sambot 0.1.133 → 0.1.136
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/sambot/chef/generator.rb +3 -1
- data/lib/sambot/chef/kitchen.rb +1 -1
- data/lib/sambot/cli.rb +0 -12
- data/lib/sambot/rackspace/images.rb +1 -1
- data/lib/sambot/template.rb +3 -2
- data/lib/sambot/templates/.kitchen.gcp.yml.erb +4 -5
- data/lib/sambot/templates/.kitchen.rackspace.yml.erb +5 -5
- data/lib/sambot/templates/.kitchen.yml.erb +4 -4
- data/lib/sambot/version.rb +1 -1
- data/lib/sambot/workflow/workstation.rb +0 -1
- data/lib/sambot.rb +0 -15
- metadata +2 -8
- data/lib/sambot/dns/records.rb +0 -98
- data/lib/sambot/dns/repository.rb +0 -51
- data/lib/sambot/workflow/proxy.rb +0 -35
- data/lib/sambot/workflow/session.rb +0 -111
- data/lib/sambot/workflow/tunnel.rb +0 -15
- data/lib/sambot/workflow/tunnels.rb +0 -40
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6021e47fdeb14f7d2ee79b256a8fbb1f011c84aa
|
4
|
+
data.tar.gz: d1ed6d2ea608e4d2c286e3377caafd303b1c46d3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 1f0f44f6c2463845aca95ee0d07a82a7fadacec412cdea183d264e8c6918c122c34b37b0ca5350af0566d5432bf5e2a856b12baa385635bb3536ec9e1d11516e
|
7
|
+
data.tar.gz: 5fd140e6e19c2cc2279249010d3d9d9f3c6de97731559e392afa2c50f9f954abd4341a99507d66ffabc1986f1c6fdd9b0bd8d64c32f775ebe5386be2d5b8e700
|
@@ -1,11 +1,13 @@
|
|
1
1
|
#frozen_string_literal: true
|
2
|
+
require 'awesome_print'
|
2
3
|
|
3
4
|
module Sambot
|
4
5
|
module Chef
|
5
6
|
class Generator
|
6
7
|
|
7
8
|
def self.from_templates(config, cookbook_essentials, cookbook_generated_files)
|
8
|
-
platforms = config[
|
9
|
+
platforms = config[:platforms] if config.has_key?(:platforms)
|
10
|
+
platforms = config['platforms'] if config.has_key?('platforms')
|
9
11
|
cookbook_essentials.each { |path| exists!(path) } if cookbook_essentials
|
10
12
|
cookbook_generated_files.each do |template_name, opts|
|
11
13
|
generate_from_template(template_name.to_s, opts, platforms)
|
data/lib/sambot/chef/kitchen.rb
CHANGED
@@ -55,7 +55,7 @@ module Sambot
|
|
55
55
|
end
|
56
56
|
|
57
57
|
def read_template(template, cookbook_name, platforms)
|
58
|
-
result = Template.new("#{template}.erb").evaluate({platforms: platforms}) do |contents|
|
58
|
+
result = Template.new("#{template}.erb").evaluate({platforms: platforms}, {:pattern => '<!--% %-->'}) do |contents|
|
59
59
|
contents.gsub(/@@cookbook_name@@/, cookbook_name)
|
60
60
|
end
|
61
61
|
YAML.load(result.gsub(/\_@/, '<%=').gsub(/@\_/, '%>'))
|
data/lib/sambot/cli.rb
CHANGED
@@ -46,17 +46,5 @@ module Sambot
|
|
46
46
|
end
|
47
47
|
end
|
48
48
|
|
49
|
-
desc 'start', 'Start a new Sambot session'
|
50
|
-
def start
|
51
|
-
execute(need_dev_credentials: true, need_sudo_password: true) do
|
52
|
-
Workflow::Session.new.start(ENV['SAMBOT_DEV_USERNAME'], ENV['SAMBOT_DEV_PASSWORD'], ENV['SAMBOT_SUDO_PASSWORD'])
|
53
|
-
end
|
54
|
-
end
|
55
|
-
|
56
|
-
desc 'stop', 'Stop any active Sambot session'
|
57
|
-
def stop
|
58
|
-
execute(need_sudo_password: true) { Workflow::Session.new.stop }
|
59
|
-
end
|
60
|
-
|
61
49
|
end
|
62
50
|
end
|
data/lib/sambot/template.rb
CHANGED
@@ -11,10 +11,11 @@ module Sambot
|
|
11
11
|
File.expand_path(File.join(File.dirname(__FILE__), 'templates', @filename))
|
12
12
|
end
|
13
13
|
|
14
|
-
def evaluate(context = {})
|
14
|
+
def evaluate(context = {}, opts = {})
|
15
15
|
input = File.read(path)
|
16
16
|
input = yield(input) if block_given?
