kitchen-omnibus-chef 0.0.1

data/lib/kitchen/provisioner/chef_infra.rb

@@ -0,0 +1,167 @@
+#
+# Author:: Fletcher Nichol (<fnichol@nichol.ca>)
+#
+# Copyright (C) 2013, Fletcher Nichol
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require_relative "chef_base"
+
+module Kitchen
+  module Provisioner
+    # Chef Zero provisioner.
+    #
+    # @author Fletcher Nichol <fnichol@nichol.ca>
+    class ChefInfra < ChefBase
+      kitchen_provisioner_api_version 2
+
+      plugin_version Kitchen::VERSION
+
+      default_config :client_rb, {}
+      default_config :named_run_list, {}
+      default_config :json_attributes, true
+      default_config :chef_zero_host, nil
+      default_config :chef_zero_port, 8889
+
+      default_config :chef_client_path do |provisioner|
+        provisioner
+          .remote_path_join(%W{#{provisioner[:chef_omnibus_root]} bin chef-client})
+          .tap { |path| path.concat(".bat") if provisioner.windows_os? }
+      end
+
+      default_config :ruby_bindir do |provisioner|
+        provisioner
+          .remote_path_join(%W{#{provisioner[:chef_omnibus_root]} embedded bin})
+      end
+
+      # (see Base#create_sandbox)
+      def create_sandbox
+        super
+        prepare_validation_pem
+        prepare_config_rb
+      end
+
+      def run_command
+        cmd = "#{sudo(config[:chef_client_path])} --local-mode".tap { |str| str.insert(0, "& ") if powershell_shell? }
+
+        chef_cmd(cmd)
+      end
+
+      private
+
+      # Adds optional flags to a chef-client command, depending on
+      # configuration data. Note that this method mutates the incoming Array.
+      #
+      # @param args [Array<String>] array of flags
+      # @api private
+      # rubocop:disable Metrics/CyclomaticComplexity
+      def add_optional_chef_client_args!(args)
+        if config[:json_attributes]
+          json = remote_path_join(config[:root_path], "dna.json")
+          args << "--json-attributes #{json}"
+        end
+
+        args << "--logfile #{config[:log_file]}" if config[:log_file]
+
+        # these flags are chef-client local mode only and will not work
+        # on older versions of chef-client
+        if config[:chef_zero_host]
+          args << "--chef-zero-host #{config[:chef_zero_host]}"
+        end
+
+        if config[:chef_zero_port]
+          args << "--chef-zero-port #{config[:chef_zero_port]}"
+        end
+
+        args << "--profile-ruby" if config[:profile_ruby]
+
+        if config[:slow_resource_report]
+          if config[:slow_resource_report].is_a?(Integer)
+            args << "--slow-report #{config[:slow_resource_report]}"
+          else
+            args << "--slow-report"
+          end
+        end
+      end
+      # rubocop:enable Metrics/CyclomaticComplexity
+
+      # Returns an Array of command line arguments for the chef client.
+      #
+      # @return [Array<String>] an array of command line arguments
+      # @api private
+      def chef_args(client_rb_filename)
+        level = config[:log_level]
+        args = [
+            "--config #{remote_path_join(config[:root_path], client_rb_filename)}",
+            "--log_level #{level}",
+            "--force-formatter",
+            "--no-color",
+        ]
+        add_optional_chef_client_args!(args)
+
+        args
+      end
+
+      # Generates a string of shell environment variables needed for the
+      # chef-client-zero.rb shim script to properly function.
+      #
+      # @return [String] a shell script string
+      # @api private
+      def chef_client_zero_env
+        root = config[:root_path]
+        gem_home = gem_path = remote_path_join(root, "chef-client-zero-gems")
+        gem_cache = remote_path_join(gem_home, "cache")
+
+        [
+            shell_env_var("CHEF_REPO_PATH", root),
+            shell_env_var("GEM_HOME", gem_home),
+            shell_env_var("GEM_PATH", gem_path),
+            shell_env_var("GEM_CACHE", gem_cache),
+        ].join("\n").concat("\n")
+      end
+
+      # Writes a fake (but valid) validation.pem into the sandbox directory.
+      #
+      # @api private
+      def prepare_validation_pem
+        info("Preparing validation.pem")
+        debug("Using a dummy validation.pem")
+
+        source = File.join(File.dirname(__FILE__),
+          %w{.. .. .. support dummy-validation.pem})
+        FileUtils.cp(source, File.join(sandbox_path, "validation.pem"))
+      end
+
+      # Returns the command that will run a backwards compatible shim script
+      # that approximates local mode in a modern chef-client run.
+      #
+      # @return [String] the command string
+      # @api private
+      def shim_command
+        ruby = remote_path_join(config[:ruby_bindir], "ruby")
+          .tap { |path| path.concat(".exe") if windows_os? }
+        shim = remote_path_join(config[:root_path], "chef-client-zero.rb")
+
+        "#{chef_client_zero_env}\n#{sudo(ruby)} #{shim}"
+      end
+
+      # This provisioner supports policyfiles, so override the default (which
+      # is false)
+      # @return [true] always returns true
+      # @api private
+      def supports_policyfile?
+        true
+      end
+    end
+  end
+end

