puppet-rest 0.0.3

checksums.yaml

@@ -0,0 +1,15 @@
+---
+!binary "U0hBMQ==":
+  metadata.gz: !binary |-
+    NTFlMDU2MmFhMzE0ZmQxMjk4Y2YyNGMxNjExZmIyNmNlMzhkNWYxMw==
+  data.tar.gz: !binary |-
+    YzNmOTVkZTVjY2I1MTM2MzdjNGE4ZmY4MGNlNjk5ODM0MTAyYWQzYQ==
+SHA512:
+  metadata.gz: !binary |-
+    MmI1ZDkwNzNhOTMwZTc1NjVkMTgwMzE2N2IxNDJmZjdhZmRjNGFkNzlmZmU1
+    NjQ4MjUzMzVjNzg5NjUxMjk1MWEyYTJlYzQzYmY0NTE2MDc2OThmODU0MzAy
+    ZWNmMzY0Yjc5MmYxMDIwMGE2MzZmNDA4YTVlN2JmZjkxMjFmMTA=
+  data.tar.gz: !binary |-
+    OGUwYzc5OWYxMzhkYzg1MmU5MDYwZjkzZDU3YzQxZGZiNWUzZDQ3NDgxMmY2
+    Y2UzMjhlZWI0OGM4NjE3NGNmYjEwYWNiYTFjNTUxMzBmZWM1NTJmYjM1MmQ3
+    NzE0MGNkOWY4ZTk4ZGE0OGY3ZjE1ZDgxMDVhNGRjNjNlM2M4YjU=

data/.gitignore

@@ -0,0 +1,7 @@
+.bundle
+vendor/
+bin/
+*.log
+spec/internal/log
+.ruby*
+.rspec

data/.pryrc

@@ -0,0 +1,58 @@
+require 'listen'
+
+listener = Listen.to('./lib', only: /\.rb$/) do |modified, added, removed|
+  modified.each do |m|
+    puts "[modified] [code] Reloading: #{m} - #{load(m)}"
+  end
+  added.each do |a|
+    puts "[added] [code] Loading: #{a} - #{load(a)}"
+  end
+  puts "[removed] #{removed}" unless removed.empty?
+end
+
+listener.start # not blocking
+#listener.only /\.(rb|yml)$/
+
+require 'rake'
+
+load 'Rakefile'
+
+cert_folder = File.dirname(__FILE__) + '/spec/certificates/'
+$key     = OpenSSL::PKey::RSA.new(IO.binread(cert_folder + 'pk.pem'))
+$cert    = OpenSSL::X509::Certificate.new(IO.binread(cert_folder + 'cert.pem'))
+$ca_cert = cert_folder + 'ca.pem'
+
+def get_pe_api
+  PuppetRestClient::PE::Connection.new(
+    :server_url => 'https://learning.puppetlabs.vm:8140',
+    :connection_options => {
+      :request => {
+        :open_timeout => 30
+      },
+      :ssl => {
+        :client_key  => $key,
+        :client_cert => $cert,
+        :ca_file     => $ca_cert,
+        :verify      => true,
+        #Additional options: vendor/jruby/1.9/gems/faraday-0.8.8/lib/faraday/adapter/net_http.rb
+      }
+    }
+  )
+end
+
+def get_db_api
+  PuppetRestClient::DB::Connection.new(
+    :server_url => 'https://learning.puppetlabs.vm:8081',
+    :connection_options => {
+      :request => {
+        :open_timeout => 30
+      },
+      :ssl => {
+        :client_key  => $key,
+        :client_cert => $cert,
+        :ca_file     => $ca_cert,
+        :verify      => true
+      }
+    }
+  )
+end

data/Gemfile

@@ -0,0 +1,10 @@
+source 'http://rubygems.org'
+
+gemspec
+
+group :test, :development do
+  gem 'pry'
+  gem 'listen'
+  gem 'shoulda'
+  gem 'shoulda-matchers'
+end