|
17
|
-
|
17
|
+
puts opts
|
18
|
+
eruby = Erubis::Eruby.new(input, opts)
|
18
19
|
eruby.evaluate(context)
|
19
20
|
end
|
20
21
|
|
@@ -5,9 +5,8 @@ provisioner:
|
|
5
5
|
require_chef_omnibus: 12
|
6
6
|
cookbooks_path:
|
7
7
|
- .
|
8
|
-
|
9
8
|
platforms:
|
10
|
-
|
9
|
+
<!--% if @platforms.include?('centos') %-->
|
11
10
|
- name: centos
|
12
11
|
transport:
|
13
12
|
username: chefuser
|
@@ -34,8 +33,8 @@ platforms:
|
|
34
33
|
- "test-kitchen"
|
35
34
|
- "consul-agent"
|
36
35
|
- "vault-client"
|
37
|
-
|
38
|
-
|
36
|
+
<!--% end %-->
|
37
|
+
<!--% if @platforms.include?('windows') %-->
|
39
38
|
- name: windows
|
40
39
|
transport:
|
41
40
|
name: winrm
|
@@ -65,7 +64,7 @@ platforms:
|
|
65
64
|
- "test-kitchen"
|
66
65
|
- "consul-agent"
|
67
66
|
- "vault-client"
|
68
|
-
|
67
|
+
<!--% end %-->
|
69
68
|
|
70
69
|
verifier:
|
71
70
|
name: inspec
|
@@ -1,13 +1,13 @@
|
|
1
1
|
---
|
2
2
|
provisioner:
|
3
3
|
name: chef_zero
|
4
|
-
log_level:
|
4
|
+
log_level: <%= ENV['TEST_KITCHEN_LOG_LEVEL'] || 'info' %>
|
5
5
|
require_chef_omnibus: 12
|
6
6
|
cookbooks_path:
|
7
7
|
- .
|
8
8
|
|
9
9
|
platforms:
|
10
|
-
|
10
|
+
<!--% if @platforms.include?('centos') %-->
|
11
11
|
- name: centos
|
12
12
|
transport:
|
13
13
|
ssh_key: ./id_rsa
|
@@ -23,8 +23,8 @@ platforms:
|
|
23
23
|
public_key_path: ./id_rsa.pub
|
24
24
|
rackspace_region: 'lon'
|
25
25
|
server_name: @@cookbook_name@@-_@ Time.now.to_i @_
|
26
|
-
|
27
|
-
|
26
|
+
<!--% end %-->
|
27
|
+
<!--% if @platforms.include?('windows') %-->
|
28
28
|
- name: windows
|
29
29
|
driver:
|
30
30
|
name: rax
|
@@ -40,7 +40,7 @@ platforms:
|
|
40
40
|
rackconnect_wait: true
|
41
41
|
platform: windows
|
42
42
|
user_data: winrm_config
|
43
|
-
|
43
|
+
<!--% end %-->
|
44
44
|
|
45
45
|
verifier:
|
46
46
|
name: inspec
|
@@ -14,13 +14,13 @@ provisioner:
|
|
14
14
|
- .
