leap_cli 1.7.4 → 1.8

data/lib/leap_cli/commands/test.rb

@@ -1,74 +0,0 @@
-module LeapCli; module Commands
-
-  desc 'Run tests.'
-  command [:test, :t] do |test|
-    test.desc 'Run the test suit on FILTER nodes.'
-    test.arg_name 'FILTER', :optional => true
-    test.command :run do |run|
-      run.switch 'continue', :desc => 'Continue over errors and failures (default is --no-continue).', :negatable => true
-      run.action do |global_options,options,args|
-        test_order = File.join(Path.platform, 'tests/order.rb')
-        if File.exists?(test_order)
-          require test_order
-        end
-        manager.filter!(args).names_in_test_dependency_order.each do |node_name|
-          node = manager.nodes[node_name]
-          begin
-            ssh_connect(node) do |ssh|
-              ssh.run(test_cmd(options))
-            end
-          rescue Capistrano::CommandError => exc
-            if options[:continue]
-              exit_status(1)
-            else
-              bail!
-            end
-          end
-        end
-      end
-    end
-
-    test.desc 'Creates files needed to run tests.'
-    test.command :init do |init|
-      init.action do |global_options,options,args|
-        generate_test_client_openvpn_configs
-      end
-    end
-
-    test.default_command :run
-  end
-
-  private
-
-  def test_cmd(options)
-    if options[:continue]
-      "#{Leap::Platform.leap_dir}/bin/run_tests --continue"
-    else
-      "#{Leap::Platform.leap_dir}/bin/run_tests"
-    end
-  end
-
-  #
-  # generates a whole bunch of openvpn configs that can be used to connect to different openvpn gateways
-  #
-  def generate_test_client_openvpn_configs
-    assert_config! 'provider.ca.client_certificates.unlimited_prefix'
-    assert_config! 'provider.ca.client_certificates.limited_prefix'
-    template = read_file! Path.find_file(:test_client_openvpn_template)
-    manager.environment_names.each do |env|
-      vpn_nodes = manager.nodes[:environment => env][:services => 'openvpn']['openvpn.allow_limited' => true]
-      if vpn_nodes.any?
-        generate_test_client_cert(provider.ca.client_certificates.limited_prefix) do |key, cert|
-          write_file! [:test_openvpn_config, [env, 'limited'].compact.join('_')], Util.erb_eval(template, binding)
-        end
-      end
-      vpn_nodes = manager.nodes[:environment => env][:services => 'openvpn']['openvpn.allow_unlimited' => true]
-      if vpn_nodes.any?
-        generate_test_client_cert(provider.ca.client_certificates.unlimited_prefix) do |key, cert|
-          write_file! [:test_openvpn_config, [env, 'unlimited'].compact.join('_')], Util.erb_eval(template, binding)
-        end
-      end
-    end
-  end
-
-end; end

