inception 0.1.0

data/lib/inception/inception_server_cookbook.rb

@@ -0,0 +1,89 @@
+module Inception
+  # Perform converge chef cookbooks upon inception server
+  class InceptionServerCookbook
+    include FileUtils
+
+    attr_reader :server, :settings, :project_dir
+
+    class InvalidTarget < StandardError; end
+
+    def initialize(inception_server, settings, project_dir)
+      @server = inception_server
+      @settings = settings
+      @project_dir = project_dir
+    end
+
+    def prepare
+      FileUtils.chdir(project_dir) do
+        prepare_project_dir
+        knife_solo :prepare unless ignore_chef_preparations?
+      end
+    end
+
+    # To be invoked within the settings_dir
+    def converge
+      FileUtils.chdir(project_dir) do
+        knife_solo :cook
+      end
+    end
+
+    def ignore_chef_preparations?
+      @settings.exists?("cookbook.prepared")
+    end
+
+    def user_host; server.user_host; end
+    def key_path; server.private_key_path; end
+
+    def knife_solo(command)
+      attributes = cookbook_attributes_for_inception.to_json
+      sh %Q{knife solo #{command} #{user_host} -i #{key_path} -j '#{attributes}' -r 'bosh_inception'}
+    end
+
+    protected
+    def prepare_project_dir
+      prepare_cookbook
+      prepare_knife_config
+      prepare_berksfile
+    end
+
+    def prepare_cookbook
+      mkdir_p("cookbooks")
+      rm_rf("cookbooks/bosh_inception")
+      cp_r(inception_cookbook_path, "cookbooks/")
+    end
+
+    def prepare_knife_config
+      mkdir_p("nodes") # needed for knife solo
+    end
+
+    def prepare_berksfile
+      unless File.exists?("Berksfile")
+        cp_r(File.join(gem_root_path, "Berksfile"), "Berksfile")
+      end
+    end
+
+    def cookbook_attributes_for_inception
+      {
+        "disk" => {
+          "mounted" => true,
+          "device" => settings.inception.provisioned.disk_device.internal
+        },
+        "git" => {
+          "name" => settings.git.name,
+          "email" => settings.git.email
+        },
+        "user" => {
+          "username" => settings.inception.provisioned.username
+        }
+      }
+    end
+
+    def gem_root_path
+      File.expand_path("../../..", __FILE__)
+    end
+
+    def inception_cookbook_path
+      File.join(gem_root_path, "cookbooks/bosh_inception")
+    end
+  end
+end

data/lib/inception/next_deploy_actions.rb

@@ -0,0 +1,20 @@
+module Inception
+  
+  class NextDeployActions
+    def initialize(attributes, cli_options)
+      @attributes = attributes.is_a?(Hash) ? Settingslogic.new(attributes) : attributes
+      raise "@attributes must be Settingslogic (or Hash)" unless @attributes.is_a?(Settingslogic)
+      raise "@cli_options must be Hash" unless cli_options.is_a?(Hash)
+      apply_cli_options(cli_options)
+    end
+
+    def skip_chef_converge?
+      @attributes["no_converge"] || @attributes["no-converge"] || @attributes["skip_chef_converge"]
+    end
+
+    protected
+    def apply_cli_options(cli_options)
+      @attributes.merge(cli_options)
+    end
+  end
+end

data/lib/inception/version.rb

@@ -0,0 +1,3 @@
+module Inception
+  VERSION = "0.1.0"
+end

data/spec/assets/gitconfig

@@ -0,0 +1,5 @@
+[user]
+	name = Dr Nic Williams
+	email = drnicwilliams@gmail.com
+[github]
+	user = drnic

data/spec/assets/settings/aws-before-server.yml

@@ -0,0 +1,14 @@
+---
+provider:
+  name: aws
+  region: us-west-2
+  credentials:
+    aws_access_key_id: MOCK_AWS_ACCESS_KEY_ID
+    aws_secret_access_key: MOCK_AWS_SECRET_ACCESS_KEY
+inception:
+  ip_address: 54.214.15.178
+  key_pair:
+    name: inception
+    private_key: private_key
+  extensions:
+    - mosh

