seijaku 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 473323709a5634fbd29899d6745d1145f5bfbd69c073b94739aa988e6851f13e
-  data.tar.gz: 5ed3dd59fa73d5bcd30664b480d1c1dcef7b826447c9e2229ab90e0115c1de05
+  metadata.gz: 63fdce33cce3f7b4496f7ba0968a069554f351f5b1ea37d84c0dc20b7cfb3d49
+  data.tar.gz: 01fc22c0d064e13bbf514633545ec4f947176a531bf57fe479294d816f60154b
 SHA512:
-  metadata.gz: 72e7fcf802e5e1ad2c9813eca4a7cf1f5e88db0d083ce29afb64e94c14453cbe0494f9f7bb71ebd5844b8d2ce947418b2d02e5099b476446505be2999c85cdc1
-  data.tar.gz: a5e9f5c1459a24fcb327d2d272589f84a3ec1eb323da7afe93e6f2840605e3f70d0c833cb706c21df60a0f384020991c34ed738d1009aff64e0e2cb8553be460
+  metadata.gz: ffc15482a72317f1617f65374e2de9dd86008d7d4faa64dc3a34fe9dc9e5f940f77982f2a009a82c54613b1226135e3b8a58a2a37d126e6b0a6b105d4de7b0f6
+  data.tar.gz: 3bdfd31aac02d9bdd5be33b5f77f05327ac4eaa05af82654b00d9fb4c30382be07c0879ae1ac91deaaf36468e934a6f0696b7e6223659332de25a2ed22f31fca

data/README.md

@@ -6,7 +6,7 @@ Seijaku is a program that allows you to execute shell commands listed in YAML pa
 
 Payloads are YAML files that describe the various tasks Seijaku will have to perform (in order). Each task contains one or more steps.
 
-A step is a shell command to be executed. Seijaku currently supports the following shells: bash and sh.
+A step is a shell command to be executed. Seijaku currently supports the following shells: bash, sh and ssh.
 
 Each task can have "pre" and "post" tasks, for example to create and delete folders, or install and uninstall software needed to run a task.
 
@@ -17,6 +17,11 @@ A step sometimes needs variables in order to be performed correctly: Seijaku sup
 ```yaml
 name: my payload
 
+ssh:
+  - host: my-host
+    user: user
+    port: 22
+
 variables:
   MY_VARIABLE: a static variable
   MY_ENV_VARIABLE: $MY_ENV_VARIABLE
@@ -37,6 +42,11 @@ tasks:
         soft_fail: true
     post:
       - sh: "do something after"
+  
+  - name: task with SSH executor
+    host: my-host
+    steps:
+      - ssh: echo "executed on host"
 ```
 
 ## Installation
@@ -46,11 +56,15 @@ tasks:
 * Ruby 2.5+
 * Rubygem
 
-
 Install Seijaku using Gem:
 
 ```bash
 gem install seijaku
 ```
 
+## Usage
 
+```bash
+seijaku -h
+seijaku -f ./my-payload.yaml
+```

data/docs/1 - basic.md

@@ -0,0 +1,10 @@
+# Basic
+
+```yaml
+name: basic payload
+tasks:
+  - name: do something useful
+    steps:
+      - sh: echo "sh executor"
+      - bash: echo "bash executor"
+```

data/docs/2 - variables.md

@@ -0,0 +1,24 @@
+# Variables
+
+Steps can call environment variables, listed in the `variables` dictionary.
+
+Variable values can either be given in the payload (static) or be defined from the executive shell.
+
+```yaml
+name: payload with variables
+
+variables:
+  ENV_VARIABLE: value
+  PROVIDED_ENV_VARIABLE: $PROVIDED_ENV_VARIABLE
+
+tasks:
+  - name: do something useful
+    steps:
+      - sh: echo "sh executor: $ENV_VARIABLE"
+      - bash: echo "bash executor: $PROVIDED_ENV_VARIABLE"
+```
+
+```bash
+export PROVIDED_ENV_VARIABLE=value 
+seijaku -f ./docs/variables.yaml
+```

