inception-server 0.2.1

data/spec/unit/cli_deploy_aws_spec.rb

@@ -0,0 +1,83 @@
+require File.expand_path("../../support/aws/aws_helpers", __FILE__)
+
+require "fog"
+
+describe "AWS deployment" do
+  include FileUtils
+  include StdoutCapture
+  include SettingsHelper
+  include AwsHelpers
+
+  before do
+    setup_home_dir
+    Fog.mock!
+    @cmd = Inception::Cli.new
+    @cmd.stub(:converge_cookbooks)
+    @credentials = {aws_access_key_id: "ACCESS", aws_secret_access_key: "SECRET"}
+    @fog_credentials = @credentials.merge(provider: "AWS")
+  end
+
+  describe "with simple manifest" do
+    before do
+      create_manifest(credentials: @credentials)
+      capture_stdout { cmd.deploy }
+      # cmd.deploy
+    end
+
+    it "populates settings with git.name & git.email from ~/.gitconfig" do
+      settings.git.name.should == "Dr Nic Williams"
+      settings.git.email.should == "drnicwilliams@gmail.com"
+    end
+
+    it "creates an elastic IP automatically and assigns to settings.inception.provisioned.ip_address" do
+      settings.inception.provisioned.ip_address.should_not be_nil
+    end
+
+    it "creates AWS key pair and assigns to inception.key_pair.name / private_key" do
+      settings.inception.key_pair.name.should == "inception"
+      settings.inception.key_pair.private_key.should_not be_nil
+    end
+
+    it "stores private key in local file" do
+      local_private_key = File.expand_path("~/.inception_server/ssh/inception")
+      File.should be_exist(local_private_key)
+      File.read(local_private_key).should == settings.inception.key_pair.private_key
+    end
+
+    it "provisions inception server" do
+      settings.inception.flavor.should == "m1.small"
+      settings.inception.disk_size.should == 16
+      settings.inception.image_id.should == "ami-bf1d8a8f" # us-west-2 13.04 AMI
+      settings.inception.security_groups.should == ["ssh"]
+
+      settings.inception.provisioned.username.should == "ubuntu"
+      settings.inception.provisioned.host.should_not be_nil
+      settings.inception.provisioned.server_id.should_not be_nil
+
+      settings.inception.provisioned.disk_device.volume_id.should_not be_nil
+      settings.inception.provisioned.disk_device.external.should == "/dev/sdf"
+      settings.inception.provisioned.disk_device.internal.should == "/dev/xvdf"
+    end
+
+  end
+
+  describe "converge inception server if it fails midway" do
+    it "use local git config even if already allocated" do
+      create_manifest(credentials: @credentials, "git.name" => "Mystery", "git.email" => "mystery@gmail.com")
+      capture_stdout { cmd.deploy }
+      settings.git.email.should == "drnicwilliams@gmail.com"
+    end
+
+    it "does not provision another IP address if already allocated" do
+      create_manifest(credentials: @credentials, "inception.provisioned.ip_address" => "1.2.3.4")
+      capture_stdout { cmd.deploy }
+      settings.inception.provisioned.ip_address.should == "1.2.3.4"
+    end
+
+    it "provisions another server if server_id id unknown" do
+      create_manifest(credentials: @credentials, "inception.provisioned.server_id" => "i-UNKNOWN")
+      capture_stdout { cmd.deploy }
+      settings.inception.provisioned.server_id.should_not == "i-UNKNOWN"
+    end
+  end
+end

