linecook-gem 0.0.1 → 0.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: daf691a1760137d1407850c46df82f52f30ab117
-  data.tar.gz: 830e47b2c9d7267c1f362a62ed214b78512e2185
+  metadata.gz: 45514052292ba7f0031994394b15c5dab5447226
+  data.tar.gz: 94fdd52fe12e1c6720313ba221c3d9233a346c2c
 SHA512:
-  metadata.gz: d5cbe11357a3fa8ea4bae785803da3548e2aebfc30d2a5616ea4403ffb6a3d9b5b349cf38b63129ee4698fa9f6fdaa3bf32a5ee4b431ee63dca6c0906c2b14cd
-  data.tar.gz: d51d2a394fdd2af2a07e9ba70aef43102f305dfadc9843da66f2bdc2bd5aed650673eb79a833a6b63a55ea8d79cab418e23bbb16a3e6bbd75c34549c9c816dbe
+  metadata.gz: 131abec9715038d78fcd107060b77d13e62fef657f60d0471d045cd023aac2fa230e5a84c5bee4c0df68fecb02f080e7521a45e01a4cb9299aeb4a7439bc5d6c
+  data.tar.gz: 12ea95edd61ea70c354aca1ed08d272da115a146d354ee4ccbb897dfe2469c8b86b58d2da39c050cf535ad15ec5c3886d7874e48bde4db22d2807dd258c67cd7

data/lib/linecook/bake.rb

@@ -1,49 +1,21 @@
 require 'securerandom'
 
-require 'chef-provisioner'
-require 'chefdepartie'
-
 require 'linecook/build'
+require 'linecook/chef'
 
 module Linecook
   module Baker
     extend self
 
     def bake
-      chef_config = setup
-      script = ChefProvisioner::Bootstrap.generate(
-        node_name: chef_config[:node_name],
-        chef_version: chef_config[:version] || nil,
-        first_boot: {
-          run_list: chef_config[:run_list]
-        }
-      )
-
-      puts "Establishing connection to build..."
-      build = Linecook::Build.new('test', 'ubuntu-base.squashfs')
-      build.start
-      build.ssh.forward(chef_port)
-      build.ssh.upload(script, '/tmp/chef_bootstrap')
-      build.ssh.run('sudo bash /tmp/chef_bootstrap')
-      build.ssh.stop_forwarding
-    end
-
-    private
-
-    def setup
-      ChefProvisioner::Config.setup(client: 'linecook', listen: 'localhost')
-      config = Linecook::Config.load_config
-
-      chef_config = config[:chef]
-      chef_config.merge!(node_name: "linecook-#{SecureRandom.uuid}",
-                         chef_server_url: ChefProvisioner::Config.server)
-      # FIXME: sort out cache copying here for concurrent builds of different refs
-      Chefdepartie.run(background: true, config: chef_config, cache: '/tmp/linecook-cache')
-      chef_config
-    end
-
-    def chef_port
-      ChefProvisioner::Config.server.split(':')[-1].to_i
+      provisioner = 'chef' # FIXME HACK - read from config instead
+      build = Linecook::Build.new('test', 'ubuntu-base.squashfs') # FIXME - HACK, read from config
+      case provisioner
+        when 'chef'
+          Linecook::Chef.provision(build)
+        else
+          fail "Unsupported provisioner #{provisioner}"
+      end
     end
   end
 end

data/lib/linecook/build.rb

@@ -15,7 +15,7 @@ module Linecook
     end
 
     def ssh
-      @ssh ||= Linecook::SSH.new(@container.ip, username: 'ubuntu', password: 'ubuntu', proxy: Linecook::Builder.ssh)
+      @ssh ||= Linecook::SSH.new(@container.ip, username: 'ubuntu', password: 'ubuntu', proxy: Linecook::Builder.ssh, keyfile: Linecook::Builder.pemfile)
     end
   end
 end

data/lib/linecook/builder.rb

@@ -29,6 +29,7 @@ module Linecook
     extend Forwardable
     BUILD_HOME = '/u/lxc'
 
+    attr_reader :pemfile
     def_instance_delegators :backend, :stop, :ip, :info, :running?
 
