knife-ec-backup 1.1.8 → 1.1.9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 555db6e18f609eb180e4903ce2ca211db5f33444
-  data.tar.gz: 07a794b5dbd08e1c383eb25072ff88e20cdfbcb5
+  metadata.gz: 2f6ccb75df554513932811d591b998bc003b5e2a
+  data.tar.gz: f483c5827dc422e42a77a1f3c0d38c6afd23ca44
 SHA512:
-  metadata.gz: d4679a94465e27cfdbb81930aa828fef32523df2dced01c7be95141691dfe91693ae8749e8003666879f8c04fa331bed31ca9a1a805a400006b9757f0d52ee37
-  data.tar.gz: 23e4d67586e1ff4b6c9e934ff770fdfe6c5bc14c5dcee06e6ba39ab67540f70d7bb7eec6e90f93b01ca2ddc7898c25bad3bef6c2cec1a984004cd8442132d48a
+  metadata.gz: 5faefbd227c50d317b3570ccb88f2c9a0a5e44e7dd5cdca7482b667eafdaf0b779e51c491a83127939da69082c11916df1acf4e48663e80300ce2ede6307dbc8
+  data.tar.gz: a3a8ddadea8cfd3ff190aca59120edf249e59194355e9a97f7fc438c0e692b7bed5cc270ac70735bb246124a0a8679ebde34065f3a4c507ef8af57f6d6c9252f

data/lib/chef/knife/ec_backup.rb

@@ -3,7 +3,7 @@ require 'chef/knife'
 class Chef
   class Knife
     class EcBackup < Chef::Knife
-      banner "knife ec backup"
+      banner "knife ec backup DIRECTORY"
 
       option :concurrency,
         :long => '--concurrency THREADS',
@@ -25,6 +25,10 @@ class Chef
         :default => false,
         :description => "Whether to skip checking the Chef Server version.  This will also skip any auto-configured options"
 
+      option :org,
+        :long => '--only-org ORGNAME',
+        :description => "Only back up objects in the named organization (default: all orgs)"
+
       deps do
         require 'chef_fs/config'
         require 'chef_fs/file_system'
@@ -140,8 +144,9 @@ class Chef
         # Download organizations
         ensure_dir("#{dest_dir}/organizations")
         rest.get_rest('/organizations').each_pair do |name, url|
+          do_org = (config[:org].nil? || config[:org] == name)
           org = rest.get_rest(url)
-          if org['assigned_at']
+          if org['assigned_at'] and do_org
             puts "Grabbing organization #{name} ..."
             ensure_dir("#{dest_dir}/organizations/#{name}")
             download_org(dest_dir, webui_key, name)

data/lib/chef/knife/ec_key_base.rb

@@ -0,0 +1,74 @@
+#
+# Author:: Steven Danna (<steve@getchef.com>)
+# Copyright:: Copyright (c) 2014 Chef Software, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef/knife'
+
+class Chef
+  class Knife
+    module EcKeyBase
+
+      def self.included(includer)
+        includer.class_eval do
+
+          deps do
+            require 'sequel'
+            require 'json'
+          end
+
+          option :sql_host,
+          :long => '--sql-host HOSTNAME',
+          :description => 'Postgresql database hostname (default: localhost)',
+          :default => "localhost"
+
+          option :sql_port,
+          :long => '--sql-port PORT',
+          :description => 'Postgresql database port (default: 5432)',
+          :default => 5432
+
+          option :sql_user,
+          :long => "--sql-user USERNAME",
+          :description => 'User used to connect to the postgresql database.'
+
+          option :sql_password,
+          :long => "--sql-password PASSWORD",
+          :description => 'Password used to connect to the postgresql database'
+        end
+      end
+
+      def db
+        @db ||= begin
+                  server_string = "#{config[:sql_user]}:#{config[:sql_password]}@#{config[:sql_host]}:#{config[:sql_port]}/opscode_chef"
+                  Sequel.connect("postgres://#{server_string}")
+                end
+      end
+
+      # Loads SQL user and password from running config if not passed
+      # as a command line option
+      def load_config_from_file!
+        if ! File.exists?("/etc/opscode/chef-server-running.json")
+          ui.fatal "SQL User or Password not provided as option and running config cannot be found!"
+          exit 1
+        else
+          running_config ||= JSON.parse(File.read("/etc/opscode/chef-server-running.json"))
+          config[:sql_user] ||= running_config['private_chef']['postgresql']['sql_user']
+          config[:sql_password] ||= running_config['private_chef']['postgresql']['sql_password']
+        end
+      end
+    end
+  end
+end

