zool 0.1.0

data/features/fetching_ssh_keys.feature

@@ -0,0 +1,72 @@
+Feature: Fetching SSH Keys
+  In order to see a list of all used ssh servers
+  As a xing techie
+  I want to be able to fetch all authorized keys from remote servers
+
+  Scenario: Fetching all keys from a server
+    Given the following keys are on the servers
+      | server     | key                                        |
+      | preview_server    | ssh-rsa key1== Adem.Deliceoglu@PC-ADELICEO |
+    When I run the fetch_keys command for the server "preview_server"
+    Then It should fetch the following keys
+      | key                                        |
+      | ssh-rsa key1== Adem.Deliceoglu@PC-ADELICEO |
+
+  Scenario: Fetching all keys from all servers
+    Given the following hosts
+      """
+        13.9.1.41      preview_server
+        13.9.1.42      edge_server
+        10.53.1.41      production_server
+      """
+    And the following keys are on the servers
+      | server     | key                                                   |
+      | 13.9.1.41 | ssh-rsa key1== Adem.Deliceoglu@PC-ADELICEO            |
+      | 13.9.1.41 | ssh-rsa key4== abel.fernandez@nb-afernandez.local     |
+      | 13.9.1.41 | ssh-dss key2== christian.kvalheim@nb-ckvalheim.local  |
+      | 13.9.1.42 | ssh-rsa key3== lee.hambley@xing.com                   |
+      | 10.53.1.41 | ssh-rsa key4== abel.fernandez@nb-afernandez.local     |
+      | 10.53.1.41 | ssh-rsa key5== pascal.friederich@nb-pfriederich.local |
+    When I run the fetch_keys command
+    Then It should fetch the following keys
+        | key                                                   |
+        | ssh-rsa key1== Adem.Deliceoglu@PC-ADELICEO            |
+        | ssh-rsa key4== abel.fernandez@nb-afernandez.local     |
+        | ssh-dss key2== christian.kvalheim@nb-ckvalheim.local  | 
+        | ssh-rsa key3== lee.hambley@xing.com                   |
+        | ssh-rsa key5== pascal.friederich@nb-pfriederich.local |
+
+  Scenario: Dumping a single servers keys to files
+    Given the following keys have been fetched
+      | key                                                  |
+      | ssh-rsa key1== Adem.Deliceoglu@PC-ADELICEO           |
+      | ssh-rsa key4== abelfernandez@nb-afernandez.local     |
+      | ssh-dss key2== christian.kvalheim@nb-ckvalheim.local |
+      | ssh-rsa key3== lee.hambley@xing.com                  |
+      | ssh-rsa key5== lee.hambley@private                   |
+    When I run the dump_keyfiles command
+    Then It should generate the following files
+      | name                          | key                                                  |
+      | abelfernandez.pub             | ssh-rsa key4== abelfernandez@nb-afernandez.local     |
+      | adem_deliceoglu.pub           | ssh-rsa key1== Adem.Deliceoglu@PC-ADELICEO           |
+      | christian_kvalheim.pub        | ssh-dss key2== christian.kvalheim@nb-ckvalheim.local |
+      | lee_hambley.pub               | ssh-rsa key3== lee.hambley@xing.com                  |
+      | lee_hambley_2.pub             | ssh-rsa key5== lee.hambley@private                   |
+  
+  Scenario: Dumping all servers keys to files
+    Given the following hosts
+      """
+        13.9.1.41      preview_server
+        10.53.1.42      production_server
+      """
+    And the following keys are on the servers
+      | server     | key                                                   |
+      | 13.9.1.41 | ssh-rsa key4== abel.fernandez@nb-afernandez.local     |
+      | 13.9.1.41 | ssh-dss key2== christian.kvalheim@nb-ckvalheim.local  |
+      | 10.53.1.42 | ssh-rsa key4== abel.fernandez@nb-afernandez.local     |
+    When I run the fetch_keys command
+    And I run the dump_keyfiles command
+    Then It should generate the following files
+      | name                          | key                                                  |
+      | abel_fernandez.pub            | ssh-rsa key4== abel.fernandez@nb-afernandez.local    |
+      | christian_kvalheim.pub        | ssh-dss key2== christian.kvalheim@nb-ckvalheim.local |

