jerakia 1.2.1 → 2.0.0

data/lib/jerakia/log.rb

@@ -2,12 +2,12 @@ class Jerakia::Log < Jerakia
   require 'logger'
   def initialize(level = :info, file = '/var/log/jerakia.log')
     begin
-      @@logger ||= Logger.new(file)
+      @@logger = Logger.new(file)
     rescue Errno::EACCES => e
       raise Jerakia::Error, "Error opening log file, #{e.message}"
     end
 
-    @@level ||= level
+    @@level = level
     case @@level
     when :verbose
       @@logger.level = Logger::INFO
@@ -42,20 +42,4 @@ class Jerakia::Log < Jerakia
     @@logger.fatal msg
   end
 
-  #  def self.fatal(msg)
-  #    self.new.fatal msg
-  #  end
-  #
-  #  def self.error(msg)
-  #    self.new.error msg
-  #  end
-  #
-  #  def self.debug(msg)
-  #    self.new.debug msg
-  #  end
-  #
-  ##  def self.info(msg)
-  #    puts @@logger
-  #    self.new.info msg
-  #  end
 end

data/lib/jerakia/lookup.rb

@@ -14,7 +14,6 @@ class Jerakia::Lookup
   attr_reader :output_filters
   attr_reader :name
   attr_reader :pluginfactory
-  attr_reader :datasource
 
   def initialize(name, opts, req, scope)
     @name = name
@@ -58,18 +57,6 @@ class Jerakia::Lookup
     pluginfactory
   end
 
-  def get_datasource
-    @datasource
-  end
-
-  def datasource(source, opts = {})
-    @datasource = Jerakia::Datasource.new(source, self, opts)
-  end
-
-  # If set, Jerakia will pass each Jerakia::Response object
-  # to an output filter plugin
-  #
-
   def scope
     scope_object.value
   end
@@ -131,15 +118,4 @@ class Jerakia::Lookup
     end
   end
 
-  def run
-    Jerakia.log.verbose("lookup: #{@name} key: #{@request.key} namespace: #{@request.namespace.join('/')}")
-    @datasource.run
-    response = @datasource.response
-    @output_filters.each do |filter|
-      response.filter! filter[:name], filter[:opts]
-    end
-    response
-  end
-
-  private
 end

data/lib/jerakia/policy.rb

@@ -1,85 +1,58 @@
 require 'jerakia/launcher'
 require 'jerakia/answer'
 require 'jerakia/schema'
+require 'jerakia/datasource'
 
 class Jerakia
   class Policy
     attr_accessor :lookups
-    attr_reader   :answer
-    attr_reader   :scope
-    attr_reader   :lookup_proceed
-    attr_reader   :schema
-    attr_reader   :request
+    attr_reader   :name
+    attr_reader   :datasources
 
     # _opts currently does not get used, but is included here as a placeholder
     # for allowing policies to be declared with options;
     # policy :foo, :option => :value do
     #
-    def initialize(_name, _opts, req)
-      if req.use_schema && Jerakia.config[:enable_schema]
-        schema_config = Jerakia.config[:schema] || {}
-        @schema = Jerakia::Schema.new(req, schema_config)
-      end
-
+    def initialize(name, _opts)
+      @name = name
       @lookups = []
-      @request = req
-      @answer = Jerakia::Answer.new(req.lookup_type)
-      @scope = Jerakia::Scope.new(req)
-      @lookup_proceed = true
+      @datasources = {}
     end
 
-    def clone_request
-      Marshal.load(Marshal.dump(request))
-    end
+    def run(request)
 
-    def submit_lookup(lookup)
-      raise Jerakia::PolicyError, "Lookup #{lookup.name} has no datasource defined" unless lookup.get_datasource
-      @lookups << lookup if lookup.valid? && @lookup_proceed
-      @lookup_proceed = false if !lookup.proceed? && lookup.valid?
-    end
+      if request.use_schema && Jerakia.config[:enable_schema]
+        schema_config = Jerakia.config[:schema] || {}
+        @schema = Jerakia::Schema.new(request, schema_config)
+      end
 
