hybrid_platforms_conductor 33.4.0 → 33.7.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +47 -0
- data/README.md +5 -5
- data/docs/config_dsl.md +7 -5
- data/docs/plugins/cmdb/host_keys.md +3 -1
- data/docs/plugins/connector/ssh.md +1 -0
- data/lib/hybrid_platforms_conductor/actions_executor.rb +29 -1
- data/lib/hybrid_platforms_conductor/bitbucket.rb +2 -2
- data/lib/hybrid_platforms_conductor/cmd_runner.rb +4 -4
- data/lib/hybrid_platforms_conductor/config.rb +2 -0
- data/lib/hybrid_platforms_conductor/confluence.rb +2 -2
- data/lib/hybrid_platforms_conductor/connector.rb +5 -2
- data/lib/hybrid_platforms_conductor/credentials.rb +20 -12
- data/lib/hybrid_platforms_conductor/deployer.rb +5 -7
- data/lib/hybrid_platforms_conductor/github.rb +1 -1
- data/lib/hybrid_platforms_conductor/hpc_plugins/action/bash.rb +1 -1
- data/lib/hybrid_platforms_conductor/hpc_plugins/action/remote_bash.rb +27 -17
- data/lib/hybrid_platforms_conductor/hpc_plugins/cmdb/host_keys.rb +13 -12
- data/lib/hybrid_platforms_conductor/hpc_plugins/connector/local.rb +6 -4
- data/lib/hybrid_platforms_conductor/hpc_plugins/connector/my_connector.rb.sample +1 -1
- data/lib/hybrid_platforms_conductor/hpc_plugins/connector/ssh.rb +37 -25
- data/lib/hybrid_platforms_conductor/hpc_plugins/log/remote_fs.rb +5 -6
- data/lib/hybrid_platforms_conductor/hpc_plugins/platform_handler/serverless_chef.rb +23 -14
- data/lib/hybrid_platforms_conductor/hpc_plugins/provisioner/docker.rb +1 -1
- data/lib/hybrid_platforms_conductor/hpc_plugins/provisioner/proxmox.rb +3 -2
- data/lib/hybrid_platforms_conductor/hpc_plugins/secrets_reader/keepass.rb +1 -1
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/check_deploy_and_idempotence.rb +17 -3
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/deploy_removes_root_access.rb +30 -10
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/file_system.rb +1 -1
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/hostname.rb +1 -2
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/idempotence.rb +1 -1
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/ip.rb +1 -2
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/jenkins_ci_conf.rb +1 -1
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/jenkins_ci_masters_ok.rb +2 -2
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/local_users.rb +1 -2
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/mounts.rb +1 -2
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/orphan_files.rb +1 -2
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb +1 -1
- data/lib/hybrid_platforms_conductor/hpc_plugins/test/vulnerabilities.rb +1 -2
- data/lib/hybrid_platforms_conductor/logger_helpers.rb +17 -0
- data/lib/hybrid_platforms_conductor/test.rb +21 -7
- data/lib/hybrid_platforms_conductor/tests_runner.rb +7 -6
- data/lib/hybrid_platforms_conductor/thycotic.rb +2 -2
- data/lib/hybrid_platforms_conductor/version.rb +1 -1
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/actions/bash_spec.rb +15 -0
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/actions/remote_bash_spec.rb +32 -0
