orats 0.4.10 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 4f16e8fca3d493283f74cfb52c13272f805f356d
-  data.tar.gz: a0227a92fb0322e35d923994005522fb1f8e1f4c
+  metadata.gz: 04ca394edc402343a74153e8b1b7a2f8f61eb4c4
+  data.tar.gz: 302ace76f892bc1d4e17e6c66a3ee5d02c749f45
 SHA512:
-  metadata.gz: 703767326261e5ec820485f01257534a56f645ade04aaf4f23e88af8a668c60c336d41481029115880a1b7e9aa91de1511b79e7f8e6f5b8a00631767e72a2e6a
-  data.tar.gz: f59fa3fa97cfd45ce987d07845d25f72d0f61abd2e5e4756dec1f7ef4dd9a83483f8d51ba19628985911b77cbe776c56e4da3c9df83c3a1714b3c402e658e29c
+  metadata.gz: 84ef1382a808fc7b08fbbe1bc99422e3560da9e198fb2fbf122b4b2671de61aece9b67c5f7cffd8fbfd00d483298d884dd3b895787d08c0dcedc4377601643a1
+  data.tar.gz: d06a4516543e945daa0c42fc8dc28d58f72b10f505b21efea7c985a2bcb3b479ff1c3ae669c93643a8e8968ef934371f5547a1ec9bc39d5a47c8baf1d530a511

data/README.md

@@ -73,6 +73,9 @@ running `orats <command name> help` from your terminal. You can also type `orats
     - Project features:
         - Optionally takes: `--skip-extras [false]`
         - Optionally takes: `--skip-foreman-start [false]`
+    - Ansible features:
+        - Optionally takes: `--sudo-password []`
+        - Optionally takes: `--skip-galaxy [false]`
 
 - Create an ansible playbook
     - `orats play <PATH>`
@@ -81,6 +84,11 @@ running `orats <command name> help` from your terminal. You can also type `orats
     - `orats nuke <APP_PATH>`
     - Optionally takes: `--skip-data [false]`
 
+- Detect whether or not orats, the playbook or inventory is outdated
+    - `orats outdated [options]`
+    - Optionally takes: `--playbook-file []`
+    - Optionally takes: `--inventory-file []`
+
 #### Why is it asking me for my development postgres password?
 
 In order to automate certain tasks such as running database migrations the script must be able to talk to your database.
@@ -89,6 +97,22 @@ location will be `localhost` and the username will be `postgres` so these values
 
 Remember, this is only your development postgres password. It will **never** ask for your production passwords.
 
+#### Is the outdated detection guaranteed to be accurate?
+
+The version comparisons can be fully trusted but when comparing a specific playbook or inventory file it's not really
+possible to guarantee a valid comparison.
+
+When passing in `--playbook-file` or `--inventory-file` it will look for certain keywords in the file. If it finds the
+keyword then it will assume that keyword is working and up to date. Since you can edit these files freely there may be
+cases where it reports a false positive.
+
+It's better than nothing and it also doubles as an upgrade guide too if you wanted to add in new role lines to your
+playbook file or paste in a few new variables in your inventory that exist in a newer version of orats that you planned
+to update.
+
+It will detect missing, outdated and extra keywords between your version of orats, your user generated files and the
+latest version on github. Execute `orats help outdated` if you get confused.
+
 ## Base
 
 This is the starter template that every other template will append to. I feel like when I make a new project, 95% of the time
@@ -129,6 +153,11 @@ Everything has been added with proper git commits so you have a trail of changes
 
 `orats new myapp --pg-password <development postgres db password>`
 
+Towards the end of the run you might get prompted for a sudo password if you have not skipped installing the ansible
+roles from the galaxy. It will only try to use sudo if it fails with a permission error first.
+
+You can also provide a `--sudo-password=foo` flag to set your password so orats can finish without any user input.
+
 #### What's with the services directory?
 
