RubyGems - kitchen-vcenter - Versions diffs - 1.5.0 → 2.0.0 - Mend

kitchen-vcenter 1.5.0 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +4 -4
data/lib/kitchen-vcenter/version.rb +1 -1
data/lib/kitchen/driver/vcenter.rb +89 -133
data/lib/support/clone_vm.rb +15 -11
metadata +9 -13
data/lib/base.rb +0 -35
data/lib/lookup_service_helper.rb +0 -464
data/lib/sso.rb +0 -268

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 31833a2dfb60dba469a3c03aa8261cc4639760770cb33b913909950009e5603b
-  data.tar.gz: c0c663f9b4ac33fdc505dab121ba33112d22b7cc9df59213a1aa1858c1191aa4
+  metadata.gz: 4830a5da83f0ac1eba8ce606f4151ff369058478452776699f45b52277bd4943
+  data.tar.gz: c7761ff930c8c78194dafe5c5ea7b55e4a27b1db992f4f1c678a66308cf75bb2
 SHA512:
-  metadata.gz: 4c5ef3e005c6f281b651c197a46a1bb84d38c3261973d5dc909d1924afd398a8c4debc2746f0de3f84d5e2dcd294a3e0537fb8df4210733abd9e7eb94ff9a40c
-  data.tar.gz: 66bc5bcb9263cbd8ab91757555f32daa26b0b2148c792ab1dd62613053bab7efdfa83673d6afbcc0e97621b393d7fb2f3339b853856f958d158f718cc16f43af
+  metadata.gz: 4986789d6c04264fcbf426176c3453427cf8a3f4b8cc951efe77a7b4d353b10aa20570c63f59b33294992f8a889b38b49454a25257ae6722a4431bb332272f4a
+  data.tar.gz: 3335539aeb36bd96b4e044c774501bee318ab1130a89cbb46fd319af83ee2d27952a9e8d232f3a1170b6baf196ee63cf6fd08bd952c920733d4993baffe8ea97

data/lib/kitchen-vcenter/version.rb CHANGED Viewed

@@ -20,5 +20,5 @@
 # The main kitchen-vcenter module
 module KitchenVcenter
   # The version of this version of test-kitchen we assume enterprises want.
-  VERSION = "1.5.0"
+  VERSION = "2.0.0"
 end

data/lib/kitchen/driver/vcenter.rb CHANGED Viewed

@@ -18,15 +18,8 @@
 #
 require "kitchen"
-require "rbvmomi"
-require "sso"
-require "base"
-require "lookup_service_helper"
-require "vapi"
-require "com/vmware/cis"
-require "com/vmware/cis/tagging"
-require "com/vmware/vcenter"
-require "com/vmware/vcenter/vm"
+require "vsphere-automation-cis"
+require "vsphere-automation-vcenter"
 require "support/clone_vm"
 require "securerandom"
 require "uri"
@@ -37,7 +30,7 @@ module Kitchen
   module Driver
     # Extends the Base class for vCenter
     class Vcenter < Kitchen::Driver::Base
-      attr_accessor :connection_options, :ipaddress, :vapi_config, :session_svc, :session_id
+      attr_accessor :connection_options, :ipaddress, :api_client
       required_config :vcenter_username
       required_config :vcenter_password
@@ -53,7 +46,6 @@ module Kitchen
       default_config :resource_pool, nil
       default_config :clone_type, :full
       default_config :cluster, nil
-      default_config :lookup_service_host, nil
       default_config :network_name, nil
       default_config :tags, nil
@@ -72,7 +64,6 @@ module Kitchen
         # @todo This does not allow to specify cluster AND pool yet
         unless config[:cluster].nil?
           cluster = get_cluster(config[:cluster])
-          # @todo Check for active hosts, to avoid "A specified parameter was not correct: spec.pool"
           config[:resource_pool] = cluster.resource_pool
         else
           # Find the first resource pool on any cluster
@@ -111,30 +102,38 @@ module Kitchen
         }
         # Create an object from which the clone operation can be called
-        clone_obj = Support::CloneVm.new(connection_options, options)
-        state[:hostname] = clone_obj.clone
-        state[:vm_name] = config[:vm_name]
+        new_vm = Support::CloneVm.new(connection_options, options)
+        new_vm.clone
+        state[:hostname] = new_vm.ip
+        state[:vm_name] = new_vm.name
         unless config[:tags].nil? || config[:tags].empty?
+          tag_api = VSphereAutomation::CIS::TaggingTagApi.new(api_client)
+          vm_tags = tag_api.list.value
+          raise format("No configured tags found on VCenter, but %s specified", config[:tags].to_s) if vm_tags.empty?
           valid_tags = {}
-          vm_tags = Com::Vmware::Cis::Tagging::Tag.new(vapi_config)
-          vm_tags.list.each do |uid|
-            tag = vm_tags.get(uid)
-            valid_tags[tag.name] = tag.id
+          vm_tags.each do |uid|
+            tag = tag_api.get(uid)
+            valid_tags[tag.value.name] = tag.value.id if tag.is_a? VSphereAutomation::CIS::CisTaggingTagResult
           end
           # Error out on undefined tags
           invalid = config[:tags] - valid_tags.keys
           raise format("Specified tag(s) %s not valid", invalid.join(",")) unless invalid.empty?