data/lib/kitchen/provisioner/chef_solo.rb

@@ -0,0 +1,82 @@
+#
+# Author:: Fletcher Nichol (<fnichol@nichol.ca>)
+#
+# Copyright (C) 2013, Fletcher Nichol
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require_relative "chef_base"
+
+module Kitchen
+  module Provisioner
+    # Chef Solo provisioner.
+    #
+    # @author Fletcher Nichol <fnichol@nichol.ca>
+    class ChefSolo < ChefBase
+      kitchen_provisioner_api_version 2
+
+      plugin_version Kitchen::VERSION
+
+      # ChefSolo is dependent on Berkshelf, which is not thread-safe.
+      # See discussion on https://github.com/test-kitchen/test-kitchen/issues/1307
+      no_parallel_for :converge
+
+      default_config :solo_rb, {}
+
+      default_config :chef_solo_path do |provisioner|
+        provisioner
+          .remote_path_join(%W{#{provisioner[:chef_omnibus_root]} bin chef-solo})
+          .tap { |path| path.concat(".bat") if provisioner.windows_os? }
+      end
+
+      # (see Base#config_filename)
+      def config_filename
+        "solo.rb"
+      end
+
+      # (see Base#create_sandbox)
+      def create_sandbox
+        super
+        prepare_config_rb
+      end
+
+      # (see Base#run_command)
+      def run_command
+        cmd = sudo(config[:chef_solo_path]).dup
+          .tap { |str| str.insert(0, "& ") if powershell_shell? }
+
+        chef_cmd(cmd)
+      end
+
+      private
+
+      # Returns an Array of command line arguments for the chef client.
+      #
+      # @return [Array<String>] an array of command line arguments
+      # @api private
+      def chef_args(solo_rb_filename)
+        args = [
+          "--config #{remote_path_join(config[:root_path], solo_rb_filename)}",
+          "--log_level #{config[:log_level]}",
+          "--force-formatter",
+          "--no-color",
+          "--json-attributes #{remote_path_join(config[:root_path], "dna.json")}",
+        ]
+        args << "--logfile #{config[:log_file]}" if config[:log_file]
+        args << "--profile-ruby" if config[:profile_ruby]
+        args << "--legacy-mode" if config[:legacy_mode]
+        args
+      end
+    end
+  end
+end

