knife-container 0.2.0

data/lib/knife-container/chef_runner.rb

@@ -0,0 +1,83 @@
+#
+# Copyright:: Copyright (c) 2014 Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef'
+
+module KnifeContainer
+  # An adapter to chef's APIs to kick off a chef-client run.
+  class ChefRunner
+
+    attr_reader :cookbook_path
+    attr_reader :run_list
+
+    def initialize(cookbook_path, run_list)
+      @cookbook_path = cookbook_path
+      @run_list = run_list
+      @formatter = nil
+      @ohai = nil
+    end
+
+    def converge
+      configure
+      Chef::Runner.new(run_context).converge
+    end
+
+    def run_context
+      @run_context ||= policy.setup_run_context
+    end
+
+    def policy
+      return @policy_builder if @policy_builder
+
+      @policy_builder = Chef::PolicyBuilder::ExpandNodeObject.new("knife_container", ohai.data, {}, nil, formatter)
+      @policy_builder.load_node
+      @policy_builder.build_node
+      @policy_builder.node.run_list(*run_list)
+      @policy_builder.expand_run_list
+      @policy_builder
+    end
+
+    def formatter
+      @formatter ||= Chef::Formatters.new(:doc, stdout, stderr)
+    end
+
+    def configure
+      Chef::Config.solo = true
+      Chef::Config.cookbook_path = cookbook_path
+      Chef::Config.color = true
+      Chef::Config.diff_disabled = true
+    end
+
+    def ohai
+      return @ohai if @ohai
+
+      @ohai = Ohai::System.new
+      @ohai.all_plugins(["platform", "platform_version"])
+      @ohai
+    end
+
+    def stdout
+      $stdout
+    end
+
+    def stderr
+      $stderr
+    end
+
+  end
+end
+

data/lib/knife-container/command.rb

@@ -0,0 +1,45 @@
+#
+# Copyright:: Copyright (c) 2014 Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'knife-container/generator'
+require 'knife-container/chef_runner'
+
+module KnifeContainer
+  module Command
+
+    # An instance of ChefRunner. Calling ChefRunner#converge will trigger
+    # convergence and generate the desired code.
+    def chef_runner
+      @chef_runner ||= ChefRunner.new(docker_cookbook_path, ["knife_container::#{recipe}"])
+    end
+
+    # Path to the directory where the code_generator cookbook is located.
+    # For now, this is hard coded to the 'skeletons' directory in this
+    # repo.
+    def docker_cookbook_path
+      File.expand_path("../skeletons", __FILE__)
+    end
+
+    # Delegates to `Generator.context`, the singleton instance of
+    # Generator::Context
+    def generator_context
+      Generator.context
+    end
+
+  end
+end
+

data/lib/knife-container/generator.rb

@@ -0,0 +1,88 @@
+#
+# Copyright:: Copyright (c) 2014 Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+module KnifeContainer
+
+  module Generator
+
+    class Context
+
+      attr_accessor :dockerfile_name
+      attr_accessor :dockerfiles_path
+      attr_accessor :base_image
+      attr_accessor :chef_client_mode
+      attr_accessor :run_list
+      attr_accessor :cookbook_path
+      attr_accessor :role_path
+      attr_accessor :node_path
+      attr_accessor :environment_path
+      attr_accessor :chef_server_url
+      attr_accessor :validation_key
+      attr_accessor :validation_client_name
+      attr_accessor :trusted_certs_dir
+      attr_accessor :encrypted_data_bag_secret
+      attr_accessor :first_boot
+      attr_accessor :berksfile
+      attr_accessor :generate_berksfile
+      attr_accessor :run_berks
+      attr_accessor :force_build
+      attr_accessor :include_credentials
+
+    end
+
+    def self.reset
+      @context = nil
+    end
+
+    def self.context
+      @context ||= Context.new
+    end
+
+    module TemplateHelper
+
+      def self.delegate_to_app_context(name)
+        define_method(name) do
+          KnifeContainer::Generator.context.public_send(name)
+        end
+      end
+
+      # delegate all the attributes of app_config
+      delegate_to_app_context :dockerfile_name
+      delegate_to_app_context :dockerfiles_path
+      delegate_to_app_context :base_image
+      delegate_to_app_context :chef_client_mode
+      delegate_to_app_context :run_list
+      delegate_to_app_context :cookbook_path
+      delegate_to_app_context :role_path
+      delegate_to_app_context :node_path
+      delegate_to_app_context :environment_path
+      delegate_to_app_context :chef_server_url
+      delegate_to_app_context :validation_key
+      delegate_to_app_context :validation_client_name
+      delegate_to_app_context :trusted_certs_dir
+      delegate_to_app_context :encrypted_data_bag_secret
+      delegate_to_app_context :first_boot
+      delegate_to_app_context :berksfile
+      delegate_to_app_context :generate_berksfile
+      delegate_to_app_context :run_berks
+      delegate_to_app_context :force_build
+      delegate_to_app_context :include_credentials
+
+    end
+
+  end
+end