-          tag_service = Com::Vmware::Cis::Tagging::TagAssociation.new(vapi_config)
-          # calls needs a DynamicID object which we construct from type and mobID
-          mobid = get_vm(config[:vm_name]).vm
-          dynamic_id = Com::Vmware::Vapi::Std::DynamicID.new(type: "VirtualMachine", id: mobid)
+          tag_service = VSphereAutomation::CIS::TaggingTagAssociationApi.new(api_client)
           tag_ids = config[:tags].map { |name| valid_tags[name] }
-          tag_service.attach_multiple_tags_to_object(dynamic_id, tag_ids)
+          request_body = {
+            object_id: {
+              id: get_vm(config[:vm_name]).vm,
+              type: "VirtualMachine",
+            },
+            tag_ids: tag_ids,
+          }
+          tag_service.attach_multiple_tags_to_object(request_body)
         end
       end
@@ -146,18 +145,20 @@ module Kitchen
         save_and_validate_parameters
         connect
         vm = get_vm(state[:vm_name])
+        unless vm.nil?
+          vm_api = VSphereAutomation::VCenter::VMApi.new(api_client)
-        vm_obj = Com::Vmware::Vcenter::VM.new(vapi_config)
+          # shut the machine down if it is running
+          if vm.power_state == "POWERED_ON"
+            power = VSphereAutomation::VCenter::VmPowerApi.new(api_client)
+            power.stop(vm.vm)
+          end
-        # shut the machine down if it is running
-        if vm.power_state.value == "POWERED_ON"
-          power = Com::Vmware::Vcenter::Vm::Power.new(vapi_config)
-          power.stop(vm.vm)
+          # delete the vm
+          vm_api.delete(vm.vm)
         end
-        # delete the vm
-        vm_obj.delete(vm.vm)
       end
       private
@@ -195,22 +196,20 @@ module Kitchen
       #
       # @param [name] name is the name of the datacenter
       def datacenter_exists?(name)
-        filter = Com::Vmware::Vcenter::Datacenter::FilterSpec.new(names: Set.new([name]))
-        dc_obj = Com::Vmware::Vcenter::Datacenter.new(vapi_config)
-        dc = dc_obj.list(filter)
+        dc_api = VSphereAutomation::VCenter::DatacenterApi.new(api_client)
+        dcs = dc_api.list({ filter_names: name }).value
-        raise format("Unable to find data center: %s", name) if dc.empty?
+        raise format("Unable to find data center: %s", name) if dcs.empty?
       end
       # Checks if a network exists or not
       #
       # @param [name] name is the name of the Network
       def network_exists?(name)
-        net_obj = Com::Vmware::Vcenter::Network.new(vapi_config)
-        filter = Com::Vmware::Vcenter::Network::FilterSpec.new(names: Set.new([name]))
-        net = net_obj.list(filter)
+        net_api = VSphereAutomation::VCenter::NetworkApi.new(api_client)
+        nets = net_api.list({ filter_names: name }).value
-        raise format("Unable to find target network: %s", name) if net.empty?
+        raise format("Unable to find target network: %s", name) if nets.empty?
       end
       # Validates the host name of the server you can connect to
@@ -218,56 +217,58 @@ module Kitchen
       # @param [name] name is the name of the host
       def get_host(name)
         # create a host object to work with
-        host_obj = Com::Vmware::Vcenter::Host.new(vapi_config)
+        host_api = VSphereAutomation::VCenter::HostApi.new(api_client)
         if name.nil?
-          host = host_obj.list
+          hosts = host_api.list.value
         else
-          filter = Com::Vmware::Vcenter::Host::FilterSpec.new(names: Set.new([name]))
-          host = host_obj.list(filter)
+          hosts = host_api.list({ filter_names: name }).value
         end
-        raise format("Unable to find target host: %s", name) if host.empty?
+        raise format("Unable to find target host: %s", name) if hosts.empty?
-        host[0]
+        hosts.first
       end
       # Gets the folder you want to create the VM
       #
       # @param [name] name is the name of the folder
       def get_folder(name)
-        # Create a filter to ensure that only the named folder is returned
-        filter = Com::Vmware::Vcenter::Folder::FilterSpec.new(names: Set.new([name]))
-        folder_obj = Com::Vmware::Vcenter::Folder.new(vapi_config)
-        folder = folder_obj.list(filter)
+        folder_api = VSphereAutomation::VCenter::FolderApi.new(api_client)
+        folders = folder_api.list({ filter_names: name }).value
-        raise format("Unable to find folder: %s", name) if folder.empty?
+        raise format("Unable to find folder: %s", name) if folders.empty?
-        folder[0].folder
+        folders.first.folder
       end
       # Gets the name of the VM you are creating
       #
       # @param [name] name is the name of the VM
       def get_vm(name)
-        filter = Com::Vmware::Vcenter::VM::FilterSpec.new(names: Set.new([name]))
-        vm_obj = Com::Vmware::Vcenter::VM.new(vapi_config)
-        vm_obj.list(filter)[0]
+        vm_api = VSphereAutomation::VCenter::VMApi.new(api_client)
+        vms = vm_api.list({ filter_names: name }).value
+        vms.first
       end
       # Gets the info of the cluster
       #
       # @param [name] name is the name of the Cluster
       def get_cluster(name)
-        cl_obj = Com::Vmware::Vcenter::Cluster.new(vapi_config)
+        cluster_api = VSphereAutomation::VCenter::ClusterApi.new(api_client)
+        clusters = cluster_api.list({ filter_names: name }).value
-        # @todo: Use Cluster::FilterSpec to only get the cluster which was asked
-        # filter = Com::Vmware::Vcenter::Cluster::FilterSpec.new(clusters: Set.new(['...']))
-        clusters = cl_obj.list.select { |cluster| cluster.name == name }
         raise format("Unable to find Cluster: %s", name) if clusters.empty?
