wmantly/vpn-p2p
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #25 from wmantly/vagrant

Browse Source 
Vagrant
This commit is contained in:
William Mantly 2019-12-10 20:57:43 -05:00 committed by GitHub
commit 66b1991c8d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
326 changed files with 17287 additions and 131 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
.gitignore vendored
View File

@ -58,4 +58,25 @@ typings/
# dotenv environment variables file
.env
.vagrant
*~
*#
.#*
\#*#
.*.sw[a-z]
*.un~
# Bundler
Gemfile.lock
gems.locked
bin/*
.bundle/*
# test kitchen
.kitchen/
.kitchen.local.yml
# Chef
Berksfile.lock
.zero-knife.rb
Policyfile.lock.json

130
Vagrantfile vendored Normal file
View File

@ -0,0 +1,130 @@
require 'json'
begin
secrets = JSON.parse(File.read('secrets.json'))
puts 'Loading secrets file'
rescue
secrets = {}
puts 'Secrets file not found'
end
class ::Hash
def deep_merge(second)
second.each do |key, value|
if value.class == Hash and self[key.to_sym]
self[key.to_sym].deep_merge(value)
else
self[key.to_sym] = value
end
end
return self
end
end
# -*- mode: ruby -*-
# vi: set ft=ruby :
# All Vagrant configuration is done below. The "2" in Vagrant.configure
# configures the configuration version (we support older styles for
# backwards compatibility). Please don't change it unless you know what
# you're doing.
Vagrant.configure("2") do |config|
# The most common configuration options are documented and commented below.
# For a complete reference, please see the online documentation at
# https://docs.vagrantup.com.
# Every Vagrant development environment requires a box. You can search for
# boxes at https://vagrantcloud.com/search.
config.vm.box = "ubuntu/xenial64"
config.vm.synced_folder '.', '/vagrant' # The vagrant dir just stopped automounting
# Create a forwarded port mapping which allows access to a specific port
# within the machine from a port on the host machine. In the example below,
# accessing "localhost:8080" will access port 80 on the guest machine.
# NOTE: This will enable public access to the opened port
config.vm.network "forwarded_port", guest: 80, host: 8000
config.vm.network "forwarded_port", guest: 443, host: 8443
config.vm.network "forwarded_port", guest: 3000, host: 8300
# Provider-specific configuration so you can fine-tune various
# backing providers for Vagrant. These expose provider-specific options.
# Example for VirtualBox:
#
config.vm.provider 'virtualbox' do |vb|
# Customize the amount of memory on the VM:
vb.memory = '1024'
vb.cpus = "2"
# vb.default_nic_type = "virtio"
vb.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
end
#
# View the documentation for the provider you are using for more
# information on available options.
# Enable provisioning with a shell script. Additional provisioners such as
# Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
# documentation for more information about their specific syntax and use.
config.vm.provision "shell", inline: <<~SHELL
if ! apt list ruby2.5 | grep installed; then
apt-add-repository ppa:brightbox/ruby-ng -y
apt-get update
sudo apt-get install -y build-essential resolvconf ruby2.5 ruby2.5-dev gem
fi
if ! which berks >/dev/null; then
gem install ruby-shadow berkshelf --no-ri --no-rdoc
# ln -s /opt/chef/embedded/bin/berks /usr/local/bin/berks
fi
cd /vagrant
cd /vagrant/ops/cookbooks
rm -rf vendor
rm -rf $HOME/.berksfile
if [ -f ".Berksfile.lock" ]; then
berks update
else
berks install
fi
berks vendor vendor
SHELL
config.vm.provision 'chef_solo' do |chef|
chef.version = '14.12.3' # version 14.12.9 fails to run
chef.cookbooks_path = [
'ops/cookbooks/',
'ops/cookbooks/vendor/'
]
chef.roles_path ='ops/roles'
chef.add_role('common')
chef.json = {
'working-dir': '/vagrant',
'app': {
'name': 't42-proxy',
'run_user': 'root',
'domain': 'proxy.local',
},
'python': {
# 'working-dir': 'django',
'version': '2.7'
},
'nodejs': {
'working-dir': 'nodejs',
'port': '3000',
'install_version': 8,
'exec_file': 'bin/www',
'service': true,
},
'redis':{
'unix': {
'perm': '777'
}
},
'web':{
'admin_email': 'admin2342@example.com',
'do_ssl': true,
't42-proxy': true
},
}.deep_merge(secrets);
end
end

