realityforge-knife-windows 0.5.14

data/lib/chef/knife/bootstrap_windows_base.rb

@@ -0,0 +1,179 @@
+#
+# Author:: Seth Chisamore (<schisamo@opscode.com>)
+# Copyright:: Copyright (c) 2011 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef/knife'
+require 'chef/encrypted_data_bag_item'
+
+class Chef
+  class Knife
+    module BootstrapWindowsBase
+
+      # :nodoc:
+      # Would prefer to do this in a rational way, but can't be done b/c of
+      # Mixlib::CLI's design :(
+      def self.included(includer)
+        includer.class_eval do
+
+          deps do
+            require 'readline'
+            require 'chef/json_compat'
+          end
+
+          option :chef_node_name,
+            :short => "-N NAME",
+            :long => "--node-name NAME",
+            :description => "The Chef node name for your new node"
+
+          option :prerelease,
+            :long => "--prerelease",
+            :description => "Install the pre-release chef gems"
+
+          option :bootstrap_version,
+            :long => "--bootstrap-version VERSION",
+            :description => "The version of Chef to install",
+            :proc => Proc.new { |v| Chef::Config[:knife][:bootstrap_version] = v }
+
+          option :bootstrap_proxy,
+            :long => "--bootstrap-proxy PROXY_URL",
+            :description => "The proxy server for the node being bootstrapped",
+            :proc => Proc.new { |p| Chef::Config[:knife][:bootstrap_proxy] = p }
+
+          option :distro,
+            :short => "-d DISTRO",
+            :long => "--distro DISTRO",
+            :description => "Bootstrap a distro using a template",
+            :default => "windows-chef-client-msi"
+
+          option :template_file,
+            :long => "--template-file TEMPLATE",
+            :description => "Full path to location of template to use",
+            :default => false
+
+          option :run_list,
+            :short => "-r RUN_LIST",
+            :long => "--run-list RUN_LIST",
+            :description => "Comma separated list of roles/recipes to apply",
+            :proc => lambda { |o| o.split(",") },
+            :default => []
+
+          option :encrypted_data_bag_secret,
+            :short => "-s SECRET",
+            :long  => "--secret ",
+            :description => "The secret key to use to decrypt data bag item values.  Will be rendered on the node at c:/chef/encrypted_data_bag_secret and set in the rendered client config.",
+            :default => false
+
+          option :encrypted_data_bag_secret_file,
+            :long => "--secret-file SECRET_FILE",
+            :description => "A file containing the secret key to use to encrypt data bag item values. Will be rendered on the node at c:/chef/encrypted_data_bag_secret and set in the rendered client config."
+
+        end
+      end
+
+      # TODO: This should go away when CHEF-2193 is fixed
+      def load_template(template=nil)
+        # Are we bootstrapping using an already shipped template?
+        if config[:template_file]
+          bootstrap_files = config[:template_file]
+        else
+          bootstrap_files = []
+          bootstrap_files << File.join(File.dirname(__FILE__), 'bootstrap', "#{config[:distro]}.erb")
+          bootstrap_files << File.join(Dir.pwd, ".chef", "bootstrap", "#{config[:distro]}.erb")
+          bootstrap_files << File.join(ENV['HOME'], '.chef', 'bootstrap', "#{config[:distro]}.erb")
+          bootstrap_files << Gem.find_files(File.join("chef","knife","bootstrap","#{config[:distro]}.erb"))
+          bootstrap_files.flatten!
+        end
+
+        template = Array(bootstrap_files).find do |bootstrap_template|
+          Chef::Log.debug("Looking for bootstrap template in #{File.dirname(bootstrap_template)}")
+          ::File.exists?(bootstrap_template)
+        end
+
+        unless template
+          ui.info("Can not find bootstrap definition for #{config[:distro]}")
+          raise Errno::ENOENT
+        end
+
+        Chef::Log.debug("Found bootstrap template in #{File.dirname(template)}")
+
+        IO.read(template).chomp
+      end
+
+      def render_template(template=nil)
+        if config[:encrypted_data_bag_secret_file]
+          config[:encrypted_data_bag_secret] = Chef::EncryptedDataBagItem.load_secret(config[:encrypted_data_bag_secret_file])
+        end
+        context = Knife::Core::WindowsBootstrapContext.new(config, config[:run_list], Chef::Config)
+        Erubis::Eruby.new(template).evaluate(context)
+      end
+
+      def bootstrap(proto=nil)
+
+        validate_name_args!
+
+        @node_name = Array(@name_args).first
+        # back compat--templates may use this setting:
+        config[:server_name] = @node_name
+
+        STDOUT.sync = STDERR.sync = true
+
+        ui.info("Bootstrapping Chef on #{ui.color(@node_name, :bold)}")
+        # create a bootstrap.bat file on the node
+        # we have to run the remote commands in 2047 char chunks
+        create_bootstrap_bat_command do |command_chunk, chunk_num|
+          begin
+            run_command("cmd.exe /C echo \"Rendering '#{bootstrap_bat_file}' chunk #{chunk_num}\" && #{command_chunk}")
+          rescue SystemExit => e
+            raise unless e.success?
+          end
+        end
+
+        # execute the bootstrap.bat file
+        run_command(bootstrap_command)
+      end
+
+      def bootstrap_command
+        @bootstrap_command ||= "cmd.exe /C #{bootstrap_bat_file}"
+      end
+
+      def create_bootstrap_bat_command(&block)
+        bootstrap_bat = []
+        chunk_num = 0
+        render_template(load_template(config[:bootstrap_template])).each_line do |line|
+          # escape WIN BATCH special chars
+          line.gsub!(/[(<|>)^]/).each{|m| "^#{m}"}
+          # windows commands are limited to 2047 characters
+          if((bootstrap_bat + [line]).join(" && ").size > 2047 )
+            yield bootstrap_bat.join(" && "), chunk_num += 1
+            bootstrap_bat = []
+          end
+          bootstrap_bat << ">> #{bootstrap_bat_file} (echo.#{line.chomp.strip})"
+        end
+        yield bootstrap_bat.join(" && "), chunk_num += 1
+      end
+
+      def bootstrap_bat_file
+        @bootstrap_bat_file ||= "%TEMP%\\bootstrap-#{Process.pid}-#{Time.now.to_i}.bat"
+      end
+
+      def locate_config_value(key)
+        key = key.to_sym
+        Chef::Config[:knife][key] || config[key]
+      end
+    end
+  end
+end

