knife-winops 2.0.0

data/lib/chef/knife/winrm_shared_options.rb

@@ -0,0 +1,54 @@
+#
+# Original knife-windows author:: Steven Murawski (<smurawski@chef.io)
+# Copyright:: Copyright (c) 2015-2016 Chef Software, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef/knife'
+require 'chef/encrypted_data_bag_item'
+require 'kconv'
+
+class Chef
+  class Knife
+    module WinrmSharedOptions
+
+      # Shared command line options for knife winrm and knife wsman test
+      def self.included(includer)
+        includer.class_eval do
+          option :manual,
+            :short => "-m",
+            :long => "--manual-list",
+            :boolean => true,
+            :description => "QUERY is a space separated list of servers",
+            :default => false
+
+          option :attribute,
+            :short => "-a ATTR",
+            :long => "--attribute ATTR",
+            :description => "The attribute to use for opening the connection - default is fqdn",
+            :default => "fqdn"
+
+          option :concurrency,
+            :short => "-C NUM",
+            :long => "--concurrency NUM",
+            :description => "The number of allowed concurrent connections",
+            :default => 1,
+            :proc => lambda { |o| o.to_i }
+        end
+      end
+
+    end
+  end
+end

data/lib/chef/knife/wsman_endpoint.rb

@@ -0,0 +1,44 @@
+#
+# Original knife-windows author:: Steven Murawski (<smurawski@chef.io)
+# Copyright:: Copyright (c) 2015-2016 Chef Software, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+class Chef
+  class Knife
+    class WsmanEndpoint
+      attr_accessor :host
+      attr_accessor :wsman_port
+      attr_accessor :wsman_url
+      attr_accessor :product_version
+      attr_accessor :protocol_version
+      attr_accessor :product_vendor
+      attr_accessor :response_status_code
+      attr_accessor :error_message
+
+      def initialize(name, port, url)
+        @host = name
+        @wsman_port = port
+        @wsman_url = url
+      end
+
+      def to_hash
+        hash = {}
+        instance_variables.each {|var| hash[var.to_s.delete("@")] = instance_variable_get(var) }
+        hash
+      end
+    end
+  end
+end

data/lib/chef/knife/wsman_test.rb

@@ -0,0 +1,118 @@
+#
+# Original knife-windows author:: Steven Murawski (<smurawski@chef.io>)
+# Copyright:: Copyright (c) 2015-2016 Chef Software, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'httpclient'
+require 'chef/knife'
+require 'chef/knife/winrm_knife_base'
+require 'chef/knife/wsman_endpoint'
+
+class Chef
+  class Knife
+    class WsmanTest < Knife
+
+      include Chef::Knife::WinrmCommandSharedFunctions
+
+      deps do
+        require 'chef/search/query'
+      end
+
+      banner "knife wsman test QUERY (options)"
+
+      def run
+        # pass a dummy password to avoid prompt for password
+        # but it does nothing
+        @config[:winrm_password] = 'cute_little_kittens'
+
+        configure_session
+        verify_wsman_accessiblity_for_nodes
+      end
+
+      private
+
+      def verify_wsman_accessiblity_for_nodes
+        error_count = 0
+        @winrm_sessions.each do |item|
+          Chef::Log.debug("checking for WSMAN availability at #{item.endpoint}")
+
+          ssl_error = nil
+          begin
+            response = post_identity_request(item.endpoint)
+            ui.msg "Connected successfully to #{item.host} at #{item.endpoint}."
+          rescue Exception => err
+          end
+
+          output_object = parse_response(item, response)
+          output_object.error_message += "\r\nError returned from endpoint: #{err.message}" if err
+
+          unless output_object.error_message.nil?
+            ui.warn "Failed to connect to #{item.host} at #{item.endpoint}."
+            if err && err.is_a?(OpenSSL::SSL::SSLError)
+              ui.warn "Failure due to an issue with SSL; likely cause would be unsuccessful certificate verification."
+              ui.warn "Either ensure your certificate is valid or use '--winrm-ssl-verify-mode verify_none' to ignore verification failures."
+            end
+            error_count += 1
+          end
+
+          if config[:verbosity] >= 1
+            output(output_object)
+          end
+        end
+        if error_count > 0
+          ui.error "Failed to connect to #{error_count} nodes."
+          exit 1
+        end
+      end
+
+      def post_identity_request(endpoint)
+        xml = '<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:wsmid="http://schemas.dmtf.org/wbem/wsman/identity/1/wsmanidentity.xsd"><s:Header/><s:Body><wsmid:Identify/></s:Body></s:Envelope>'
+        header = {
+          'WSMANIDENTIFY' => 'unauthenticated',
+          'Content-Type' => 'application/soap+xml; charset=UTF-8'
+        }
+
+        client = HTTPClient.new
+        Chef::HTTP::DefaultSSLPolicy.new(client.ssl_config).set_custom_certs
+        client.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_NONE if resolve_no_ssl_peer_verification
+        client.post(endpoint, xml, header)
+      end
+
+      def parse_response(node, response)
+        output_object = Chef::Knife::WsmanEndpoint.new(node.host, node.port, node.endpoint)
+        output_object.response_status_code = response.status_code unless response.nil?
+
+        if response.nil? || response.status_code != 200
+          output_object.error_message = "No valid WSMan endoint listening at #{node.endpoint}."
+        else
+          doc = REXML::Document.new(response.body)
+          output_object.protocol_version = search_xpath(doc, "//wsmid:ProtocolVersion")
+          output_object.product_version  = search_xpath(doc, "//wsmid:ProductVersion")
+          output_object.product_vendor  = search_xpath(doc, "//wsmid:ProductVendor")
+          if output_object.protocol_version.to_s.strip.length == 0
+            output_object.error_message = "Endpoint #{node.endpoint} on #{node.host} does not appear to be a WSMAN endpoint. Response body was #{response.body}"
+          end
+        end
+        output_object
+      end
+
+      def search_xpath(document, property_name)
+        result = REXML::XPath.match(document, property_name)
+        result[0].nil? ? '' : result[0].text
+      end
+    end
+  end
+end

