hyperkit 1.0.0

data/lib/hyperkit/default.rb

@@ -0,0 +1,140 @@
+################################################################################
+#                                                                              #
+# Modeled on Octokit::Default                                                  #
+#                                                                              #
+# Original Octokit license                                                     #
+# ---------------------------------------------------------------------------- #
+# Copyright (c) 2009-2016 Wynn Netherland, Adam Stacoviak, Erik Michaels-Ober  #
+#                                                                              #
+# Permission is hereby granted, free of charge, to any person obtaining a      #
+# copy of this software and associated documentation files (the "Software"),   #
+# to deal in the Software without restriction, including without limitation    #
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,     #
+# and/or sell copies of the Software, and to permit persons to whom the        #
+# Software is furnished to do so, subject to the following conditions:         #
+#                                                                              #
+# The above copyright notice and this permission notice shall be included      #
+# in all copies or substantial portions of the Software.                       #
+# ---------------------------------------------------------------------------- #
+#                                                                              #
+################################################################################
+
+require 'openssl'
+require 'hyperkit/middleware/follow_redirects'
+require 'hyperkit/response/raise_error'
+
+module Hyperkit
+
+  # Default configuration options for {Client}
+  module Default
+
+    # Default API endpoint
+    API_ENDPOINT = "https://localhost:8443".freeze
+
+    # Default auto-sync value
+    AUTO_SYNC = true
+
+    # Default client certificate file for authentication
+    CLIENT_CERT = File.join(ENV['HOME'], '.config', 'lxc', 'client.crt').freeze
+
+    # Default client key file for authentication
+    CLIENT_KEY = File.join(ENV['HOME'], '.config', 'lxc', 'client.key').freeze
+
+    # Default media type
+    MEDIA_TYPE = 'application/json'
+
+    # In Faraday 0.9, Faraday::Builder was renamed to Faraday::RackBuilder
+    RACK_BUILDER_CLASS = defined?(Faraday::RackBuilder) ? Faraday::RackBuilder : Faraday::Builder
+
+		# Default Faraday middleware stack
+    MIDDLEWARE = RACK_BUILDER_CLASS.new do |builder|
+      builder.use Hyperkit::Middleware::FollowRedirects
+      builder.use Hyperkit::Response::RaiseError
+      builder.adapter Faraday.default_adapter
+    end
+
+    # Default User Agent header string
+    USER_AGENT   = "Hyperkit Ruby Gem #{Hyperkit::VERSION}".freeze
+
+    # Default to verifying SSL certificates
+    VERIFY_SSL = true
+
+    class << self
+
+      # Default options for Faraday::Connection
+      # @return [Hash]
+      def connection_options
+        {
+          :headers => {
+            :accept => default_media_type,
+            :user_agent => user_agent,
+          },
+          :ssl => {}
+        }
+      end
+
+      # Default media type from ENV or {MEDIA_TYPE}
+      # @return [String]
+      def default_media_type
+        ENV['HYPERKIT_DEFAULT_MEDIA_TYPE'] || MEDIA_TYPE
+      end
+
+      # Configuration options
+      # @return [Hash]
+      def options
+        Hash[Hyperkit::Configurable.keys.map{|key| [key, send(key)]}]
+      end
+
+      # Default API endpoint from ENV or {API_ENDPOINT}
+      # @return [String]
+      def api_endpoint
+        ENV['HYPERKIT_API_ENDPOINT'] || API_ENDPOINT
+      end
+
+      # Default auto-sync value from ENV or {AUTO_SYNC}
+      def auto_sync
+        ENV['HYPERKIT_AUTO_SYNC'] || AUTO_SYNC
+      end
+
+      # Default client certificate file from ENV or {CLIENT_CERT}
+      # @return [String]
+      def client_cert
+        ENV['HYPERKIT_CLIENT_CERT'] || CLIENT_CERT
+      end
+
+      # Default client key file from ENV or {CLIENT_KEY}
+      # @return [String]
+      def client_key
+        ENV['HYPERKIT_KEY'] || CLIENT_KEY
+      end
+
+      # Default middleware stack for Faraday::Connection
+      # from {MIDDLEWARE}
+      # @return [String]
+      def middleware
+        MIDDLEWARE
+      end
+
+      # Default proxy server URI for Faraday connection from ENV
+      # @return [String]
+      def proxy
+        ENV['HYPERKIT_PROXY']
+      end
+
+      # Default User-Agent header string from ENV or {USER_AGENT}