data/docs/3 - ssh.md

@@ -0,0 +1,78 @@
+# SSH
+
+Since version `0.1.0`, Seijaku implements a SSH step executor. Only one SSH host can be set per task.
+
+
+```yaml
+name: payload with SSH executor
+
+ssh:
+  - host: my-host
+    port: 22
+    user: ubuntu
+
+tasks:
+  - name: do something useful
+    host: my-host
+    steps:
+      - ssh: echo "connection test"
+```
+
+It is recommended to run `ssh-add` before running Seijaku, as each step would require you to enter your password.
+
+## Variables
+
+Variables can be set from the Seijaku executive host and ran in the SSH host context:
+
+```yaml
+name: payload with SSH executor (variables)
+
+ssh:
+  - host: my-host
+    port: 22
+    user: ubuntu
+
+variables:
+  ENV_VARIABLE: value
+  PROVIDED_ENV_VARIABLE: $PROVIDED_ENV_VARIABLE
+
+tasks:
+  - name: do something useful
+    host: my-host
+    steps:
+      - ssh: echo "connection test"
+      - ssh: echo "$ENV_VARIABLE"
+      - ssh: echo "$PROVIDED_ENV_VARIABLE"
+```
+
+## Bastion / Jump host / Proxy
+
+You sometimes need to jump over a publicly exposed server to reach another one. Seijaku supports SSH Proxy, with a maximum of 1 hop.
+
+```yaml
+name: payload with SSH executor (bastion)
+
+ssh:
+  - host: bastion-host
+    port: 22
+    user: bastion_user
+
+  - host: my-host
+    port: 22
+    user: ubuntu
+    bastion: bastion-host
+
+variables:
+  ENV_VARIABLE: value
+  PROVIDED_ENV_VARIABLE: $PROVIDED_ENV_VARIABLE
+
+tasks:
+  - name: do something useful
+    host: my-host
+    steps:
+      - ssh: echo "connection test"
+      - ssh: echo "$ENV_VARIABLE"
+      - ssh: echo "$PROVIDED_ENV_VARIABLE"
+```
+
+The `ssh.[].host` must be a reachable address (domain name or IP).

data/lib/seijaku/executors/bash.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+require "open3"
+
+module Seijaku
+  # executes `bash` commands
+  class BashExecutor
+    def initialize(raw, variables)
+      @command = ["bash", "-c", "'#{raw}'"]
+      @variables = variables
+    end
+
+    def run!
+      stdout, stderr, exit_status = Open3.capture3(
+        @variables,
+        @command.join(" ")
+      )
+
+      {
+        stdout: stdout.chomp,
+        stderr: stderr.chomp,
+        exit_status: exit_status.exitstatus,
+        command: @command.join(" ")
+      }
+    end
+  end
+end

data/lib/seijaku/executors/sh.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+require "open3"
+
+module Seijaku
+  # Execute `sh` commands
+  class SHExecutor
+    def initialize(raw, variables)
+      @command = ["sh", "-c", "'#{raw}'"]
+      @variables = variables
+    end
+
+    def run!
+      stdout, stderr, exit_status = Open3.capture3(
+        @variables,
+        @command.join(" ")
+      )
+
+      {
+        stdout: stdout.chomp,
+        stderr: stderr.chomp,
+        exit_status: exit_status.exitstatus,
+        command: @command.join(" ")
+      }
+    end
+  end
+end

data/lib/seijaku/executors/ssh.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+require "net/ssh"
+require "net/ssh/proxy/jump"
+
+module Seijaku
+  # SSHExecutor connects to SSH host and runs command
+  class SSHExecutor
+    def initialize(raw, variables, task, ssh_hosts)
+      @command = ["sh", "-c", "'#{raw}'"]
+      @hosts = ssh_hosts
+      @variables = variables
+      @task = task
+      @ssh_hosts = ssh_hosts
+
+      raise SSHExecutorError, "no ssh host defined in payload", [] if ssh_hosts.nil?
+    end
+
+    def run!
+      machine = @ssh_hosts.hosts[@task.host]
+      result = { command: @command.join(" "), stdout: nil, stderr: nil }
+      status = {}
+      options = machine.bastion ? { proxy: bastion_setup } : {}
+      ssh = Net::SSH.start(machine.host, machine.user, port: machine.port, **options)
+      ssh.exec!(@command.join(" "), status: status) do |_ch, stream, data|
+        result[:stdout] = data.chomp if stream == :stdout
+        result[:stderr] = data.chomp unless stream == :stdout
+      end
+      ssh.close
+
+      result[:exit_status] = status[:exit_code]
+      result
+    end
+
+    def bastion_setup
+      bastion_name = @ssh_hosts.hosts[@task.host].bastion
+      bastion_host = @ssh_hosts.hosts[bastion_name]
+
+      connect_str = "#{bastion_host.user}@#{bastion_host.host}:#{bastion_host.port}"
+      Net::SSH::Proxy::Jump.new(connect_str)
+    end
+  end
+end