data/Gemfile.lock

@@ -0,0 +1,73 @@
+PATH
+  remote: .
+  specs:
+    puppet-rest (0.0.3)
+      faraday (~> 0.8.8)
+      multi_json
+
+GEM
+  remote: http://rubygems.org/
+  specs:
+    activesupport (4.2.4)
+      i18n (~> 0.7)
+      json (~> 1.7, >= 1.7.7)
+      minitest (~> 5.1)
+      thread_safe (~> 0.3, >= 0.3.4)
+      tzinfo (~> 1.1)
+    coderay (1.1.0)
+    diff-lcs (1.2.5)
+    faraday (0.8.11)
+      multipart-post (~> 1.2.0)
+    ffi (1.9.10)
+    i18n (0.7.0)
+    json (1.8.3)
+    listen (3.0.3)
+      rb-fsevent (>= 0.9.3)
+      rb-inotify (>= 0.9)
+    method_source (0.8.2)
+    minitest (5.8.1)
+    multi_json (1.11.2)
+    multipart-post (1.2.0)
+    pry (0.10.3)
+      coderay (~> 1.1.0)
+      method_source (~> 0.8.1)
+      slop (~> 3.4)
+    rake (10.4.2)
+    rb-fsevent (0.9.6)
+    rb-inotify (0.9.5)
+      ffi (>= 0.5.0)
+    rspec (3.3.0)
+      rspec-core (~> 3.3.0)
+      rspec-expectations (~> 3.3.0)
+      rspec-mocks (~> 3.3.0)
+    rspec-core (3.3.2)
+      rspec-support (~> 3.3.0)
+    rspec-expectations (3.3.1)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.3.0)
+    rspec-mocks (3.3.2)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.3.0)
+    rspec-support (3.3.0)
+    shoulda (3.5.0)
+      shoulda-context (~> 1.0, >= 1.0.1)
+      shoulda-matchers (>= 1.4.1, < 3.0)
+    shoulda-context (1.2.1)
+    shoulda-matchers (2.8.0)
+      activesupport (>= 3.0.0)
+    slop (3.6.0)
+    thread_safe (0.3.5)
+    tzinfo (1.2.2)
+      thread_safe (~> 0.1)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  listen
+  pry
+  puppet-rest!
+  rake
+  rspec
+  shoulda
+  shoulda-matchers

data/LICENSE.txt

@@ -0,0 +1,20 @@
+Copyright (c) 2013 CloudHealth Tech
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,81 @@
+Puppet Ruby REST Client
+========
+
+Interact with Puppet and PuppetDB through their REST Apis
+
+Certificates
+---------
+
+* On Puppet Master: `sudo puppet cert --generate learning.puppetlabs.vm`
+* Copy the 3 files to a remote computer:
+    * /etc/puppetlabs/puppet/ssl/private_keys/learning.puppetlabs.vm.pem
+    * /etc/puppetlabs/puppet/ssl/certs/learning.puppetlabs.vm.pem
+    * /etc/puppetlabs/puppet/ssl/certs/ca.pem
+* Test 2015.02+
+    * Puppet Enterprise
+        * `curl -X GET --cacert ca.pem --cert learning.puppetlabs.vm.cert.pem --key learning.puppetlabs.vm.priv-key.pem -H 'Accept: pson' 'https://learning.puppetlabs.vm:8140/puppet/v3/node/learning.puppetlabs.vm?environment=production'`
+    * PuppetDB
+        * `curl -X GET -H 'Accept: application/json' --cacert ca.pem --cert learning.puppetlabs.vm.cert.pem --key learning.puppetlabs.vm.priv-key.pem 'https://learning.puppetlabs.vm:8081/pdb/query/v4/facts'`
+* Test Legacy
+    * Puppet Enterprise
+        * `curl -X GET --cacert ca.pem --cert learning.puppetlabs.vm.cert.pem --key learning.puppetlabs.vm.priv-key.pem 'https://learning.puppetlabs.vm:8140/v2/catalogs/learning.puppetlabs.vm'`
+    * PuppetDB
+        * `curl -X GET --cacert ca.pem --cert learning.puppetlabs.vm.cert.pem --key learning.puppetlabs.vm.priv-key.pem 'https://learning.puppetlabs.vm:8081/v2/facts'`
+
+Configure PuppetDB
+--------
+
+* Change PuppetDB Listen Directive
+    * If puppet is not managing puppetdb:
+        * Reference: http://docs.puppetlabs.com/puppetdb/1.3/configure.html#host
+        * Edit /etc/puppetlabs/puppetdb/conf.d/jetty.ini to listen on 0.0.0.0
+        * /etc/init.d/pe-puppetdb restart
+    * Otherwise, change through the puppet portal
+        * Add `listen_host` to `pe_puppetdb` class with value of `0.0.0.0`
+        * Force a puppet run to change in /etc/puppetlabs/puppetdb/conf.d/jetty.ini
+* If PuppetDB is using its own certs, and not the Puppet Master's:
+    * sudo /opt/puppet/sbin/puppetdb-ssl-setup -f
+    * sudo /etc/init.d/pe-puppetdb restart
+    * (Wait a few min for it to actually restart)
+* Make sure your ec2 security groups have 8081 open between your internal instances 
+
+Configure Puppet Master
+--------
+
+* Edit /etc/puppetlabs/puppet/auth.conf, and change:
+
+```
+path ~ ^/catalog/([^/]+)$
+method find
+auth yes
+allow $1
+```
+
+to
+
+<pre>
+path ~ ^/catalog/([^/]+)$
+method find
+auth yes
+allow $1<b>, aggregator</b>
+</pre>
+
+Useful Links
+---------
+
+* http://docs.puppetlabs.com/puppetdb/latest/install_from_source.html
+* http://docs.puppetlabs.com/puppetdb/latest/configure.html#certificate-whitelist
+* http://docs.puppetlabs.com/puppetdb/1.5/api/query/curl.html
+* http://docs.puppetlabs.com/guides/inventory_service.html
+
+About
+---------
+
+puppet-rest was inspired by [spice](https://github.com/danryan/spice) and follows its framework.
+
+Copyright
+---------
+
+Copyright (c) 2013 CloudHealth Tech. See LICENSE.txt for further details.
+
+Puppet, PuppetDB and related trademarks are Copyright (c) 2005-2013 Puppet Labs Inc. Puppet and PuppetDB are released under the Apache 2.0 license.