data/spec/assets/settings/aws-created-server.yml

@@ -0,0 +1,31 @@
+---
+provider:
+  name: aws
+  region: us-west-2
+  credentials:
+    aws_access_key_id: MOCK_AWS_ACCESS_KEY_ID
+    aws_secret_access_key: MOCK_AWS_SECRET_ACCESS_KEY
+git:
+  name: Dr Nic Williams
+  email: drnicwilliams@gmail.com
+inception:
+  key_pair:
+    name: inception
+    private_key: private_key
+  extensions:
+    - mosh
+  size: m1.small
+  disk_size: 16
+  provisioned:
+    ip_address: 54.214.15.178
+    image_id: ami-123456
+    server_id: i-e7f005d2
+    security_groups:
+      - ssh
+      - mosh
+    username: vcap
+    disk_device:
+      volume_id: vol-123456
+      external: /dev/sdf
+      internal: /dev/xvdf
+    host: ec2-54-214-15-178.us-west-2.compute.amazonaws.com

data/spec/integration/aws/aws_basic_spec.rb

@@ -0,0 +1,39 @@
+require File.expand_path("../../../spec_helper", __FILE__)
+require File.expand_path("../../../support/aws/aws_helpers", __FILE__)
+
+describe "AWS deployment without Chef run" do
+  include FileUtils
+  include AwsHelpers
+
+  if AwsHelpers.aws_credentials?
+    before do
+      prepare_aws("basic", aws_region, "next_deploy_actions.no_converge" => true)
+    end
+    after(:all) do
+      destroy_test_constructs unless keep_after_test?
+    end
+
+    def aws_region
+      ENV['AWS_REGION'] || "us-west-2"
+    end
+
+    it "creates an EC2 inception/microbosh with the associated resources" do
+      create_manifest
+
+      manifest_file = home_file(".bosh_inception", "settings.yml")
+      File.should be_exists(manifest_file)
+
+      cmd.deploy
+
+      inception_servers = fog.servers.select { |s| s.tags["Name"] == test_server_name && s.ready? }
+      inception_servers.size.should == 1
+
+      server = inception_servers.first
+      server.volumes.size.should == 2
+      named_volume = server.volumes.select { |s| s.tags["Name"] == test_server_name }
+      named_volume.should_not be_nil
+    end
+  else
+    it "no AWS integration specs run; missing $AWS_ACCESS_KEY_ID etc"
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,50 @@
+# Copyright (c) 2012-2013 Stark & Wayne, LLC
+
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile", __FILE__)
+
+require "rubygems"
+require "bundler"
+Bundler.setup(:default, :test)
+
+$:.unshift(File.expand_path("../../lib", __FILE__))
+
+require "rspec/core"
+require "bosh/providers"
+require "inception"
+require "inception/cli"
+
+# for the #sh helper
+require "rake"
+require "rake/file_utils"
+
+# load all files in spec/support/* (but not lower down)
+Dir[File.dirname(__FILE__) + '/support/*'].each do |path|
+  require path unless File.directory?(path)
+end
+
+def spec_asset(filename)
+  File.expand_path("../assets/#{filename}", __FILE__)
+end
+
+def setup_home_dir
+  home_dir = File.expand_path("../../tmp/home", __FILE__)
+  FileUtils.rm_rf(home_dir)
+  FileUtils.mkdir_p(home_dir)
+  FileUtils.cp_r(spec_asset("gitconfig"), home_file(".gitconfig"))
+  ENV['HOME'] = home_dir
+end
+
+# returns the file path to a file
+# in the fake $HOME folder
+def home_file(*path)
+  File.join(ENV['HOME'], *path)
+end
+
+RSpec.configure do |c|
+  c.before do
+    setup_home_dir
+    Fog::Mock.reset
+  end
+
+  c.color_enabled = true
+end

