conductor_test/api/deployer/provisioners/proxmox/reserve_proxmox_container/ips_assignment_spec.rb +89 -61
- data/spec/hybrid_platforms_conductor_test/api/deployer/provisioners/proxmox/reserve_proxmox_container/other_lxc_containers_resources_spec.rb +117 -93
- data/spec/hybrid_platforms_conductor_test/api/deployer/provisioners/proxmox/reserve_proxmox_container/pve_node_resources_spec.rb +71 -54
- data/spec/hybrid_platforms_conductor_test/api/deployer/provisioners/proxmox/reserve_proxmox_container/retries_spec.rb +10 -8
- data/spec/hybrid_platforms_conductor_test/api/deployer/provisioners/proxmox/reserve_proxmox_container/vm_ids_assignment_spec.rb +80 -60
- data/spec/hybrid_platforms_conductor_test/api/deployer/provisioners/proxmox/start_spec.rb +1 -1
- data/spec/hybrid_platforms_conductor_test/api/deployer/provisioners/proxmox/state_spec.rb +1 -1
- data/spec/hybrid_platforms_conductor_test/api/deployer/provisioners/proxmox/stop_spec.rb +1 -1
- data/spec/hybrid_platforms_conductor_test/api/deployer/secrets_reader_plugins/cli_spec.rb +64 -0
- data/spec/hybrid_platforms_conductor_test/api/deployer/secrets_reader_plugins/thycotic_spec.rb +268 -0
- data/spec/hybrid_platforms_conductor_test/api/nodes_handler/cmdbs/config_spec.rb +8 -10
- data/spec/hybrid_platforms_conductor_test/api/nodes_handler/cmdbs/host_ip_spec.rb +33 -24
- data/spec/hybrid_platforms_conductor_test/api/nodes_handler/cmdbs/host_keys_spec.rb +64 -51
- data/spec/hybrid_platforms_conductor_test/api/nodes_handler/cmdbs/platform_handlers_spec.rb +3 -3
- data/spec/hybrid_platforms_conductor_test/api/nodes_handler/cmdbs_plugins_api_spec.rb +50 -51
- data/spec/hybrid_platforms_conductor_test/api/nodes_handler/common_spec.rb +91 -81
- data/spec/hybrid_platforms_conductor_test/api/nodes_handler/config_dsl_spec.rb +14 -16
- data/spec/hybrid_platforms_conductor_test/api/nodes_handler/git_diff_impacts_spec.rb +51 -75
- data/spec/hybrid_platforms_conductor_test/api/nodes_handler/nodes_selectors_spec.rb +35 -26
- data/spec/hybrid_platforms_conductor_test/api/nodes_handler/platform_handlers_plugins_api_spec.rb +24 -16
- data/spec/hybrid_platforms_conductor_test/api/nodes_handler/several_platforms_spec.rb +29 -19
- data/spec/hybrid_platforms_conductor_test/api/platform_handler_spec.rb +4 -4
- data/spec/hybrid_platforms_conductor_test/api/platform_handlers/serverless_chef/config_dsl_spec.rb +2 -2
- data/spec/hybrid_platforms_conductor_test/api/platform_handlers/serverless_chef/deploy_output_parsing_spec.rb +6 -6
- data/spec/hybrid_platforms_conductor_test/api/platform_handlers/serverless_chef/diff_impacts_spec.rb +57 -99
- data/spec/hybrid_platforms_conductor_test/api/platform_handlers/serverless_chef/inventory_spec.rb +4 -4
- data/spec/hybrid_platforms_conductor_test/api/platform_handlers/serverless_chef/packaging_spec.rb +32 -35
- data/spec/hybrid_platforms_conductor_test/api/platform_handlers/serverless_chef/services_deployment_spec.rb +10 -10
- data/spec/hybrid_platforms_conductor_test/api/platforms_handler_spec.rb +38 -27
- data/spec/hybrid_platforms_conductor_test/api/plugins_spec.rb +46 -52
- data/spec/hybrid_platforms_conductor_test/api/reports_handler_spec.rb +2 -2
- data/spec/hybrid_platforms_conductor_test/api/services_handler/actions_to_deploy_spec.rb +90 -58
- data/spec/hybrid_platforms_conductor_test/api/services_handler/deploy_allowed_spec.rb +38 -34
- data/spec/hybrid_platforms_conductor_test/api/services_handler/log_info_spec.rb +11 -9
- data/spec/hybrid_platforms_conductor_test/api/services_handler/package_spec.rb +193 -171
- data/spec/hybrid_platforms_conductor_test/api/services_handler/parse_deploy_output_spec.rb +66 -54
- data/spec/hybrid_platforms_conductor_test/api/services_handler/prepare_for_deploy_spec.rb +147 -133
- data/spec/hybrid_platforms_conductor_test/api/tests_runner/common_spec.rb +69 -49
- data/spec/hybrid_platforms_conductor_test/api/tests_runner/global_spec.rb +4 -3
- data/spec/hybrid_platforms_conductor_test/api/tests_runner/node_check_spec.rb +8 -5
- data/spec/hybrid_platforms_conductor_test/api/tests_runner/node_spec.rb +8 -5
- data/spec/hybrid_platforms_conductor_test/api/tests_runner/node_ssh_spec.rb +30 -27
- data/spec/hybrid_platforms_conductor_test/api/tests_runner/platform_spec.rb +12 -9
- data/spec/hybrid_platforms_conductor_test/api/tests_runner/reports_spec.rb +48 -47
- data/spec/hybrid_platforms_conductor_test/api/tests_runner/test_plugins/bitbucket_conf_spec.rb +5 -5
- data/spec/hybrid_platforms_conductor_test/api/tests_runner/test_plugins/github_ci_spec.rb +5 -5
- data/spec/hybrid_platforms_conductor_test/api/tests_runner/test_reports_plugins/confluence_spec.rb +5 -5
- data/spec/hybrid_platforms_conductor_test/cmdb_plugins/test_cmdb.rb +9 -9
- data/spec/hybrid_platforms_conductor_test/cmdb_plugins/{test_cmdb2.rb → test_cmdb_2.rb} +6 -6
- data/spec/hybrid_platforms_conductor_test/cmdb_plugins/test_cmdb_others.rb +3 -3
- data/spec/hybrid_platforms_conductor_test/cmdb_plugins/{test_cmdb_others2.rb → test_cmdb_others_2.rb} +2 -2
- data/spec/hybrid_platforms_conductor_test/docs_spec.rb +1 -1
- data/spec/hybrid_platforms_conductor_test/executables/{check-node_spec.rb → check_node_spec.rb} +4 -6
- data/spec/hybrid_platforms_conductor_test/executables/deploy_spec.rb +4 -6
- data/spec/hybrid_platforms_conductor_test/executables/get_impacted_nodes_spec.rb +76 -77
- data/spec/hybrid_platforms_conductor_test/executables/last_deploys_spec.rb +13 -15
- data/spec/hybrid_platforms_conductor_test/executables/nodes_to_deploy_spec.rb +289 -307
- data/spec/hybrid_platforms_conductor_test/executables/options/actions_executor_spec.rb +4 -6
