knife-tidy 2.0.6 → 2.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/conf/substitutions.json.example +10 -0
- data/lib/chef/knife/tidy_backup_clean.rb +18 -20
- data/lib/chef/knife/tidy_base.rb +2 -2
- data/lib/chef/knife/tidy_notify.rb +2 -2
- data/lib/chef/knife/tidy_server_clean.rb +3 -3
- data/lib/chef/knife/tidy_server_report.rb +19 -1
- data/lib/chef/tidy_acls.rb +12 -12
- data/lib/chef/tidy_common.rb +17 -0
- data/lib/chef/tidy_substitutions.rb +1 -1
- data/lib/knife-tidy/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a35c35e40e4f4c982f86ab15be05fa79192c55a8c748b4fd0a4dacb4e2332fee
|
|
4
|
+
data.tar.gz: 7c1a6ac3c38567e5015520c66fb2431c161f1edc2c8af0335870b8d5f1afd183
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 40d92b7427aff1df3a7c4fcc7cc1df7742285cc5332b64e66213413b6dbc0a6e2b80d96554b2f76f21d3173499a53533d33366986f3b4446d09b5e42f312fc5a
|
|
7
|
+
data.tar.gz: 1a34a9e016c5fcc1eb81bea371f7fae6a2ffa5faf48b7e83771aa2b354517c3b951970929dc58de230e2ade19ea6e0d8b1c77b74b5ad7e1d9ed256b4f38f45a9
|
|
@@ -1,15 +1,15 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative "tidy_base"
|
|
2
2
|
|
|
3
3
|
class Chef
|
|
4
4
|
class Knife
|
|
5
5
|
class TidyBackupClean < Knife
|
|
6
6
|
deps do
|
|
7
|
-
require "chef/
|
|
7
|
+
require "chef/cookbook/cookbook_version_loader"
|
|
8
8
|
require "chef/cookbook/metadata"
|
|
9
9
|
require "chef/role"
|
|
10
10
|
require "chef/run_list"
|
|
11
|
-
|
|
12
|
-
|
|
11
|
+
require_relative "../tidy_substitutions"
|
|
12
|
+
require_relative "../tidy_acls"
|
|
13
13
|
require "ffi_yajl"
|
|
14
14
|
require "fileutils"
|
|
15
15
|
require "securerandom"
|
|
@@ -75,7 +75,7 @@ class Chef
|
|
|
75
75
|
tidy.global_user_names.each do |user|
|
|
76
76
|
email = ""
|
|
77
77
|
ui.stdout.puts "INFO: Validating #{user}"
|
|
78
|
-
the_user =
|
|
78
|
+
the_user = tidy.json_file_to_hash(File.join(tidy.users_path, "#{user}.json"), symbolize_names: false)
|
|
79
79
|
if the_user.key?("email") && the_user["email"].match(/\A[^@\s]+@[^@\s]+\z/)
|
|
80
80
|
if emails_seen.include?(the_user["email"])
|
|
81
81
|
ui.stdout.puts "REPAIRING: Already saw #{user}'s email, creating a unique one."
|
|
@@ -147,7 +147,7 @@ class Chef
|
|
|
147
147
|
add_cookbook_name_to_metadata(cookbook_name, rb_path) if lines.empty?
|
|
148
148
|
else
|
|
149
149
|
if ::File.exist?(json_path)
|
|
150
|
-
metadata =
|
|
150
|
+
metadata = tidy.json_file_to_hash(json_path, symbolize_names: false)
|
|
151
151
|
if metadata["name"] != cookbook_name
|
|
152
152
|
metadata["name"] = cookbook_name
|
|
153
153
|
ui.stdout.puts "REPAIRING: Correcting `name` in #{json_path}`"
|
|
@@ -161,26 +161,24 @@ class Chef
|
|
|
161
161
|
end
|
|
162
162
|
|
|
163
163
|
def load_cookbooks(org)
|
|
164
|
-
|
|
165
|
-
|
|
164
|
+
for_each_cookbook_path(org) do |cookbook|
|
|
165
|
+
cl = Chef::Cookbook::CookbookVersionLoader.new(cookbook)
|
|
166
166
|
ui.stdout.puts "INFO: Loading #{cookbook}"
|
|
167
|
-
ret = cl.