data/features/step_definitions/ssh_keys_steps.rb

@@ -0,0 +1,136 @@
+require 'fileutils'
+require 'ruby-debug'
+Debugger.start
+
+#########
+# GIVEN
+#########
+
+Given /^the local keyfiles$/ do |table|
+  writer = Zool::KeyfileWriter.new
+  table.hashes.each {|keyfile| writer.write(keyfile['key'], keyfile['name'])}
+end
+
+Given /^the config$/ do |string|
+  @config = string
+end
+
+Given /^the following hosts$/ do |string|
+  hosts = StringIO.new(string)
+  @zool = Zool::ServerPool.from_hostfile(hosts)
+end
+
+Given /^the following keys are on the servers$/ do |table|
+  keys = server_with_keys_from_table(table)
+
+  keys.each do |host, keys|
+    File.open(fake_server_dir!(host) + '/authorized_keys', 'w+') do |file|
+      file.write(keys.join("\n"))
+    end
+  end
+end
+
+Given /^the following keys have been fetched$/ do |table|
+  Given 'the server "localhost"'
+  @zool.keys = table.rows.flatten
+end
+
+Given /^the server "([^\"]*)" without a key file$/ do |servername|
+    Given "the server \"localhost\""
+end
+
+Given /^the server "([^\"]*)"$/ do |servername|
+  @zool = Zool::Server.new(servername)
+end
+
+#########
+# WHEN
+#########
+
+When /^I parse the config and run the upload_keys command$/ do
+  @zool = Zool::Configuration.parse(@config)
+  @zool.upload_keys
+end
+
+When /^I build the config from scratch$/ do
+  @generated_config = Zool::Configuration.build(@zool)
+end
+
+When /^I run the fetch_keys command for the server "([^\"]*)"$/ do |hostname|
+  @zool = Zool::Server.new(hostname)
+  @zool.fetch_keys
+end
+
+When /^I add the key "([^\"]*)"$/ do |key|
+  @zool.keys << key
+end
+
+When /^I run the (.*) command$/ do |command|
+  @zool.send(command)
+end
+
+When /^I upload the keys to the server "([^\"]*)"$/ do |servername, table|
+  @zool = Zool::Server.new(servername)
+  @zool.keys = table.rows
+  @zool.upload_keys
+end
+
+#########
+# THEN
+#########
+
+Then /^It should fetch the following keys$/ do |table|
+  actual_keys = [['key']] | @zool.keys.map {|key| [key] }
+  table.diff!(actual_keys)
+end
+
+Then /^It should generate the following files$/ do |keyfiles|
+  actual_keyfiles = [['name', 'key']]
+  Dir[TEST_TMP_PATH + '/keys/*.pub'].each do |keyfile|
+    File.open(keyfile) do |file|
+      actual_keyfiles << [File.basename(keyfile), file.read.strip]
+    end
+  end
+
+  keyfiles.diff!(actual_keyfiles)
+end
+
+Then /^the server "([^\"]*)" should have the authorized_keys file with the content$/ do |server, expected_content|
+  File.read(TEST_TMP_PATH + "/servers/#{server}/authorized_keys").should == expected_content
+end
+
+Then /^the following keys should be on the servers$/ do |table|
+  actual_keys_from_server = [['server', 'key']]
+  server_with_keys_from_table(table).each do |server, keys|
+    entries = File.read(TEST_TMP_PATH + "/servers/#{server}/authorized_keys").split("\n").map {|key| [server, key]}
+    actual_keys_from_server += entries
+  end
+  table.diff!(actual_keys_from_server)
+end
+
+Then /^I should have the following config$/ do |string|
+  @generated_config.should == string
+end
+
+#########
+# HELPER
+#########
+def fake_server_dir!(server)
+  path = fake_server_dir(server)
+  return path if File.directory?(path)
+  FileUtils.mkdir_p path
+  path
+end
+
+def fake_server_dir(host)
+  TEST_TMP_PATH + "/servers/#{host}"
+end
+
+def server_with_keys_from_table(table)
+  keys = {}
+  table.hashes.each do |values|
+    keys[values["server"]] ||= []
+    keys[values["server"]] << values["key"]
+  end
+  keys
+end