- data/spec/hybrid_platforms_conductor_test/executables/options/cmd_runner_spec.rb +3 -5
- data/spec/hybrid_platforms_conductor_test/executables/options/common_spec.rb +8 -9
- data/spec/hybrid_platforms_conductor_test/executables/options/deployer_spec.rb +12 -196
- data/spec/hybrid_platforms_conductor_test/executables/options/nodes_handler_spec.rb +9 -10
- data/spec/hybrid_platforms_conductor_test/executables/options/nodes_selectors_spec.rb +9 -10
- data/spec/hybrid_platforms_conductor_test/executables/options/reports_handler_spec.rb +1 -1
- data/spec/hybrid_platforms_conductor_test/executables/options/tests_runner_spec.rb +22 -22
- data/spec/hybrid_platforms_conductor_test/executables/report_spec.rb +22 -16
- data/spec/hybrid_platforms_conductor_test/executables/run_spec.rb +32 -32
- data/spec/hybrid_platforms_conductor_test/executables/ssh_config_spec.rb +7 -9
- data/spec/hybrid_platforms_conductor_test/executables/test_spec.rb +3 -5
- data/spec/hybrid_platforms_conductor_test/helpers/actions_executor_helpers.rb +2 -2
- data/spec/hybrid_platforms_conductor_test/helpers/cmd_runner_helpers.rb +4 -3
- data/spec/hybrid_platforms_conductor_test/helpers/cmdb_helpers.rb +2 -2
- data/spec/hybrid_platforms_conductor_test/helpers/config_helpers.rb +1 -1
- data/spec/hybrid_platforms_conductor_test/helpers/connector_ssh_helpers.rb +12 -13
- data/spec/hybrid_platforms_conductor_test/helpers/deployer_helpers.rb +216 -14
- data/spec/hybrid_platforms_conductor_test/helpers/executables_helpers.rb +11 -11
- data/spec/hybrid_platforms_conductor_test/helpers/nodes_handler_helpers.rb +1 -1
- data/spec/hybrid_platforms_conductor_test/helpers/platforms_handler_helpers.rb +39 -28
- data/spec/hybrid_platforms_conductor_test/helpers/plugins_helpers.rb +1 -1
- data/spec/hybrid_platforms_conductor_test/helpers/provisioner_proxmox_helpers.rb +86 -111
- data/spec/hybrid_platforms_conductor_test/helpers/reports_handler_helpers.rb +1 -1
- data/spec/hybrid_platforms_conductor_test/helpers/serverless_chef_helpers.rb +3 -3
- data/spec/hybrid_platforms_conductor_test/helpers/services_handler_helpers.rb +1 -1
- data/spec/hybrid_platforms_conductor_test/helpers/tests_runner_helpers.rb +1 -1
- data/spec/hybrid_platforms_conductor_test/mocked_lib/my_test_gem/hpc_plugins/test_plugin_type/{test_plugin_id1.rb → test_plugin_id_1.rb} +0 -0
- data/spec/hybrid_platforms_conductor_test/mocked_lib/my_test_gem/hpc_plugins/test_plugin_type/{test_plugin_id2.rb → test_plugin_id_2.rb} +0 -0
- data/spec/hybrid_platforms_conductor_test/mocked_lib/my_test_gem2/sub_dir/hpc_plugins/test_plugin_type/{test_plugin_id3.rb → test_plugin_id_3.rb} +0 -0
- data/spec/hybrid_platforms_conductor_test/mocked_lib/my_test_gem2/sub_dir/hpc_plugins/{test_plugin_type2/test_plugin_id4.rb → test_plugin_type_2/test_plugin_id_4.rb} +0 -0
- data/spec/hybrid_platforms_conductor_test/platform_handler_plugins/test.rb +1 -1
- data/spec/hybrid_platforms_conductor_test/platform_handler_plugins/{test2.rb → test_2.rb} +0 -0
- data/spec/hybrid_platforms_conductor_test/rubocop_spec.rb +31 -0
- data/spec/hybrid_platforms_conductor_test/serverless_chef_repositories/1_node/nodes/node.json +3 -3
- data/spec/hybrid_platforms_conductor_test/serverless_chef_repositories/data_bags/nodes/node.json +3 -3
- data/spec/hybrid_platforms_conductor_test/serverless_chef_repositories/recipes/cookbooks/test_cookbook_2/libraries/default.rb +1 -0
- data/spec/hybrid_platforms_conductor_test/serverless_chef_repositories/several_cookbooks/other_cookbooks/test_cookbook_2/libraries/default.rb +1 -0
- data/spec/hybrid_platforms_conductor_test/shared_examples/deployer.rb +952 -0
- data/spec/hybrid_platforms_conductor_test/test_connector.rb +4 -3
- data/spec/hybrid_platforms_conductor_test/test_log_no_read_plugin.rb +3 -1
- data/spec/hybrid_platforms_conductor_test/test_log_plugin.rb +3 -1
- data/spec/hybrid_platforms_conductor_test/test_plugins/global.rb +1 -0
- data/spec/hybrid_platforms_conductor_test/test_plugins/node.rb +1 -0
- data/spec/hybrid_platforms_conductor_test/test_plugins/node_check.rb +1 -0
- data/spec/hybrid_platforms_conductor_test/test_plugins/platform.rb +1 -0
- data/spec/hybrid_platforms_conductor_test/test_plugins/several_checks.rb +2 -2
- data/spec/hybrid_platforms_conductor_test/test_secrets_reader_plugin.rb +45 -0
- data/spec/hybrid_platforms_conductor_test/tests_report_plugin.rb +5 -6
- data/spec/spec_helper.rb +17 -18
- data/tools/check_md +16 -20
- data/tools/generate_mermaid +1 -1
- metadata +186 -144
- data/spec/hybrid_platforms_conductor_test/helpers/deployer_test_helpers.rb +0 -916
@@ -1,4 +1,5 @@
|
|
1
1
|
require 'cleanroom'
|
2
|
+
require 'hybrid_platforms_conductor/core_extensions/cleanroom/fix_kwargs'
|
2
3
|
require 'git'
|
3
4
|
require 'ice_cube'
|
4
5
|
require 'hybrid_platforms_conductor/plugins'
|
@@ -8,7 +9,8 @@ module HybridPlatformsConductor
|
|
8
9
|
# Object used to access the whole configuration
|
9
10
|
class Config
|
10
11
|
|
11
|
-
include
|
12
|
+
include Cleanroom
|
13
|
+
include LoggerHelpers
|
12
14
|
|
13
15
|
class << self
|
14
16
|
|
@@ -35,6 +37,7 @@ module HybridPlatformsConductor
|
|
35
37
|
# Directory of the definition of the platforms
|
36
38
|
# String
|
37
39
|
attr_reader :hybrid_platforms_dir
|
40
|
+
|
38
41
|
expose :hybrid_platforms_dir
|
39
42
|
|
40
43
|
# List of expected failures info. Each info has the following properties:
|
@@ -60,7 +63,7 @@ module HybridPlatformsConductor
|
|
60
63
|
# Parameters::
|
61
64
|
# * *logger* (Logger): Logger to be used [default = Logger.new(STDOUT)]
|
62
65
|
# * *logger_stderr* (Logger): Logger to be used for stderr [default = Logger.new(STDERR)]
|