-    def execute
-      response_entries = []
+      scope = Jerakia::Scope.new(request)
+      answer = Jerakia::Answer.new(request.lookup_type, request.merge)
 
-      @lookups.each do |l|
-        responses = l.run
-        lookup_answers = responses.entries.map { |r| r }
+      response_entries = []
+      lookups.each do |lookup|
+        lookup_instance = lookup.call clone_request(request), scope
+        next unless lookup_instance.valid? && lookup_instance.proceed?
+        register_datasource lookup_instance.datasource[:name]
+        responses = Jerakia::Datasource.run(lookup_instance)
+        lookup_instance.output_filters.each do |filter|
+          Jerakia.log.debug("Using output filter #{filter[:name]}")
+          responses.filter! filter[:name], filter[:opts]
+        end
+        lookup_answers = responses.entries.map { |r| r}
         response_entries << lookup_answers if lookup_answers
       end
-
-      response_entries.flatten.each { |res| process_response(res) }
-      consolidate_answer
+      answer.process_response(response_entries)
+      return answer
     end
 
-    private
-
-    # Process the response depending on the requests lookup_type
-    # if it is a :first lookup then we only want to set the result
-    # once, if it's cascading, we should ammend the payload array
-    #
-    def process_response(res)
-      case request.lookup_type
-      when :first
-        @answer.payload ||= res[:value]
-        @answer.datatype ||= res[:datatype]
-      when :cascade
-        @answer.payload << res[:value]
-      end
+    def register_datasource(datasource)
+      Jerakia::Datasource.load_datasource(datasource)
     end
 
-    # Once all the responses are submitted into the answers payload
-    # we need to consolidate the data based on the merge behaviour
-    # requested.
-    #
-    def consolidate_answer
-      if request.lookup_type == :cascade && @answer.payload.is_a?(Array)
-        case request.merge
-        when :array
-          @answer.flatten_payload!
-        when :hash, :deep_hash
-          @answer.merge_payload!(request.merge)
-        end
-      end
+    def clone_request(request)
+      Marshal.load(Marshal.dump(request))
     end
+
   end
 end

data/lib/jerakia/response/filter.rb

@@ -1,7 +1,8 @@
 class Jerakia::Response
   module Filter
-    def filter!(name, opts)
+    def filter!(name, opts = {})
       Jerakia::Util.autoload('response/filter', name)
+      Jerakia.log.debug("Invoking output filter #{name}")
       instance_eval "extend Jerakia::Response::Filter::#{name.to_s.capitalize}"
       instance_eval "self.filter_#{name} (#{opts})"
     end

data/lib/jerakia/response/filter/encryption.rb

@@ -1,51 +1,34 @@
-# Parts of this class are copied from https://github.com/TomPoulton/hiera-eyaml/blob/master/lib/hiera/backend/eyaml_backend.rb
-# The MIT License (MIT)
-#
-# Copyright (c) 2013 Tom Poulton
-#
-# Other code Copyright (c) 2014 Craig Dunn, Apache 2.0 License.
-#
-
-require 'hiera/backend/eyaml/encryptor'
-require 'hiera/backend/eyaml/utils'
-require 'hiera/backend/eyaml/options'
-require 'hiera/backend/eyaml/parser/parser'
-require 'hiera/filecache'
-
-require 'yaml'
+require 'jerakia/encryption'
 
 class Jerakia::Response
   module Filter
     module Encryption
       def filter_encryption(_opts = {})
-        parse_values do |val|
-          decrypt val if val.is_a?(String)
-          val
+        Jerakia.log.debug("Encryption filter started")
+        provider = Jerakia::Encryption.handler
+
+        unless provider.loaded?
+          raise Jerakia::Error, 'Cannot load encryption output filter, no encryption provider configured'
+        end
+        unless provider.respond_to?('signiture')
+          raise Jerakia::Error, 'Encryption provider did not provide a signiture method, cannot run output filter'
         end
-      end
 