|
15
15
|
|
16
16
|
platforms:
|
17
|
-
|
17
|
+
<!--% if @platforms.include?('centos') %-->
|
18
18
|
- name: "centos-7.2"
|
19
19
|
driver:
|
20
20
|
network:
|
21
21
|
- ["private_network", {ip: "192.168.255.10"}]
|
22
|
-
|
23
|
-
|
22
|
+
<!--% end %-->
|
23
|
+
<!--% if @platforms.include?('windows') %-->
|
24
24
|
- name: windows-2012R2
|
25
25
|
driver:
|
26
26
|
box: salesforce/Server2012R2
|
@@ -29,7 +29,7 @@ platforms:
|
|
29
29
|
transport:
|
30
30
|
name: winrm
|
31
31
|
elevated: true
|
32
|
-
|
32
|
+
<!--% end %-->
|
33
33
|
|
34
34
|
verifier:
|
35
35
|
name: inspec
|
data/lib/sambot/version.rb
CHANGED
data/lib/sambot.rb
CHANGED
@@ -19,25 +19,10 @@ require_relative 'sambot/rackspace/flavors'
|
|
19
19
|
require_relative 'sambot/rackspace/images'
|
20
20
|
require_relative 'sambot/rackspace/instances'
|
21
21
|
|
22
|
-
require_relative 'sambot/dns/records'
|
23
|
-
require_relative 'sambot/dns/repository'
|
24
|
-
|
25
|
-
require_relative 'sambot/workflow/tunnel'
|
26
|
-
require_relative 'sambot/workflow/tunnels'
|
27
22
|
require_relative 'sambot/workflow/brew'
|
28
|
-
require_relative 'sambot/workflow/proxy'
|
29
|
-
require_relative 'sambot/workflow/dns'
|
30
|
-
require_relative 'sambot/workflow/session'
|
31
23
|
require_relative 'sambot/workflow/vault'
|
32
24
|
require_relative 'sambot/workflow/workstation'
|
33
25
|
|
34
|
-
#require_relative 'sambot/slack/product_tag'
|
35
|
-
#require_relative 'sambot/slack/work_item'
|
36
|
-
#require_relative 'sambot/slack/api'
|
37
|
-
#require_relative 'sambot/slack/formatter'
|
38
|
-
#require_relative 'sambot/slack/gus_bot'
|
39
|
-
#require_relative 'sambot/slack/dispatcher'
|
40
|
-
|
41
26
|
require_relative 'sambot/cli'
|
42
27
|
|
43
28
|
module Sambot
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sambot
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.136
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Olivier Kouame
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-07-
|
11
|
+
date: 2017-07-05 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: thor-hollaback
|
@@ -453,8 +453,6 @@ files:
|
|
453
453
|
- lib/sambot/cli.rb
|
454
454
|
- lib/sambot/commands/cookbook_cmd.rb
|
455
455
|
- lib/sambot/config.rb
|
456
|
-
- lib/sambot/dns/records.rb
|
457
|
-
- lib/sambot/dns/repository.rb
|
458
456
|
- lib/sambot/docs/build.txt
|
459
457
|
- lib/sambot/docs/clean.txt
|
460
458
|
- lib/sambot/docs/configure.txt
|
@@ -495,10 +493,6 @@ files:
|
|
495
493
|
- lib/sambot/version.rb
|
496
494
|
- lib/sambot/workflow/brew.rb
|
497
495
|
- lib/sambot/workflow/dns.rb
|
498
|
-
- lib/sambot/workflow/proxy.rb
|
499
|
-
- lib/sambot/workflow/session.rb
|
500
|
-
- lib/sambot/workflow/tunnel.rb
|
501
|
-
- lib/sambot/workflow/tunnels.rb
|
502
496
|
- lib/sambot/workflow/vault.rb
|
503
497
|
- lib/sambot/workflow/workstation.rb
|
504
498
|
- sambot.gemspec
|
data/lib/sambot/dns/records.rb
DELETED
@@ -1,98 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
module Sambot
|
4
|
-
module DNS
|
5
|
-
class Records
|
6
|
-
|
7
|
-
RACKSPACE_PROXY_IP = '134.213.17.37'
|
8
|
-
DEFAULT_TF_FILENAME = 'dyn_dns.tf'
|
9
|
-
|
10
|
-
def initialize(repository)
|
11
|
-
@repository = repository
|
12
|
-
end
|
13
|
-
|
14
|
-
def remove(hostname, team, commit_changes = false)
|
15
|
-
change(team, hostname, commit_changes) do |contents|
|
16
|
-
if contents['module'].key?(hostname)
|
17
|
-
contents['module'].delete(hostname)
|
18
|
-
UI.debug("The entry \"#{hostname}\" has been deleted.")