-        cluster_id = clusters[0].cluster
-        cl_obj.get(cluster_id)
+        cluster_id = clusters.first.cluster
+        host_api = VSphereAutomation::VCenter::HostApi.new(api_client)
+        hosts = host_api.list({ filter_clusters: cluster_id, connection_states: "CONNECTED" }).value
+        raise format("Unable to find active host in cluster %s", name) if hosts.empty?
+        cluster_api.get(cluster_id).value
       end
       # Gets the name of the resource pool
@@ -276,92 +277,47 @@ module Kitchen
       # @param [name] name is the name of the ResourcePool
       def get_resource_pool(name)
         # Create a resource pool object
-        rp_obj = Com::Vmware::Vcenter::ResourcePool.new(vapi_config)
+        rp_api = VSphereAutomation::VCenter::ResourcePoolApi.new(api_client)
         # If no name has been set, use the first resource pool that can be found,
         # otherwise try to find by given name
         if name.nil?
           # Remove default pool for first pass (<= 1.2.1 behaviour to pick first user-defined pool found)
-          resource_pool = rp_obj.list.delete_if { |pool| pool.name == "Resources" }
-          debug("Search of all resource pools found: " + resource_pool.map { |pool| pool.name }.to_s)
+          resource_pools = rp_api.list.value.delete_if { |pool| pool.name == "Resources" }
+          debug("Search of all resource pools found: " + resource_pools.map { |pool| pool.name }.to_s)
           # Revert to default pool, if no user-defined pool found (> 1.2.1 behaviour)
           # (This one might not be found under some circumstances by the statement above)
-          return get_resource_pool("Resources") if resource_pool.empty?
+          return get_resource_pool("Resources") if resource_pools.empty?
         else
-          # create a filter to find the named resource pool
-          filter = Com::Vmware::Vcenter::ResourcePool::FilterSpec.new(names: Set.new([name]))
-          resource_pool = rp_obj.list(filter)
-          debug("Search for resource pools found: " + resource_pool.map { |pool| pool.name }.to_s)
+          resource_pools = rp_api.list({ filter_names: name }).value
+          debug("Search for resource pools found: " + resource_pools.map { |pool| pool.name }.to_s)
         end
-        raise format("Unable to find Resource Pool: %s", name) if resource_pool.empty?
+        raise format("Unable to find Resource Pool: %s", name) if resource_pools.empty?
-        resource_pool[0].resource_pool
-      end
-      # Get location of lookup service
-      def lookup_service_host
-        # Allow manual overrides
-        return config[:lookup_service_host] unless config[:lookup_service_host].nil?
-        # Retrieve SSO service via RbVmomi, which is always co-located with the Lookup Service.
-        vim = RbVmomi::VIM.connect @connection_options
-        vim_settings = vim.serviceContent.setting.setting
-        sso_url = vim_settings.select { |o| o.key == "config.vpxd.sso.sts.uri" }&.first&.value
-        # Configuration fallback, if no SSO URL found for some reason
-        ls_host = sso_url.nil? ? config[:vcenter_host] : URI.parse(sso_url).host
-        debug("Using Lookup Service at: " + ls_host)
-        ls_host
-      end
-      # Get vCenter FQDN
-      def vcenter_host
-        # Retrieve SSO service via RbVmomi, which is always co-located with the Lookup Service.
-        vim = RbVmomi::VIM.connect @connection_options
-        vim_settings = vim.serviceContent.setting.setting
-        vim_settings.select { |o| o.key == "VirtualCenter.FQDN" }.first.value
+        resource_pools.first.resource_pool
       end
       # The main connect method
       #
       def connect
-        # Configure the connection to vCenter
-        lookup_service_helper = LookupServiceHelper.new(lookup_service_host)
-        vapi_urls = lookup_service_helper.find_vapi_urls
-        debug("Found vAPI endpoints: [" + vapi_urls.to_s + "]")
-        vim_urls = lookup_service_helper.find_vim_urls
-        debug("Found VIM endpoints: [" + vim_urls.to_s + "]")
-        node_id = vim_urls.select { |id, url| url.include? vcenter_host }.keys.first
-        debug("NodeID of vCenter " + config[:vcenter_host] + " is " + node_id.to_s)
-        vapi_url = lookup_service_helper.find_vapi_url(node_id)
-        debug("vAPI Endpoint for vCenter is " + vapi_url)
-        # Create the VAPI config object
-        ssl_options = {}
-        ssl_options[:verify] = config[:vcenter_disable_ssl_verify] ? :none : :peer
-        @vapi_config = VAPI::Bindings::VapiConfig.new(vapi_url, ssl_options)
-        # get the SSO url
-        sso_url = lookup_service_helper.find_sso_url
-        sso = SSO::Connection.new(sso_url).login(config[:vcenter_username], config[:vcenter_password])
-        token = sso.request_bearer_token
-        vapi_config.set_security_context(
-          VAPI::Security.create_saml_bearer_security_context(token.to_s)
-        )
-        # Login and get the session information
-        @session_svc = Com::Vmware::Cis::Session.new(vapi_config)
-        @session_id = session_svc.create
-        vapi_config.set_security_context(
-          VAPI::Security.create_session_security_context(session_id)
-        )
+        configuration = VSphereAutomation::Configuration.new.tap do |c|
+          c.host = config[:vcenter_host]
+          c.username = config[:vcenter_username]
+          c.password = config[:vcenter_password]
+          c.scheme = "https"
+          c.verify_ssl = config[:vcenter_disable_ssl_verify] ? false : true
+          c.verify_ssl_host = config[:vcenter_disable_ssl_verify] ? false : true
+        end
+        @api_client = VSphereAutomation::ApiClient.new(configuration)
+        api_client.default_headers["Authorization"] = configuration.basic_auth_token