|
|
167
|
+
ret = cl.load!
|
|
168
168
|
if ret.nil?
|
|
169
169
|
action_needed("ACTION NEEDED: Something's wrong with the #{cookbook} cookbook in org #{org} - cannot load it! Moving to cookbooks.broken folder.")
|
|
170
170
|
broken_cookooks_add(org, cookbook)
|
|
171
171
|
end
|
|
172
172
|
end
|
|
173
|
-
rescue LoadError => e
|
|
173
|
+
rescue LoadError, Exceptions::MetadataNotValid => e
|
|
174
174
|
ui.error e
|
|
175
175
|
exit 1
|
|
176
176
|
end
|
|
177
177
|
|
|
178
|
-
def broken_cookooks_add(org,
|
|
178
|
+
def broken_cookooks_add(org, cookbook_path)
|
|
179
179
|
broken_path = ::File.join(tidy.org_path(org), "cookbooks.broken")
|
|
180
180
|
FileUtils.mkdir(broken_path) unless ::File.directory?(broken_path)
|
|
181
|
-
|
|
182
|
-
FileUtils.mv(cb, broken_path, verbose: true, force: true)
|
|
183
|
-
end
|
|
181
|
+
FileUtils.mv(cookbook_path, broken_path, verbose: true, force: true)
|
|
184
182
|
end
|
|
185
183
|
|
|
186
184
|
def generate_new_metadata(org)
|
|
@@ -229,7 +227,7 @@ class Chef
|
|
|
229
227
|
|
|
230
228
|
def fix_metadata_fields(cookbook_path)
|
|
231
229
|
json_path = ::File.join(cookbook_path, "metadata.json")
|
|
232
|
-
metadata =
|
|
230
|
+
metadata = tidy.json_file_to_hash(json_path, symbolize_names: false)
|
|
233
231
|
md = metadata.dup
|
|
234
232
|
metadata.each_pair do |key, value|
|
|
235
233
|
if value.nil?
|
|
@@ -351,7 +349,7 @@ class Chef
|
|
|
351
349
|
end
|
|
352
350
|
|
|
353
351
|
def repair_role_run_lists(role_path)
|
|
354
|
-
the_role =
|
|
352
|
+
the_role = tidy.json_file_to_hash(role_path, symbolize_names: false)
|
|
355
353
|
new_role = the_role.clone
|
|
356
354
|
rl = Chef::RunList.new
|
|
357
355
|
new_role["run_list"] = []
|
|
@@ -377,14 +375,14 @@ class Chef
|
|
|
377
375
|
end
|
|
378
376
|
end
|
|
379
377
|
write_role(role_path, new_role)
|
|
380
|
-
# rubocop:enable MethodLength
|
|
378
|
+
# rubocop:enable Metrics/MethodLength
|
|
381
379
|
end
|
|
382
380
|
|
|
383
381
|
def validate_roles(org)
|
|
384
382
|
for_each_role(org) do |role_path|
|
|
385
383
|
ui.stdout.puts "INFO: Validating Role at #{role_path}"
|
|
386
384
|
begin
|
|
387
|
-
Chef::Role.from_hash(
|
|
385
|
+
Chef::Role.from_hash(tidy.json_file_to_hash(role_path, symbolize_names: false))
|
|
388
386
|
rescue ArgumentError
|
|
389
387
|
repair_role_run_lists(role_path)
|
|
390
388
|
end
|
|
@@ -394,7 +392,7 @@ class Chef
|
|
|
394
392
|
def validate_clients_group(org)
|
|
395
393
|
ui.stdout.puts "INFO: validating all clients for org #{org} exist in clients group"
|
|
396
394
|
clients_group_path = ::File.join(tidy.groups_path(org), "clients.json")
|
|
397
|
-
existing_group_data =
|
|
395
|
+
existing_group_data = tidy.json_file_to_hash(clients_group_path, symbolize_names: false)
|
|
398
396
|
existing_group_data["clients"] = [] unless existing_group_data.key?("clients")
|
|
399
397
|
if existing_group_data["clients"].length != tidy.client_names(org).length