 It is just a naming convention that I like to apply, you can name it whatever you want later or remove it with a flag. My thought
@@ -255,9 +284,7 @@ check out each role then here's a link to their repos:
 - `nickjj.nginx` https://github.com/nickjj/ansible-nginx
 - `DavidWittman.redis` https://github.com/DavidWittman/ansible-redis
 
-You will need to install the roles onto your workstation before you can use them. You can do that by running this command:
-
-`ansible-galaxy install nickjj.user nickjj.security nickjj.postgres nickjj.ruby nickjj.nodejs nickjj.nginx nickjj.rails nickjj.whenever nickjj.pumacorn nickjj.sidekiq nickjj.monit DavidWittman.redis --force`
+All of the above roles will get installed and updated whenever you generate a `new` orats application.
 
 ### Try it
 

data/lib/orats/cli.rb

@@ -11,6 +11,8 @@ module Orats
     option :auth, type: :boolean, default: false, aliases: '-a'
     option :skip_extras, type: :boolean, default: false, aliases: '-E'
     option :skip_foreman_start, type: :boolean, default: false, aliases: '-F'
+    option :sudo_password, default: ''
+    option :skip_galaxy, type: :boolean, default: false, aliases: '-G'
     desc 'new APP_PATH [options]', ''
     long_desc <<-D
       `orats new myapp --pg-password supersecret` will create a new rails project and it will also create an ansible inventory to go with it by default.
@@ -38,6 +40,12 @@ module Orats
       `--skip-extras` skip creating the services directory and ansible inventory/secrets [false]
 
       `--skip-foreman-start` skip automatically running puma and sidekiq [false]
+
+      Ansible features:
+
+      `--sudo-password` to install ansible roles from the galaxy to a path outside of your user privileges []
+
+      `--skip-galaxy` skip automatically installing roles from the galaxy [false]
     D
     def new(app_name)
       Command.new(app_name, options).new
@@ -64,6 +72,28 @@ module Orats
       Command.new(app_name, options).nuke
     end
 
+    option :playbook_file, default: ''
+    option :inventory_file, default: ''
+    desc 'outdated [options]', ''
+    long_desc <<-D
+      `orats outdated` will run various comparisons on your ansible files.
+
+      Help:
+
+      `The green/yellow labels` denote a remote check to compare the files contained in your version of orats to the latest files on github.
+
+      `The blue/cyan labels` denote a local check between the files contained in your version of orats to the files you have generated such as your own playbook or inventories.
+
+      Options:
+
+      `--playbook-file` to supply a playbook file for comparison []
+
+      `--inventory-file` to supply an inventory file for comparison []
+    D
+    def outdated
+      Command.new(nil, options).outdated
+    end
+
     desc 'version', ''
     long_desc <<-D
       `orats version` will print the current version.
@@ -74,6 +104,7 @@ module Orats
     map %w(-v --version) => :version
 
     private
+
       def invoked?
         caller_locations(0).any? { |backtrace| backtrace.label == 'invoke' }
       end

data/lib/orats/command.rb

@@ -87,6 +87,10 @@ module Orats
       end
     end
 
+    def outdated
+      outdated_init
+    end
+
     def version
       puts "Orats version #{VERSION}"
     end

data/lib/orats/shell.rb

@@ -1,4 +1,5 @@
 require 'securerandom'
+require 'open-uri'
 
 module Orats
   module Shell
@@ -12,6 +13,21 @@ module Orats
       puts        '-'*80, ''; sleep 0.25
     end
 
+    def log_status(type, message, color)
+      puts
+      say_status type, set_color(message, :bold), color
+    end
+
+    def log_status_under(type, message, color)
+      say_status type, message, color
+      puts
+    end
+
+    def log_results(results, message)
+      log_status 'results', results, :magenta
+      log_status_under 'message', message, :white
+    end
+
     def git_commit(message)
       run_from @active_path, "git add . && git commit -m '#{message}'"
     end
@@ -166,14 +182,266 @@ module Orats
       run "ssh-keygen -t rsa -P '' -f #{secrets_path}/id_rsa"
 