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/connectors/local/remote_actions_spec.rb +87 -0
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/connectors/ssh/connections_spec.rb +30 -0
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/connectors/ssh/global_helpers_spec.rb +10 -0
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/connectors/ssh/remote_actions_spec.rb +38 -0
- data/spec/hybrid_platforms_conductor_test/api/actions_executor/helpers_spec.rb +195 -0
- data/spec/hybrid_platforms_conductor_test/api/cmd_runner_spec.rb +14 -0
- data/spec/hybrid_platforms_conductor_test/api/config_spec.rb +11 -0
- data/spec/hybrid_platforms_conductor_test/api/credentials_spec.rb +8 -4
- data/spec/hybrid_platforms_conductor_test/api/deployer/log_plugins/remote_fs_spec.rb +215 -0
- data/spec/hybrid_platforms_conductor_test/api/nodes_handler/cmdbs/host_keys_spec.rb +49 -10
- data/spec/hybrid_platforms_conductor_test/api/platform_handlers/serverless_chef/services_deployment_spec.rb +64 -16
- data/spec/hybrid_platforms_conductor_test/helpers/connector_ssh_helpers.rb +5 -3
- data/spec/hybrid_platforms_conductor_test/serverless_chef_repositories/1_local_node/chef_versions.yml +3 -0
- data/spec/hybrid_platforms_conductor_test/serverless_chef_repositories/1_local_node/nodes/node.json +15 -0
- data/spec/hybrid_platforms_conductor_test/serverless_chef_repositories/1_local_node/policyfiles/test_policy.rb +3 -0
- data/spec/hybrid_platforms_conductor_test/shared_examples/deployer.rb +134 -0
- data/spec/hybrid_platforms_conductor_test/test_connector.rb +2 -2
- metadata +20 -2
@@ -4,7 +4,7 @@ describe HybridPlatformsConductor::NodesHandler do
|
|
4
4
|
|
5
5
|
it 'makes sure to have hostname or host_ip set to compute host_keys' do
|
6
6
|
with_test_platform({}) do
|
7
|
-
expect(cmdb(:host_keys).property_dependencies[:host_keys].sort).to eq %i[hostname host_ip].sort
|
7
|
+
expect(cmdb(:host_keys).property_dependencies[:host_keys].sort).to eq %i[hostname host_ip ssh_port].sort
|
8
8
|
end
|
9
9
|
end
|
10
10
|
|
@@ -17,17 +17,27 @@ describe HybridPlatformsConductor::NodesHandler do
|
|
17
17
|
it 'returns host keys when hostname is set' do
|
18
18
|
with_test_platform({ nodes: { 'test_node' => {} } }) do
|
19
19
|
with_cmd_runner_mocked [
|
20
|
-
['ssh-keyscan my_host.my_domain', proc { [0, "my_host.my_domain ssh-rsa fake_host_key\n", ''] }]
|
20
|
+
['ssh-keyscan -p 22 my_host.my_domain', proc { [0, "my_host.my_domain ssh-rsa fake_host_key\n", ''] }]
|
21
21
|
] do
|
22
22
|
expect(cmdb(:host_keys).get_host_keys(['test_node'], { 'test_node' => { hostname: 'my_host.my_domain' } })).to eq('test_node' => ['ssh-rsa fake_host_key'])
|
23
23
|
end
|
24
24
|
end
|
25
25
|
end
|
26
26
|
|
27
|
+
it 'returns host keys for the correct ssh port' do
|
28
|
+
with_test_platform({ nodes: { 'test_node' => {} } }) do
|
29
|
+
with_cmd_runner_mocked [
|
30
|
+
['ssh-keyscan -p 666 my_host.my_domain', proc { [0, "my_host.my_domain ssh-rsa fake_host_key\n", ''] }]
|
31
|
+
] do
|
32
|
+
expect(cmdb(:host_keys).get_host_keys(['test_node'], { 'test_node' => { hostname: 'my_host.my_domain', ssh_port: 666 } })).to eq('test_node' => ['ssh-rsa fake_host_key'])
