leap_cli 1.8.1 → 1.9

data/lib/leap_cli/remote/leap_plugin.rb

@@ -1,192 +0,0 @@
-#
-# these methods are made available in capistrano tasks as 'leap.method_name'
-# (see RemoteCommand::new_capistrano)
-#
-
-module LeapCli; module Remote; module LeapPlugin
-
-  def required_packages
-    "puppet rsync lsb-release locales"
-  end
-
-  def log(*args, &block)
-    LeapCli::Util::log(*args, &block)
-  end
-
-  #
-  # creates directories that are owned by root and 700 permissions
-  #
-  def mkdirs(*dirs)
-    raise ArgumentError.new('illegal dir name') if dirs.grep(/[\' ]/).any?
-    run dirs.collect{|dir| "mkdir -m 700 -p #{dir}; "}.join
-  end
-
-  #
-  # echos "ok" if the node has been initialized and the required packages are installed, bails out otherwise.
-  #
-  def assert_initialized
-    begin
-      test_initialized_file = "test -f #{Leap::Platform.init_path}"
-      check_required_packages = "! dpkg-query -W --showformat='${Status}\n' #{required_packages} 2>&1 | grep -q -E '(deinstall|no packages)'"
-      run "#{test_initialized_file} && #{check_required_packages} && echo ok"
-    rescue Capistrano::CommandError => exc
-      LeapCli::Util.bail! do
-        exc.hosts.each do |host|
-          node = host.to_s.split('.').first
-          LeapCli::Util.log :error, "running deploy: node not initialized. Run 'leap node init #{node}'", :host => host
-        end
-      end
-    end
-  end
-
-  #
-  # bails out the deploy if the file /etc/leap/no-deploy exists.
-  # This kind of sucks, because it would be better to skip over nodes that have no-deploy set instead
-  # halting the entire deploy. As far as I know, with capistrano, there is no way to close one of the
-  # ssh connections in the pool and make sure it gets no further commands.
-  #
-  def check_for_no_deploy
-    begin
-      run "test ! -f /etc/leap/no-deploy"
-    rescue Capistrano::CommandError => exc
-      LeapCli::Util.bail! do
-        exc.hosts.each do |host|
-          LeapCli::Util.log "Can't continue because file /etc/leap/no-deploy exists", :host => host
-        end
-      end
-    end
-  end
-
-  #
-  # dumps debugging information
-  # #
-  def debug
-    run "#{Leap::Platform.leap_dir}/bin/debug.sh"
-  end
-
-  #
-  # dumps the recent deploy history to the console
-  #
-  def history(lines)
-    command = "(test -s /var/log/leap/deploy-summary.log && tail -n #{lines} /var/log/leap/deploy-summary.log) || (test -s /var/log/leap/deploy-summary.log.1 && tail -n #{lines} /var/log/leap/deploy-summary.log.1) || (echo 'no history')"
-    run command
-  end
-
-  #
-  # This is a hairy ugly hack, exactly the kind of stuff that makes ruby
-  # dangerous and too much fun for its own good.
-  #
-  # In most places, we run remote ssh without a current 'task'. This works fine,
-  # except that in a few places, the behavior of capistrano ssh is controlled by
-  # the options of the current task.
-  #
-  # We don't want to create an actual current task, because tasks are no fun
-  # and can't take arguments or return values. So, when we need to configure
-  # things that can only be configured in a task, we use this handy hack to
-  # fake the current task.
-  #
-  # This is NOT thread safe, but could be made to be so with some extra work.
-  #
-  def with_task(name)
-    task = @config.tasks[name]
-    @config.class.send(:alias_method, :original_current_task, :current_task)
-    @config.class.send(:define_method, :current_task, Proc.new(){ task })
-    begin
-      yield
-    ensure
-      @config.class.send(:remove_method, :current_task)
-      @config.class.send(:alias_method, :current_task, :original_current_task)
-    end
-  end
-
-  #
-  # similar to run(cmd, &block), but with:
-  #
-  # * exit codes
-  # * stdout and stderr are combined
-  #
-  def stream(cmd, &block)
-    command = '%s 2>&1; echo "exitcode=$?"' % cmd
-    run(command) do |channel, stream, data|
-      exitcode = nil
-      if data =~ /exitcode=(\d+)\n/
-        exitcode = $1.to_i
-        data.sub!(/exitcode=(\d+)\n/,'')
-      end
-      yield({:host => channel[:host], :data => data, :exitcode => exitcode})
-    end
-  end
-
-  #
-  # like stream, but capture all the output before returning
-  #
-  def capture(cmd, &block)
-    command = '%s 2>&1; echo "exitcode=$?" 2>&1;' % cmd
-    host_data = {}
-    run(command) do |channel, stream, data|
-      host_data[channel[:host]] ||= ""
-      if data =~ /exitcode=(\d+)\n/
-        exitcode = $1.to_i
-        data.sub!(/exitcode=(\d+)\n/,'')
-        host_data[channel[:host]] += data
-        yield({:host => channel[:host], :data => host_data[channel[:host]], :exitcode => exitcode})
-      else
-        host_data[channel[:host]] += data
-      end
-    end
-  end
-
-  #
-  # Run a command, with a nice status report and progress indicator.
-  # Only successful results are returned, errors are printed.
-  #
-  # For each successful run on each host, block is yielded with a hash like so:
-  #
-  # {:host => 'bluejay', :exitcode => 0, :data => 'shell output'}
-  #
-  def run_with_progress(cmd, &block)
-    ssh_failures = []
-    exitcode_failures = []
-    succeeded = []
-    task = LeapCli.log_level > 1 ? :standard_task : :skip_errors_task
-    with_task(task) do
-      log :querying, 'facts' do
-        progress "   "
-        call_on_failure do |host|
-          ssh_failures << host
-          progress 'F'
-        end
-        capture(cmd) do |response|
-          if response[:exitcode] == 0
-            progress '.'
-            yield response
-          else
-            exitcode_failures << response
-            progress 'F'
-          end
-        end
-      end
-    end
-    puts "done"
-    if ssh_failures.any?
-      log :failed, 'to connect to nodes: ' + ssh_failures.join(' ')
-    end
-    if exitcode_failures.any?
-      log :failed, 'to run successfully:' do
-        exitcode_failures.each do |response|
-          log "[%s] exit %s - %s" % [response[:host], response[:exitcode], response[:data].strip]
-        end
-      end
-    end
-  rescue Capistrano::RemoteError => err
-    log :error, err.to_s
-  end
-
-  private
-
-  def progress(str='.')
-    print str
-    STDOUT.flush
-  end
-
-end; end; end