+      # @return [String]
+      def user_agent
+        ENV['HYPERKIT_USER_AGENT'] || USER_AGENT
+      end
+
+      # Default to verifying peer SSL certificate
+      # @return [Boolean]
+      def verify_ssl
+        true
+      end
+
+    end
+
+  end
+
+end

data/lib/hyperkit/error.rb

@@ -0,0 +1,267 @@
+################################################################################
+#                                                                              #
+# Modeled on Octokit::Error                                                    #
+#                                                                              #
+# Original Octokit license                                                     #
+# ---------------------------------------------------------------------------- #
+# Copyright (c) 2009-2016 Wynn Netherland, Adam Stacoviak, Erik Michaels-Ober  #
+#                                                                              #
+# Permission is hereby granted, free of charge, to any person obtaining a      #
+# copy of this software and associated documentation files (the "Software"),   #
+# to deal in the Software without restriction, including without limitation    #
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,     #
+# and/or sell copies of the Software, and to permit persons to whom the        #
+# Software is furnished to do so, subject to the following conditions:         #
+#                                                                              #
+# The above copyright notice and this permission notice shall be included      #
+# in all copies or substantial portions of the Software.                       #
+# ---------------------------------------------------------------------------- #
+#                                                                              #
+################################################################################
+
+
+module Hyperkit
+
+  # Custom error class for rescuing from all LXD errors
+  class Error < StandardError
+
+    # Returns the appropriate Hyperkit::Error subclass based
+    # on status and response message
+    #
+    # @param [Hash] response HTTP response
+    # @return [Hyperkit::Error]
+    def self.from_response(response)
+
+      status  = response[:status].to_i
+
+      err = from_status(response, status)
+
+      if err.nil?
+        err = from_async_operation(response)
+      end
+
+      err
+
+    end
+  
+    def self.from_async_operation(response)
+
+      return nil if response.nil? || response[:body].empty?
+
+      begin
+        body = JSON.parse(response[:body])
+      rescue
+        return nil
+      end
+
+      if body.has_key?("metadata") && body["metadata"].is_a?(Hash)
+        status = body["metadata"]["status_code"].to_i
+        from_status(response, status)
+      end
+
+    end
+
+    def self.from_status(response, status)
+      if klass = case status
+        when 400      then Hyperkit::BadRequest
+        when 401      then Hyperkit::Unauthorized
+        when 403      then Hyperkit::Forbidden
+        when 404      then Hyperkit::NotFound
+        when 405      then Hyperkit::MethodNotAllowed
+        when 406      then Hyperkit::NotAcceptable
+        when 409      then Hyperkit::Conflict
+        when 415      then Hyperkit::UnsupportedMediaType
+        when 422      then Hyperkit::UnprocessableEntity
+        when 400..499 then Hyperkit::ClientError
+        when 500      then error_for_500(response)
+        when 501      then Hyperkit::NotImplemented
+        when 502      then Hyperkit::BadGateway
+        when 503      then Hyperkit::ServiceUnavailable
+        when 500..599 then Hyperkit::ServerError
+        end
+        klass.new(response)
+      end
+    end
+
+    def initialize(response=nil)
+      @response = response
+      super(build_error_message)
+    end
+
+    # Documentation URL returned by the API for some errors
+    #
+    # @return [String]
+    def documentation_url
+      data[:documentation_url] if data.is_a? Hash
+    end
+
+    # Array of validation errors
+    # @return [Array<Hash>] Error info
+    def errors
+      if data && data.is_a?(Hash)
+        data[:errors] || []
+      else
+        []
+      end
+    end
+
+    def self.error_for_500(response)
+			
+      if response.body =~ /open: no such file or directory/i
+        Hyperkit::NotFound
+      elsif response.body =~ /open: is a directory/i
+        Hyperkit::BadRequest
+			else
+        Hyperkit::InternalServerError
+      end
+     
+    end
+
+    private
+
+    def data
+      @data ||=
+        if (body = @response[:body]) && !body.empty?