data/spec/unit/cli_ssh_spec.rb

@@ -0,0 +1,80 @@
+# Copyright (c) 2012-2013 Stark & Wayne, LLC
+
+# Specs for 'ssh' related behavior. Includes CLI commands:
+# * ssh
+# * tmux
+# * mosh
+describe Inception do
+  include FileUtils
+  include SettingsHelper
+
+  before do
+    setup_home_dir
+    @cmd = Inception::Cli.new
+    setting "provider.name", "aws"
+    setting "provider.credentials.aws_access_key_id", "aws_access_key_id"
+    setting "provider.credentials.aws_secret_access_key", "aws_secret_access_key"
+    setting "provider.region", "us-west-2"
+    setting "inception.key_pair.name", "inception"
+    setting "inception.key_pair.private_key", "PRIVATE"
+    setting "inception.provisioned.host", "5.5.5.5"
+    setting "inception.provisioned.username", "vcap"
+  end
+
+  describe "ssh" do
+    let(:private_key_path) { home_file(".inception_server/ssh/inception") }
+
+    describe "normal" do
+      it "launches ssh session" do
+        @cmd.should_receive(:exit)
+        @cmd.should_receive(:system).
+          with("ssh -i #{private_key_path} vcap@5.5.5.5")
+        @cmd.ssh
+      end
+      it "runs ssh command" do
+        @cmd.should_receive(:exit)
+        @cmd.should_receive(:system).
+          with("ssh -i #{private_key_path} vcap@5.5.5.5 'some command'")
+        @cmd.ssh("some command")
+      end
+    end
+
+    describe "tmux" do
+      it "launches ssh session" do
+        @cmd.should_receive(:exit)
+        @cmd.should_receive(:system).
+          with("ssh -i #{private_key_path} vcap@5.5.5.5 -t 'tmux attach || tmux new-session'")
+        @cmd.tmux
+      end
+    end
+
+    describe "mosh" do
+      before { Fog.mock! }
+      after { Fog.unmock! }
+      xit "should check whether mosh is installed" do
+         @cmd.should_receive(:system).
+          with("mosh --version")
+        @cmd.stub!(:exit)
+        @cmd.ensure_mosh_installed
+      end
+      xit "launches mosh session" do
+        @cmd.stub!(:ensure_mosh_installed).and_return(true)
+        @cmd.should_receive(:exit)
+        @cmd.should_receive(:system).
+          with("mosh --ssh 'ssh -i #{@private_key_path}' vcap@5.5.5.5")
+        @cmd.mosh
+      end
+      xit "should ensure that the mosh ports are opened" do
+        expected_ports = {
+          mosh: { 
+            protocol: "udp", 
+            ports: (60000..60050) 
+          }
+        } 
+        @cmd.provider.stub!(:create_security_group)
+          .with('default','not used', expected_ports)
+        @cmd.ensure_security_group_allows_mosh
+      end
+    end
+  end
+end

data/spec/unit/inception_server_cookbook_spec.rb

@@ -0,0 +1,62 @@
+describe Inception::InceptionServerCookbook do
+  include FileUtils
+  include StdoutCapture
+  include SettingsHelper
+
+  before do
+    setup_home_dir
+    Fog.mock!
+    setting "provider.name", "aws"
+    setting "provider.credentials.aws_access_key_id", "aws_access_key_id"
+    setting "provider.credentials.aws_secret_access_key", "aws_secret_access_key"
+    setting "provider.region", "us-west-2"
+    setting "git.name", "Dr Nic Williams"
+    setting "git.email", "drnicwilliams@gmail.com"
+    setting "inception.host", "host"
+    setting "inception.provisioned.username", "user"
+    setting "inception.provisioned.disk_device.internal", "/dev/abc"
+  end
+
+  let(:settings_dir) { File.expand_path("~/.inception_server") }
+  let(:inception_server) { mock(user_host: "user@host", private_key_path: "path/to/key") }
+  subject { Inception::InceptionServerCookbook.new(inception_server, settings, settings_dir) }
+
+  describe "in prepared settings dir" do
+    before do
+      attributes = '{"disk":{"mounted":true,"device":"/dev/abc"},"git":{"name":"Dr Nic Williams","email":"drnicwilliams@gmail.com"},"user":{"username":"user"},"fog":{"aws_access_key_id":"aws_access_key_id","aws_secret_access_key":"aws_secret_access_key"}}'
+      cmd_arguments = "user@host -i path/to/key -j '#{attributes}' -r 'bosh_inception'"
+      subject.should_receive(:sh).with("knife solo prepare #{cmd_arguments}")
+      subject.prepare
+
+      subject.should_receive(:sh).with("knife solo cook #{cmd_arguments}")
+      subject.converge
+    end
+
+    it "creates Berksfile" do
+      FileUtils.chdir(settings_dir) do
+        File.should be_exists("Berksfile")
+      end
+    end
+
+    it "copies in cookbook" do
+      FileUtils.chdir(settings_dir) do
+        File.should be_exists("cookbooks/bosh_inception/recipes/default.rb")
+      end
+    end
+  end
+
+  describe "after initial converge" do
+    it "does not prepare/install chef again" do
+      setting "cookbook.prepared", true
+      cookbook = Inception::InceptionServerCookbook.new(inception_server, settings, settings_dir)
+
+      attributes = '{"disk":{"mounted":true,"device":"/dev/abc"},"git":{"name":"Dr Nic Williams","email":"drnicwilliams@gmail.com"},"user":{"username":"user"},"fog":{"aws_access_key_id":"aws_access_key_id","aws_secret_access_key":"aws_secret_access_key"}}'
+      cmd_arguments = "user@host -i path/to/key -j '#{attributes}' -r 'bosh_inception'"
+
+      subject.should_receive(:sh).with("knife solo cook #{cmd_arguments}") # just to stub :sh
+      subject.prepare
+      subject.converge
+    end
+  end
+
+end