+        session_api = VSphereAutomation::CIS::SessionApi.new(api_client)
+        session_id = session_api.create("").value
+        api_client.default_headers["vmware-api-session-id"] = session_id
       end
     end
   end

data/lib/support/clone_vm.rb CHANGED Viewed

@@ -2,10 +2,11 @@ require "rbvmomi"
 class Support
   class CloneVm
-    attr_reader :vim, :options
+    attr_reader :vim, :options, :vm, :name, :path
     def initialize(conn_opts, options)
       @options = options
+      @name = options[:name]
       # Connect to vSphere
       @vim ||= RbVmomi::VIM.connect conn_opts
@@ -83,7 +84,7 @@ class Support
         # @todo not working yet
         # relocate_spec.folder = dest_folder
         clone_spec = RbVmomi::VIM.VirtualMachineInstantCloneSpec(location: relocate_spec,
-                                                                 name: options[:name])
+                                                                 name: name)
         task = src_vm.InstantClone_Task(spec: clone_spec)
       else
@@ -91,24 +92,27 @@ class Support
                                                           powerOn: options[:poweron],
                                                           template: false)
-        task = src_vm.CloneVM_Task(spec: clone_spec, folder: dest_folder, name: options[:name])
+        task = src_vm.CloneVM_Task(spec: clone_spec, folder: dest_folder, name: name)
       end
       task.wait_for_completion
       # get the IP address of the machine for bootstrapping
       # machine name is based on the path, e.g. that includes the folder
-      name = options[:folder].nil? ? options[:name] : format("%s/%s", options[:folder][:name], options[:name])
-      new_vm = dc.find_vm(name)
+      @path = options[:folder].nil? ? name : format("%s/%s", options[:folder][:name], name)
+      @vm = dc.find_vm(path)
-      if new_vm.nil?
-        puts format("Unable to find machine: %s", name)
+      if vm.nil?
+        puts format("Unable to find machine: %s", path)
       else
         puts "Waiting for network interfaces to become available..."
-        sleep 2 while new_vm.guest.net.empty? || !new_vm.guest.ipAddress
-        new_vm.guest.net[0].ipConfig.ipAddress.detect do |addr|
-          addr.origin != "linklayer"
-        end.ipAddress
+        sleep 2 while vm.guest.net.empty? || !vm.guest.ipAddress
       end
     end
+    def ip
+      vm.guest.net[0].ipConfig.ipAddress.detect do |addr|
+        addr.origin != "linklayer"
+      end.ipAddress
+    end
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: kitchen-vcenter
 version: !ruby/object:Gem::Version
-  version: 1.5.0
+  version: 2.0.0
 platform: ruby
 authors:
 - Chef Software
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-01-12 00:00:00.000000000 Z
+date: 2019-01-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rbvmomi
@@ -58,28 +58,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '6.6'
+        version: '0.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '6.6'
+        version: '0.1'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.7'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.7'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -102,11 +102,8 @@ extensions: []
 extra_rdoc_files: []
 files:
 - LICENSE
-- lib/base.rb
 - lib/kitchen-vcenter/version.rb
 - lib/kitchen/driver/vcenter.rb
-- lib/lookup_service_helper.rb
-- lib/sso.rb
 - lib/support/clone_vm.rb
 homepage: https://github.com/chef/kitchen-vcenter
 licenses:
@@ -127,8 +124,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 2.7.6
+rubygems_version: 3.0.2
 signing_key:
 specification_version: 4
 summary: Test Kitchen driver for VMare vCenter

data/lib/base.rb DELETED Viewed

@@ -1,35 +0,0 @@
-# frozen_string_literal: true
-#
-# Author:: Chef Partner Engineering (<partnereng@chef.io>)
-# Copyright:: Copyright (c) 2017 Chef Software, Inc.
-# License:: Apache License, Version 2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-require "logger"
-module Base
-  attr_accessor :log
-  def self.log
-    @log ||= init_logger
-  end
-  def self.init_logger
-    log = Logger.new(STDOUT)
-    log.progname = "Knife VCenter"
-    log.level = Logger::INFO
-    log
-  end
-end

data/lib/lookup_service_helper.rb DELETED Viewed

@@ -1,464 +0,0 @@
-# Copyright 2014-2017 VMware, Inc.  All Rights Reserved.
-# SPDX-License-Identifier: MIT
-require "savon"
-require "nokogiri"
-require "base"
-# require 'sample/framework/sample_base'
-# Utility class that helps use the lookup service.
-class LookupServiceHelper
-  attr_reader :sample, :wsdl_url, :soap_url
-  attr_reader :serviceRegistration
-  # Constructs a new instance.
-  # @param [Object] host the associated sample, which provides access
-  #     to the configuration properties of the sample
-  def initialize(host)
-    @soap_url = format("https://%s/lookupservice/sdk", host)
-    @wsdl_url = format("https://%s/lookupservice/wsdl/lookup.wsdl", host)
-  end
-  # Connects to the lookup service.
-  def connect
-    rsc = RetrieveServiceContent.new(client).invoke
-    @serviceRegistration = rsc.get_service_registration
-    Base.log.info "service registration = #{serviceRegistration}"
-  end
-  # Finds the SSO service URL.
-  # In a MxN setup where there are more than one PSC nodes;
-  # This method returns the first SSO service endpoint URL
-  # as returned by the lookup service.
-  #
-  # @return [String] SSO Service endpoint URL.
-  def find_sso_url
-    result = find_service_url(product = "com.vmware.cis",
-                              service = "cs.identity",
-                              endpoint = "com.vmware.cis.cs.identity.sso",
-                              protocol = "wsTrust")
-    raise "SSO URL not found" unless result && result.size > 0
-    result.values[0]
-  end
-  # Finds all the vAPI service endpoint URLs.