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
27
37
|
it 'returns host keys when host_ip is set' do
|
28
38
|
with_test_platform({ nodes: { 'test_node' => {} } }) do
|
29
39
|
with_cmd_runner_mocked [
|
30
|
-
['ssh-keyscan 192.168.42.42', proc { [0, "192.168.42.42 ssh-rsa fake_host_key\n", ''] }]
|
40
|
+
['ssh-keyscan -p 22 192.168.42.42', proc { [0, "192.168.42.42 ssh-rsa fake_host_key\n", ''] }]
|
31
41
|
] do
|
32
42
|
expect(cmdb(:host_keys).get_host_keys(['test_node'], { 'test_node' => { host_ip: '192.168.42.42' } })).to eq('test_node' => ['ssh-rsa fake_host_key'])
|
33
43
|
end
|
@@ -37,7 +47,7 @@ describe HybridPlatformsConductor::NodesHandler do
|
|
37
47
|
it 'returns several host keys' do
|
38
48
|
with_test_platform({ nodes: { 'test_node' => {} } }) do
|
39
49
|
with_cmd_runner_mocked [
|
40
|
-
['ssh-keyscan 192.168.42.42', proc do
|
50
|
+
['ssh-keyscan -p 22 192.168.42.42', proc do
|
41
51
|
[0, <<~EO_STDOUT, '']
|
42
52
|
192.168.42.42 ssh-rsa fake_host_key_rsa
|
43
53
|
192.168.42.42 ssh-ed25519 fake_host_key_ed25519
|
@@ -55,7 +65,7 @@ describe HybridPlatformsConductor::NodesHandler do
|
|
55
65
|
it 'returns several host keys and ignores comments from ssh-keyscan' do
|
56
66
|
with_test_platform({ nodes: { 'test_node' => {} } }) do
|
57
67
|
with_cmd_runner_mocked [
|
58
|
-
['ssh-keyscan 192.168.42.42', proc do
|
68
|
+
['ssh-keyscan -p 22 192.168.42.42', proc do
|
59
69
|
[0, <<~EO_STDOUT, '']
|
60
70
|
# That's a comment
|
61
71
|
192.168.42.42 ssh-rsa fake_host_key_rsa
|
@@ -78,7 +88,7 @@ describe HybridPlatformsConductor::NodesHandler do
|
|
78
88
|
it 'returns host keys sorted' do
|
79
89
|
with_test_platform({ nodes: { 'test_node' => {} } }) do
|
80
90
|
with_cmd_runner_mocked [
|
81
|
-
['ssh-keyscan 192.168.42.42', proc do
|
91
|
+
['ssh-keyscan -p 22 192.168.42.42', proc do
|
82
92
|
[0, <<~EO_STDOUT, '']
|
83
93
|
192.168.42.42 ssh-dsa fake_host_key_dsa
|
84
94
|
192.168.42.42 ssh-rsa fake_host_key_rsa
|
@@ -100,7 +110,7 @@ describe HybridPlatformsConductor::NodesHandler do
|
|
100
110
|
it 'does not return host keys when ssh-keyscan can\'t retrieve them' do
|
101
111
|
with_test_platform({ nodes: { 'test_node' => {} } }) do
|
102
112
|
with_cmd_runner_mocked [
|
103
|
-
['ssh-keyscan 192.168.42.42', proc { [0, '', ''] }]
|
113
|
+
['ssh-keyscan -p 22 192.168.42.42', proc { [0, '', ''] }]
|
104
114
|
] do
|
105
115
|
expect(cmdb(:host_keys).get_host_keys(['test_node'], { 'test_node' => { host_ip: '192.168.42.42' } })).to eq({})
|
106
116
|
end
|
@@ -119,9 +129,9 @@ describe HybridPlatformsConductor::NodesHandler do
|
|
119
129
|
}
|
120
130
|
) do
|
121
131
|
with_cmd_runner_mocked [
|
122
|
-
['ssh-keyscan 192.168.42.1', proc { [0, "192.168.42.1 ssh-rsa fake_host_key_1\n", ''] }],
|
123
|
-
['ssh-keyscan 192.168.42.2', proc { [0, '', ''] }],
|
124
|
-
['ssh-keyscan my_host_4.my_domain', proc { [0, "my_host_4.my_domain ssh-rsa fake_host_key_4\n", ''] }]
|
132
|
+
['ssh-keyscan -p 22 192.168.42.1', proc { [0, "192.168.42.1 ssh-rsa fake_host_key_1\n", ''] }],