data/lib/leap_cli/remote/puppet_plugin.rb

@@ -1,26 +0,0 @@
-#
-# these methods are made available in capistrano tasks as 'puppet.method_name'
-# (see RemoteCommand::new_capistrano)
-#
-
-module LeapCli; module Remote; module PuppetPlugin
-
-  def apply(options)
-    run "#{Leap::Platform.leap_dir}/bin/puppet_command set_hostname apply #{flagize(options)}"
-  end
-
-  private
-
-  def flagize(hsh)
-    hsh.inject([]) {|str, item|
-      if item[1] === false
-        str
-      elsif item[1] === true
-        str << "--" + item[0].to_s
-      else
-        str << "--" + item[0].to_s + " " + item[1].inspect
-      end
-    }.join(' ')
-  end
-
-end; end; end

data/lib/leap_cli/remote/rsync_plugin.rb

@@ -1,35 +0,0 @@
-#
-# these methods are made available in capistrano tasks as 'rsync.method_name'
-# (see RemoteCommand::new_capistrano)
-#
-
-autoload :RsyncCommand, 'rsync_command'
-
-module LeapCli; module Remote; module RsyncPlugin
-
-  #
-  # takes a block, yielded a server, that should return a hash with various rsync options.
-  # supported options include:
-  #
-  #   {:source => '', :dest => '', :flags => '', :includes => [], :excludes => []}
-  #
-  def update
-    rsync = RsyncCommand.new(:logger => logger)
-    rsync.asynchronously(find_servers) do |server|
-      options = yield server
-      next unless options
-      remote_user = server.user || fetch(:user, ENV['USER'])
-      src = options[:source]
-      dest = {:user => remote_user, :host => server.host, :path => options[:dest]}
-      options[:ssh] = ssh_options.merge(server.options[:ssh_options]||{})
-      options[:chdir] ||= Path.provider
-      rsync.exec(src, dest, options)
-    end
-    if rsync.failed?
-      LeapCli::Util.bail! do
-        LeapCli::Util.log :failed, "to rsync to #{rsync.failures.map{|f|f[:dest][:host]}.join(' ')}"
-      end
-    end
-  end
-
-end; end; end

