knife-tidy 0.6.1 → 0.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +18 -1
- data/lib/chef/knife/tidy_backup_clean.rb +1 -0
- data/lib/chef/knife/tidy_notify.rb +5 -0
- data/lib/chef/knife/tidy_server_report.rb +14 -2
- data/lib/chef/tidy_acls.rb +36 -0
- data/lib/chef/tidy_common.rb +2 -0
- data/lib/knife-tidy/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ea6f3ab3ae6f2d01e70092c6df3e6ef4496b70bb
|
|
4
|
+
data.tar.gz: a5b9ba72970cbf016296c590a4177e23b07a4e82
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 58fcda1b011c58c583535b929e56e7c50f37853b168544926886c71e373896dc3b985d454c85cd51e9035d41fdd472411cffc9d03876a74a1f0f3a9a972d0005
|
|
7
|
+
data.tar.gz: a87916d53272aa57ecaa8ef5a628cef0aaca192825bca03dab4a476660f2e803aec7e14f7fd486b6999ba2fb83d2cae068d453fc8828a06c949ee692dce5f23b
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,22 @@
|
|
|
1
1
|
# Change Log
|
|
2
2
|
|
|
3
|
+
## [0.7.0](https://github.com/chef-customers/knife-tidy/tree/0.7.0) (2017-11-29)
|
|
4
|
+
[Full Changelog](https://github.com/chef-customers/knife-tidy/compare/0.6.1...0.7.0)
|
|
5
|
+
|
|
6
|
+
**Closed issues:**
|
|
7
|
+
|
|
8
|
+
- Users/clients from backups older than CS 12.5 may be missing read acls on clients [\#63](https://github.com/chef-customers/knife-tidy/issues/63)
|
|
9
|
+
- notify subcommand ignores --orgs option [\#59](https://github.com/chef-customers/knife-tidy/issues/59)
|
|
10
|
+
|
|
11
|
+
**Merged pull requests:**
|
|
12
|
+
|
|
13
|
+
- Add admins/users groups to the read acl for clients from \< CS 12.5 [\#64](https://github.com/chef-customers/knife-tidy/pull/64) ([itmustbejj](https://github.com/itmustbejj))
|
|
14
|
+
- Restore acls for ::server-admins and org read access groups if they a… [\#61](https://github.com/chef-customers/knife-tidy/pull/61) ([itmustbejj](https://github.com/itmustbejj))
|
|
15
|
+
- Filter email notifications on org\_list config option. [\#60](https://github.com/chef-customers/knife-tidy/pull/60) ([itmustbejj](https://github.com/itmustbejj))
|
|
16
|
+
- Set default encoding to utf-8 to properly handle non-ascii in backups. [\#58](https://github.com/chef-customers/knife-tidy/pull/58) ([itmustbejj](https://github.com/itmustbejj))
|
|
17
|
+
- Add check for pre-12.3 nodes to report generation… [\#57](https://github.com/chef-customers/knife-tidy/pull/57) ([jonlives](https://github.com/jonlives))
|
|
18
|
+
- bump path to 0.6.1 [\#55](https://github.com/chef-customers/knife-tidy/pull/55) ([jeremymv2](https://github.com/jeremymv2))
|
|
19
|
+
|
|
3
20
|
## [0.6.1](https://github.com/chef-customers/knife-tidy/tree/0.6.1) (2017-10-26)
|
|
4
21
|
[Full Changelog](https://github.com/chef-customers/knife-tidy/compare/0.6.0...0.6.1)
|
|
5
22
|
|
|
@@ -177,4 +194,4 @@
|
|
|
177
194
|
|
|
178
195
|
|
|
179
196
|
|
|
180
|
-
\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*
|
|
197
|
+
\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*
|
|
@@ -65,6 +65,11 @@ class Chef
|
|
|
65
65
|
|
|
66
66
|
# Fetch list of organisation names from reports directory
|
|
67
67
|
org_names = reports_files.map{|r_file|r_file.split("/").last.split("_").first}.sort.uniq
|
|
68
|
+
if config[:org_list]
|
|
69
|
+
filter_orgs = config[:org_list].split(',')
|
|
70
|
+
# Take the intersection of org_names and filter_orgs
|
|
71
|
+
org_names &= filter_orgs
|
|
72
|
+
end
|
|
68
73
|
|
|
69
74
|
reports = {}
|
|
70
75
|
|
|
@@ -29,6 +29,7 @@ class Chef
|
|
|
29
29
|
all_orgs
|
|
30
30
|
end
|
|
31
31
|
|
|
32
|
+
pre_12_3_nodes = []
|
|
32
33
|
stale_orgs = []
|
|
33
34
|
node_threshold = config[:node_threshold].to_i
|
|
34
35
|
|
|
@@ -39,6 +40,13 @@ class Chef
|
|
|
39
40
|
used_cookbooks = {}
|
|
40
41
|
nodes = nodes_list(org)
|
|
41
42
|
|
|
43
|
+
nodes.each do |node|
|
|
44
|
+
chef_version = Chef::VersionString.new(node['chef_packages']['chef']['version'])
|
|
45
|
+
if chef_version < "12.3"
|
|
46
|
+
pre_12_3_nodes << node['name']
|
|
47
|
+
end
|
|
48
|
+
end
|
|
49
|
+
|
|
42
50
|
nodes.select{|node| !node['cookbooks'].nil?}.each do |node|
|
|
43
51
|
node['cookbooks'].each do |name, version_hash|
|
|
44
52
|
version = Gem::Version.new(version_hash['version']).to_s
|
|
@@ -65,10 +73,13 @@ class Chef
|
|
|
65
73
|
stale_nodes_hash = {'threshold_days': node_threshold, 'org_total_node_count': nodes.count, 'count': stale_nodes.count, 'list': stale_nodes}
|
|
66
74
|
stale_orgs.push(org) if stale_nodes.count == nodes.count
|
|
67
75
|
|
|
68
|
-
tidy.write_new_file(unused_cookbooks(used_cookbooks, cb_list), ::File.join(tidy.reports_dir, "#{org}_unused_cookbooks.json"))
|
|
69
76
|
tidy.write_new_file(unused_cookbooks(used_cookbooks, cb_list), ::File.join(tidy.reports_dir, "#{org}_unused_cookbooks.json"))
|
|
70
77
|
tidy.write_new_file(version_count, ::File.join(tidy.reports_dir, "#{org}_cookbook_count.json"))
|
|
71
78
|
tidy.write_new_file(stale_nodes_hash, ::File.join(tidy.reports_dir, "#{org}_stale_nodes.json"))
|
|
79
|
+
|
|
80
|
+
if pre_12_3_nodes.length > 0
|
|
81
|
+
ui.warn "#{pre_12_3_nodes.length} nodes have been detected in the organization #{org} running chef-client versions prior to 12.3 - this means that the list of stale cookbooks for these nodes may not have been correctly calculated and your report may not be complete for this organization."