63
|
-
def initialize(logger: Logger.new(
|
66
|
+
def initialize(logger: Logger.new($stdout), logger_stderr: Logger.new($stderr))
|
64
67
|
init_loggers(logger, logger_stderr)
|
65
68
|
@hybrid_platforms_dir = File.expand_path(ENV['hpc_platforms'].nil? ? '.' : ENV['hpc_platforms'])
|
66
69
|
# Stack of the nodes selectors scopes
|
@@ -94,7 +97,7 @@ module HybridPlatformsConductor
|
|
94
97
|
end
|
95
98
|
# Call initializers if needed
|
96
99
|
Config.mixin_initializers.each do |mixin_init_method|
|
97
|
-
|
100
|
+
send(mixin_init_method)
|
98
101
|
end
|
99
102
|
include_config_from "#{@hybrid_platforms_dir}/hpc_config.rb"
|
100
103
|
end
|
@@ -105,7 +108,7 @@ module HybridPlatformsConductor
|
|
105
108
|
# * *dsl_file* (String): Path to the DSL file
|
106
109
|
def include_config_from(dsl_file)
|
107
110
|
log_debug "Include config from #{dsl_file}"
|
108
|
-
|
111
|
+
evaluate_file(dsl_file)
|
109
112
|
end
|
110
113
|
expose :include_config_from
|
111
114
|
|
@@ -116,6 +119,7 @@ module HybridPlatformsConductor
|
|
116
119
|
# * *dir* (String): Directory containing the Dockerfile defining the image
|
117
120
|
def os_image(image, dir)
|
118
121
|
raise "OS image #{image} already defined to #{@os_images[image]}" if @os_images.key?(image)
|
122
|
+
|
119
123
|
@os_images[image] = dir
|
120
124
|
end
|
121
125
|
expose :os_image
|
@@ -34,7 +34,7 @@ module HybridPlatformsConductor
|
|
34
34
|
# * *confluence_password* (String): Confluence password to be used when querying the API
|
35
35
|
# * *logger* (Logger): Logger to be used [default = Logger.new(STDOUT)]
|
36
36
|
# * *logger_stderr* (Logger): Logger to be used for stderr [default = Logger.new(STDERR)]
|
37
|
-
def initialize(confluence_url, confluence_user_name, confluence_password, logger: Logger.new(
|
37
|
+
def initialize(confluence_url, confluence_user_name, confluence_password, logger: Logger.new($stdout), logger_stderr: Logger.new($stderr))
|
38
38
|
init_loggers(logger, logger_stderr)
|
39
39
|
@confluence_url = confluence_url
|
40
40
|
@confluence_user_name = confluence_user_name
|
@@ -15,8 +15,8 @@ module HybridPlatformsConductor
|
|
15
15
|
# * *cmd_runner* (CmdRunner): Command executor to be used. [default: CmdRunner.new]
|
16
16
|
# * *nodes_handler* (NodesHandler): NodesHandler to be used. [default: NodesHandler.new]
|
17
17
|
def initialize(
|
18
|
-
logger: Logger.new(
|
19
|
-
logger_stderr: Logger.new(
|
18
|
+
logger: Logger.new($stdout),
|
19
|
+
logger_stderr: Logger.new($stderr),
|
20
20
|
config: Config.new,
|
21
21
|
cmd_runner: CmdRunner.new,
|
22
22
|
nodes_handler: NodesHandler.new
|
@@ -45,8 +45,10 @@ module HybridPlatformsConductor
|
|
45
45
|
@stderr_io = stderr_io
|
46
46
|
end
|
47
47
|
|
48
|
+
# rubocop:disable Lint/UnusedMethodArgument
|
48
49
|
# Prepare connections to a given set of nodes.
|
49
50
|
# Useful to prefetch metadata or open bulk connections.
|
51
|
+
# This method is supposed to be overridden by sub-classes (hence the rubocop exception).
|
50
52
|
#
|
51
53
|
# Parameters::
|
52
54
|
# * *nodes* (Array<String>): Nodes to prepare the connection to
|
@@ -57,6 +59,7 @@ module HybridPlatformsConductor
|
|
57
59
|
def with_connection_to(nodes, no_exception: false)
|
58
60
|
yield nodes
|
59
61
|
end
|
62
|
+
# rubocop:enable Lint/UnusedMethodArgument
|
60
63
|
|
61
64
|
private
|
62
65
|
|
@@ -0,0 +1,116 @@
|
|
1
|
+
# This is a patch of cleanroom Rubygem v1.0.0 that adds kwargs support for Ruby 3.
|
2
|
+
# TODO: Remove this patch when the following code will be merged in a new version of cleanroom:
|
3
|
+
# https://github.com/sethvargo/cleanroom/compare/master...Muriel-Salvan:handle_kwargs?expand=1
|
4
|
+
|
5
|
+
module Cleanroom
|
6
|
+
|
7
|
+
# Add kwargs support
|
8
|
+
module ClassMethods
|
9
|
+
|
10
|
+
#
|
11
|
+
# Expose the given method to the DSL.
|
12
|
+
#
|
13
|
+
# @param [Symbol] name
|
14
|
+
#
|
15
|
+
def expose(name)
|
16
|
+
raise NameError, "undefined method `#{name}' for class `#{self.name}'" unless public_method_defined?(name)
|
17
|
+
|
18
|
+
exposed_methods_with_kwargs[name] = true if instance_method(name).parameters.any? { |(arg_type, _arg_name)| KWARGS_TYPES.include?(arg_type) }
|
19
|
+
exposed_methods[name] = true
|
20
|
+
end
|
21
|
+
|
22
|
+
private
|
23
|
+
|
24
|
+
# Define the types of argument types that point kwargs arguments.
|
25
|
+
# Useful to treat them differently as when defining a method with kwargs, Ruby will pass parameters having a to_hash method differently to such methods:
|
26
|
+
#
|
27
|
+
# See this example illustrating the difference in treatment with and without kwargs in the method definition:
|
28
|
+
# def without_kwargs(*args)
|
29
|
+
# p args
|
30
|
+
# end
|
31
|
+
# def with_kwargs(*args, **kwargs)
|
32
|
+
# p args
|
33
|
+
# p kwargs
|
34
|
+
# end
|
35
|
+
# s_without_to_hash = 'Without to_hash'
|
36
|
+
# s_with_to_hash = 'With to_hash'
|
37
|
+
# s_with_to_hash.define_singleton_method(:to_hash) { { string: self.to_s } }
|
38
|
+
# without_kwargs(s_without_to_hash)
|
39
|
+
# ["Without to_hash"]
|
40
|
+
# without_kwargs(s_with_to_hash)
|
41
|
+
# ["With to_hash"]
|
42
|
+
# with_kwargs(s_without_to_hash)
|
43
|
+
# ["Without to_hash"]
|
44
|
+
# {}
|
45
|
+
# with_kwargs(s_with_to_hash)
|
46
|
+
# []
|
47
|
+
# {:string=>"With to_hash"}
|
48
|
+
KWARGS_TYPES = %i[key keyreq]
|
49
|
+
|
50
|
+
#
|
51
|
+
# The list of exposed methods with kwargs.
|
52
|
+
#
|
53
|
+
# @return [Hash]
|
54
|
+
#
|
55
|
+
def exposed_methods_with_kwargs
|
56
|
+
@exposed_methods_with_kwargs ||= from_superclass(:exposed_methods_with_kwargs, {}).dup
