smart_proxy_salt 0.0.1 → 0.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 17e8351a98fec3158dd5afa43ae6b4f1780002fc
-  data.tar.gz: bf054186755b76c3fabf3a0f72badd267abd3140
+  metadata.gz: acacbc60a4623c98351222437e7dc95180ffe154
+  data.tar.gz: 1eadaeb629d7defaeb6112606bfdd25566f47866
 SHA512:
-  metadata.gz: a9109ea9464e2881a26f0210a5f1c847721a7e94ed524164e3e47a14ca6246841f1374e95d64d24c31dce67656bbe4e33e9e11f8099ae807d4d4511241767225
-  data.tar.gz: 6e6c418f03a87bc0a83df611750dde9a196c0a7751324f28d341097383895c41848bab4d99bc14cc33448ed4fa9258896cdb6c7d69b05e577a8f4955668e296f
+  metadata.gz: fb6e7a820f206431e75d88010840e8d6f9a2ff4068680bcab3dd9ec148931f8b355da8fc66f0f55e5e8996bf20f80e55763890343fc2126c191160f4b253773f
+  data.tar.gz: 6dd63d90454b6becf490e615ca7dcd9bd58fc30a430af9651d9f02569e8103f43242f6636521fef4a61ca8f55faababeb80d03747398444c39099ed712baeffb

data/bin/foreman-node

@@ -0,0 +1,195 @@
+#!/usr/bin/env ruby
+# This is the external nodes script to allow Salt to retrieve info about a host
+# from Foreman.  It also uploads a node's grains to Foreman, if the setting is
+# enabled.
+
+require 'yaml'
+
+$settings_file = "/etc/salt/foreman.yaml"
+SETTINGS = YAML.load_file($settings_file)
+
+require 'net/http'
+require 'net/https'
+require 'etc'
+require 'timeout'
+
+begin
+  require 'json'
+rescue LoadError
+  # Debian packaging guidelines state to avoid needing rubygems, so
+  # we only try to load it if the first require fails (for RPMs)
+  begin
+    require 'rubygems' rescue nil
+    require 'json'
+  rescue LoadError => e
+    puts "You need the `json` gem to use the Foreman ENC script"
+    # code 1 is already used below
+    exit 2
+  end
+end
+
+def foreman_url
+  "#{SETTINGS[:proto]}://#{SETTINGS[:host]}:#{SETTINGS[:port]}"
+end
+
+def valid_hostname? hostname
+  hostname =~ /\A(([a-z0-9]|[a-z0-9][a-z0-9\-]*[a-z0-9])\.)*([a-z0-9]|[a-z0-9][a-z0-9\-]*[a-z0-9])\z/
+end
+
+def get_grains(minion)
+  begin
+    grains = {
+      :name  => minion,
+      :facts => plain_grains(minion).merge({:_timestamp => Time.now, :_type => 'foreman_salt'})
+    }
+
+    grains[:facts][:operatingsystem] = grains[:facts]['os']
+    grains[:facts][:operatingsystemrelease] = grains[:facts]['osrelease']
+
+    JSON.pretty_generate(grains)
+  rescue => e
+    puts "Could not get grains: #{e}"
+    exit 1
+  end
+end
+
+def plain_grains minion
+  # We have to get the grains from the cache, because the client
+  # is probably running 'state.highstate' right now.
+  #
+  # salt-run doesn't support directly outputting to json,
+  # so we have resort to python to extract the grains.
+  # Based on https://github.com/saltstack/salt/issues/9444
+
+script = <<-EOF
+#!/usr/bin/env python
+import json
+import os
+import sys
+
+import salt.config
+import salt.runner
+
+if __name__ == '__main__':
+    __opts__ = salt.config.master_config(
+            os.environ.get('SALT_MASTER_CONFIG', '/etc/salt/minion'))
+    runner = salt.runner.Runner(__opts__)  
+   
+    stdout_bak = sys.stdout
+    with open(os.devnull, 'wb') as f:
+        sys.stdout = f  
+        ret = runner.cmd('cache.grains', ['#{minion}'])
+    sys.stdout = stdout_bak
+
+    print json.dumps(ret)
+EOF
+
+  result = IO.popen("python", mode='r+') do |python|
+    python.write script
+    python.close_write
+    result = python.read
+  end
+
+  grains = JSON.load(result)
+  plainify(grains[minion]).flatten.inject(&:merge)
+end
+
+def plainify(hash, prefix = nil)
+  result = []
+  hash.each_pair do |key, value|
+    if value.is_a?(Hash)
+      result.push plainify(value, get_key(key, prefix))
+    elsif value.is_a?(Array)
+      result.push plainify(array_to_hash(value), get_key(key, prefix))
+    else
+      new = {}
+      new[get_key(key, prefix)] = value
+      result.push new
+    end
+  end
+  result
+end
+
+def array_to_hash(array)
+  new = {}
+  array.each_with_index { |v, index| new[index.to_s] = v }
+  new
+end
+
+def get_key(key, prefix)
+  [prefix, key].compact.join('::')
+end
+
+def upload_grains(minion)
+  begin
+    grains = get_grains(minion)
+    uri = URI.parse("#{foreman_url}/api/hosts/facts")
+    req = Net::HTTP::Post.new(uri.request_uri)
+    req.add_field('Accept', 'application/json,version=2' )
+    req.content_type = 'application/json'
+    req.body         = grains 
+    res              = Net::HTTP.new(uri.host, uri.port)
+    res.use_ssl      = uri.scheme == 'https'
+    if res.use_ssl?
+      if SETTINGS[:ssl_ca] && !SETTINGS[:ssl_ca].empty?
+        res.ca_file = SETTINGS[:ssl_ca]
+        res.verify_mode = OpenSSL::SSL::VERIFY_PEER
+      else
+        res.verify_mode = OpenSSL::SSL::VERIFY_NONE
+      end
+      if SETTINGS[:ssl_cert] && !SETTINGS[:ssl_cert].empty? && SETTINGS[:ssl_key] && !SETTINGS[:ssl_key].empty?
+        res.cert = OpenSSL::X509::Certificate.new(File.read(SETTINGS[:ssl_cert]))
+        res.key  = OpenSSL::PKey::RSA.new(File.read(SETTINGS[:ssl_key]), nil)
+      end
+    end
+    res.start { |http| http.request(req) }
+  rescue => e
+    raise "Could not send facts to Foreman: #{e}"
+  end
+end
+
+def enc(minion)
+  url              = "#{foreman_url}/salt/node/#{minion}?format=yml"
+  uri              = URI.parse(url)
+  req              = Net::HTTP::Get.new(uri.request_uri)
+  http             = Net::HTTP.new(uri.host, uri.port)
+  http.use_ssl     = uri.scheme == 'https'
+  if http.use_ssl?
+    if SETTINGS[:ssl_ca] && !SETTINGS[:ssl_ca].empty?
+      http.ca_file = SETTINGS[:ssl_ca]
+      http.verify_mode = OpenSSL::SSL::VERIFY_PEER
+    else
+      http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+    end
+    if SETTINGS[:ssl_cert] && !SETTINGS[:ssl_cert].empty? && SETTINGS[:ssl_key] && !SETTINGS[:ssl_key].empty?
+      http.cert = OpenSSL::X509::Certificate.new(File.read(SETTINGS[:ssl_cert]))
+      http.key  = OpenSSL::PKey::RSA.new(File.read(SETTINGS[:ssl_key]), nil)
+    end
+  end
+
+  res = http.start { |http| http.request(req) }
+
+  raise "Error retrieving node #{minion}: #{res.class}\nCheck Foreman's /var/log/foreman/production.log for more information." unless res.code == "200"
+  res.body
+end
+
+minion = ARGV[0] || raise("Must provide minion as an argument")
+
+raise "Invalid hostname" unless valid_hostname? minion
+begin
+  result = ""
+
+  if SETTINGS[:upload_grains]
+    timeout(SETTINGS[:timeout]) do
+      upload_grains(minion)
+    end
+  end
+
+  timeout(SETTINGS[:timeout]) do
+    result = enc(minion)
+  end
+  puts result
+rescue => e
+  puts "Couldn't retrieve ENC data: #{e}"
+  exit 1
+end

