manageiq-appliance_console 6.0.0 → 6.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ece17b25e041baf4584ff5c45cc651e5e911b5d09d94c413550908e132485c69
-  data.tar.gz: 6f367021492f89812cb0b704312b1398e7b2c74989d036e2b29e56e1a82bc8e8
+  metadata.gz: 34445fe4cc1b697688c30f689ed12499635959a5ad428763f2cfaac48a9f64c9
+  data.tar.gz: ed7530438fc6d4cf6d143e99bee966a890af509bdcb065831db8897b995a7fa8
 SHA512:
-  metadata.gz: 611619aa58fc0783538bf1ab80fd057f3316ff9c420c3df4abca6fbb15214e9555bed2f2f5239b491d472bda7d2c641f4e2904a3941785582441ef5d86bc804a
-  data.tar.gz: 51fdbbde3921c74a5c07341100e7b2f4eca78f8b6a509b861594d31952a5faf112f5b643bd161b48d7fcc8fa49fd7780e3d290ff06fc39320543e4ef47c1ed22
+  metadata.gz: a35d79649faa4a600b16959312a35468737a49f106524a510ee6d917154eb736547980a5597edc853b39325730ec3eece30efd4ed7375717525f5ad56ae3191e
+  data.tar.gz: 537c818711a763daa128491cf61895fac0646a568d7b9f39d7701707ecfcef33272d1f0cb7347290f1f61e10eb4cb7729ad2cadd18556ab5c9dd8888c7104842

data/.codeclimate.yml

@@ -1,12 +1,18 @@
-exclude_paths:
-- ".git/"
-- "**.xml"
-- "**.yaml"
-- "**.yml"
-- locale/
-- spec/
-- tools/
-engines:
+prepare:
+  fetch:
+  - url: https://raw.githubusercontent.com/ManageIQ/manageiq-style/master/.rubocop_base.yml
+    path: ".rubocop_base.yml"
+  - url: https://raw.githubusercontent.com/ManageIQ/manageiq-style/master/.rubocop_cc_base.yml
+    path: ".rubocop_cc_base.yml"
+  - url: https://raw.githubusercontent.com/ManageIQ/manageiq-style/master/styles/base.yml
+    path: styles/base.yml
+  - url: https://raw.githubusercontent.com/ManageIQ/manageiq-style/master/styles/cc_base.yml
+    path: styles/cc_base.yml
+plugins:
+  rubocop:
+    enabled: true
+    config: ".rubocop_cc.yml"
+    channel: rubocop-0-82
   brakeman:
     enabled: false
   bundler-audit:
@@ -26,19 +32,12 @@ engines:
     enabled: false
   markdownlint:
     enabled: false
-prepare:
-  fetch:
-  - url: https://raw.githubusercontent.com/ManageIQ/manageiq-style/master/.rubocop_base.yml
-    path: ".rubocop_base.yml"
-  - url: https://raw.githubusercontent.com/ManageIQ/manageiq-style/master/.rubocop_cc_base.yml
-    path: ".rubocop_cc_base.yml"
-ratings:
-  paths:
-  - Gemfile.lock
-  - "**.rake"
-  - "**.rb"
-plugins:
-  rubocop:
-    enabled: true
-    config: ".rubocop_cc.yml"
-    channel: rubocop-0-82
+exclude_patterns:
+- ".git/"
+- "**.xml"
+- "**.yaml"
+- "**.yml"
+- locale/
+- spec/
+- tools/
+version: '2'

data/.rspec_ci

@@ -1,4 +1,6 @@
+--require ci_helper
 --require spec_helper
 --color
 --order random
 --profile
+--format documentation

data/.travis.yml

@@ -1,10 +1,11 @@
 ---
 language: ruby
 rvm:
-- 2.5.8
 - 2.6.6
-sudo: false
+- 2.7.2
 cache: bundler
+addons:
+  postgresql: '10'
 env:
   global:
   - RUBY_GC_HEAP_GROWTH_MAX_SLOTS=300000

data/Gemfile

@@ -3,5 +3,3 @@ source 'https://rubygems.org'
 
