zool 0.1.0

data/lib/zool/key_file_writer.rb

@@ -0,0 +1,48 @@
+require 'ruby-debug'
+Debugger.start
+
+module Zool
+  class KeyfileWriter
+    attr_accessor :out_directory
+
+    def self.keyname_for_key(key)
+      temp_name = key[/^\S*\s\S*\s([^@]+)\S*$/, 1]
+      if temp_name.nil?
+        logger.warn "key not parsable"
+        '1__not_parsable'
+      else
+        temp_name.gsub(/[^A-Z|^a-z|^0-9]/, '_').downcase
+      end
+    end
+
+    def initialize(out_directory = 'keys')
+      @out_directory = out_directory
+    end
+
+    def write_keys(keys)
+      keys.each do |key|
+        write key
+      end
+    end
+
+    def write(key, outname = nil)
+      key_name = outname || self.class.keyname_for_key(key)
+      key_count = Dir["#{out_directory}/#{key_name}*.pub"].size
+
+      key_name += "_#{key_count + 1}" if key_count > 0
+      key_path = "#{out_directory}/#{key_name}.pub"
+
+      File.open(key_path, 'w+') do |file|
+        file.puts key
+      end
+    end
+    
+    def self.logger
+      DEFAULT_LOGGER
+    end
+    
+    def logger
+      DEFAULT_LOGGER
+    end
+  end
+end

data/lib/zool/server.rb

@@ -0,0 +1,116 @@
+require 'net/sftp'
+require 'net/scp'
+
+module Zool
+  class Server
+    class ConnectionVerificationExecption < Exception; end
+    attr_reader :hostname
+    attr_accessor :keyfile_location
+
+    def initialize(hostname, options = {})
+      @options = {
+        :user => 'root', 
+        :password => ''
+      }.update(options)
+      @hostname = hostname
+      @keyfile_location = default_keyfile_location
+    end
+
+    def fetch_keys
+      @keys = nil
+      @raw_authorized_keys = load_remote_file
+    end
+
+   def keys
+    @keys ||= begin
+      @raw_authorized_keys ||= fetch_keys
+      @raw_authorized_keys.split("\n").map {|key| key.strip}.uniq.reject {|key| key == ""}
+    end
+   end
+
+   def keys=(new_keys)
+    @keys = new_keys
+   end
+
+   def dump_keyfiles
+    key_writer = KeyfileWriter.new
+    key_writer.write_keys keys
+   end
+   
+   def create_backup
+     begin
+       backup = load_remote_file
+       backup_filename = "#{@keyfile_location}_#{Time.now.to_i}"
+       Net::SCP.upload!(@hostname, @options[:user], StringIO.new(backup), backup_filename, :ssh => {:password => @options[:password]})
+       backup_filename
+     rescue Net::SCP::Error => e
+       logger.fatal "Error during backup of authorized keys file: #{e.message}"
+       raise
+     end
+   end
+   
+   def upload_keys
+     remote_backup_file = create_backup
+     begin
+       backup_channel = Net::SSH.start(@hostname, @options[:user], :password => @options[:password])
+       main_channel   = Net::SSH.start(@hostname, @options[:user], :password => @options[:password])
+       main_channel.scp.upload!(StringIO.new(keys.join("\n")), @keyfile_location)
+       main_channel.close
+       begin
+         logger.info "Trying to connect to #{@hostname} to see if I still have access"
+         Net::SSH.start(@hostname, @options[:user], :password => '')
+         logger.info "Backup channel connection succeeded. Assuming everything went fine!"
+       rescue Net::SSH::AuthenticationFailed => e
+         if !@rolled_back
+           logger.warn "!!!!!! Could not login to server after upload operation! Rolling back !!!!!!"
+           backup_channel.exec "mv #{remote_backup_file} #{@keyfile_location}"
+           backup_channel.loop
+           @rolled_back = true
+           retry
+         else
+           logger.fatal "Tried to role back... didnt work... giving up... sorry :("
+           raise e
+         end
+       end
+     ensure
+       main_channel.close unless main_channel.closed?
+       backup_channel.close unless backup_channel.closed?
+     end
+     raise ConnectionVerificationExecption.new("Error after uploading the keyfile to #{@hostname}") if @rolled_back
+   end
+
+   def to_s
+    "<Zool::Server #{hostname}>"
+   end
+   
+   def user
+     @options[:user]
+   end
+
+    private
+      def load_remote_file
+        downloaded_file = StringIO.new
+        begin
+          Timeout::timeout(2) do
+            logger.info "Fetching key from #{@hostname}"
+            Net::SCP.download!(@hostname, @options[:user], @keyfile_location, downloaded_file, :ssh => {:password => @options[:password]})
+          end
+        rescue Net::SCP::Error
+          logger.warn "Warning! Empty keyfile" # logging? later... :P
+        rescue Net::SSH::AuthenticationFailed
+          logger.warn "No access to Server #{@hostname}"
+        rescue Errno::ETIMEDOUT, Timeout::Error
+          logger.warn "Access to server #{@hostname} timed out"
+        end
+        downloaded_file.string
+      end
+      
+      def default_keyfile_location
+        '~/.ssh/authorized_keys'
+      end
+      
+      def logger
+        DEFAULT_LOGGER
+      end
+  end
+end

