puppet_webhook 1.0.0 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4a2bedbab06ccd3b043abda7e4e3c4711f90bae1fcc6cc102c283c63c517f783
-  data.tar.gz: b609d99c486ef605836756939f1ff33ae40056b38641d13c2665b33ecbd56093
+  metadata.gz: d64ee6bf97a42a0899e97f9759b200ff433a9f7460255e3820d0acfd05431c4d
+  data.tar.gz: 0b7b8b681a2d5418258702c9b9eda6a147732b03290f8d1cf3c18954c41dcca6
 SHA512:
-  metadata.gz: 4cd5c13d66c1fef5b8eda9c5768e5ecc216cb24617cdd04ec07e0655213b543561074aec522790b394879e3906cd8835896d8bdf7abaffb265ade893cb2496ff
-  data.tar.gz: d3870a2daffca879005cac928fa0fbe46a4c65c7d3594fb12a8333d9394afc2fb5e181027e45a57dfea6505ceb92e1369587aefe4dc4abe49a3025a4fd9d988f
+  metadata.gz: 56449a908c94d905486f48b72da716461e690cce591f33d3945be234562141ca11c82ad61238f2644c6422804f32e9b18ade4908a0c294593a2a3c860f35f16b
+  data.tar.gz: df5e40c06d0b3bd199ab724907ce07e0897ffc0644b870a94577a979c1d857cbe4b687d2c71d99d9f8454d02374958a99a231523fd789dd6cb8146f6b191e1d0

data/CHANGELOG.md

@@ -4,6 +4,21 @@ All notable changes to this project will be documented in this file.
 Each new release typically also includes the latest modulesync defaults.
 These should not affect the functionality of the module.
 
+## [v1.1.0](https://github.com/voxpupuli/puppet_webhook/tree/v1.1.0) (2018-03-05)
+[Full Changelog](https://github.com/voxpupuli/puppet_webhook/compare/v1.0.0...v1.1.0)
+
+**Implemented enhancements:**
+
+- Allow github to send form-urlencoded payloads and bug fix in webrick\_opts [\#45](https://github.com/voxpupuli/puppet_webhook/pull/45) ([williamberman](https://github.com/williamberman))
+
+**Closed issues:**
+
+- Refactor binary to pass configuration values from file or CLI [\#27](https://github.com/voxpupuli/puppet_webhook/issues/27)
+
+**Merged pull requests:**
+
+- Replace all MCollective agent calls with the agent lib. [\#44](https://github.com/voxpupuli/puppet_webhook/pull/44) ([dhollinger](https://github.com/dhollinger))
+
 ## [v1.0.0](https://github.com/voxpupuli/puppet_webhook/tree/v1.0.0) (2017-12-21)
 [Full Changelog](https://github.com/voxpupuli/puppet_webhook/compare/v0.1.0...v1.0.0)
 
@@ -17,6 +32,7 @@ These should not affect the functionality of the module.
 
 **Merged pull requests:**
 
+- Release 1.0.0 [\#42](https://github.com/voxpupuli/puppet_webhook/pull/42) ([dhollinger](https://github.com/dhollinger))
 - Update config options and docs [\#41](https://github.com/voxpupuli/puppet_webhook/pull/41) ([dhollinger](https://github.com/dhollinger))
 - Fix payload gentypes [\#39](https://github.com/voxpupuli/puppet_webhook/pull/39) ([dhollinger](https://github.com/dhollinger))
 - Add simple config.ru file [\#38](https://github.com/voxpupuli/puppet_webhook/pull/38) ([dhollinger](https://github.com/dhollinger))
@@ -60,4 +76,4 @@ These should not affect the functionality of the module.
 
 
 
-\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*
+\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*

data/README.md

@@ -90,7 +90,7 @@ When using the default SystemD unit file or SysVInit service file, the server co
 
 ##### Options
 
-#####`server_type`
+##### `server_type`
 
 Determines if the Webrick server should run in Simple or Daemon mode.     
 * Valid options: [ `simple`, `daemon` ].      