 # Specify your gem's dependencies in manageiq-appliance_console.gemspec
 gemspec
-
-gem "manageiq-gems-pending", :git => "https://github.com/ManageIQ/manageiq-gems-pending", :branch => "master"

data/Rakefile

@@ -1,6 +1,25 @@
 require "bundler/gem_tasks"
 require "rspec/core/rake_task"
 
+desc "Run RSpec code examples (skip postgres required ones)"
 RSpec::Core::RakeTask.new(:spec)
 
-task :default => :spec
+# In CI, as part of the .rspec_ci, load a helper that sets the configuration
+# setting to allow the postgres specs to run.
+desc "Run RSpec code examples (assumes ci dependencies)"
+RSpec::Core::RakeTask.new("spec:ci") do |t|
+  t.rspec_opts = "--options #{File.expand_path(".rspec_ci", __dir__)}"
+end
+
+desc "Run RSpec code examples (with local postgres dependencies)"
+RSpec::Core::RakeTask.new("spec:dev") do |t|
+  # Load the PostgresRunner helper to facilitate a clean postgres environment
+  # for testing locally (not necessary for CI), and enables the postgres test
+  # via the helper.
+  pg_runner = File.join("spec", "postgres_runner_helper.rb")
+  t.rspec_opts = "-r #{File.expand_path(pg_runner, __dir__)}"
+end
+
+task :default do
+  Rake::Task["spec#{':ci' if ENV['CI']}"].invoke
+end

data/bin/appliance_console

@@ -13,7 +13,7 @@ require 'highline/system_extensions'
 require 'rubygems'
 require 'bcrypt'
 require 'linux_admin'
-require 'util/postgres_admin'
+require 'manageiq/appliance_console/postgres_admin'
 require 'awesome_spawn'
 include HighLine::SystemExtensions
 
@@ -384,13 +384,14 @@ Static Network Configuration
           "Create Region in External Database" => "create_external",
           "Join Region in External Database"   => "join_external",
           "Reset Configured Database"          => "reset_region",
-          "No changes"                         => "no_changes"
+          "Make No Database Changes"           => "no_changes"
         }
         database_action = ask_with_menu("Database Operation", options)
 
         messaging_options = {
-          "Use an external messaging system" => "external_messaging",
-          "No changes"                       => "no_changes"
+          "Configure this appliance as a messaging server" => "message_server",
+          "Connect to an external messaging system"        => "message_client",
+          "Make No messaging changes"                      => "no_changes"
         }
 
         messaging_action = ask_with_menu("Configure Messaging", messaging_options)
@@ -420,8 +421,31 @@ Static Network Configuration
         region = ManageIQ::ApplianceConsole::DatabaseConfiguration.region
 
         case messaging_action
-        when "external_messaging"
-          ManageIQ::ApplianceConsole::MessagingConfiguration.new.run_interactive
+        when "message_server"
+          say("#{selection}\n\n")
+
+          message_server = MessageServerConfiguration.new
+          if message_server.ask_questions && message_server.configure
+            say("\nMessage Server configured successfully.\n")
+            press_any_key
+          else
+            say("\nMessage Server configuration failed!\n")
+            press_any_key
+            raise MiqSignalError
+          end
+
+        when "message_client"
+          say("#{selection}\n\n")
+
+          message_client = MessageClientConfiguration.new
+          if message_client.ask_questions && message_client.configure
+            say("\nMessage Client configured successfully.\n")
+            press_any_key
+          else
+            say("\nMessage Client configuration failed!\n")
+            press_any_key
+            raise MiqSignalError
+          end
         end
 
         press_any_key

data/lib/manageiq-appliance_console.rb

@@ -11,10 +11,6 @@ module ManageIQ
     def self.logger
       @logger ||= ManageIQ::ApplianceConsole::Logger.instance
     end
-
-    def self.logger=(logger)
-      @logger = logger
-    end
   end
 end
 
@@ -24,7 +20,6 @@ require 'manageiq/appliance_console/logger'
 require 'manageiq/appliance_console/logging'
 require 'manageiq/appliance_console/prompts'
 
