minionizer 0.1.0 → 0.2.0

data/test/unit/lib/core/file_injection_test.rb

@@ -5,58 +5,95 @@ module Minionizer
 
     describe FileInjection do
       let(:session) { 'MockSession' }
-      let(:source_path) { 'data/source_file.txt'}
       let(:target_path) { '/var/target_file.txt'}
-      let(:injection) { FileInjection.new(session, options) }
+      let(:string_io_creator) { mock('StringIO') }
+      let(:injection) { FileInjection.new(session, options.merge(string_io_creator: string_io_creator)) }
 
       describe '#call' do
         let(:source_contents) { 'Source Contents' }
+        let(:string_io) { mock('StringIO') }
 
         before do
-          write_file(source_path, source_contents)
           session.expects(:exec).with(%Q{mkdir --parents #{File.dirname(target_path)}})
-          session.expects(:exec).with(%Q{echo '#{source_contents}' > #{target_path}})
+          session.expects(:scp).with(string_io, target_path)
         end
 
-        describe 'only source and target are provided' do
-          let(:options) {{ source_path: source_path, target_path: target_path }}
+        describe 'provides raw contents instead of source file' do
+          let(:options) {{ contents: source_contents, target_path: target_path }}
 
-          it 'sends a command to session' do
+          it 'writes the contents to the file' do
+            string_io_creator.expects(:new).with(source_contents).returns(string_io)
             injection.call
           end
-
         end
 
-        describe 'mode is provided' do
-          let(:mode) { '0700' }
-          let(:options) {{ source_path: source_path, target_path: target_path, mode: mode }}
+        describe 'source file is provided' do
 
-          it 'sets the file permissions' do
-            session.expects(:exec).with(%Q{chmod #{mode} #{target_path}})
-            injection.call
+          before do
+            write_file(source_path, source_contents)
           end
-        end
 
-        describe 'owner is provided' do
-          let(:ownername) { 'otheruser' }
-          let(:options) {{ source_path: source_path, target_path: target_path, owner: ownername }}
+          describe 'source is plain text file' do
+            let(:source_path) { 'data/source_file.txt'}
+            let(:options) {{ source_path: source_path, target_path: target_path }}
 
-          it 'sets the file owner' do
-            session.expects(:exec).with(%Q{chown #{ownername} #{target_path}})
-            injection.call
-          end
-        end
+            before do
+              string_io_creator.expects(:new).with(source_contents).returns(string_io)
+            end
 
-        describe 'group is provided' do
-          let(:groupname) { 'othergroup' }
-          let(:options) {{ source_path: source_path, target_path: target_path, group: groupname }}
+            it 'sends a command to session' do
+              injection.call
+            end
+
+            describe 'mode is provided' do
+              let(:mode) { '0700' }
+              let(:options) {{ source_path: source_path, target_path: target_path, mode: mode }}
+
+              it 'sets the file permissions' do
+                session.expects(:exec).with(%Q{chmod #{mode} #{target_path}})
+                injection.call
+              end
+            end
+
+            describe 'owner is provided' do
+              let(:ownername) { 'otheruser' }
+              let(:options) {{ source_path: source_path, target_path: target_path, owner: ownername }}
+
+              it 'sets the file owner' do
+                session.expects(:exec).with(%Q{chown #{ownername} #{target_path}})
+                injection.call
+              end
+            end
+
+            describe 'group is provided' do
+              let(:groupname) { 'othergroup' }
+              let(:options) {{ source_path: source_path, target_path: target_path, group: groupname }}
+
+              it 'sets the file group' do
+                session.expects(:exec).with(%Q{chgrp #{groupname} #{target_path}})
+                injection.call
+              end
+            end
 
-          it 'sets the file group' do
-            session.expects(:exec).with(%Q{chgrp #{groupname} #{target_path}})
-            injection.call
           end
+
+          describe 'source is erb file' do
+            let(:source_path) { 'data/source_file.erb'}
+            let(:injectable_contents) { 'Successfully Injected Contents' }
+            let(:contents_template) { 'Source Contents with ERB: ERB_HERE' }
+            let(:source_contents) { contents_template.gsub('ERB_HERE', '<%= injectable_contents %>') }
+            let(:expected_contents) { contents_template.gsub('ERB_HERE', injectable_contents) }
+            let(:options) {{ source_path: source_path, target_path: target_path }}
+
+            it 'processes the erb' do
+              string_io_creator.expects(:new).with(expected_contents).returns(string_io)
+              injection.call
+            end
+          end
+
         end
 