data/bin/puppet_webhook

@@ -94,7 +94,6 @@ webrick_opts = {
   Port: options[:port],
   DocumentRoot: approot,
   ServerType: options[:server_type],
-  ServerSoftware: PuppetWebhook,
   StartCallBack: proc { File.open(options[:pidfile], 'w') { |f| f.write Process.pid } }
 }
 

data/config/app.yml

@@ -4,7 +4,7 @@ user: puppet
 pass: puppet
 
 # Mcollective
-client_cfg: "/var/lib/peadmin/.mcollective"
+client_cfg: "/etc/puppetlabs/mcollective/server.cfg"
 client_timeout: "120"
 use_mco_ruby: false
 use_mcollective: false

data/lib/helpers/deployments.rb

@@ -1,17 +1,26 @@
+require 'plugins/mcollective'
+
 module Deployments # rubocop:disable Style/Documentation
   def deploy(branch, deleted)
-    if settings.use_mco_ruby
-      result = mco(branch).first
-      raise result.results[:statusmsg] unless result.results[:statuscode].zero?
+    # Currently requires puppet_webhook to be run as a non-root
+    # user with access to running the MCollective client.
+    if settings.use_mcollective
+      results = PuppetWebhook::Mcollective.new('r10k',
+                                               'deploy',
+                                               {
+                                                 dtimeout: settings.discovery_timeout,
+                                                 timeout: settings.client_timeout
+                                               },
+                                               settings.client_cfg,
+                                               environment: branch).run
+      results.each do |result|
+        raise result.results[:statusmsg] unless result.results[:statuscode].zero?
+      end
+      raise results.stats[:noresponsefrom] unless result.stats[:noresponsefrom].length.zero?
 
       message = result.results[:statusmsg]
     else
-      command = if settings.use_mcollective
-                  "#{settings.command_prefix} mco r10k deploy #{branch} #{settings.mco_arguments}"
-                else
-                  # If you don't use mcollective then this hook needs to be running as r10k's user i.e. root
-                  "#{settings.command_prefix} r10k deploy environment #{branch} #{settings.r10k_deploy_arguments}"
-                end
+      command = "#{settings.command_prefix} r10k deploy environment #{branch} #{settings.r10k_deploy_arguments}"
       message = run_command(command)
     end
     status_message = { status: :success, message: message.to_s, branch: branch, status_code: 200 }
@@ -20,7 +29,7 @@ module Deployments # rubocop:disable Style/Documentation
       generate_types(branch) if types?
     end
     notify_slack(status_message) if slack?
-    status_message.to_json
+    [status_message[:status_code], status_message.to_json]
   rescue StandardError => e
     status_message = { status: :fail, message: e.message, trace: e.backtrace, branch: branch, status_code: 500 }
     LOGGER.error("message: #{e.message} trace: #{e.backtrace}")
@@ -30,12 +39,27 @@ module Deployments # rubocop:disable Style/Documentation
   end
 
   def deploy_module(module_name)
-    command = if settings.use_mcollective
-                "#{settings.command_prefix} mco r10k deploy_module #{module_name} #{settings.mco_arguments}"
-              else
-                "#{settings.command_prefix} r10k deploy module #{module_name}"
-              end
-    message = run_command(command)
+    # Currently requires puppet_webhook to be run as a non-root
+    # user with access to running the MCollective client.
+    if settings.use_mcollective
+      results = PuppetWebhook::Mcollective.new('r10k',
+                                               'deploy',
+                                               {
+                                                 dtimeout: settings.discovery_timeout,
+                                                 timeout: settings.client_timeout
+                                               },
+                                               settings.client_cfg,
+                                               module: module_name).run
+      results.each do |result|
+        raise result.results[:statusmsg] unless result.results[:statuscode].zero?
+      end
+      raise results.stats[:noresponsefrom] unless results.stats[:noresponsefrom].length.zero?
+
+      message = result.results[:statusmsg]
+    else
+      command = "#{settings.command_prefix} r10k deploy module #{module_name}"
+      message = run_command(command)
+    end
     LOGGER.info("message: #{message} module_name: #{module_name}")
     status_message = { status: :success, message: message.to_s, module_name: module_name, status_code: 200 }
     notify_slack(status_message) if slack?

data/lib/helpers/tasks.rb

@@ -153,13 +153,4 @@ module Tasks # rubocop:disable Style/Documentation
       throw(:halt, [401, "Not authorized\n"])
     end
   end
-
-  def mco(branch)
-    options = MCollective::Util.default_options
-    options[:config] = settings.client_cfg
-    client = rpcclient('r10k', exit_on_failure: false, options: options)
-    client.discovery_timeout = settings.discovery_timeout
-    client.timeout           = settings.client_timeout
-    client.send('deploy', environment: branch)
-  end
 end

data/lib/parsers/webhook_json_parser.rb

@@ -1,115 +1,15 @@
 require 'rack/bodyparser'
 require 'json'
 