|
19
|
-
else
|
20
|
-
UI.debug("The entry \"#{hostname}\" was not found.")
|
21
|
-
end
|
22
|
-
end
|
23
|
-
end
|
24
|
-
|
25
|
-
def add(hostname, internal_address, team, commit_changes = false)
|
26
|
-
change(team, hostname, commit_changes) do |contents|
|
27
|
-
if contents['module'].key?(hostname)
|
28
|
-
UI.debug("The entry for \"<#{hostname}>\" will be overwritten.")
|
29
|
-
else
|
30
|
-
UI.debug("A new entry for \"<#{hostname}>\" will be added.")
|
31
|
-
end
|
32
|
-
contents['module'][hostname] = {
|
33
|
-
'source' => '../../modules/combined_dns',
|
34
|
-
'dnszone' => 'brighter.io',
|
35
|
-
'name' => hostname,
|
36
|
-
'enable-int' => '1',
|
37
|
-
'int-value' => internal_address,
|
38
|
-
'int-type' => 'A',
|
39
|
-
'enable-ext' => '1',
|
40
|
-
'ext-value' => RACKSPACE_PROXY_IP,
|
41
|
-
'ext-type' => 'A'
|
42
|
-
}
|
43
|
-
end
|
44
|
-
end
|
45
|
-
|
46
|
-
private
|
47
|
-
|
48
|
-
def change(team, hostname, commit_changes = false)
|
49
|
-
@repository.clone do |directory|
|
50
|
-
folder = shared_hostname?(hostname) ? find_shared_folder(hostname) : find_team_name(team)
|
51
|
-
containing_folder = File.join(directory, folder)
|
52
|
-
UI.debug("Modifying DNS records in the folder #{containing_folder}")
|
53
|
-
Dir.chdir(containing_folder) do
|
54
|
-
contents = Rhcl.parse(File.read(DEFAULT_TF_FILENAME))
|
55
|
-
yield contents
|
56
|
-
open(DEFAULT_TF_FILENAME, 'w') do |f|
|
57
|
-
f << Rhcl.dump(contents)
|
58
|
-
end
|
59
|
-
if commit_changes
|
60
|
-
commit_msg = "DNS update for hostname #{hostname}"
|
61
|
-
`commit -am #{commit_msg}`
|
62
|
-
`git push`
|
63
|
-
end
|
64
|
-
end
|
65
|
-
end
|
66
|
-
end
|
67
|
-
|
68
|
-
def find_shared_folder(name)
|
69
|
-
folder = name.split('-')[0]
|
70
|
-
UI.debug('This record is a shared entry so will go into the shared folder ' + folder + '.')
|
71
|
-
folder
|
72
|
-
end
|
73
|
-
|
74
|
-
def shared_hostname?(name)
|
75
|
-
name.start_with?('patch', 'stable', 'unstable')
|
76
|
-
end
|
77
|
-
|
78
|
-
def find_team_name(name)
|
79
|
-
UI.debug('This record is a team-specifc entry so will go into the team folder.')