data/lib/leap_cli/commands/user.rb

@@ -1,136 +0,0 @@
-
-#
-# perhaps we want to verify that the key files are actually the key files we expect.
-# we could use 'file' for this:
-#
-# > file ~/.gnupg/00440025.asc
-# ~/.gnupg/00440025.asc: PGP public key block
-#
-# > file ~/.ssh/id_rsa.pub
-# ~/.ssh/id_rsa.pub: OpenSSH RSA public key
-#
-
-module LeapCli
-  module Commands
-
-    desc 'Adds a new trusted sysadmin by adding public keys to the "users" directory.'
-    arg_name 'USERNAME' #, :optional => false, :multiple => false
-    command :'add-user' do |c|
-
-      c.switch 'self', :desc => 'Add yourself as a trusted sysadin by choosing among the public keys available for the current user.', :negatable => false
-      c.flag 'ssh-pub-key', :desc => 'SSH public key file for this new user'
-      c.flag 'pgp-pub-key', :desc => 'OpenPGP public key file for this new user'
-
-      c.action do |global_options,options,args|
-        username = args.first
-        if !username.any?
-          if options[:self]
-            username ||= `whoami`.strip
-          else
-            help! "Either USERNAME argument or --self flag is required."
-          end
-        end
-        if Leap::Platform.reserved_usernames.include? username
-          bail! %(The username "#{username}" is reserved. Sorry, pick another.)
-        end
-
-        ssh_pub_key = nil
-        pgp_pub_key = nil
-
-        if options['ssh-pub-key']
-          ssh_pub_key = read_file!(options['ssh-pub-key'])
-        end
-        if options['pgp-pub-key']
-          pgp_pub_key = read_file!(options['pgp-pub-key'])
-        end
-
-        if options[:self]
-          ssh_pub_key ||= pick_ssh_key.to_s
-          pgp_pub_key ||= pick_pgp_key
-        end
-
-        assert!(ssh_pub_key, 'Sorry, could not find SSH public key.')
-
-        if ssh_pub_key
-          write_file!([:user_ssh, username], ssh_pub_key)
-        end
-        if pgp_pub_key
-          write_file!([:user_pgp, username], pgp_pub_key)
-        end
-
-        update_authorized_keys
-      end
-    end
-
-    #
-    # let the the user choose among the ssh public keys that we encounter, or just pick the key if there is only one.
-    #
-    def pick_ssh_key
-      ssh_keys = []
-      Dir.glob("#{ENV['HOME']}/.ssh/*.pub").each do |keyfile|
-        ssh_keys << SshKey.load(keyfile)
-      end
-
-      if `which ssh-add`.strip.any?
-        `ssh-add -L 2> /dev/null`.split("\n").compact.each do |line|
-          key = SshKey.load(line)
-          if key
-            key.comment = 'ssh-agent'
-            ssh_keys << key unless ssh_keys.include?(key)
-          end
-        end
-      end
-      ssh_keys.compact!
-
-      assert! ssh_keys.any?, 'Sorry, could not find any SSH public key for you. Have you run ssh-keygen?'
-
-      if ssh_keys.length > 1
-        key_index = numbered_choice_menu('Choose your SSH public key', ssh_keys.collect(&:summary)) do |line, i|
-          say("#{i+1}. #{line}")
-        end
-      else
-        key_index = 0
-      end
-
-      return ssh_keys[key_index]
-    end
-
-    #
-    # let the the user choose among the gpg public keys that we encounter, or just pick the key if there is only one.
-    #
-    def pick_pgp_key
-      begin
-        require 'gpgme'
-      rescue LoadError
-        log "Skipping OpenPGP setup because gpgme is not installed."
-        return
-      end
-
-      secret_keys = GPGME::Key.find(:secret)
-      if secret_keys.empty?
-        log "Skipping OpenPGP setup because I could not find any OpenPGP keys for you"
-        return nil
-      end
-
-      secret_keys.select!{|key| !key.expired}
-
-      if secret_keys.length > 1
-        key_index = numbered_choice_menu('Choose your OpenPGP public key', secret_keys) do |key, i|
-          key_info = key.to_s.split("\n")[0..1].map{|line| line.sub(/^\s*(sec|uid)\s*/,'')}.join(' -- ')
-          say("#{i+1}. #{key_info}")
-        end
-      else
-        key_index = 0
-      end
-
-      key_id = secret_keys[key_index].sha
-
-      # can't use this, it includes signatures:
-      #puts GPGME::Key.export(key_id, :armor => true, :export_options => :export_minimal)
-
-      # export with signatures removed:
-      return `gpg --armor --export-options export-minimal --export #{key_id}`.strip
-    end
-
-  end
-end

data/lib/leap_cli/commands/util.rb

@@ -1,50 +0,0 @@
-module LeapCli; module Commands
-
-  extend self
-  extend LeapCli::Util
-  extend LeapCli::Util::RemoteCommand
-
-  def path(name)
-    Path.named_path(name)
-  end
-
-  #
-  # keeps prompting the user for a numbered choice, until they pick a good one or bail out.
-  #
-  # block is yielded and is responsible for rendering the choices.
-  #
-  def numbered_choice_menu(msg, items, &block)
-    while true
-      say("\n" + msg + ':')
-      items.each_with_index &block
-      say("q. quit")
-      index = ask("number 1-#{items.length}> ")
-      if index.empty?
-        next
-      elsif index =~ /q/
-        bail!
-      else
-        i = index.to_i - 1
-        if i < 0 || i >= items.length
-          bail!
-        else
-          return i
-        end
-      end
-    end
-  end
-
-
-  def parse_node_list(nodes)
-    if nodes.is_a? Config::Object
-      Config::ObjectList.new(nodes)
-    elsif nodes.is_a? Config::ObjectList
-      nodes
-    elsif nodes.is_a? String
-      manager.filter!(nodes)
-    else
-      bail! "argument error"
-    end
-  end
-
-end; end