+require_relative 'webhook_parser'
+
 module Sinatra
   module Parsers
     class WebhookJsonParser # rubocop:disable Style/Documentation
-      attr_accessor :env, :data
-
-      def call(body)
-        @data = JSON.parse(body, quirks_mode: true)
-        @vcs  = detect_vcs
-        {
-          branch:    branch,
-          deleted:   deleted?,
-          module_name: repo_name.sub(%r{^.*-}, ''),
-          repo_name: repo_name,
-          repo_user: repo_user
-        }.delete_if { |_k, v| v.nil? }
-      end
-
-      def detect_vcs
-        return 'github'    if github_webhook?
-        return 'gitlab'    if gitlab_webhook?
-        return 'stash'     if stash_webhook?
-        return 'bitbucket' if bitbucket_webhook?
-        return 'tfs'       if tfs_webhook?
-        raise StandardError, 'payload not recognised'
-      end
-
-      def github_webhook?
-        # https://developer.github.com/v3/activity/events/types/#pushevent
-        env.key?('HTTP_X_GITHUB_EVENT')
-      end
-
-      def gitlab_webhook?
-        # https://docs.gitlab.com/ce/user/project/integrations/webhooks.html
-        env.key?('HTTP_X_GITLAB_EVENT')
-      end
-
-      # stash/bitbucket server
-      def stash_webhook?
-        # https://confluence.atlassian.com/bitbucketserver/post-service-webhook-for-bitbucket-server-776640367.html
-        env.key?('HTTP_X_ATLASSIAN_TOKEN')
-      end
-
-      def bitbucket_webhook?
-        # https://confluence.atlassian.com/bitbucket/event-payloads-740262817.html
-        env.key?('HTTP_X_EVENT_KEY')
-      end
-
-      def tfs_webhook?
-        # https://docs.microsoft.com/en-us/vsts/service-hooks/services/webhooks
-        return false unless @data.key? 'resource'
-        return false unless @data.key? 'eventType'
-        true
-      end
-
-      def branch
-        case @vcs
-        when 'github'
-          if @data.key? 'ref'
-            @data['ref'].sub('refs/heads/', '')
-          else
-            @data['repository']['default_branch']
-          end
-        when 'gitlab'
-          @data['ref'].sub('refs/heads/', '')
-        when 'stash'
-          @data['refChanges'][0]['refId'].sub('refs/heads/', '')
-        when 'bitbucket'
-          return @data['push']['changes'][0]['new']['name'] unless deleted?
-          @data['push']['changes'][0]['old']['name']
-        when 'tfs'
-          @data['resource']['refUpdates'][0]['name'].sub('refs/heads/', '')
-        end
-      end
-
-      def deleted?
-        case @vcs
-        when 'github'
-          @data['deleted']
-        when 'gitlab'
-          @data['after'] == '0000000000000000000000000000000000000000'
-        when 'stash'
-          @data['refChanges'][0]['type'] == 'DELETE'
-        when 'bitbucket'
-          @data['push']['changes'][0]['closed']
-        when 'tfs'
-          @data['resource']['refUpdates'][0]['newObjectId'] == '0000000000000000000000000000000000000000'
-        end
-      end
-
-      def repo_name
-        if @vcs == 'gitlab'
-          @data['project']['name']
-        elsif @vcs == 'tfs'
-          @data['resource']['repository']['name']
-        else
-          @data['repository']['name']
-        end
-      end
+      include Sinatra::Parsers::WebhookParser
 