       log_message 'shell', 'Creating self signed ssl certificates'
-      run "openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -subj '/C=US/ST=Foo/L=Bar/O=Baz/CN=qux.com' -keyout #{secrets_path}/sslkey.key -out #{secrets_path}/sslcert.crt"
+      run create_rsa_certificate(secrets_path, 'sslkey.key', 'sslcert.crt')
 
       log_message 'shell', 'Creating monit pem file'
-      run "openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -subj '/C=US/ST=Foo/L=Bar/O=Baz/CN=qux.com' -keyout #{secrets_path}/monit.pem -out #{secrets_path}/monit.pem && openssl gendh 512 >> #{secrets_path}/monit.pem"
+      run "#{create_rsa_certificate(secrets_path, 'monit.pem', 'monit.pem')} && openssl gendh 512 >> #{secrets_path}/monit.pem"
+
+      install_role_dependencies unless @options[:skip_galaxy]
+    end
+
+    def outdated_init
+      github_repo = 'https://raw.githubusercontent.com/nickjj/orats/master/lib/orats'
+
+      version_url = "#{github_repo}/version.rb"
+      galaxy_url = "#{github_repo}/templates/includes/Galaxyfile"
+      playbook_url = "#{github_repo}/templates/play.rb"
+      inventory_url = "#{github_repo}/templates/includes/inventory/group_vars/all.yml"
+
+      remote_version_contents = url_to_string(version_url)
+      remote_galaxy_contents = url_to_string(galaxy_url)
+      remote_playbook_contents = url_to_string(playbook_url)
+      remote_inventory_contents = url_to_string(inventory_url)
+
+      compare_gem_version remote_version_contents
+
+      compare_remote_role_version_to_local remote_galaxy_contents
+
+      local_playbook = compare_remote_to_local('playbook',
+                              'roles',
+                              playbook_file_stats(remote_playbook_contents),
+                              playbook_file_stats(IO.read(playbook_file_path)))
+
+      local_inventory = compare_remote_to_local('inventory',
+                              'variables',
+                              inventory_file_stats(remote_inventory_contents),
+                              inventory_file_stats(IO.read(inventory_file_path)))
+
+      unless @options[:playbook_file].empty?
+        compare_user_to_local('playbook', 'roles', @options[:playbook_file], local_playbook) do
+          playbook_file_stats IO.read(@options[:playbook_file])
+        end
+      end
+
+      unless @options[:inventory_file].empty?
+        compare_user_to_local('inventory', 'variables', @options[:inventory_file], local_inventory) do
+          inventory_file_stats IO.read(@options[:inventory_file])
+        end
+      end
     end
 