data/lib/zool/server_pool.rb

@@ -0,0 +1,74 @@
+module Zool
+  class ServerPool < Array
+    IP_FORMAT = /^(?:25[0-5]|(?:2[0-4]|1\d|[1-9])?\d)(?:\.(?:25[0-5]|(?:2[0-4]|1\d|[1-9])?\d)){3}$|^(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+(?:[a-z]{2}|com|org|net|gov|mil|biz|info|mobi|name|aero|jobs|museum)$/
+
+    def self.from_hostfile(hostsfile, options = {})
+      hosts = hostsfile.to_a.map { |host| host.split[0] }
+      hosts.uniq!
+      invalid_hosts = %w(127.0.0.1 255.255.255.255)
+      hosts.reject! { |host| host !~ IP_FORMAT }
+      hosts.reject! { |host| invalid_hosts.include?(host) }
+      pool = self.new
+
+      hosts.each do |host|
+        # puts host
+        server = Server.new(host, options)
+        # puts server.hostname
+        pool << server
+      end
+      pool
+    end
+
+    alias servers entries
+
+    def keys
+      @keys_proxy ||= KeysProxy.new(self)
+    end
+
+    def fetch_keys
+      call_for_pool(:fetch_keys)
+      @keys_proxy = nil
+    end
+
+    def upload_keys
+      call_for_pool(:upload_keys)
+    end
+
+    def <<(object)
+      raise TypeError.new 'Invalid Argument' unless object.instance_of?(Server)
+      super
+    end
+    alias add <<
+    
+    def dump_keyfiles
+      writer = KeyfileWriter.new
+      keys.each do |key|
+        writer.write(key)
+      end
+    end
+    
+    def inspect
+      "#<Zool::ServerPool @servers=[#{servers.join(', ')}]>"
+    end
+
+    private
+      def call_for_pool(method)
+        servers.map do |server|
+          server.send(method)
+        end.flatten.uniq
+      end
+  end
+  
+  class KeysProxy < Array
+    def initialize(pool)
+      @pool = pool
+      super @pool.send(:call_for_pool, :keys)
+    end
+    
+    def <<(key)
+      @pool.each do |server|
+        server.keys << key
+      end
+    end
+  end
+end

