ridley-connectors 1.0.1

data/lib/ridley-connectors/host_connector/ssh.rb

@@ -0,0 +1,211 @@
+require 'net/ssh'
+
+module Ridley
+  module HostConnector
+    class SSH < HostConnector::Base
+      DEFAULT_PORT       = 22
+      EMBEDDED_RUBY_PATH = '/opt/chef/embedded/bin/ruby'.freeze
+
+      # Execute a shell command on a node
+      #
+      # @param [String] host
+      #   the host to perform the action on
+      # @param [String] command
+      #
+      # @option options [Hash] :ssh
+      #   * :user (String) a shell user that will login to each node and perform the bootstrap command on
+      #   * :password (String) the password for the shell user that will perform the bootstrap
+      #   * :keys (Array, String) an array of key(s) to authenticate the ssh user with instead of a password
+      #   * :timeout (Float) timeout value for SSH bootstrap (5.0)
+      #   * :sudo (Boolean) run as sudo
+      #
+      # @return [HostConnector::Response]
+      def run(host, command, options = {})
+        options = options.reverse_merge(ssh: Hash.new)
+        options[:ssh].reverse_merge!(port: DEFAULT_PORT, paranoid: false, sudo: false)
+
+        command = "sudo #{command}" if options[:ssh][:sudo]
+
+        Ridley::HostConnector::Response.new(host).tap do |response|
+          begin
+            log.info "Running SSH command: '#{command}' on: '#{host}' as: '#{options[:ssh][:user]}'"
+
+            defer {
+              Net::SSH.start(host, options[:ssh][:user], options[:ssh].slice(*Net::SSH::VALID_OPTIONS)) do |ssh|
+                ssh.open_channel do |channel|
+                  if options[:sudo]
+                    channel.request_pty do |channel, success|
+                      unless success
+                        raise "Could not aquire pty: A pty is required for running sudo commands."
+                      end
+
+                      channel_exec(channel, command, host, response)
+                    end
+                  else
+                    channel_exec(channel, command, host, response)
+                  end
+                end
+                ssh.loop
+              end
+            }
+          rescue Net::SSH::AuthenticationFailed => ex
+            response.exit_code = -1
+            response.stderr    = "Authentication failure for user #{ex}"
+          rescue Net::SSH::ConnectionTimeout, Timeout::Error
+            response.exit_code = -1
+            response.stderr    = "Connection timed out"
+          rescue Errno::EHOSTUNREACH
+            response.exit_code = -1
+            response.stderr    = "Host unreachable"
+          rescue Errno::ECONNREFUSED
+            response.exit_code = -1
+            response.stderr    = "Connection refused"
+          rescue Net::SSH::Exception => ex
+            response.exit_code = -1
+            response.stderr    = ex.inspect
+          end
+
+          case response.exit_code
+          when 0
+            log.info "Successfully ran SSH command on: '#{host}' as: '#{options[:ssh][:user]}'"
+          when -1
+            log.info "Failed to run SSH command on: '#{host}' as: '#{options[:ssh][:user]}'"
+          else
+            log.info "Successfully ran SSH command on: '#{host}' as: '#{options[:ssh][:user]}' but it failed"
+          end
+        end
+      end
+
+      # Bootstrap a node
+      #
+      # @param [String] host
+      #   the host to perform the action on
+      #
+      # @option options [Hash] :ssh
+      #   * :user (String) a shell user that will login to each node and perform the bootstrap command on
+      #   * :password (String) the password for the shell user that will perform the bootstrap
+      #   * :keys (Array, String) an array of key(s) to authenticate the ssh user with instead of a password
+      #   * :timeout (Float) timeout value for SSH bootstrap (5.0)
+      #   * :sudo (Boolean) run as sudo
+      #
+      # @return [HostConnector::Response]
+      def bootstrap(host, options = {})
+        options = options.reverse_merge(ssh: Hash.new)
+        options[:ssh].reverse_merge!(sudo: true, timeout: 5.0)
+        context = BootstrapContext::Unix.new(options)
+
+        log.info "Bootstrapping host: #{host}"
+        run(host, context.boot_command, options)
+      end
+
+      # Perform a chef client run on a node
+      #
+      # @param [String] host
+      #   the host to perform the action on
+      #
+      # @option options [Hash] :ssh
+      #   * :user (String) a shell user that will login to each node and perform the bootstrap command on
+      #   * :password (String) the password for the shell user that will perform the bootstrap
+      #   * :keys (Array, String) an array of key(s) to authenticate the ssh user with instead of a password