-  # In a MxN setup where there are more than one management node;
-  # this method returns more than one URL
-  #
-  # @return [Hash] vapi service endpoint URLs in a dictionary
-  #     where the key is the node_id and the value is the service URL.
-  def find_vapi_urls
-    find_service_url(product = "com.vmware.cis",
-                     service = "cs.vapi",
-                     endpoint = "com.vmware.vapi.endpoint",
-                     protocol = "vapi.json.https.public")
-  end
-  # Finds the vapi service endpoint URL of a management node.
-  #
-  # @param node_id [String] The UUID of the management node.
-  # @return [String] vapi service endpoint URL of a management node or
-  #     nil if no vapi endpoint is found.
-  def find_vapi_url(node_id)
-    raise "node_id is required" if node_id.nil?
-    result = find_vapi_urls()
-    raise "VAPI URLs not found" unless result && result.size > 0
-    result[node_id]
-  end
-  # Finds all the vim service endpoint URLs
-  # In a MxN setup where there are more than one management node;
-  # this method returns more than one URL
-  #
-  # @return [Hash] vim service endpoint URLs in a dictionary where
-  #     the key is the node_id and the value is the service URL.
-  def find_vim_urls
-    find_service_url(product = "com.vmware.cis",
-                     service = "vcenterserver",
-                     endpoint = "com.vmware.vim",
-                     protocol = "vmomi")
-  end
-  # Finds the vim service endpoint URL of a management node
-  #
-  # @param node_id [String] The UUID of the management node.
-  # @return [String] vim service endpoint URL of a management node or
-  #     nil if no vim endpoint is found.
-  def find_vim_url(node_id)
-    raise "node_id is required" if node_id.nil?
-    result = find_vim_urls()
-    raise "VIM URLs not found" unless result && result.size > 0
-    result[node_id]
-  end
-  # Finds all the spbm service endpoint URLs
-  # In a MxN setup where there are more than one management node;
-  # this method returns more than one URL
-  #
-  # @return [Hash] spbm service endpoint URLs in a dictionary where
-  #     the key is the node_id and the value is the service URL.
-  def find_vim_pbm_urls
-    find_service_url(product = "com.vmware.vim.sms",
-                     service = "sms",
-                     endpoint = "com.vmware.vim.pbm",
-                     protocol = "https")
-  end
-  # Finds the spbm service endpoint URL of a management node
-  #
-  # @param node_id [String] The UUID of the management node.
-  # @return [String] spbm service endpoint URL of a management node or
-  #     nil if no spbm endpoint is found.
-  def find_vim_pbm_url(node_id)
-    raise "node_id is required" if node_id.nil?
-    result = find_vim_pbm_urls()
-    raise "PBM URLs not found" unless result && result.size > 0
-    result[node_id]
-  end
-  # Get the management node id from the instance name
-  #
-  # @param instance_name [String] The instance name of the management node
-  # @return [String] The UUID of the management node or
-  #     nil is no management node is found by the given instance name
-  def get_mgmt_node_id(instance_name)
-    raise "instance_name is required" if instance_name.nil?
-    result = find_mgmt_nodes
-    raise "Management nodes not found" unless result && !result.empty?
-    result[instance_name]
-  end
-  def get_mgmt_node_instance_name(node_id)
-    raise "node_id is required" if node_id.nil?
-    result = find_mgmt_nodes
-    raise "Management nodes not found" unless result && !result.empty?
-    result.each { |k, v| return k if v == node_id }
-    nil
-  end
-  # Finds the instance name and UUID of the management node for M1xN1 or
-  # when the PSC and management services all reside on a single node.
-  def get_default_mgmt_node
-    result = find_mgmt_nodes
-    raise "Management nodes not found" unless result && !result.empty?
-    # WHY: raise MultipleManagementNodeException.new if result.size > 1
-    [result.keys[0], result.values[0]]
-  end
-  # Finds all the management nodes
-  #
-  # @return [Hash] management node instance name and node id (UUID) in a dictionary.
-  def find_mgmt_nodes
-    # assert self.serviceRegistration is not None
-    list = List.new(client, "com.vmware.cis", "vcenterserver",
-                    "vmomi", "com.vmware.vim")
-    list.invoke
-    list.get_instance_names
-  end
-  private
-  # Finds a service URL with the given attributes.
-  def find_service_url(product, service, endpoint, protocol)
-    # assert serviceRegistration is not None
-    list = List.new(client, product, service, protocol, endpoint)
-    list.invoke
-    list.get_service_endpoints
-  end
-  # Gets or creates the Savon client instance.
-  def client
-    @client ||= Savon.client do |globals|
-      # see: http://savonrb.com/version2/globals.html
-      globals.wsdl wsdl_url
-      globals.endpoint soap_url
-      globals.strip_namespaces false
-      globals.env_namespace :S
-      # set like this so https connection does not fail
-      # TODO: find an acceptable solution for production
-      globals.ssl_verify_mode :none
-      # dev/debug settings
-      # globals.pretty_print_xml ENV['DEBUG_SOAP']
-      # globals.log ENV['DEBUG_SOAP']
-    end
-  end
-end
-# @abstract Base class for invocable service calls.
-class Invocable
-  attr_reader :operation, :client, :response
-  # Constructs a new instance.
-  # @param operation [Symbol] the operation name
-  # @param client [Savon::Client] the client
-  def initialize(operation, client)
-    @operation = operation
-    @client = client
-  end
-  # Invokes the service call represented by this type.