100
docs/dev_setup.md Normal file
View File

@ -0,0 +1,100 @@
# Development environment setup
This project used vagrant for as standard development environment. This should
easy setting things up and reduce environment related errors.
## What you need
There are 3 things you will need to get before your local environment is up and
running.
### Git
This should already be installed on your system. If you are using Windows,
install [git bash for windows](https://git-scm.com/download/win)
### VirtualBox
Virtual box will be used to create a manged Linux VM on your computer. Please
install version 5.9 as version 6 is not supported.
### Vagrant
Vagrant is used to managed the local virtual environment and provision the VM.
**MAKE SURE GIT VIRTUAL BOX ARE INSTALLED FIRST!!!** At install time, vagrant
will integrate with them.
## Usage
Once you have everything installed and the projected cloned on your local
computer, open a terminal( Git Bash for windows users ) and move to the root of
the project.
### Chef secrets
This project like many other used secret API tokens that we do want tracked in
the git repo. in the root of the project, create a file called 'secrets.json'
and populate like so:
```json
{
"django": {
"github": {
"id": "<ID>",
"secret": "<SECRET>",
"token": "<TOKEN>"
}
}
}
```
### Basic vagrant usage and commands
We will interact with the project using vagrant. The work flow is `vagrant up`
creates a VM for your project and runs the provisioner to set everything up.
This command should be ran after the project is cloned or when you sit down to
start development. This command may take some time to complete depending on how
complex the project is. Once the VM is set up, you may now interact with it.
Vagrant will forward ports from the project to the user localhost address. For
example with this project, port 80 from the container will be mapped to
localhost:8000 and you will be able to access there. If you make a change to any
provisioning chef recipes, `vagrant provision` will need to ran. This will
run the chef provisioner on the VM making any changes needed.
Because we use the `secrets.json` file to store untracked configuration, all
vagrant command need to be ran where in the root of the project, where
`secrets.json` lives.
### `vagrant up`
Will start the local VM, creating it if needed. This command should always be
ran when a development session is started.
### `vagrant provision`
Will run the chef-solo provisioner. This will need to be ran anytime the chef
recipes or roles are changed.
### `vagrant status`
Will show you the status of local manged VM
### `vagrant halt`
Will shutdown the local VM. This should be done when you are finished working on
the project so you dont have a VM running in the background eating CPU/RAM and
battery. `vagrant up` can be used later to turn the VM back on.
### `vagrant destroy`
This will shutdown the VM and delete it. This command is useful if you have
messed up the VM and want to start from scratch. Or if you are done with the
project and want to free space from the computer.
### `vagrant ssh`
This will bring you into the local VM as the vagrant user. The vagrant user has
sudo. Use this only for debugging! **DO NOT INSTALL OR CHANGE THE STATE OF
PROJECT OR VM FROM HERE!!!!** that will break the concept of provisioning make
chef useless. Also make installation and configuration changes with chef.