data/spec/support/aws/aws_helpers.rb

@@ -0,0 +1,73 @@
+require "active_support/core_ext/hash/keys"
+module AwsHelpers
+  extend self
+  include SettingsHelper
+
+  def keep_after_test?
+    ENV['KEEP_AFTER_TEST']
+  end
+
+  def region
+    @region ||= "us-west-2"
+  end
+
+  def fog
+    @fog ||= Fog::Compute.new(fog_credentials.merge(:region => region))
+  end
+
+  def aws_credentials?
+    access_key = ENV['AWS_ACCESS_KEY_ID']
+    secret_key = ENV["AWS_SECRET_ACCESS_KEY"]
+    access_key && secret_key
+  end
+
+  def fog_credentials
+    @fog_credentials ||= begin
+      access_key = ENV['AWS_ACCESS_KEY_ID']
+      secret_key = ENV["AWS_SECRET_ACCESS_KEY"]
+      unless access_key && secret_key
+        raise "Please provided $AWS_ACCESS_KEY_ID and $AWS_SECRET_ACCESS_KEY"
+      end
+      credentials = {
+        :provider                 => 'AWS',
+        :aws_access_key_id        => access_key,
+        :aws_secret_access_key    => secret_key
+      }
+    end
+  end
+
+  def prepare_aws(spec_name, aws_region, options={})
+    setup_home_dir
+    @cmd = nil
+    @fog = nil
+    create_manifest(options)
+    destroy_test_constructs
+  end
+
+  def unique_number
+    ENV['UNIQUE_NUMBER'] || Random.rand(100000)
+  end
+
+  def test_server_name
+    "test-inception"
+  end
+
+  def create_manifest(options = {})
+    credentials = options.delete(:credentials) || fog_credentials
+    setting "provider.name", "aws"
+    setting "provider.credentials", credentials.stringify_keys
+    setting "provider.region", region
+    setting "inception.name", test_server_name
+    options.each { |key, value| setting(key, value) }
+    cmd.save_settings!
+  end
+
+  def destroy_test_constructs
+    puts "Destroying everything created by previous test..."
+    # destroy servers using inception-vm SG
+    provider.delete_servers_with_name(test_server_name)
+    provider.delete_volumes_with_name(test_server_name)
+    provider.delete_key_pair_if_exists(test_server_name)
+    provider.cleanup_unused_ip_addresses
+  end
+end

data/spec/support/settings_helper.rb

@@ -0,0 +1,20 @@
+# assumes @cmd is Inception::Cli instance
+module SettingsHelper
+  def cmd
+    @cmd ||= Inception::Cli.new
+  end
+
+  def provider
+    cmd.provider_client
+  end
+
+  # Set a nested setting with "key1.key2.key3" notation
+  def setting(nested_key, value)
+    settings.set(nested_key, value)
+  end
+
+  # used by +SettingsSetter+ to access the settings
+  def settings
+    cmd.settings
+  end
+end

data/spec/support/stdout_capture.rb

@@ -0,0 +1,17 @@
+module StdoutCapture
+  # Captures stdout within the block
+  # Usage:
+  #
+  #   out = capture_stdout do
+  #     puts "this will not be shown"
+  #   end
+  #   out.should == "this will not be shown"
+  def capture_stdout(&block)
+    out = StringIO.new
+    $stdout = out
+    yield
+    return out
+  ensure
+    $stdout = STDOUT
+  end
+end