data/spec/unit/inception_server_spec.rb

@@ -0,0 +1,58 @@
+describe Inception::InceptionServer do
+  include StdoutCapture
+
+  describe "new AWS server" do
+    let(:provider_attributes) do
+      {
+        "name" => "aws",
+        "region" => "us-west-2",
+        "credentials" => {
+          "aws_access_key_id"  => 'MOCK_AWS_ACCESS_KEY_ID',
+          "aws_secret_access_key"  => 'MOCK_AWS_SECRET_ACCESS_KEY'
+        }
+      }
+    end
+    let(:attributes) do
+      {
+        "provisioned" => {
+          "ip_address" => "54.214.15.178"
+        },
+        "key_pair" => {
+          "name" => "inception",
+          "private_key" => "private_key",
+          "public_key" => "public_key"
+        }
+      }
+    end
+    let(:provider_client) { Inception::Providers.provider_client(provider_attributes) }
+    let(:ssh_dir) { "~/.inception_server/ssh" }
+    subject { Inception::InceptionServer.new(provider_client, attributes, ssh_dir) }
+    let(:fog_compute) { subject.fog_compute }
+
+    before do
+      Fog.mock!
+      Fog::Mock.reset
+      capture_stdout do
+        provider_client.create_key_pair("inception")
+        subject.create
+      end
+    end
+
+    it "has default security groups" do
+      subject.security_groups.should == ["ssh"]
+      fog_compute.security_groups.get("ssh").should_not be_nil
+    end
+
+    it "has default flavor" do
+      subject.flavor.should == "m1.small"
+    end
+
+    it "has default disk size" do
+      subject.disk_size.should == 16
+    end
+
+    xit "is created" do
+      fog_compute.servers.size.should == 1
+    end
+  end
+end