+      #   * :timeout (Float) timeout value for SSH bootstrap (5.0)
+      #   * :sudo (Boolean) run as sudo
+      #
+      # @return [HostConnector::Response]
+      def chef_client(host, options = {})
+        run(host, "chef-client", options)
+      end
+
+      # Write your encrypted data bag secret on a node
+      #
+      # @param [String] host
+      #   the host to perform the action on
+      # @param [String] secret
+      #   your organization's encrypted data bag secret
+      #
+      # @option options [Hash] :ssh
+      #   * :user (String) a shell user that will login to each node and perform the bootstrap command on
+      #   * :password (String) the password for the shell user that will perform the bootstrap
+      #   * :keys (Array, String) an array of key(s) to authenticate the ssh user with instead of a password
+      #   * :timeout (Float) timeout value for SSH bootstrap (5.0)
+      #   * :sudo (Boolean) run as sudo
+      #
+      # @return [HostConnector::Response]
+      def put_secret(host, secret, options = {})
+        cmd = "echo '#{secret}' > /etc/chef/encrypted_data_bag_secret; chmod 0600 /etc/chef/encrypted_data_bag_secret"
+        run(host, cmd, options)
+      end
+
+      # Execute line(s) of Ruby code on a node using Chef's embedded Ruby
+      #
+      # @param [String] host
+      #   the host to perform the action on
+      # @param [Array<String>] command_lines
+      #   An Array of lines of the command to be executed
+      #
+      # @option options [Hash] :ssh
+      #   * :user (String) a shell user that will login to each node and perform the bootstrap command on
+      #   * :password (String) the password for the shell user that will perform the bootstrap
+      #   * :keys (Array, String) an array of key(s) to authenticate the ssh user with instead of a password
+      #   * :timeout (Float) timeout value for SSH bootstrap (5.0)
+      #   * :sudo (Boolean) run as sudo
+      #
+      # @return [HostConnector::Response]
+      def ruby_script(host, command_lines, options = {})
+        run(host, "#{EMBEDDED_RUBY_PATH} -e \"#{command_lines.join(';')}\"", options)
+      end
+
+      # Uninstall Chef from a node
+      #
+      # @param [String] host
+      #   the host to perform the action on
+      #
+      # @option options [Boolena] :skip_chef (false)
+      #   skip removal of the Chef package and the contents of the installation
+      #   directory. Setting this to true will only remove any data and configurations
+      #   generated by running Chef client.
+      # @option options [Hash] :ssh
+      #   * :user (String) a shell user that will login to each node and perform the bootstrap command on
+      #   * :password (String) the password for the shell user that will perform the bootstrap
+      #   * :keys (Array, String) an array of key(s) to authenticate the ssh user with instead of a password
+      #   * :timeout (Float) timeout value for SSH bootstrap (5.0)
+      #   * :sudo (Boolean) run as sudo (true)
+      #
+      # @return [HostConnector::Response]
+      def uninstall_chef(host, options = {})
+        options = options.reverse_merge(ssh: Hash.new)
+        options[:ssh].reverse_merge!(sudo: true, timeout: 5.0)
+
+        log.info "Uninstalling Chef from host: #{host}"
+        run(host, CommandContext::UnixUninstall.command(options), options)
+      end
+
+      private
+
+        def channel_exec(channel, command, host, response)
+          channel.exec(command) do |ch, success|
+            unless success
+              raise "Channel execution failed while executing command #{command}"
+            end
+
+            channel.on_data do |ch, data|
+              response.stdout += data
+              log.info "[#{host}](SSH) #{data}" if data.present? and data != "\r\n"
+            end
+
+            channel.on_extended_data do |ch, type, data|
+              response.stderr += data
+              log.info "[#{host}](SSH) #{data}" if data.present? and data != "\r\n"
+            end
+
+            channel.on_request("exit-status") do |ch, data|
+              response.exit_code = data.read_long
+            end
+
+            channel.on_request("exit-signal") do |ch, data|
+              response.exit_signal = data.read_string
+            end
+          end
+        end
+    end
+  end
+end

data/lib/ridley-connectors/host_connector/winrm/command_uploader.rb

@@ -0,0 +1,87 @@
+module Ridley
+  module HostConnector
+    class WinRM
+      # @example
+      #   command_uploader = CommandUploader.new(long_command, winrm)
+      #   command_uploader.upload
+      #   command_uploader.command
+      #
+      #   This class is used by WinRM Workers when the worker is told to execute a command that
+      #   might be too long for WinRM to handle.
