sambot 0.1.158 → 0.1.159

data/lib/sambot/config.rb

@@ -8,7 +8,7 @@ module Sambot
 
         CONFIGURATION_FILENAME = '.config.yml'.freeze
 
-        def bump_version(path = nil)
+        def self.bump_version(path = nil)
           path ||= File.join(Dir.getwd, CONFIGURATION_FILENAME)
           config = YAML.load_file(path)
           version = config['version']
@@ -17,7 +17,11 @@ module Sambot
           config['version']
         end
 
-        def read(path = nil)
+        def initialize(opts)
+          @opts = opts
+        end
+
+        def self.read(path = nil)
           path ||= File.join(Dir.getwd, CONFIGURATION_FILENAME)
           raise ApplicationError, "The configuration file was not found at #{path}." unless File.exist?(path)
           config = YAML.load_file(path)
@@ -33,12 +37,63 @@ module Sambot
             end
             config['platforms'] = config['platform']
           end
-          config
+          Config.new(config)
+        end
+
+        def available_platforms
+          platforms = @opts[:platforms] if @opts.has_key?(:platforms)
+          platforms = @opts['platforms'] if @opts.has_key?('platforms')
+          platforms
+        end
+
+        def gems
+          @opts['gems'] || @opts[:gems] || []
+        end
+
+        def dependencies
+          items = @opts['dependencies'] || @opts[:dependencies]
+          items ? items.map { |x| transform_hashes(x) } : []
+        end
+
+        def dependencies=(value)
+          @opts['dependencies'] = @opts[:dependencies] = value
+        end
+
+        def transform_hashes(obj)
+          obj.is_a?(Hash) ? "#{obj.keys.first}', '#{obj.values.first}" : obj
+        end
+
+        def description
+           @opts['description'] || @opts[:description]
+        end
+
+        def identifier
+           @opts['identifier'] || @opts[:identifier]
+        end
+
+        def suites
+           @opts['suites'] || @opts[:suites]
+        end
+
+        def version
+           @opts['version'] || @opts[:version]
+        end
+
+        def name
+           @opts['name'] || @opts[:name]
+        end
+
+        def runs_on_centos?
+          available_platforms.include?('centos')
+        end
+
+        def runs_on_windows?
+          available_platforms.include?('windows')
         end
 
         private
 
-        def bump(version)
+        def self.bump(version)
           UI.debug("Old cookbook version: #{version}")
           version_info = Semantic::Version.new version
           new_version = "#{version_info.major}.#{version_info.minor}.#{version_info.patch + 1}"

data/lib/sambot/docs/bump.txt

@@ -0,0 +1 @@
+Nothing yet - please add to this!

data/lib/sambot/fs.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+require_relative 'base_command'
+
+module Sambot
+  class FS
+
+    def self.delete(filename)
+      return unless File.exist?(filename)
+      File.delete(filename)
+      UI.debug("./#{filename} has been removed.")
+    end
+
+    def self.exist?(resource)
+      File.exist?(resource) || Dir.exist?(resource)
+    end
+
+    def self.mkdir(resource)
+      unless FS.exist?(resource)
+        FileUtils.mkdir(resource)
+      end
+    end
+
+    def self.copy(resource)
+      unless FS.exist?(resource)
+        filename = File.expand_path(File.join(File.dirname(__FILE__), 'templates', resource))
+        UI.debug("Copying #{filename} to #{resource}")
+        FileUtils.cp_r(filename, resource)
+      end
+    end
+
+  end
+end

data/lib/sambot/runtime.rb

@@ -3,37 +3,21 @@
 require 'gems'
 
 module Sambot
-      module Runtime
+  module Runtime
 
-        def self.is_obsolete
-          latest_version = Gems.new.versions('sambot')[0]["number"]
-          Gem::Version.new(Sambot::VERSION) < Gem::Version.new(latest_version)
-        end
+    def self.is_obsolete
+      latest_version = Gems.new.versions('sambot')[0]["number"]
+      Gem::Version.new(Sambot::VERSION) < Gem::Version.new(latest_version)
+    end
 