data/lib/chef/knife/bootstrap_windows_ssh.rb

@@ -0,0 +1,86 @@
+#
+# Author:: Seth Chisamore (<schisamo@opscode.com>)
+# Copyright:: Copyright (c) 2011 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef/knife/bootstrap_windows_base'
+
+class Chef
+  class Knife
+    class BootstrapWindowsSsh < Bootstrap
+
+      include Chef::Knife::BootstrapWindowsBase
+
+      deps do
+        require 'chef/knife/core/windows_bootstrap_context'
+        require 'chef/json_compat'
+        require 'tempfile'
+        require 'highline'
+        require 'net/ssh'
+        require 'net/ssh/multi'
+        Chef::Knife::Ssh.load_deps
+      end
+
+      banner "knife bootstrap windows ssh FQDN (options)"
+
+      option :ssh_user,
+        :short => "-x USERNAME",
+        :long => "--ssh-user USERNAME",
+        :description => "The ssh username",
+        :default => "root"
+
+      option :ssh_password,
+        :short => "-P PASSWORD",
+        :long => "--ssh-password PASSWORD",
+        :description => "The ssh password"
+
+      option :ssh_port,
+        :short => "-p PORT",
+        :long => "--ssh-port PORT",
+        :description => "The ssh port",
+        :default => "22",
+        :proc => Proc.new { |key| Chef::Config[:knife][:ssh_port] = key }
+
+      option :identity_file,
+        :short => "-i IDENTITY_FILE",
+        :long => "--identity-file IDENTITY_FILE",
+        :description => "The SSH identity file used for authentication"
+
+      option :host_key_verification,
+        :long => "--[no-]host-key-verification",
+        :description => "Disable host key verification",
+        :boolean => true,
+        :default => true
+
+      def run
+        bootstrap
+      end
+
+      def run_command(command = '')
+        ssh = Chef::Knife::Ssh.new
+        ssh.name_args = [ server_name, command ]
+        ssh.config[:ssh_user] = locate_config_value(:ssh_user)
+        ssh.config[:ssh_password] = locate_config_value(:ssh_password)
+        ssh.config[:ssh_port] = locate_config_value(:ssh_port)
+        ssh.config[:identity_file] = config[:identity_file]
+        ssh.config[:manual] = true
+        ssh.config[:host_key_verify] = config[:host_key_verify]
+        ssh.run
+      end
+
+    end
+  end
+end