     private
 
+      def inventory_file_stats(file)
+        # pluck out all of the values contained with {{ }}
+        ansible_variable_list = file.scan(/\{\{([^{{}}]*)\}\}/)
+
+        # remove the leading space
+        ansible_variable_list.map! { |line| line.first[0] = '' }
+
+        # match every line that is not a comment and contains a colon
+        inventory_variable_list = file.scan(/^[^#].*:/)
+
+        inventory_variable_list.map! do |line|
+          # only strip lines that need it
+          line.strip! if line.include?(' ') || line.include?("\n")
+
+          # get rid of the trailing colon
+          line.chomp(':')
+
+          # if a value of a certain variable has a colon then the regex
+          # picks this up as a match. only take the variable name
+          # if this happens to occur
+          line.split(':').first if line.include?(':')
+        end
+
+        (ansible_variable_list + inventory_variable_list).uniq
+      end
+
+      def playbook_file_stats(file)
+        # match every line that is not a comment and has a role defined
+        roles_list = file.scan(/^.*role:.*/)
+
+        roles_list.map! do |line|
+          # only strip lines that need it
+          line.strip! if line.include?(' ') || line.include?("\n")
+
+          role_parts = line.split('role:')
+
+          line = role_parts[1]
+
+          if line.include?(',')
+            line = line.split(',').first
+          end
+
+          line.strip! if line.include?(' ')
+        end
+
+        roles_list.reject! { |line| line.start_with?('#') }
+
+        roles_list.uniq
+      end
+
+      def compare_gem_version(latest_contents)
+        latest = latest_contents.match(/\'(.*)\'/)[1..-1].first
+
+        log_status 'gem', 'Comparing this version of orats to the latest orats version:', :green
+        log_status_under 'version', "Latest: v#{latest}, Yours: v#{VERSION}", :yellow
+      end
+
+      def compare_remote_role_version_to_local(remote_galaxy_contents)
+        remote_galaxy_list = remote_galaxy_contents.split
+        local_galaxy_contents = IO.read(galaxy_file_path)
+        local_galaxy_list = local_galaxy_contents.split
+
+        galaxy_difference = remote_galaxy_list - local_galaxy_list
+
+        local_role_count = local_galaxy_list.size
+        different_roles = galaxy_difference.size
+
+        log_status 'roles', "Comparing this version of orats' roles to the latest version:", :green
+
+        if different_roles == 0
+          log_status_under 'message', "All #{local_role_count} roles are up to date", :yellow
+        else
+          log_status_under 'message', "There are #{different_roles} differences", :yellow
+
+          galaxy_difference.each do |role_line|
+            name = role_line.split(',').first
+            status = 'outdated'
+            color = :yellow
+
+            unless local_galaxy_contents.include?(name)
+              status = 'missing'
+              color = :red
+            end
+
+            say_status status, name, color
+          end
+
+          log_results 'The latest version of orats may benefit you:', 'Check github to see if the changes interest you'
+        end
+      end
+
+      def compare_remote_to_local(label, keyword, remote_list, local_list)
+        list_difference = remote_list - local_list
+
+        remote_count = list_difference.size#log_unmatched remote_list, local_list, 'remote', :yellow
+
+        log_status label, "Comparing this version of orats' #{label} to the latest version:", :green
+        log_status_under 'file', label == 'playbook' ? 'site.yml' : 'all.yml', :yellow
+
+        list_difference.each do |line|
+          say_status 'missing', line, :red unless local_list.include?(line)
+        end
+
+        if remote_count > 0
+          log_results "#{remote_count} new #{keyword} are available:", 'You may benefit from upgrading to the latest orats'
+        else
+          log_results 'Everything appears to be in order:', "No missing #{keyword} were found"
+        end
+
+        local_list
+      end
+
+      def compare_user_to_local(label, keyword, user_path, local_list)
+        if File.exist?(user_path) && File.file?(user_path)
+          user_list = yield
+
+          just_file_name = user_path.split('/').last
+
+          log_status label, "Comparing this version of orats' #{label} to #{just_file_name}:", :blue
+          log_status_under 'path', user_path, :cyan
+
+          # really ugly hack to not count rails ENV variables as "missing" for each inventory that was generated
+          local_list = local_list.join("\n").gsub!('TESTPROJ_', '').split("\n") if label == 'inventory'
+
+          missing_count = log_unmatched local_list, user_list, 'missing', :red
+          extra_count = log_unmatched user_list, local_list, 'extra', :yellow
+
+          if missing_count > 0
+            log_results "#{missing_count} #{keyword} are missing:", "Your ansible run will likely fail with this #{label}"
+          else
+            log_results 'Everything appears to be in order:', "No missing #{keyword} were found"
+          end
+
+          if extra_count > 0
+            log_results "#{extra_count} extra #{keyword} were detected:", "No problem but remember to add them to a future #{keyword}"
+          else
+            log_results "No extra #{keyword} were found:", "Extra #{keyword} are fine but you have none"
+          end
+        else
+          log_status label, "Comparing this version of orats' #{label} to ???:", :blue
+          puts
+          say_status 'error', "\e[1mError comparing #{label}:\e[0m", :red
+          say_status 'path', user_path, :yellow
+          say_status 'help', 'Make sure you supply a file name', :white
+        end
+      end
+
+      def url_to_string(url)
+        begin
+          file_contents = open(url).read
+        rescue OpenURI::HTTPError => ex
+          say_status 'error', "\e[1mError browsing #{url}:\e[0m", :red
+          say_status 'msg', ex, :yellow
+          exit 1
+        end
+
+        file_contents
+      end
+
+      def log_unmatched(compare, against, label, color)
+        count = 0
+
+        against = against.join
+
+        compare.each do |item|
+          unless against.include?(item)
+            # really ugly hack to not count rails ENV variables as "extra" for each inventory that was generated
+            unless item == item.upcase && item.count('_') > 1
+              say_status label, item, color
+              count += 1
+            end
+          end
+        end
+
+        count
+      end
+
+      def create_rsa_certificate(secrets_path, keyout, out)
+        "openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -subj '/C=US/ST=Foo/L=Bar/O=Baz/CN=qux.com' -keyout #{secrets_path}/#{keyout} -out #{secrets_path}/#{out}"
+      end
+
+      def galaxy_file_path
+        "#{File.expand_path File.dirname(__FILE__)}/templates/includes/Galaxyfile"
+      end
+
+      def inventory_file_path
+        "#{File.expand_path File.dirname(__FILE__)}/templates/includes/inventory/group_vars/all.yml"
+      end
+
+      def playbook_file_path
+        "#{File.expand_path File.dirname(__FILE__)}/templates/play.rb"
+      end
+
+      def install_role_dependencies
+        log_message 'shell', 'Updating ansible roles from the galaxy'
+
+        galaxy_install = "ansible-galaxy install -r #{galaxy_file_path} --force"
+        galaxy_out = run(galaxy_install, capture: true)
+
+        if galaxy_out.include?('you do not have permission')
+          if @options[:sudo_password].empty?
+            sudo_galaxy_command = 'sudo'
+          else
+            sudo_galaxy_command = "echo #{@options[:sudo_password]} | sudo -S"
+          end
+
+          run("#{sudo_galaxy_command} #{galaxy_install}")
+        end
+      end
+
       def save_secret_string(file)
         File.open(file, 'w+') { |f| f.write(SecureRandom.hex(64)) }
       end