-        def self.ensure_latest
-          latest_version = Gems.new.versions('sambot')[0]["number"]
-          UI.debug("Current version is #{Sambot::VERSION}")
-          UI.debug("Latest version is #{latest_version}")
-          if is_obsolete
-            UI.info('A newer version of this gem exists - please update the gem before continuing')
-          end
-        end
-
-        def self.sudo(command, flag_errors: true)
-          UI.warn("Running the command `sudo -S #{command}`")
-          output = ''
-          Open4::popen4("sudo -S #{command}") do |pid, stdin, stdout, stderr|
-            stdin.puts ENV['SAMBOT_SUDO_PASSWORD']
-            stdin.close
-            output = stdout.read
-            err = stderr.read
-            if flag_errors && err.strip.size > 0
-              UI.error(err)
-              exit -1
-            end
-          end
-          output
-        end
+    def self.ensure_latest
+      latest_version = Gems.new.versions('sambot')[0]["number"]
+      UI.debug("Current version is #{Sambot::VERSION}")
+      UI.debug("Latest version is #{latest_version}")
+      if is_obsolete
+        UI.info('A newer version of this gem exists - please update the gem before continuing')
+      end
+    end
 
   end
 end

data/lib/sambot/template.rb

@@ -14,15 +14,36 @@ module Sambot
     def evaluate(context = {}, opts = {})
       input = File.read(path)
       input = yield(input) if block_given?
-      puts opts
       eruby = Erubis::Eruby.new(input, opts)
       eruby.evaluate(context)
     end
 
+    def process(opts)
+      File.delete(opts[:dest]) if File.exist?(opts[:dest])
+      if opts[:eruby]
+        UI.debug("Parsing #{self.path} using Erubis")
+        self.write({}, opts[:dest])
+      else
+        FileUtils.cp(self.path, opts[:dest].to_s)
+      end
+      if File.executable?(self.path)
+        UI.debug("Making #{opts[:dest]} executable")
+        make_executable(opts[:dest])
+      end
+    end
+
     def write(ctx, dest)
       contents = evaluate(ctx)
       File.write(dest, contents)
     end
 
+    private
+
+    def make_executable(working_path)
+      current_mask = File.stat(self.path).mode
+      new_mask = current_mask | '0000000000000001'.to_i(2)
+      File.chmod(new_mask, working_path)
+    end
+
   end
 end

data/lib/sambot/templates/.config.yml.erb

@@ -1,22 +1,22 @@
 # The name of the role or wrapper cookbook. Should be of the form as-role-xxx if a role cookbook
 # and as-xxx if a wrapper cookbook.
-name: <%= @name %>
+name: <%= @config.name %>
 # The cookbook version. It will be added to the metadata.rb and needs to be incremented whenenver
 # a new cookbook version needs to be pushed to the Chef Server.
 version: 0.0.1
 # The different platforms on which this cookbook can run. This dictates the contents of the .kitchen files
 # and which files are generated for the cookbook. The values can be 'centos', 'windows' or both.
 platforms:
-<% @platforms.each do |platform| %>
+<% @config.available_platforms.each do |platform| %>
 - <%= platform %>
 <% end %>
-# An array of gems to be added to the metadata.rb file. 
+# An array of gems to be added to the metadata.rb file.
 gems:
 # The identifier used when generating instance names. Not yet implemented but in future, if the
 # identifier is OCTPS for example, a typical instance name would be OCTPS03-W8.
-identifier: <%= @identifier %>
+identifier: <%= @config.identifier %>
 # The description o fthe cookbook that will go into the metadata.rb.
-description: <%= @description %>
+description: <%= @config.description %>
 # The test suites that will be added to the .kitchen files.
 suites:
   - name: default
@@ -32,7 +32,7 @@ suites:
     # The structure above will run recipes aaa and bbb when running Test-Kitchen locally, and recipe aaa when
     # running Test-Kitchen in DEV environments i.e. GCP or Rackspace.
     run_list:
-      - recipe[<%= @name %>::default]
+      - recipe[<%= @config.name %>::default]
     # Custom attributes for the test. The following structure will be automatically added in the generated
     # Test-Kitchen files:
     #     attributes:
@@ -40,5 +40,5 @@ suites:
     attributes:
     verifier:
       inspec_tests:
-      - name: <%= @name %>-profile
+      - name: <%= @config.name %>-profile
         git: git@github.exacttarget.com:ads-chef-profiles/<%= @name %>-profile.git