data/lib/chef/knife/ec_key_export.rb

@@ -0,0 +1,45 @@
+#
+# Author:: Steven Danna (<steve@getchef.com>)
+# Copyright:: Copyright (c) 2014 Chef Software, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef/knife'
+require 'chef/knife/ec_key_base'
+
+class Chef
+  class Knife
+    class EcKeyExport < Chef::Knife
+
+      include Knife::EcKeyBase
+
+      banner "knife ec key export [PATH]"
+
+      def run
+        if config[:sql_user].nil? || config[:sql_password].nil?
+          load_config_from_file!
+        end
+
+        path = @name_args[0] || "key_dump.json"
+        export(path)
+      end
+
+      def export(path)
+        users = db.select(:username, :public_key, :pubkey_version, :hashed_password, :salt, :hash_type).from(:users)
+        File.open(path, 'w') { |file| file.write(users.all.to_json) }
+      end
+    end
+  end
+end

data/lib/chef/knife/ec_key_import.rb

@@ -0,0 +1,76 @@
+#
+# Author:: Steven Danna (<steve@getchef.com>)
+# Copyright:: Copyright (c) 2014 Chef Software, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef/knife'
+require 'chef/knife/ec_key_base'
+
+class Chef
+  class Knife
+    class EcKeyImport < Chef::Knife
+
+      include Knife::EcKeyBase
+
+      banner "knife ec key import [PATH]"
+
+      option :skip_pivotal,
+        :long => "--[no-]skip-pivotal",
+        :default => true,
+        :boolean => true,
+        :description => "Upload pivotal key.  By default the pivotal key is not uploaded."
+
+      def run
+        if config[:sql_user].nil? || config[:sql_password].nil?
+          load_config_from_file!
+        end
+
+        path = @name_args[0] || "key_dump.json"
+        import(path)
+      end
+
+
+      def import(path)
+        key_data = JSON.parse(File.read(path))
+        key_data.each do |d|
+          username = d['username']
+          key = d['public_key']
+          version = d['pubkey_version']
+          hashed_password = d['hashed_password']
+          hash_type = d['hash_type']
+          salt = d['salt']
+
+          if username == 'pivotal' && config[:skip_pivotal]
+            ui.warn "Skipping pivotal user."
+            next
+          end
+
+          ui.msg "Updating key for #{username}"
+          users_to_update = db[:users].where(:username => username)
+          if users_to_update.count != 1
+            ui.warn "Wrong number of users to update for #{username}. Skipping"
+          else
+            users_to_update.update(:public_key => key,
+                                   :pubkey_version => version,
+                                   :salt => salt,
+                                   :hashed_password => hashed_password,
+                                   :hash_type => hash_type)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/chef/knife/ec_restore.rb

@@ -3,7 +3,7 @@ require 'chef/knife'
 class Chef
   class Knife
     class EcRestore < Chef::Knife
-      banner "knife ec restore"
+      banner "knife ec restore DIRECTORY"
 
       option :concurrency,
         :long => '--concurrency THREADS',
@@ -40,6 +40,7 @@ class Chef
         require 'chef_fs/data_handler/acl_data_handler'
         require 'securerandom'
         require 'chef_fs/parallelizer'
+        require 'chef/tsorter'
       end
 
       def configure_chef
@@ -64,8 +65,8 @@ class Chef
             ui.error("Username not configured as pivotal and /etc/opscode/pivotal.pem does not exist.  It is recommended that you run this plugin from your Chef server.")
             exit 1
           end
-          node_name = 'pivotal'
-          client_key = '/etc/opscode/pivotal.pem'
+          Chef::Config.node_name = 'pivotal'
+          Chef::Config.client_key = '/etc/opscode/pivotal.pem'
         end
 