data/lib/leap_cli/remote/tasks.rb

@@ -1,51 +0,0 @@
-#
-# This file is evaluated just the same as a typical capistrano "deploy.rb"
-# For DSL manual, see https://github.com/capistrano/capistrano/wiki
-#
-
-MAX_HOSTS = 10
-
-task :install_authorized_keys, :max_hosts => MAX_HOSTS do
-  leap.log :updating, "authorized_keys" do
-    leap.mkdirs '/root/.ssh'
-    upload LeapCli::Path.named_path(:authorized_keys), '/root/.ssh/authorized_keys', :mode => '600'
-  end
-end
-
-#
-# for vagrant nodes, we install insecure vagrant key to authorized_keys2, since deploy
-# will overwrite authorized_keys.
-#
-# why force the insecure vagrant key?
-#   if we don't do this, then first time initialization might fail if the user has many keys
-#   (ssh will bomb out before it gets to the vagrant key).
-#   and it really doesn't make sense to ask users to pin the insecure vagrant key in their
-#   .ssh/config files.
-#
-task :install_insecure_vagrant_key, :max_hosts => MAX_HOSTS do
-  leap.log :installing, "insecure vagrant key" do
-    leap.mkdirs '/root/.ssh'
-    upload LeapCli::Path.vagrant_ssh_pub_key_file, '/root/.ssh/authorized_keys2', :mode => '600'
-  end
-end
-
-task :install_prerequisites, :max_hosts => MAX_HOSTS do
-  bin_dir = File.join(Leap::Platform.leap_dir, 'bin')
-  node_init_path = File.join(bin_dir, 'node_init')
-
-  leap.log :running, "node_init script" do
-    leap.mkdirs bin_dir
-    upload LeapCli::Path.node_init_script, node_init_path, :mode => '500'
-    run node_init_path
-  end
-end
-
-#
-# just dummies, used to capture task options
-#
-
-task :skip_errors_task, :on_error => :continue, :max_hosts => MAX_HOSTS do
-end
-
-task :standard_task, :max_hosts => MAX_HOSTS do
-end

