puppetfactory 0.4.0

data/lib/puppetfactory/plugins/example.rb

@@ -0,0 +1,88 @@
+require 'puppetfactory'
+
+# inherit from Puppetfactory::Plugins
+class Puppetfactory::Plugins::Example < Puppetfactory::Plugins
+  attr_reader :weight
+
+  def initialize(options)
+    super(options) # call the superclass to initialize it
+
+    @weight  = 1
+    @example = options[:example] || '/tmp/example'
+  end
+
+  # include one or more of the following methods. Any method you implement
+  # will be called when the corresponding task is invoked.
+
+  def create(username, password)
+    $logger.info "User #{username} created."
+
+    # Log an error with $logger.error
+    # fail user creation with a fatal error by raising an exception
+
+    # return true if our action succeeded
+    true
+  end
+
+  def delete(username)
+    $logger.info "User #{username} deleted."
+
+    # return true if our action succeeded
+    true
+  end
+
+  def userinfo(username, extended = false)
+    # we can bail if we don't want to add to the basic user object.
+    # for example, if these are heavy operations.
+    return unless extended
+
+    # return a hash with the :username key
+    {
+      :username => username,
+      :example  => username.upcase,
+    }
+  end
+
+  def deploy(username)
+    environment = Puppetfactory::Helpers.environment_name(username)
+    $logger.info "Deployed environment #{environment} for #{username}"
+
+    # return true if our action succeeded
+    true
+  end
+
+  def redeploy(username)
+    begin
+      if username == 'production'
+        raise "Can't redeploy production environment"
+      end
+      delete(username)
+      deploy(username)
+
+    rescue => e
+      raise "Error redeploying environment #{username}: #{e.message}"
+    end
+
+    # return true if our action succeeded
+    true
+  end
+
+  # used by container plugins to rebuild them
+  def repair(username)
+    $logger.info "Container #{username} repaired"
+    true
+  end
+
+  # hook called when users log in. Only one can be active at any time.
+  def login
+    $logger.info 'Logging in with the default system shell'
+    exec('bash --login')
+  end
+
+  # returns an array of all user accounts. Only one can be active at any time.
+  def users
+    usernames = Dir.glob('/home/*').map { |path| File.basename path }
+    usernames.reject { |username| ['centos', 'training', 'showoff'].include? username }
+  end
+
+end

data/lib/puppetfactory/plugins/github.rb

@@ -0,0 +1,102 @@
+require 'octokit'
+require 'puppetfactory'
+
+class Puppetfactory::Plugins::Github < Puppetfactory::Plugins
+
+  def initialize(options)
+    super(options)
+
+    @gitserver   = options[:gitserver]
+    @gituser     = options[:gituser]
+    @controlrepo = options[:controlrepo]
+    @repomodel   = options[:repomodel]
+    @githubtoken = options[:githubtoken]
+
+    # chomp so we can support repo names with or without the .git
+    @controlrepo.chomp!('.git')
+
+    if @githubtoken
+      @client = Octokit::Client.new(:access_token => @githubtoken)
+      @client.user.login
+    else
+      @client = Octokit::Client.new()
+    end
+  end
+
+  def create(username, password)
+    # can only do anything on our own repo, and only if we're authorized!
+    return true unless @githubtoken and @repomodel == :single
+
+    begin
+      # can only do anything on our own repo!
+      repo = "#{@gituser}/#{@controlrepo}"
+      sha  = @client.branches(repo).select { |branch| branch[:name] == 'production' }.first[:commit][:sha]
+      @client.create_ref(repo, "heads/#{username}", sha)
+      $logger.info "Created Github user branch for #{username}"
+
+      @client.add_collaborator(repo, username)
+      $logger.info "Added #{username} as a collaborator to #{repo}."
+
+    rescue => e
+      $logger.error "Error creating Github user branch for #{username}"
+      $logger.error e.message
+      return false
+    end
+
+    true
+  end
+
+  def delete(username)
+    # can only do anything on our own repo, and only if we're authorized!
+    return true unless @githubtoken and @repomodel == :single
+
+    begin
+      @client.delete_branch("#{@gituser}/#{@controlrepo}", username)
+      $logger.info "Deleted Github user branch for #{username}"
+
+      @client.remove_collaborator(repo, username)
+      $logger.info "Removed #{username} as a collaborator on #{repo}."
+
+    rescue => e
+      $logger.error "Error deleting Github user branch for #{username}"
+      $logger.error e.message
+      return false
+    end
+
+    true
+  end
+
+  def userinfo(username, extended = false)
+    if @repomodel == :single
+      repo = "#{@gituser}/#{@controlrepo}"
+      url  = "#{@gitserver}/#{@gituser}/#{@controlrepo}/tree/#{username}"
+    else
+      repo = "#{@username}/#{@controlrepo}"
+      url  = "#{@gitserver}/#{username}/#{@controlrepo}"
+    end
+
+    userinfo = {
+      :username     => username,
+      :controlrepo  => url,
+    }
+    userinfo[:latestcommit] = latest_commit(repo, username) if extended
+    userinfo
+  end
+
+  private
+  def latest_commit(repo, username)
+    begin
+      commit = @client.commits(repo, :author => username).first
+      return if commit.nil?
+
+      {
+        :url     => commit[:html_url],
+        :message => commit[:commit][:message].trim(62),
+        :time    => Puppetfactory::Helpers.approximate_time_difference(commit[:commit][:author][:date]),
+      }
+    rescue => e
+      $logger.error "Cannot get commits for #{repo}."
+      $logger.error e.message
+    end
+  end
+end