|
57
|
+
end
|
58
|
+
|
59
|
+
#
|
60
|
+
# The cleanroom instance for this class. This method is intentionally
|
61
|
+
# NOT cached!
|
62
|
+
#
|
63
|
+
# @return [Class]
|
64
|
+
#
|
65
|
+
def cleanroom
|
66
|
+
exposed = exposed_methods.keys
|
67
|
+
exposed_with_kwargs = exposed_methods_with_kwargs.keys
|
68
|
+
parent = name || 'Anonymous'
|
69
|
+
|
70
|
+
Class.new(Object) do
|
71
|
+
class << self
|
72
|
+
|
73
|
+
def class_eval
|
74
|
+
raise Cleanroom::InaccessibleError.new(:class_eval, self)
|
75
|
+
end
|
76
|
+
|
77
|
+
def instance_eval
|
78
|
+
raise Cleanroom::InaccessibleError.new(:instance_eval, self)
|
79
|
+
end
|
80
|
+
|
81
|
+
end
|
82
|
+
|
83
|
+
define_method(:initialize) do |instance|
|
84
|
+
define_singleton_method(:__instance__) do
|
85
|
+
raise Cleanroom::InaccessibleError.new(:__instance__, self) unless caller[0].include?(__FILE__)
|
86
|
+
|
87
|
+
instance
|
88
|
+
end
|
89
|
+
end
|
90
|
+
|
91
|
+
(exposed - exposed_with_kwargs).each do |exposed_method|
|
92
|
+
define_method(exposed_method) do |*args, &block|
|
93
|
+
__instance__.public_send(exposed_method, *args, &block)
|
94
|
+
end
|
95
|
+
end
|
96
|
+
|
97
|
+
exposed_with_kwargs.each do |exposed_method|
|
98
|
+
define_method(exposed_method) do |*args, **kwargs, &block|
|
99
|
+
__instance__.public_send(exposed_method, *args, **kwargs, &block)
|
100
|
+
end
|
101
|
+
end
|
102
|
+
|
103
|
+
define_method(:class_eval) do
|
104
|
+
raise Cleanroom::InaccessibleError.new(:class_eval, self)
|
105
|
+
end
|
106
|
+
|
107
|
+
define_method(:inspect) do
|
108
|
+
"#<#{parent} (Cleanroom)>"
|
109
|
+
end
|
110
|
+
alias_method :to_s, :inspect
|
111
|
+
end
|
112
|
+
end
|
113
|
+
|
114
|
+
end
|
115
|
+
|
116
|
+
end
|
@@ -0,0 +1,24 @@
|
|
1
|
+
module HybridPlatformsConductor
|
2
|
+
|
3
|
+
module CoreExtensions
|
4
|
+
|
5
|
+
module Symbol
|
6
|
+
|
7
|
+
# As it is better to test status code 0 with zero? and as we use status codes as symbols in case of errors, make the zero? call return appropriately.
|
8
|
+
module Zero
|
9
|
+
|
10
|
+
# Does the symbol equal zero?
|
11
|
+
#
|
12
|
+
# Result::
|
13
|
+
# * false: It does not.
|
14
|
+
def zero?
|
15
|
+
false
|
16
|
+
end
|
17
|
+
|
18
|
+
end
|
19
|
+
|
20
|
+
end
|
21
|
+
|
22
|
+
end
|
23
|
+
|
24
|
+
end
|
@@ -42,7 +42,7 @@ module HybridPlatformsConductor
|
|
42
42
|
# * *url* (String or nil): The URL for which we want the credentials, or nil if not associated to a URL [default: nil]
|
43
43
|
# * *logger* (Logger): Logger to be used [default = Logger.new(STDOUT)]
|
44
44
|
# * *logger_stderr* (Logger): Logger to be used for stderr [default = Logger.new(STDERR)]
|
45
|
-
def initialize(id, url: nil, logger: Logger.new(
|
45
|
+
def initialize(id, url: nil, logger: Logger.new($stdout), logger_stderr: Logger.new($stderr))
|
46
46
|
init_loggers(logger, logger_stderr)
|
47
47
|
@id = id
|
48
48
|
@url = url
|
@@ -54,7 +54,7 @@ module HybridPlatformsConductor
|
|
54
54
|
# Provide a helper to clear password from memory for security.
|
55
55
|
# To be used when the client knows it won't use the password anymore.
|
56
56
|
def clear_password
|
57
|
-
@password
|
57
|
+
@password&.replace('gotyou!' * 100)
|
58
58
|
GC.start
|
59
59
|
end
|
60
60
|
|
@@ -82,46 +82,49 @@ module HybridPlatformsConductor
|
|
82
82
|
# Do it only once.
|
83
83
|
# Make sure the retrieved credentials are not linked to other objects in memory, so that we can remove any other trace of secrets.
|
84
84
|
def retrieve_credentials
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
85
|
+
return if @retrieved
|
86
|
+
|
87
|
+
# Check environment variables
|
88
|
+
@user = ENV["hpc_user_for_#{@id}"].dup
|
89
|
+
@password = ENV["hpc_password_for_#{@id}"].dup
|
90
|
+
if @user.nil? || @user.empty? || @password.nil? || @password.empty?
|
91
|
+
log_debug "[ Credentials for #{@id} ] - Credentials not found from environment variables."
|
92
|
+
if @url.nil?
|
93
|
+
log_debug "[ Credentials for #{@id} ] - No URL associated to this credentials, so .netrc can't be used."
|
94
|
+
else
|
95
|
+
# Check Netrc
|
96
|
+
netrc = ::Netrc.read
|
97
|
+
begin
|
98
|
+
netrc_user, netrc_password = netrc[URI.parse(@url).host.downcase]
|
99
|
+
if netrc_user.nil?
|
100
|
+
log_debug "[ Credentials for #{@id} ] - No credentials retrieved from .netrc."
|
101
|
+
# TODO: Add more credentials source if needed here
|
102
|
+
log_warn "[ Credentials for #{@id} ] - Unable to get credentials for #{@id} (URL: #{@url})."
|
103
|
+
else
|
104
|
+
@user = netrc_user.dup
|
105
|
+
@password = netrc_password.dup
|
106
|
+
log_debug "[ Credentials for #{@id} ] - Credentials retrieved from .netrc using #{@url}."
|
107
|
+
end
|
108
|
+
ensure
|
109
|
+
# Make sure the password does not stay in Netrc memory
|
110
|
+
# Wipe out any memory trace that might contain passwords in clear
|
111
|
+
netrc.instance_variable_get(:@data).each do |data_line|
|
112
|
+
data_line.each do |data_string|
|
113
|
+
data_string.replace('GotYou!!!' * 100)
|
114
114
|
end
|
115
|
-
netrc = nil
|
116
115
|
end
|
116
|
+
# We don this assignment on purpose so that GC can remove sensitive data later
|
117
|
+
# rubocop:disable Lint/UselessAssignment
|
118
|
+
netrc = nil
|
119
|
+
# rubocop:enable Lint/UselessAssignment
|
117
120
|
end
|
118
|
-
else
|
119
|
-
log_debug "[ Credentials for #{@id} ] - Credentials retrieved from environment variables."
|
120
121
|
end
|
121
|
-
|
122
|
+
else
|
123
|
+
log_debug "[ Credentials for #{@id} ] - Credentials retrieved from environment variables."