+      #
+      #   After an instance of this class is created, the upload method will upload the long command
+      #   to the node being worked on in chunks. Once on the node, some Powershell code will decode
+      #   the long_command into a batch file. The command method will return a String representing the
+      #   command the worker will use to execute the uploaded batch script.
+      class CommandUploader
+        CHUNK_LIMIT = 1024
+
+        # @return [WinRM::WinRMWebService]
+        attr_reader :winrm
+        # @return [String]
+        attr_reader :base64_file_name
+        # @return [String]
+        attr_reader :command_file_name
+
+        # @param [WinRM::WinRMWebService] winrm
+        def initialize(winrm)
+          @winrm             = winrm
+          @base64_file_name  = get_file_path("winrm-upload-base64-#{unique_string}")
+          @command_file_name = get_file_path("winrm-upload-#{unique_string}.bat")
+        end
+
+        # Uploads the command encoded as base64 to a file on the host
+        # and then uses Powershell to transform the base64 file into the
+        # command that was originally passed through.
+        #
+        # @param [String] command_string
+        def upload(command_string)
+          upload_command(command_string)
+          convert_command
+        end
+
+        # @return [String] the command to execute the uploaded file
+        def command
+          "cmd.exe /C #{command_file_name}"
+        end
+
+        # Runs a delete command on the files generated by #base64_file_name
+        # and #command_file_name
+        def cleanup
+          winrm.run_cmd( "del #{base64_file_name} /F /Q" )
+          winrm.run_cmd( "del #{command_file_name} /F /Q" )
+        end
+
+        private
+
+          def upload_command(command_string)
+            command_string_chars(command_string).each_slice(CHUNK_LIMIT) do |chunk|
+              winrm.run_cmd( "echo #{chunk.join} >> \"#{base64_file_name}\"" )
+            end
+          end
+
+          def command_string_chars(command_string)
+            Base64.encode64(command_string).gsub("\n", '').chars.to_a
+          end
+
+          def convert_command
+            winrm.powershell <<-POWERSHELL
+              $base64_string = Get-Content \"#{base64_file_name}\"
+              $bytes  = [System.Convert]::FromBase64String($base64_string)
+              $new_file = [System.IO.Path]::GetFullPath(\"#{command_file_name}\")
+              [System.IO.File]::WriteAllBytes($new_file,$bytes)
+            POWERSHELL
+          end
+
+          def unique_string
+            @unique_string ||= "#{Process.pid}-#{Time.now.to_i}"
+          end
+
+          # @return [String]
+          def get_file_path(file)
+            (winrm.run_cmd("echo %TEMP%\\#{file}"))[:data][0][:stdout].chomp
+          end
+      end
+    end
+  end
+end

data/lib/ridley-connectors/host_connector/winrm.rb

@@ -0,0 +1,218 @@
+# Silencing warnings because not all versions of GSSAPI support all of the GSSAPI methods
+# the gssapi gem attempts to attach to and these warnings are dumped to STDERR.
+silence_warnings do
+  require 'winrm'
+end
+
+module Ridley
+  module HostConnector
+    class WinRM < HostConnector::Base
+      require_relative 'winrm/command_uploader'
+
+      DEFAULT_PORT                 = 5985
+      EMBEDDED_RUBY_PATH           = 'C:\opscode\chef\embedded\bin\ruby'.freeze
+      SESSION_TYPE_COMMAND_METHODS = {
+        powershell: :run_powershell_script,
+        cmd: :run_cmd
+      }.freeze
+
+      # Execute a shell command on a node
+      #
+      # @param [String] host
+      #   the host to perform the action on
+      # @param [String] command
+      #
+      # @option options [Symbol] :session_type (:cmd)
+      #   * :powershell - run the given command in a powershell session
+      #   * :cmd - run the given command in a cmd session
+      # @option options [Hash] :winrm
+      #   * :user (String) a user that will login to each node and perform the bootstrap command on
+      #   * :password (String) the password for the user that will perform the bootstrap (required)
+      #   * :port (Fixnum) the winrm port to connect on the node the bootstrap will be performed on (5985)
+      #
+      # @return [HostConnector::Response]
+      def run(host, command, options = {})
+        options = options.reverse_merge(winrm: Hash.new, session_type: :cmd)
+        options[:winrm].reverse_merge!(port: DEFAULT_PORT)
+
+        command_uploaders = Array.new
+        user              = options[:winrm][:user]
+        password          = options[:winrm][:password]
+        port              = options[:winrm][:port]
+        connection        = winrm(host, port, options[:winrm].slice(:user, :password))
+
+        unless command_method = SESSION_TYPE_COMMAND_METHODS[options[:session_type]]
+          raise RuntimeError, "unknown session type: #{options[:session_type]}. Known session types " +
+            "are: #{SESSION_TYPE_COMMAND_METHODS.keys}"
+        end
+
+        HostConnector::Response.new(host).tap do |response|
+          begin
+            command_uploaders << command_uploader = CommandUploader.new(connection)
+            command = get_command(command, command_uploader)
+
+            log.info "Running WinRM Command: '#{command}' on: '#{host}' as: '#{user}'"
+
+            defer {
+              output = connection.send(command_method, command) do |stdout, stderr|
+                if stdout && stdout.present?