|
|
82
|
+
end
|
|
72
83
|
end
|
|
73
84
|
|
|
74
85
|
completion_message
|
|
@@ -95,7 +106,8 @@ class Chef
|
|
|
95
106
|
:filter_result => {
|
|
96
107
|
'name' => ['name'],
|
|
97
108
|
'cookbooks' => ['cookbooks'],
|
|
98
|
-
'ohai_time' => ['ohai_time']
|
|
109
|
+
'ohai_time' => ['ohai_time'],
|
|
110
|
+
'chef_packages' => ['chef_packages']
|
|
99
111
|
}
|
|
100
112
|
) do |node|
|
|
101
113
|
node_results << node
|
data/lib/chef/tidy_acls.rb
CHANGED
|
@@ -142,6 +142,33 @@ class Chef
|
|
|
142
142
|
write_new_file(acl, acl_file)
|
|
143
143
|
end
|
|
144
144
|
|
|
145
|
+
# Appends the proper acls for ::server-admins and the org's read access group if they are missing.
|
|
146
|
+
def ensure_global_group_acls(acl_file)
|
|
147
|
+
acl = FFI_Yajl::Parser.parse(::File.read(acl_file), symbolize_names: false)
|
|
148
|
+
acl_ops.each do |op|
|
|
149
|
+
unless acl[op]['groups'].include? '::server-admins'
|
|
150
|
+
puts "REPAIRING: Adding #{op} acl for ::server-admins in #{acl_file}"
|
|
151
|
+
acl[op]['groups'].push('::server-admins')
|
|
152
|
+
end
|
|
153
|
+
if op == 'read' && !acl[op]['groups'].include?("::#{@org}_read_access_group")
|
|
154
|
+
puts "REPAIRING: Adding #{op} acl for ::#{@org}_read_access_group in #{acl_file}"
|
|
155
|
+
acl[op]['groups'].push("::#{@org}_read_access_group")
|
|
156
|
+
end
|
|
157
|
+
end
|
|
158
|
+
write_new_file(acl, acl_file)
|
|
159
|
+
end
|
|
160
|
+
|
|
161
|
+
def ensure_client_read_acls(acl_file)
|
|
162
|
+
acl = FFI_Yajl::Parser.parse(::File.read(acl_file), symbolize_names: false)
|
|
163
|
+
%w(users admins).each do | group |
|
|
164
|
+
unless acl['read']['groups'].include? group
|
|
165
|
+
puts "REPAIRING: Adding read acl for #{group} in #{acl_file}"
|
|
166
|
+
acl['read']['groups'].push(group)
|
|
167
|
+
end
|
|
168
|
+
end
|
|
169
|
+
write_new_file(acl, acl_file)
|
|
170
|
+
end
|
|
171
|
+
|
|
145
172
|
def validate_acls
|
|
146
173
|
org_acls.each do |acl_file|
|
|
147
174
|
acl = FFI_Yajl::Parser.parse(::File.read(acl_file), symbolize_names: false)
|
|
@@ -168,6 +195,7 @@ class Chef
|
|
|
168
195
|
@members.each do |member|
|
|
169
196
|
user_acl_path = ::File.join(@tidy.user_acls_path, "#{member[:user][:username]}.json")
|
|
170
197
|
user_acl = FFI_Yajl::Parser.parse(::File.read(user_acl_path), symbolize_names: false)
|
|
198
|
+
ensure_global_group_acls(user_acl_path)
|
|
171
199
|
actors_groups = acl_actors_groups(user_acl)
|
|
172
200
|
actors_groups[:groups].each do |group|
|
|
173
201
|
if invalid_group?(group)
|
|
@@ -176,5 +204,13 @@ class Chef
|
|
|
176
204
|
end
|
|
177
205
|
end
|
|
178
206
|
end
|
|
207
|
+
|
|
208
|
+
def validate_client_acls
|
|
209
|
+
@clients.each do |client|
|
|
210
|
+
client_acl_path = ::File.join(@tidy.org_acls_path(@org), 'clients', "#{client[:name]}.json")
|
|
211
|
+
client_acl = FFI_Yajl::Parser.parse(::File.read(client_acl_path), symbolize_names: false)
|
|
212
|
+
ensure_client_read_acls(client_acl_path)
|
|
213
|
+
end
|
|
214
|
+
end
|
|
179
215
|
end
|
|
180
216
|
end
|
data/lib/chef/tidy_common.rb
CHANGED
data/lib/knife-tidy/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: knife-tidy
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.7.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jeremy Miller
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-11-29 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rake
|