+          if body.is_a?(String) &&
+            @response[:response_headers] &&
+            @response[:response_headers][:content_type] =~ /json/
+
+            Sawyer::Agent.serializer.decode(body)
+          else
+            body
+          end
+        else
+          nil
+        end
+    end
+
+    def response_message
+      case data
+      when Hash
+        data[:message]
+      when String
+        data
+      end
+    end
+
+    def response_error
+      err = nil
+      
+      if data.is_a?(Hash) && data[:error]
+        err = data[:error]
+      elsif data.is_a?(Hash) && data[:metadata]
+        err = data[:metadata][:err]
+      end
+
+      "Error: #{err}" if err
+    end
+
+    def response_error_summary
+      return nil unless data.is_a?(Hash) && !Array(data[:errors]).empty?
+
+      summary = "\nError summary:\n"
+      summary << data[:errors].map do |hash|
+        hash.map { |k,v| "  #{k}: #{v}" }
+      end.join("\n")
+
+      summary
+    end
+
+    def build_error_message
+      return nil if @response.nil?
+
+      message = ""
+
+      if ! data.is_a?(Hash) || ! data[:metadata] || ! data[:metadata][:err]
+        message = "#{@response[:method].to_s.upcase} "
+        message << redact_url(@response[:url].to_s) + ": "
+      end
+
+      if data.is_a?(Hash) && data[:metadata] && data[:metadata][:status_code]
+        message << "#{data[:metadata][:status_code]} - "
+      else
+        message << "#{@response[:status]} - "
+      end
+
+      message << "#{response_message}" unless response_message.nil?
+      message << "#{response_error}" unless response_error.nil?
+      message << "#{response_error_summary}" unless response_error_summary.nil?
+      message << " // See: #{documentation_url}" unless documentation_url.nil?
+      message
+    end
+
+    def redact_url(url_string)
+      %w[secret].each do |token|
+        url_string.gsub!(/#{token}=\S+/, "#{token}=(redacted)") if url_string.include? token
+      end
+      url_string
+    end
+  end
+
+  # Raised on errors in the 400-499 range
+  class ClientError < Error; end
+
+  # Raised when LXD returns a 400 HTTP status code
+  class BadRequest < ClientError; end
+
+  # Raised when LXD returns a 401 HTTP status code
+  class Unauthorized < ClientError; end
+
+  # Raised when LXD returns a 403 HTTP status code
+  class Forbidden < ClientError; end
+
+  # Raised when LXD returns a 404 HTTP status code
+  class NotFound < ClientError; end
+
+  # Raised when LXD returns a 405 HTTP status code
+  class MethodNotAllowed < ClientError; end
+
+  # Raised when LXD returns a 406 HTTP status code
+  class NotAcceptable < ClientError; end
+
+  # Raised when LXD returns a 409 HTTP status code
+  class Conflict < ClientError; end
+
+  # Raised when LXD returns a 414 HTTP status code
+  class UnsupportedMediaType < ClientError; end
+
+  # Raised when LXD returns a 422 HTTP status code
+  class UnprocessableEntity < ClientError; end
+
+  # Raised on errors in the 500-599 range
+  class ServerError < Error; end
+
+  # Raised when LXD returns a 500 HTTP status code
+  class InternalServerError < ServerError; end
+
+  # Raised when LXD returns a 501 HTTP status code
+  class NotImplemented < ServerError; end
+
+  # Raised when LXD returns a 502 HTTP status code
+  class BadGateway < ServerError; end
+
+  # Raised when LXD returns a 503 HTTP status code
+  class ServiceUnavailable < ServerError; end
+
+  # Raised when a method requires an alias or a fingerprint, but
+  # none is provided
+  class ImageIdentifierRequired < StandardError; end
+
+  # Raised when a method requires attributes of an alias to be 
+  # passed (e.g. description, traget), but none is provided
+  class AliasAttributesRequired < StandardError; end
+
+  # Raised when a method requires a protocol to be specified
+  # (e.g. "lxd" or "simplestreams"), but an invalid protocol is
+  # provided
+  class InvalidProtocol < StandardError; end
+
+  # Raise when a method is passed image attributes that are illegal
+  # (e.g. creating a container from a local image, but passing a protocol)
+  class InvalidImageAttributes < StandardError; end
+
+  # Raise when profiles are specified that do not exist on the server
+  class MissingProfiles < StandardError; end
+
+end
+

data/lib/hyperkit/middleware/follow_redirects.rb

@@ -0,0 +1,131 @@
+require 'faraday'
+require 'set'
+
+module Hyperkit
+ 
+  module Middleware
+
+    # Public: Exception thrown when the maximum amount of requests is exceeded.