data/lib/knife-winops/path_helper.rb

@@ -0,0 +1,242 @@
+#
+# Original knife-windows author:: Bryan McLellan <btm@loftninjas.org>
+# Copyright:: Copyright (c) 2014-2016 Chef Software, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# Sourced from Chef::Util::PathHelper.
+# Should be removed when Chef 11 catches up or we stop supporting Chef 11
+
+module Knife
+  module Windows
+    class PathHelper
+      # Maximum characters in a standard Windows path (260 including drive letter and NUL)
+      WIN_MAX_PATH = 259
+
+      def self.dirname(path)
+        if Chef::Platform.windows?
+          # Find the first slash, not counting trailing slashes
+          end_slash = path.size
+          while true
+            slash = path.rindex(/[#{Regexp.escape(File::SEPARATOR)}#{Regexp.escape(path_separator)}]/, end_slash - 1)
+            if !slash
+              return end_slash == path.size ? '.' : path_separator
+            elsif slash == end_slash - 1
+              end_slash = slash
+            else
+              return path[0..slash-1]
+            end
+          end
+        else
+          ::File.dirname(path)
+        end
+      end
+
+      BACKSLASH = '\\'.freeze
+
+      def self.path_separator
+        if Chef::Platform.windows?
+          File::ALT_SEPARATOR || BACKSLASH
+        else
+          File::SEPARATOR
+        end
+      end
+
+      def self.join(*args)
+        args.flatten.inject do |joined_path, component|
+          # Joined path ends with /
+          joined_path = joined_path.sub(/[#{Regexp.escape(File::SEPARATOR)}#{Regexp.escape(path_separator)}]+$/, '')
+          component = component.sub(/^[#{Regexp.escape(File::SEPARATOR)}#{Regexp.escape(path_separator)}]+/, '')
+          joined_path += "#{path_separator}#{component}"
+        end
+      end
+
+      def self.validate_path(path)
+        if Chef::Platform.windows?
+          unless printable?(path)
+            msg = "Path '#{path}' contains non-printable characters. Check that backslashes are escaped with another backslash (e.g. C:\\\\Windows) in double-quoted strings."
+            Chef::Log.error(msg)
+            raise Chef::Exceptions::ValidationFailed, msg
+          end
+
+          if windows_max_length_exceeded?(path)
+            Chef::Log.debug("Path '#{path}' is longer than #{WIN_MAX_PATH}, prefixing with'\\\\?\\'")
+            path.insert(0, "\\\\?\\")
+          end
+        end
+
+        path
+      end
+
+      def self.windows_max_length_exceeded?(path)
+        # Check to see if paths without the \\?\ prefix are over the maximum allowed length for the Windows API
+        # http://msdn.microsoft.com/en-us/library/windows/desktop/aa365247%28v=vs.85%29.aspx
+        unless path =~ /^\\\\?\\/
+          if path.length > WIN_MAX_PATH
+            return true
+          end
+        end
+
+        false
+      end
+
+      def self.printable?(string)
+        # returns true if string is free of non-printable characters (escape sequences)
+        # this returns false for whitespace escape sequences as well, e.g. \n\t
+        if string =~ /[^[:print:]]/
+          false
+        else
+          true
+        end
+      end
+
+      # Produces a comparable path.
+      def self.canonical_path(path, add_prefix=true)
+        # Rather than find an equivalent for File.absolute_path on 1.8.7, just bail out
+        raise NotImplementedError, "This feature is not supported on Ruby versions < 1.9" if RUBY_VERSION.to_f < 1.9
+
+        # First remove extra separators and resolve any relative paths
+        abs_path = File.absolute_path(path)
+
+        if Chef::Platform.windows?
+          # Add the \\?\ API prefix on Windows unless add_prefix is false
+          # Downcase on Windows where paths are still case-insensitive
+          abs_path.gsub!(::File::SEPARATOR, path_separator)
+          if add_prefix && abs_path !~ /^\\\\?\\/
+            abs_path.insert(0, "\\\\?\\")
+          end
+
+          abs_path.downcase!
+        end
+
+        abs_path
+      end
+
+      def self.cleanpath(path)
+        path = Pathname.new(path).cleanpath.to_s
+        # ensure all forward slashes are backslashes
+        if Chef::Platform.windows?
+          path = path.gsub(File::SEPARATOR, path_separator)
+        end
+        path
+      end
+
+      def self.paths_eql?(path1, path2)
+        canonical_path(path1) == canonical_path(path2)
+      end
+
+      # Note: this method is deprecated. Please use escape_glob_dirs
+      # Paths which may contain glob-reserved characters need
+      # to be escaped before globbing can be done.
+      # http://stackoverflow.com/questions/14127343
+      def self.escape_glob(*parts)
+        path = cleanpath(join(*parts))