0
LICENSE → nodejs/LICENSE
View File

80
README.md → nodejs/README.md
View File

@ -143,87 +143,11 @@ http {
```
add the SSL config file `/etc/openresty/autossl.conf`
```
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_certificate_by_lua_block {
auto_ssl:ssl_certificate()
}
location /.well-known/acme-challenge/ {
content_by_lua_block {
auto_ssl:challenge_server()
}
}
ssl_certificate /etc/ssl/resty-auto-ssl-fallback.crt;
ssl_certificate_key /etc/ssl/resty-auto-ssl-fallback.key;
```
add the SSL config file `/etc/openresty/autossl.conf`, contents from here https://github.com/theta42/t42-common/blob/master/templates/openresty/autossl.conf.erb
Add the proxy config `/etc/openresty/sites-enabled/000-proxy`
```
server {
listen 80;
listen 443 ssl;
include autossl.conf;
location / {
resolver 10.0.3.1; #8.8.4.4; # use Google's open DNS server
set $target '';
access_by_lua '
local key = ngx.var.host
if not key then
ngx.log(ngx.ERR, "no user-agent found")
return ngx.exit(400)
end
local redis = require "resty.redis"
local red = redis:new()
red:set_timeout(1000) -- 1 second
local ok, err = red:connect("127.0.0.1", 6379)
if not ok then
ngx.log(ngx.ERR, "failed to connect to redis: ", err)
return ngx.exit(500)
end
local host, err = red:hget("proxy_host_"..key, "ip")
if not host then
ngx.log(ngx.ERR, "failed to get redis key: ", err)
return ngx.exit(500)
end
if host == ngx.null then
ngx.log(ngx.ERR, "no host found for key ", key)
return ngx.exit(400)
end
ngx.log(ngx.WARN, "==Found match!!! ", key, host)
ngx.var.target = host
';
proxy_pass http://$target;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
add_header X-Target-Host $target;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
```
Add the proxy config `/etc/openresty/sites-enabled/000-proxy` contents from here https://github.com/theta42/t42-common/blob/master/templates/openresty/010-proxy.conf.erb
## ref

19
api.md → nodejs/api.md
View File

@ -6,7 +6,7 @@
curl -H "auth-token: 8eff4f16-086d-40fd-acbd-7634b9a36117" https://admin.rubyisforpussys.com/api/mine.com
```
* 200 {"host":"yours.com","results":{"ip":"127.0.0.1:4000","updated":"1518595297563","username":"test10"}}
* 200 {"host":"yours.com","results":{"ip":"127.0.0.1:4000","updated":"1518595297563","username":"test10","forceSSL": false, "targetSSL": true, "targetPort": "443"}}
* 404 {"host":"mine.comf","results":null}
@ -25,8 +25,19 @@ curl -H "auth-token: 8eff4f16-086d-40fd-acbd-7634b9a36117" https://admin.rubyisf
**post** `/api/`
Params
* **host** -- Required, The domain name for the new record.
* **ip** -- Required, The target IP or FQDN for the record.
* **targetSSL** -- If the remote IP target is SSL. Default is false and this is
not recommended.
* **targetPort** -- Required, TCP port for the remote server. Unless you know
otherwise, 80 for targetSSL false and 443 for true.
* **forceSSL** -- If requests should be forced to use SSL from the client to
the proxy. The default is false and this is HIGHLY recommended.