+
       end
 
     end

data/test/unit/lib/core/public_ssh_key_injection_test.rb

@@ -6,35 +6,46 @@ module Minionizer
     describe PublicSshKeyInjection do
 
       describe '#call' do
-        let(:temp_file_path) { '/tmp/foobar' }
-        let(:temp_file_pointer) { OpenStruct.new(path: temp_file_path) }
-        let(:file_injection) { 'MockFileInjection' }
-        let(:file_injection_creator) { 'MockFileInjectionCreator' }
+        let(:key) { 'foobar' }
+        let(:file_injection) { mock('file_injecton') }
+        let(:folder_creation) { mock('folder_creation') }
+        let(:file_injection_creator) { mock('FileInjection') }
+        let(:folder_creation_creator) { mock('FolderCreation') }
         let(:session) { 'MockSession' }
         let(:username) { 'foouser' }
         let(:key_injection_options) {{
           target_username: username,
-          file_injection_creator: file_injection_creator
+          file_injection_creator: file_injection_creator,
+          folder_creation_creator: folder_creation_creator
         }}
         let(:key_injection) { PublicSshKeyInjection.new(session, key_injection_options) }
+        let(:expected_folder_creation_options) {[
+          session,
+          {
+            :path => "/home/#{username}/.ssh",
+            :owner => username,
+            :group => username,
+            mode: 700
+          }
+        ]}
         let(:expected_file_injection_options) {[
           session,
           {
-            :source_path => temp_file_path,
-            :target_path => "~#{username}/.ssh/authorized_keys",
+            :contents => key,
+            :target_path => "/home/#{username}/.ssh/authorized_keys",
             :owner => username,
-            :group => username
+            :group => username,
+            mode: 600
           }
         ]}
 
         before do
-          temp_file_pointer.expects(:unlink)
-          Tempfile.expects(:new).yields(temp_file_pointer).returns(temp_file_pointer)
           write_file('data/public_keys/foobar.pubkey', 'foobar')
-          temp_file_pointer.expects(:puts).with('foobar')
         end
 
         it 'injects the file' do
+          folder_creation_creator.expects(:new).with(*expected_folder_creation_options).returns(folder_creation)
+          folder_creation.expects(:call)
           file_injection_creator.expects(:new).with(*expected_file_injection_options).returns(file_injection)
           file_injection.expects(:call)
 

data/test/unit/lib/core/task_template_test.rb

@@ -3,7 +3,7 @@ require 'test_helper'
 module Minionizer
   class TaskTemplateTest < MiniTest::Test
     describe TaskTemplate do
-      let(:session) { 'MockSession' }
+      let(:session) { Minitest::Mock.new }
       let(:template) { TaskTemplate.new(session, :foo => 'bar') }
 
       describe '#method_missing' do
@@ -30,6 +30,14 @@ module Minionizer
           refute(template.respond_to?(:foobar))
         end
       end
+
+      describe '#download_file' do
+        it 'downloads a file' do
+          session.expect(:exec, true, [/wget/])
+          template.download_file('source','destination')
+          session.verify
+        end
+      end
     end
   end
 end