+        path.gsub(/[\\\{\}\[\]\*\?]/) { |x| "\\"+x }
+      end
+
+      # This function does not switch to backslashes for windows
+      # This is because only forwardslashes should be used with dir (even for windows)
+      def self.escape_glob_dir(*parts)
+        path = Pathname.new(join(*parts)).cleanpath.to_s
+        path.gsub(/[\\\{\}\[\]\*\?]/) { |x| "\\" + x }
+      end
+
+      def self.relative_path_from(from, to)
+        pathname = Pathname.new(Chef::Util::PathHelper.cleanpath(to)).relative_path_from(Pathname.new(Chef::Util::PathHelper.cleanpath(from)))
+      end
+
+      # Retrieves the "home directory" of the current user while trying to ascertain the existence
+      # of said directory.  The path returned uses / for all separators (the ruby standard format).
+      # If the home directory doesn't exist or an error is otherwise encountered, nil is returned.
+      #
+      # If a set of path elements is provided, they are appended as-is to the home path if the
+      # homepath exists.
+      #
+      # If an optional block is provided, the joined path is passed to that block if the home path is
+      # valid and the result of the block is returned instead.
+      #
+      # Home-path discovery is performed once.  If a path is discovered, that value is memoized so
+      # that subsequent calls to home_dir don't bounce around.
+      #
+      # See self.all_homes.
+      def self.home(*args)
+        @@home_dir ||= self.all_homes { |p| break p }
+        if @@home_dir
+          path = File.join(@@home_dir, *args)
+          block_given? ? (yield path) : path
+        end
+      end
+
+      # See self.home.  This method performs a similar operation except that it yields all the different
+      # possible values of 'HOME' that one could have on this platform.  Hence, on windows, if
+      # HOMEDRIVE\HOMEPATH and USERPROFILE are different, the provided block will be called twice.
+      # This method goes out and checks the existence of each location at the time of the call.
+      #
+      # The return is a list of all the returned values from each block invocation or a list of paths
+      # if no block is provided.
+      def self.all_homes(*args)
+        paths = []
+        if Chef::Platform.windows?
+          # By default, Ruby uses the the following environment variables to determine Dir.home:
+          # HOME
+          # HOMEDRIVE HOMEPATH
+          # USERPROFILE
+          # Ruby only checks to see if the variable is specified - not if the directory actually exists.
+          # On Windows, HOMEDRIVE HOMEPATH can point to a different location (such as an unavailable network mounted drive)
+          # while USERPROFILE points to the location where the user application settings and profile are stored.  HOME
+          # is not defined as an environment variable (usually).  If the home path actually uses UNC, then the prefix is
+          # HOMESHARE instead of HOMEDRIVE.
+          #
+          # We instead walk down the following and only include paths that actually exist.
+          # HOME
+          # HOMEDRIVE HOMEPATH
+          # HOMESHARE HOMEPATH
+          # USERPROFILE
+
+          paths << ENV['HOME']
+          paths << ENV['HOMEDRIVE'] + ENV['HOMEPATH'] if ENV['HOMEDRIVE'] && ENV['HOMEPATH']
+          paths << ENV['HOMESHARE'] + ENV['HOMEPATH'] if ENV['HOMESHARE'] && ENV['HOMEPATH']
+          paths << ENV['USERPROFILE']
+        end
+        paths << Dir.home if ENV['HOME']
+
+        # Depending on what environment variables we're using, the slashes can go in any which way.
+        # Just change them all to / to keep things consistent.
+        # Note: Maybe this is a bad idea on some unixy systems where \ might be a valid character depending on
+        # the particular brand of kool-aid you consume.  This code assumes that \ and / are both
+        # path separators on any system being used.
+        paths = paths.map { |home_path| home_path.gsub(path_separator, ::File::SEPARATOR) if home_path }
+
+        # Filter out duplicate paths and paths that don't exist.
+        valid_paths = paths.select { |home_path| home_path && Dir.exists?(home_path) }
+        valid_paths = valid_paths.uniq
+
+        # Join all optional path elements at the end.
+        # If a block is provided, invoke it - otherwise just return what we've got.
+        joined_paths = valid_paths.map { |home_path| File.join(home_path, *args) }
+        if block_given?
+          joined_paths.each { |p| yield p }
+        else
+          joined_paths
+        end
+      end
+
+    end
+  end
+end
+
+# Break a require loop when require chef/util/path_helper
+require 'chef/platform'
+require 'chef/exceptions'