data/features/store_ssh_keys.feature

@@ -0,0 +1,62 @@
+Feature: Store ssh keys on servers
+  In order to simplify uploading of keys to servers
+  As a xing techie
+  I want to be able to compose key lists and upload them to servers
+
+  Scenario: uploading keys to a server
+    Given the server "preview_server" without a key file
+    When I upload the keys to the server "preview_server"                                      
+        | key                                                   |
+        | ssh-rsa key1== Adem.Deliceoglu@PC-ADELICEO            |
+        | ssh-rsa key4== abel.fernandez@nb-afernandez.local     |
+        | ssh-dss key2== christian.kvalheim@nb-ckvalheim.local  |
+        | ssh-rsa key3== lee.hambley@xing.com                   |
+        | ssh-rsa key5== pascal.friederich@nb-pfriederich.local |
+
+    Then the server "preview_server" should have the authorized_keys file with the content
+      """
+      ssh-rsa key1== Adem.Deliceoglu@PC-ADELICEO
+      ssh-rsa key4== abel.fernandez@nb-afernandez.local
+      ssh-dss key2== christian.kvalheim@nb-ckvalheim.local
+      ssh-rsa key3== lee.hambley@xing.com
+      ssh-rsa key5== pascal.friederich@nb-pfriederich.local
+      """
+  
+  Scenario: adding a single key to a servers keyfile
+    Given the server "13.9.1.41" 
+    And the following keys are on the servers
+      | server     | key                                                   |
+      | 13.9.1.41 | ssh-rsa key1== Adem.Deliceoglu@PC-ADELICEO            |
+      | 13.9.1.41 | ssh-dss key2== christian.kvalheim@nb-ckvalheim.local  |    
+    When I add the key "ssh-rsa key4== abel.fernandez@nb-afernandez.local"
+    And I run the upload_keys command
+    Then the server "13.9.1.41" should have the authorized_keys file with the content
+      """
+      ssh-rsa key1== Adem.Deliceoglu@PC-ADELICEO
+      ssh-dss key2== christian.kvalheim@nb-ckvalheim.local
+      ssh-rsa key4== abel.fernandez@nb-afernandez.local
+      """
+  
+  Scenario: adding a single key to a serverpools keyfiles
+    Given the following hosts
+      """
+        13.9.1.41      preview_server
+        13.9.1.42      edge_server
+      """
+    And the following keys are on the servers
+      | server     | key                                   |
+      | 13.9.1.41 | ssh-rsa key1== some.key@somehost      |
+      | 13.9.1.41 | ssh-rsa key4== anotherkey@ahost.local |
+      | 13.9.1.41 | ssh-dss key2== thiskey@thishost.local |
+      | 13.9.1.42 | ssh-rsa key3== snafu@bar.com          |
+    When I add the key "ssh-rsa key5== additionalkey@host"
+    And I run the upload_keys command
+    Then the following keys should be on the servers
+      | server     | key                                   |
+      | 13.9.1.41 | ssh-rsa key1== some.key@somehost      |
+      | 13.9.1.41 | ssh-rsa key4== anotherkey@ahost.local |
+      | 13.9.1.41 | ssh-dss key2== thiskey@thishost.local |
+      | 13.9.1.41 | ssh-rsa key5== additionalkey@host     |
+      | 13.9.1.42 | ssh-rsa key3== snafu@bar.com          |
+      | 13.9.1.42 | ssh-rsa key5== additionalkey@host     |
+    