|
|
400
398
|
ui.stdout.puts "REPAIRING: Adding #{(existing_group_data["clients"].length - tidy.client_names(org).length).abs} missing clients into #{org}'s client group file #{clients_group_path}"
|
|
@@ -408,7 +406,7 @@ class Chef
|
|
|
408
406
|
def validate_invitations(org)
|
|
409
407
|
invite_file = tidy.invitations_path(org)
|
|
410
408
|
ui.stdout.puts "INFO: validating org #{org} invites in #{invite_file}"
|
|
411
|
-
invitations =
|
|
409
|
+
invitations = tidy.json_file_to_hash(invite_file, symbolize_names: false)
|
|
412
410
|
invitations_new = []
|
|
413
411
|
invitations.each do |invite|
|
|
414
412
|
if invite["username"].nil?
|
data/lib/chef/knife/tidy_base.rb
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative "tidy_base"
|
|
2
2
|
|
|
3
3
|
class Chef
|
|
4
4
|
class Knife
|
|
@@ -88,7 +88,7 @@ class Chef
|
|
|
88
88
|
file_name = "#{reports_dir}/#{org}#{report}"
|
|
89
89
|
ui.info(" Parsing file #{file_name}")
|
|
90
90
|
json_string = File.read(file_name)
|
|
91
|
-
reports[org][report] =
|
|
91
|
+
reports[org][report] = tidy.json_file_to_hash(json_string, symbolize_names: false)
|
|
92
92
|
rescue Errno::ENOENT
|
|
93
93
|
ui.info(" Skipping file #{file_name} - not found for organization #{org}")
|
|
94
94
|
reports[org][report] = {}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative "tidy_base"
|
|
2
2
|
|
|
3
3
|
class Chef
|
|
4
4
|
class Knife
|
|
@@ -91,7 +91,7 @@ class Chef
|
|
|
91
91
|
return unless ::File.exist?(unused_cookbooks_file)
|
|
92
92
|
|
|
93
93
|
ui.stdout.puts "INFO: Cleaning cookbooks for Org: #{org}, using #{unused_cookbooks_file}"
|
|
94
|
-
unused_cookbooks =
|
|
94
|
+
unused_cookbooks = tidy.json_file_to_hash(unused_cookbooks_file, symbolize_names: true)
|
|
95
95
|
unused_cookbooks.keys.each do |cookbook|
|
|
96
96
|
versions = unused_cookbooks[cookbook]
|
|
97
97
|
versions.each do |version|
|
|
@@ -118,7 +118,7 @@ class Chef
|
|
|
118
118
|
return unless ::File.exist?(stale_nodes_file)
|
|
119
119
|
|
|
120
120
|
ui.stdout.puts "INFO: Cleaning stale nodes for Org: #{org}, using #{stale_nodes_file}"
|
|
121
|
-
stale_nodes =
|
|
121
|
+
stale_nodes = tidy.json_file_to_hash(stale_nodes_file, symbolize_names: true)
|
|
122
122
|
stale_nodes[:list].each do |node|
|
|
123
123
|
queue << -> { delete_node_job(org, node) }
|
|
124
124
|
end
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative "tidy_base"
|
|
2
2
|
|
|
3
3
|
class Chef
|
|
4
4
|
class Knife
|
|
@@ -17,6 +17,11 @@ class Chef
|
|
|
17
17
|
default: 30,
|
|
18
18
|
description: "Maximum number of days since last checkin before node is considered stale (default: 30)"
|
|
19
19
|
|
|
20
|
+
option :keep_versions,
|
|
21
|
+
long: "--keep-versions MIN",
|
|
22
|
+
default: 0,
|
|
23
|
+
description: "Keep a minimum of this many versions of each cookbook (default: 0)"
|
|
24
|
+
|
|
20
25
|
def run
|
|
21
26
|
ensure_reports_dir!