|
122
124
|
end
|
125
|
+
GC.start
|
123
126
|
end
|
124
127
|
|
125
128
|
end
|
126
129
|
|
127
|
-
end
|
130
|
+
end
|
@@ -1,5 +1,6 @@
|
|
1
1
|
require 'monitor'
|
2
2
|
|
3
|
+
# Decorate methods changing the process' current directory with a mutex to ensure they have an exclusive access
|
3
4
|
module HybridPlatformsConductor
|
4
5
|
|
5
6
|
# Implement a global monitor to protect accesses to the current directory.
|
@@ -7,7 +8,9 @@ module HybridPlatformsConductor
|
|
7
8
|
module CurrentDirMonitor
|
8
9
|
|
9
10
|
class << self
|
11
|
+
|
10
12
|
attr_reader :monitor
|
13
|
+
|
11
14
|
end
|
12
15
|
|
13
16
|
@monitor = Monitor.new
|
@@ -24,7 +27,7 @@ module HybridPlatformsConductor
|
|
24
27
|
result = nil
|
25
28
|
CurrentDirMonitor.monitor.synchronize do
|
26
29
|
# puts "TID #{Thread.current.object_id} from #{caller[2]} - Current dir monitor taken from #{Dir.pwd}"
|
27
|
-
result =
|
30
|
+
result = send(original_method_name, *args, &block)
|
28
31
|
# puts "TID #{Thread.current.object_id} from #{caller[2]} - Current dir monitor released back to #{Dir.pwd}"
|
29
32
|
end
|
30
33
|
result
|
@@ -3,15 +3,12 @@ require 'futex'
|
|
3
3
|
require 'json'
|
4
4
|
require 'securerandom'
|
5
5
|
require 'time'
|
6
|
-
require 'thread'
|
7
6
|
require 'hybrid_platforms_conductor/actions_executor'
|
8
7
|
require 'hybrid_platforms_conductor/cmd_runner'
|
9
|
-
require 'hybrid_platforms_conductor/executable'
|
10
8
|
require 'hybrid_platforms_conductor/logger_helpers'
|
11
9
|
require 'hybrid_platforms_conductor/nodes_handler'
|
12
10
|
require 'hybrid_platforms_conductor/services_handler'
|
13
11
|
require 'hybrid_platforms_conductor/plugins'
|
14
|
-
require 'hybrid_platforms_conductor/thycotic'
|
15
12
|
|
16
13
|
module HybridPlatformsConductor
|
17
14
|
|
@@ -27,6 +24,12 @@ module HybridPlatformsConductor
|
|
27
24
|
# Array< Hash<Symbol, Object> >
|
28
25
|
attr_reader :deployment_logs
|
29
26
|
|
27
|
+
# List of secrets reader plugins. Each info has the following properties:
|
28
|
+
# * *nodes_selectors_stack* (Array<Object>): Stack of nodes selectors impacted by this rule.
|
29
|
+
# * *secrets_readers* (Array<Symbol>): List of log plugins to be used to store deployment logs.
|
30
|
+
# Array< Hash<Symbol, Object> >
|
31
|
+
attr_reader :secrets_readers
|
32
|
+
|
30
33
|
# Integer: Timeout (in seconds) for packaging repositories
|
31
34
|
attr_reader :packaging_timeout_secs
|
32
35
|
|
@@ -34,6 +37,7 @@ module HybridPlatformsConductor
|
|
34
37
|
def init_deployer_config
|
35
38
|
@packaging_timeout_secs = 60
|
36
39
|
@deployment_logs = []
|
40
|
+
@secrets_readers = []
|
37
41
|
end
|
38
42
|
|
39
43
|
# Set the packaging timeout
|
@@ -55,6 +59,17 @@ module HybridPlatformsConductor
|
|
55
59
|
}
|
56
60
|
end
|
57
61
|
|
62
|
+
# Set the secrets readers
|
63
|
+
#
|
64
|
+
# Parameters::
|
65
|
+
# * *secrets_readers* (Symbol or Array<Symbol>): The list of (or single) secrets readers plugins to be used
|
66
|
+
def read_secrets_from(*secrets_readers)
|
67
|
+
@secrets_readers << {
|
68
|
+
nodes_selectors_stack: current_nodes_selectors_stack,
|
69
|
+
secrets_readers: secrets_readers.flatten
|
70
|
+
}
|
71
|
+
end
|
72
|
+
|
58
73
|
end
|
59
74
|
|
60
75
|
include LoggerHelpers
|
@@ -73,10 +88,6 @@ module HybridPlatformsConductor
|
|
73
88
|
# Boolean
|
74
89
|
attr_accessor :concurrent_execution
|
75
90
|
|
76
|
-
# The list of JSON secrets
|
77
|
-
# Array<Hash>
|
78
|
-
attr_accessor :secrets
|
79
|
-
|
80
91
|
# Are we deploying in a local environment?
|
81
92
|
# Boolean
|
82
93
|
attr_accessor :local_environment
|
@@ -96,8 +107,8 @@ module HybridPlatformsConductor
|
|
96
107
|
# * *actions_executor* (ActionsExecutor): Actions Executor to be used. [default: ActionsExecutor.new]
|
97
108
|
# * *services_handler* (ServicesHandler): Services Handler to be used. [default: ServicesHandler.new]
|
98
109
|
def initialize(
|
99
|
-
logger: Logger.new(
|
100
|
-
logger_stderr: Logger.new(
|
110
|
+
logger: Logger.new($stdout),
|
111
|
+
logger_stderr: Logger.new($stderr),
|
101
112
|
config: Config.new,
|
102
113
|
cmd_runner: CmdRunner.new,
|
103
114
|
nodes_handler: NodesHandler.new,
|
@@ -110,7 +121,21 @@ module HybridPlatformsConductor
|
|
110
121
|
@nodes_handler = nodes_handler
|
111
122
|
@actions_executor = actions_executor
|
112
123
|
@services_handler = services_handler
|
113
|
-
@
|
124
|
+
@override_secrets = nil
|
125
|
+
@secrets_readers = Plugins.new(
|
126
|
+
:secrets_reader,
|
127
|
+
logger: @logger,
|
128
|
+
logger_stderr: @logger_stderr,
|
129
|
+
init_plugin: proc do |plugin_class|
|
130
|
+
plugin_class.new(
|
131
|
+
logger: @logger,
|
132
|
+
logger_stderr: @logger_stderr,
|
133
|
+
config: @config,
|
134
|
+
cmd_runner: @cmd_runner,
|
135
|
+
nodes_handler: @nodes_handler
|
136
|
+
)
|
137
|
+
end
|
138
|
+
)
|
114
139
|
@provisioners = Plugins.new(:provisioner, logger: @logger, logger_stderr: @logger_stderr)
|
115
140
|
@log_plugins = Plugins.new(
|
116
141
|
:log,
|
@@ -144,42 +169,32 @@ module HybridPlatformsConductor
|
|
144
169
|
def options_parse(options_parser, parallel_switch: true, why_run_switch: false, timeout_options: true)
|
145
170
|
options_parser.separator ''
|
146
171
|
options_parser.separator 'Deployer options:'
|
147
|
-
|
148
|
-
'-
|
149
|
-
|
150
|
-
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
|
155
|
-
|
156
|
-
|
157
|
-
|
158
|
-
|
159
|
-
|
160
|
-
|
161
|
-
secret = thycotic.download_file_attachment_by_item_id(secret_id, secret_file_item_id)
|
162
|
-
raise "Unable to fetch secret file attachment from #{secrets_location}" if secret.nil?