-  def invoke
-    request = request_xml.to_s
-    Base.log.debug(request)
-    @response = client.call(operation, xml: request)
-    Base.log.debug(response)
-    self # for chaining with new
-  end
-  # Builds the request XML content.
-  def request_xml
-    builder = Builder::XmlMarkup.new
-    builder.instruct!(:xml, encoding: "UTF-8")
-    builder.tag!("S:Envelope",
-                 "xmlns:S" => "http://schemas.xmlsoap.org/soap/envelope/") do |envelope|
-      envelope.tag!("S:Body") do |body|
-        body_xml(body)
-      end
-    end
-    builder.target!
-  end
-  # Builds the body portion of the request XML content.
-  # Specific service operations must override this method.
-  def body_xml
-    raise "abstract method not implemented!"
-  end
-  # Gets the response XML content.
-  def response_xml
-    raise "illegal state: response not set yet" if response.nil?
-    @response_xml ||= Nokogiri::XML(response.to_xml)
-  end
-  def response_hash
-    @response_hash ||= response.to_hash
-  end
-end
-# Encapsulates the list operation of the lookup service.
-class List < Invocable
-  # Constructs a new instance.
-  def initialize(client, product, service, protocol, endpoint)
-    super(:list, client)
-    @product = product
-    @service = service
-    @protocol = protocol
-    @endpoint = endpoint
-  end
-=begin
-    <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
-        <S:Body>
-            <List xmlns="urn:lookup">
-                <_this type="LookupServiceRegistration">ServiceRegistration</_this>
-                <filterCriteria>
-                    <serviceType>
-                        <product>com.vmware.cis</product>
-                        <type>cs.identity</type>
-                    </serviceType>
-                    <endpointType>
-                        <protocol>wsTrust</protocol>
-                        <type>com.vmware.cis.cs.identity.sso</type>
-                    </endpointType>
-                </filterCriteria>
-            </List>
-        </S:Body>
-    </S:Envelope>
-=end
-  def body_xml(body)
-    body.tag!("List", "xmlns" => "urn:lookup") do |list|
-      # TODO: use the copy that was retrieved on startup?
-      list.tag!("_this",
-                "type" => "LookupServiceRegistration") do |this|
-        this << "ServiceRegistration"
-      end
-      list.tag!("filterCriteria") do |criteria|
-        criteria.tag!("serviceType") do |stype|
-          stype.tag!("product") do |p|
-            p << @product
-          end
-          stype.tag!("type") do |t|
-            t << @service
-          end
-        end
-        criteria.tag!("endpointType") do |etype|
-          etype.tag!("protocol") do |p|
-            p << @protocol
-          end
-          etype.tag!("type") do |t|
-            t << @endpoint
-          end
-        end
-      end
-    end
-  end
-  # Gets the service endpoint information from the response.
-  # Support for MxN.
-  # @return [Hash] a hash where the key is NodeId and the Value is a Service URL
-  def get_service_endpoints
-    result = {}
-=begin
-    <ListResponse xmlns="urn:lookup">
-        <returnval>
-            <serviceVersion>2.0</serviceVersion>
-            <vendorNameResourceKey/>
-            <vendorNameDefault/>
-            <vendorProductInfoResourceKey/>
-            <vendorProductInfoDefault/>
-            <serviceEndpoints>
-                <url>https://pa-rdinfra3-vm7-dhcp5583.eng.vmware.com/sts/STSService/vsphere.local</url>
-                <endpointType>
-                    <protocol>wsTrust</protocol>
-                    <type>com.vmware.cis.cs.identity.sso</type>
-                </endpointType>
-                <sslTrust>
-                    ...
-                </sslTrust>
-            </serviceEndpoints>
-            <serviceNameResourceKey/>
-            <serviceNameDefault/>
-            <serviceDescriptionResourceKey/>
-            <serviceDescriptionDefault/>
-            <ownerId>pa-rdinfra3-vm7-dhcp5583.eng.vmware.com@vsphere.local</ownerId>
-            <serviceType>
-                <product>com.vmware.cis</product>
-                <type>cs.identity</type>
-            </serviceType>
-            <nodeId/>
-            <serviceId>6a8a5058-5d3d-4d42-bb5e-383b91c8732e</serviceId>
-            <siteId>default-first-site</siteId>
-        </returnval>
-    </ListResponse>
-=end
-    Base.log.debug "List: response_hash = #{response_hash}"
-    return_val = response_hash[:list_response][:returnval]
-    return_val = [return_val] if return_val.is_a? Hash
-    return_val.each do |entry|
-        # FYI: the node_id is sometimes null, so use the service_id in this case
-      node_id = entry[:node_id] || entry[:service_id]
-      result[node_id] = entry[:service_endpoints][:url]
-    end
-    Base.log.debug "List: result = #{result}"
-    result
-  end
-  def get_instance_names
-    result = {}
-=begin
-      <serviceAttributes>
-          <key>com.vmware.cis.cm.GroupInternalId</key>
-          <value>com.vmware.vim.vcenter</value>
-      </serviceAttributes>
-      <serviceAttributes>
-          <key>com.vmware.cis.cm.ControlScript</key>
-          <value>vmware-vpxd.sh</value>
-      </serviceAttributes>
-      <serviceAttributes>
-          <key>com.vmware.cis.cm.HostId</key>
-          <value>906477a1-24c6-4d48-9e99-55ef962878f7</value>
-      </serviceAttributes>
-      <serviceAttributes>
-          <key>com.vmware.vim.vcenter.instanceName</key>
-          <value>pa-rdinfra3-vm7-dhcp5583.eng.vmware.com</value>
-      </serviceAttributes>
-=end
-    Base.log.debug "List: response_hash = #{response_hash}"
-    return_val = response_hash[:list_response][:returnval]
-    return_val = [return_val] if return_val.is_a? Hash
-    return_val.each do |entry|
-      node_id = entry[:node_id]
-      # TODO: is it possible there be 0 or 1 attrs?  if so, deal with it.