data/lib/leap_cli/commands/vagrant.rb

@@ -1,197 +0,0 @@
-autoload :IPAddr, 'ipaddr'
-require 'fileutils'
-
-module LeapCli; module Commands
-
-  desc "Manage local virtual machines."
-  long_desc "This command provides a convient way to manage Vagrant-based virtual machines. If FILTER argument is missing, the command runs on all local virtual machines. The Vagrantfile is automatically generated in 'test/Vagrantfile'. If you want to run vagrant commands manually, cd to 'test'."
-  command [:local, :l] do |local|
-    local.desc 'Starts up the virtual machine(s)'
-    local.arg_name 'FILTER', :optional => true #, :multiple => false
-    local.command :start do |start|
-      start.flag(:basebox,
-        :desc => "The basebox to use. This value is passed to vagrant as the "+
-          "`config.vm.box` option. The value here should be the name of an installed box or a "+
-          "shorthand name of a box in HashiCorp's Atlas.",
-        :arg_name => 'BASEBOX',
-        :default_value => 'LEAP/wheezy'
-      )
-      start.action do |global_options,options,args|
-        vagrant_command(["up", "sandbox on"], args, options)
-      end
-    end
-
-    local.desc 'Shuts down the virtual machine(s)'
-    local.arg_name 'FILTER', :optional => true #, :multiple => false
-    local.command :stop do |stop|
-      stop.action do |global_options,options,args|
-        if global_options[:yes]
-          vagrant_command("halt --force", args)
-        else
-          vagrant_command("halt", args)
-        end
-      end
-    end
-
-    local.desc 'Destroys the virtual machine(s), reclaiming the disk space'
-    local.arg_name 'FILTER', :optional => true #, :multiple => false
-    local.command :destroy do |destroy|
-      destroy.action do |global_options,options,args|
-        if global_options[:yes]
-          vagrant_command("destroy --force", args)
-        else
-          vagrant_command("destroy", args)
-        end
-      end
-    end
-
-    local.desc 'Print the status of local virtual machine(s)'
-    local.arg_name 'FILTER', :optional => true #, :multiple => false
-    local.command :status do |status|
-      status.action do |global_options,options,args|
-        vagrant_command("status", args)
-      end
-    end
-
-    local.desc 'Saves the current state of the virtual machine as a new snapshot'
-    local.arg_name 'FILTER', :optional => true #, :multiple => false
-    local.command :save do |status|
-      status.action do |global_options,options,args|
-        vagrant_command("sandbox commit", args)
-      end
-    end
-
-    local.desc 'Resets virtual machine(s) to the last saved snapshot'
-    local.arg_name 'FILTER', :optional => true #, :multiple => false
-    local.command :reset do |reset|
-      reset.action do |global_options,options,args|
-        vagrant_command("sandbox rollback", args)
-      end
-    end
-  end
-
-  public
-
-  #
-  # returns the path to a vagrant ssh key file.
-  #
-  # if the vagrant.key file is owned by root or ourselves, then
-  # we need to make sure that it owned by us and not world readable.
-  #
-  def vagrant_ssh_key_file
-    file_path = File.expand_path('../../../vendor/vagrant_ssh_keys/vagrant.key', File.dirname(__FILE__))
-    Util.assert_files_exist! file_path
-    uid = File.new(file_path).stat.uid
-    if uid == 0 || uid == Process.euid
-      FileUtils.install file_path, '/tmp/vagrant.key', :mode => 0600
-      file_path = '/tmp/vagrant.key'
-    end
-    return file_path
-  end
-
-  protected
-
-  def vagrant_command(cmds, args, options={})
-    vagrant_setup(options)
-    cmds = cmds.to_a