+                  response.stdout += stdout
+                  log.info "[#{host}](WinRM) #{stdout}"
+                end
+
+                if stderr && stderr.present?
+                  response.stderr += stderr
+                  log.info "[#{host}](WinRM) #{stderr}"
+                end
+              end
+              response.exit_code = output[:exitcode]
+            }
+          rescue ::WinRM::WinRMHTTPTransportError => ex
+            response.exit_code = :transport_error
+            response.stderr    = ex.message
+          end
+
+          case response.exit_code
+          when 0
+            log.info "Successfully ran WinRM command on: '#{host}' as: '#{user}'"
+          when :transport_error
+            log.info "A transport error occured while attempting to run a WinRM command on: '#{host}' as: '#{user}'"
+          else
+            log.info "Successfully ran WinRM command on: '#{host}' as: '#{user}', but it failed"
+          end
+        end
+      ensure
+        begin
+          command_uploaders.map(&:cleanup)
+        rescue ::WinRM::WinRMHTTPTransportError => ex
+          log.info "Error cleaning up leftover Powershell scripts on some hosts"
+        end
+      end
+
+      # Returns the command if it does not break the WinRM command length
+      # limit. Otherwise, we return an execution of the command as a batch file.
+      #
+      # @param  command [String]
+      #
+      # @return [String]
+      def get_command(command, command_uploader)
+        if command.length < CommandUploader::CHUNK_LIMIT
+          command
+        else
+          log.debug "Detected a command that was longer than #{CommandUploader::CHUNK_LIMIT} characters. " +
+            "Uploading command as a file to the host."
+          command_uploader.upload(command)
+          command_uploader.command
+        end
+      end
+
+      # Bootstrap a node
+      #
+      # @param [String] host
+      #   the host to perform the action on
+      #
+      # @option options [Hash] :winrm
+      #   * :user (String) a user that will login to each node and perform the bootstrap command on
+      #   * :password (String) the password for the user that will perform the bootstrap (required)
+      #   * :port (Fixnum) the winrm port to connect on the node the bootstrap will be performed on (5985)
+      #
+      # @return [HostConnector::Response]
+      def bootstrap(host, options = {})
+        context = BootstrapContext::Windows.new(options)
+
+        log.info "Bootstrapping host: #{host}"
+        run(host, context.boot_command, options)
+      end
+
+      # Perform a chef client run on a node
+      #
+      # @param [String] host
+      #   the host to perform the action on
+      #
+      # @option options [Hash] :winrm
+      #   * :user (String) a user that will login to each node and perform the bootstrap command on
+      #   * :password (String) the password for the user that will perform the bootstrap (required)
+      #   * :port (Fixnum) the winrm port to connect on the node the bootstrap will be performed on (5985)
+      #
+      # @return [HostConnector::Response]
+      def chef_client(host, options = {})
+        run(host, "chef-client", options)
+      end
+
+      # Write your encrypted data bag secret on a node
+      #
+      # @param [String] host
+      #   the host to perform the action on
+      # @param [String] secret
+      #   your organization's encrypted data bag secret
+      #
+      # @option options [Hash] :winrm
+      #   * :user (String) a user that will login to each node and perform the bootstrap command on
+      #   * :password (String) the password for the user that will perform the bootstrap (required)
+      #   * :port (Fixnum) the winrm port to connect on the node the bootstrap will be performed on (5985)
+      #
+      # @return [HostConnector::Response]
+      def put_secret(host, secret, options = {})
+        command = "echo #{secret} > C:\\chef\\encrypted_data_bag_secret"
+        run(host, command, options)
+      end
+
+      # Execute line(s) of Ruby code on a node using Chef's embedded Ruby
+      #
+      # @param [String] host
+      #   the host to perform the action on
+      # @param [Array<String>] command_lines
+      #   An Array of lines of the command to be executed
+      #
+      # @option options [Hash] :winrm
+      #   * :user (String) a user that will login to each node and perform the bootstrap command on
+      #   * :password (String) the password for the user that will perform the bootstrap (required)
+      #   * :port (Fixnum) the winrm port to connect on the node the bootstrap will be performed on (5985)
+      #
+      # @return [HostConnector::Response]
+      def ruby_script(host, command_lines, options = {})
+        command = "#{EMBEDDED_RUBY_PATH} -e \"#{command_lines.join(';')}\""
+        run(host, command, options)
+      end
+
+      # Uninstall Chef from a node
+      #
+      # @param [String] host
+      #   the host to perform the action on
+      #
+      # @option options [Boolena] :skip_chef (false)
+      #   skip removal of the Chef package and the contents of the installation
+      #   directory. Setting this to true will only remove any data and configurations
+      #   generated by running Chef client.