|
|
22
27
|
FileUtils.rm_f(server_warnings_file_path)
|
|
@@ -32,6 +37,7 @@ class Chef
|
|
|
32
37
|
|
|
33
38
|
stale_orgs = []
|
|
34
39
|
node_threshold = config[:node_threshold].to_i
|
|
40
|
+
keep_versions = config[:keep_versions].to_i
|
|
35
41
|
|
|
36
42
|
orgs.each do |org|
|
|
37
43
|
pre_12_3_nodes = []
|
|
@@ -76,6 +82,9 @@ class Chef
|
|
|
76
82
|
end
|
|
77
83
|
end
|
|
78
84
|
|
|
85
|
+
used_cookbooks = keep_cookbook_versions(cb_list, keep_versions)
|
|
86
|
+
|
|
87
|
+
Chef::Log.debug("Used cookbook list before checking environments: #{used_cookbooks}")
|
|
79
88
|
pins = environment_constraints(org)
|
|
80
89
|
used_cookbooks = check_environment_pins(used_cookbooks, pins, cb_list)
|
|
81
90
|
|
|
@@ -153,6 +162,15 @@ class Chef
|
|
|
153
162
|
cb_list
|
|
154
163
|
end
|
|
155
164
|
|
|
165
|
+
def keep_cookbook_versions(cb_list, min)
|
|
166
|
+
retain = {}
|
|
167
|
+
cb_list.each do |name, versions|
|
|
168
|
+
keep = versions.sort { |a, b| Gem::Version.new(a) <=> Gem::Version.new(b) }.last(min)
|
|
169
|
+
retain[name] = keep
|
|
170
|
+
end
|
|
171
|
+
retain
|
|
172
|
+
end
|
|
173
|
+
|
|
156
174
|
def cookbook_count(cb_list)
|
|
157
175
|
cb_count_list = {}
|
|
158
176
|
cb_list.each do |name, versions|
|
data/lib/chef/tidy_acls.rb
CHANGED
|
@@ -20,26 +20,26 @@ class Chef
|
|
|
20
20
|
def load_users
|
|
21
21
|
@tidy.ui.stdout.puts "INFO: Loading users"
|
|
22
22
|
Dir[::File.join(@tidy.users_path, "*.json")].each do |user|
|
|
23
|
-
@users.push(
|
|
23
|
+
@users.push(@tidy.json_file_to_hash(user, symbolize_names: true))
|
|
24
24
|
end
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
def load_members
|
|
28
28
|
@tidy.ui.stdout.puts "INFO: Loading members for #{@org}"
|
|
29
|
-
@members =
|
|
29
|
+
@members = @tidy.json_file_to_hash(@tidy.members_path(@org), symbolize_names: true)
|
|
30
30
|
end
|
|
31
31
|
|
|
32
32
|
def load_clients
|
|
33
33
|
@tidy.ui.stdout.puts "INFO: Loading clients for #{@org}"
|
|
34
34
|
Dir[::File.join(@tidy.clients_path(@org), "*.json")].each do |client|
|
|
35
|
-
@clients.push(
|
|
35
|
+
@clients.push(@tidy.json_file_to_hash(client, symbolize_names: true))
|
|
36
36
|
end
|
|
37
37
|
end
|
|
38
38
|
|
|
39
39
|
def load_groups
|
|
40
40
|
@tidy.ui.stdout.puts "INFO: Loading groups for #{@org}"
|
|
41
41
|