|
133
|
+
['ssh-keyscan -p 22 192.168.42.2', proc { [0, '', ''] }],
|
134
|
+
['ssh-keyscan -p 22 my_host_4.my_domain', proc { [0, "my_host_4.my_domain ssh-rsa fake_host_key_4\n", ''] }]
|
125
135
|
] do
|
126
136
|
expect(
|
127
137
|
cmdb(:host_keys).get_host_keys(
|
@@ -141,6 +151,35 @@ describe HybridPlatformsConductor::NodesHandler do
|
|
141
151
|
end
|
142
152
|
end
|
143
153
|
|
154
|
+
it 'returns different host keys for hosts having the same IPs but different SSH ports' do
|
155
|
+
with_test_platform(
|
156
|
+
{
|
157
|
+
nodes: {
|
158
|
+
'test_node1' => {},
|
159
|
+
'test_node2' => {}
|
160
|
+
}
|
161
|
+
}
|
162
|
+
) do
|
163
|
+
with_cmd_runner_mocked [
|
164
|
+
['ssh-keyscan -p 6661 192.168.42.1', proc { [0, "192.168.42.1 ssh-rsa fake_host_key_1\n", ''] }],
|
165
|
+
['ssh-keyscan -p 6662 192.168.42.1', proc { [0, "192.168.42.1 ssh-rsa fake_host_key_2\n", ''] }]
|
166
|
+
] do
|
167
|
+
expect(
|
168
|
+
cmdb(:host_keys).get_host_keys(
|
169
|
+
['test_node'],
|
170
|
+
{
|
171
|
+
'test_node1' => { host_ip: '192.168.42.1', ssh_port: 6661 },
|
172
|
+
'test_node2' => { host_ip: '192.168.42.1', ssh_port: 6662 }
|
173
|
+
}
|
174
|
+
)
|
175
|
+
).to eq(
|
176
|
+
'test_node1' => ['ssh-rsa fake_host_key_1'],
|
177
|
+
'test_node2' => ['ssh-rsa fake_host_key_2']
|
178
|
+
)
|
179
|
+
end
|
180
|
+
end
|
181
|
+
end
|
182
|
+
|
144
183
|
end
|
145
184
|
|
146
185
|
end
|
@@ -46,7 +46,7 @@ describe HybridPlatformsConductor::HpcPlugins::PlatformHandler::ServerlessChef d
|
|
46
46
|
remote_bash: [
|
47
47
|
'set -e',
|
48
48
|
'set -o pipefail',
|
49
|
-
"if [ -n \"$(command -v apt)\" ]; then #{sudo}apt update && #{sudo}apt install -y curl build-essential ; else #{sudo}yum groupinstall 'Development Tools' && #{sudo}yum install -y curl ; fi",
|
49
|
+
"if [ -n \"$(command -v apt)\" ]; then #{sudo}apt update && #{sudo}apt install -y curl build-essential expect ; else #{sudo}yum groupinstall 'Development Tools' && #{sudo}yum install -y curl expect ; fi",
|
50
50
|
'mkdir -p ./hpc_deploy',
|
51
51
|
'rm -rf ./hpc_deploy/tmp',
|
52
52
|
'mkdir -p ./hpc_deploy/tmp',
|
@@ -57,16 +57,22 @@ describe HybridPlatformsConductor::HpcPlugins::PlatformHandler::ServerlessChef d
|
|
57
57
|
},
|
58
58
|
{
|
59
59
|
scp: { "#{repository}/dist/#{env}/#{policy}" => './hpc_deploy' },
|
60
|
-
remote_bash:
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
60
|
+
remote_bash: {
|
61
|
+
commands: [
|
62
|
+
'set -e',
|
63
|
+
"cd ./hpc_deploy/#{policy}"
|
64
|
+
] +
|
65
|
+
gems_install_cmds.map { |gem_install_cmd| "#{sudo}/opt/chef/embedded/bin/#{gem_install_cmd}" } +
|
66
|
+
[
|
67
|
+
"#{sudo}unbuffer /opt/chef/bin/chef-client --local-mode --chef-license accept --json-attributes nodes/#{node}.json#{check_mode ? ' --why-run' : ''}",
|
68
|
+
'cd ..',
|
69
|
+
"#{sudo}rm -rf ./hpc_deploy/#{policy}"
|
70
|
+
],
|
71
|
+
env: {
|
72
|
+
'SSL_CERT_DIR' => '/etc/ssl/certs',
|
73
|
+
'TERM' => 'xterm-256color'
|
74
|
+
}
|
75
|
+
}
|
70
76
|
}
|
71
77
|
]
|
72
78
|
end
|
@@ -256,6 +262,44 @@ describe HybridPlatformsConductor::HpcPlugins::PlatformHandler::ServerlessChef d
