opsmgr 0.33.5 → 0.34.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b18d79ccc6d7f697a7c029c61cc657bfa030f0cd
-  data.tar.gz: 0eed6e834fa16071278eadff2cb1f93bdc8057a4
+  metadata.gz: 79c4d9ba31bb27d2f4b65ed0d02f1ddb30a39724
+  data.tar.gz: d6e5eca5bece6e0914d3e8da79bf11ea45a6fd08
 SHA512:
-  metadata.gz: e990b53cd30725a594b95d8d4277009992fda2572e9f4239e6a56ca13c1b666bfac51bc5bb5fd887ddfb00c2eb223269c64effa9a2be90db3becc987db6ee0d8
-  data.tar.gz: dce5f0b9c1de785980e7e28a06b8b479618bdb1dac3ac51beae1e78a5804acb660d87bff99d80c857d026e712704368b0d4cddffcc8068d860f38ef00c197baf
+  metadata.gz: aa084e0c3b6fe3729646bec8e725b5f7a6d9ad7dde7ecbf4bdcedb63b95376d42409e626d3a54c65972cdd01c96e1836bf9798e523c542e52f1e3cc4f93e6216
+  data.tar.gz: b7ae4c288832a47d61538142009cdb7cf81a9bdd46b60ad2923f4c3831b08d2fb5b89b4bd563ef623885d9cbb65d0c22218f39852fa926f19135870e0fd51156

data/lib/opsmgr/api/client.rb

@@ -1,3 +1,6 @@
+require 'backport_refinements'
+using OpsManagerUiDrivers::BackportRefinements
+
 require 'json'
 require 'opsmgr/api/http_client'
 require 'opsmgr/api/results'
@@ -8,9 +11,9 @@ module Opsmgr
     class Client
       attr_reader :environment_name
 
-      def initialize(environment)
-        @http_client = HttpClient.build(environment)
-        @environment_name = environment.settings.name.freeze
+      def initialize(environment, om_version)
+        @http_client = HttpClient.build(environment, om_version)
+        @environment_name = environment.settings.dig('name').freeze
       end
 
       def installation_settings

data/lib/opsmgr/api/http_client.rb

@@ -1,9 +1,14 @@
+# rubocop:disable Metrics/ClassLength
+require 'backport_refinements'
+using OpsManagerUiDrivers::BackportRefinements
+
 require 'net/http'
 require 'net/http/post/multipart'
 require 'json'
 require 'open4'
-require 'opsmgr/api/endpoints_factory'
 require 'opsmgr/log'
+require 'opsmgr/api/version20/endpoints'
+require 'uaa'
 
 # noinspection RubyResolve
 module Opsmgr
@@ -12,14 +17,15 @@ module Opsmgr
       include Loggable
       attr_reader :uri, :environment, :endpoints
 
-      def self.build(environment)
-        new(environment, Opsmgr::Api::EndpointsFactory.create(environment))
+      def self.build(environment, om_version)
+        new(environment, Opsmgr::Api::Version20::Endpoints.new, om_version)
       end
 
-      def initialize(environment, endpoints)
+      def initialize(environment, endpoints, om_version)
         @environment = environment
-        @uri = URI.parse(environment.settings.ops_manager.url)
+        @uri = URI.parse(environment.settings.dig('ops_manager', 'url'))
         @endpoints = endpoints
+        @om_version = om_version
       end
 
       def upload_product_installation_settings(settings_file_path)
@@ -33,7 +39,7 @@ module Opsmgr
             )
         )
 
-        req.basic_auth(web_auth_user, web_auth_password)
+        add_auth_header(req)
 
         http.request(req)
       end
@@ -50,8 +56,19 @@ module Opsmgr
             #{uri}#{endpoints.upload_product_path}
             -F #{endpoints.upload_product_form_key}[file]=@#{product_path}
             -X POST
-            -u #{web_auth_user}:#{web_auth_password}
           )
+
+        if Gem::Version.new(@om_version) >= Gem::Version.new('1.7')
+          log.info('using oauth')
+          token = get_oauth_token(web_auth_user)
+          upload_component_command.push("-H")
+          upload_component_command.push("Authorization: #{token}")
+        else
+          log.info('using basic auth')
+          upload_component_command.push("-u")
+          upload_component_command.push("#{web_auth_user}:#{web_auth_password}")
+        end
+
         log.info('uploading product')
 
         error = nil
@@ -72,7 +89,7 @@ module Opsmgr
       def add_product(product_name, version)
         req = Net::HTTP::Post.new(endpoints.add_product_path)
         req.set_form_data('name' => product_name, 'product_version' => version)
-        req.basic_auth(web_auth_user, web_auth_password)
+        add_auth_header(req)
 
         http.request(req)
       end
@@ -80,7 +97,7 @@ module Opsmgr
       def upgrade_product(product_guid, to_version)
         req = Net::HTTP::Put.new(endpoints.upgrade_product_path(product_guid))
         req.set_form_data('to_version' => to_version)
-        req.basic_auth(web_auth_user, web_auth_password)
+        add_auth_header(req)
 