Dir[::File.join(@tidy.groups_path(@org), "*.json")].each do |group|
|
|
42
|
-
@groups.push(
|
|
42
|
+
@groups.push(@tidy.json_file_to_hash(group, symbolize_names: true))
|
|
43
43
|
end
|
|
44
44
|
end
|
|
45
45
|
|
|
@@ -128,7 +128,7 @@ class Chef
|
|
|
128
128
|
|
|
129
129
|
def remove_group_from_acl(group, acl_file)
|
|
130
130
|
@tidy.ui.stdout.puts "REPAIRING: Removing invalid group: #{group} from #{acl_file}"
|
|
131
|
-
acl =
|
|
131
|
+
acl = @tidy.json_file_to_hash(acl_file, symbolize_names: false)
|
|
132
132
|
acl_ops.each do |op|
|
|
133
133
|
acl[op]["groups"].reject! { |the_group| the_group == group }
|
|
134
134
|
end
|
|
@@ -137,7 +137,7 @@ class Chef
|
|
|
137
137
|
|
|
138
138
|
# Appends the proper acls for ::server-admins and the org's read access group if they are missing.
|
|
139
139
|
def ensure_global_group_acls(acl_file)
|
|
140
|
-
acl =
|
|
140
|
+
acl = @tidy.json_file_to_hash(acl_file, symbolize_names: false)
|
|
141
141
|
acl_ops.each do |op|
|
|
142
142
|
unless acl[op]["groups"].include? "::server-admins"
|
|
143
143
|
@tidy.ui.stdout.puts "REPAIRING: Adding #{op} acl for ::server-admins in #{acl_file}"
|
|
@@ -152,7 +152,7 @@ class Chef
|
|
|
152
152
|
end
|
|
153
153
|
|
|
154
154
|
def ensure_client_read_acls(acl_file)
|
|
155
|
-
acl =
|
|
155
|
+
acl = @tidy.json_file_to_hash(acl_file, symbolize_names: false)
|
|
156
156
|
%w{users admins}.each do |group|
|
|
157
157
|
unless acl["read"]["groups"].include? group
|
|
158
158
|
@tidy.ui.stdout.puts "REPAIRING: Adding read acl for #{group} in #{acl_file}"
|
|
@@ -164,7 +164,7 @@ class Chef
|
|
|
164
164
|
|
|
165
165
|
def validate_acls
|
|
166
166
|
org_acls.each do |acl_file|
|
|
167
|
-
acl =
|
|
167
|
+
acl = @tidy.json_file_to_hash(acl_file, symbolize_names: false)
|
|
168
168
|
actors_groups = acl_actors_groups(acl)
|
|
169
169
|
actors_groups[:actors].each do |actor|
|
|
170
170
|
next if actor == "pivotal"
|
|
@@ -203,11 +203,11 @@ class Chef
|
|
|
203
203
|
@members.each do |member|
|
|
204
204
|
user_acl_path = ::File.join(@tidy.user_acls_path, "#{member[:user][:username]}.json")
|
|
205
205
|
begin
|
|
206
|
-
user_acl =
|
|
206
|
+
user_acl = @tidy.json_file_to_hash(user_acl_path, symbolize_names: false)
|
|
207
207
|
rescue Errno::ENOENT
|
|
208
208
|
@tidy.ui.stdout.puts "REPAIRING: Replacing missing user acl for #{member[:user][:username]}."