|
80
|
-
raise ApplicationError, 'A team name (symbol i.e. PHX) must be provided if this is not a record for a shared endpoint i.e. patch-api or stable-jetstream.' unless name
|
81
|
-
sanitized_name = name.upcase
|
82
|
-
case sanitized_name
|
83
|
-
when 'PHX'
|
84
|
-
'phx'
|
85
|
-
when 'AVG'
|
86
|
-
'avengers'
|
87
|
-
when 'GD'
|
88
|
-
'guardians'
|
89
|
-
when 'NW'
|
90
|
-
'nightswatch'
|
91
|
-
else
|
92
|
-
raise ApplicationError, 'Unknown team name, should be PHX, AVG, GD or NW'
|
93
|
-
end
|
94
|
-
end
|
95
|
-
|
96
|
-
end
|
97
|
-
end
|
98
|
-
end
|
@@ -1,51 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'rhcl'
|
4
|
-
|
5
|
-
module Sambot
|
6
|
-
module DNS
|
7
|
-
class Repository
|
8
|
-
|
9
|
-
def initialize(url = 'git@github.exacttarget.com:ads-devops/as-terraform-dns-config.git', name = 'as-terraform-dns-config')
|
10
|
-
@url = url
|
11
|
-
@name = name
|
12
|
-
end
|
13
|
-
|
14
|
-
def records
|
15
|
-
Records.new(self)
|
16
|
-
end
|
17
|
-
|
18
|
-
def list_records
|
19
|
-
records = []
|
20
|
-
clone do |directory|
|
21
|
-
records << ['Module', 'Hostname', 'Enable Internal IP', 'Enable External IP', 'External IP', 'Internal IP']
|
22
|
-
Dir['*'].each do |folder|
|
23
|
-
filename = File.join(directory, "#{folder}/dyn_dns.tf")
|
24
|
-
contents = Rhcl.parse(File.read(filename))
|
25
|
-
modules = contents['module']
|
26
|
-
modules.each do |section|
|
27
|
-
record = section[1]
|
28
|
-
next unless record['int-type'] == 'A' || record['ext-type'] == 'A'
|
29
|
-
records << [folder, record['name'], record['enable-int'], record['enable-ext'], record['ext-value'], record['int-value']]
|
30
|
-
end
|
31
|
-
end
|
32
|
-
end
|
33
|
-
records
|
34
|
-
end
|
35
|
-
|
36
|
-
def clone
|
37
|
-
tmp = Dir.mktmpdir
|
38
|
-
Dir.chdir(tmp) do
|
39
|
-
`git clone #{@url} #{@name}`
|
40
|
-
repo = File.join(tmp, @name, 'rackspace')
|
41
|
-
puts repo
|
42
|
-
Dir.chdir(repo) do
|
43
|
-
`git checkout master`
|
44
|
-
yield(repo)
|
45
|
-
end
|
46
|
-
end
|
47
|
-
end
|
48
|
-
|
49
|
-
end
|
50
|
-
end
|
51
|
-
end
|
@@ -1,35 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
module Sambot
|
4
|
-
module Workflow
|
5
|
-
class Proxy
|
6
|
-
|
7
|
-
CONFIG_PATH = '/tmp/haproxy.conf'
|
8
|
-
|
9
|
-
def self.start(forwards)
|
10
|
-
template = Sambot::Template.new('haproxy.conf.erb')
|
11
|
-
services = forwards.map do |key, value|
|
12
|
-
name = key.to_s.split('.')[0]
|
13
|
-
UI.debug("Proxying #{name}.brighter.io:#{value[:proxy_port]} to 0.0.0.0:#{value[:tunnel_port]}")
|
14
|
-
{
|
15
|
-
name: name,
|
16
|
-
tunnel_port: value[:tunnel_port],
|
17
|
-
local_port: value[:proxy_port]
|
18
|
-
}
|
19
|
-
end
|
20
|
-
frontends = {}
|
21
|
-
services.map {|x| x[:local_port]}.uniq.each { |a| frontends[a] = [] }
|
22
|
-
services.each do |service|
|
23
|
-
frontends[service[:local_port]] << service
|
24
|
-
end
|
25
|
-