+    #
+    # Taken from Octokit, which was originally adapted from
+    # https://github.com/lostisland/faraday_middleware/blob/138766e/lib/faraday_middleware/response/follow_redirects.rb
+  
+    class RedirectLimitReached < Faraday::Error::ClientError
+      attr_reader :response
+
+      def initialize(response)
+        super "too many redirects; last one to: #{response['location']}"
+        @response = response
+      end
+    end
+
+    # Public: Follow HTTP 301, 302, 303, and 307 redirects.
+    #
+    # For HTTP 303, the original GET, POST, PUT, DELETE, or PATCH request gets
+    # converted into a GET. For HTTP 301, 302, and 307, the HTTP method remains
+    # unchanged.
+    #
+    # This middleware currently only works with synchronous requests; i.e. it
+    # doesn't support parallelism.
+    class FollowRedirects < Faraday::Middleware
+      # HTTP methods for which 30x redirects can be followed
+      ALLOWED_METHODS = Set.new [:head, :options, :get, :post, :put, :patch, :delete]
+
+      # HTTP redirect status codes that this middleware implements
+      REDIRECT_CODES  = Set.new [301, 302, 303, 307]
+
+      # Keys in env hash which will get cleared between requests
+      ENV_TO_CLEAR    = Set.new [:status, :response, :response_headers]
+
+      # Default value for max redirects followed
+      FOLLOW_LIMIT = 3
+
+      # Regex that matches characters that need to be escaped in URLs, sans
+      # the "%" character which we assume already represents an escaped
+      # sequence.
+      URI_UNSAFE = /[^\-_.!~*'()a-zA-Z\d;\/?:@&=+$,\[\]%]/
+
+      # Public: Initialize the middleware.
+      #
+      # options - An options Hash (default: {}):
+      #           :limit               - A Fixnum redirect limit (default: 3).
+      def initialize(app, options = {})
+        super(app)
+        @options = options
+
+        @convert_to_get = Set.new [303]
+      end
+
+      def call(env)
+        perform_with_redirection(env, follow_limit)
+      end
+
+      private
+
+      def convert_to_get?(response)
+        ![:head, :options].include?(response.env[:method]) &&
+          @convert_to_get.include?(response.status)
+      end
+
+      def perform_with_redirection(env, follows)
+        request_body = env[:body]
+        response = @app.call(env)
+
+        response.on_complete do |response_env|
+          if follow_redirect?(response_env, response)
+            raise(RedirectLimitReached, response) if follows.zero?
+            new_request_env = update_env(response_env, request_body, response)
+            response = perform_with_redirection(new_request_env, follows - 1)
+          end
+        end
+        response
+      end
+
+      def update_env(env, request_body, response)
+        original_url = env[:url]
+        env[:url] += safe_escape(response["location"])
+        unless same_host?(original_url, env[:url])
+          env[:request_headers].delete("Authorization")
+        end
+
+        if convert_to_get?(response)
+          env[:method] = :get
+          env[:body] = nil
+        else
+          env[:body] = request_body
+        end
+
+        ENV_TO_CLEAR.each { |key| env.delete(key) }
+
+        env
+      end
+
+      def follow_redirect?(env, response)
+        ALLOWED_METHODS.include?(env[:method]) &&
+          REDIRECT_CODES.include?(response.status)
+      end
+
+      def follow_limit
+        @options.fetch(:limit, FOLLOW_LIMIT)
+      end
+
+      def same_host?(original_url, redirect_url)
+        original_uri = Addressable::URI.parse(original_url)
+        redirect_uri = Addressable::URI.parse(redirect_url)
+
+        redirect_uri.host.nil? || original_uri.host == redirect_uri.host
+      end
+
+      # Internal: Escapes unsafe characters from a URL which might be a path
+      # component only or a fully-qualified URI so that it can be joined onto a
+      # URI:HTTP using the `+` operator. Doesn't escape "%" characters so to not
+      # risk double-escaping.
+      def safe_escape(uri)
+        uri.to_s.gsub(URI_UNSAFE) { |match|
+          "%" + match.unpack("H2" * match.bytesize).join("%").upcase
+        }
+      end
+    end
+  end
+end
+