-      def repo_user
-        # TODO: Clarify what repo_user actually is.
-        # github is currently using the repo's 'owner', gitlab is using the user who pushed.
-        case @vcs
-        when 'github'
-          @data['repository']['owner']['login']
-        when 'gitlab'
-          @data['user_username']
-        end
-        # TODO: Bitbucket, Stash/Bitbucket Server, TFS
+      def parse_data(body)
+        JSON.parse(body, quirks_mode: true)
       end
     end
   end

data/lib/parsers/webhook_parser.rb

@@ -0,0 +1,116 @@
+require 'rack/bodyparser'
+require 'json'
+
+module Sinatra
+  module Parsers
+    module WebhookParser # rubocop:disable Style/Documentation
+      attr_accessor :env, :data
+
+      def call(body)
+        @data = parse_data(body)
+        @vcs = detect_vcs
+        {
+          branch:    branch,
+          deleted:   deleted?,
+          module_name: repo_name.sub(%r{^.*-}, ''),
+          repo_name: repo_name,
+          repo_user: repo_user
+        }.delete_if { |_k, v| v.nil? }
+      end
+
+      def detect_vcs
+        return 'github'    if github_webhook?
+        return 'gitlab'    if gitlab_webhook?
+        return 'stash'     if stash_webhook?
+        return 'bitbucket' if bitbucket_webhook?
+        return 'tfs'       if tfs_webhook?
+        raise StandardError, 'payload not recognised'
+      end
+
+      def github_webhook?
+        # https://developer.github.com/v3/activity/events/types/#pushevent
+        env.key?('HTTP_X_GITHUB_EVENT')
+      end
+
+      def gitlab_webhook?
+        # https://docs.gitlab.com/ce/user/project/integrations/webhooks.html
+        env.key?('HTTP_X_GITLAB_EVENT')
+      end
+
+      # stash/bitbucket server
+      def stash_webhook?
+        # https://confluence.atlassian.com/bitbucketserver/post-service-webhook-for-bitbucket-server-776640367.html
+        env.key?('HTTP_X_ATLASSIAN_TOKEN')
+      end
+
+      def bitbucket_webhook?
+        # https://confluence.atlassian.com/bitbucket/event-payloads-740262817.html
+        env.key?('HTTP_X_EVENT_KEY')
+      end
+
+      def tfs_webhook?
+        # https://docs.microsoft.com/en-us/vsts/service-hooks/services/webhooks
+        return false unless @data.key? 'resource'
+        return false unless @data.key? 'eventType'
+        true
+      end
+
+      def branch
+        case @vcs
+        when 'github'
+          if @data.key? 'ref'
+            @data['ref'].sub('refs/heads/', '')
+          else
+            @data['repository']['default_branch']
+          end
+        when 'gitlab'
+          @data['ref'].sub('refs/heads/', '')
+        when 'stash'
+          @data['refChanges'][0]['refId'].sub('refs/heads/', '')
+        when 'bitbucket'
+          return @data['push']['changes'][0]['new']['name'] unless deleted?
+          @data['push']['changes'][0]['old']['name']
+        when 'tfs'
+          @data['resource']['refUpdates'][0]['name'].sub('refs/heads/', '')
+        end
+      end
+
+      def deleted?
+        case @vcs
+        when 'github'
+          @data['deleted']
+        when 'gitlab'
+          @data['after'] == '0000000000000000000000000000000000000000'
+        when 'stash'
+          @data['refChanges'][0]['type'] == 'DELETE'
+        when 'bitbucket'
+          @data['push']['changes'][0]['closed']
+        when 'tfs'
+          @data['resource']['refUpdates'][0]['newObjectId'] == '0000000000000000000000000000000000000000'
+        end
+      end
+
+      def repo_name
+        if @vcs == 'gitlab'
+          @data['project']['name']
+        elsif @vcs == 'tfs'
+          @data['resource']['repository']['name']
+        else
+          @data['repository']['name']
+        end
+      end
+
+      def repo_user
+        # TODO: Clarify what repo_user actually is.
+        # github is currently using the repo's 'owner', gitlab is using the user who pushed.
+        case @vcs
+        when 'github'
+          @data['repository']['owner']['login']
+        when 'gitlab'
+          @data['user_username']
+        end
+        # TODO: Bitbucket, Stash/Bitbucket Server, TFS
+      end
+    end
+  end
+end

data/lib/parsers/webhook_www_form_url_encoded_parser.rb

@@ -0,0 +1,16 @@
+require 'rack/bodyparser'
+require 'json'
+
+require_relative 'webhook_parser'
+
+module Sinatra
+  module Parsers
+    class WebhookWWWFormURLEncodedParser # rubocop:disable Style/Documentation
+      include Sinatra::Parsers::WebhookParser
+
+      def parse_data(body)
+        JSON.parse(CGI.unescape(body).gsub(%r{^payload\=}, ''))
+      end
+    end
+  end
+end