+      # @option options [Hash] :winrm
+      #   * :user (String) a user that will login to each node and perform the bootstrap command on
+      #   * :password (String) the password for the user that will perform the bootstrap (required)
+      #   * :port (Fixnum) the winrm port to connect on the node the bootstrap will be performed on (5985)
+      #
+      # @return [HostConnector::Response]
+      def uninstall_chef(host, options = {})
+        options[:session_type] = :powershell
+        log.info "Uninstalling Chef from host: #{host}"
+        run(host, CommandContext::WindowsUninstall.command(options), options)
+      end
+
+      private
+
+        # @param [String] host
+        # @param [Integer] port
+        #
+        # @option options [String] :user
+        # @option options [String] :password
+        #
+        # @return [WinRM::WinRMWebService]
+        def winrm(host, port, options = {})
+          winrm_opts = { disable_sspi: true, basic_auth_only: true }
+          winrm_opts[:user] = options[:user]
+          winrm_opts[:pass] = options[:password]
+          client = ::WinRM::WinRMWebService.new("http://#{host}:#{port}/wsman", :plaintext, winrm_opts)
+          client.set_timeout(6000)
+          client
+        end
+    end
+  end
+end

data/lib/ridley-connectors/host_connector.rb

@@ -0,0 +1,83 @@
+module Ridley
+  module HostConnector
+    class Base
+      include Celluloid
+      include Ridley::Logging
+
+      # Execute a shell command on a node
+      #
+      # @param [String] host
+      #   the host to perform the action on
+      # @param [String] command
+      # @param [Hash] options
+      #
+      # @return [HostConnector::Response]
+      def run(host, command, options = {})
+        raise RuntimeError, "abstract function: must be implemented on includer"
+      end
+
+      # Bootstrap a node
+      #
+      # @param [String] host
+      #   the host to perform the action on
+      # @param [Hash] options
+      #
+      # @return [HostConnector::Response]
+      def bootstrap(host, options = {})
+        raise RuntimeError, "abstract function: must be implemented on includer"
+      end
+
+      # Perform a chef client run on a node
+      #
+      # @param [String] host
+      #   the host to perform the action on
+      # @param [Hash] options
+      #
+      # @return [HostConnector::Response]
+      def chef_client(host, options = {})
+        raise RuntimeError, "abstract function: must be implemented on includer"
+      end
+
+      # Write your encrypted data bag secret on a node
+      #
+      # @param [String] host
+      #   the host to perform the action on
+      # @param [String] secret
+      #   your organization's encrypted data bag secret
+      # @param [Hash] options
+      #
+      # @return [HostConnector::Response]
+      def put_secret(host, secret, options = {})
+        raise RuntimeError, "abstract function: must be implemented on includer"
+      end
+
+      # Execute line(s) of Ruby code on a node using Chef's embedded Ruby
+      #
+      # @param [String] host
+      #   the host to perform the action on
+      # @param [Array<String>] command_lines
+      #   An Array of lines of the command to be executed
+      # @param [Hash] options
+      #
+      # @return [HostConnector::Response]
+      def ruby_script(host, command_lines, options = {})
+        raise RuntimeError, "abstract function: must be implemented on includer"
+      end
+
+      # Uninstall Chef from a node
+      #
+      # @param [String] host
+      #   the host to perform the action on
+      # @param [Hash] options
+      #
+      # @return [HostConnector::Response]
+      def uninstall_chef(host, options = {})
+        raise RuntimeError, "abstract function: must be implemented on includer"
+      end
+    end
+
+    require_relative 'host_connector/response'
+    require_relative 'host_connector/ssh'
+    require_relative 'host_connector/winrm'
+  end
+end