* **
```bash
curl -H "Content-Type: application/json" -H "auth-token: 8eff4f16-086d-40fd-acbd-7634b9a36117" -X POST -d '{"host": "yours.com", "ip": "127.0.0.1:4000", "forceSSL": true}' https://admin.rubyisforpussys.com/api/
curl -H "Content-Type: application/json" -H "auth-token: 8eff4f16-086d-40fd-acbd-7634b9a36117" -X POST -d '{"host": "test.vm42.com", "ip": "192.168.1.21", "targetSSL": false, "targetPort": "443", "forceSSL": true} https://admin.rubyisforpussys.com/api/
```
* 200 {"message":"Host yours.com Added"}
@ -75,7 +86,7 @@ curl -H "Content-Type: application/json" -X POST -d "{\"username\": \"test9\", \
**post** `/auth/login`
```bash
curl -H "Content-Type: application/json" -X POST -d "{\"username\": \"test8\", \"password\": \"palm7\"}" https://admin.rubyisforpussys.com/auth/login
curl -H "Content-Type: application/json" -X POST -d '{"username": "test8", "password": "mypassword"}' https://admin.rubyisforpussys.com/auth/login
```
* 200 {"login":true,"token":"027d3964-7d81-4462-a6f9-2c1f9b40b4be"}
@ -99,7 +110,7 @@ curl -H "Content-Type: application/json" -X POST -d "{\"key\":\"ssh-rsa AAAAB3Nz
**post** `/users/key`
```bash
curl -H "Content-Type: application/json" -H "auth-token: 8eff4f16-086d-40fd-acbd-7634b9a36117" -X POST -d "{\"key\": \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDM9vboz5YGgESsrR2e4JOeP2qtmQo2S8BjI+Y/VxPQ6WbNFzAkXxDniHcnPCrhkeX36SKINvMjWnt4XOK2S+X+1tCoXJzqtcKKyK0gx8ijBxcWVPxsMWjMYTGSVSKiKnt6CyQzrbVGJMh3iAQ8Yv1JwH+6SAtMgT8it7iLyntNFJCesh4I/znEG58A5VBbdUle1Ztz9afjj1CZns17jk7KPm9ig5DmuvdvnMEfhFjfKv1Rp6S5nxacMoTP4tJNSEUh55IicoWk94ii5GwUVLYgyMmzdlA32TqVLFpU2yAvdA9WSnBaI/ZyktlfI7YAmK2wFBsagr9Pq1TcUAY6rZ/GTMjDxExgdYn/FxlufcuqeNJsJXs2A+0xDS/9mv/yGQzNZrL8DrVhY2OKKLoH4Q7enDbhSgEFmJUJMqPxuPEgLEvKfzcURSvIwRj1iCEw6S4dhdaLJl2RRBb1ZWBQbE5ogIbvAl7GFJUAhj3pqYJnd30VENv1MkK+IoCS7EEP0caqL9RNAId0Plud7q2XElHqzkYUE+z+Q/LvGgclXK1ZmZejNaMnV53wfhAevfwVyNGK9i5gbwc1P2lplIa5laXCcVWezqELEkTpdjp4AeKmMuCr8rY8EnLKIcKWEOsX5UumztCow6e1E55v3VeHvRZLpw4DZP7EE0Q8B/jPFWqbCw== wmantly@gmail.co\"}" https://admin.rubyisforpussys.com/users/key
curl -H "Content-Type: application/json" -H "auth-token: 8eff4f16-086d-40fd-acbd-7634b9a36117" -X POST -d "{\"key\": \"ssh-rsa AAAAB3NzaC1yc2EAAjWnt4XOK2S+X+1tCoXJzqtcKKyK0gx8ijBxcWVPxsMWjMYTGSVSKiKnt6CyQzrbVGJMh3iAQ8Yv1JwH+6SAtMgT8it7iLyntNFJCesh4I/znEG58A5VBbdUle1Ztz9afjj1CZns17jk7KPm9ig5DmuvdvnMEfhFjfKv1Rp6S5nxacMoTP4tJNSEUh55IicoWk94ii5GwUVLYgyMmzdlA32TqVLFpU2yAvdA9WSnBaI/ZyktlfI7YAmK2wFBsagr9Pq1TcUAY6rZ/GTMjDxExgdYn/FxlufcuqeNJsJXs2A+0xDS/9mv/yGQzNZrL8DrVhY2OKKLoH4Q7enDbhSgEFmJUJMqPxuPEgLEvKfzcURSvIwRj1iCEw6S4dhdaLJl2RRBb1ZWBQbE5ogIbvAl7GFJUAhj3pqYJnd30VENv1MkK+IoCS7EEP0caqL9RNAId0Plud7q2XElHqzkYUE+z+Q/LvGgclXK1ZmZejNaMnV53wfhAevfwVyNGK9i5gbwc1P2lplIa5laXCcVWezqELEkTpdjp4AeKmMuCr8rY8EnLKIcKWEOsX5UumztCow6e1E55v3VeHvRZLpw4DZP7EE0Q8B/jPFWqbCw== wmantly@gmail.co\"}" https://admin.rubyisforpussys.com/users/key
```
* 200 {"message":true}