-      attrs = entry[:service_attributes]
-      Base.log.debug "List: attrs=#{attrs}"
-      attrs.each do |attr|
-        if attr[:key] == "com.vmware.vim.vcenter.instanceName"
-          result[attr[:value]] = node_id
-        end
-      end
-    end
-    Base.log.debug "List: result = #{result}"
-    result
-  end
-end
-# Encapsulates the RetrieveServiceContent operation of the lookup service.
-class RetrieveServiceContent < Invocable
-  # Constructs a new instance.
-  def initialize(client)
-    super(:retrieve_service_content, client)
-  end
-=begin
-    <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
-        <S:Body>
-            <RetrieveServiceContent xmlns="urn:lookup">
-                <_this type="LookupServiceInstance">ServiceInstance</_this>
-            </RetrieveServiceContent>
-        </S:Body>
-    </S:Envelope>
-=end
-  def body_xml(body)
-    body.tag!("RetrieveServiceContent", "xmlns" => "urn:lookup") do |rsc|
-      rsc.tag!("_this", "type" => "LookupServiceInstance") do |this|
-        this << "ServiceInstance"
-      end
-    end
-  end
-=begin
-    ...
-        <RetrieveServiceContentResponse xmlns="urn:lookup">
-            <returnval>
-                <lookupService type="LookupLookupService">lookupService</lookupService>
-                <serviceRegistration type="LookupServiceRegistration">ServiceRegistration</serviceRegistration>
-                <deploymentInformationService type="LookupDeploymentInformationService">deploymentInformationService</deploymentInformationService>
-                <l10n type="LookupL10n">l10n</l10n>
-            </returnval>
-        </RetrieveServiceContentResponse>
-    ...
-=end
-  def get_service_registration
-    Base.log.debug "RetrieveServiceContent: response_hash = #{response_hash}"
-    return_val = response_hash[:retrieve_service_content_response][:returnval]
-    result = return_val[:service_registration]
-    Base.log.debug "RetrieveServiceContent: result = #{result}"
-    result
-  end
-end
-class MultipleManagementNodeException < RuntimeError
-end
-# main: quick self tester
-if __FILE__ == $0
-  Base.log.level = Logger::DEBUG if ENV["DEBUG"]
-  sample = SelfTestSample.new
-  sample.ls_ip = ARGV[0] || "10.67.245.207"
-  # MXN: sample.ls_ip = '10.160.42.83'
-  # MXN: sample.ls_ip = '10.160.35.191'
-  # MAYBE: sample.main() # for arg parsing
-  ls_helper = LookupServiceHelper.new(sample)
-  ls_helper.connect
-  puts "***************************************"
-  puts "SSO URL: #{ls_helper.find_sso_url}"
-  puts "VAPI URL: #{ls_helper.find_vapi_urls}"
-  puts "VIM URL: #{ls_helper.find_vim_urls}"
-  puts "PBM URL: #{ls_helper.find_vim_pbm_urls}"
-  puts "Mgmt Nodes: #{ls_helper.find_mgmt_nodes}"
-end

data/lib/sso.rb DELETED Viewed

@@ -1,268 +0,0 @@
-# Copyright 2014-2017 VMware, Inc.  All Rights Reserved.
-# SPDX-License-Identifier: MIT
-require "savon"
-require "nokogiri"
-require "date"
-require "securerandom"
-# A little utility library for VMware SSO.
-# For now, this is not a general purpose library that covers all
-# the interfaces of the SSO service.
-# Specifically, the support is limited to the following:
-# * request bearer token.
-module SSO
-  # The XML date format.
-  DATE_FORMAT = "%FT%T.%LZ".freeze
-  # The XML namespaces that are required: SOAP, WSDL, et al.
-  NAMESPACES = {
-    "xmlns:S" => "http://schemas.xmlsoap.org/soap/envelope/",
-    "xmlns:wst" => "http://docs.oasis-open.org/ws-sx/ws-trust/200512",
-    "xmlns:u" => "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd",
-    "xmlns:x" => "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd",
-  }.freeze
-  # Provides the connection details for the SSO service.
-  class Connection
-    attr_accessor :sso_url, :wsdl_url, :username, :password
-    # Creates a new instance.
-    def initialize(sso_url, wsdl_url = nil)
-      self.sso_url = sso_url
-      self.wsdl_url = wsdl_url || "#{sso_url}?wsdl"
-    end
-    # Login with the given credentials.
-    # Note: this does not invoke a login action, but rather stores the
-    # credentials for use later.
-    def login(username, password)
-      self.username = username
-      self.password = password
-      self # enable builder pattern
-    end
-    # Gets (or creates) the Savon client instance.
-    def client
-      # construct and init the client proxy
-      @client ||= Savon.client do |globals|
-        # see: http://savonrb.com/version2/globals.html
-        globals.wsdl wsdl_url
-        globals.endpoint sso_url
-        globals.strip_namespaces false
-        globals.env_namespace :S
-        # set like this so https connection does not fail
-        # TODO: find an acceptable solution for production
-        globals.ssl_verify_mode :none
-        # dev/debug settings
-        # globals.pretty_print_xml ENV['DEBUG_SOAP']
-        # globals.log ENV['DEBUG_SOAP']
-      end
-    end
-    # Invokes the request bearer token operation.
