knife-server 0.1.0

data/spec/knife/server/ec2_security_group_spec.rb

@@ -0,0 +1,164 @@
+require 'knife/server/ec2_security_group'
+
+describe Knife::Server::Ec2SecurityGroup do
+  let(:connection)  { stub }
+  let(:ui)          { stub.as_null_object }
+  let(:group)       { stub(:name => "mygroup") }
+
+  subject do
+    Knife::Server::Ec2SecurityGroup.new(connection, ui)
+  end
+
+  def stub_groups!
+    connection.stub(:security_groups) { [group] }
+  end
+
+  describe "#find_or_create" do
+    context "when the group exists" do
+      before do
+        stub_groups!
+      end
+
+      it "returns the group" do
+        subject.find_or_create("mygroup").should eq(group)
+      end
+
+      it "sends a message to the ui" do
+        ui.should_receive(:msg).with("EC2 security group 'mygroup' exists")
+
+        subject.find_or_create("mygroup")
+      end
+    end
+
+    context "when the group does not exist" do
+      before do
+        connection.stub(:security_groups) { [stub(:name => "nope")] }
+        connection.stub(:create_security_group).
+          with("mygroup", "the best") { stub_groups! ; true }
+      end
+
+      it "returns a new group" do
+        subject.find_or_create("mygroup", :description => "the best").
+          should eq(group)
+      end
+
+      it "sends a message to the ui" do
+        ui.should_receive(:msg).with("Creating EC2 security group 'mygroup'")
+
+        subject.find_or_create("mygroup", :description => "the best")
+      end
+    end
+  end
+
+  describe "#configure_chef_server_group" do
+    context "with no permissions set" do
+      before do
+        stub_groups!
+        group.stub(:ip_permissions) { [] }
+        group.stub(:owner_id) { '123' }
+        connection.stub(:authorize_security_group_ingress)
+      end
+
+      it "adds an icmp wildcard rule for the security group" do
+        connection.should_receive(:authorize_security_group_ingress).
+          with("mygroup", {
+            'IpPermissions' => [
+              { 'FromPort' => -1, 'ToPort' => -1, 'IpProtocol' => 'icmp',
+                'Groups' => [{ 'GroupName' => 'mygroup', 'UserId' => '123' }]
+              }
+            ]
+          })
+
+        subject.configure_chef_server_group('mygroup')
+      end
+
+      it "send a message for the icmp wildcard rule" do
+        ui.should_receive(:msg).
+          with("Creating inbound security group rule for icmp(-1 -> -1)")
+
+        subject.configure_chef_server_group('mygroup')
+      end
+
+      %w{tcp udp}.each do |proto|
+        it "adds a #{proto} rule for the security group" do
+          connection.should_receive(:authorize_security_group_ingress).
+            with("mygroup", {
+              'IpPermissions' => [
+                { 'IpProtocol' => proto,
+                  'FromPort' => 0, 'ToPort' => 65535,
+                  'Groups' => [{ 'GroupName' => 'mygroup', 'UserId' => '123' }]
+                }
+              ]
+            })
+
+          subject.configure_chef_server_group('mygroup')
+        end
+
+        it "send a message for the #{proto} security group rule" do
+          ui.should_receive(:msg).with("Creating inbound security group " +
+            "rule for #{proto}(0 -> 65535)")
+
+          subject.configure_chef_server_group('mygroup')
+        end
+      end
+
+      [22, 443, 444].each do |tcp_port|
+        it "adds a tcp rule to port #{tcp_port} from anywhere" do
+          connection.should_receive(:authorize_security_group_ingress).
+            with("mygroup", {
+              'IpPermissions' => [
+                { 'IpProtocol' => 'tcp',
+                  'FromPort' => tcp_port, 'ToPort' => tcp_port,
+                  'IpRanges' => [{ 'CidrIp' => '0.0.0.0/0' }]
+                }
+              ]
+            })
+
+          subject.configure_chef_server_group('mygroup')
+        end
+
+        it "send a message for the tcp/#{tcp_port} rule" do
+          ui.should_receive(:msg).with("Creating inbound security group " +
+            "rule for tcp(#{tcp_port} -> #{tcp_port})")
+
+          subject.configure_chef_server_group('mygroup')
+        end
+      end
+    end
+
+    describe "with all permissions set" do
+      def stub_perm!(proto, from, to)
+        { 'ipProtocol' => proto, 'fromPort' => from, 'toPort' => to }
+      end
+
+      before do
+        stub_groups!
+        group.stub(:ip_permissions) do
+          [ stub_perm!('icmp', -1, -1), stub_perm!('tcp', 0, 65535),
+            stub_perm!('udp', 0, 65535), stub_perm!('tcp', 22, 22),
+            stub_perm!('tcp', 443, 443), stub_perm!('tcp', 444, 444)
+          ]
+        end
+        group.stub(:owner_id) { '123' }
+        connection.stub(:authorize_security_group_ingress)
+      end
+
+      it "does not add permissions" do
+        connection.should_not_receive(:authorize_security_group_ingress)
+
+        subject.configure_chef_server_group('mygroup')
+      end
+
+      it "sends messages for the rules" do
+        ui.should_receive(:msg).with("Inbound security group rule " +
+          "icmp(-1 -> -1) exists")
+        ui.should_receive(:msg).with("Inbound security group rule " +
+          "tcp(0 -> 65535) exists")
+        ui.should_receive(:msg).with("Inbound security group rule " +
+          "tcp(22 -> 22) exists")
+
+        subject.configure_chef_server_group('mygroup')
+      end
+    end
+  end
+end