-    if args.empty?
-      nodes = [""]
-    else
-      nodes = manager.filter(args)[:environment => "local"].field(:name)
-    end
-    if nodes.any?
-      vagrant_dir = File.dirname(Path.named_path(:vagrantfile))
-      exec = ["cd #{vagrant_dir}"]
-      cmds.each do |cmd|
-        nodes.each do |node|
-          exec << "vagrant #{cmd} #{node}"
-        end
-      end
-      execute exec.join('; ')
-    else
-      bail! "No nodes found. This command only works on nodes with ip_address in the network #{LeapCli.leapfile.vagrant_network}"
-    end
-  end
-
-  private
-
-  def vagrant_setup(options)
-    assert_bin! 'vagrant', 'Vagrant is required for running local virtual machines. Run "sudo apt-get install vagrant".'
-
-    if vagrant_version <= Gem::Version.new('1.0.0')
-      gem_path = assert_run!('vagrant gem which sahara')
-      if gem_path.nil? || gem_path.empty? || gem_path =~ /^ERROR/
-        log :installing, "vagrant plugin 'sahara'"
-        assert_run! 'vagrant gem install sahara -v 0.0.13'
-      end
-    else
-      unless assert_run!('vagrant plugin list | grep sahara | cat').chars.any?
-        log :installing, "vagrant plugin 'sahara'"
-        assert_run! 'vagrant plugin install sahara'
-      end
-    end
-    create_vagrant_file(options)
-  end
-
-  def vagrant_version
-    @vagrant_version ||= Gem::Version.new(assert_run!('vagrant --version').split(' ')[1])
-  end
-
-  def execute(cmd)
-    log 2, :run, cmd
-    exec cmd
-  end
-
-  def create_vagrant_file(options)
-    lines = []
-    netmask = IPAddr.new('255.255.255.255').mask(LeapCli.leapfile.vagrant_network.split('/').last).to_s
-
-    basebox = options[:basebox] || 'LEAP/wheezy'
-
-    if vagrant_version <= Gem::Version.new('1.1.0')
-      lines << %[Vagrant::Config.run do |config|]
-      manager.each_node do |node|
-        if node.vagrant?
-          lines << %[  config.vm.define :#{node.name} do |config|]
-          lines << %[    config.vm.box = "#{basebox}"]
-          lines << %[    config.vm.network :hostonly, "#{node.ip_address}", :netmask => "#{netmask}"]
-          lines << %[    config.vm.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]]
-          lines << %[    config.vm.customize ["modifyvm", :id, "--name", "#{node.name}"]]
-          lines << %[    #{leapfile.custom_vagrant_vm_line}] if leapfile.custom_vagrant_vm_line
-          lines << %[  end]
-        end
-      end
-    else
-      lines << %[Vagrant.configure("2") do |config|]
-      manager.each_node do |node|
-        if node.vagrant?
-          lines << %[  config.vm.define :#{node.name} do |config|]
-          lines << %[    config.vm.box = "#{basebox}"]
-          lines << %[    config.vm.network :private_network, ip: "#{node.ip_address}"]
-          lines << %[    config.vm.provider "virtualbox" do |v|]
-          lines << %[      v.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]]
-          lines << %[      v.name = "#{node.name}"]
-          lines << %[    end]
-          lines << %[    #{leapfile.custom_vagrant_vm_line}] if leapfile.custom_vagrant_vm_line
-          lines << %[  end]
-        end
-      end
-    end
-
-    lines << %[end]
-    lines << ""
-    write_file! :vagrantfile, lines.join("\n")
-  end
-
-  def pick_next_vagrant_ip_address
-    taken_ips = manager.nodes[:environment => "local"].field(:ip_address)
-    if taken_ips.any?
-      highest_ip = taken_ips.map{|ip| IPAddr.new(ip)}.max
-      new_ip = highest_ip.succ
-    else
-      new_ip = IPAddr.new(LeapCli.leapfile.vagrant_network).succ.succ
-    end
-    return new_ip.to_s
-  end
-
-end; end