|
|
256
262
|
|
257
263
|
end
|
258
264
|
|
265
|
+
context 'with a platform having 1 local node' do
|
266
|
+
|
267
|
+
it 'returns actions to deploy on this node' do
|
268
|
+
with_serverless_chef_platforms('1_local_node') do |platform, repository|
|
269
|
+
mock_package(repository)
|
270
|
+
platform.prepare_for_deploy(
|
271
|
+
services: { 'node' => %w[test_policy] },
|
272
|
+
secrets: {},
|
273
|
+
local_environment: false,
|
274
|
+
why_run: false
|
275
|
+
)
|
276
|
+
with_cmd_runner_mocked [
|
277
|
+
['whoami', proc { [0, 'test_user', ''] }]
|
278
|
+
] do
|
279
|
+
expect(platform.actions_to_deploy_on('node', 'test_policy', use_why_run: false)).to eq expected_actions_to_deploy_chef(repository)
|
280
|
+
end
|
281
|
+
end
|
282
|
+
end
|
283
|
+
|
284
|
+
it 'returns actions to deploy on this node as root' do
|
285
|
+
with_serverless_chef_platforms('1_local_node') do |platform, repository|
|
286
|
+
mock_package(repository)
|
287
|
+
platform.prepare_for_deploy(
|
288
|
+
services: { 'node' => %w[test_policy] },
|
289
|
+
secrets: {},
|
290
|
+
local_environment: false,
|
291
|
+
why_run: false
|
292
|
+
)
|
293
|
+
with_cmd_runner_mocked [
|
294
|
+
['whoami', proc { [0, 'root', ''] }]
|
295
|
+
] do
|
296
|
+
expect(platform.actions_to_deploy_on('node', 'test_policy', use_why_run: false)).to eq expected_actions_to_deploy_chef(repository, sudo: '')
|
297
|
+
end
|
298
|
+
end
|
299
|
+
end
|
300
|
+
|
301
|
+
end
|
302
|
+
|
259
303
|
context 'with a platform having several nodes' do
|
260
304
|
|
261
305
|
it 'deploys services declared on 1 node on another node if asked' do
|
@@ -285,7 +329,9 @@ describe HybridPlatformsConductor::HpcPlugins::PlatformHandler::ServerlessChef d
|
|
285
329
|
bash: [
|
286
330
|
'set -e',
|
287
331
|
"cd #{repository}/dist/prod/test_policy_1",
|
288
|
-
'
|
332
|
+
'export SSL_CERT_DIR=/etc/ssl/certs',
|
333
|
+
'export TERM=xterm-256color',
|
334
|
+
'sudo -E /opt/chef-workstation/bin/chef-client --local-mode --chef-license accept --json-attributes nodes/local.json'
|
289
335
|
]
|
290
336
|
}
|
291
337
|
]
|
@@ -314,10 +360,12 @@ describe HybridPlatformsConductor::HpcPlugins::PlatformHandler::ServerlessChef d
|
|
314
360
|
bash: [
|
315
361
|
'set -e',
|
316
362
|
"cd #{repository}/dist/prod/test_policy_1",
|
317
|
-
'
|
318
|
-
'
|
319
|
-
'sudo
|
320
|
-
'sudo
|
363
|
+
'export SSL_CERT_DIR=/etc/ssl/certs',
|
364
|
+
'export TERM=xterm-256color',
|
365
|
+
'sudo -E /opt/chef-workstation/bin/chef gem install my_gem_1 --version "0.0.1"',
|
366
|
+
'sudo -E /opt/chef-workstation/bin/chef gem install my_gem_2 --version "0.0.2"',
|
367
|
+
'sudo -E /opt/chef-workstation/bin/chef gem install my_gem_3 --version "~> 1.3"',
|
368
|
+
'sudo -E /opt/chef-workstation/bin/chef-client --local-mode --chef-license accept --json-attributes nodes/local.json'
|
321
369
|
]
|
322
370
|
}
|
323
371
|
]
|
@@ -11,6 +11,7 @@ module HybridPlatformsConductorTest
|
|
11
11
|
# * *nodes_connections* (Hash<String, Hash<Symbol,Object> >): Nodes' connections info, per node name:
|
12
12
|