data/spec/py_config_parser_spec.rb

@@ -0,0 +1,55 @@
+require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
+
+describe PyConfigParser do
+  include PyConfigParserHelper
+
+  before :all do
+    @config_string = <<-CONF
+    [without_whitespace]
+      key:value
+      multiple_values=foo, bar, baz
+      sticky_values=blim,blam,blum
+      
+    [with whitespace]
+      key2: value2
+      key3 : value3
+      multiple_values = foo, bar, baz
+    CONF
+  end
+
+  context "parsing a config" do
+    context "when invalid" do
+      it "should compile to nil" do
+        parse('strange stuff').should be_nil
+      end
+    end
+
+    context "when valid" do
+      it "should compile to a hash" do
+        parse("").build.should == {}
+      end
+    
+      context "with sections" do
+        before :all do
+          @sections = parse(@config_string).build
+        end
+      
+        it "should recognize sections" do
+          @sections["with whitespace"].should be_a(Hash)
+          @sections["without_whitespace"].should be_a(Hash)
+        end
+      
+        it "should map key/value pairs separated by colons" do
+          @sections["with whitespace"]['key2'].should == 'value2'
+          @sections["without_whitespace"]['key'].should == 'value'
+        end
+      
+        it "should map key/value pairs separated by an equal sign and devided by commas" do
+          @sections["with whitespace"]['multiple_values'].should == %w(foo bar baz)
+          @sections["without_whitespace"]['multiple_values'].should == %w(foo bar baz)
+          @sections["without_whitespace"]['sticky_values'].should == %w(blim blam blum)
+        end      
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,51 @@
+require 'lib/zool'
+require 'spec'
+require 'fakefs'
+
+module Net::SSH
+  def self.start
+    raise("unexpected call to SCP in test environment, see #{__FILE__}:#{__LINE__}")
+  end
+end
+
+class Net::SCP
+  class << self
+    def disallow_file_operation(a, b, c, d)
+      raise("unexpected call to SCP in test environment, see #{__FILE__}:#{__LINE__}")
+    end
+    alias upload!   disallow_file_operation
+    alias upload    disallow_file_operation
+    alias download! disallow_file_operation
+    alias download  disallow_file_operation
+  end
+end
+
+class StringbufferMatcher
+  def initialize(expected)
+    @expected = expected
+  end
+  
+  def ==(actual)
+    actual.string == @expected
+  end
+end
+
+def stringbuffer_with(content)