data/lib/knife-container/helpers.rb

@@ -0,0 +1,16 @@
+
+module KnifeContainer
+
+  module Helpers
+    #
+    # Generates a short, but random UID for instances.
+    #
+    # @return [String]
+    #
+    def random_uid
+      require 'securerandom' unless defined?(SecureRandom)
+      SecureRandom.hex(3)
+    end
+
+  end
+end

data/lib/knife-container/skeletons/knife_container/files/default/plugins/docker_container.rb

@@ -0,0 +1,37 @@
+require 'docker' # it gets this from chef-init
+
+Ohai.plugin(:DockerContainer) do
+  provides "docker_container"
+
+  def container_id
+    shell_out("hostname").stdout.strip
+  end
+
+  def looks_like_docker?
+    hint?('docker_container') || !!Docker.version && !!Docker::Container.get(container_id)
+  end
+
+  ##
+  # The format of the data is collection is the inspect API
+  # http://docs.docker.io/reference/api/docker_remote_api_v1.11/#inspect-a-container
+  #
+  collect_data do
+    metadata_from_hints = hint?('docker_container')
+
+    if looks_like_docker?
+      Ohai::Log.debug("looks_like_docker? == true")
+      docker_container Mash.new
+
+      if metadata_from_hints
+        Ohai::Log.debug("docker_container hints present")
+        metadata_from_hints.each { |k,v| docker_container[k] = v }
+      end
+
+      container = Docker::Container.get(container_id).json
+      container.each { |k,v| docker_container[k] = v }
+    else
+      Ohai::Log.debug("looks_like_docker? == false")
+      false
+    end
+  end
+end

data/lib/knife-container/skeletons/knife_container/metadata.rb

@@ -0,0 +1,7 @@
+name             'knife_container'
+maintainer       'Chef Software, Inc.'
+maintainer_email 'dev@getchef.com'
+license          'Apache 2 License'
+description      'Generates Chef code for knife-container'
+long_description 'Generates Chef code for knife-container'
+version          '0.1.0'