# * *connection* (String): Connection string (fqdn, IP...) used by SSH
|
13
13
|
# * *ip* (String): IP used by SSH (can be different from connection in case of transformed SSH) [default: connection]
|
14
|
+
# * *port* (Integer): SSH port used [default: 22]
|
14
15
|
# * *user* (String): User used by SSH
|
15
16
|
# * *times* (Integer): Number of times this connection should be used [default: 1]
|
16
17
|
# * *control_master_create_error* (String or nil): Error to simulate during the SSH ControlMaster creation, or nil for none [default: nil]
|
@@ -37,6 +38,7 @@ module HybridPlatformsConductorTest
|
|
37
38
|
)
|
38
39
|
nodes_connections.map do |node, node_connection_info|
|
39
40
|
node_connection_info[:times] = 1 unless node_connection_info.key?(:times)
|
41
|
+
node_connection_info[:port] = 22 unless node_connection_info.key?(:port)
|
40
42
|
ssh_commands_once = []
|
41
43
|
ssh_commands_per_connection = []
|
42
44
|
if with_strict_host_key_checking
|
@@ -44,7 +46,7 @@ module HybridPlatformsConductorTest
|
|
44
46
|
ssh_commands_once.concat(
|
45
47
|
[
|
46
48
|
[
|
47
|
-
"ssh-keyscan #{ip}",
|
49
|
+
"ssh-keyscan -p #{node_connection_info[:port]} #{ip}",
|
48
50
|
proc { [0, "#{ip} ssh-rsa fake_host_key_for_#{ip}", ''] }
|
49
51
|
]
|
50
52
|
]
|
@@ -67,7 +69,7 @@ module HybridPlatformsConductorTest
|
|
67
69
|
%r{^xterm -e '.+/ssh -o ControlMaster=yes -o ControlPersist=yes hpc\.#{Regexp.escape(node)}'$}
|
68
70
|
end,
|
69
71
|
proc do
|
70
|
-
control_file = test_actions_executor.connector(:ssh).send(:control_master_file, node_connection_info[:connection],
|
72
|
+
control_file = test_actions_executor.connector(:ssh).send(:control_master_file, node_connection_info[:connection], node_connection_info[:port].to_s, node_connection_info[:user])
|
71
73
|
# Fail if the ControlMaster file already exists, as would SSH do if the file is stalled
|
72
74
|
if File.exist?(control_file)
|
73
75
|
[255, '', "Control file #{control_file} already exists"]
|
@@ -97,7 +99,7 @@ module HybridPlatformsConductorTest
|
|
97
99
|
%r{^.+/ssh -O exit hpc\.#{Regexp.escape(node)} 2>&1 \| grep -v 'Exit request sent\.'$},
|
98
100
|
proc do
|
99
101
|
# Really mock the control file deletion
|
100
|
-
File.unlink(test_actions_executor.connector(:ssh).send(:control_master_file, node_connection_info[:connection],
|
102
|
+
File.unlink(test_actions_executor.connector(:ssh).send(:control_master_file, node_connection_info[:connection], node_connection_info[:port].to_s, node_connection_info[:user]))
|
101
103
|
[1, '', '']
|
102
104
|
end,
|
103
105
|
{ optional: with_control_master_destroy_optional }
|
data/spec/hybrid_platforms_conductor_test/serverless_chef_repositories/1_local_node/nodes/node.json
ADDED
@@ -0,0 +1,15 @@
|
|
1
|
+
{
|
2
|
+
"name": "node",
|
3
|
+
"normal": {
|
4
|
+
"description": "Single test node",
|
5
|
+
"image": "debian_9",
|
6
|
+
"private_ips": ["172.16.0.1"],
|
7
|
+
"local_node": true,
|
8
|
+
"property_1": {
|
9
|
+
"property_11": "value11"
|
10
|
+
},
|
11
|
+
"property_2": "value2"
|
12
|
+
},
|
13
|
+
"policy_name": "test_policy",
|
14
|
+
"policy_group": "test_group"
|