template.write({frontends: frontends}, CONFIG_PATH)
|
26
|
-
Runtime.sudo("haproxy -f #{CONFIG_PATH}", flag_errors: true)
|
27
|
-
end
|
28
|
-
|
29
|
-
def self.stop
|
30
|
-
Runtime.sudo("killall haproxy", flag_errors: false)
|
31
|
-
end
|
32
|
-
|
33
|
-
end
|
34
|
-
end
|
35
|
-
end
|
@@ -1,111 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
require 'titan'
|
3
|
-
require 'net/ssh'
|
4
|
-
require 'dante'
|
5
|
-
require 'haproxy-tools'
|
6
|
-
|
7
|
-
module Dante
|
8
|
-
class Runner
|
9
|
-
def log(message)
|
10
|
-
Sambot::UI.info message
|
11
|
-
end
|
12
|
-
end
|
13
|
-
end
|
14
|
-
|
15
|
-
module Sambot
|
16
|
-
module Workflow
|
17
|
-
class Session
|
18
|
-
|
19
|
-
BASTION_HOST_IP = '146.177.10.174'
|
20
|
-
|
21
|
-
FORWARDS = {
|
22
|
-
'rundeck.brighter.io': {
|
23
|
-
tunnel_port: 9004, dest_port: 4440, proxy_port: 443
|
24
|
-
},
|
25
|
-
'chef.brighter.io': {
|
26
|
-
tunnel_port: 9000, dest_port: 443, proxy_port: 443
|
27
|
-
},
|
28
|
-
'teamcity.brighter.io': {
|
29
|
-
tunnel_port: 9001, dest_port: 8111, proxy_port: 443
|
30
|
-
},
|
31
|
-
'splunk.brighter.io': {
|
32
|
-
tunnel_port: 9002, dest_port: 8080, proxy_port: 443
|
33
|
-
},
|
34
|
-
'vault.brighter.io': {
|
35
|
-
tunnel_port: 9003, dest_port: 8200, proxy_port: 8200
|
36
|
-
}
|
37
|
-
}
|
38
|
-
|
39
|
-
def start(user, pass, sudo_password)
|
40
|
-
stop
|
41
|
-
unless verify_credentials(user, pass)
|
42
|
-
UI.error 'The session could not be started'
|
43
|
-
exit
|
44
|
-
end
|
45
|
-
DNS.update_hosts(FORWARDS)
|
46
|
-
Proxy.start(FORWARDS)
|
47
|
-
Runtime.sudo("ifconfig lo0 -alias 127.0.0.1")
|
48
|
-
Runtime.sudo("ifconfig lo0 alias 127.0.0.1 up")
|
49
|
-
Tunnels.start(user, pass, BASTION_HOST_IP, FORWARDS)
|
50
|
-
run_connectivity_checks()
|
51
|
-
setup_secrets_management(user, pass)
|
52
|
-
UI.info("Your session has now started - run `sambot session stop` to close it")
|
53
|
-
end
|
54
|
-
|
55
|
-
def stop
|
56
|
-
Tunnels.stop(FORWARDS)
|
57
|
-
DNS.reset_hosts(FORWARDS)
|
58
|
-
Proxy.stop
|
59
|
-
release_ports(FORWARDS)
|
60
|
-
end
|
61
|
-
|
62
|
-
private
|
63
|
-
|
64
|
-
|
65
|
-
def release_ports(forwards)
|
66
|
-
forwards.each do |k, v|
|
67
|
-
output = Runtime.sudo("lsof -wni tcp:#{v[:tunnel_port]}", flag_errors: true)
|
68
|
-
if output.strip.size > 0
|
69
|
-
line = output.strip.lines[1]
|
70
|
-
pid = line.split[1]
|
71
|
-
UI.debug(line)
|
72
|
-
Runtime.sudo("kill -9 #{pid}")
|
73
|
-
end
|
74
|
-
end
|
75
|
-
#TODO RELEASE PROXY PORTS
|
76
|
-
end
|
77
|
-
|
78
|
-
def verify_credentials(username, password)
|
79
|
-
full_username = "DEV\\#{username}"
|
80
|
-
begin
|
81
|
-
Net::SSH.start(BASTION_HOST_IP, full_username, :password => password, :non_interactive => true) do |ssh|; end
|
82
|
-
return true
|
83
|
-
rescue Timeout::Error
|
84
|
-
puts " Timed out"
|
85
|
-
rescue Errno::EHOSTUNREACH
|
86
|
-