data/lib/seijaku/payload.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+module Seijaku
+  # Payload refers to the payload YAML file submitted by the user.
+  # it includes tasks, steps, variables and name.
+  class Payload
+    def initialize(payload, logger)
+      @name = payload.fetch("name")
+      @variables = get_variables(payload.fetch("variables"))
+      @ssh_hosts = SSHGroup.new(payload.fetch("ssh", []))
+      @tasks = payload.fetch("tasks").map do |task|
+        Task.new(task, @variables, logger, @ssh_hosts)
+      end
+    end
+
+    def execute!
+      @tasks.each(&:execute!)
+    end
+
+    def get_variables(payload_variables)
+      sorted_variables = {}
+      variables = payload_variables.map do |var|
+        Variable.new(var)
+      end
+
+      variables.each do |var|
+        sorted_variables.merge!({ var.key => var.value })
+      end
+
+      sorted_variables
+    end
+  end
+end

data/lib/seijaku/ssh/group.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module Seijaku
+  # Group of SSH hosts
+  class SSHGroup
+    attr_reader :hosts
+
+    def initialize(ssh_group)
+      @hosts = {}
+      ssh_group.each do |host|
+        @hosts[host["host"]] = Host.new(host)
+      end
+    end
+  end
+end

data/lib/seijaku/ssh/host.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module Seijaku
+  # Host of SSHGroup
+  class Host
+    attr_reader :host, :port, :user, :bastion
+
+    def initialize(host)
+      @host = host.fetch("host", "localhost")
+      @port = host.fetch("port", 22)
+      @bastion = host.fetch("bastion", nil)
+      @user = host.fetch("user", "root")
+    end
+  end
+end

data/lib/seijaku/step.rb

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+
+module Seijaku
+  # A step is a bash or sh command that must be executed.
+  # steps execution is always fifo.
+  class Step
+    attr_reader :command, :pipeline
+
+    def initialize(step, variables, pipeline, logger, task, ssh_hosts = nil)
+      @sh = step.fetch("sh", nil)
+      @bash = step.fetch("bash", nil)
+      @ssh = step.fetch("ssh", nil)
+      @soft_fail = step.fetch("soft_fail", false)
+      @output = step.fetch("output", false)
+      @variables = variables
+      @pipeline = pipeline
+      @logger = logger
+      @task = task
+      @ssh_hosts = ssh_hosts
+
+      @command = (@sh || @bash) || @ssh
+    end
+
+    def execute!
+      result = SHExecutor.new(@sh, @variables).run! if @sh
+      result = BashExecutor.new(@bash, @variables).run! if @bash
+      result = SSHExecutor.new(@ssh, @variables, @task, @ssh_hosts).run!
+
+      if result[:exit_status] != 0
+        logger_output(result)
+        exit(1) unless @soft_fail
+      end
+
+      return unless @output
+
+      %i[stdout stderr].each do |stream|
+        puts format("%<stream>s:\t %<result>s", stream: stream, result: result[stream])
+      end
+    end
+
+    def logger_output(result)
+      @logger.info <<~OUTPUT
+        command: `#{result[:command]}`
+        exit_code: #{result[:exit_status]}
+        stdout: #{result[:stdout]}
+        stderr: #{result[:stderr]}"
+      OUTPUT
+    end
+  end
+end