data/lib/orats/templates/includes/Galaxyfile

@@ -0,0 +1,12 @@
+nickjj.user,v0.1.0
+nickjj.security,v0.1.1
+nickjj.postgres,v0.1.1
+nickjj.ruby,v0.1.3
+nickjj.nodejs,v0.1.1
+nickjj.nginx,v0.1.3
+nickjj.rails,v0.1.9
+nickjj.whenever,v0.1.0
+nickjj.pumacorn,v0.1.1
+nickjj.sidekiq,v0.1.1
+nickjj.monit,v0.1.2
+DavidWittman.redis

data/lib/orats/version.rb

@@ -1,3 +1,3 @@
 module Orats
-  VERSION = '0.4.10'
+  VERSION = '0.5.0'
 end

data/test/integration/cli_test.rb

@@ -65,6 +65,22 @@ class TestCLI < Minitest::Test
     assert_nuked app_name
   end
 
+  def test_outdated
+    app_name = generate_app_name
+
+    out, err = capture_subprocess_io do
+      orats "play #{app_name}"
+    end
+    assert_match /success/, out
+
+    out, err = capture_subprocess_io do
+      orats 'outdated'
+    end
+    assert_match /Comparing this version of/, out
+
+    assert_nuked app_name
+  end
+
   def test_version
     out, err = capture_subprocess_io do
       orats 'version'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: orats
 version: !ruby/object:Gem::Version
-  version: 0.4.10
+  version: 0.5.0
 platform: ruby
 authors:
 - Nick Janetakis
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-06-02 00:00:00.000000000 Z
+date: 2014-06-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: thor
@@ -89,6 +89,7 @@ files:
 - lib/orats/shell.rb
 - lib/orats/templates/auth.rb
 - lib/orats/templates/base.rb
+- lib/orats/templates/includes/Galaxyfile
 - lib/orats/templates/includes/Gemfile
 - lib/orats/templates/includes/inventory/group_vars/all.yml
 - lib/orats/templates/includes/inventory/hosts