data/spec/unit/bosh/providers/aws_spec.rb

@@ -0,0 +1,199 @@
+# Copyright (c) 2012-2013 Stark & Wayne, LLC
+
+require File.expand_path("../../../../spec_helper", __FILE__)
+require "fog"
+
+# Specs for the aws provider
+describe Bosh::Providers do
+  include FileUtils
+  include StdoutCapture
+
+  describe "AWS" do
+    before { Fog.mock! }
+    let(:provider_attributes) do
+      {
+        "name" => "aws",
+        "region" => "us-west-2",
+        "credentials" => {
+          "aws_access_key_id"  => 'MOCK_AWS_ACCESS_KEY_ID',
+          "aws_secret_access_key"  => 'MOCK_AWS_SECRET_ACCESS_KEY'
+        }
+      }
+    end
+    subject { Bosh::Providers.provider_client(provider_attributes) }
+    let(:fog_compute) { subject.fog_compute }
+
+    describe "create security group" do
+      it "should open a single TCP port on a security group" do
+        capture_stdout do
+          ports = { ssh: 22 }
+          subject.create_security_group("sg1-name", "sg1-desc", ports)
+          created_sg = fog_compute.security_groups.get("sg1-name")
+          created_sg.name.should == "sg1-name"
+          created_sg.description.should == "sg1-desc"
+          created_sg.ip_permissions.should == [
+            { 
+              "ipProtocol"=>"tcp",
+              "fromPort"=>22, 
+              "toPort"=>22, 
+              "groups"=>[], 
+              "ipRanges"=>[ { "cidrIp"=>"0.0.0.0/0" } ] 
+            }
+          ]
+        end
+      end
+      it "should open a range of TCP ports" do
+        capture_stdout do
+          ports = { ssh: (22..30) }
+          subject.create_security_group("sg-range-name", "sg-range-desc", ports)
+          created_sg = fog_compute.security_groups.get("sg-range-name")
+          created_sg.ip_permissions.should == [
+            { 
+              "ipProtocol"=>"tcp",
+              "fromPort"=>22, 
+              "toPort"=>30, 
+              "groups"=>[], 
+              "ipRanges"=>[ { "cidrIp"=>"0.0.0.0/0" } ] 
+            }
+          ]
+        end
+      end
+      it "should open a range of UDP ports" do
+        capture_stdout do
+          ports = { ssh: { protocol: "udp", ports: (60000..600050) } }
+          subject.create_security_group("sg-range-udp-name", "sg-range-udp-name", ports)
+          created_sg = fog_compute.security_groups.get("sg-range-udp-name")
+          created_sg.ip_permissions.should == [
+            { 
+              "ipProtocol"=>"udp",
+              "fromPort"=>60000, 
+              "toPort"=>600050, 
+              "groups"=>[], 
+              "ipRanges"=>[ { "cidrIp"=>"0.0.0.0/0" } ] 
+            }
+          ]
+        end
+      end
+      it "should open a range of ICMP ports" do
+        capture_stdout do
+          ports = { ping: { protocol: "icmp", ports: (3..4) } }
+          subject.create_security_group("sg-range-icmp-name", "sg-range-icmp-name", ports)
+          created_sg = fog_compute.security_groups.get("sg-range-icmp-name")
+          created_sg.ip_permissions.should == [
+            { 
+              "ipProtocol"=>"icmp",
+              "fromPort"=>3, 
+              "toPort"=>4, 
+              "groups"=>[], 
+              "ipRanges"=>[ { "cidrIp"=>"0.0.0.0/0" } ] 
+            }
+          ]
+        end
+      end
+      it "should open not open ports if they are already open" do
+        capture_stdout do
+          subject.create_security_group("sg2", "", { ssh: { protocol: "udp", ports: (60000..600050) } })
+          subject.create_security_group("sg2", "", { ssh: { protocol: "udp", ports: (60010..600040) } })
+          subject.create_security_group("sg2", "", { ssh: { protocol: "udp", ports: (60000..600050) } })
+          created_sg = fog_compute.security_groups.get("sg2")
+          created_sg.ip_permissions.should == [