         http.request(req)
       end
@@ -88,7 +105,7 @@ module Opsmgr
       def trigger_install
         req = Net::HTTP::Post.new(endpoints.install_post_path)
         req.body = ''
-        req.basic_auth(web_auth_user, web_auth_password)
+        add_auth_header(req)
 
         http.request(req)
       end
@@ -118,7 +135,7 @@ module Opsmgr
 
       def installation_delete
         req = Net::HTTP::Delete.new(endpoints.installation_path)
-        req.basic_auth(web_auth_user, web_auth_password)
+        add_auth_header(req)
 
         http.request(req)
       end
@@ -128,11 +145,23 @@ module Opsmgr
       end
 
       def create_the_first_user
-        req = Net::HTTP::Post.new(endpoints.configure_user_path)
-        req.set_form_data(
-          'user[user_name]' => web_auth_user,
-          'user[password]' => web_auth_password,
-          'user[password_confirmation]' => web_auth_password)
+        if Gem::Version.new(@om_version) < Gem::Version.new('1.7')
+          req = Net::HTTP::Post.new(endpoints.api_user_path)
+          req.set_form_data(
+            'user[user_name]' => web_auth_user,
+            'user[password]' => web_auth_password,
+            'user[password_confirmation]' => web_auth_password,
+          )
+        else
+          req = Net::HTTP::Post.new(endpoints.api_setup_path)
+          req.set_form_data(
+            'setup[user_name]' => web_auth_user,
+            'setup[password]' => web_auth_password,
+            'setup[password_confirmation]' => web_auth_password,
+            'setup[eula_accepted]' => true
+          )
+        end
+
         http.request(req)
       end
 
@@ -146,14 +175,14 @@ module Opsmgr
 
       def mark_product_for_deletion(product_guid)
         req = Net::HTTP::Delete.new(endpoints.mark_for_deletion_path(product_guid))
-        req.basic_auth(web_auth_user, web_auth_password)
+        add_auth_header(req)
 
         http.request(req)
       end
 
       def delete_unused_products
         req = Net::HTTP::Delete.new(endpoints.list_products_path)
-        req.basic_auth(web_auth_user, web_auth_password)
+        add_auth_header(req)
 
         http.request(req)
       end
@@ -163,6 +192,8 @@ module Opsmgr
       end
 
       def import_installation(installation_file, password)
+        create_the_first_user unless Gem::Version.new(@om_version) >= Gem::Version.new('1.7')
+
         req = Net::HTTP::Post::Multipart.new(
           endpoints.import_installation_path,
           'installation[file]' =>
@@ -171,12 +202,98 @@ module Opsmgr
               'application/octet-stream',
               File.basename(installation_file)
             ),
-          'password' => password
+          import_secret_parameter_name => password
         )
 
-        req.basic_auth(web_auth_user, web_auth_password)
+        add_auth_header(req) unless Gem::Version.new(@om_version) >= Gem::Version.new('1.7')
 
-        http.request(req)
+        response = http.request(req)
+
+        if Gem::Version.new(@om_version) >= Gem::Version.new('1.7')
+          wait_for_uaa_to_be_available
+
+          ensure_env_admin_user_exists
+        end
+
+        response
+      end
+
+      def wait_for_uaa_to_be_available(sleep_interval = 10, max_retry_count = 24)
+        retry_count = 0
+
+        loop do
+          request =  Net::HTTP::Get.new(
+            endpoints.login_ensure_availability
+          )
+
+          response = http.request(request)
+
+          http_location = response['location']
+
+          break if response.code == '302' && http_location == auth_redirect_location
+
+          retry_count += 1
+
+          if retry_count >= max_retry_count
+            retry_wait_time = sleep_interval * retry_count
+
+            raise("Timed out waiting for UAA to be available after #{retry_wait_time} seconds")
+          end
+
+          Kernel.sleep(sleep_interval)
+        end
+      end
+
+      def ensure_env_admin_user_exists
+        token =  get_oauth_token('admin')
+
+        create_env_admin_user(token) unless verify_if_env_admin_user_exists?(token)
+      end
+
+      def verify_if_env_admin_user_exists?(token)
+        request =  Net::HTTP::Get.new(
+          endpoints.uaa_get_user_by_username_path(web_auth_user)
+        )
+        request['Authorization'] =  token
+
+        response = http.request(request)
+
+        if response.code != '200'
+          raise("Invalid response from UAA: #{response.code}")
+        end
+
+        reply = JSON.parse(response.body)
+
+        if reply['resources'].nil?
+          raise("Invalid response body from UAA: #{response.body}")
+        end
+
+        reply['resources'].length > 0
+      end
+
+      def create_env_admin_user(token)
+        request = Net::HTTP::Post.new(
+          endpoints.uaa_create_user
+        )
+        request['Content-Type'] = 'application/json'
+        request['Authorization'] = token
+        request.body = {
+          userName: web_auth_user,
+          password: web_auth_password,
+          emails: [
+            { value: web_auth_user }
+          ]
+        }.to_json
+
+        response = http.request(request)
+
+        if response.code != '201'
+          raise("Unexpected response from UAA: code #{response.code}, body: #{response.body}")
+        end
+      end
+
+      def import_secret_parameter_name
+        Gem::Version.new(@om_version) >= Gem::Version.new('1.7') ? 'passphrase' : 'password'
       end
 
       def import_stemcell(stemcell_file)
@@ -190,23 +307,48 @@ module Opsmgr
             )
         )
 