15
|
+
}
|
@@ -46,6 +46,30 @@ shared_examples 'a deployer' do
|
|
46
46
|
end
|
47
47
|
end
|
48
48
|
|
49
|
+
it 'deploys on 1 local node' do
|
50
|
+
with_platform_to_deploy(nodes_info: { nodes: { 'node' => { meta: { local_node: true }, services: %w[service] } } }) do
|
51
|
+
# Make sure the ssh_user is ignored in this case
|
52
|
+
test_actions_executor.connector(:ssh).ssh_user = 'root'
|
53
|
+
with_cmd_runner_mocked [
|
54
|
+
['whoami', proc { [0, 'test_user', ''] }]
|
55
|
+
] do
|
56
|
+
expect(test_deployer.deploy_on('node')).to eq('node' => expected_deploy_result)
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
61
|
+
it 'deploys on 1 local node as root' do
|
62
|
+
with_platform_to_deploy(nodes_info: { nodes: { 'node' => { meta: { local_node: true }, services: %w[service] } } }, expect_sudo: nil) do
|
63
|
+
# Make sure the ssh_user is ignored in this case
|
64
|
+
test_actions_executor.connector(:ssh).ssh_user = 'test_user'
|
65
|
+
with_cmd_runner_mocked [
|
66
|
+
['whoami', proc { [0, 'root', ''] }]
|
67
|
+
] do
|
68
|
+
expect(test_deployer.deploy_on('node')).to eq('node' => expected_deploy_result)
|
69
|
+
end
|
70
|
+
end
|
71
|
+
end
|
72
|
+
|
49
73
|
it 'deploys on 1 node using 1 secret' do
|
50
74
|
with_platform_to_deploy(expect_secrets: { 'secret1' => 'password1' }) do
|
51
75
|
test_deployer.override_secrets('secret1' => 'password1')
|
@@ -137,6 +161,61 @@ shared_examples 'a deployer' do
|
|
137
161
|
end
|
138
162
|
end
|
139
163
|
|
164
|
+
it 'deploys on 1 local node in local environment with certificates to install using hpc_certificates on Debian' do
|
165
|
+
with_certs_dir do |certs_dir|
|
166
|
+
with_platform_to_deploy(
|
167
|
+
nodes_info: { nodes: { 'node' => { meta: { local_node: true, image: 'debian_9' }, services: %w[service] } } },
|
168
|
+
expect_local_environment: true,
|
169
|
+
expect_additional_actions: [
|
170
|
+
{ remote_bash: 'sudo -u root apt update && sudo -u root apt install -y ca-certificates' },
|
171
|
+
{
|
172
|
+
remote_bash: 'sudo -u root update-ca-certificates',
|
173
|
+
scp: {
|
174
|
+
certs_dir => '/usr/local/share/ca-certificates',
|
175
|
+
:sudo => true
|
176
|
+
}
|
177
|
+
}
|
178
|
+
]
|
179
|
+
) do
|
180
|
+
ENV['hpc_certificates'] = certs_dir
|
181
|
+
test_deployer.local_environment = true
|
182
|
+
with_cmd_runner_mocked [
|
183
|
+
['whoami', proc { [0, 'test_user', ''] }]
|
184
|
+
] do
|
185
|
+
expect(test_deployer.deploy_on('node')).to eq('node' => expected_deploy_result)
|
186
|
+
end
|
187
|
+
end
|
188
|
+
end
|
189
|
+
end
|
190
|
+
|
191
|
+
it 'deploys on 1 local node in local environment with certificates to install using hpc_certificates on Debian as root' do
|
192
|
+
with_certs_dir do |certs_dir|
|
193
|
+
with_platform_to_deploy(
|
194
|
+
nodes_info: { nodes: { 'node' => { meta: { local_node: true, image: 'debian_9' }, services: %w[service] } } },
|
195
|
+
expect_sudo: nil,
|
196
|
+
expect_local_environment: true,
|
197
|
+
expect_additional_actions: [
|
198
|
+
{ remote_bash: 'apt update && apt install -y ca-certificates' },
|
199
|
+
{
|
200
|
+