0
app.js → nodejs/app.js
View File

2
bin/www → nodejs/bin/www
View File

@ -12,7 +12,7 @@ var http = require('http');
* Get port from environment and store in Express.
*/
var port = normalizePort(process.env.PORT || '3000');
var port = normalizePort(process.env.NODE_PORT || '3000');
app.set('port', port);
/**

0
hostcontrol.js → nodejs/hostcontrol.js
View File

0
middleware/auth.js → nodejs/middleware/auth.js
View File

0
models/auth.js → nodejs/models/auth.js
View File

8
models/hosts.js → nodejs/models/hosts.js
View File

@ -21,11 +21,19 @@ async function listAll(){
async function add(data){
try{
await client.SADD('hosts', data.host);
await client.HSET('host_' + data.host, 'ip', data.ip);
await client.HSET('host_' + data.host, 'updated', (new Date).getTime());
await client.HSET('host_' + data.host, 'username', data.username);
await client.HSET('host_' + data.host, 'targetPort', data.targetPort);
if(data.forceSSL !== undefined){
await client.HSET('host_' + data.host, 'forcessl', !!data.forceSSL);
}
if(data.targetSSL !== undefined){
await client.HSET('host_' + data.host, 'targetssl', !!data.targetSSL);
}
} catch (error){
return new Error(error);

2
models/users.js → nodejs/models/users.js
View File

@ -2,7 +2,7 @@
const {promisify} = require('util');
const client = require('../redis');
const linuxUser = require('linux-user');
const linuxUser = require('linux-sys-user');
const pam = require('authenticate-pam');
const UUID = function b(a){return a?(a^Math.random()*16>>a/4).toString(16):([1e7]+-1e3+-4e3+-8e3+-1e11).replace(/[018]/g,b)};