puts " Host unreachable"
|
87
|
-
rescue Errno::ECONNREFUSED
|
88
|
-
puts " Connection refused"
|
89
|
-
rescue Net::SSH::Disconnect
|
90
|
-
UI.error "Invalid username or password provided"
|
91
|
-
end
|
92
|
-
return false
|
93
|
-
end
|
94
|
-
|
95
|
-
def run_connectivity_checks
|
96
|
-
#TODO
|
97
|
-
end
|
98
|
-
|
99
|
-
def setup_secrets_management(username, password)
|
100
|
-
unless Vault.has_environment_variables?(FORWARDS)
|
101
|
-
UI.info("You have either not configured your workstation or you have not opened up a new shell to pick up the changes applied during configuration")
|
102
|
-
end
|
103
|
-
UI.debug "Authenticating with Hashicorp Vault in Rackspace DEV/QE"
|
104
|
-
token = Vault.authenticate(username, password, FORWARDS)
|
105
|
-
UI.debug "Saving your Vault authentication token to ~/.vault-token"
|
106
|
-
Vault.save_token(token)
|
107
|
-
end
|
108
|
-
|
109
|
-
end
|
110
|
-
end
|
111
|
-
end
|
@@ -1,15 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
require 'awesome_print'
|
3
|
-
|
4
|
-
module Sambot
|
5
|
-
module Workflow
|
6
|
-
class Tunnel
|
7
|
-
|
8
|
-
def self.create(session, host, port, local_port)
|
9
|
-
UI.debug "Creating a tunnel from 0.0.0.0:#{local_port} to #{host}:#{port}"
|
10
|
-
session.forward.local("0.0.0.0", local_port, host, port)
|
11
|
-
end
|
12
|
-
|
13
|
-
end
|
14
|
-
end
|
15
|
-
end
|
@@ -1,40 +0,0 @@
|
|
1
|
-
module Sambot
|
2
|
-
module Workflow
|
3
|
-
|
4
|
-
class Tunnels
|
5
|
-
|
6
|
-
PID_PATH = '/tmp/sambot-session.pid'
|
7
|
-
|
8
|
-
LOG_PATH = '/tmp/sambot-session.log'
|
9
|
-
|
10
|
-
SESSION_ID = 'sambot'
|
11
|
-
|
12
|
-
def self.start(username, password, bastion_host_ip, forwards)
|
13
|
-
UI.info("Starting daemon for tunneling - log is available at #{LOG_PATH}")
|
14
|
-
Dante::Runner.new(SESSION_ID).execute(daemonize: true, pid_path: PID_PATH, log_path: LOG_PATH) do
|
15
|
-
setup_ssh_tunnels(username, password, bastion_host_ip, forwards)
|
16
|
-
end
|
17
|
-
sleep(2)
|
18
|
-
puts "----- Background Daemon Log -----"
|
19
|
-
puts File.read(LOG_PATH)
|
20
|
-
puts "---------------------------------"
|
21
|
-
end
|
22
|
-
|
23
|
-
def self.stop(forwards)
|
24
|
-
Dante::Runner.new(SESSION_ID).execute(kill: true, pid_path: PID_PATH)
|
25
|
-
UI.debug("All active sessions have been closed")
|
26
|
-
File.delete(LOG_PATH) if File.exist?(LOG_PATH)
|
27
|
-
end
|
28
|
-
|
29
|
-
def self.setup_ssh_tunnels(username, password, bastion_host_ip, forwards)
|
30
|
-
full_username = "DEV\\#{username}"
|
31
|
-
UI.debug "Opening a connection to the Rackspace DEV/QE environment"
|
32
|
-
Net::SSH.start(bastion_host_ip, full_username, password: password) do |session|
|
33
|
-
forwards.each { |key, value| Tunnel.create(session, key, value[:dest_port], value[:tunnel_port]) }
|
34
|
-
session.loop {true}
|
35
|
-
end
|
36
|
-
end
|
37
|
-
|
38
|
-
end
|
39
|
-
end
|
40
|
-
end
|