     def backend
@@ -43,7 +44,17 @@ module Linecook
 
     def ssh
       config = Linecook::Config.load_config[:builder]
-      @ssh ||= SSH.new(ip, username: config[:username], password: config[:password])
+      @ssh ||= begin
+        userkey = File.expand_path("~/.ssh/id_rsa")
+        dedicated_key = File.join(Linecook::Config::LINECOOK_HOME, 'linecook_ssh.pem')
+        unless File.exists?(dedicated_key)
+          File.write(dedicated_key, SSHKey.generate.private_key)
+          FileUtils.chmod(0600, dedicated_key)
+        end
+        @pemfile = File.exists?(userkey) ? userkey : dedicated_key
+        puts @pemfile
+        SSH.new(ip, username: config[:username], password: config[:password], keyfile: @pemfile)
+      end
     end
 
     def builds
@@ -61,7 +72,8 @@ module Linecook
     private
 
     def setup_ssh
-      pubkey = SSHKey.new(File.read(File.expand_path("~/.ssh/id_rsa"))).ssh_public_key
+      ssh
+      pubkey = SSHKey.new(File.read(@pemfile)).ssh_public_key
       config = Linecook::Config.load_config[:builder]
       ssh.run("mkdir -p /home/#{config[:username]}/.ssh")
       ssh.upload(pubkey, "/home/#{config[:username]}/.ssh/authorized_keys")

data/lib/linecook/chef.rb

@@ -0,0 +1,107 @@
+require 'tmpdir'
+require 'fileutils'
+
+require 'chef-provisioner'
+require 'chefdepartie'
+
+module Linecook
+  module Chef
+    extend self
+
+    def provision(build)
+      chef_config = setup
+      script = ChefProvisioner::Bootstrap.generate(
+        node_name: chef_config[:node_name],
+        chef_version: chef_config[:version] || nil,
+        first_boot: {
+          run_list: chef_config[:run_list]
+        }
+      )
+
+      puts "Establishing connection to build..."
+      build.start
+      build.ssh.forward(chef_port)
+      build.ssh.upload(script, '/tmp/chef_bootstrap')
+      build.ssh.run('sudo bash /tmp/chef_bootstrap')
+      build.ssh.stop_forwarding
+    end
+
+    private
+
+    def setup
+      ChefProvisioner::Config.setup(client: 'linecook', listen: 'localhost')
+      config = Linecook::Config.load_config
+
+      chef_config = config[:chef]
+      chef_config.merge!(node_name: "linecook-#{SecureRandom.uuid}",
+                         chef_server_url: ChefProvisioner::Config.server)
+      # FIXME: sort out cache copying here for concurrent builds of different refs
+      Chefdepartie.run(background: true, config: chef_config, cache: Cache.path)
+      chef_config
+    end
+
+    def chef_port
+      ChefProvisioner::Config.server.split(':')[-1].to_i
+    end
+
+    # Required in order to have multiple builds run on different refs
+    module Cache
+      CACHE_PATH = File.join(Linecook::Config::LINECOOK_HOME, 'chefcache').freeze
+      PIDFILE = File.join(CACHE_PATH, 'pid')
+      STAMPFILE = File.join(CACHE_PATH, 'stamp')
+      STALE_THRESHOLD = 86400 # one day in seconds
+
+      extend self
+
+      def path
+        cache_path = Dir.mktmpdir
+        build
+        copy(cache_path)
+        cache_path
+      end
+
+    private
+
+      def copy(cache_path)
+        FileUtils.copy_entry(CACHE_PATH, cache_path, preserve: true)
+      end
+
+      def build
+        if stale
+          puts 'Regenerating cookbook cache'
+          Chefdepartie.run(background: true, config: Linecook::Config.load_config[:chef], cache: CACHE_PATH)
+          Chefdepartie.stop
+          write_stamp
+          unlock
+        end
+      end
+
+      def stale
+        return false if locked?
+        lock
+        old?
+      end
+
+      def locked?
+        File.exists?(PIDFILE) && (true if Process.kill(0, File.read(PIDFILE)) rescue false)
+      end
+
+      def lock
+        File.write(PIDFILE, Process.pid)
+      end
+
+      def unlock
+        FileUtils.rm_f(PIDFILE)
+      end
+
+      def old?
+        return true unless File.exists?(STAMPFILE)
+        (Time.now.to_i - File.read(STAMPFILE).to_i) > STALE_THRESHOLD
+      end
+
+      def write_stamp
+        File.write(STAMPFILE, Time.now.to_i)
+      end
+    end
+  end
+end

