rory-deploy 1.8.4.1

data/lib/centurion/docker_registry.rb

@@ -0,0 +1,89 @@
+require 'excon'
+require 'json'
+require 'uri'
+
+module Centurion; end
+
+class Centurion::DockerRegistry
+  OFFICIAL_URL = 'https://registry.hub.docker.com'
+
+  def initialize(base_uri, registry_user=nil, registry_password=nil)
+    @base_uri = base_uri
+    @user = registry_user
+    @password = registry_password
+  end
+
+  def digest_for_tag(repository, tag)
+    path = "/v1/repositories/#{repository}/tags/#{tag}"
+    uri = uri_for_repository_path(repository, path)
+    $stderr.puts "GET: #{uri}"
+    options = { headers: { "Content-Type" => "application/json" } }
+    if @user
+      options[:user] = @user
+      options[:password] = @password
+    end
+    response = Excon.get(
+      uri,
+      options
+    )
+    raise response.inspect unless response.status == 200
+
+    # This hack is stupid, and I hate it. But it works around the fact that
+    # the Docker Registry will return a base JSON String, which the Ruby parser
+    # refuses (possibly correctly) to handle
+    JSON.load('[' + response.body + ']').first
+  end
+
+  def repository_tags(repository)
+    path = "/v1/repositories/#{repository}/tags"
+    uri = uri_for_repository_path(repository, path)
+
+    $stderr.puts "GET: #{uri.inspect}"
+
+    # Need to workaround a bug in Docker Hub to now pass port in Host header
+    options = { omit_default_port: true }
+
+    if @user
+      options[:user] = @user
+      options[:password] = @password
+    end
+
+    response = Excon.get(uri, options)
+    raise response.inspect unless response.status == 200
+
+    tags = JSON.load(response.body)
+
+    # The Docker Registry API[1]  specifies a result in the format
+    # { "[tag]" : "[image_id]" }. However, the official Docker registry returns a
+    # result like [{ "layer": "[image_id]", "name": "[tag]" }].
+    #
+    # So, we need to normalize the response to what the Docker Registry API
+    # specifies should be returned.
+    #
+    # [1]: https://docs.docker.com/v1.1/reference/api/registry_api/
+
+    if is_official_registry?(repository)
+      tags.each_with_object({}) do |tag, hash|
+        hash[tag['name']] = tag['layer']
+      end
+    else
+      tags
+    end
+  end
+
+  private
+
+  def is_official_registry?(repository)
+    return @base_uri == OFFICIAL_URL
+  end
+
+  def uri_for_repository_path(repository, path)
+    if repository.match(/\A([a-z0-9]+[a-z0-9\-\.]+(?::[1-9][0-9]*)?)\/(.*)\z/)
+      host = $1
+      short_image_name = $2
+      "https://#{host}#{path.gsub(repository, short_image_name)}"
+    else
+      @base_uri + path
+    end
+  end
+end

data/lib/centurion/docker_server.rb

@@ -0,0 +1,79 @@
+require 'pty'
+require 'forwardable'
+
+require_relative 'logging'
+require_relative 'docker_via_api'
+require_relative 'docker_via_cli'
+
+module Centurion; end
+
+class Centurion::DockerServer
+  include Centurion::Logging
+  extend Forwardable
+
+  attr_reader :hostname, :port
+
+  def_delegators :docker_via_api, :create_container, :inspect_container,
+                 :inspect_image, :ps, :start_container, :stop_container,
+                 :remove_container, :restart_container
+  def_delegators :docker_via_cli, :pull, :tail, :attach, :exec, :exec_it
+
+  def initialize(host, docker_path, tls_params = {})
+    @docker_path = docker_path
+    @hostname, @port = host.split(':')
+    @port ||= '2375'
+    @tls_params = tls_params
+  end
+
+  def current_tags_for(image)
+    running_containers = ps.select { |c| c['Image'] =~ /#{image}/ }
+    return [] if running_containers.empty?
+
+    parse_image_tags_for(running_containers)
+  end
+
+  def find_containers_by_public_port(public_port, type='tcp')
+    ps.select do |container|
+      next unless container && container['Ports']
+      container['Ports'].find do |port|
+        port['PublicPort'] == public_port.to_i && port['Type'] == type
+      end
+    end
+  end
+
+  def find_containers_by_name(wanted_name)
+    ps.select do |container|
+      next unless container && container['Names']
+      container['Names'].find do |name|
+        name =~ /\A\/#{wanted_name}(-[a-f0-9]{14})?\Z/
+      end
+    end
+  end
+
+  def find_container_by_id(container_id)
+    ps.find { |container| container && container['Id'] == container_id }
+  end
+
+  def old_containers_for_name(wanted_name)
+    find_containers_by_name(wanted_name).select do |container|
+      container["Status"] =~ /^(Exit |Exited)/
+    end
+  end
+
+  private
+
+  def docker_via_api
+    @docker_via_api ||= Centurion::DockerViaApi.new(@hostname, @port,
+                                                    @tls_params, nil)
+  end
+
+  def docker_via_cli
+    @docker_via_cli ||= Centurion::DockerViaCli.new(@hostname, @port,
+                                                    @docker_path, @tls_params)
+  end
+
+  def parse_image_tags_for(running_containers)
+    running_container_names = running_containers.map { |c| c['Image'] }
+    running_container_names.map { |name| name.split(/:/).last } # (image, tag)
+  end
+end