-      def decrypt(data)
-        if encrypted?(data)
-          public_key = config['eyaml']['public_key']
-          private_key = config['eyaml']['private_key']
-          Hiera::Backend::Eyaml::Options[:pkcs7_private_key] = private_key
-          Hiera::Backend::Eyaml::Options[:pkcs7_public_key] = public_key
-          parser = Hiera::Backend::Eyaml::Parser::ParserFactory.hiera_backend_parser
+        signiture = provider.signiture
+        raise Jerakia::Error, "Encryption provider signiture is not a Regexp" unless signiture.is_a?(Regexp)
 
-          tokens = parser.parse(data)
-          decrypted = tokens.map(&:to_plain_text)
-          plaintext = decrypted.join
-          Jerakia.log.debug(plaintext)
-          plaintext.chomp!
-          data.clear.insert(0, plaintext)
-        else
-          data
+        # Match the signiture of the provider (from the signiture method) against the string
+        # if the string matches the regex then call the decrypt method of the encryption
+        # provider
+        #
+        parse_values do |val|
+          if val =~ signiture
+            decrypted = provider.decrypt(val)
+            val.clear.insert(0, decrypted)
+          end
+          val
         end
       end
-
-      def encrypted?(data)
-        /.*ENC\[.*?\]/ =~ data ? true : false
-      end
     end
   end
 end

data/lib/jerakia/schema.rb

@@ -11,21 +11,21 @@ class Jerakia::Schema
     )
 
     Jerakia.log.debug("Schema lookup invoked for #{request.key} namespace: #{request.namespace}")
-    schema_lookup = Jerakia::Launcher.new(schema_request)
 
     begin
-      schema_lookup.evaluate do
+      schema_policy = Jerakia::Launcher.evaluate do
         policy :schema do
           lookup :schema do
             datasource *schema_datasource
           end
         end
       end
+      schema_lookup = schema_policy.run(schema_request)
     rescue Jerakia::Error => e
       raise Jerakia::SchemaError, "Schema lookup for #{request.key} failed: #{e.message}"
     end
 
-    @schema_data = schema_lookup.answer.payload || {}
+    @schema_data = schema_lookup.payload || {}
 
     # Validate the returned data from the schema
     raise Jerakia::SchemaError, "Schema must return a hash for key #{request.key}" unless @schema_data.is_a?(Hash)

data/lib/jerakia/util/http.rb

@@ -0,0 +1,51 @@
+require 'net/http'
+require 'json'
+require 'openssl'
+
+class Jerakia
+  module Util
+    class Http
+
+      class << self
+
+        def post(uri_str, data={}, headers={}, options={})
+          uri = URI.parse(uri_str)
+          request = Net::HTTP::Post.new(uri.path)
+          request.body = data.to_json
+          http_send(uri, request, headers, options) 
+        end
+
+        def put(uri_str, data={}, headers={}, options={})
+          uri = URI.parse(uri_str)
+          request = Net::HTTP::Put.new(uri.path)
+          request.body = data.to_json
+          http_send(uri, request, headers, options)
+        end
+
+
+        def http_send(uri, request, headers={}, options={})
+          request.add_field('Content-Type', options[:content_type]) if options[:content_type]
+
+          headers.each do |header, value|
+            request.add_field(header, value)
+          end
+
+          http = Net::HTTP.new(uri.host, uri.port)
+          if options[:ssl]
+            http.use_ssl = true
+            http.verify_mode = options[:ssl_verify] ? OpenSSL::SSL::VERIFY_PEER : OpenSSL::SSL::VERIFY_NONE
+            http.cert = OpenSSL::X509::Certificate.new(options[:ssl_cert]) if options[:ssl_cert]
+            http.key = OpenSSL::PKey::RSA.new(options[:ssl_key]) if options[:ssl_key]
+          end
+
+          begin
+            response = http.request(request)
+            return response
+          rescue => e
+            raise Jerakia::HTTPError, e.message
+          end
+        end
+      end
+    end
+  end
+end