data/lib/puppetfactory/plugins/gitlab.rb

@@ -0,0 +1,62 @@
+require 'json'
+require 'puppetfactory'
+
+class Puppetfactory::Plugins::Gitlab < Puppetfactory::Plugins
+
+  def initialize(options)
+    super(options)
+
+    @suffix = options[:usersuffix]
+
+    begin
+      # Use default gitlab root password to get session token
+      login  = {:login => 'root', :password => '5iveL!fe'}
+      resp   = JSON.parse(RestClient.post('http://localhost:8888/api/v3/session', login))
+      @token = resp['private_token']
+    rescue => e
+      raise "GitLab authentication error! (#{e.message})"
+    end
+  end
+
+  def create(username, password)
+    begin
+      if password.length < 8
+        raise "Password must be at least 8 characters"
+      end
+
+      RestClient.post('http://localhost:8888/api/v3/users',
+                      {
+                        :email         => "#{username}.#{@suffix}",
+                        :password      => password,
+                        :username      => username,
+                        :name          => username,
+                        :confirm       => false,
+                        :private_token => @token        # TODO: this invocation does not look like the invocation below?
+                      })
+      end
+
+      $logger.info "Created GitLab user #{username}."
+    rescue => e
+      $logger.error "Error creating GitLab user #{username}: #{e.message}"
+      return false
+    end
+
+    true
+  end
+
+  def delete(username)
+    begin
+      users  = JSON.parse(RestClient.get('http://localhost:8888/api/v3/users', {"PRIVATE-TOKEN" => @token}))
+      userid = users.select { |record| record['username'] == username }['id']
+      RestClient.delete("http://localhost:8888/api/v3/users/#{userid}" , {"PRIVATE-TOKEN" => @token})
+
+      $logger.info "Removed GitLab user #{username}."
+    rescue => e
+      $logger.error "Error removing GitLab user #{username}: #{e.message}"
+      return false
+    end
+
+    true
+  end
+
+end

data/lib/puppetfactory/plugins/hooks.rb

@@ -0,0 +1,46 @@
+require 'json'
+require 'puppetfactory'
+
+class Puppetfactory::Plugins::Hooks < Puppetfactory::Plugins
+  attr_reader :weight
+
+  def initialize(options)
+    super(options)
+
+    @weight = 1
+    @path   = options[:hooks_path] || '/etc/puppetfactory/hooks'
+  end
+
+  def create(username)
+    call_hooks(:create, username)
+  end
+
+  def delete(username)
+    call_hooks(:delete, username)
+  end
+
+  private
+  def call_hooks(hook_type, username)
+    success = true
+    # the .to_s allows us to accept strings or symbols
+    Dir.glob("#{HOOKS_PATH}/#{hook_type.to_s}/*") do |hook|
+      next unless File.file?(hook)
+      next unless File.executable?(hook)
+
+      begin
+        output, status = Open3.capture2e(hook, username)
+        raise "Execution error: #{output}" unless status.success?
+        $logger.info output
+
+      rescue => e
+        $logger.error "Error running hook: #{hook}"
+        $logger.error e.message
+        success = false
+      end
+    end
+
+    # only true if all hooks succeeded.
+    success
+  end
+
+end

data/lib/puppetfactory/plugins/login_shell.rb

@@ -0,0 +1,10 @@
+class Puppetfactory::Plugins::LoginShell < Puppetfactory::Plugins
+  def initialize(options)
+    super(options)
+  end
+
+  def login
+    $logger.info 'Logging in with the default system shell'
+    exec('bash --login')
+  end
+end