data/features/support/env.rb

@@ -0,0 +1,39 @@
+$:.unshift(File.expand_path(File.dirname(__FILE__) + '/../..'))
+
+require 'spec'
+require 'lib/zool'
+
+TEST_TMP_PATH = File.expand_path(File.dirname(__FILE__) + "/../tmp")
+
+class Zool::Server
+  def initialize(host, options = {})
+    @options = {
+      :password => '',
+      :user => `whoami`.chomp
+    }
+    @hostname = 'localhost'
+    @fake_hostname = host
+    
+    temp_server_path = TEST_TMP_PATH + "/servers/#{host}"
+    @keyfile_location = temp_server_path + '/authorized_keys'
+    FileUtils.mkdir_p temp_server_path unless File.directory? temp_server_path
+  end
+  
+  def hostname
+    @fake_hostname
+  end
+end
+
+class Zool::KeyfileWriter
+  def initialize(out_directory = 'keys')
+    @out_directory = TEST_TMP_PATH + "/#{out_directory}"
+    FileUtils.mkdir_p @out_directory unless File.directory? @out_directory
+  end
+end
+
+Before do
+  FileUtils.rm_r TEST_TMP_PATH if File.directory? TEST_TMP_PATH
+  @zool = nil
+  @servers = nil
+end
+

data/lib/py_config_parser/py_config_parser.tt

@@ -0,0 +1,85 @@
+grammar PyConfig
+  rule main
+    section*
+    {
+      def build
+        @config = {}
+        elements.each do |section| 
+          @config[section.name] = section.build
+        end
+        @config
+      end
+    }
+  end
+
+  rule section
+    space* '[' sectionname ']' eol
+    pairs:(sectionvalue eol?)+
+    white*
+    {
+      def name
+        sectionname.text_value
+      end
+  
+      def build
+        return pairs.elements.inject({}) do |pairs, elt|
+          pairs.merge!(elt.sectionvalue.build)
+          pairs
+        end
+      end
+    }
+  end
+
+  rule sectionname
+    (string / space / '.')+
+  end
+
+  rule sectionvalue
+  space* key separator value
+  {
+    def build
+      separator.build(key, value)
+    end
+  }
+  end
+
+  rule separator
+  space* ':' space*
+  {
+    def build(key, value)
+      {key.text_value => value.text_value.strip}
+    end
+  }
+  /
+  space* '=' space*
+  {
+    def build(key, value)
+      {key.text_value => value.text_value.split(',').map {|val| val.strip }}
+    end
+  }
+  end
+
+  rule key
+    string
+  end
+
+  rule value
+    [^\n]*
+  end
+
+  rule string
+    [a-zA-Z_0-9]+
+  end
+
+  rule white
+    (space / eol)
+  end
+
+  rule space
+    [ \t]
+  end
+
+  rule eol
+    "\n" / ("\r" "\n"?)
+  end
+end

data/lib/zool.rb

@@ -0,0 +1,24 @@
+$:.unshift File.dirname(__FILE__)
+begin
+  require File.expand_path(File.dirname(__FILE__) + '/../vendor/gems/environment')
+rescue LoadError
+  # seems to be the gem version
+end
+
+require 'treetop'
+require 'py_config_parser/py_config_parser'
+require 'zool/server'
+require 'zool/server_pool'
+require 'zool/key_file_writer'
+require 'zool/configuration'
+
+module Zool  
+  DEFAULT_LOGGER = begin
+    if defined?(Spec)
+      # we are in test environment
+      Logger.new('test.log')
+    else
+      Logger.new('zool.log')
+    end
+  end
+end