data/test/unit/lib/minionizer/cryptographer_test.rb

@@ -0,0 +1,145 @@
+require 'test_helper'
+
+module Minionizer
+  class CryptographerTest < MiniTest::Test
+    describe Cryptographer do
+      let(:cryptographer) { Cryptographer.new }
+      let(:unencrypted_filename) { 'foobar.txt' }
+      let(:encrypted_filename) { "#{unencrypted_filename}.enc" }
+      let(:path_to_unencrypted_filename) { "#{Cryptographer::SECRET_FOLDER}/#{unencrypted_filename}" }
+      let(:path_to_encrypted_filename) { "#{Cryptographer::SAFE_FOLDER}/#{encrypted_filename}" }
+      let(:path_to_stored_sha) { "#{Cryptographer::SAFE_FOLDER}/#{unencrypted_filename}.sha" }
+
+      before do
+        Dir.stubs(:foreach).with(Cryptographer::SECRET_FOLDER).yields(unencrypted_filename)
+        Dir.stubs(:foreach).with(Cryptographer::SAFE_FOLDER).yields(encrypted_filename)
+        @stdout = $stdout
+        $stdout = StringIO.new
+      end
+
+      after do
+        $stdout = @stdout
+      end
+
+      describe '#generate_key' do
+
+        it 'generates a key' do
+          cryptographer.expects(:system).with() { |c| c.match(/--gen-key/) }
+          cryptographer.generate_key
+        end
+
+      end
+
+      describe '#encrypt_secrets' do
+
+        describe 'when remote sha does not exist' do
+
+          before do
+            File.expects(:exists?).with(path_to_stored_sha).returns(false)
+            cryptographer.stubs(:`).with() { |c| c.match(/--fingerprint/) }.
+              returns("fingerprint\n")
+            cryptographer.stubs(:system).with() { |c| c.match(/sha512sum/) }
+            cryptographer.stubs(:system).with() do |c|
+              c.match(/--encrypt #{path_to_unencrypted_filename}/)
+            end
+          end
+
+          it 'encrypts the file' do
+            cryptographer.expects(:system).with() do |c|
+              c.match(/--encrypt #{path_to_unencrypted_filename}/)
+            end
+            cryptographer.encrypt_secrets
+          end
+
+          it 'generates the stored sha file' do
+            cryptographer.expects(:system).
+              with("sha512sum #{path_to_unencrypted_filename} > #{path_to_stored_sha}")
+            cryptographer.encrypt_secrets
+          end
+
+        end
+
+        describe 'when remote sha exists' do
+
+          before do
+            File.expects(:exists?).with(path_to_stored_sha).returns(true)
+          end
+
+          describe 'when shas match' do
+            before do
+              cryptographer.stubs(:`).with("sha512sum #{path_to_unencrypted_filename}").returns('SAMEY')
+              cryptographer.stubs(:`).with("cat #{path_to_stored_sha}").returns('SAMEY')
+            end
+
+            it 'does not encrypt the file' do
+              cryptographer.expects(:system).with() { |c| c.match(/--encrypt/) }.never
+              cryptographer.encrypt_secrets
+            end
+
+          end
+
+          describe 'when shas do not match' do
+            before do
+              cryptographer.stubs(:system).with() { |c| c.match(/sha512sum/) }
+              cryptographer.stubs(:`).with("sha512sum #{path_to_unencrypted_filename}").
+                returns('SAMEY')
+              cryptographer.stubs(:`).with("cat #{path_to_stored_sha}").returns('NOTSAMEY')
+              cryptographer.stubs(:`).with() { |c| c.match(/--fingerprint/) }.
+                returns("fingerprint\n")
+              cryptographer.stubs(:system).with() { |c| c.match(/--encrypt/) }
+            end
+
+            it 'encrypts the file' do
+              cryptographer.expects(:system).with() do |c|
+                c.match(/--encrypt #{path_to_unencrypted_filename}/)
+              end
+              cryptographer.encrypt_secrets
+           end
+
+            it 'generates the stored sha file' do
+             cryptographer.expects(:system).
+                with("sha512sum #{path_to_unencrypted_filename} > #{path_to_stored_sha}")
+              cryptographer.encrypt_secrets
+            end
+
+          end
+        end
+      end
+
+      describe '#decrypt_secrets' do
+        describe 'when shas match' do
+
+          before do
+            File.expects(:exists?).with(path_to_stored_sha).returns(true)
+            cryptographer.stubs(:`).with("sha512sum #{path_to_unencrypted_filename}").
+              returns('SAMEY')
+            cryptographer.stubs(:`).with("cat #{path_to_stored_sha}").returns('SAMEY')
+          end
+
+          it 'does not excrypt the file' do
+            cryptographer.expects(:system).with() { |c| c.match(/--decrypt/) }.never
+            cryptographer.decrypt_secrets
+          end
+        end
+
+        describe 'when shas do not match' do
+
+          before do
+            cryptographer.stubs(:`).with("sha512sum #{path_to_unencrypted_filename}").
+              returns('SAMEY')
+            cryptographer.stubs(:`).with("cat #{path_to_stored_sha}").returns('NOTSAMEY')
+          end
+
+          it 'decrypts the file' do
+            cryptographer.expects(:system).with() do |c|
+              c.match(/--decrypt #{path_to_encrypted_filename}/)
+            end
+            cryptographer.decrypt_secrets
+          end
+        end
+      end
+
+    end
+  end
+end
+