+  StringbufferMatcher.new(content)
+end
+
+def key_fixtures
+  @key_fixtures ||= {
+                       :pascal => 'ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA0YllcgPG3lFhW1R6g1zHIOOZhW8fl5MsBxNQYFJnkNUvwcqcH1CLFr5ybdEwgOfjqT2YDLt9qY/cn4Wa1xLvPEph7nkdx6NW7VzcxcIiakgtEEGI+F6K0ux/3bXPIEIDZcaAmlfcnw+OkoqyQR1PWppT/74mc+6+GkCoewqgIhxuajPmjLK9eAtDjNGnwsN1t0+gZkc9HNWOxWGGGNyfoSgRPlIzr4cTDnfuRPzxZDKJXLd75RJIAhr2PQwQTrdhPurCG2+48AHul/D1mg+BzWeaXifl3pd8on/Buo97A6iLM+jcx1VjDzhVil6esS/+30XSEUANh974PlIECZnIFw== pascal.friederich@nb-pfriederich.local',
+                       :pascal_private  => 'ssh-rsa fajfoijewaofjewofjaweofnlwkaenfakdjngkaldsjgndkjsnflkjdsfnjsadfkjlasdfnasnfamlfaj9efj09waj09j3f029j3029j3f2j3f2uhfuhgkashgkljdsagkjeahh3iuf2h398fh329f8h32f983h2fh3n29unfup3fhapw39fhpa93fha9w3fh983bf2fubkbawekjbfabf,ebfa,menbfiufbawefuwefiweafiubewafibefbiuwbgiu4gbiueraghaeiuhfsdiofuhasdifuhaw9e8fh9f8h238fh239fhpawh3fp9ahwpfhawp39fhp490f8hawf8ha9ef8hawp9haugbs== pascal.friederich@private',
+                       :pascal_laptop  => 'ssh-rsa fajfoijewaofjewofjaweofnlwkaenfakdjngkaldsjgndkjsnflkjdsfnjsadfkjlasdfnasnfamlfaj9efj09waj09j3f029j3029j3f2j3f2uhfuhgkashgkljdsagkjeahh3iuf2h398fh329f8h32f983h2fh3n29unfup3fhapw39fhpa93fha9w3fh983bf2fubkbawekjbfabf,ebfa,menbfiufbawefuwefiweafiubewafibefbiuwbgiu4gbiueraghaeiuhfsdiofuhasdifuhaw9e8fh9f8h238fh239fhpawh3fp9ahwpfhawp39fhp490f8hawf8ha9ef8hawp9haugbs== pascal.friederich@laptop',
+                       :bob => 'ssh-rsa LKASJFLASJFLKASJFLAKSFNALSKVNasdfj0fj0Jf0j09Jf90jw0fj9w0fjJFIWJLFNlnfLNlknflewknaflefawelfhweaf8932y98ry239f832hfh3fh3fiuhkljdsfkjasbdfwhefhewkjfhenkhfnkejfhhdskfjhdskfjhsdkjfhskdjfhalksdjhfkjdfhalsdkfhklasdfhdskfhjdkfjhqufheufwhewiuf38h9fh3298fh2938fh9283hf9823hf9823hfk2j3hfkj23fkj23fkjh23kjfhljhaasdfsadfsadf90usdf90saudf09jas0f9jas0fj09wjf0932hf0923hf0h320f9h230f9h329h== bob.schneider@nb-pfriederich.local',
+                       :upcase => 'ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA0YllcgPG3lFhW1R6g1zHIOOZhW8fl5MsBxNQYFJnkNUvwcqcH1CLFr5ybdEwgOfjqT2YDLt9qY/cn4Wa1xLvPEph7nkdx6NW7VzcxcIiakgtEEGI+F6K0ux/3bXPIEIDZcaAmlfcnw+OkoqyQR1PWppT/74mc+6+GkCoewqgIhxuajPmjLK9eAtDjNGnwsN1t0+gZkc9HNWOxWGGGNyfoSgRPlIzr4cTDnfuRPzxZDKJXLd75RJIAhr2PQwQTrdhPurCG2+48AHul/D1mg+BzWeaXifl3pd8on/Buo97A6iLM+jcx1VjDzhVil6esS/+30XSEUANh974PlIECZnIFw== upcase.VaN@nb-UPCASE.StuFF'
+                     }
+end
+
+module PyConfigParserHelper
+  def parse(string)
+    PyConfigParser.new.parse(string)
+  end
+end