|
163
|
-
end
|
164
|
-
secret
|
165
|
-
else
|
166
|
-
raise "Missing secret file: #{secrets_location}" unless File.exist?(secrets_location)
|
167
|
-
File.read(secrets_location)
|
168
|
-
end
|
169
|
-
)
|
172
|
+
if parallel_switch
|
173
|
+
options_parser.on('-p', '--parallel', 'Execute the commands in parallel (put the standard output in files <hybrid-platforms-dir>/run_logs/*.stdout)') do
|
174
|
+
@concurrent_execution = true
|
175
|
+
end
|
176
|
+
end
|
177
|
+
if timeout_options
|
178
|
+
options_parser.on('-t', '--timeout SECS', "Timeout in seconds to wait for each chef run. Only used in why-run mode. (defaults to #{@timeout.nil? ? 'no timeout' : @timeout})") do |nbr_secs|
|
179
|
+
@timeout = nbr_secs.to_i
|
180
|
+
end
|
181
|
+
end
|
182
|
+
if why_run_switch
|
183
|
+
options_parser.on('-W', '--why-run', 'Use the why-run mode to see what would be the result of the deploy instead of deploying it for real.') do
|
184
|
+
@use_why_run = true
|
185
|
+
end
|
170
186
|
end
|
171
|
-
options_parser.on('-p', '--parallel', 'Execute the commands in parallel (put the standard output in files <hybrid-platforms-dir>/run_logs/*.stdout)') do
|
172
|
-
@concurrent_execution = true
|
173
|
-
end if parallel_switch
|
174
|
-
options_parser.on('-t', '--timeout SECS', "Timeout in seconds to wait for each chef run. Only used in why-run mode. (defaults to #{@timeout.nil? ? 'no timeout' : @timeout})") do |nbr_secs|
|
175
|
-
@timeout = nbr_secs.to_i
|
176
|
-
end if timeout_options
|
177
|
-
options_parser.on('-W', '--why-run', 'Use the why-run mode to see what would be the result of the deploy instead of deploying it for real.') do
|
178
|
-
@use_why_run = true
|
179
|
-
end if why_run_switch
|
180
187
|
options_parser.on('--retries-on-error NBR', "Number of retries in case of non-deterministic errors (defaults to #{@nbr_retries_on_error})") do |nbr_retries|
|
181
188
|
@nbr_retries_on_error = nbr_retries.to_i
|
182
189
|
end
|
190
|
+
# Display options secrets readers might have
|
191
|
+
@secrets_readers.each do |secret_reader_name, secret_reader|
|
192
|
+
next unless secret_reader.respond_to?(:options_parse)
|
193
|
+
|
194
|
+
options_parser.separator ''
|
195
|
+
options_parser.separator "Secrets reader #{secret_reader_name} options:"
|
196
|
+
secret_reader.options_parse(options_parser)
|
197
|
+
end
|
183
198
|
end
|
184
199
|
|
185
200
|
# Validate that parsed parameters are valid
|
@@ -190,6 +205,16 @@ module HybridPlatformsConductor
|
|
190
205
|
# String: File used as a Futex for packaging
|
191
206
|
PACKAGING_FUTEX_FILE = "#{Dir.tmpdir}/hpc_packaging"
|
192
207
|
|
208
|
+
# Override the secrets with a given JSON.
|
209
|
+
# When using this method with a secrets Hash, further deployments will not query secrets readers, but will use those secrets directly.
|
210
|
+
# Useful to override secrets in test conditions when using dummy secrets for example.
|
211
|
+
#
|
212
|
+
# Parameters::
|
213
|
+
# * *secrets* (Hash or nil): Secrets to take into account in place of secrets readers, or nil to cancel a previous overriding and use secrets readers instead.
|
214
|
+
def override_secrets(secrets)
|
215
|
+
@override_secrets = secrets
|
216
|
+
end
|
217
|
+
|
193
218
|
# Deploy on a given list of nodes selectors.
|
194
219
|
# The workflow is the following:
|
195
220
|
# 1. Package the services to be deployed, considering the nodes, services and context (options, secrets, environment...)
|
@@ -203,16 +228,26 @@ module HybridPlatformsConductor
|
|
203
228
|
def deploy_on(*nodes_selectors)
|
204
229
|
# Get the sorted list of services to be deployed, per node
|
205
230
|
# Hash<String, Array<String> >
|
206
|
-
services_to_deploy =
|
231
|
+
services_to_deploy = @nodes_handler.select_nodes(nodes_selectors.flatten).map do |node|
|
207
232
|
[node, @nodes_handler.get_services_of(node)]
|
208
|
-
end
|
233
|
+
end.to_h
|
209
234
|
|
210
235
|
# Get the secrets to be deployed
|
211
236
|
secrets = {}
|
212
|
-
@
|
213
|
-
secrets
|
214
|
-
|
215
|
-
|
237
|
+
if @override_secrets
|
238
|
+
secrets = @override_secrets
|
239
|
+
else
|
240
|
+
services_to_deploy.each do |node, services|
|
241
|
+
# If there is no config for secrets, just use cli
|
242
|
+
(@config.secrets_readers.empty? ? [{ secrets_readers: %i[cli] }] : @nodes_handler.select_confs_for_node(node, @config.secrets_readers)).inject([]) do |secrets_readers, secrets_readers_info|
|
243
|
+
secrets_readers + secrets_readers_info[:secrets_readers]
|
244
|
+
end.sort.uniq.each do |secrets_reader|
|
245
|
+
services.each do |service|
|
246
|
+
node_secrets = @secrets_readers[secrets_reader].secrets_for(node, service)
|
247
|
+
conflicting_path = safe_merge(secrets, node_secrets)
|
248
|
+
raise "Secret set at path #{conflicting_path.join('->')} by #{secrets_reader} for service #{service} on node #{node} has conflicting values (#{log_debug? ? "#{node_secrets.dig(*conflicting_path)} != #{secrets.dig(*conflicting_path)}" : 'set debug for value details'})." unless conflicting_path.nil?
|
249
|
+
end
|
250
|
+
end
|
216
251
|
end
|
217
252
|
end
|
218
253
|
|
@@ -220,7 +255,6 @@ module HybridPlatformsConductor
|
|
220
255
|
unless @use_why_run
|
221
256
|
reason_for_interdiction = @services_handler.deploy_allowed?(
|
222
257
|
services: services_to_deploy,
|
223
|
-
secrets: secrets,
|
224
258
|
local_environment: @local_environment
|
225
259
|
)
|
226
260
|
raise "Deployment not allowed: #{reason_for_interdiction}" unless reason_for_interdiction.nil?
|
@@ -258,51 +292,50 @@ module HybridPlatformsConductor
|
|
258
292
|
remaining_nodes_to_deploy = services_to_deploy.keys
|
259
293
|
while nbr_retries >= 0 && !remaining_nodes_to_deploy.empty?
|
260
294
|
last_deploy_results = deploy(services_to_deploy.slice(*remaining_nodes_to_deploy))
|
261
|
-
if nbr_retries
|
295
|
+
if nbr_retries.positive?
|
262
296
|
# Check if we need to retry deployment on some nodes
|
263
297
|
# Only parse the last deployment attempt logs
|
264
|
-
retriable_nodes =
|
265
|
-
|
266
|
-
|
267
|
-
|
268
|
-
|
298
|
+
retriable_nodes = remaining_nodes_to_deploy.
|
299
|
+
map do |node|
|
300
|
+
exit_status, stdout, stderr = last_deploy_results[node]
|
301
|
+
if exit_status.zero?
|
302
|
+
nil
|
303
|
+
else
|
304
|
+
retriable_errors = retriable_errors_from(node, exit_status, stdout, stderr)
|
305
|
+
if retriable_errors.empty?