56
package-lock.json → nodejs/package-lock.json generated
View File

@ -147,11 +147,6 @@
"resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-1.13.1.tgz",
"integrity": "sha512-Un7MIEDdUC5gNpcGDV97op1Ywk748MpHcFTHoYs6qnj1Z3j7I53VG3nwZhKzoBZmbdRNnb6WRdFlwl7tSDuZGw=="
},
"bluebird": {
"version": "3.5.5",
"resolved": "https://registry.npmjs.org/bluebird/-/bluebird-3.5.5.tgz",
"integrity": "sha512-5am6HnnfN+urzt4yfg7IgTbotDjIT/u8AJpEt0sIU9FtXfVeezXAPKswrG+xKUCOYAINpSdgZVDU6QFh+cuH3w=="
},
"body-parser": {
"version": "1.18.3",
"resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.18.3.tgz",
@ -787,8 +782,7 @@
},
"ansi-regex": {
"version": "2.1.1",
"bundled": true,
"optional": true
"bundled": true
},
"aproba": {
"version": "1.2.0",
@ -806,13 +800,11 @@
},
"balanced-match": {
"version": "1.0.0",
"bundled": true,
"optional": true
"bundled": true
},
"brace-expansion": {
"version": "1.1.11",
"bundled": true,
"optional": true,
"requires": {
"balanced-match": "^1.0.0",
"concat-map": "0.0.1"
@ -825,18 +817,15 @@
},
"code-point-at": {
"version": "1.1.0",
"bundled": true,
"optional": true
"bundled": true
},
"concat-map": {
"version": "0.0.1",
"bundled": true,
"optional": true
"bundled": true
},
"console-control-strings": {
"version": "1.1.0",
"bundled": true,
"optional": true
"bundled": true
},
"core-util-is": {
"version": "1.0.2",
@ -939,8 +928,7 @@
},
"inherits": {
"version": "2.0.3",
"bundled": true,
"optional": true
"bundled": true
},
"ini": {
"version": "1.3.5",
@ -950,7 +938,6 @@
"is-fullwidth-code-point": {
"version": "1.0.0",
"bundled": true,
"optional": true,
"requires": {
"number-is-nan": "^1.0.0"
}
@ -963,20 +950,17 @@
"minimatch": {
"version": "3.0.4",
"bundled": true,
"optional": true,
"requires": {
"brace-expansion": "^1.1.7"
}
},
"minimist": {
"version": "0.0.8",
"bundled": true,
"optional": true
"bundled": true
},
"minipass": {
"version": "2.3.5",
"bundled": true,
"optional": true,
"requires": {
"safe-buffer": "^5.1.2",
"yallist": "^3.0.0"
@ -993,7 +977,6 @@
"mkdirp": {
"version": "0.5.1",
"bundled": true,
"optional": true,
"requires": {
"minimist": "0.0.8"
}
@ -1066,8 +1049,7 @@
},
"number-is-nan": {
"version": "1.0.1",
"bundled": true,
"optional": true
"bundled": true
},
"object-assign": {
"version": "4.1.1",
@ -1077,7 +1059,6 @@
"once": {
"version": "1.4.0",
"bundled": true,
"optional": true,
"requires": {
"wrappy": "1"
}
@ -1153,8 +1134,7 @@
},
"safe-buffer": {
"version": "5.1.2",
"bundled": true,
"optional": true
"bundled": true
},
"safer-buffer": {
"version": "2.1.2",
@ -1184,7 +1164,6 @@
"string-width": {
"version": "1.0.2",
"bundled": true,
"optional": true,
"requires": {
"code-point-at": "^1.0.0",
"is-fullwidth-code-point": "^1.0.0",
@ -1202,7 +1181,6 @@
"strip-ansi": {
"version": "3.0.1",
"bundled": true,
"optional": true,
"requires": {
"ansi-regex": "^2.0.0"
}
@ -1241,13 +1219,11 @@
},
"wrappy": {
"version": "1.0.2",
"bundled": true,
"optional": true
"bundled": true
},
"yallist": {
"version": "3.0.3",
"bundled": true,
"optional": true
"bundled": true
}
}
},
@ -1577,17 +1553,11 @@
},
"linux-sys-user": {
"version": "github:wmantly/linux-user#94ce2f75a5cc365355ca10d2f5b824c6f0180609",
"from": "github:wmantly/linux-user",
"requires": {
"bluebird": "^3.5.5"
}
"from": "github:wmantly/linux-user"
},
"linux-user": {
"version": "github:wmantly/linux-user#94ce2f75a5cc365355ca10d2f5b824c6f0180609",
"from": "github:wmantly/linux-user",
"requires": {
"bluebird": "^3.5.5"
}
"from": "github:wmantly/linux-user"
},
"map-cache": {
"version": "0.2.2",

0
package.json → nodejs/package.json
View File

0
redis.js → nodejs/redis.js
View File

0
routes/auth.js → nodejs/routes/auth.js
View File

0
routes/index.js → nodejs/routes/index.js
View File

11
routes/routes.js → nodejs/routes/routes.js
View File

@ -27,15 +27,20 @@ router.get('/', async function(req, res){
router.post('/', async function(req, res){
let ip = req.body.ip;
let host = req.body.host;
let targetPort = req.body.targetPort;
if(!host || !ip){
if(!host || !ip || !targetPort ){
return res.status(400).json({
message: `Missing fields: ${!host ? 'host' : ''} ${!ip ? 'ip' : ''}`
message: `Missing fields: ${!host ? 'host' : ''} ${!ip ? 'ip' : ''} ${!targetPort ? 'targetPort' : ''}`
});
}
try{
Host.add({host, ip, username: req.user.username});
await Host.add({host, ip, targetPort,
username: req.user.username,
forceSSL: req.body.forceSSL,
targetSSL: req.body.targetSSL,
});
return res.json({
message: `Host ${host} Added`

0
routes/users.js → nodejs/routes/users.js
View File

0
ssh-keygen → nodejs/ssh-keygen
View File

6
ops/cookbooks/Berksfile Normal file
View File

@ -0,0 +1,6 @@
source 'https://supermarket.chef.io'
# cookbook 'mysql', '~> 8.5.1'
metadata
cookbook 'app', path: 'app'
cookbook 't42-common', git: 'https://github.com/theta42/t42-common.git'