-require 'manageiq-gems-pending'
 require 'highline'
 
 require 'manageiq/appliance_console/auth_utilities'
@@ -43,7 +38,8 @@ require 'manageiq/appliance_console/internal_database_configuration'
 require 'manageiq/appliance_console/key_configuration'
 require 'manageiq/appliance_console/logfile_configuration'
 require 'manageiq/appliance_console/logical_volume_management'
-require 'manageiq/appliance_console/messaging_configuration'
+require 'manageiq/appliance_console/message_configuration_client'
+require 'manageiq/appliance_console/message_configuration_server'
 require 'manageiq/appliance_console/oidc_authentication'
 require 'manageiq/appliance_console/principal'
 require 'manageiq/appliance_console/saml_authentication'

data/lib/manageiq/appliance_console/certificate_authority.rb

@@ -1,6 +1,6 @@
 require 'fileutils'
 require 'tempfile'
-require 'util/postgres_admin'
+require 'manageiq/appliance_console/postgres_admin'
 
 module ManageIQ
 module ApplianceConsole

data/lib/manageiq/appliance_console/cli.rb

@@ -77,6 +77,22 @@ module ApplianceConsole
       options[:saml_unconfig]
     end
 
+    def message_server_config?
+      options[:message_server_config]
+    end
+
+    def message_server_unconfig?
+      options[:message_server_unconfig]
+    end
+
+    def message_client_config?
+      options[:message_client_config]
+    end
+
+    def message_client_unconfig?
+      options[:message_client_unconfig]
+    end
+
     def oidc_config?
       options[:oidc_config]
     end
@@ -101,10 +117,6 @@ module ApplianceConsole
       options[:openscap]
     end
 
-    def configure_messaging?
-      options[:messaging_hostname] && options[:messaging_password] && options[:messaging_port] && options[:messaging_username]
-    end
-
     def initialize(options = {})
       self.options = options
     end
@@ -175,15 +187,36 @@ module ApplianceConsole
         opt :oidc_unconfig,        "Unconfigure Appliance OpenID-Connect Authentication",            :type => :boolean, :default => false
         opt :server,               "{start|stop|restart} actions on evmserverd Server",   :type => :string
         opt :openscap,             "Setup OpenScap", :type => :boolean, :default => false
-        opt :messaging_hostname, "Messaging Hostname", :type => :string
-        opt :messaging_username, "Messaging Username", :type => :string
-        opt :messaging_password, "Messaging Password", :type => :string
-        opt :messaging_port,     "Messaging Port",     :type => :integer
+        opt :message_server_config,       "Subcommand to   Configure Appliance as a Kafka Message Server", :type => :boolean, :default => false
+        opt :message_server_unconfig,     "Subcommand to Unconfigure Appliance as a Kafka Message Server", :type => :boolean, :default => false
+        opt :message_client_config,       "Subcommand to   Configure Appliance as a Kafka Message Client", :type => :boolean, :default => false
+        opt :message_client_unconfig,     "Subcommand to Unconfigure Appliance as a Kafka Message Client", :type => :boolean, :default => false
+        opt :message_keystore_username,   "Message Server Keystore Username",                              :type => :string
+        opt :message_keystore_password,   "Message Server Keystore Password",                              :type => :string
+        opt :message_server_username,     "Message Server Username",                                       :type => :string
+        opt :message_server_password,     "Message Server password",                                       :type => :string
+        opt :message_server_port,         "Message Server Port",                                           :type => :integer
+        opt :message_server_use_ipaddr,   "Message Server Use Address",                                    :type => :boolean, :default => false
+        opt :message_server_host,         "Message Server Hostname or IP Address",                         :type => :string
+        opt :message_truststore_path_src, "Message Server Truststore Path",                                :type => :string
+        opt :message_ca_cert_path_src,    "Message Server CA Cert Path",                                   :type => :string
+        opt :message_persistent_disk,     "Message Persistent Disk Path",                                  :type => :string
       end
       Optimist.die :region, "needed when setting up a local database" if region_number_required? && options[:region].nil?
+      Optimist.die "Supply only one of --message-server-host or --message-server-use-ipaddr=true" if both_host_and_use_ip_addr_specified?
+      Optimist.die "Supply only one of --message-server-config, --message-server-unconfig, --message-client-config or --message-client-unconfig" if multiple_message_subcommands?
       self
     end
 