data/lib/chef/knife/bootstrap_windows_winrm.rb

@@ -0,0 +1,62 @@
+#
+# Author:: Seth Chisamore (<schisamo@opscode.com>)
+# Copyright:: Copyright (c) 2011 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef/knife/bootstrap_windows_base'
+require 'chef/knife/winrm'
+require 'chef/knife/winrm_base'
+require 'chef/knife/bootstrap'
+
+class Chef
+  class Knife
+    class BootstrapWindowsWinrm < Bootstrap
+
+      include Chef::Knife::BootstrapWindowsBase
+      include Chef::Knife::WinrmBase
+
+      deps do
+        require 'chef/knife/core/windows_bootstrap_context'
+        require 'chef/json_compat'
+        require 'tempfile'
+        Chef::Knife::Winrm.load_deps
+      end
+
+      banner "knife bootstrap windows winrm FQDN (options)"
+
+      def run
+        bootstrap
+      end
+
+      def run_command(command = '')
+        winrm = Chef::Knife::Winrm.new
+        winrm.name_args = [ server_name, command ]
+        winrm.config[:winrm_user] = locate_config_value(:winrm_user)
+        winrm.config[:winrm_password] = locate_config_value(:winrm_password)
+        winrm.config[:winrm_transport] = locate_config_value(:winrm_transport)
+        winrm.config[:kerberos_keytab_file] = Chef::Config[:knife][:kerberos_keytab_file] if Chef::Config[:knife][:kerberos_keytab_file]
+        winrm.config[:kerberos_realm] = Chef::Config[:knife][:kerberos_realm] if Chef::Config[:knife][:kerberos_realm]
+        winrm.config[:kerberos_service] = Chef::Config[:knife][:kerberos_service] if Chef::Config[:knife][:kerberos_service]
+        winrm.config[:ca_trust_file] = Chef::Config[:knife][:ca_trust_file] if Chef::Config[:knife][:ca_trust_file]
+        winrm.config[:manual] = true
+        winrm.config[:winrm_port] = locate_config_value(:winrm_port)
+        winrm.run
+      end
+
+    end
+  end
+end
+