remote_bash: 'update-ca-certificates',
|
201
|
+
scp: {
|
202
|
+
certs_dir => '/usr/local/share/ca-certificates',
|
203
|
+
:sudo => false
|
204
|
+
}
|
205
|
+
}
|
206
|
+
]
|
207
|
+
) do
|
208
|
+
ENV['hpc_certificates'] = certs_dir
|
209
|
+
test_deployer.local_environment = true
|
210
|
+
with_cmd_runner_mocked [
|
211
|
+
['whoami', proc { [0, 'root', ''] }]
|
212
|
+
] do
|
213
|
+
expect(test_deployer.deploy_on('node')).to eq('node' => expected_deploy_result)
|
214
|
+
end
|
215
|
+
end
|
216
|
+
end
|
217
|
+
end
|
218
|
+
|
140
219
|
it 'deploys on 1 node with certificates to install using hpc_certificates on CentOS' do
|
141
220
|
with_certs_dir do |certs_dir|
|
142
221
|
with_platform_to_deploy(
|
@@ -212,6 +291,61 @@ shared_examples 'a deployer' do
|
|
212
291
|
end
|
213
292
|
end
|
214
293
|
|
294
|
+
it 'deploys on 1 local node with certificates to install using hpc_certificates on CentOS' do
|
295
|
+
with_certs_dir do |certs_dir|
|
296
|
+
with_platform_to_deploy(
|
297
|
+
nodes_info: { nodes: { 'node' => { meta: { local_node: true, image: 'centos_7' }, services: %w[service] } } },
|
298
|
+
expect_local_environment: true,
|
299
|
+
expect_additional_actions: [
|
300
|
+
{ remote_bash: 'sudo -u root yum install -y ca-certificates' },
|
301
|
+
{
|
302
|
+
remote_bash: ['sudo -u root update-ca-trust enable', 'sudo -u root update-ca-trust extract'],
|
303
|
+
scp: {
|
304
|
+
"#{certs_dir}/test_cert.crt" => '/etc/pki/ca-trust/source/anchors',
|
305
|
+
:sudo => true
|
306
|
+
}
|
307
|
+
}
|
308
|
+
]
|
309
|
+
) do
|
310
|
+
ENV['hpc_certificates'] = certs_dir
|
311
|
+
test_deployer.local_environment = true
|
312
|
+
with_cmd_runner_mocked [
|
313
|
+
['whoami', proc { [0, 'test_user', ''] }]
|
314
|
+
] do
|
315
|
+
expect(test_deployer.deploy_on('node')).to eq('node' => expected_deploy_result)
|
316
|
+
end
|
317
|
+
end
|
318
|
+
end
|
319
|
+
end
|
320
|
+
|
321
|
+
it 'deploys on 1 local node with certificates to install using hpc_certificates on CentOS as root' do
|
322
|
+
with_certs_dir do |certs_dir|
|
323
|
+
with_platform_to_deploy(
|
324
|
+
nodes_info: { nodes: { 'node' => { meta: { local_node: true, image: 'centos_7' }, services: %w[service] } } },
|
325
|
+
expect_sudo: nil,
|
326
|
+
expect_local_environment: true,
|
327
|
+
expect_additional_actions: [
|
328
|
+
{ remote_bash: 'yum install -y ca-certificates' },
|
329
|
+
{
|
330
|
+
remote_bash: ['update-ca-trust enable', 'update-ca-trust extract'],
|
331
|
+
scp: {
|
332
|
+
"#{certs_dir}/test_cert.crt" => '/etc/pki/ca-trust/source/anchors',
|
333
|
+
:sudo => false
|
334
|
+
}
|
335
|
+
}
|
336
|
+
]
|
337
|
+
) do
|
338
|
+
ENV['hpc_certificates'] = certs_dir
|
339
|
+
test_deployer.local_environment = true
|
340
|
+
with_cmd_runner_mocked [
|
341
|
+
['whoami', proc { [0, 'root', ''] }]
|
342
|
+
] do
|
343
|
+
expect(test_deployer.deploy_on('node')).to eq('node' => expected_deploy_result)
|
344
|
+
end
|
345
|
+
end
|
346
|
+
end
|
347
|
+
end
|
348
|
+
|
215
349
|
it 'deploys on several nodes' do
|
216
350
|
with_platform_to_deploy(
|
217
351
|
nodes_info: {
|