+            { 
+              "ipProtocol"=>"udp",
+              "fromPort"=>60000, 
+              "toPort"=>600050, 
+              "groups"=>[], 
+              "ipRanges"=>[ { "cidrIp"=>"0.0.0.0/0" } ] 
+            }
+          ]
+        end
+      end
+      it "should open ports even if they are already open for a different protocol" do
+        capture_stdout do
+          subject.create_security_group("sg3", "", { ssh: { protocol: "udp", ports: (60000..600050) } })
+          subject.create_security_group("sg3", "", { ssh: { protocol: "tcp", ports: (60000..600050) } })
+          created_sg = fog_compute.security_groups.get("sg3")
+          created_sg.ip_permissions.should == [
+            { 
+              "ipProtocol"=>"udp",
+              "fromPort"=>60000, 
+              "toPort"=>600050, 
+              "groups"=>[], 
+              "ipRanges"=>[ { "cidrIp"=>"0.0.0.0/0" } ] 
+            },
+            { 
+              "ipProtocol"=>"tcp",
+              "fromPort"=>60000, 
+              "toPort"=>600050, 
+              "groups"=>[], 
+              "ipRanges"=>[ { "cidrIp"=>"0.0.0.0/0" } ] 
+            }
+          ]
+        end
+      end
+      it "should open ports even if they are already open for a different ip_range" do
+        capture_stdout do
+          default_ports = {
+             all_internal_tcp: { protocol: "tcp", ip_range: "1.1.1.1/32", ports: (0..65535) }
+          }
+          subject.create_security_group("sg6", "sg6", default_ports)
+          subject.create_security_group("sg6", "sg6", { mosh: { protocol: "tcp", ports: (15..30) } })
+          created_sg = fog_compute.security_groups.get("sg6")
+          created_sg.ip_permissions.should == [
+            { 
+              "ipProtocol"=>"tcp",
+              "fromPort"=>0, 
+              "toPort"=>65535, 
+              "groups"=>[], 
+              "ipRanges"=>[ { "cidrIp"=>"1.1.1.1/32" } ] 
+            },
+            { 
+              "ipProtocol"=>"tcp",
+              "fromPort"=>15, 
+              "toPort"=>30, 
+              "groups"=>[], 
+              "ipRanges"=>[ { "cidrIp"=>"0.0.0.0/0" } ] 
+            }
+          ]
+        end
+      end
+      it "should open ports on the default sg" do
+        capture_stdout do
+          subject.create_security_group("default", "default", { mosh: { protocol: "tcp", ports: (15..30) } })
+          created_sg = fog_compute.security_groups.get("default")
+          expected_rule = { 
+              "ipProtocol"=>"tcp",
+              "fromPort"=>15, 
+              "toPort"=>30, 
+              "groups"=>[], 
+              "ipRanges"=>[ { "cidrIp"=>"0.0.0.0/0" } ] 
+            }
+          created_sg.ip_permissions.should include expected_rule
+        end
+      end
+      #AWS allows overlapping port ranges, and it makes it easier to see the separate "rules" that were added
+      it "should create overlapping port ranges" do
+        capture_stdout do
+          subject.create_security_group("sg4", "", { ssh: { protocol: "udp", ports: (10..20) } })
+          subject.create_security_group("sg4", "", { ssh: { protocol: "udp", ports: (15..30) } })
+          created_sg = fog_compute.security_groups.get("sg4")
+          created_sg.ip_permissions.should == [
+            { 
+              "ipProtocol"=>"udp",
+              "fromPort"=>10, 
+              "toPort"=>20, 
+              "groups"=>[], 
+              "ipRanges"=>[ { "cidrIp"=>"0.0.0.0/0" } ] 
+            },
+            { 
+              "ipProtocol"=>"udp",
+              "fromPort"=>15, 
+              "toPort"=>30, 
+              "groups"=>[], 
+              "ipRanges"=>[ { "cidrIp"=>"0.0.0.0/0" } ] 
+            }
+          ]
+        end
+      end
+    end
+  end
+end