+    def both_host_and_use_ip_addr_specified?
+      !options[:message_server_host].nil? && options[:message_server_use_ipaddr] == true
+    end
+
+    def multiple_message_subcommands?
+      a = [options[:message_server_config], options[:message_server_unconfig], options[:message_client_config], options[:message_client_unconfig]]
+      a.each_with_object(Hash.new(0)) { |o, h| h[o] += 1 }[true] > 1
+    end
+
     def region_number_required?
       !options[:standalone] && local_database?
     end
@@ -193,7 +226,9 @@ module ApplianceConsole
                               uninstall_ipa? || install_ipa? || certs? || extauth_opts? ||
                               set_server_state? || set_replication? || openscap? ||
                               saml_config? || saml_unconfig? ||
-                              oidc_config? || oidc_unconfig? || configure_messaging?
+                              oidc_config? || oidc_unconfig? ||
+                              message_server_config? || message_server_unconfig? ||
+                              message_client_config? || message_client_unconfig?
 
       if set_host?
         system_hosts = LinuxAdmin::Hosts.new
@@ -217,7 +252,10 @@ module ApplianceConsole
       oidc_unconfig if oidc_unconfig?
       set_server_state if set_server_state?
       openscap if openscap?
-      configure_messaging if configure_messaging?
+      message_server_config if message_server_config?
+      message_server_unconfig if message_server_unconfig?
+      message_client_config if message_client_config?
+      message_client_unconfig if message_client_unconfig?
     rescue CliError => e
       say(e.message)
       say("")
@@ -419,6 +457,22 @@ module ApplianceConsole
       OIDCAuthentication.new(options).unconfigure
     end
 
+    def message_server_config
+      MessageServerConfiguration.new(options).configure
+    end
+
+    def message_server_unconfig
+      MessageServerConfiguration.new(options).unconfigure
+    end
+
+    def message_client_config
+      MessageClientConfiguration.new(options).configure
+    end
+
+    def message_client_unconfig
+      MessageClientConfiguration.new(options).unconfigure
+    end
+
     def set_server_state
       service = LinuxAdmin::Service.new("evmserverd")
       service_running = service.running?
@@ -437,16 +491,6 @@ module ApplianceConsole
     def self.parse(args)
       new.parse(args).run
     end
-
-    def configure_messaging
-      say("configuring messaging")
-      ManageIQ::ApplianceConsole::MessagingConfiguration.new.save(
-        "hostname" => options[:messaging_hostname],
-        "password" => options[:messaging_password],
-        "port"     => options[:messaging_port],
-        "username" => options[:messaging_username]
-      )
-    end
   end
 end
 end

data/lib/manageiq/appliance_console/database_configuration.rb

@@ -8,7 +8,8 @@ require 'fileutils'
 module ManageIQ
 module ApplianceConsole
   class DatabaseConfiguration
-    attr_accessor :adapter, :host, :username, :database, :password, :port, :region
+    attr_accessor :adapter, :host, :username, :database, :port, :region
+    attr_reader :password
 
     class ModelWithNoBackingTable < ActiveRecord::Base
     end

data/lib/manageiq/appliance_console/database_replication.rb

@@ -1,6 +1,6 @@
 require 'pg'
 require 'English'
-require 'util/postgres_admin'
+require 'manageiq/appliance_console/postgres_admin'
 
 module ManageIQ
 module ApplianceConsole

data/lib/manageiq/appliance_console/database_replication_standby.rb

@@ -1,4 +1,4 @@
-require 'util/postgres_admin'
+require 'manageiq/appliance_console/postgres_admin'
 require 'fileutils'
 require 'linux_admin'
 

data/lib/manageiq/appliance_console/internal_database_configuration.rb

@@ -1,5 +1,5 @@
 require "pathname"
-require "util/postgres_admin"
+require "manageiq/appliance_console/postgres_admin"
 require "pg"
 require "linux_admin"
 

data/lib/manageiq/appliance_console/logfile_configuration.rb

@@ -1,7 +1,7 @@
+require "manageiq/appliance_console/utilities"
 require 'linux_admin'
 require 'pathname'
 require 'fileutils'
-require 'util/miq-system.rb'
 
 module ManageIQ
 module ApplianceConsole
@@ -18,7 +18,7 @@ module ApplianceConsole
       self.disk                = config[:disk]
       self.new_logrotate_count = nil
 