data/lib/puppetfactory/plugins/logs.rb

@@ -0,0 +1,34 @@
+require 'puppetfactory'
+
+class Puppetfactory::Plugins::Logs < Puppetfactory::Plugins
+
+  def initialize(options)
+    super(options)
+    return unless options[:puppetfactory]
+
+    @logfile = options[:logfile]
+    server   = options[:puppetfactory]
+
+    # Add a web route to the puppetfactory server. Must happen in the initializer
+    server.get '/logs' do
+      protected!
+      erb :logs
+    end
+
+    server.get '/logs/data' do
+      protected!
+      plugin(:Logs, :data)
+    end
+  end
+
+  def tabs(privileged = false)
+    return unless privileged # only show this tab to admin users
+
+    # url path => display title
+    { 'logs' => 'Logs' }
+  end
+
+  def data
+    File.read(@logfile) rescue "Cannot read logfile #{@logfile}"
+  end
+end

data/lib/puppetfactory/plugins/r10k.rb

@@ -0,0 +1,112 @@
+require 'puppetfactory'
+
+class Puppetfactory::Plugins::R10k < Puppetfactory::Plugins
+
+  def initialize(options)
+    super(options)
+
+    @gitserver    = options[:gitserver]
+    @repomodel    = options[:repomodel]
+    @controlrepo  = options[:controlrepo]
+    @environments = options[:environments]
+    @r10k_config  = '/etc/puppetlabs/r10k/r10k.yaml'
+    @pattern      = "#{@gitserver}/%s/#{@controlrepo}"
+
+    # the rest of this method is for the big boys only
+    return unless Process.euid == 0
+
+    # in case this is the first run and it doesn't exist yet
+    unless File.exist? @r10k_config
+      File.open(@r10k_config, 'w') { |f| f.write({'sources' => {}}.to_yaml) }
+    end
+  end
+
+  def create(username, password)
+    begin
+      environment = "#{@environments}/#{Puppetfactory::Helpers.environment_name(username)}"
+      FileUtils.mkdir_p environment
+      FileUtils.chown_R(username, 'pe-puppet', environment)
+      FileUtils.chmod(0750, environment)
+
+      File.open(@r10k_config) do |file|
+        # make sure we don't have any concurrency issues
+        file.flock(File::LOCK_EX)
+
+        r10k = YAML.load_file(@r10k_config)
+        r10k['sources'][username] = {
+          'remote'  => sprintf(@pattern, username),
+          'basedir' => @environments,
+          'prefix'  => (@repomodel == :peruser),
+        }
+
+        # Ruby 1.8.7, why don't you just go away now
+        File.open(@r10k_config, 'w') { |f| f.write(r10k.to_yaml) }
+        $logger.info "Created r10k source for #{username}"
+      end
+    rescue => e
+      $logger.error "Cannot create r10k source for #{username}"
+      $logger.error e.backtrace
+      return false
+    end
+
+    true
+  end
+
+  def delete(username)
+    begin
+      environment = "#{@environments}/#{Puppetfactory::Helpers.environment_name(username)}"
+      FileUtils.rm_rf environment
+
+      # also delete any prefixed environments. Is this even a good idea?
+      FileUtils.rm_rf "#{@environments}/#{username}_*" if @repomodel == :peruser
+
+      File.open(@r10k_config) do |file|
+        # make sure we don't have any concurrency issues
+        file.flock(File::LOCK_EX)
+
+        r10k = YAML.load_file(@r10k_config)
+        r10k['sources'].delete username
+
+        # Ruby 1.8.7, why don't you just go away now
+        File.open(@r10k_config, 'w') { |f| f.write(r10k.to_yaml) }
+        $logger.info "Created r10k source for #{username}"
+      end
+    rescue => e
+      $logger.error "Cannot remove r10k source for #{username}"
+      $logger.error e.backtrace
+      return false
+    end
+
+    true
+  end
+
+  def deploy(username)
+    environment = Puppetfactory::Helpers.environment_name(username)
+
+    output, status = Open3.capture2e('r10k', 'deploy', 'environment', environment)
+    unless status.success?
+      $logger.error "Failed to deploy environment #{environment} for #{username}"
+      $logger.error output
+      return false
+    end
+
+    $logger.info "Deployed environment #{environment} for #{username}"
+    true
+  end
+
+  def redeploy(username)
+    begin
+      if username == 'production'
+        raise "Can't redeploy production environment"
+      end
+      delete(username)
+      deploy(username)
+
+    rescue => e
+      raise "Error redeploying environment #{username}: #{e.message}"
+    end
+
+    true
+  end
+
+end