data/lib/chef/knife/core/windows_bootstrap_context.rb

@@ -0,0 +1,175 @@
+#
+# Author:: Seth Chisamore (<schisamo@opscode.com>)
+# Copyright:: Copyright (c) 2011 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef/knife/core/bootstrap_context'
+
+class Chef
+  class Knife
+    module Core
+      # Instances of BootstrapContext are the context objects (i.e., +self+) for
+      # bootstrap templates. For backwards compatability, they +must+ set the
+      # following instance variables:
+      # * @config   - a hash of knife's config values
+      # * @run_list - the run list for the node to boostrap
+      #
+      class WindowsBootstrapContext < BootstrapContext
+
+        def initialize(config, run_list, chef_config)
+          @config       = config
+          @run_list     = run_list
+          @chef_config  = chef_config
+          super(config, run_list, chef_config)
+        end
+
+        def validation_key
+          escape_and_echo(super)
+        end
+
+        def encrypted_data_bag_secret
+          escape_and_echo(@config[:encrypted_data_bag_secret])
+        end
+
+        def config_content
+          client_rb = <<-CONFIG
+log_level        :info
+log_location     STDOUT
+
+chef_server_url  "#{@chef_config[:chef_server_url]}"
+validation_client_name "#{@chef_config[:validation_client_name]}"
+client_key        "c:/chef/client.pem"
+validation_key    "c:/chef/validation.pem"
+
+file_cache_path   "c:/chef/cache"
+file_backup_path  "c:/chef/backup"
+cache_options     ({:path => "c:/chef/cache/checksums", :skip_expires => true})
+
+CONFIG
+          if @config[:chef_node_name]
+            client_rb << %Q{node_name "#{@config[:chef_node_name]}"\n}
+          else
+            client_rb << "# Using default node name (fqdn)\n"
+          end
+
+          if knife_config[:bootstrap_proxy]
+            client_rb << "\n"
+            client_rb << %Q{http_proxy        "#{knife_config[:bootstrap_proxy]}"\n}
+            client_rb << %Q{https_proxy       "#{knife_config[:bootstrap_proxy]}"\n}
+          end
+
+          if @config[:encrypted_data_bag_secret]
+            client_rb << %Q{encrypted_data_bag_secret "c:/chef/encrypted_data_bag_secret"\n}
+          end
+
+          escape_and_echo(client_rb)
+        end
+
+        def start_chef
+          start_chef = "SET \"PATH=%PATH%;C:\\ruby\\bin;C:\\opscode\\chef\\bin;C:\\opscode\\chef\\embedded\\bin\"\n"
+          start_chef << "chef-client -c c:/chef/client.rb -j c:/chef/first-boot.json -E #{bootstrap_environment}\n"
+        end
+
+        def run_list
+          escape_and_echo({ "run_list" => @run_list }.to_json)
+        end
+
+        def win_wget
+          win_wget = <<-WGET
+url = WScript.Arguments.Named("url")
+path = WScript.Arguments.Named("path")
+proxy = null
+Set objXMLHTTP = CreateObject("MSXML2.ServerXMLHTTP")
+Set wshShell = CreateObject( "WScript.Shell" )
+Set objUserVariables = wshShell.Environment("USER")
+
+'http proxy is optional
+'attempt to read from HTTP_PROXY env var first
+On Error Resume Next
+
+If NOT (objUserVariables("HTTP_PROXY") = "") Then
+proxy = objUserVariables("HTTP_PROXY")
+
+'fall back to named arg
+ElseIf NOT (WScript.Arguments.Named("proxy") = "") Then
+proxy = WScript.Arguments.Named("proxy")
+End If
+
+If NOT isNull(proxy) Then
+'setProxy method is only available on ServerXMLHTTP 6.0+
+Set objXMLHTTP = CreateObject("MSXML2.ServerXMLHTTP.6.0")
+objXMLHTTP.setProxy 2, proxy
+End If
+
+On Error Goto 0
+
+objXMLHTTP.open "GET", url, false
+objXMLHTTP.send()
+If objXMLHTTP.Status = 200 Then
+Set objADOStream = CreateObject("ADODB.Stream")
+objADOStream.Open
+objADOStream.Type = 1
+objADOStream.Write objXMLHTTP.ResponseBody
+objADOStream.Position = 0
+Set objFSO = Createobject("Scripting.FileSystemObject")
+If objFSO.Fileexists(path) Then objFSO.DeleteFile path
+Set objFSO = Nothing
+objADOStream.SaveToFile path
+objADOStream.Close
+Set objADOStream = Nothing
+End if
+Set objXMLHTTP = Nothing
+WGET
+          escape_and_echo(win_wget)
+        end
+
+        def win_wget_ps
+          win_wget_ps = <<-WGET_PS
+param(
+   [String] $remoteUrl,
+   [String] $localPath
+)
+
+$webClient = new-object System.Net.WebClient; 
+
+$webClient.DownloadFile($remoteUrl, $localPath);
+WGET_PS
+
+          escape_and_echo(win_wget_ps)
+        end
+
+        def install_chef
+          install_chef = 'msiexec /qb /i "%LOCAL_DESTINATION_MSI_PATH%"'
+        end
+
+        def bootstrap_directory
+          bootstrap_directory = "C:\\chef"
+        end
+
+        def local_download_path
+          local_download_path = "%TEMP%\\chef-client-latest.msi"
+        end
+
+        # escape WIN BATCH special chars
+        # and prefixes each line with an
+        # echo
+        def escape_and_echo(file_contents)
+          file_contents.gsub(/^(.*)$/, 'echo.\1').gsub(/([(<|>)^])/, '^\1')
+        end
+      end
+    end
+  end
+end