-        req.basic_auth(web_auth_user, web_auth_password)
+        add_auth_header(req)
 
         http.request(req)
       end
 
       def read_timeout
-        environment.settings.iaas_type != 'vcloud' ? 600 : 3600
+        environment.settings.dig('iaas_type') != 'vcloud' ? 600 : 3600
+      end
+
+      def auth_redirect_location
+        host = environment.settings.dig('ops_manager', 'url')
+
+        host.concat('/') unless host.end_with? '/'
+
+        host+'auth/cloudfoundry'
       end
 
       private
 
+      def add_auth_header(request)
+        if Gem::Version.new(@om_version) >= Gem::Version.new('1.7')
+          log.info('using oauth')
+          token = get_oauth_token(web_auth_user)
+          request['Authorization'] = token
+        else
+          log.info('using basic auth')
+          request.basic_auth(web_auth_user, web_auth_password)
+        end
+      end
+
+      def get_oauth_token(user)
+        target_url = environment.settings.dig('ops_manager', 'url') + '/uaa'
+        token_issuer = CF::UAA::TokenIssuer.new(target_url, 'opsman', nil, skip_ssl_validation: true)
+        token_issuer.owner_password_grant(user, web_auth_password).auth_header
+      end
+
       def web_auth_user
-        environment.settings.ops_manager.username
+        environment.settings.dig('ops_manager', 'username')
       end
 
       def web_auth_password
-        environment.settings.ops_manager.password
+        environment.settings.dig('ops_manager', 'password')
       end
 
       def http
@@ -221,7 +363,7 @@ module Opsmgr
 
       def get_with_basic_auth(path)
         req = Net::HTTP::Get.new(path)
-        req.basic_auth(web_auth_user, web_auth_password)
+        add_auth_header(req)
 
         http.request(req)
       end

data/lib/opsmgr/api/version20/endpoints.rb

@@ -24,8 +24,12 @@ module Opsmgr
           '/api/installation'
         end
 
-        def configure_user_path
-          '/api/users'
+        def api_user_path
+          '/api/user'
+        end
+
+        def api_setup_path
+          '/api/setup'
         end
 
         def show_installation_status(id)
@@ -83,6 +87,18 @@ module Opsmgr
         def import_stemcell_path
           '/api/stemcells'
         end
+
+        def uaa_get_user_by_username_path(username)
+          "/uaa/Users?attributes=id&filter=userName%20eq%20'#{username}'"
+        end
+
+        def uaa_create_user
+          '/uaa/Users'
+        end
+
+        def login_ensure_availability
+          '/login/ensure_availability'
+        end
       end
     end
   end

data/lib/opsmgr/bosh_command_runner.rb

@@ -1,38 +1,34 @@
 module Opsmgr
   class BoshCommandRunner
-    def initialize(iaas_gateway:, bosh_command:, logger:)
-      @iaas_gateway = iaas_gateway
+    def initialize(bosh_command:, logger:)
       @bosh_command = bosh_command
       @logger = logger
     end
 
     def run(command)
-      iaas_gateway.gateway do
-        system_or_fail(
-          "#{bosh_command_prefix} #{command}",
-          "bosh #{command} failed"
-        )
-      end
+      system_or_fail(
+        "#{bosh_command_prefix} #{command}",
+        "bosh #{command} failed"
+      )
     end
 
     def run_and_capture_output(command)
-      iaas_gateway.gateway do
-        capture_output_or_fail(
-          "#{bosh_command_prefix} #{command}",
-          "bosh #{command} failed"
-        )
-      end
+      capture_output_or_fail(
+        "#{bosh_command_prefix} #{command}",
+        "bosh #{command} failed"
+      )
     end
 
     private
 
     def system_or_fail(command, failure_message)
-      logger.info("Running #{command}")
+      clean_and_log(command)
       Bundler.clean_system(command) || fail(failure_message)
     end
 
     def capture_output_or_fail(command, failure_message)
-      logger.info("Running #{command}")
+      clean_and_log(command)
+
       Bundler.with_clean_env do
         output, status = Open3.capture2(command)
         fail(failure_message) unless status.success?
@@ -40,11 +36,19 @@ module Opsmgr
       end
     end
 
+    def clean_and_log(command)
+      scrubbed_command = command.slice(command.index('bosh')..-1)
+      scrubbed_command.sub!(/\s\-p\s\b\w+\b/, ' -p <PASSWORD>')
+      scrubbed_command.sub!(/\s\-u\s\b\w+\b/, ' -u <USER>')
+
+      logger.info("Running #{scrubbed_command}")
+    end
+
     def bosh_command_prefix
       @bosh_command_prefix ||= bosh_command.command
     end
 
-    attr_reader :iaas_gateway, :bosh_command, :logger
+    attr_reader :bosh_command, :logger
   end
 end
 # Copyright (c) 2014-2015 Pivotal Software, Inc.