-    # @return [SamlToken]
-    def request_bearer_token
-      rst = RequestSecurityToken.new(client, username, password)
-      rst.invoke
-      rst.saml_token
-    end
-  end
-  # @abstract Base class for invocable service calls.
-  class SoapInvocable
-    attr_reader :operation, :client, :response
-    # Constructs a new instance.
-    # @param operation [Symbol] the SOAP operation name (in Symbol form)
-    # @param client [Savon::Client] the client
-    def initialize(operation, client)
-      @operation = operation
-      @client = client
-    end
-    # Invokes the service call represented by this type.
-    def invoke
-      request = request_xml.to_s
-      puts "request = #{request}" if ENV["DEBUG"]
-      @response = client.call(operation, xml: request)
-      puts "response = #{response}" if ENV["DEBUG"]
-      self # for chaining with new
-    end
-    # Builds the request XML content.
-    def request_xml
-      builder = Builder::XmlMarkup.new
-      builder.instruct!(:xml, encoding: "UTF-8")
-      builder.tag!("S:Envelope", NAMESPACES) do |envelope|
-        if has_header?
-          envelope.tag!("S:Header") do |header|
-            header_xml(header)
-          end
-        end
-        envelope.tag!("S:Body") do |body|
-          body_xml(body)
-        end
-      end
-      builder.target!
-    end
-    def has_header?
-      true
-    end
-    # Builds the header portion of the SOAP request.
-    # Specific service operations must override this method.
-    def header_xml(_header)
-      raise "abstract method not implemented!"
-    end
-    # Builds the body portion of the SOAP request.
-    # Specific service operations must override this method.
-    def body_xml(_body)
-      raise "abstract method not implemented!"
-    end
-    # Gets the response XML content.
-    def response_xml
-      raise "illegal state: response not set yet" if response.nil?
-      @response_xml ||= Nokogiri::XML(response.to_xml)
-    end
-    def response_hash
-      @response_hash ||= response.to_hash
-    end
-  end
-  # Encapsulates an issue operation that requests a security token
-  # from the SSO service.
-  class RequestSecurityToken < SoapInvocable
-    attr_accessor :request_type, :delegatable
-    # Constructs a new instance.
-    def initialize(client, username, password, hours = 2)
-      super(:issue, client)
-      @username = username
-      @password = password
-      @hours = hours
-      # TODO: these things should be configurable, so we can get
-      # non-delegatable tokens, HoK tokens, etc.
-      @request_type = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue"
-      @delegatable = true
-    end
-    def now
-      @now ||= Time.now.utc.to_datetime
-    end
-    def created
-      @created ||= now.strftime(DATE_FORMAT)
-    end
-    def future
-      @future ||= now + (2 / 24.0) # days (for DateTime math)
-    end
-    def expires
-      @expires ||= future.strftime(DATE_FORMAT)
-    end
-    # Builds the header XML for the SOAP request.
-    def header_xml(header)
-      id = "uuid-" + SecureRandom.uuid
-      # header.tag!("x:Security", "x:mustUnderstand" => "1") do |security|
-      header.tag!("x:Security") do |security|
-        security.tag!("u:Timestamp", "u:Id" => "_0") do |timestamp|
-          timestamp.tag!("u:Created") do |element|
-            element << created
-          end
-          timestamp.tag!("u:Expires") do |element|
-            element << expires
-          end
-        end
-        security.tag!("x:UsernameToken", "u:Id" => id) do |utoken|
-          utoken.tag!("x:Username") do |element|
-            element << @username
-          end
-          utoken.tag!("x:Password") do |element|
-            element << @password
-          end
-        end
-      end
-    end
-    # Builds the body XML for the SOAP request.
-    def body_xml(body)
-      body.tag!("wst:RequestSecurityToken") do |rst|
-        rst.tag!("wst:RequestType") do |element|
-          element << request_type
-        end
-        rst.tag!("wst:Delegatable") do |element|
-          element << delegatable.to_s
-        end
-=begin
-          #TODO: we don't seem to need this, but I'm leaving this
-          #here for now as a reminder.
-          rst.tag!("wst:Lifetime") do |lifetime|
-              lifetime.tag!("u:Created") do |element|
-                  element << created
-              end
-              lifetime.tag!("u:Expires") do |element|
-                  element << expires
-              end
-          end
-=end
-      end
-    end
-  # Gets the saml_token from the SOAP response body.
-  # @return [SamlToken] the requested SAML token
-    def saml_token
-      assertion = response_xml.at_xpath("//saml2:Assertion",
-              "saml2" => "urn:oasis:names:tc:SAML:2.0:assertion")
-      SamlToken.new(assertion)
-    end
-  end
-    # Holds a SAML token.
-  class SamlToken
-    attr_reader :xml
-      # Creates a new instance.
-    def initialize(xml)
-      @xml = xml
-    end
-      # TODO: add some getters for interesting content
-    def to_s
-      esc_token = xml.to_xml(indent: 0, encoding: "UTF-8")
-      esc_token = esc_token.delete("\n")
-      esc_token
-    end
-  end
-end
-# main: quick self tester
-if __FILE__ == $0
-  cloudvm_ip = ARGV[0]
-  cloudvm_ip ||= "10.20.17.0"
-  # cloudvm_ip ||= "10.67.245.207"
-  sso_url = "https://#{cloudvm_ip}/sts/STSService/vsphere.local"
-  wsdl_url = "#{sso_url}?wsdl"
-  sso = SSO::Connection.new(sso_url, wsdl_url)
-  # sso.login("administrator@vsphere.local", "Admin!23")
-  sso.login("root", "vmware")
-  token = sso.request_bearer_token
-  puts token.to_s
-end