|
269
306
|
nil
|
270
307
|
else
|
271
|
-
|
272
|
-
|
273
|
-
|
274
|
-
else
|
275
|
-
# Log the issue in the stderr of the deployment
|
276
|
-
stderr << "!!! #{retriable_errors.size} retriable errors detected in this deployment:\n#{retriable_errors.map { |error| "* #{error}" }.join("\n")}\n"
|
277
|
-
[node, retriable_errors]
|
278
|
-
end
|
308
|
+
# Log the issue in the stderr of the deployment
|
309
|
+
stderr << "!!! #{retriable_errors.size} retriable errors detected in this deployment:\n#{retriable_errors.map { |error| "* #{error}" }.join("\n")}\n"
|
310
|
+
[node, retriable_errors]
|
279
311
|
end
|
280
|
-
end
|
281
|
-
|
282
|
-
|
312
|
+
end
|
313
|
+
end.
|
314
|
+
compact.
|
315
|
+
to_h
|
283
316
|
unless retriable_nodes.empty?
|
284
|
-
log_warn <<~
|
317
|
+
log_warn <<~EO_LOG.strip
|
285
318
|
Retry deployment for #{retriable_nodes.size} nodes as they got non-deterministic errors (#{nbr_retries} retries remaining):
|
286
319
|
#{retriable_nodes.map { |node, retriable_errors| " * #{node}:\n#{retriable_errors.map { |error| " - #{error}" }.join("\n")}" }.join("\n")}
|
287
|
-
|
320
|
+
EO_LOG
|
288
321
|
end
|
289
322
|
remaining_nodes_to_deploy = retriable_nodes.keys
|
290
323
|
end
|
291
324
|
# Merge deployment results
|
292
|
-
results.merge!(last_deploy_results) do |
|
325
|
+
results.merge!(last_deploy_results) do |_node, (exit_status_1, stdout_1, stderr_1), (exit_status_2, stdout_2, stderr_2)|
|
293
326
|
[
|
294
327
|
exit_status_2,
|
295
|
-
<<~
|
328
|
+
<<~EO_STDOUT,
|
296
329
|
#{stdout_1}
|
297
330
|
Deployment exit status code: #{exit_status_1}
|
298
331
|
!!! Retry deployment due to non-deterministic error (#{nbr_retries} remaining attempts)...
|
299
332
|
#{stdout_2}
|
300
|
-
|
301
|
-
<<~
|
333
|
+
EO_STDOUT
|
334
|
+
<<~EO_STDERR
|
302
335
|
#{stderr_1}
|
303
336
|
!!! Retry deployment due to non-deterministic error (#{nbr_retries} remaining attempts)...
|
304
337
|
#{stderr_2}
|
305
|
-
|
338
|
+
EO_STDERR
|
306
339
|
]
|
307
340
|
end
|
308
341
|
nbr_retries -= 1
|
@@ -357,7 +390,7 @@ module HybridPlatformsConductor
|
|
357
390
|
sub_executable.config.sudo_procs.replace(sub_executable.config.sudo_procs.map do |sudo_proc_info|
|
358
391
|
{
|
359
392
|
nodes_selectors_stack: sudo_proc_info[:nodes_selectors_stack].map do |nodes_selector|
|
360
|
-
@nodes_handler.select_nodes(nodes_selector).
|
393
|
+
@nodes_handler.select_nodes(nodes_selector).reject { |selected_node| selected_node == node }
|
361
394
|
end,
|
362
395
|
sudo_proc: sudo_proc_info[:sudo_proc]
|
363
396
|
}
|
@@ -370,13 +403,13 @@ module HybridPlatformsConductor
|
|
370
403
|
deployer.local_environment = true
|
371
404
|
# Ignore secrets that might have been given: in Docker containers we always use dummy secrets
|
372
405
|
dummy_secrets_file = "#{@config.hybrid_platforms_dir}/dummy_secrets.json"
|
373
|
-
deployer.
|
406
|
+
deployer.override_secrets(File.exist?(dummy_secrets_file) ? JSON.parse(File.read(dummy_secrets_file)) : {})
|
374
407
|
yield deployer, instance
|
375
408
|
end
|
376
409
|
rescue
|
377
410
|
# Make sure Docker logs are being output to better investigate errors if we were not already outputing them in debug mode
|
378
411
|
stdouts = sub_executable.stdouts_to_s
|
379
|
-
log_error "[ #{node}/#{environment} ] - Encountered unhandled exception #{
|
412
|
+
log_error "[ #{node}/#{environment} ] - Encountered unhandled exception #{$ERROR_INFO}\n#{$ERROR_INFO.backtrace.join("\n")}\n-----\n#{stdouts}" unless stdouts.nil?
|
380
413
|
raise
|
381
414
|
end
|
382
415
|
end
|
@@ -397,21 +430,21 @@ module HybridPlatformsConductor
|
|
397
430
|
nodes = nodes.flatten
|
398
431
|
@actions_executor.max_threads = 64
|
399
432
|
read_actions_results = @actions_executor.execute_actions(
|
400
|
-
|
433
|
+
nodes.map do |node|
|
401
434
|
master_log_plugin = @log_plugins[log_plugins_for(node).first]
|
402
435
|
master_log_plugin.respond_to?(:actions_to_read_logs) ? [node, master_log_plugin.actions_to_read_logs(node)] : nil
|
403
|
-
end.compact
|
436
|
+
end.compact.to_h,
|
404
437
|
log_to_stdout: false,
|
405
438
|
concurrent: true,
|
406
439
|
timeout: 10,
|
407
440
|
progress_name: 'Read deployment logs'
|
408
441
|
)
|
409
|
-
|
442
|
+
nodes.map do |node|
|
410
443
|
[
|
411
444
|
node,
|
412
445
|
@log_plugins[log_plugins_for(node).first].logs_for(node, *(read_actions_results[node] || [nil, nil, nil]))
|
413
446
|
]
|
414
|
-
end
|
447
|
+
end.to_h
|
415
448
|
end
|
416
449
|
|
417
450
|
# Parse stdout and stderr of a given deploy run and get the list of tasks with their status
|
@@ -427,12 +460,41 @@ module HybridPlatformsConductor
|
|
427
460
|
# * *:changed*: The task has been changed
|
428
461
|
# * *:identical*: The task has not been changed
|
429
462
|
# * *diffs* (String): Differences, if any
|
430
|
-
def parse_deploy_output(
|
463
|
+
def parse_deploy_output(_node, stdout, stderr)
|
431
464
|
@services_handler.parse_deploy_output(stdout, stderr).map { |deploy_info| deploy_info[:tasks] }.flatten
|
432
465
|
end
|
433
466
|
|
434
467
|
private
|
435
468
|
|
469
|
+
# Safe-merge 2 hashes.
|
470
|
+
# Safe-merging is done by:
|
471
|
+
# * Merging values that are hashes.
|
472
|
+
# * Reporting errors when values conflict.
|
473
|
+
# When values are conflicting, the initial hash won't modify those conflicting values and will stop the merge.
|
474
|
+
#
|
475
|
+
# Parameters::
|
476
|
+
# * *hash* (Hash): Hash to be modified merging hash_to_merge
|
477
|
+
# * *hash_to_merge* (Hash): Hash to be merged into hash
|
478
|
+
# Result::
|
479
|
+
# * nil or Array<Object>: nil in case of success, or the keys path leading to a conflicting value in case of error
|
480
|
+
def safe_merge(hash, hash_to_merge)
|
481
|
+
conflicting_path = nil
|
482
|
+
hash_to_merge.each do |key, value_to_merge|
|
483
|
+
if hash.key?(key)
|
484
|
+
if hash[key].is_a?(Hash) && value_to_merge.is_a?(Hash)
|
485
|
+
sub_conflicting_path = safe_merge(hash[key], value_to_merge)
|
486
|
+
conflicting_path = [key] + sub_conflicting_path unless sub_conflicting_path.nil?