data/spec/unit/providers/aws_spec.rb

@@ -0,0 +1,198 @@
+# Copyright (c) 2012-2013 Stark & Wayne, LLC
+
+require "fog"
+
+# Specs for the aws provider
+describe Inception::Providers do
+  include FileUtils
+  include StdoutCapture
+
+  describe "AWS" do
+    before { Fog.mock! }
+    let(:provider_attributes) do
+      {
+        "name" => "aws",
+        "region" => "us-west-2",
+        "credentials" => {
+          "aws_access_key_id"  => 'MOCK_AWS_ACCESS_KEY_ID',
+          "aws_secret_access_key"  => 'MOCK_AWS_SECRET_ACCESS_KEY'
+        }
+      }
+    end
+    subject { Inception::Providers.provider_client(provider_attributes) }
+    let(:fog_compute) { subject.fog_compute }
+
+    describe "create security group" do
+      it "should open a single TCP port on a security group" do
+        capture_stdout do
+          ports = { ssh: 22 }
+          subject.create_security_group("sg1-name", "sg1-desc", ports)
+          created_sg = fog_compute.security_groups.get("sg1-name")
+          created_sg.name.should == "sg1-name"
+          created_sg.description.should == "sg1-desc"
+          created_sg.ip_permissions.should == [
+            { 
+              "ipProtocol"=>"tcp",
+              "fromPort"=>22, 
+              "toPort"=>22, 
+              "groups"=>[], 
+              "ipRanges"=>[ { "cidrIp"=>"0.0.0.0/0" } ] 
+            }
+          ]
+        end
+      end
+      it "should open a range of TCP ports" do
+        capture_stdout do
+          ports = { ssh: (22..30) }
+          subject.create_security_group("sg-range-name", "sg-range-desc", ports)
+          created_sg = fog_compute.security_groups.get("sg-range-name")
+          created_sg.ip_permissions.should == [
+            { 
+              "ipProtocol"=>"tcp",
+              "fromPort"=>22, 
+              "toPort"=>30, 
+              "groups"=>[], 
+              "ipRanges"=>[ { "cidrIp"=>"0.0.0.0/0" } ] 
+            }
+          ]
+        end
+      end
+      it "should open a range of UDP ports" do
+        capture_stdout do
+          ports = { ssh: { protocol: "udp", ports: (60000..600050) } }
+          subject.create_security_group("sg-range-udp-name", "sg-range-udp-name", ports)
+          created_sg = fog_compute.security_groups.get("sg-range-udp-name")
+          created_sg.ip_permissions.should == [
+            { 
+              "ipProtocol"=>"udp",
+              "fromPort"=>60000, 
+              "toPort"=>600050, 
+              "groups"=>[], 
+              "ipRanges"=>[ { "cidrIp"=>"0.0.0.0/0" } ] 
+            }
+          ]
+        end
+      end
+      it "should open a range of ICMP ports" do
+        capture_stdout do
+          ports = { ping: { protocol: "icmp", ports: (3..4) } }
+          subject.create_security_group("sg-range-icmp-name", "sg-range-icmp-name", ports)
+          created_sg = fog_compute.security_groups.get("sg-range-icmp-name")
+          created_sg.ip_permissions.should == [
+            { 
+              "ipProtocol"=>"icmp",
+              "fromPort"=>3, 
+              "toPort"=>4, 
+              "groups"=>[], 
+              "ipRanges"=>[ { "cidrIp"=>"0.0.0.0/0" } ] 
+            }
+          ]
+        end
+      end
+      it "should open not open ports if they are already open" do
+        capture_stdout do
+          subject.create_security_group("sg2", "", { ssh: { protocol: "udp", ports: (60000..600050) } })
+          subject.create_security_group("sg2", "", { ssh: { protocol: "udp", ports: (60010..600040) } })
+          subject.create_security_group("sg2", "", { ssh: { protocol: "udp", ports: (60000..600050) } })
+          created_sg = fog_compute.security_groups.get("sg2")
+          created_sg.ip_permissions.should == [
+            { 
+              "ipProtocol"=>"udp",
+              "fromPort"=>60000, 
+              "toPort"=>600050, 
+              "groups"=>[], 
+              "ipRanges"=>[ { "cidrIp"=>"0.0.0.0/0" } ] 
+            }
+          ]
+        end
+      end
+      xit "should open ports even if they are already open for a different protocol" do
+        capture_stdout do
+          subject.create_security_group("sg3", "", { ssh: { protocol: "udp", ports: (60000..600050) } })
+          subject.create_security_group("sg3", "", { ssh: { protocol: "tcp", ports: (60000..600050) } })
+          created_sg = fog_compute.security_groups.get("sg3")
+          created_sg.ip_permissions.should == [
+            { 
+              "ipProtocol"=>"udp",
+              "fromPort"=>60000, 
+              "toPort"=>600050, 
+              "groups"=>[], 
+              "ipRanges"=>[ { "cidrIp"=>"0.0.0.0/0" } ] 
+            },
+            { 
+              "ipProtocol"=>"tcp",
+              "fromPort"=>60000, 
+              "toPort"=>600050, 
+              "groups"=>[], 
+              "ipRanges"=>[ { "cidrIp"=>"0.0.0.0/0" } ] 
+            }
+          ]
+        end
+      end
+      xit "should open ports even if they are already open for a different ip_range" do
+        capture_stdout do
+          default_ports = {
+             all_internal_tcp: { protocol: "tcp", ip_range: "1.1.1.1/32", ports: (0..65535) }
+          }
+          subject.create_security_group("sg6", "sg6", default_ports)
+          subject.create_security_group("sg6", "sg6", { mosh: { protocol: "tcp", ports: (15..30) } })
+          created_sg = fog_compute.security_groups.get("sg6")
+          created_sg.ip_permissions.should == [
+            { 
+              "ipProtocol"=>"tcp",
+              "fromPort"=>0, 
+              "toPort"=>65535, 
+              "groups"=>[], 
+              "ipRanges"=>[ { "cidrIp"=>"1.1.1.1/32" } ] 
+            },
+            { 
+              "ipProtocol"=>"tcp",
+              "fromPort"=>15, 
+              "toPort"=>30, 
+              "groups"=>[], 
+              "ipRanges"=>[ { "cidrIp"=>"0.0.0.0/0" } ] 
+            }
+          ]
+        end
+      end
+      xit "should open ports on the default sg" do
+        capture_stdout do
+          subject.create_security_group("default", "default", { mosh: { protocol: "tcp", ports: (15..30) } })
+          created_sg = fog_compute.security_groups.get("default")
+          expected_rule = { 
+              "ipProtocol"=>"tcp",
+              "fromPort"=>15, 
+              "toPort"=>30, 
+              "groups"=>[], 
+              "ipRanges"=>[ { "cidrIp"=>"0.0.0.0/0" } ] 
+            }
+          created_sg.ip_permissions.should include expected_rule
+        end
+      end
+      #AWS allows overlapping port ranges, and it makes it easier to see the separate "rules" that were added
+      xit "should create overlapping port ranges" do
+        capture_stdout do
+          subject.create_security_group("sg4", "", { ssh: { protocol: "udp", ports: (10..20) } })
+          subject.create_security_group("sg4", "", { ssh: { protocol: "udp", ports: (15..30) } })
+          created_sg = fog_compute.security_groups.get("sg4")
+          created_sg.ip_permissions.should == [
+            { 
+              "ipProtocol"=>"udp",
+              "fromPort"=>10, 
+              "toPort"=>20, 
+              "groups"=>[], 
+              "ipRanges"=>[ { "cidrIp"=>"0.0.0.0/0" } ] 
+            },
+            { 
+              "ipProtocol"=>"udp",
+              "fromPort"=>15, 
+              "toPort"=>30, 
+              "groups"=>[], 
+              "ipRanges"=>[ { "cidrIp"=>"0.0.0.0/0" } ] 
+            }
+          ]
+        end
+      end
+    end
+  end
+end