data/lib/zool/configuration.rb

@@ -0,0 +1,151 @@
+module Zool
+  class Configuration
+    class ParseError < Exception; end
+    attr_reader :servers, :roles, :groups
+
+    def self.parse(configuration)
+      parser = PyConfigParser.new
+      if raw_config = parser.parse(configuration)
+        self.new(raw_config.build)
+      else
+        raise ParseError.new(parser.failure_reason)
+      end
+    end
+    
+    def self.build(pool)
+      conf = ""
+      pool.servers.each do |server|
+        next if server.keys == []
+        conf << "\n" unless conf == ""
+        conf << "[server #{server.hostname}]\n"
+        keynames = server.keys.map {|key| KeyfileWriter.keyname_for_key(key)}
+        conf << "  keys = #{keynames.join(', ')}\n"
+      end
+      conf
+    end
+
+    def initialize(raw_config)
+      @raw_config = raw_config
+      parse
+    end
+
+    def keys
+      @keys ||= read_keys
+    end
+
+    def upload_keys
+      @servers.each { |servername, server| server.upload_keys }
+    end
+
+    private
+      def parse
+        @roles = {}
+        @servers = {}
+        @groups = {}
+
+        parse_groups
+        parse_servers
+        parse_roles
+      end
+
+      def parse_groups
+        raw_groups.each do |raw_group|
+          @groups[raw_group[/^group\s(.*)/, 1]] = @raw_config[raw_group]['members']
+        end
+      end
+      
+      def parse_servers
+        raw_servers.each do |raw_server|          
+          server    = server(raw_server[/^server\s(.*)/, 1], @raw_config[raw_server])
+          @raw_config[raw_server]['keys'].each do |key|
+            server.keys << fetch_key(key)
+          end
+        end
+      end
+      
+      def raw_servers
+        raw(:server)
+      end
+
+      def raw_groups
+        raw(:group)
+      end
+
+      def parse_roles
+        raw_roles.each do |raw_role|
+          @roles[raw_role[/^role\s(.*)/, 1]] = server_pool(raw_role)
+        end
+      end
+
+      def raw_roles
+        raw(:role)
+      end
+      
+      def raw(raw_type)
+        @raw_config.select {|k, v| k =~ /^#{raw_type}/}.map {|role_arrey| role_arrey[0]}
+      end
+
+      def server(hostname, raw_object)
+        return @servers[hostname] if @servers[hostname]
+        options = server_options_from_configuration(raw_object)
+
+        new_server = Server.new(hostname, options)
+        new_server.keys = []
+        @servers[hostname] = new_server
+        new_server
+      end
+      
+      def server_options_from_configuration(raw_object)
+        user      = raw_object['user']
+        password  = raw_object['password']
+        options   = {}
+        options.update({:user => user}) if user
+        options.update({:password => password}) if password
+        options
+      end
+
+      def read_keys
+        hash = {}
+        key_directory = KeyfileWriter.new.out_directory # FIXME: terrible and lazy hack!
+        keyfiles = Dir["#{key_directory}/*.pub"]
+        keyfiles.each do |keyfile|
+          keyname = File.basename(keyfile)[/(.*)\.pub/, 1]
+          hash[keyname] = File.read(keyfile).chomp
+        end
+        hash
+      end
+
+      def server_pool(raw_role)
+        pool = ServerPool.new()
+
+        @raw_config[raw_role]['servers'].each do |hostname|
+          pool << server(hostname, @raw_config[raw_role])
+        end
+
+        @raw_config[raw_role]['keys'].each do |key|
+          if key =~ /^&/
+            add_group_keys(key[1..-1], pool)
+          else
+            pool.keys << fetch_key(key)
+          end
+        end
+
+        pool
+      end
+      
+      def fetch_key(key)
+        return keys[key] unless keys[key].nil?
+        raise ParseError.new("missing ssh key '#{key}'")
+      end
+
+      def add_group_keys(group, pool)
+        begin
+          @groups[group].each do |key|
+            pool.keys << fetch_key(key)
+          end
+        rescue NoMethodError => e
+          raise ParseError.new("missing referenced group '#{group}'")
+        end
+      end
+  end
+end