|
487
|
+
elsif hash[key] != value_to_merge
|
488
|
+
conflicting_path = [key]
|
489
|
+
end
|
490
|
+
else
|
491
|
+
hash[key] = value_to_merge
|
492
|
+
end
|
493
|
+
break unless conflicting_path.nil?
|
494
|
+
end
|
495
|
+
conflicting_path
|
496
|
+
end
|
497
|
+
|
436
498
|
# Get the list of retriable errors a node got from deployment logs.
|
437
499
|
# Useful to know if an error is non-deterministic (due to external and temporary factors).
|
438
500
|
#
|
@@ -443,7 +505,7 @@ module HybridPlatformsConductor
|
|
443
505
|
# * *stderr* (String): Deployment stderr
|
444
506
|
# Result::
|
445
507
|
# * Array<String>: List of retriable errors that have been matched
|
446
|
-
def retriable_errors_from(node,
|
508
|
+
def retriable_errors_from(node, _exit_status, stdout, stderr)
|
447
509
|
# List of retriable errors for this node, as exact string match or regexps.
|
448
510
|
# Array<String or Regexp>
|
449
511
|
retriable_errors_on_stdout = []
|
@@ -474,59 +536,55 @@ module HybridPlatformsConductor
|
|
474
536
|
# Result::
|
475
537
|
# * Hash<String, [Integer or Symbol, String, String]>: Exit status code (or Symbol in case of error or dry run), standard output and error for each node.
|
476
538
|
def deploy(services)
|
477
|
-
outputs = {}
|
478
|
-
|
479
539
|
# Get the ssh user directly from the connector
|
480
540
|
ssh_user = @actions_executor.connector(:ssh).ssh_user
|
481
541
|
|
482
542
|
# Deploy for real
|
483
543
|
@nodes_handler.prefetch_metadata_of services.keys, :image
|
484
544
|
outputs = @actions_executor.execute_actions(
|
485
|
-
|
545
|
+
services.map do |node, node_services|
|
486
546
|
image_id = @nodes_handler.get_image_of(node)
|
487
547
|
sudo = (ssh_user == 'root' ? '' : "#{@nodes_handler.sudo_on(node)} ")
|
488
|
-
# Install
|
548
|
+
# Install corporate certificates if present
|
489
549
|
certificate_actions =
|
490
550
|
if @local_environment && ENV['hpc_certificates']
|
491
|
-
|
492
|
-
|
493
|
-
|
494
|
-
|
495
|
-
|
496
|
-
|
497
|
-
|
498
|
-
}
|
499
|
-
|
500
|
-
|
501
|
-
|
502
|
-
|
503
|
-
|
504
|
-
remote_bash: "#{sudo}update-ca-certificates"
|
505
|
-
}
|
506
|
-
]
|
507
|
-
when 'centos_7'
|
508
|
-
[
|
509
|
-
{
|
510
|
-
remote_bash: "#{sudo}yum install -y ca-certificates"
|
551
|
+
raise "Missing path referenced by the hpc_certificates environment variable: #{ENV['hpc_certificates']}" unless File.exist?(ENV['hpc_certificates'])
|
552
|
+
|
553
|
+
log_debug "Deploy certificates from #{ENV['hpc_certificates']}"
|
554
|
+
case image_id
|
555
|
+
when 'debian_9', 'debian_10'
|
556
|
+
[
|
557
|
+
{
|
558
|
+
remote_bash: "#{sudo}apt update && #{sudo}apt install -y ca-certificates"
|
559
|
+
},
|
560
|
+
{
|
561
|
+
scp: {
|
562
|
+
ENV['hpc_certificates'] => '/usr/local/share/ca-certificates',
|
563
|
+
:sudo => ssh_user != 'root'
|
511
564
|
},
|
512
|
-
{
|
513
|
-
|
514
|
-
|
515
|
-
|
516
|
-
|
517
|
-
|
518
|
-
|
519
|
-
|
520
|
-
|
521
|
-
|
565
|
+
remote_bash: "#{sudo}update-ca-certificates"
|
566
|
+
}
|
567
|
+
]
|
568
|
+
when 'centos_7'
|
569
|
+
[
|
570
|
+
{
|
571
|
+
remote_bash: "#{sudo}yum install -y ca-certificates"
|
572
|
+
},
|
573
|
+
{
|
574
|
+
scp: Dir.glob("#{ENV['hpc_certificates']}/*.crt").map do |cert_file|
|
575
|
+
[
|
576
|
+
cert_file,
|
577
|
+
'/etc/pki/ca-trust/source/anchors'
|
522
578
|
]
|
523
|
-
|
524
|
-
|
525
|
-
|
526
|
-
|
527
|
-
|
579
|
+
end.to_h.merge(sudo: ssh_user != 'root'),
|
580
|
+
remote_bash: [
|
581
|
+
"#{sudo}update-ca-trust enable",
|
582
|
+
"#{sudo}update-ca-trust extract"
|
583
|
+
]
|
584
|
+
}
|
585
|
+
]
|
528
586
|
else
|
529
|
-
raise "
|
587
|
+
raise "Unknown image ID for node #{node}: #{image_id}. Check metadata for this node."
|
530
588
|
end
|
531
589
|
else
|
532
590
|
[]
|
@@ -543,19 +601,19 @@ module HybridPlatformsConductor
|
|
543
601
|
certificate_actions +
|
544
602
|
@services_handler.actions_to_deploy_on(node, node_services, @use_why_run)
|
545
603
|
]
|
546
|
-
end
|
604
|
+
end.to_h,
|
547
605
|
timeout: @timeout,
|
548
606
|
concurrent: @concurrent_execution,
|
549
607
|
log_to_stdout: !@concurrent_execution
|
550
608
|
)
|
551
609
|
# Free eventual locks
|
552
610
|
@actions_executor.execute_actions(
|
553
|
-
|
611
|
+
services.keys.map do |node|
|
554
612
|
[
|
555
613
|
node,
|
556
614
|
{ remote_bash: "#{ssh_user == 'root' ? '' : "#{@nodes_handler.sudo_on(node)} "}./mutex_dir unlock /tmp/hybrid_platforms_conductor_deploy_lock" }
|
557
615
|
]
|
558
|
-
end
|
616
|
+
end.to_h,
|
559
617
|
timeout: 10,
|
560
618
|
concurrent: true,
|
561
619
|
log_to_dir: nil
|
@@ -577,7 +635,7 @@ module HybridPlatformsConductor
|
|
577
635
|
section "Saving deployment logs for #{logs.size} nodes" do
|
578
636
|
ssh_user = @actions_executor.connector(:ssh).ssh_user
|
579
637
|
@actions_executor.execute_actions(
|
580
|
-
|
638
|
+
logs.map do |node, (exit_status, stdout, stderr)|
|
581
639
|
[
|
582
640
|
node,
|
583
641
|
log_plugins_for(node).
|
@@ -596,7 +654,7 @@ module HybridPlatformsConductor
|
|
596
654
|
end.
|
597
655
|
flatten(1)
|
598
656
|
]
|
599
|
-
end
|
657
|
+
end.to_h,
|
600
658
|
timeout: 10,
|
601
659
|
concurrent: true,
|
602
660
|
log_to_dir: nil,
|