data/spec/zool.rb

@@ -0,0 +1,4 @@
+require File.dirname(__FILE__) + '/spec_helper'
+
+describe Zool do
+end

data/spec/zool/configuration_spec.rb

@@ -0,0 +1,170 @@
+require File.expand_path(File.dirname(__FILE__) + '/../spec_helper')
+
+module Zool
+  describe Configuration do
+    before :all do
+      @keyfile_stub_data = {
+        'peter'   => 'ssh-dsa adfsdfafef00if0i23f== peter@localhost',
+        'paul'    => 'ssh-dsa adfsdfafef00if0i23f== paul@horst',
+        'system'  => 'ssh-dsa adfsdfafef00if0i23f== system@admins',
+        'log'     => 'ssh-dsa adfsdfafef00if0i23f== log@admins',
+      }
+    end
+
+    context "building a configuration file from a serverpool" do
+      before :each do
+        server1_keys = [@keyfile_stub_data['peter'], @keyfile_stub_data['paul']]
+        server1 = stub(:hostname => 'server1', :keys => server1_keys)
+        server2_keys = [@keyfile_stub_data['system'], @keyfile_stub_data['log']]
+        server2 = stub(:hostname => 'server2', :keys => server2_keys)
+        @pool = ServerPool.new([server1, server2])
+      end
+      
+      it "should write a server entry for every server in the pool and add it's keys" do
+        Configuration.build(@pool).should == <<-EXPECTED_CONF
+[server server1]
+  keys = peter, paul
+
+[server server2]
+  keys = system, log
+        EXPECTED_CONF
+      end
+    end
+    
+    context ".parse" do
+      context "an invalid configuration" do
+        it "should raise an exception" do
+          lambda { Configuration.parse('asdf') }.should raise_error(Zool::Configuration::ParseError)
+        end
+        
+        context "pointing the reason why the configuration is invalid" do
+          it "should complain about missing groups that are referenced in roles" do
+            conf = <<-CONF
+              [role app]
+                servers = 12.3.4.5
+                keys = &snafu
+            CONF
+            lambda { Configuration.parse(conf) }.should raise_error(Zool::Configuration::ParseError, /missing referenced group 'snafu'/)
+          end
+          
+          it "should complain about missing keys" do
+            conf = <<-CONF
+              [role app]
+                servers = 12.3.4.5
+                keys = i_am_not_there
+            CONF
+            lambda { Configuration.parse(conf) }.should raise_error(Zool::Configuration::ParseError, /missing ssh key 'i_am_not_there'/)
+          end
+        end
+      end
+      
+      context "a valid configuration" do
+        it "should return a configuration object with the parsed configuration hash" do
+          conf = <<-CONF
+          [role app]
+            servers = 13.9.6.1, 13.9.6.2
+            keys = &qa, peter
+          
+          [group qa]
+            members = david
+            password : cleartext10)9292@*=-.?
+          CONF
+          writer = KeyfileWriter.new
+          FileUtils.rm_r(writer.out_directory)
+          
+          writer.write 'davids key', 'david'
+          writer.write 'peters key', 'peter'
+          configuration = Configuration.parse(conf)
+          configuration.should be_a(Configuration)
+        end
+      end
+    end
+    
+    context "instanciating a configuration" do
+      before :all do        
+        writer = KeyfileWriter.new
+        FileUtils.rm_r(writer.out_directory)
+        
+        @keyfile_stub_data.each do |key, value|
+          writer.write value, key
+        end
+
+        @conf_hash = {
+          "role app" => {
+            'servers' => ['preview_server', 'production_server', 'edge_server'],
+            'keys' => ['&qa'],
+            'password' => "123456"
+          },
+          "role cron servers" => {
+            'servers' => ['crn1', 'crn2', 'edge_server'],
+            'keys' => ['system', 'log']
+          },
+          "group qa" => {
+            'members' => ['peter', 'paul']
+          },
+          "server 13.9.6.1" => {
+            'keys' => ['system'],
+            'password' => "123456"
+          },
+          "server 13.9.6.2" => {
+            'keys' => ['peter'],
+            'user' => "admin"
+          }
+          
+        }
+        @configuration = Configuration.new(@conf_hash)
+      end
+      
+      it "should create a server for every server section" do
+        @configuration.servers['13.9.6.1'].keys.should include(@keyfile_stub_data['system'])
+      end
+      
+      it "should create a serverpool for every role" do
+        @configuration.roles['app'].should be_a(ServerPool)
+        @configuration.roles['cron servers'].should be_a(ServerPool)
+      end
+      
+      it "should read the keys from the key files" do
+        @configuration.keys.should have(4).keys
+      end
+      
+      it "should add a groups keys to the serverpool" do
+        @configuration.servers['preview_server'].keys.should include(@keyfile_stub_data['peter'])
+      end
+      
+      it "should have only one server object per hostname shared between groups" do
+        edge_servers_keys = @configuration.servers['edge_server'].keys
+        edge_servers_keys.should include(@keyfile_stub_data['system'])
+        edge_servers_keys.should include(@keyfile_stub_data['paul'])
+        edge_servers_keys.should include(@keyfile_stub_data['peter'])
+        edge_servers_keys.should include(@keyfile_stub_data['log'])
+        edge_servers_keys.should have(4).keys
+      end
+      
+      context "with a configured user and/or a password" do
+        it "should use the user for servers" do
+          @configuration.servers['13.9.6.1'].send(:instance_variable_get, :@options)[:password].should == '123456'
+        end
+
+        it "should use the password for servers" do
+          @configuration.servers['13.9.6.2'].user.should == 'admin'
+        end
+      end
+
+      context "calling the upload_keys method" do
+        it "should upload the keys to every server in the configuration" do
+          @configuration.servers.values.each do |server|
+            server.should_receive(:upload_keys).and_return(nil)
+          end
+          @configuration.upload_keys
+        end
+      end
+    end
+  end
+end
+
+Spec::Matchers.define :have_role do |role|
+  match do |configuration|
+    !configuration.roles[role].nil?
+  end
+end