data/lib/kitchen/provisioner/chef_target.rb

@@ -0,0 +1,130 @@
+#
+# Author:: Thomas Heinen (<thomas.heinen@gmail.com>)
+#
+# Copyright (C) 2023, Thomas Heinen
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require_relative "chef_infra"
+
+module Kitchen
+  module Provisioner
+    # Chef Target provisioner.
+    #
+    # @author Thomas Heinen <thomas.heinen@gmail.com>
+    class ChefTarget < ChefInfra
+      MIN_VERSION_REQUIRED = "19.0.0".freeze
+      class ChefVersionTooLow < UserError; end
+      class ChefClientNotFound < UserError; end
+      class RequireTrainTransport < UserError; end
+
+      default_config :install_strategy, "none"
+      default_config :sudo, true
+
+      def install_command; ""; end
+      def init_command; ""; end
+      def prepare_command; ""; end
+
+      def chef_args(client_rb_filename)
+        # Dummy execution to initialize and test remote connection
+        connection = instance.remote_exec("echo Connection established")
+
+        check_transport(connection)
+        check_local_chef_client
+
+        instance_name = instance.name
+        credentials_file = File.join(kitchen_basepath, ".kitchen", instance_name + ".ini")
+        File.write(credentials_file, connection.credentials_file)
+
+        super.push(
+          "--target #{instance_name}",
+          "--credentials #{credentials_file}"
+        )
+      end
+
+      def check_transport(connection)
+        debug("Checking for active transport")
+
+        unless connection.respond_to? "train_uri"
+          error("Chef Target Mode provisioner requires a Train-based transport like kitchen-transport-train")
+          raise RequireTrainTransport.new("No Train transport")
+        end
+
+        debug("Kitchen transport responds to train_uri function call, as required")
+      end
+
+      def check_local_chef_client
+        debug("Checking for chef-client version")
+
+        begin
+          client_version = `chef-client -v`.chop.split(":")[-1]
+        rescue Errno::ENOENT => e
+          error("Error determining Chef Infra version: #{e.exception.message}")
+          raise ChefClientNotFound.new("Need chef-client installed locally")
+        end
+
+        minimum_version = Gem::Version.new(MIN_VERSION_REQUIRED)
+        installed_version = Gem::Version.new(client_version)
+
+        if installed_version < minimum_version
+          error("Found Chef Infra version #{installed_version}, but require #{minimum_version} for Target Mode")
+          raise ChefVersionTooLow.new("Need version #{MIN_VERSION_REQUIRED} or higher")
+        end
+
+        debug("Chef Infra found and version constraints match")
+      end
+
+      def kitchen_basepath
+        instance.driver.config[:kitchen_root]
+      end
+
+      def create_sandbox
+        super
+
+        # Change config.rb to point to the local sandbox path, not to /tmp/kitchen
+        config[:root_path] = sandbox_path
+        prepare_config_rb
+      end
+
+      def call(state)
+        remote_connection = instance.transport.connection(state)
+
+        config[:uploads].to_h.each do |locals, remote|
+          debug("Uploading #{Array(locals).join(", ")} to #{remote}")
+          remote_connection.upload(locals.to_s, remote)
+        end
+
+        # no installation
+        create_sandbox
+        # no prepare command
+
+        # Stream output to logger
+        require "open3"
+        Open3.popen2e(run_command) do |_stdin, output, _thread|
+          output.each { |line| logger << line }
+        end
+
+        info("Downloading files from #{instance.to_str}")
+        config[:downloads].to_h.each do |remotes, local|
+          debug("Downloading #{Array(remotes).join(", ")} to #{local}")
+          remote_connection.download(remotes, local)
+        end
+        debug("Download complete")
+      rescue Kitchen::Transport::TransportFailed => ex
+        raise ActionFailed, ex.message
+      ensure
+        cleanup_sandbox
+      end
+    end
+  end
+end

data/lib/kitchen/provisioner/chef_zero.rb

@@ -0,0 +1,12 @@
+# Deprecated AS PER THE PR - https://github.com/test-kitchen/test-kitchen/pull/1730
+require_relative "chef_infra"
+
+module Kitchen
+  module Provisioner
+    # Chef Zero provisioner.
+    #
+    # @author Fletcher Nichol <fnichol@nichol.ca>
+    class ChefZero < ChefInfra
+    end
+  end
+end

data/lib/kitchen/provisioner/omnibus_chef_version.rb

@@ -0,0 +1,23 @@
+#
+# Author:: Sean OMeara (<sean@sean.io>)
+#
+# Copyright (C) 2015, Sean OMeara
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+module Kitchen
+  module Provisioner
+    # Version string for Dokken Kitchen driver
+    OMNIBUS_CHEF_VERSION = "0.0.1".freeze
+  end
+end

data/support/chef-client-fail-if-update-handler.rb

@@ -0,0 +1,15 @@
+# Handler to kill the run if any resource is updated
+class UpdatedResources < ::Chef::Handler
+  def report
+    if updated_resources.size > 0
+      puts "First chef run should have reached a converged state."
+      puts "Resources updated in a second chef-client run:"
+      updated_resources.each do |r|
+        puts "- #{r}"
+      end
+      # exit 203 # chef handler catch Exception instead of StandardException
+      Process.kill("KILL", Process.pid)
+    end
+  end
+end
+report_handlers << UpdatedResources.new