data/lib/plugins/mcollective.rb

@@ -0,0 +1,40 @@
+require 'mcollective'
+
+class PuppetWebhook
+  # Creates an Mcollective Agent object for running MCO agents
+  class Mcollective
+    attr_reader :results, :stats
+    include MCollective::RPC
+
+    def initialize(agent, command, timeouts = nil, options = nil, nodes = [], **args) # rubocop:disable Metrics/ParameterLists
+      @agent = agent
+      @command = command
+      @timeout = timeouts[:timeout] || '120'
+      @dtimeout = timeouts[:dtimeout] || '10'
+      @options = options
+      @nodes = nodes
+      @args = args
+    end
+
+    def run
+      LOGGER.info("Starting request for #{@agent}##{@command}")
+
+      begin
+        @results = client.send(@command, @args)
+      rescue StandardError => e
+        LOGGER.error("Error: #{e}")
+      end
+
+      @stats = client.stats
+    end
+
+    def client
+      client = MCollective::RPC::Client.new(@agent, config_file: MCollective::Util.config_file_for_user, options: MCollective::Util.default_options) # rubocop:disable Metrics/LineLength
+      client.config = @options if @options
+      client.timeout = @timeout if @timeout
+      client.discovery_timeout = @dtimeout if @dtimeout
+      client.progress = false
+      client
+    end
+  end
+end

data/lib/puppet_webhook.rb

@@ -3,6 +3,7 @@ require 'sinatra/config_file'
 require 'json'
 require 'cgi'
 require 'parsers/webhook_json_parser'
+require 'parsers/webhook_www_form_url_encoded_parser'
 
 # Routes
 require_relative 'routes/default'
@@ -12,8 +13,15 @@ require_relative 'routes/payload'
 class PuppetWebhook < Sinatra::Base # rubocop:disable Style/Documentation
   set :root, File.dirname(__FILE__)
   use Rack::BodyParser,
-      parsers: { 'application/json' => Sinatra::Parsers::WebhookJsonParser.new },
-      handlers: { 'application/json' => proc { |e, type| [400, { 'Content-Type' => type }, [{ error: e.to_s }.to_json]] } }
+      parsers: {
+        'application/json' => Sinatra::Parsers::WebhookJsonParser.new,
+        'application/x-www-form-urlencoded' => Sinatra::Parsers::WebhookWWWFormURLEncodedParser.new
+      },
+      handlers:  {
+        'application/json' => proc { |e, type|
+          [400, { 'Content-Type' => type }, [{ error: e.to_s }.to_json]]
+        }
+      }
   register Sinatra::ConfigFile
 
   config_file(File.join(__dir__, '..', 'config', 'app.yml'), '/etc/puppet_webhook/app.yml')
@@ -24,7 +32,7 @@ class PuppetWebhook < Sinatra::Base # rubocop:disable Style/Documentation
 
   # Custom Settings
   set :protected, false unless settings.respond_to? :protected=
-  set :client_cfg, '/var/lib/peadmin/.mcollective' unless settings.respond_to? :client_cfg=
+  set :client_cfg, '/etc/puppetlabs/mcollective/client.cfg' unless settings.respond_to? :client_cfg=
   set :client_timeout, '120' unless settings.respond_to? :client_timeout=
   set :use_mco_ruby, false unless settings.respond_to? :use_mco_ruby=
   set :use_mcollective, false unless settings.respond_to? :use_mcollective=

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: puppet_webhook
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.1.0
 platform: ruby
 authors:
 - Vox Pupuli
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-12-21 00:00:00.000000000 Z
+date: 2018-03-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: json
@@ -237,6 +237,9 @@ files:
 - lib/helpers/init.rb
 - lib/helpers/tasks.rb
 - lib/parsers/webhook_json_parser.rb
+- lib/parsers/webhook_parser.rb
+- lib/parsers/webhook_www_form_url_encoded_parser.rb
+- lib/plugins/mcollective.rb
 - lib/puppet_webhook.rb
 - lib/routes/default.rb
 - lib/routes/module.rb
@@ -262,7 +265,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.7.3
+rubygems_version: 2.7.6
 signing_key: 
 specification_version: 4
 summary: Sinatra Webhook Server for Puppet/R10K