data/Rakefile

@@ -0,0 +1,3 @@
+#!/usr/bin/env rake
+
+require_relative 'lib/puppet-rest'

data/lib/puppet-rest.rb

@@ -0,0 +1,43 @@
+require 'faraday'
+require 'multi_json'
+
+module PuppetRestClient
+  module PE; end
+  module DB; end
+end
+
+require_relative 'puppet-rest/monkey_patches/mash'
+require_relative 'puppet-rest/monkey_patches/hash'
+require_relative 'puppet-rest/monkey_patches/array'
+require_relative 'puppet-rest/monkey_patches/enumerable'
+
+require_relative 'puppet-rest/version'
+require_relative 'puppet-rest/error'
+
+require_relative 'puppet-rest/identity_map'
+require_relative 'puppet-rest/response/client_error'
+require_relative 'puppet-rest/response/parse_json'
+
+require_relative 'puppet-rest/pe/config'
+require_relative 'puppet-rest/pe/request'
+require_relative 'puppet-rest/pe/entities/base'
+require_relative 'puppet-rest/pe/entities/node'
+require_relative 'puppet-rest/pe/entities/catalog'
+require_relative 'puppet-rest/pe/connection/node'
+require_relative 'puppet-rest/pe/connection/catalog'
+require_relative 'puppet-rest/pe/connection/ca_cert'
+require_relative 'puppet-rest/pe/connection'
+require_relative 'puppet-rest/pe/client'
+
+require_relative 'puppet-rest/db/config'
+require_relative 'puppet-rest/db/entities/base'
+require_relative 'puppet-rest/db/entities/node'
+require_relative 'puppet-rest/db/entities/fact'
+require_relative 'puppet-rest/db/entities/resource'
+require_relative 'puppet-rest/db/request'
+require_relative 'puppet-rest/db/connection/nodes'
+require_relative 'puppet-rest/db/connection/fact-names'
+require_relative 'puppet-rest/db/connection/facts'
+require_relative 'puppet-rest/db/connection/resources'
+require_relative 'puppet-rest/db/connection'
+require_relative 'puppet-rest/db/client'