data/test/integration/default/bats/discover_user.bash

@@ -0,0 +1,2 @@
+export TEST_USER=$(users | head -n1 | awk '{print $1}')
+export TEST_USER_HOME="/home/$TEST_USER"

data/test/integration/default/bats/dotfog.bats

@@ -0,0 +1,11 @@
+#!/usr/bin/env bats
+
+load discover_user
+
+@test "~/.fog contains default.aws_access_key_id" {
+  run su - $TEST_USER -c "cat $TEST_USER_HOME/.fog"
+  [ "${lines[0]}" = "---" ]
+  [ "${lines[1]}" = ":default:" ]
+  [ "${lines[2]}" = "  :aws_access_key_id: PERSONAL_ACCESS_KEY" ]
+  [ "${lines[3]}" = "  :aws_secret_access_key: PERSONAL_SECRET" ]
+}

data/test/integration/default/bats/install_ruby.bats

@@ -0,0 +1,8 @@
+#!/usr/bin/env bats
+
+load discover_user
+
+@test "ruby 1.9.3p392 is default" {
+  run su - $TEST_USER -c "ruby -v"
+  [ "$(echo ${lines[0]} | awk '{print $2}')" = "1.9.3p392" ]
+}

data/test/integration/default/bats/useful_dirs.bats

@@ -0,0 +1,8 @@
+#!/usr/bin/env bats
+
+@test "use file dirs created" {
+  for dir in microboshes/deployments deployments releases repos stemcells systems tmp bosh_cache
+  do
+    [ -d /var/vcap/store/$dir ]
+  done
+}

data/test/integration/default/bats/user.bats

@@ -0,0 +1,9 @@
+#!/usr/bin/env bats
+
+load discover_user
+
+@test "~/.bosh_cache symlink" {
+  run su - $TEST_USER -c "readlink ~/.bosh_cache"
+  [ "${lines[0]}" = "/var/vcap/store/bosh_cache" ]
+}
+

data/test/integration/default/bats/verify_bosh.bats

@@ -0,0 +1,18 @@
+#!/usr/bin/env bats
+
+load discover_user
+
+@test "bosh micro installed" {
+  run su - $TEST_USER -c "cd /var/vcap/store/microboshes; bundle exec bosh micro"
+  [ "$status" -eq 0 ]
+}
+
+@test "bosh-bootstrap installed" {
+  run su - $TEST_USER -c "cd /var/vcap/store/systems; bundle exec bosh-bootstrap"
+  [ "$status" -eq 0 ]
+}
+
+@test "bosh-cloudfoundry installed" {
+  run su - $TEST_USER -c "cd /var/vcap/store/systems; bundle exec bosh cf"
+  [ "$status" -eq 0 ]
+}

data/test/integration/default/bats/verify_git.bats

@@ -0,0 +1,18 @@
+#!/usr/bin/env bats
+
+load discover_user
+
+@test "git config name is set" {
+  run git config -f $TEST_USER_HOME/.gitconfig user.name
+  [ "${lines[0]}" = "Nobody" ]
+}
+
+@test "git config email is set" {
+  run git config -f $TEST_USER_HOME/.gitconfig user.email
+  [ "${lines[0]}" = "nobody@in-the-house.com" ]
+}
+
+@test "hub installed" {
+  run hub
+  [ "$status" -eq 0 ]
+}