-      self.size = MiqSystem.disk_usage(LOGFILE_DIRECTORY)[0][:total_bytes]
+      self.size = Utilities.disk_usage(LOGFILE_DIRECTORY)[0][:total_bytes]
       self.current_logrotate_count = /rotate\s+(\d+)/.match(File.read(MIQ_LOGS_CONF))[1]
       self.evm_was_running = LinuxAdmin::Service.new("evmserverd").running?
     end

data/lib/manageiq/appliance_console/message_configuration.rb

@@ -0,0 +1,199 @@
+require 'active_support/core_ext/module/delegation'
+require 'pathname'
+
+module ManageIQ
+  module ApplianceConsole
+    class MessageConfiguration
+      attr_reader :message_keystore_username, :message_keystore_password,
+                  :message_server_host, :message_server_port,
+                  :miq_config_dir_path, :config_dir_path, :sample_config_dir_path,
+                  :client_properties_path,
+                  :keystore_dir_path, :truststore_path, :keystore_path,
+                  :messaging_yaml_sample_path, :messaging_yaml_path,
+                  :ca_cert_path
+
+      BASE_DIR                          = "/opt/kafka".freeze
+      LOGS_DIR                          = "#{BASE_DIR}/logs".freeze
+      CONFIG_DIR                        = "#{BASE_DIR}/config".freeze
+      SAMPLE_CONFIG_DIR                 = "#{BASE_DIR}/config-sample".freeze
+      MIQ_CONFIG_DIR                    = ManageIQ::ApplianceConsole::RAILS_ROOT.join("config").freeze
+
+      def initialize(options = {})
+        @message_server_port        = options[:message_server_port] || 9093
+        @message_keystore_username  = options[:message_keystore_username] || "admin"
+        @message_keystore_password  = options[:message_keystore_password]
+
+        @miq_config_dir_path        = Pathname.new(MIQ_CONFIG_DIR)
+        @config_dir_path            = Pathname.new(CONFIG_DIR)
+        @sample_config_dir_path     = Pathname.new(SAMPLE_CONFIG_DIR)
+
+        @client_properties_path     = config_dir_path.join("client.properties")
+        @keystore_dir_path          = config_dir_path.join("keystore")
+        @truststore_path            = keystore_dir_path.join("truststore.jks")
+        @keystore_path              = keystore_dir_path.join("keystore.jks")
+
+        @messaging_yaml_sample_path = miq_config_dir_path.join("messaging.kafka.yml")
+        @messaging_yaml_path        = miq_config_dir_path.join("messaging.yml")
+        @ca_cert_path               = keystore_dir_path.join("ca-cert")
+      end
+
+      def already_configured?
+        installed_file_found = false
+        installed_files.each do |f|
+          if File.exist?(f)
+            installed_file_found = true
+            say("Installed file #{f} found.")
+          end
+        end
+        installed_file_found
+      end
+
+      def ask_questions
+        return false unless valid_environment?
+
+        ask_for_parameters
+        show_parameters
+        return false unless agree("\nProceed? (Y/N): ")
+
+        return false unless host_reachable?(message_server_host, "Message Server Host:")
+
+        true
+      end
+
+      def create_client_properties
+        say(__method__.to_s.tr("_", " ").titleize)
+
+        return if file_found?(client_properties_path)
+
+        algorithm = message_server_host.ipaddress? ? "" : "HTTPS"
+        protocol = secure? ? "SASL_SSL" : "PLAINTEXT"
+        content = secure? ? secure_client_properties_content(algorithm, protocol) : unsecure_client_properties_content(algorithm, protocol)
+
+        File.write(client_properties_path, content)
+      end
+
+      def secure_client_properties_content(algorithm, protocol)
+        secure_content = <<~CLIENT_PROPERTIES
+          ssl.truststore.location=#{truststore_path}
+          ssl.truststore.password=#{message_keystore_password}
+        CLIENT_PROPERTIES
+
+        unsecure_client_properties_content(algorithm, protocol) + secure_content
+      end
+
+      def unsecure_client_properties_content(algorithm, protocol)
+        <<~CLIENT_PROPERTIES