data/lib/leap_cli/ssh_key.rb

@@ -1,195 +0,0 @@
-#
-# A wrapper around OpenSSL::PKey::RSA instances to provide a better api for dealing with SSH keys.
-#
-# cipher 'ssh-ed25519' not supported yet because we are waiting for support in Net::SSH
-#
-
-require 'net/ssh'
-require 'forwardable'
-
-module LeapCli
-  class SshKey
-    extend Forwardable
-
-    attr_accessor :filename
-    attr_accessor :comment
-
-    # supported ssh key types, in order of preference
-    SUPPORTED_TYPES = ['ssh-rsa', 'ecdsa-sha2-nistp256']
-    SUPPORTED_TYPES_RE = /(#{SUPPORTED_TYPES.join('|')})/
-
-    ##
-    ## CLASS METHODS
-    ##
-
-    def self.load(arg1, arg2=nil)
-      key = nil
-      if arg1.is_a? OpenSSL::PKey::RSA
-        key = SshKey.new arg1
-      elsif arg1.is_a? String
-        if arg1 =~ /^ssh-/
-          type, data = arg1.split(' ')
-          key = SshKey.new load_from_data(data, type)
-        elsif File.exists? arg1
-          key = SshKey.new load_from_file(arg1)
-          key.filename = arg1
-        else
-          key = SshKey.new load_from_data(arg1, arg2)
-        end
-      end
-      return key
-    rescue StandardError => exc
-    end
-
-    def self.load_from_file(filename)
-      public_key = nil
-      private_key = nil
-      begin
-        public_key = Net::SSH::KeyFactory.load_public_key(filename)
-      rescue NotImplementedError, Net::SSH::Exception, OpenSSL::PKey::PKeyError
-        begin
-          private_key = Net::SSH::KeyFactory.load_private_key(filename)
-        rescue NotImplementedError, Net::SSH::Exception, OpenSSL::PKey::PKeyError
-        end
-      end
-      public_key || private_key
-    end
-
-    def self.load_from_data(data, type='ssh-rsa')
-      public_key = nil
-      private_key = nil
-      begin
-        public_key = Net::SSH::KeyFactory.load_data_public_key("#{type} #{data}")
-      rescue NotImplementedError, Net::SSH::Exception, OpenSSL::PKey::PKeyError
-        begin
-          private_key = Net::SSH::KeyFactory.load_data_private_key("#{type} #{data}")
-        rescue NotImplementedError, Net::SSH::Exception, OpenSSL::PKey::PKeyError
-        end
-      end
-      public_key || private_key
-    end
-
-    #
-    # Picks one key out of an array of keys that we think is the "best",
-    # based on the order of preference in SUPPORTED_TYPES
-    #
-    # Currently, this does not take bitsize into account.
-    #
-    def self.pick_best_key(keys)
-      keys.select {|k|
-        SUPPORTED_TYPES.include?(k.type)
-      }.sort {|a,b|
-        SUPPORTED_TYPES.index(a.type) <=> SUPPORTED_TYPES.index(b.type)
-      }.first
-    end
-
-    #
-    # takes a string with one or more ssh keys, one key per line,
-    # and returns an array of SshKey objects.
-    #
-    # the lines should be in one of these formats:
-    #
-    # 1. <hostname> <key-type> <key>
-    # 2. <key-type> <key>
-    #
-    def self.parse_keys(string)
-      keys = []
-      lines = string.split("\n").grep(/^[^#]/)
-      lines.each do |line|
-        if line =~ / #{SshKey::SUPPORTED_TYPES_RE} /
-          # <hostname> <key-type> <key>
-          keys << line.split(' ')[1..2]
-        elsif line =~ /^#{SshKey::SUPPORTED_TYPES_RE} /
-          # <key-type> <key>
-          keys << line.split(' ')
-        end
-      end
-      return keys.map{|k| SshKey.load(k[1], k[0])}
-    end
-
-    #
-    # takes a string with one or more ssh keys, one key per line,
-    # and returns a string that specified the ssh key algorithms
-    # that are supported by the keys, in order of preference.
-    #
-    # eg: ecdsa-sha2-nistp256,ssh-rsa,ssh-ed25519
-    #
-    def self.supported_host_key_algorithms(string)
-      if string
-        self.parse_keys(string).map {|key|
-          key.type
-        }.join(',')
-      else
-        ""
-      end
-    end
-
-    ##
-    ## INSTANCE METHODS
-    ##
-
-    public
-
-    def initialize(rsa_key)
-      @key = rsa_key
-    end
-
-    def_delegator :@key, :fingerprint, :fingerprint
-    def_delegator :@key, :public?, :public?
-    def_delegator :@key, :private?, :private?
-    def_delegator :@key, :ssh_type, :type
-    def_delegator :@key, :public_encrypt, :public_encrypt
-    def_delegator :@key, :public_decrypt, :public_decrypt
-    def_delegator :@key, :private_encrypt, :private_encrypt
-    def_delegator :@key, :private_decrypt, :private_decrypt
-    def_delegator :@key, :params, :params
-    def_delegator :@key, :to_text, :to_text
-
-    def public_key
-      SshKey.new(@key.public_key)
-    end
-
-    def private_key
-      SshKey.new(@key.private_key)
-    end
-
-    #
-    # not sure if this will always work, but is seems to for now.
-    #
-    def bits
-      Net::SSH::Buffer.from(:key, @key).to_s.split("\001\000").last.size * 8
-    end
-
-    def summary
-      if self.filename
-        "%s %s %s (%s)" % [self.type, self.bits, self.fingerprint, File.basename(self.filename)]
-      else
-        "%s %s %s" % [self.type, self.bits, self.fingerprint]
-      end
-    end
-
-    def to_s
-      self.type + " " + self.key
-    end
-
-    def key
-      [Net::SSH::Buffer.from(:key, @key).to_s].pack("m*").gsub(/\s/, "")
-    end
-
-    def ==(other_key)
-      return false if other_key.nil?
-      return false if self.class != other_key.class
-      return self.to_text == other_key.to_text
-    end
-
-    def in_known_hosts?(*identifiers)
-      identifiers.each do |identifier|
-        Net::SSH::KnownHosts.search_for(identifier).each do |key|
-          return true if self == key
-        end
-      end
-      return false
-    end
-
-  end
-end