data/lib/sambot/templates/Vagrantfile.erb

@@ -81,21 +81,23 @@ Vagrant.configure("2") do |c|
   <% end %>
 
   c.vm.synced_folder ".", "/vagrant", disabled: true
+
   <% config[:synced_folders].each do |source, destination, options| %>
     c.vm.synced_folder <%= source.inspect %>, <%= destination.inspect %>, <%= options %>
   <% end %>
 
   <% if config[:box] =~ /centos/ %>
-    c.vm.provision "shell", inline: "bash /vagrant/local_bootstrap.sh"
+    c.vm.provision "shell", inline: "bash /vagrant/bootstrap.sh"
   <% else %>
-    c.vm.provision "shell", inline: "powershell -ExecutionPolicy Bypass -File C:/Vagrant/local_bootstrap.ps1"
+    c.vm.provision "shell", inline: "powershell -ExecutionPolicy Bypass -File C:/Vagrant/bootstrap.ps1"
   <% end %>
 
   c.vm.provider "virtualbox" do |p|
     p.linked_clone = true
-    <% if config[:gui] == true || config[:gui] == false %>
-        p.gui = <%= config[:gui] %>
-    <% end %>
+  end
+
+  c.trigger.after :up do
+    run "service apache2 start"
   end
 
 end

data/lib/sambot/templates/{gcp_bootstrap.sh.erb → bootstrap_scripts/google/bootstrap.sh.erb}

@@ -3,7 +3,6 @@
 yum install -y unzip wget
 if [ ! -d /etc/vault ]; then mkdir /etc/vault; fi
 
-token=$(vault token-create -policy=nightswatch-ro -role=nightswatch-ro -wrap-ttl=72h | awk '/^wrapping_token:/ {print $2}')
 cat << EOF > /etc/vault/tokens.json
 {
     "vault-addr": "<%= ENV['GCP_VAULT_ADDR'] %>",

data/lib/sambot/templates/bootstrap_scripts/local/sidecar_vault/bootstrap.ps1.erb

@@ -0,0 +1,33 @@
+$env:VAULT_ADDR="http://127.0.0.1:8200"
+$env:VAULT_TOKEN="root"
+
+Add-Type -AssemblyName "System.IO.Compression.FileSystem"
+[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
+
+New-Item 'C:\Program Files\vault' -ItemType Directory -Force
+$wc = New-Object System.Net.WebClient
+$url = "https://releases.hashicorp.com/vault/0.6.5/vault_0.6.5_windows_amd64.zip"
+$output = "C:\Program Files\vault"
+$zipfile = "$output\$($url.Split('/')[-1])"
+$wc.DownloadFile($url, "$zipfile")
+[System.IO.Compression.ZipFile]::ExtractToDirectory($zipfile, $output)
+
+$url = "https://storage.googleapis.com/ads-devops-chef/as-vault-tool/1.0.2/windows_amd64.zip"
+$zipfile = "$output\$($url.Split('/')[-1])"
+$wc.DownloadFile($url, $zipfile)
+[System.IO.Compression.ZipFile]::ExtractToDirectory($zipfile, $output)
+
+$token = ($(& "$output\vault" token-create -policy=nightswatch-ro -role=nightswatch-ro -wrap-ttl=72h) -match '^wrapping_token:').Split(' ')[-1].Trim()
+$json = @"
+{
+    "vault-addr": "$env:VAULT_ADDR",
+    "skip-verify": true,
+    "wrapped": "$token",
+    "access": ""
+}
+"@
+
+New-Item 'C:\ProgramData\vault' -ItemType Directory -Force
+Set-Content -Path 'C:\ProgramData\vault\tokens.json' -Value $json
+
+& "$output\as-vault-tool" tokenrenew