+          ssl.endpoint.identification.algorithm=#{algorithm}
+
+          sasl.mechanism=PLAIN
+          security.protocol=#{protocol}
+          sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required \\
+            username=#{message_keystore_username} \\
+            password=#{message_keystore_password} ;
+        CLIENT_PROPERTIES
+      end
+
+      def configure_messaging_yaml
+        say(__method__.to_s.tr("_", " ").titleize)
+
+        return if file_found?(messaging_yaml_path)
+
+        messaging_yaml = YAML.load_file(messaging_yaml_sample_path)
+
+        messaging_yaml["production"].delete("username")
+        messaging_yaml["production"].delete("password")
+
+        messaging_yaml["production"]["hostname"]          = message_server_host
+        messaging_yaml["production"]["port"]              = message_server_port
+        messaging_yaml["production"]["sasl.mechanism"]    = "PLAIN"
+        messaging_yaml["production"]["sasl.username"]     = message_keystore_username
+        messaging_yaml["production"]["sasl.password"]     = ManageIQ::Password.try_encrypt(message_keystore_password)
+
+        if secure?
+          messaging_yaml["production"]["security.protocol"] = "SASL_SSL"
+          messaging_yaml["production"]["ssl.ca.location"]   = ca_cert_path.to_path
+        else
+          messaging_yaml["production"]["security.protocol"] = "PLAINTEXT"
+        end
+
+        File.write(messaging_yaml_path, messaging_yaml.to_yaml)
+      end
+
+      def remove_installed_files
+        say(__method__.to_s.tr("_", " ").titleize)
+
+        installed_files.each { |f| FileUtils.rm_rf(f) }
+      end
+
+      def valid_environment?
+        if already_configured?
+          unconfigure if agree("\nAlready configured on this Appliance, Un-Configure first? (Y/N): ")
+          return false unless agree("\nProceed with Configuration? (Y/N): ")
+        end
+        true
+      end
+
+      def file_found?(path)
+        return false unless File.exist?(path)
+
+        say("\tWARNING: #{path} already exists. Taking no action.")
+        true
+      end
+
+      def files_found?(path_list)
+        return false unless path_list.all? { |path| File.exist?(path) }
+
+        path_list.each { |path| file_found?(path) }
+        true
+      end
+
+      def file_contains?(path, content)
+        return false unless File.exist?(path)
+
+        content.split("\n").each do |l|
+          l.gsub!("/", "\\/")
+          l.gsub!(/password=.*$/, "password=") # Remove the password as it can have special characters that grep can not match.
+          return false unless File.foreach(path).grep(/#{l}/).any?
+        end
+
+        say("Content already exists in #{path}. Taking no action.")
+        true
+      end
+
+      def host_reachable?(host, what)
+        require 'net/ping'
+        say("Checking connectivity to #{host} ... ")
+        unless Net::Ping::External.new(host).ping
+          say("Failed.\nCould not connect to #{host},")
+          say("the #{what} must be reachable by name.")
+          return false
+        end
+        say("Succeeded.")
+        true
+      end
+
+      def configure_messaging_type(value)
+        say(__method__.to_s.tr("_", " ").titleize)
+
+        result = ManageIQ::ApplianceConsole::Utilities.rake_run("evm:settings:set", ["/prototype/messaging_type=#{value}"])
+        raise parse_errors(result).join(', ') if result.failure?
+      end
+
+      def restart_evmserverd
+        say("Restart evmserverd if it is running...")
+        evmserverd_service = LinuxAdmin::Service.new("evmserverd")
+        evmserverd_service.restart if evmserverd_service.running?
+      end
+
+      def unconfigure
+        configure_messaging_type("miq_queue") # Settings.prototype.messaging_type = 'miq_queue'
+        restart_evmserverd
+        remove_installed_files
+      end
+
+      def secure?
+        message_server_port == 9_093
+      end
+    end
+  end
+end