data/lib/knife-container/skeletons/knife_container/recipes/docker_init.rb

@@ -0,0 +1,181 @@
+context = KnifeContainer::Generator.context
+dockerfile_dir = File.join(context.dockerfiles_path, context.dockerfile_name)
+temp_chef_repo = File.join(dockerfile_dir, "chef")
+user_chef_repo = File.join(context.dockerfiles_path, "..")
+
+##
+# Initial Setup
+#
+
+# Create Dockerfile directory (REPO/NAME)
+directory dockerfile_dir do
+  recursive true
+end
+
+# Dockerfile
+template File.join(dockerfile_dir, "Dockerfile") do
+  source "dockerfile.erb"
+  helpers(KnifeContainer::Generator::TemplateHelper)
+end
+
+# .dockerfile
+template File.join(dockerfile_dir, ".dockerignore") do
+  source "dockerignore.erb"
+  helpers(KnifeContainer::Generator::TemplateHelper)
+end
+
+
+##
+# Initial Chef Setup
+#
+
+# create temp chef-repo
+directory temp_chef_repo do
+  recursive true
+end
+
+# Client Config
+template File.join(temp_chef_repo, "#{context.chef_client_mode}.rb") do
+  source "config.rb.erb"
+  helpers(KnifeContainer::Generator::TemplateHelper)
+end
+
+# First Boot JSON
+file File.join(temp_chef_repo, "first-boot.json") do
+  content context.first_boot
+end
+
+# Node Name
+template File.join(temp_chef_repo, ".node_name") do
+  source "node_name.erb"
+  helpers(KnifeContainer::Generator::TemplateHelper)
+end
+
+##
+# Resolve run list
+#
+require 'chef/run_list/run_list_item'
+run_list_items = context.run_list.map { |i| Chef::RunList::RunListItem.new(i) }
+cookbooks = []
+
+run_list_items.each do |item|
+  # Extract cookbook name from recipe
+  if item.recipe?
+    rmatch = item.name.match(/(.+?)::(.+)/)
+    if rmatch
+      cookbooks << rmatch[1]
+    else
+      cookbooks << item.name
+    end
+  end
+end
+
+# Generate Berksfile from runlist
+unless context.run_list.empty?
+  template File.join(dockerfile_dir, "Berksfile") do
+    source "berksfile.erb"
+    variables :cookbooks => cookbooks
+    helpers(KnifeContainer::Generator::TemplateHelper)
+    only_if { context.generate_berksfile }
+  end
+end
+
+# Copy over the necessary directories into the temp chef-repo (if local-mode)
+if context.chef_client_mode == "zero"
+
+  # generate a cookbooks directory unless we are building from a Berksfile
+  unless context.generate_berksfile
+    directory "#{temp_chef_repo}/cookbooks"
+  end
+
+  # Copy over cookbooks that are mentioned in the runlist. There is a gap here
+  # that dependent cookbooks are not copied. This is a result of not having a
+  # depsolver in the chef-client. The solution here is to use the Berkshelf integration.
+  if context.cookbook_path.kind_of?(Array)
+    context.cookbook_path.each do |dir|
+      if File.exists?(File.expand_path(dir))
+        cookbooks.each do |cookbook|
+          if File.exists?("#{File.expand_path(dir)}/#{cookbook}")
+            execute "cp -rf #{File.expand_path(dir)}/#{cookbook} #{temp_chef_repo}/cookbooks/"
+          end
+        end
+      else
+        log "Could not find a '#{File.expand_path(dir)}' directory in your chef-repo."
+      end
+    end
+  elsif File.exists?(File.expand_path(context.cookbook_path))
+    cookbooks.each do |cookbook|
+      if File.exists?("#{File.expand_path(context.cookbook_path)}/#{cookbook}")
+        execute "cp -rf #{File.expand_path(context.cookbook_path)}/#{cookbook} #{temp_chef_repo}/cookbooks/"
+      end
+    end
+  else
+    log "Could not find a '#{File.expand_path(context.cookbook_path)}' directory in your chef-repo."
+  end
+
+  # Because they have a smaller footprint, we will copy over all the roles, environments
+  # and nodes. This behavior will likely change in a future version of knife-container.
+  %w(role environment node).each do |dir|
+    path = context.send(:"#{dir}_path")
+    if path.kind_of?(Array)
+      path.each do |p|
+        execute "cp -r #{File.expand_path(p)}/ #{File.join(temp_chef_repo, "#{dir}s")}" do
+          not_if { Dir["#{p}/*"].empty? }
+        end
+      end
+    elsif path.kind_of?(String)
+      execute "cp -r #{path}/ #{File.join(temp_chef_repo, "#{dir}s/")}" do
+        not_if { Dir["#{path}/*"].empty? }
+      end
+    end
+  end
+end
+
+##
+# Server Only Stuff
+#
+if context.chef_client_mode == "client"
+
+  directory File.join(temp_chef_repo, 'secure')
+
+  # Add validation.pem
+  file File.join(temp_chef_repo, 'secure', "validation.pem") do
+    content File.read(context.validation_key)
+    mode '0600'
+  end
+
+  # Copy over trusted certs
+  unless Dir["#{context.trusted_certs_dir}/*"].empty?
+    directory File.join(temp_chef_repo, 'secure', "trusted_certs")
+    execute "cp -r #{context.trusted_certs_dir}/* #{File.join(temp_chef_repo, 'secure', "trusted_certs/")}"
+  end
+
+  # Copy over encrypted_data_bag_key
+  unless context.encrypted_data_bag_secret.nil?
+    if File.exists?(context.encrypted_data_bag_secret)
+      file File.join(temp_chef_repo, 'secure', "encrypted_data_bag_secret") do
+       content File.read(context.encrypted_data_bag_secret)
+       mode '0600'
+      end
+    end
+  end
+end
+
+##
+# Create Ohai Plugin
+#
+
+# create Ohai folder
+# directory File.join(temp_chef_repo, "ohai")
+
+# docker hints directory
+# directory File.join(temp_chef_repo, "ohai", "hints")
+
+# docker plugins directory
+# directory File.join(temp_chef_repo, "ohai_plugins")
+
+# docker_container Ohai plugin
+# cookbook_file File.join(temp_chef_repo, "ohai_plugins", "docker_container.rb") do
+#   source "plugins/docker_container.rb"
+#   mode "0755"
+# end