|
|
209
209
|
@tidy.write_new_file(default_user_acl(member), user_acl_path, backup = false)
|
|
210
|
-
user_acl =
|
|
210
|
+
user_acl = @tidy.json_file_to_hash(user_acl_path, symbolize_names: false)
|
|
211
211
|
end
|
|
212
212
|
ensure_global_group_acls(user_acl_path)
|
|
213
213
|
actors_groups = acl_actors_groups(user_acl)
|
|
@@ -221,11 +221,11 @@ class Chef
|
|
|
221
221
|
@clients.each do |client|
|
|
222
222
|
client_acl_path = ::File.join(@tidy.org_acls_path(@org), "clients", "#{client[:name]}.json")
|
|
223
223
|
begin
|
|
224
|
-
client_acl =
|
|
224
|
+
client_acl = @tidy.json_file_to_hash(client_acl_path, symbolize_names: false)
|
|
225
225
|
rescue Errno::ENOENT
|
|
226
226
|
@tidy.ui.stdout.puts "REPAIRING: Replacing missing client acl for #{client[:name]} in #{client_acl_path}."
|
|
227
227
|
@tidy.write_new_file(default_client_acl(client[:name]), client_acl_path, backup = false)
|
|
228
|
-
client_acl =
|
|
228
|
+
client_acl = @tidy.json_file_to_hash(client_acl_path, symbolize_names: false)
|
|
229
229
|
end
|
|
230
230
|
ensure_client_read_acls(client_acl_path)
|
|
231
231
|
end
|
data/lib/chef/tidy_common.rb
CHANGED
|
@@ -149,6 +149,23 @@ class Chef
|
|
|
149
149
|
end
|
|
150
150
|
end
|
|
151
151
|
|
|
152
|
+
# Read a json file and return a hash of parsed content with optional symbolized keys
|
|
153
|
+
#
|
|
154
|
+
# @param [String] path to file
|
|
155
|
+
# @param [double splat] options to pass FFI_Yajl::Parser.parse()
|
|
156
|
+
#
|
|
157
|
+
# @return [Hash] original json content as hash
|
|
158
|
+
#
|
|
159
|
+
# @example
|
|
160
|
+
# json_file_to_hash('/path/to/file.json', symbolize_names: true) => { foo: "bar" }
|
|
161
|
+
#
|
|
162
|
+
def json_file_to_hash(file_path, **options)
|
|
163
|
+
FFI_Yajl::Parser.parse(File.read(file_path), options)
|
|
164
|
+
rescue Errno::ENOENT, Errno::EACCES, FFI_Yajl::ParseError
|
|
165
|
+
puts "ERROR: unable to parse file: '#{file_path}'"
|
|
166
|
+
raise
|
|
167
|
+
end
|
|
168
|
+
|
|
152
169
|
#
|
|
153
170
|
# Determine the cookbook name from path
|
|
154
171
|
#
|
|
@@ -17,7 +17,7 @@ class Chef
|
|
|
17
17
|
|
|
18
18
|
def load_data
|
|
19
19
|
@tidy.ui.stdout.puts "INFO: Loading substitutions from #{file_path}"
|
|
20
|
-
@data =
|
|
20
|
+
@data = @tidy.json_file_to_hash(@file_path, symbolize_names: false)
|
|
21
21
|
rescue Errno::ENOENT
|
|
22
22
|
raise NoSubstitutionFile, file_path
|
|
23
23
|
end
|
data/lib/knife-tidy/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: knife-tidy
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0
|
|
4
|
+
version: 2.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jeremy Miller
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2020-06-30 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description: Report on stale Chef Server nodes and cookbooks and clean up data integrity
|
|
14
14
|
issues in a knife-ec-backup object based backup
|
|
@@ -19,6 +19,7 @@ extensions: []
|
|
|
19
19
|
extra_rdoc_files: []
|
|
20
20
|
files:
|
|
21
21
|
- LICENSE
|
|
22
|
+
- conf/substitutions.json.example
|
|
22
23
|
- lib/chef/knife/tidy_backup_clean.rb
|
|
23
24
|
- lib/chef/knife/tidy_base.rb
|
|
24
25
|
- lib/chef/knife/tidy_notify.rb
|