data/lib/linecook/lxc.rb

@@ -7,6 +7,7 @@ require 'ipaddress'
 module Linecook
   module Lxc
     class Container
+      MAX_WAIT = 60
       attr_reader :config
       def initialize(name: 'linecook', home: '/u/lxc', image: nil, remote: :local)
         @remote = remote == :local ? false : remote
@@ -24,7 +25,7 @@ module Linecook
         mount_all
         write_config
         execute("lxc-start #{container_str} -d")
-        # wait_running # FIXME - poll until it's running, or we can reach a race condition
+        wait_running
         # Don't start a cgmanager if we're already in a container
         execute('[ -f /etc/init/cgmanager.conf ] && sudo status cgmanager | grep -q running && sudo stop cgmanager || true') if lxc?
         setup_bridge unless @remote
@@ -68,12 +69,17 @@ module Linecook
 
       private
 
+      def wait_running
+        wait_for { running? }
+      end
       def wait_ssh
-        running = false
-        max_attempts = 60
+        wait_for { capture("lxc-attach -n #{@name} -P #{@home} status ssh || true") =~ /running/ }
+      end
+
+      def wait_for
         attempts = 0
-        until running || attempts > max_attempts
-          break if capture("lxc-attach -n #{@name} -P #{@home} status ssh") =~ /running/
+        until attempts > MAX_WAIT
+          break if yield
           attempts += 1
           sleep(1)
         end

data/lib/linecook/ssh.rb

@@ -50,10 +50,11 @@ module Linecook
   class SSH
 
     attr_reader :username, :hostname
-    def initialize(hostname, username: 'ubuntu', password: nil, proxy: nil)
+    def initialize(hostname, username: 'ubuntu', password: nil, keyfile: nil, proxy: nil)
       @username = username
       @password = password
       @hostname = hostname
+      @keyfile = keyfile
       @proxy = proxy_command(proxy) if proxy
     end
 
@@ -110,16 +111,18 @@ module Linecook
 
     def linecook_host
       @host ||= begin
-
         host = SSHKit::Host.new(user: @username, hostname: @hostname)
         host.password = @password if @password
-        host.ssh_options = { proxy: @proxy } if @proxy
+        opts = {}
+        opts.merge!({ proxy: @proxy }) if @proxy
+        opts.merge!({ keys: [@keyfile], auth_methods: %w(publickey password) }) if @keyfile
+        host.ssh_options = opts
         host
       end
     end
 
     def proxy_command(proxy)
-      ssh_command = "ssh #{proxy.username}@#{proxy.hostname} nc %h %p"
+      ssh_command = "ssh #{"-i #{@keyfile}" if @keyfile} #{proxy.username}@#{proxy.hostname} nc %h %p"
       Net::SSH::Proxy::Command.new(ssh_command)
     end
   end

data/lib/linecook/version.rb

@@ -1,3 +1,3 @@
 module Linecook
-  VERSION = '0.0.1'
+  VERSION = '0.0.2'
 end

data/man/LINECOOK.1

@@ -7,7 +7,7 @@ linecook \- system image builder
 linecook help [\fB\fCCOMMAND\fR]\- for specific command help
 .SH DESCRIPTION
 .PP
-Linecook 
+Linecook builds system images utilizing overlayfs, squashfs, and linux containers via LXC. Currently, linecook only natively supports chef for provisioning, but using packer with a null resource, any of the mechanisms supported by packer are also supported by linecook.
 .SH CONFIGURATION
 .PP
 Describe config file here once it's been determined
@@ -44,6 +44,13 @@ Linux 3.19 or greater with support for cgroups, and netfilter as described by lx
 OS X 10.10 or later (Hypervisor.framework required for Xhyve)
 .RE
 .SH QUIRKS
+.SS Xhyve
+.RS
+.IP \(bu 2
+Xhyve requires root privileges until 
+\[la]https://github.com/mist64/xhyve/issues/60\[ra] is resolved. Linecook will setuid on the xhyve binary.
+.RE
+.SS Overlayfs
 .RS
 .IP \(bu 2
 Overlayfs doesn't support unix domain sockets (yet), so anything using a unix domain socket outside of the /run tree should do manually symlink to /run.

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: linecook-gem
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.0.2
 platform: ruby
 authors:
 - Dale Hamel
@@ -205,6 +205,7 @@ files:
 - lib/linecook/bake.rb
 - lib/linecook/build.rb
 - lib/linecook/builder.rb
+- lib/linecook/chef.rb
 - lib/linecook/cli.rb
 - lib/linecook/config.rb
 - lib/linecook/darwin_backend.rb
@@ -239,4 +240,3 @@ signing_key:
 specification_version: 4
 summary: Build system images using chef zero, LXC, and packer
 test_files: []
-has_rdoc: