pagerduty-pd_sync 0.1.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 6fac563e7255e747b0ffff23e56056ef7477e945
+  data.tar.gz: a8359337b1b4558df37e79b1a1f826f0521a6b42
+SHA512:
+  metadata.gz: b24f4216c8be7d2cccb2d53c37c1fb0641fb6cf34cd211796f7e6fc2affed2461c0c7852d3edd4c0135eef7af04118458c1a1574049691368cd95622fdc84c60
+  data.tar.gz: 13537752201b76d4922da5c507af0cc2d4818653904c2a0f67fa0eedba203517f0047cd851c206c863599ad5733b78c0ca85ab49da2924bdfad70514ac39666f

data/.gitignore

@@ -0,0 +1 @@
+.bundle

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in pd-sync-chef.gemspec
+gemspec

data/Gemfile.lock

@@ -0,0 +1,220 @@
+PATH
+  remote: .
+  specs:
+    pd_sync (0.1.0)
+      berkshelf
+      chef
+      json
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    addressable (2.4.0)
+    berkshelf (4.3.2)
+      addressable (~> 2.3, >= 2.3.4)
+      berkshelf-api-client (~> 2.0, >= 2.0.2)
+      buff-config (~> 1.0)
+      buff-extensions (~> 1.0)
+      buff-shell_out (~> 0.1)
+      celluloid (= 0.16.0)
+      celluloid-io (~> 0.16.1)
+      cleanroom (~> 1.0)
+      faraday (~> 0.9)
+      httpclient (~> 2.7)
+      minitar (~> 0.5, >= 0.5.4)
+      octokit (~> 4.0)
+      retryable (~> 2.0)
+      ridley (~> 4.5)
+      solve (~> 2.0)
+      thor (~> 0.19)
+    berkshelf-api-client (2.0.2)
+      faraday (~> 0.9.1)
+      httpclient (~> 2.7.0)
+      ridley (~> 4.5)
+    buff-config (1.0.1)
+      buff-extensions (~> 1.0)
+      varia_model (~> 0.4)
+    buff-extensions (1.0.0)
+    buff-ignore (1.1.1)
+    buff-ruby_engine (0.1.0)
+    buff-shell_out (0.2.0)
+      buff-ruby_engine (~> 0.1.0)
+    builder (3.2.2)
+    celluloid (0.16.0)
+      timers (~> 4.0.0)
+    celluloid-io (0.16.2)
+      celluloid (>= 0.16.0)
+      nio4r (>= 1.1.0)
+    chef (12.5.1)
+      chef-config (= 12.5.1)
+      chef-zero (~> 4.2, >= 4.2.2)
+      diff-lcs (~> 1.2, >= 1.2.4)
+      erubis (~> 2.7)
+      ffi-yajl (~> 2.2)
+      highline (~> 1.6, >= 1.6.9)
+      mixlib-authentication (~> 1.3)
+      mixlib-cli (~> 1.4)
+      mixlib-log (~> 1.3)
+      mixlib-shellout (~> 2.0)
+      net-ssh (~> 2.6)
+      net-ssh-multi (~> 1.1)
+      ohai (>= 8.6.0.alpha.1, < 9)
+      plist (~> 3.1.0)
+      pry (~> 0.9)
+      rspec-core (~> 3.2)
+      rspec-expectations (~> 3.2)
+      rspec-mocks (~> 3.2)
+      rspec_junit_formatter (~> 0.2.0)
+      serverspec (~> 2.7)
+      specinfra (~> 2.10)
+      syslog-logger (~> 1.6)
+    chef-config (12.5.1)
+      mixlib-config (~> 2.0)
+      mixlib-shellout (~> 2.0)
+    chef-zero (4.6.2)
+      ffi-yajl (~> 2.2)
+      hashie (>= 2.0, < 4.0)
+      mixlib-log (~> 1.3)
+      rack
+      uuidtools (~> 2.1)
+    cleanroom (1.0.0)
+    coderay (1.1.0)
+    diff-lcs (1.2.5)
+    erubis (2.7.0)
+    faraday (0.9.2)
+      multipart-post (>= 1.2, < 3)
+    ffi (1.9.10)
+    ffi-yajl (2.2.3)
+      libyajl2 (~> 1.2)
+    hashie (3.4.4)
+    highline (1.7.8)
+    hitimes (1.2.3)
+    httpclient (2.7.2)
+    ipaddress (0.8.3)
+    json (1.8.3)
+    libyajl2 (1.2.0)
+    method_source (0.8.2)
+    minitar (0.5.4)
+    mixlib-authentication (1.4.0)
+      mixlib-log
+      rspec-core (~> 3.2)
+      rspec-expectations (~> 3.2)
+      rspec-mocks (~> 3.2)
+    mixlib-cli (1.5.0)
+    mixlib-config (2.2.1)
+    mixlib-log (1.6.0)
+    mixlib-shellout (2.2.6)
+    molinillo (0.4.4)
+    multi_json (1.11.3)
+    multipart-post (2.0.0)
+    net-scp (1.2.1)
+      net-ssh (>= 2.6.5)
+    net-ssh (2.9.4)
+    net-ssh-gateway (1.2.0)
+      net-ssh (>= 2.6.5)
+    net-ssh-multi (1.2.1)
+      net-ssh (>= 2.6.5)
+      net-ssh-gateway (>= 1.2.0)
+    net-telnet (0.1.1)
+    nio4r (1.2.1)
+    octokit (4.3.0)
+      sawyer (~> 0.7.0, >= 0.5.3)
+    ohai (8.15.1)
+      chef-config (>= 12.5.0.alpha.1, < 13)
+      ffi (~> 1.9)
+      ffi-yajl (~> 2.2)
+      ipaddress
+      mixlib-cli
+      mixlib-config (~> 2.0)
+      mixlib-log
+      mixlib-shellout (~> 2.0)
+      plist (~> 3.1)
+      systemu (~> 2.6.4)
+      wmi-lite (~> 1.0)
+    plist (3.1.0)
+    pry (0.10.1)
+      coderay (~> 1.1.0)
+      method_source (~> 0.8.1)
+      slop (~> 3.4)
+    rack (1.6.4)
+    rake (10.3.2)
+    retryable (2.0.3)
+    ridley (4.5.0)
+      addressable
+      buff-config (~> 1.0)
+      buff-extensions (~> 1.0)
+      buff-ignore (~> 1.1)
+      buff-shell_out (~> 0.1)
+      celluloid (~> 0.16.0)
+      celluloid-io (~> 0.16.1)
+      chef-config (>= 12.5.0)
+      erubis
+      faraday (~> 0.9.0)
+      hashie (>= 2.0.2, < 4.0.0)
+      httpclient (~> 2.7)
+      json (>= 1.7.7)
+      mixlib-authentication (>= 1.3.0)
+      retryable (~> 2.0)
+      semverse (~> 1.1)
+      varia_model (~> 0.4.0)
+    rspec (3.2.0)
+      rspec-core (~> 3.2.0)
+      rspec-expectations (~> 3.2.0)
+      rspec-mocks (~> 3.2.0)
+    rspec-core (3.2.2)
+      rspec-support (~> 3.2.0)
+    rspec-expectations (3.2.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.2.0)
+    rspec-its (1.2.0)
+      rspec-core (>= 3.0.0)
+      rspec-expectations (>= 3.0.0)
+    rspec-mocks (3.2.1)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.2.0)
+    rspec-support (3.2.2)
+    rspec_junit_formatter (0.2.3)
+      builder (< 4)
+      rspec-core (>= 2, < 4, != 2.12.0)
+    sawyer (0.7.0)
+      addressable (>= 2.3.5, < 2.5)
+      faraday (~> 0.8, < 0.10)
+    semverse (1.2.1)
+    serverspec (2.33.0)
+      multi_json
+      rspec (~> 3.0)
+      rspec-its
+      specinfra (~> 2.53)
+    sfl (2.2)
+    slop (3.6.0)
+    solve (2.0.3)
+      molinillo (~> 0.4.2)
+      semverse (~> 1.1)
+    specinfra (2.57.1)
+      net-scp
+      net-ssh (>= 2.7, < 4.0)
+      net-telnet
+      sfl
+    syslog-logger (1.6.8)
+    systemu (2.6.5)
+    thor (0.19.1)
+    timers (4.0.4)
+      hitimes
+    uuidtools (2.1.5)
+    varia_model (0.4.1)
+      buff-extensions (~> 1.0)
+      hashie (>= 2.0.2, < 4.0.0)
+    wmi-lite (1.0.0)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler
+  pd_sync!
+  pry
+  rake
+  rspec
+
+BUNDLED WITH
+   1.11.2

data/Rakefile

@@ -0,0 +1,6 @@
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new(:spec)
+
+task default: [:spec]

data/lib/chef/knife/pd_sync.rb

@@ -0,0 +1,198 @@
+#
+# Author:: Tim Heckman (<ops@pagerduty.com>)
+# Copyright:: Copyright (c) 2016 PagerDuty, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'berkshelf'
+require 'chef/knife'
+
+class Chef
+  class Knife
+    class PdSync < Knife
+
+      attr_reader :altered_cookbooks
+
+      banner 'knife pd sync [--restore --why-run]'
+
+      deps do
+        require 'uri'
+        require 'socket'
+        require 'timeout'
+        require 'chef/cookbook_version'
+        require 'chef/data_bag_item'
+        require 'chef/data_bag'
+        require 'chef/knife/cookbook_bulk_delete'
+        require 'chef/knife/data_bag_create'
+        require 'chef/knife/data_bag_delete'
+        require 'chef/knife/data_bag_from_file'
+        require 'chef/knife/environment_from_file'
+        require 'chef/knife/role_from_file'
+        require 'chef/knife/cookbook_upload'
+        require 'berkshelf'
+        require 'berkshelf/berksfile'
+        require 'mixlib/shellout'
+
+        require 'pagerduty/chef_server/synclock'
+        require 'pagerduty/chef_server/sync'
+
+        Chef::Knife::CookbookUpload.load_deps
+        Chef::Knife::CookbookBulkDelete.load_deps
+        Chef::Knife::DataBagCreate.load_deps
+        Chef::Knife::DataBagDelete.load_deps
+        Chef::Knife::DataBagFromFile.load_deps
+        Chef::Knife::EnvironmentFromFile.load_deps
+        Chef::Knife::RoleFromFile.load_deps
+      end
+
+      option :restore,
+        short:        '-r',
+        long:         '--restore',
+        description:  'Upload all cookbooks regardless of whether checksums have changed',
+        boolean:      true,
+        default:      false
+
+      option :why_run,
+        short:        '-W',
+        long:         '--why-run',
+        description:  'Show what operations will be made, without actually performing them (does not work with --restore)',
+        boolean:      true,
+        default:      false
+
+      def run
+        @altered_cookbooks = nil
+        if config[:restore]
+          ui.warn 'pd sync will delete and reupload all cookbooks!'
+          plugin = Chef::Knife::CookbookBulkDelete.new
+          plugin.name_args = Array('.')
+          plugin.config[:yes] = true
+          plugin.config[:purge] = true
+          converge_by "delete all existing cookbooks" do
+            plugin.run
+          end
+        end
+        lockfile = '/tmp/restore_chef.lock'
+        user = Chef::Config[:node_name] || 'unknown'
+        converge_by 'perform pre-syn checks' do
+          preflight_checks
+        end
+        lock = PagerDuty::ChefServer::SyncLock.new(
+            lockfile, chef_server, localhost, user, local_branch
+          )
+        converge_by 'acquire lock' do
+          lock.lock
+        end
+        sync = PagerDuty::ChefServer::Sync.new(
+          vendor_dir: vendor_dir,
+          why_run: config[:why_run]
+          )
+        begin
+          @altered_cookbooks = sync.run
+          update_commit
+        rescue StandardError => e
+          ui.warn(e.message)
+          ui.warn(e.backtrace)
+        ensure
+          converge_by 'release lock' do
+            lock.unlock
+          end
+        end
+      end
+
+      def preflight_checks
+        vdir = File.join(Dir.pwd, 'vendor')
+        if vendor_dir != vdir
+          ui.confirm("vendor directory (#{vendor_dir}) is different than standard one(#{vdir}), continue?")
+        end
+        if local_branch != 'master'
+          ui.confirm("You are deploying a non-master branch(#{local_branch}), continue?")
+        end
+        check_commit
+      end
+
+      def check_commit
+        if origin_commit.nil?
+          ui.confirm('failed to determine the origin/master. sync anyway?')
+        elsif local_branch == 'master' && local_commit != origin_commit
+          ui.confirm('local master branch is different than origin, sync anyway?')
+        end
+      end
+
+      def vendor_dir
+        Chef::Config[:cookbook_path].first
+      end
+
+      def local_branch
+        %x(git symbolic-ref --short HEAD).strip! || 'unknown'
+      end
+
+      def chef_server
+        URI(Chef::Config[:chef_server_url]).host
+      end
+
+      def origin_commit
+        @origin_commit||= begin
+          Timeout::timeout(5) do
+            commit = Mixlib::ShellOut.new("git ls-remote origin master | awk '{ print $1 }'")
+            commit.run_command
+            commit.exitstatus == 0 ? commit.stdout.strip : nil
+          end
+        rescue Timeout::Error
+          nil
+        end
+      end
+
+      def local_commit
+        @local_commit ||= %x(git rev-parse master).strip! || 'unknown'
+      end
+
+      def localhost
+        @localhost ||= Socket.gethostname
+      end
+
+      def converge_by(msg)
+        if config[:why_run]
+          ui.info('Will '+msg)
+        else
+          yield if block_given?
+        end
+      end
+
+      def update_commit
+        ui.info("updating commit from #{origin_commit} => #{local_commit}")
+        file = Tempfile.new(['restorechef', '.json'])
+
+        unless Chef::DataBag.list.keys.include?('metadata')
+          plugin = Chef::Knife::DataBagCreate.new
+          plugin.name_args = Array('metadata')
+          converge_by 'create data bag metadata' do
+            plugin.run
+          end
+        end
+        begin
+          file.write(JSON.dump({ id: 'commit', commit: local_commit }))
+          file.flush
+          dbag = Chef::Knife::DataBagFromFile.new
+          dbag.name_args = ['metadata', file.path]
+          converge_by 'update commit' do
+            dbag.run
+          end
+        ensure
+          file.close
+          file.unlink
+        end
+      end
+    end
+  end
+end

data/lib/pagerduty/chef_server/sync.rb

@@ -0,0 +1,208 @@
+#
+# Author:: Tim Heckman (<ops@pagerduty.com>)
+# Copyright:: Copyright (c) 2016 PagerDuty, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'pagerduty/chef_server/sync_helper'
+
+module PagerDuty
+  module ChefServer
+    # rubocop:disable Metrics/ClassLength
+    class Sync
+
+      # require_relative 'sync_helper'
+      include PagerDuty::ChefServer::SyncHelper
+
+      attr_reader :ui, :why_run, :cookbook_dir, :ignore_patterns
+
+      def initialize(opts={})
+        require 'tempfile'
+        require 'json'
+        require 'mixlib/shellout'
+        require 'chef/cookbook_version'
+        require 'chef/data_bag_item'
+        require 'chef/data_bag'
+        require 'berkshelf'
+        require 'berkshelf/berksfile'
+        @cookbook_dir =  opts[:vendor_dir]
+        @why_run = opts[:why_run]
+        @ui = opts[:ui] || Chef::Knife.ui
+        if File.exist?(ignore_file)
+          @ignore_patterns = File.read(ignore_file).lines.map{|l| File.join(chef_repo_dir, l).strip}
+        else
+          ui.info('.pd-ignore absent, nothing will be ignored')
+          @ignore_patterns = false
+        end
+      end
+
+      def run
+        berkshelf_install
+        sync_cookbooks
+        upload_databags
+        upload_environments
+        upload_roles
+      end
+
+      def sync_cookbooks
+        altered_cookbooks = Hash.new{|h, k| h[k] = []}
+
+        if remote_cookbooks.empty?
+          upload_all_cookbooks
+        else
+          unless new_cookbooks.empty?
+            upload_cookbooks(new_cookbooks)
+            altered_cookbooks[:added] = new_cookbooks
+          end
+          stale_cookbooks.each do |cb|
+            delete_cookbook(cb)
+            altered_cookbooks[:deleted] << cb
+          end
+          updated_cookbooks.each do |cb|
+            replace_cookbook(cb)
+            altered_cookbooks[:updated] << cb
+          end
+        end
+      end
+
+      def berkshelf_install
+        path = File.expand_path(File.join(chef_repo_dir, 'Berksfile'))
+        ui.info(ui.color("using Berksfile: #{path} for berkshelf install", :yellow))
+        berksfile = Berkshelf::Berksfile.from_file(path, { except: 'tests' } )
+        FileUtils.rm_rf(cookbook_dir)
+        berksfile.vendor(cookbook_dir)
+      end
+
+      def local_cookbooks
+        local_checksums.keys.sort
+      end
+
+      def remote_cookbooks
+        @remote_cookbooks ||= Chef::CookbookVersion.list.keys.sort
+      end
+
+      def remote_commit
+        @remote_commit ||= begin
+          if Chef::DataBag.list.keys.include?('metadata')
+            Chef::DataBagItem.load('metadata', 'commit').raw_data['commit']
+          else
+            {}
+          end
+        end
+      end
+
+      def cookbook_segments
+        Chef::CookbookVersion::COOKBOOK_SEGMENTS
+      end
+
+      def remote_checksums
+        @remote_checksums ||= begin
+          c = {}
+          remote_cookbooks.each do |cb|
+            c[cb] = {}
+            cbm = Chef::CookbookVersion.load(cb).manifest
+            cookbook_segments.each do |m|
+              cbm_sort = cbm[m].sort { |x, y| x['name'] <=> y['name'] }
+              cbm_sort = cbm_sort.sort { |x, y| x['checksum'] <=> y['checksum'] }
+              cbm_sort.each do |file|
+                file.delete(:url)
+                file.delete(:path)
+                file.delete(:specificity)
+              end
+              c[cb][m] = cbm_sort
+            end
+          end
+          c
+        end
+      end
+
+      def local_checksums
+        @local_checksums ||= begin
+          c = {}
+          cbl = Chef::CookbookLoader.new(Array(cookbook_dir))
+          cbl.load_cookbooks
+          cbl_sort = cbl.values.map(&:name).map(&:to_s).sort
+
+          cbl_sort.each do |cb|
+            print "#{cb} => "
+            c[cb] = {}
+            cookbook_segments.each do |m|
+              cbm_sort = cbl[cb].manifest[m].sort { |x, y| x['name'] <=> y['name'] }
+              cbm_sort = cbm_sort.sort { |x, y| x['checksum'] <=> y['checksum'] }
+              cbm_sort.each do |file|
+                file.delete(:path)
+                file.delete(:specificity)
+              end
+              c[cb][m] = cbm_sort
+            end
+            diff = diff(c[cb], remote_checksums[cb])
+            if diff.empty?
+              ui.info(ui.color( 'match', :green))
+            else
+              ui.info(ui.color( 'mismatch', :yellow))
+              ui.output(diff(c[cb], remote_checksums[cb]))
+            end
+            sleep 0.1 # was printing too fast to be useful :(
+          end
+          c
+        end
+      end
+
+      def diff(mf1, mf2)
+        diffs = Hash.new{|h, k| h[k]= []}
+        mf2 = {} if mf2.nil?
+        mf1 = {} if mf1.nil?
+        segments = (mf1.keys + mf2.keys).sort.uniq
+        different_parts = segments.select{|segment| mf1[segment]!= mf2[segment]}
+        different_parts.each do |segment|
+          files = (Array(mf1[segment]) + Array(mf2[segment])).map{|f| f['name']}.uniq
+          files.each do |file|
+            f1 = Array(mf1[segment]).detect{|f|f['name'] == file} || {}
+            f2 = Array(mf2[segment]).detect{|f|f['name'] == file} || {}
+            unless f1['checksum'] == f2['checksum']
+              diffs[segment] << file #unless file =~ /metadata\.(rb|json)/
+            end
+          end
+        end
+        diffs
+      end
+
+      def different_cookbook?(cb)
+        !diff(local_checksums[cb], remote_checksums[cb]).empty?
+      end
+
+      def new_cookbooks
+        local_cookbooks - remote_cookbooks
+      end
+
+      def stale_cookbooks
+        remote_cookbooks - local_cookbooks
+      end
+
+      def updated_cookbooks
+        (local_cookbooks & remote_cookbooks).select do |cb|
+          different_cookbook?(cb)
+        end
+      end
+
+      def replace_cookbook(cb)
+        converge_by "Replace cookbook #{cb}" do
+          delete_cookbook(cb)
+          upload_cookbook(cb)
+        end
+      end
+    end
+    # rubocop:enable Metrics/ClassLength
+  end
+end

data/lib/pagerduty/chef_server/sync_helper.rb

@@ -0,0 +1,163 @@
+#
+# Author:: Tim Heckman (<ops@pagerduty.com>)
+# Copyright:: Copyright (c) 2016 PagerDuty, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+module PagerDuty
+  module ChefServer
+    module SyncHelper
+
+      def ignored?(path)
+        ignore_patterns && ignore_patterns.any?{|pattern| File.fnmatch?(pattern, path)}
+      end
+
+      def converge_by(msg)
+        if why_run
+          ui.info(ui.color("Would ", :cyan)+ msg)
+        else
+          yield
+        end
+      end
+
+      def chef_repo_dir
+        File.expand_path('..', cookbook_dir)
+      end
+
+      def role_dir
+        File.join(chef_repo_dir, 'roles')
+      end
+
+      def databag_dir
+        File.join(chef_repo_dir, 'data_bags')
+      end
+
+      def environment_dir
+        File.join(chef_repo_dir, 'environments')
+      end
+
+
+      def data_bag_from_file(name, path)
+        converge_by "Create data bag #{name} from #{path}" do
+          knife Chef::Knife::DataBagFromFile, name, path
+        end
+      end
+
+      def upload_environments
+        Dir[environment_dir+'/*'].reject{|f| File.directory?(f)}.each do |path|
+          converge_by "Create environment from #{path}" do
+            knife Chef::Knife::EnvironmentFromFile, path
+          end
+        end
+      end
+
+      def upload_roles
+        Dir[role_dir+'/*'].each do |path|
+          converge_by "Create role from #{path}" do
+            knife Chef::Knife::RoleFromFile, path
+          end
+        end
+      end
+
+      def upload_all_cookbooks
+        converge_by 'Upload all cookbooks' do
+          knife(Chef::Knife::CookbookUpload) do |config|
+            config[:all] = true
+            config[:cookbook_path] = cookbook_dir
+          end
+        end
+      end
+
+      def upload_cookbook(cb)
+        converge_by "Upload cookbook #{cb}" do
+          knife(Chef::Knife::CookbookUpload, cb) do |config|
+            config[:cookbook_path] = cookbook_dir
+            config[:depends] = false
+          end
+        end
+      end
+
+      def upload_cookbooks(cbcb)
+        sorted_cookbooks = cbcb.sort # definite order + nice printout for why_run
+        converge_by "Upload cookbooks #{sorted_cookbooks.join(', ')}" do
+          knife Chef::Knife::CookbookUpload, *sorted_cookbooks do |config|
+            config[:cookbook_path] = cookbook_dir
+            config[:depends] = false
+          end
+        end
+      end
+
+      def delete_cookbook(cb)
+        converge_by "Delete cookbook #{cb}" do
+          knife Chef::Knife::CookbookDelete, cb do |config|
+            config[:yes] = true
+            config[:all] = true
+          end
+        end
+      end
+
+      def upload_databags
+        ui.info(ui.color('updating data bags in batch mode', :yellow))
+        existing_databags = Chef::DataBag.list.keys
+        Dir[databag_dir+'/*'].each do |db_path|
+          if ignored?(db_path)
+            ui.info(ui.color("Ignored:", :magenta) + db_path)
+            next
+          end
+          db_name = File.basename(db_path)
+          unless existing_databags.include?(db_name)
+            create_databag(db_name)
+          end
+          Dir[db_path+'/*'].each do |path|
+            unless ignored?(path)
+              data_bag_from_file(File.basename(db_path), path)
+            end
+          end
+        end
+      end
+
+      def create_databag(data_bag_name)
+        converge_by "Create data bag #{data_bag_name}" do
+          knife Chef::Knife::DataBagCreate, data_bag_name
+        end
+      end
+
+      def data_bag_from_hash(databag_name, data)
+        tmp = Tempfile.new(['restorechef', '.json'])
+        begin
+          tmp.write(JSON.dump(data))
+          tmp.close
+          converge_by "create data bag #{databag_name}" do
+            data_bag_from_file(databag_name, tmp.path)
+          end
+        ensure
+          tmp.unlink
+        end
+      end
+
+      def knife(klass, *name_args)
+        klass.load_deps
+        plugin = klass.new
+        yield plugin.config if Kernel.block_given?
+        plugin.name_args = name_args
+        plugin.run
+      end
+
+      def ignore_file
+        File.join(chef_repo_dir, '.pd-ignore')
+      end
+    end
+  end
+end
+

data/lib/pagerduty/chef_server/synclock.rb

@@ -0,0 +1,111 @@
+#
+# Author:: Tim Heckman (<ops@pagerduty.com>)
+# Copyright:: Copyright (c) 2016 PagerDuty, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'fileutils'
+require 'chef/knife'
+
+module PagerDuty
+  module ChefServer
+    class LockUnavailable < IOError; end
+    class ChefCronRunning < StandardError; end
+
+    class SyncLock
+      def initialize(lockfile, server_hostname, local_hostname, user, branch, force_lock = false)
+        @lockfile = lockfile
+        @server_hostname = server_hostname.include?('.') ? server_hostname.split('.')[0] : server_hostname
+        @local_hostname = local_hostname
+        @user = user
+        @branch = branch
+        @opts = parse_opts({ announce: true, lock: true, force: force_lock })
+      end
+
+      # get lock
+      def lock(time = Time.now)
+        verify_lockable
+
+        @f_lock = procure_lock if @opts[:lock] || @opts[:force]
+      end
+
+      # remove lock
+      def unlock
+        if @opts[:lock]
+          Chef::Knife.ui.info 'removing lockfile'
+          @f_lock.flock(File::LOCK_UN)
+          @f_lock.close
+          FileUtils.rm(@f_lock.path)
+        end
+      end
+
+      private
+
+      def verify_lockable
+        unless local_chef_server? && @opts[:force]
+          @opts[:lock] = false
+          Chef::Knife.ui.warn(
+            'Please be careful, this looks to be running on a system other than a chef server. '\
+              'As such, there will be *no* locking. Hold on to your butts...'
+          )
+          sleep 5
+        end
+      end
+
+      def parse_opts(options)
+        options[:announce] &&= false unless remote_chef_server?
+        options[:lock] &&= false unless local_chef_server?
+        options
+      end
+
+      def local_chef_server?
+        @local_hostname.include? 'chef'
+      end
+
+      def remote_chef_server?
+        @server_hostname.include? 'chef'
+      end
+
+      def procure_lock
+        Chef::Knife.ui.info 'trying to obtain exclusive lock...'
+
+        # create a file handle for the lockfile -- create if it doesn't exist and
+        # make it read/write
+        lf = File.open(@lockfile, File::CREAT|File::RDWR, 0644)
+
+        unless lf.flock(File::LOCK_NB|File::LOCK_EX)
+          # if we fail to obtain the lock figure out who has lock and for
+          # how long so we can display that information
+          ld = JSON.parse(lf.read.strip)
+          msg = if (ld['user'].strip == @user)
+                  "according to lockfile you've had lock for" \
+                  " #{Time.now.to_i - ld['ts']} second(s)."
+                else
+                  "unable to get exclusive lock, currently held by" \
+                  " #{ld['user']} for #{Time.now.to_i - ld['ts']} second(s)" \
+                end
+          # close the file handle
+          lf.close
+          Chef::Knife.ui.fatal msg
+          raise LockUnavailable, msg
+        end
+        # we could get lock, so write our information to the file
+        lf.write(JSON.dump({ user: @user, ts: Time.now.to_i }))
+        lf.flush
+        Chef::Knife.ui.info 'lock obtained'
+        lf
+      end
+    end
+  end
+end

data/pagerduty-pd_sync.gemspec

@@ -0,0 +1,26 @@
+# coding: utf-8
+Gem::Specification.new do |spec|
+  spec.name          = 'pagerduty-pd_sync'
+  spec.version       = '0.1.1'
+  spec.authors       = ['Tim Heckman']
+  spec.email         = ['ops+pd_sync@pagerduty.com']
+  spec.licenses      = ['Apache 2.0']
+
+  spec.summary       = 'A knife plugin to support the PagerDuty Chef workflow'
+  spec.description   = 'A knife plugin to support the PagerDuty Chef workflow'
+  spec.homepage      = 'https://github.com/PagerDuty/pd-sync-chef'
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.require_paths = ['lib']
+
+  spec.required_ruby_version = '>= 2.1.4'
+
+  spec.add_runtime_dependency 'chef', '~> 12'
+  spec.add_runtime_dependency 'berkshelf', '~> 0'
+  spec.add_runtime_dependency 'json', '~> 0'
+
+  spec.add_development_dependency 'bundler', '~> 0'
+  spec.add_development_dependency 'pry', '~> 0'
+  spec.add_development_dependency 'rake', '~> 0'
+  spec.add_development_dependency 'rspec', '~> 0'
+end

metadata

@@ -0,0 +1,151 @@
+--- !ruby/object:Gem::Specification
+name: pagerduty-pd_sync
+version: !ruby/object:Gem::Version
+  version: 0.1.1
+platform: ruby
+authors:
+- Tim Heckman
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2016-04-29 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: chef
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12'
+- !ruby/object:Gem::Dependency
+  name: berkshelf
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: json
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+description: A knife plugin to support the PagerDuty Chef workflow
+email:
+- ops+pd_sync@pagerduty.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- Gemfile.lock
+- Rakefile
+- lib/chef/knife/pd_sync.rb
+- lib/pagerduty/chef_server/sync.rb
+- lib/pagerduty/chef_server/sync_helper.rb
+- lib/pagerduty/chef_server/synclock.rb
+- pagerduty-pd_sync.gemspec
+homepage: https://github.com/PagerDuty/pd-sync-chef
+licenses:
+- Apache 2.0
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.1.4
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: A knife plugin to support the PagerDuty Chef workflow
+test_files: []