data/lib/sambot/templates/bootstrap_scripts/local/sidecar_vault/bootstrap.sh.erb

@@ -0,0 +1,34 @@
+#!/bin/bash -e
+
+## Download and install Hashicorp Vault
+sudo yum install -y unzip wget
+wget "https://releases.hashicorp.com/vault/0.6.5/vault_0.6.5_linux_amd64.zip"
+unzip vault_0.6.5_linux_amd64.zip -d /usr/bin
+sudo mkdir /etc/vault
+
+## Launch the Vault Server in Development mode
+export VAULT_ADDR="http://127.0.0.1:8200"
+export VAULT_TOKEN="root"
+vault server -dev -dev-root-token-id=${VAULT_TOKEN} -dev-listen-address=0.0.0.0:8200 < /dev/null &> /dev/null &
+
+## Create the addressing file so that Chef and other applicatons can access the Vault server
+cat << EOF > /etc/vault/tokens.json
+{
+    "vault-addr": "${VAULT_ADDR}",
+    "skip-verify": true,
+    "wrapped": "",
+    "access": "root"
+}
+EOF
+
+## Install Ruby
+sudo yum install -y ruby
+
+## Create the script to populate Vault from the secrets file
+gem install vault
+cat << EOF > /tmp/populate_secrets.rb
+require
+EOF
+
+## Populate Vault
+ruby /tmp/populate_secrets.rb

data/lib/sambot/templates/local/vault/helper.rb

@@ -0,0 +1,11 @@
+require 'yaml'
+require 'vault'
+
+config =  File.expand_path(File.join(File.dirname(__FILE__),'../.secrets.yml'))
+secrets = YAML.load(File.read(config))
+secrets.each do |secret|
+  data = secret["contents"]
+  data = File.read() if data.start_with?('file::')
+  Vault.logical.write(secret["path"], value: secret["contents"])
+  puts "Updated the secret located at #{secret['path']}"
+end

data/lib/sambot/templates/spec/spec_helper.rb

@@ -0,0 +1,2 @@
+require 'chefspec'
+require 'chefspec/berkshelf'

data/lib/sambot/templates/{.kitchen.yml.erb → test_kitchen/local.yml.erb}

@@ -15,7 +15,7 @@ provisioner:
 
 platforms:
 <!--% if @platforms.include?('centos') %-->
-  - name: "centos-7.2"
+  - name: centos
     driver:
      network:
       - ["private_network", {ip: "192.168.255.10"}]
@@ -23,7 +23,7 @@ platforms:
 <!--% if @platforms.include?('windows') %-->
   - name: windows-2012R2
     driver:
-      box: salesforce/Server2012R2
+      box: sfadstudio/Server2012R2
       network:
        - ["private_network", {ip: "192.168.255.11"}]
     transport:

data/lib/sambot/templates/{.kitchen.rackspace.yml.erb → test_kitchen/rackspace.yml.erb}

@@ -22,7 +22,7 @@ platforms:
       flavor_id: 6
       public_key_path: ./id_rsa.pub
       rackspace_region: 'lon'
-      server_name: @@cookbook_name@@-_@ Time.now.to_i @_
+      server_name: <!--%= @name %-->-<%= Time.now.to_i %>
 <!--% end %-->
 <!--% if @platforms.include?('windows') %-->
   - name: windows
@@ -30,10 +30,10 @@ platforms:
       name: rax
       log_level: info
       wait_for: 3600
-      use_private_ip: _@= ENV['IN_CI_PIPELINE'] @_
-      rackspace_username: _@= ENV['RACKSPACE_USERNAME'] @_
-      rackspace_api_key: _@= ENV['RACKSPACE_API_KEY'] @_
-      network: _@= ENV['NETWORK'] || 'public' @_
+      use_private_ip: <%= ENV['IN_CI_PIPELINE'] %>
+      rackspace_username: <%= ENV['RACKSPACE_USERNAME'] %>
+      rackspace_api_key: <%= ENV['RACKSPACE_API_KEY'] %>
+      network: <%= ENV['NETWORK'] || 'public' %>
       image_id: 8bfada8f-9917-46dd-aa82-be533d5279fa
       flavor_id: general1-4
       rackspace_region: LON