data/lib/jerakia/version.rb

@@ -3,5 +3,5 @@ class Jerakia
   #
   # This should be updated when a new gem is released and it is read from the gemspec file
   #
-  VERSION = '1.2.1'.freeze
+  VERSION = '2.0.0'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: jerakia
 version: !ruby/object:Gem::Version
-  version: 1.2.1
+  version: 2.0.0
 platform: ruby
 authors:
 - Craig Dunn
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-02-17 00:00:00.000000000 Z
+date: 2017-04-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: thor
@@ -116,7 +116,6 @@ extensions: []
 extra_rdoc_files: []
 files:
 - bin/jerakia
-- lib/hiera/backend/jerakia_backend.rb
 - lib/jerakia.rb
 - lib/jerakia/answer.rb
 - lib/jerakia/cache.rb
@@ -124,6 +123,7 @@ files:
 - lib/jerakia/cache/file.rb
 - lib/jerakia/cli.rb
 - lib/jerakia/cli/lookup.rb
+- lib/jerakia/cli/secret.rb
 - lib/jerakia/cli/server.rb
 - lib/jerakia/cli/token.rb
 - lib/jerakia/config.rb
@@ -132,10 +132,11 @@ files:
 - lib/jerakia/datasource/file.rb
 - lib/jerakia/datasource/file/json.rb
 - lib/jerakia/datasource/file/yaml.rb
-- lib/jerakia/datasource/file_new.rb
 - lib/jerakia/datasource/http.rb
 - lib/jerakia/dsl/lookup.rb
 - lib/jerakia/dsl/policy.rb
+- lib/jerakia/encryption.rb
+- lib/jerakia/encryption/vault.rb
 - lib/jerakia/error.rb
 - lib/jerakia/launcher.rb
 - lib/jerakia/log.rb
@@ -145,7 +146,6 @@ files:
 - lib/jerakia/lookup/plugin_config.rb
 - lib/jerakia/lookup/pluginfactory.rb
 - lib/jerakia/policy.rb
-- lib/jerakia/policy/registry.rb
 - lib/jerakia/request.rb
 - lib/jerakia/response.rb
 - lib/jerakia/response/filter.rb
@@ -162,9 +162,8 @@ files:
 - lib/jerakia/server/auth/token.rb
 - lib/jerakia/server/rest.rb
 - lib/jerakia/util.rb
+- lib/jerakia/util/http.rb
 - lib/jerakia/version.rb
-- lib/puppet/indirector/data_binding/jerakia.rb
-- lib/puppet/indirector/data_binding/jerakia_rest.rb
 homepage: http://jerakia.io
 licenses:
 - Apache 2.0

data/lib/hiera/backend/jerakia_backend.rb

@@ -1,59 +0,0 @@
-require 'puppet'
-require 'puppet/resource'
-
-class Hiera
-  module Backend
-    class Jerakia_backend
-      def initialize(config = nil)
-        require 'jerakia'
-        @config = config || Hiera::Config[:jerakia] || {}
-        @policy = @config[:policy] || 'default'
-        @jerakia = ::Jerakia.new(@config)
-        Jerakia.log.debug("[hiera] hiera backend loaded with policy #{@policy}")
-      end
-
-      def lookup(key, scope, _order_override, resolution_type)
-        lookup_type = :first
-        merge_type = :none
-
-        case resolution_type
-        when :array
-          lookup_type = :cascade
-          merge_type = :array
-        when :hash
-          lookup_type = :cascade
-          merge_type = :hash
-        end
-
-        namespace = []
-
-        if key.include?('::')
-          lookup_key = key.split('::')
-          key = lookup_key.pop
-          namespace = lookup_key
-        end
-
-        Jerakia.log.debug("[hiera] backend invoked for key #{key} using namespace #{namespace}")
-
-        metadata = {}
-        metadata = if scope.is_a?(Hash)
-                     scope.reject { |_k, v| v.is_a?(Puppet::Resource) }
-                   else
-                     scope.real.to_hash.reject { |_k, v| v.is_a?(Puppet::Resource) }
-                   end
-
-        request = Jerakia::Request.new(
-          :key         => key,
-          :namespace   => namespace,
-          :policy      => metadata['jerakia_policy'] || @policy,
-          :lookup_type => lookup_type,
-          :merge       => merge_type,
-          :metadata    => metadata
-        )
-
-        answer = @jerakia.lookup(request)
-        answer.payload
-      end
-    end
-  end
-end