data/lib/seijaku/task.rb

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+module Seijaku
+  # Task is composed of a name, an array of Step (Pre, Post)
+  class Task
+    attr_reader :host
+
+    def initialize(task, variables, logger, ssh_hosts = nil)
+      @name = task.fetch("name", nil)
+      @host = task.fetch("host", nil)
+      @steps = task.fetch("steps", []).map { |step| Step.new(step, variables, :steps, logger, self, ssh_hosts) }
+      @pre_steps = task.fetch("pre", []).map { |step| Step.new(step, variables, :pre, logger, self, ssh_hosts) }
+      @post_steps = task.fetch("post", []).map { |step| Step.new(step, variables, :post, logger, self, ssh_hosts) }
+      @logger = logger
+
+      raise TaskError, "no name set in task", [] if @name.nil?
+    end
+
+    def execute!
+      [@pre_steps, @steps, @post_steps].each do |pipeline_steps|
+        pipeline_steps.each do |step|
+          @logger.info(format("[%<name>s:%<pipeline>s] running %<command>s",
+                              name: @name,
+                              pipeline: step.pipeline,
+                              command: step.command))
+
+          step.execute!
+        end
+      end
+    end
+  end
+end

data/lib/seijaku/variable.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module Seijaku
+  # variable
+  class Variable
+    attr_reader :key, :value
+
+    def initialize(variable)
+      @key = variable.first
+
+      value = variable.last
+      @value = value
+
+      return unless value.start_with?("$")
+
+      env_key = value.split("$").last
+      env_value = ENV.fetch(env_key, nil)
+
+      raise VariableError, "no value set for #{env_key}", [] if env_value.nil?
+
+      @value = env_value
+    end
+  end
+end

data/lib/seijaku/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Seijaku
-  VERSION = "0.1.0"
+  VERSION = "0.2.0"
 end

data/lib/seijaku.rb

@@ -5,12 +5,16 @@ require_relative "seijaku/payload"
 require_relative "seijaku/variable"
 require_relative "seijaku/task"
 require_relative "seijaku/step"
+require_relative "seijaku/ssh/group"
+require_relative "seijaku/ssh/host"
 
 require_relative "seijaku/executors/sh"
 require_relative "seijaku/executors/bash"
+require_relative "seijaku/executors/ssh"
 
 module Seijaku
   class Error < StandardError; end
   class VariableError < Error; end
   class TaskError < Error; end
+  class SSHExecutorError < Error; end
 end

data/seijaku.gemspec

@@ -32,9 +32,7 @@ Gem::Specification.new do |spec|
   spec.executables = %w[seijaku]
   spec.require_paths = ["lib"]
 
-  # Uncomment to register a new dependency of your gem
-  # spec.add_dependency "example-gem", "~> 1.0"
-
-  # For more information and examples about making a new gem, check out our
-  # guide at: https://bundler.io/guides/creating_gem.html
+  spec.add_dependency "bcrypt_pbkdf", "~> 1.1"
+  spec.add_dependency "ed25519", "~> 1.3"
+  spec.add_dependency "net-ssh", "~> 7.2"
 end

metadata

@@ -1,15 +1,57 @@
 --- !ruby/object:Gem::Specification
 name: seijaku
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Kohlrabbit
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-12-11 00:00:00.000000000 Z
-dependencies: []
+date: 2023-12-12 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bcrypt_pbkdf
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+- !ruby/object:Gem::Dependency
+  name: ed25519
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: net-ssh
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '7.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '7.2'
 description: CLI tool ingesting YAML files to execute tasks on different shells with
   pre and post routines.
 email:
@@ -26,7 +68,19 @@ files:
 - README.md
 - Rakefile
 - bin/seijaku
+- docs/1 - basic.md
+- docs/2 - variables.md
+- docs/3 - ssh.md
 - lib/seijaku.rb
+- lib/seijaku/executors/bash.rb
+- lib/seijaku/executors/sh.rb
+- lib/seijaku/executors/ssh.rb
+- lib/seijaku/payload.rb
+- lib/seijaku/ssh/group.rb
+- lib/seijaku/ssh/host.rb
+- lib/seijaku/step.rb
+- lib/seijaku/task.rb
+- lib/seijaku/variable.rb
 - lib/seijaku/version.rb
 - seijaku.gemspec
 - sig/seijaku.rbs