data/lib/centurion/docker_server_group.rb

@@ -0,0 +1,33 @@
+require_relative 'docker_server'
+require_relative 'logging'
+
+module Centurion; end
+
+class Centurion::DockerServerGroup
+  include Enumerable
+  include Centurion::Logging
+
+  attr_reader :hosts
+
+  def initialize(hosts, docker_path, tls_params = {})
+    raise ArgumentError.new('Bad Host list!') if hosts.nil? || hosts.empty?
+    @hosts = hosts.map do |hostname|
+      Centurion::DockerServer.new(hostname, docker_path, tls_params)
+    end
+  end
+
+  def each(&block)
+    @hosts.each do |host|
+      info "----- Connecting to Docker on #{host.hostname} -----"
+      block.call(host)
+    end
+  end
+
+  def each_in_parallel(&block)
+    threads = @hosts.map do |host|
+      Thread.new { block.call(host) }
+    end
+
+    threads.each { |t| t.join }
+  end
+end

data/lib/centurion/docker_via_api.rb

@@ -0,0 +1,166 @@
+require 'excon'
+require 'json'
+require 'uri'
+require 'securerandom'
+
+module Centurion; end
+
+class Centurion::DockerViaApi
+  def initialize(hostname, port, tls_args = {}, api_version = nil)
+    @tls_args = default_tls_args(tls_args[:tls]).merge(tls_args.reject { |k, v| v.nil? }) # Required by tls_enable?
+    @base_uri = "http#{'s' if tls_enable?}://#{hostname}:#{port}"
+    api_version ||= "/v1.12"
+    @docker_api_version = api_version
+    configure_excon_globally
+  end
+
+  def ps(options={})
+    path = @docker_api_version + "/containers/json"
+    path += "?all=1" if options[:all]
+    response = Excon.get(@base_uri + path, tls_excon_arguments)
+
+    raise unless response.status == 200
+    JSON.load(response.body)
+  end
+
+  def inspect_image(image, tag = "latest")
+    repository = "#{image}:#{tag}"
+    path       = @docker_api_version + "/images/#{repository}/json"
+
+    response = Excon.get(
+      @base_uri + path,
+      tls_excon_arguments.merge(headers: {'Accept' => 'application/json'})
+    )
+    raise response.inspect unless response.status == 200
+    JSON.load(response.body)
+  end
+
+  def remove_container(container_id)
+    path = @docker_api_version + "/containers/#{container_id}"
+    response = Excon.delete(
+      @base_uri + path,
+      tls_excon_arguments
+    )
+    raise response.inspect unless response.status == 204
+    true
+  end
+
+  def stop_container(container_id, timeout = 30)
+    path = @docker_api_version + "/containers/#{container_id}/stop?t=#{timeout}"
+    response = Excon.post(
+      @base_uri + path,
+      tls_excon_arguments
+    )
+    raise response.inspect unless response.status == 204
+    true
+  end
+
+  def create_container(configuration, name = nil)
+    path = @docker_api_version + "/containers/create"
+    response = Excon.post(
+      @base_uri + path,
+      tls_excon_arguments.merge(
+        query: name ? {name: "#{name}-#{SecureRandom.hex(7)}"} : nil,
+        body: configuration.to_json,
+        headers: { "Content-Type" => "application/json" }
+      )
+    )
+    raise response.inspect unless response.status == 201
+    JSON.load(response.body)
+  end
+
+  def start_container(container_id, configuration)
+    path = @docker_api_version + "/containers/#{container_id}/start"
+    response = Excon.post(
+      @base_uri + path,
+      tls_excon_arguments.merge(
+        body: configuration.to_json,
+        headers: { "Content-Type" => "application/json" }
+      )
+    )
+    case response.status
+    when 204
+      true
+    when 500
+      fail "Failed to start container! \"#{response.body}\""
+    else
+      raise response.inspect
+    end
+  end
+
+  def restart_container(container_id, timeout = 30)
+    path = @docker_api_version + "/containers/#{container_id}/restart?t=#{timeout}"
+    response = Excon.post(
+      @base_uri + path,
+      tls_excon_arguments
+    )
+    case response.status
+    when 204
+      true
+    when 404
+      fail "Failed to start missing container! \"#{response.body}\""
+    when 500
+      fail "Failed to start existing container! \"#{response.body}\""
+    else
+      raise response.inspect
+    end
+  end
+
+  def inspect_container(container_id)
+    path = @docker_api_version + "/containers/#{container_id}/json"
+    response = Excon.get(
+      @base_uri + path,
+      tls_excon_arguments
+    )
+    raise response.inspect unless response.status == 200
+    JSON.load(response.body)
+  end
+
+  private
+
+  # use on result of inspect container, not on an item in a list
+  def container_listening_on_port?(container, port)
+    port_bindings = container['HostConfig']['PortBindings']
+    return false unless port_bindings
+
+    port_bindings.values.flatten.compact.any? do |port_binding|
+      port_binding['HostPort'].to_i == port.to_i
+    end
+  end
+
+  def tls_enable?
+    @tls_args.is_a?(Hash) && @tls_args.size > 0
+  end
+
+  def tls_excon_arguments
+    return {} unless [:tlscert, :tlskey].all? { |key| @tls_args.key?(key) }
+
+    {
+      client_cert: @tls_args[:tlscert],
+      client_key: @tls_args[:tlskey]
+    }
+  end
+
+  def configure_excon_globally
+    Excon.defaults[:connect_timeout] = 120
+    Excon.defaults[:read_timeout]    = 120
+    Excon.defaults[:write_timeout]   = 120
+    Excon.defaults[:debug_request]   = true
+    Excon.defaults[:debug_response]  = true
+    Excon.defaults[:nonblock]        = false
+    Excon.defaults[:tcp_nodelay]     = true
+    Excon.defaults[:ssl_ca_file]     = @tls_args[:tlscacert]
+  end
+
+  def default_tls_args(tls_enabled)
+    if tls_enabled
+      {
+          tlscacert: File.expand_path('~/.docker/ca.pem'),
+          tlscert: File.expand_path('~/.docker/cert.pem'),
+          tlskey: File.expand_path('~/.docker/key.pem')
+      }
+    else
+      {}
+    end
+  end
+end