data/etc/foreman.yaml.example

@@ -0,0 +1,10 @@
+---
+:proto: http
+:host: foreman.example.com
+:port: 3000
+:ssl_ca: "" 
+:ssl_cert: ""
+:ssl_key: ""
+:timeout:  10
+:salt:  /usr/bin/salt
+:upload_grains:  true

data/lib/smart_proxy_salt/salt_http_config.ru

@@ -1,4 +1,4 @@
 require 'smart_proxy_salt/salt_api'
 map "/salt" do
-run Proxy::Salt::Api
+  run Proxy::Salt::Api
 end

data/lib/smart_proxy_salt/salt_main.rb

@@ -13,6 +13,7 @@ module Proxy::Salt
           return 0
         end
         Process.wait(c.pid)
+	logger.info("Result: #{c.read}")
       rescue Exception => e
         logger.error("Exception '#{e}' when executing '#{cmd}'")
         return false
@@ -84,7 +85,7 @@ module Proxy::Salt
 
     def highstate host
       find_salt_binaries
-      cmd = [@sudo, '-u', Proxy::Salt::Plugin.settings.salt_command_user, @salt, "--async", "'#{escape_for_shell(host)}'", "state.highstate"]
+      cmd = [@sudo, '-u', Proxy::Salt::Plugin.settings.salt_command_user, @salt, "--async", escape_for_shell(host), "state.highstate"]
       logger.info "Will run state.highstate for #{host}. Full command: #{cmd.join(" ")}"
       shell_command(cmd)
     end

data/lib/smart_proxy_salt/version.rb

@@ -1,5 +1,5 @@
 module Proxy
   module Salt
-    VERSION = '0.0.1'
+    VERSION = '0.0.2'
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: smart_proxy_salt
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.0.2
 platform: ruby
 authors:
 - Michael Moll
@@ -9,17 +9,22 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-08-21 00:00:00.000000000 Z
+date: 2014-08-31 00:00:00.000000000 Z
 dependencies: []
 description: SaltStack Plug-In for Foreman's Smart Proxy
 email: foreman-dev@googlegroups.com
-executables: []
+executables:
+- foreman-node
 extensions: []
-extra_rdoc_files: []
+extra_rdoc_files:
+- README.md
+- LICENSE
 files:
 - LICENSE
 - README.md
+- bin/foreman-node
 - bundler.d/salt.rb
+- etc/foreman.yaml.example
 - lib/smart_proxy_salt.rb
 - lib/smart_proxy_salt/salt.rb
 - lib/smart_proxy_salt/salt_api.rb
@@ -27,7 +32,7 @@ files:
 - lib/smart_proxy_salt/salt_main.rb
 - lib/smart_proxy_salt/version.rb
 - settings.d/salt.yml.example
-homepage: http://github.com/stbenjam/smart-proxy_salt
+homepage: https://github.com/theforeman/smart_proxy_salt
 licenses:
 - GPLv3
 metadata: {}