data/test/unit/lib/minionizer/initialization_test.rb

@@ -0,0 +1,113 @@
+require 'test_helper'
+
+module Minionizer
+  class InitializationTest < MiniTest::Test
+
+    describe Initialization do
+      let(:path) { '/some/path' }
+      let(:initialization) { Initialization.new(path) }
+
+      describe '.create' do
+        it 'initializes and saves' do
+          Initialization.any_instance.expects(:save)
+          Initialization.create('/some/path')
+        end
+      end
+
+      describe '#save' do
+
+        before do
+          File.stubs(:readlines).with("#{path}/.gitignore").returns(['data/secrets'])
+          initialization.stubs(:system)
+        end
+
+        describe 'directory structure' do
+
+          before do
+            File.stubs(:readlines).with("#{path}/.gitignore").returns([])
+          end
+
+          let(:folders) {[
+            '', #root folder
+            '/config',
+            '/data/encrypted_secrets',
+            '/data/public_keys',
+            '/data/secrets',
+            '/lib',
+            '/roles'
+          ]}
+
+          it 'creates it quietly' do
+             folders.each do |folder|
+               initialization.expects(:system).with("mkdir -p #{path}#{folder}")
+             end
+             initialization.save
+          end
+        end
+
+        describe 'minions.yml' do
+
+          it 'touches the file' do
+            initialization.
+              expects(:system).
+              with("touch #{path}/config/minions.yml")
+            initialization.save
+          end
+        end
+
+        describe 'gitignore' do
+
+          before do
+            initialization.
+              stubs(:system).
+              with("touch #{path}/.gitignore")
+          end
+
+          it 'touches the file' do
+            initialization.
+              expects(:system).
+              with("touch #{path}/.gitignore")
+            initialization.save
+          end
+
+          describe 'secrets line already added to file' do
+
+            it 'does not add it again' do
+              #################################################################
+              ### Because obj.expects().with().never does not properly fail
+              ### when the method is called with the given parameters.
+              ### https://github.com/freerange/mocha/issues/82
+              ### http://stackoverflow.com/q/17287665/811172
+              class NeverError < StandardError; end
+              initialization.
+                stubs(:system).
+                with("echo 'data/secrets' > #{path}/.gitignore").
+                raises(NeverError)
+              begin
+                initialization.save
+              rescue NeverError
+                assert false
+              end
+              #################################################################
+            end
+          end
+
+          describe 'secrets line is not in file' do
+
+            before do
+              File.stubs(:readlines).with("#{path}/.gitignore").returns(['foo/bar'])
+            end
+
+            it 'adds it to the file' do
+              initialization.
+                expects(:system).
+                with("echo 'data/secrets' > #{path}/.gitignore")
+              initialization.save
+            end
+          end
+        end
+      end
+    end
+
+  end
+end

data/test/unit/lib/minionizer/session_test.rb

@@ -8,22 +8,64 @@ module Minionizer
       let(:username) { 'foo' }
       let(:password) { 'bar' }
       let(:credentials) {{ 'username' => username, 'password' => password }}
-      let(:connector) { mock('connector') }
+      let(:ssh_connector) { mock('ssh_connector') }
+      let(:scp_connector) { mock('scp_connector') }
       let(:command_executor) { mock('CommandExecution') }
       let(:execution) { mock('execution') }
-      let(:connection) { mock('connection') }
-      let(:session) { Session.new(fqdn, credentials, connector, command_executor) }
+      let(:ssh_connection) { mock('ssh_connection') }
+      let(:scp_connection) { mock('scp_connection') }
+      let(:session) { Session.new(fqdn, credentials, ssh_connector, scp_connector, command_executor) }
       let(:start_args) { [fqdn, username, { password: password }]}
 
       it 'instantiates' do
         assert_kind_of(Session, session)
       end
 
+      describe '#scp' do
+        let(:source_path) { '/source/path' }
+        let(:target_path) { '/target/path' }
+
+        before do
+          scp_connector.expects(:start).with(*start_args).returns(scp_connection)
+        end
+
+        describe 'straight scp' do
+
+          it 'copies the file to the target location' do
+            scp_connection.expects(:upload!).with(source_path, target_path)
+            session.scp(source_path, target_path)
+          end
+
+        end
+
+        describe 'within sudo block' do
+          let(:hex) { 'securehex' }
+          let(:temp_filename) { "#{hex}.minionizer_tempfile" }
+
+          before do
+            ssh_connector.expects(:start).with(*start_args).returns(ssh_connection)
+            SecureRandom.expects(:hex).returns(hex)
+          end
+
+          it 'copies the file to temp location and then moves it' do
+            scp_connection.expects(:upload!).with(source_path, temp_filename)
+            command_executor.
+              expects(:new).
+              with(ssh_connection, sudoized("mv #{temp_filename} #{target_path}"), {}).
+              returns(OpenStruct.new(:call => true))
+            session.sudo do |sudo_session|
+              sudo_session.scp(source_path, target_path)
+            end
+          end
+
+        end
+      end
+
       describe 'running commands' do
         let(:command) { 'foobar' }
 