         #Check for WebUI Key
@@ -268,9 +269,14 @@ class Chef
           puts "Restoring the rest of the org"
           chef_fs_config = ::ChefFS::Config.new
           top_level_paths = chef_fs_config.local_fs.children.select { |entry| entry.name != 'acls' && entry.name != 'groups' }.map { |entry| entry.path }
-          acl_paths = ::ChefFS::FileSystem.list(chef_fs_config.local_fs, ::ChefFS::FilePattern.new('/acls/*')).select { |entry| entry.name != 'groups' }.map { |entry| entry.path }
+
+          # Topologically sort groups for upload
+          unsorted_groups = ::ChefFS::FileSystem.list(chef_fs_config.local_fs, ::ChefFS::FilePattern.new('/groups/*')).select { |entry| entry.name != 'billing-admins.json' }.map { |entry| JSON.parse(entry.read) }
+          group_paths = sort_groups_for_upload(unsorted_groups).map { |group_name| "/groups/#{group_name}.json" }
+
           group_acl_paths = ::ChefFS::FileSystem.list(chef_fs_config.local_fs, ::ChefFS::FilePattern.new('/acls/groups/*')).select { |entry| entry.name != 'billing-admins.json' }.map { |entry| entry.path }
-          group_paths = ::ChefFS::FileSystem.list(chef_fs_config.local_fs, ::ChefFS::FilePattern.new('/groups/*')).select { |entry| entry.name != 'billing-admins.json' }.map { |entry| entry.path }
+          acl_paths = ::ChefFS::FileSystem.list(chef_fs_config.local_fs, ::ChefFS::FilePattern.new('/acls/*')).select { |entry| entry.name != 'groups' }.map { |entry| entry.path }
+
           (top_level_paths + group_paths + group_acl_paths + acl_paths).each do |path|
             ::ChefFS::FileSystem.copy_to(::ChefFS::FilePattern.new(path), chef_fs_config.local_fs, chef_fs_config.chef_fs, nil, config, ui, proc { |entry| chef_fs_config.format_path(entry) })
           end
@@ -279,7 +285,7 @@ class Chef
           Chef::Config[:client_key] = old_config['client_key'] 
           Chef::Config.custom_http_headers = {}
           ['admins', 'billing-admins'].each do |group|
-            restore_group(::ChefFS::Config.new, group, :users => false)
+            restore_group(::ChefFS::Config.new, group)
           end
          ensure
           CONFIG_VARS.each do |key|
@@ -288,6 +294,25 @@ class Chef
         end
       end
 
+      # Takes an array of group objects
+      # and topologically sorts them
+      def sort_groups_for_upload(groups)
+        Chef::Tsorter.new(group_array_to_sortable_hash(groups)).tsort
+      end
+
+      def group_array_to_sortable_hash(groups)
+        ret = {}
+        groups.each do |group|
+          name = group["name"]
+          ret[name] = if group.key?("groups")
+                        group["groups"]
+                      else
+                        []
+                      end
+        end
+        ret
+      end
+
       def restore_group(chef_fs_config, group_name, includes = {:users => true, :clients => true})
         includes[:users] = true unless includes.key? :users
         includes[:clients] = true unless includes.key? :clients

data/lib/chef/tsorter.rb

@@ -0,0 +1,20 @@
+require 'tsort'
+
+class Chef
+  class Tsorter
+
+    include TSort
+
+    def initialize(data)
+      @data = data
+    end
+
+    def tsort_each_node(&block)
+      @data.each_key(&block)
+    end
+
+    def tsort_each_child(node, &block)
+      @data.fetch(node).each(&block)
+    end
+  end
+end

data/lib/knife_ec_backup/version.rb

@@ -1,3 +1,3 @@
 module KnifeECBackup
-  VERSION = '1.1.8'
+  VERSION = '1.1.9'
 end

metadata

@@ -1,15 +1,57 @@
 --- !ruby/object:Gem::Specification
 name: knife-ec-backup
 version: !ruby/object:Gem::Version
-  version: 1.1.8
+  version: 1.1.9
 platform: ruby
 authors:
 - John Keiser
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-01-31 00:00:00.000000000 Z
+date: 2014-05-11 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: knife-essentials
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: sequel
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pg
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -50,7 +92,11 @@ files:
 - README.md
 - Rakefile
 - lib/chef/knife/ec_backup.rb
+- lib/chef/knife/ec_key_base.rb
+- lib/chef/knife/ec_key_export.rb
+- lib/chef/knife/ec_key_import.rb
 - lib/chef/knife/ec_restore.rb
+- lib/chef/tsorter.rb
 - lib/knife_ec_backup/version.rb
 homepage: http://www.opscode.com
 licenses:
@@ -72,7 +118,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.1.5
+rubygems_version: 2.0.14
 signing_key: 
 specification_version: 4
 summary: Backup and Restore of Enterprise Chef