data/spec/knife/server/ssh_spec.rb

@@ -0,0 +1,62 @@
+require 'knife/server/ssh'
+
+describe Knife::Server::SSH do
+  let(:ssh_options) do
+    { :host => "wadup.example.com", :user => "bob",
+      :keys => "/tmp/whoomp.key", :port => "2222" }
+  end
+
+  let(:ssh_connection) do
+    stub("SSH connection").as_null_object
+  end
+
+  subject { Knife::Server::SSH.new(ssh_options) }
+
+  before do
+    Net::SSH.stub(:start).and_yield(ssh_connection)
+  end
+
+  it "passes ssh options to ssh sessions" do
+    Net::SSH.should_receive(:start).with("wadup.example.com", "bob",
+      { :keys => "/tmp/whoomp.key", :port => "2222" })
+
+    subject.exec! "wat"
+  end
+
+  it "sets default user to root" do
+    ssh_options.delete(:user)
+    Net::SSH.should_receive(:start).with(anything, "root", anything)
+
+    Knife::Server::SSH.new(ssh_options).exec!("wat")
+  end
+
+  it "sets default port to 22" do
+    ssh_options.delete(:port)
+    Net::SSH.should_receive(:start).
+      with(anything, anything, hash_including(:port => "22"))
+
+    Knife::Server::SSH.new(ssh_options).exec!("wat")
+  end
+
+  it "does not add sudo to the command if user is root" do
+    ssh_options[:user] = "root"
+    ssh_connection.should_receive(:exec!).with("zappa")
+
+    Knife::Server::SSH.new(ssh_options).exec!("zappa")
+  end
+
+  it "adds sudo to the command if user is not root" do
+    ssh_connection.should_receive(:exec!).
+      with([%{sudo USER=root HOME="$(getent passwd root | cut -d : -f 6)"},
+           %{bash -c 'zappa'}].join(" "))
+
+    Knife::Server::SSH.new(ssh_options).exec!("zappa")
+  end
+
+  it "returns the output of ssh command" do
+    ssh_options[:user] = "root"
+    ssh_connection.stub(:exec!).with("youdoitnow") { "okthen" }
+
+    subject.exec!("youdoitnow").should eq("okthen")
+  end
+end

metadata

@@ -0,0 +1,135 @@
+--- !ruby/object:Gem::Specification
+name: knife-server
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+  prerelease: 
+platform: ruby
+authors:
+- Fletcher Nichol
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-06-24 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: fog
+  requirement: &70204688690820 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :runtime
+  prerelease: false
+  version_requirements: *70204688690820
+- !ruby/object:Gem::Dependency
+  name: net-ssh
+  requirement: &70204688690400 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: *70204688690400
+- !ruby/object:Gem::Dependency
+  name: chef
+  requirement: &70204688689840 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 0.10.10
+  type: :runtime
+  prerelease: false
+  version_requirements: *70204688689840
+- !ruby/object:Gem::Dependency
+  name: knife-ec2
+  requirement: &70204688688960 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.5.12
+  type: :runtime
+  prerelease: false
+  version_requirements: *70204688688960
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: &70204688688400 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.10'
+  type: :development
+  prerelease: false
+  version_requirements: *70204688688400
+- !ruby/object:Gem::Dependency
+  name: fakefs
+  requirement: &70204688687760 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.4.0
+  type: :development
+  prerelease: false
+  version_requirements: *70204688687760
+description: Chef Knife plugin to bootstrap Chef Servers
+email:
+- fnichol@nichol.ca
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .rspec
+- .travis.yml
+- CHANGELOG.md
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- knife-server.gemspec
+- lib/chef/knife/bootstrap/chef-server-debian.erb
+- lib/chef/knife/server_bootstrap_ec2.rb
+- lib/knife-server.rb
+- lib/knife/server/credentials.rb
+- lib/knife/server/ec2_security_group.rb
+- lib/knife/server/ssh.rb
+- lib/knife/server/version.rb
+- spec/chef/knife/server_bootstrap_ec2_spec.rb
+- spec/knife/server/credientials_spec.rb
+- spec/knife/server/ec2_security_group_spec.rb
+- spec/knife/server/ssh_spec.rb
+homepage: http://fnichol.github.com/knife-server
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.17
+signing_key: 
+specification_version: 3
+summary: Chef Knife plugin to bootstrap Chef Servers
+test_files:
+- spec/chef/knife/server_bootstrap_ec2_spec.rb
+- spec/knife/server/credientials_spec.rb
+- spec/knife/server/ec2_security_group_spec.rb
+- spec/knife/server/ssh_spec.rb