data/lib/puppet-rest/db/client.rb

@@ -0,0 +1,42 @@
+module PuppetRestClient::DB
+  extend PuppetRestClient::DB::Config
+
+  class << self
+    # Convenience alias for PuppetRestClient::DB::Connection.new
+    #
+    # return [PuppetRestClient::DB::Connection]
+    def new(options=Mash.new)
+      PuppetRestClient::DB::Connection.new(options)
+    end
+
+    # Delegate methods to PuppetRestClient::Connection
+    def method_missing(method, *args, &block)
+      return super unless new.respond_to?(method)
+      new.send(method, *args, &block)
+    end
+
+    def respond_to?(method, include_private=false)
+      new.respond_to?(method, include_private) || super(method, include_private)
+    end
+
+    def read_key_file(path)
+      key_file_path = File.expand_path(path)
+
+      begin
+        raw_key = File.read(key_file_path).strip
+      rescue SystemCallError, IOError => e
+        raise IOError, "Unable to read #{key_file_path}"
+      end
+
+      begin_rsa = '-----BEGIN RSA PRIVATE KEY-----'
+      end_rsa   = '-----END RSA PRIVATE KEY-----'
+
+      unless (raw_key =~ /\A#{begin_rsa}$/) && (raw_key =~ /^#{end_rsa}\Z/)
+        msg = "The file #{key_file_path} is not a properly formatted private key.\n"
+        msg << "It must contain '#{begin_rsa}' and '#{end_rsa}'"
+        raise ArgumentError, msg
+      end
+      return OpenSSL::PKey::RSA.new(raw_key)
+    end
+  end
+end

data/lib/puppet-rest/db/config.rb

@@ -0,0 +1,83 @@
+module PuppetRestClient::DB
+  module Config
+
+    # The default Chef server URL
+    DEFAULT_SERVER_URL = 'http://localhost:8080'
+
+    # The default Spice User-Agent header
+    DEFAULT_USER_AGENT = "PuppetRestClient #{PuppetRestClient::VERSION}"
+
+    # Default connection options
+    DEFAULT_CONNECTION_OPTIONS = {}
+
+    # Default client name
+    DEFAULT_CLIENT_NAME = ''
+
+    # Default key file
+    DEFAULT_CLIENT_KEY = ''
+
+    # Default puppetdb rest api version (e.g. v1, v2, v3, pdb/query/v4)
+    DEFAULT_API_VERSION = 'v2'
+
+    # An array of valid config options
+    VALID_OPTIONS_KEYS = [
+      :server_url,
+      :api_version,
+      :client_name,
+      :client_key,
+      :user_agent,
+      :connection_options,
+      :middleware
+    ]
+
+    # Default middleware stack
+    DEFAULT_MIDDLEWARE = Proc.new do |builder|
+      builder.use PuppetRestClient::Response::ParseJSON
+      builder.use PuppetRestClient::Response::ClientError
+      builder.adapter Faraday.default_adapter
+    end
+
+    VALID_OPTIONS_KEYS.each do |key|
+      attr_accessor key
+    end
+
+    # Reset all config options to default when the module is extended
+    def self.extended(base)
+      base.reset
+    end # def self.extended
+
+    # Convenience method to configure PuppetRestClient in a block
+    # @example Configuring PuppetRestClient
+    #   PuppetRestClient.setup do |s|
+    #     s.server_url  = "http://puppetdb.example.com:8081"
+    #     s.client_name = "admin"
+    #     s.client_key    = PuppetRestClient.read_key_file("/path/to/key_file.pem")
+    #   end
+    # @yieldparam PuppetRestClient
+    # @yieldreturn PuppetRestClient
+    def setup
+      yield self
+      self
+    end
+
+    # Create an options hash from valid options keys
+    def options
+      options = {}
+      VALID_OPTIONS_KEYS.each{|k| options[k] = send(k)}
+      options
+    end
+
+    # Reset all config options to their defaults
+    def reset
+      self.user_agent         = DEFAULT_USER_AGENT
+      self.api_version        = DEFAULT_API_VERSION
+      self.server_url         = DEFAULT_SERVER_URL
+      self.client_name        = DEFAULT_CLIENT_NAME
+      self.client_key         = DEFAULT_CLIENT_KEY
+      self.connection_options = DEFAULT_CONNECTION_OPTIONS
+      self.middleware         = DEFAULT_MIDDLEWARE
+      self
+    end
+
+  end
+end