data/support/chef_base_init_command.ps1

@@ -0,0 +1,18 @@
+Function Delete-AllDirs($dirs) {
+  $dirs | ForEach-Object {
+    if (Test-Path ($path = Unresolve-Path $_)) { Remove-Item $path -Recurse -Force }
+  }
+}
+
+Function Unresolve-Path($p) {
+  if ($p -eq $null) { return $null }
+  else { return $ExecutionContext.SessionState.Path.GetUnresolvedProviderPathFromPSPath($p) }
+}
+
+Function Make-RootPath($p) {
+  $p = Unresolve-Path $p
+  if (-Not (Test-Path $p)) { New-Item $p -ItemType directory | Out-Null }
+}
+
+Delete-AllDirs $dirs
+Make-RootPath $root_path

data/support/chef_base_init_command.sh

@@ -0,0 +1,2 @@
+$sudo_rm -rf $dirs
+mkdir -p $root_path

data/support/chef_base_install_command.ps1

@@ -0,0 +1,85 @@
+$ErrorActionPreference = "stop"
+
+Function Check-UpdateChef($root, $version) {
+  if (-Not (Test-Path $root)) { return $true }
+  elseif ("$version" -eq "true") { return $false }
+  elseif ("$version" -eq "latest") { return $true }
+  Try { $chef_version = (Get-Content $root\version-manifest.txt | select-object -first 1) }
+  Catch {
+    Try { $chef_version = (& $root\bin\chef-solo.bat -v) }
+    Catch { $chef_version = " " }
+  }
+
+  if ($chef_version.split(" ", 2)[1].StartsWith($version)) { return $false }
+  else { return $true }
+}
+
+Function Get-ChefMetadata($url) {
+  Try { $response = ($c = Make-WebClient).DownloadString($url) }
+  Finally { if ($c -ne $null) { $c.Dispose() } }
+
+  $md = ConvertFrom-StringData $response.Replace("`t", "=")
+  return @($md.url, $md.md5)
+}
+
+Function Get-MD5Sum($src) {
+  Try {
+    $c = New-Object -TypeName System.Security.Cryptography.MD5CryptoServiceProvider
+    $bytes = $c.ComputeHash(($in = (Get-Item $src).OpenRead()))
+    return ([System.BitConverter]::ToString($bytes)).Replace("-", "").ToLower()
+  } Finally { if (($c -ne $null) -and ($c.GetType().GetMethod("Dispose") -ne $null)) { $c.Dispose() }; if ($in -ne $null) { $in.Dispose() } }
+}
+
+Function Download-Chef($md_url, $dst) {
+  $url, $md5 = Get-ChefMetadata $md_url
+
+  Try {
+    Log "Downloading package from $url"
+    ($c = Make-WebClient).DownloadFile($url, $dst)
+    Log "Download complete."
+  } Finally { if ($c -ne $null) { $c.Dispose() } }
+
+  if (($dmd5 = Get-MD5Sum $dst) -eq $md5) { Log "Successfully verified $dst" }
+  else { throw "MD5 for $dst $dmd5 does not match $md5" }
+}
+
+Function Install-Chef($msi) {
+  Log "Installing Chef Infra Client package $msi"
+  $p = Start-Process -FilePath "msiexec.exe" -ArgumentList "/qn /i $msi" -Passthru -Wait
+
+  if ($p.ExitCode -ne 0) { throw "msiexec was not successful. Received exit code $($p.ExitCode)" }
+
+  Remove-Item $msi -Force
+  Log "Installation complete"
+}
+
+Function Log($m) { Write-Host "       $m`n" }
+
+Function Make-WebClient {
+  $proxy = New-Object -TypeName System.Net.WebProxy
+  $proxy.Address = $env:http_proxy
+  $client = New-Object -TypeName System.Net.WebClient
+  $client.Proxy = $proxy
+  return $client
+}
+
+Function Unresolve-Path($p) {
+  if ($p -eq $null) { return $null }
+  else { return $ExecutionContext.SessionState.Path.GetUnresolvedProviderPathFromPSPath($p) }
+}
+
+Try {
+  $chef_omnibus_root = Unresolve-Path $chef_omnibus_root
+  $msi = Unresolve-Path $msi
+
+  if (Check-UpdateChef $chef_omnibus_root $version) {
+    Write-Host "-----> Installing Chef Infra Client package ($pretty_version)`n"
+    Download-Chef "$chef_metadata_url" $msi
+    Install-Chef $msi
+  } else {
+    Write-Host "-----> Chef Infra Client package installation detected ($pretty_version)`n"
+}
+Catch {
+  Write-Error ($_ | ft -Property * | out-string) -ErrorAction Continue
+  exit 1
+}