data/lib/centurion/docker_via_cli.rb

@@ -0,0 +1,81 @@
+require 'pty'
+require_relative 'logging'
+require_relative 'shell'
+
+module Centurion; end
+
+class Centurion::DockerViaCli
+  include Centurion::Logging
+
+  def initialize(hostname, port, docker_path, tls_args = {})
+    @docker_host = "tcp://#{hostname}:#{port}"
+    @docker_path = docker_path
+    @tls_args = tls_args
+  end
+
+  def pull(image, tag='latest')
+    info 'Using CLI to pull'
+    Centurion::Shell.echo(build_command(:pull, "#{image}:#{tag}"))
+  end
+
+  def tail(container_id)
+    info "Tailing the logs on #{container_id}"
+    Centurion::Shell.echo(build_command(:logs, container_id))
+  end
+
+  def attach(container_id)
+    Centurion::Shell.echo(build_command(:attach, container_id))
+  end
+
+  def exec(container_id, commandline)
+    Centurion::Shell.echo(build_command(:exec, "#{container_id} #{commandline}"))
+  end
+
+  def exec_it(container_id, commandline)
+    # the "or true" on the command is to prevent an exception from Shell.validate_status
+    # because docker exec returns the same exit code as the latest command executed on
+    # the shell, which causes an exception to be raised if the latest comand executed
+    # was unsuccessful when you exit the shell.
+    Centurion::Shell.echo(build_command(:exec, "-it #{container_id} #{commandline} || true"))
+  end
+
+  private
+
+  def self.tls_keys
+    [:tlscacert, :tlscert, :tlskey]
+  end
+
+  def all_tls_path_available?
+    self.class.tls_keys.all? { |key| @tls_args.key?(key) }
+  end
+
+  def tls_parameters
+    return '' if @tls_args.nil? || @tls_args.empty?
+
+    tls_flags = ''
+
+    # --tlsverify can be set without passing the cacert, cert and key flags
+    if @tls_args[:tls] == true || all_tls_path_available?
+      tls_flags << ' --tlsverify'
+    end
+
+    self.class.tls_keys.each do |key|
+      tls_flags << " --#{key}=#{@tls_args[key]}" if @tls_args[key]
+    end
+
+    tls_flags
+  end
+
+  def build_command(action, destination)
+    command = "#{@docker_path} -H=#{@docker_host}"
+    command << tls_parameters
+    command << case action
+               when :pull then ' pull '
+               when :logs then ' logs -f '
+               when :attach then ' attach '
+               when :exec then ' exec '
+               end
+    command << destination
+    command
+  end
+end