         before do
-          connector.expects(:start).with(*start_args).returns(connection)
+          ssh_connector.expects(:start).with(*start_args).returns(ssh_connection)
         end
 
         describe '#sudo' do
@@ -33,7 +75,7 @@ module Minionizer
             it 'prepends sudo onto the command line' do
               command_executor.
                 expects(:new).
-                with(connection, sudoized(command)).
+                with(ssh_connection, sudoized(command), {}).
                 returns(OpenStruct.new(:call => true))
               session.sudo do
                 session.exec(command)
@@ -46,7 +88,7 @@ module Minionizer
             it 'prepends sudo onto the command line' do
               command_executor.
                 expects(:new).
-                with(connection, sudoized(command)).
+                with(ssh_connection, sudoized(command), {}).
                 returns(OpenStruct.new(:call => true))
               session.sudo(command)
             end
@@ -60,7 +102,7 @@ module Minionizer
               commands.each do |command|
                 command_executor.
                   expects(:new).
-                  with(connection, sudoized(command)).
+                  with(ssh_connection, sudoized(command), {}).
                   returns(OpenStruct.new(:call => true))
               end
               session.sudo(*commands)
@@ -76,7 +118,7 @@ module Minionizer
           it 'passes the command to the executor' do
             command_executor.
               expects(:new).
-              with(connection, command).
+              with(ssh_connection, command, {}).
               returns(OpenStruct.new(:call => true))
             session.exec(command)
           end
@@ -90,7 +132,7 @@ module Minionizer
             commands.each do |command|
               command_executor.
                 expects(:new).
-                with(connection, command).
+                with(ssh_connection, command, {}).
                 returns(OpenStruct.new(:call => true))
             end
             session.exec(*commands)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: minionizer
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Jonathan S. Garvin
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-05-11 00:00:00.000000000 Z
+date: 2014-10-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -24,6 +24,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '4.1'
+- !ruby/object:Gem::Dependency
+  name: binding_of_caller
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.7'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.7'
 - !ruby/object:Gem::Dependency
   name: net-ssh
   requirement: !ruby/object:Gem::Requirement
@@ -38,6 +52,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.9'
+- !ruby/object:Gem::Dependency
+  name: net-scp
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.2'
 - !ruby/object:Gem::Dependency
   name: fakefs
   requirement: !ruby/object:Gem::Requirement
@@ -66,6 +94,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.4'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.4'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -105,6 +147,8 @@ files:
 - lib/minionizer.rb
 - lib/minionizer/command_execution.rb
 - lib/minionizer/configuration.rb
+- lib/minionizer/cryptographer.rb
+- lib/minionizer/initialization.rb
 - lib/minionizer/minion.rb
 - lib/minionizer/minionization.rb
 - lib/minionizer/role_template.rb
@@ -122,6 +166,8 @@ files:
 - test/unit/lib/core/user_creation_test.rb
 - test/unit/lib/minionizer/command_execution_test.rb
 - test/unit/lib/minionizer/configuration_test.rb
+- test/unit/lib/minionizer/cryptographer_test.rb
+- test/unit/lib/minionizer/initialization_test.rb
 - test/unit/lib/minionizer/minion_test.rb
 - test/unit/lib/minionizer/minionization_test.rb
 - test/unit/lib/minionizer/role_template_test.rb
@@ -161,6 +207,8 @@ test_files:
 - test/unit/lib/core/user_creation_test.rb
 - test/unit/lib/minionizer/command_execution_test.rb
 - test/unit/lib/minionizer/configuration_test.rb
+- test/unit/lib/minionizer/cryptographer_test.rb
+- test/unit/lib/minionizer/initialization_test.rb
 - test/unit/lib/minionizer/minion_test.rb
 - test/unit/lib/minionizer/minionization_test.rb
 - test/unit/lib/minionizer/role_template_test.rb