21
ops/cookbooks/app/.delivery/build_cookbook/.kitchen.yml Normal file
View File

@ -0,0 +1,21 @@
---
driver:
name: vagrant
synced_folders:
- [<%= File.join(ENV['PWD'], '..', '..')%>, '/tmp/repo-data']
provisioner:
name: chef_zero
encrypted_data_bag_secret_key_path: 'secrets/fakey-mcfakerton'
data_bags_path: './data_bags'
product_name: chefdk
platforms:
- name: ubuntu-16.04
- name: centos-7
suites:
- name: default
run_list:
- recipe[test]
attributes:

7
ops/cookbooks/app/.delivery/build_cookbook/Berksfile Normal file
View File

@ -0,0 +1,7 @@
source 'https://supermarket.chef.io'
metadata
group :delivery do
cookbook 'test', path: './test/fixtures/cookbooks/test'
end

3
ops/cookbooks/app/.delivery/build_cookbook/LICENSE Normal file
View File

@ -0,0 +1,3 @@
Copyright 2019 The Authors
All rights reserved, do not redistribute.

146
ops/cookbooks/app/.delivery/build_cookbook/README.md Normal file
View File

@ -0,0 +1,146 @@
# build_cookbook
A build cookbook for running the parent project through Chef Delivery
This build cookbook should be customized to suit the needs of the parent project. Using this cookbook can be done outside of Chef Delivery, too. If the parent project is a Chef cookbook, we've detected that and "wrapped" [delivery-truck](https://github.com/chef-cookbooks/delivery-truck). That means it is a dependency, and each of its pipeline phase recipes is included in the appropriate phase recipes in this cookbook. If the parent project is not a cookbook, it's left as an exercise to the reader to customize the recipes as needed for each phase in the pipeline.
## .delivery/config.json
In the parent directory to this build_cookbook, the `config.json` can be modified as necessary. For example, phases can be skipped, publishing information can be added, and so on. Refer to customer support or the Chef Delivery documentation for assistance on what options are available for this configuration.
## Test Kitchen - Local Verify Testing
This cookbook also has a `.kitchen.yml` which can be used to create local build nodes with Test Kitchen to perform the verification phases, `unit`, `syntax`, and `lint`. When running `kitchen converge`, the instances will be set up like Chef Delivery "build nodes" with the [delivery_build cookbook](https://github.com/chef-cookbooks/delivery_build). The reason for this is to make sure that the same exact kind of nodes are used by this build cookbook are run on the local workstation as would run Delivery. It will run `delivery job verify PHASE` for the parent project.
Modify the `.kitchen.yml` if necessary to change the platforms or other configuration to run the verify phases. After making changes in the parent project, `cd` into this directory (`.delivery/build_cookbook`), and run:
```
kitchen test
```
## Recipes
Each of the recipes in this build_cookbook are run in the named phase during the Chef Delivery pipeline. The `unit`, `syntax`, and `lint` recipes are additionally run when using Test Kitchen for local testing as noted in the above section.
## Making Changes - Cookbook Example
When making changes in the parent project (that which lives in `../..` from this directory), or in the recipes in this build cookbook, there is a bespoke workflow for Chef Delivery. As an example, we'll discuss a Chef Cookbook as the parent.
First, create a new branch for the changes.
```
git checkout -b testing-build-cookbook
```
Next, increment the version in the metadata.rb. This should be in the _parent_, not in this, the build_cookbook. If this is not done, the verify phase will fail.
```
% git diff
<SNIP>
-version '0.1.0'
+version '0.1.1'
```
The change we'll use for an example is to install the `zsh` package. Write a failing ChefSpec in the cookbook project's `spec/unit/recipes/default_spec.rb`.
```ruby
require 'spec_helper'
describe 'godzilla::default' do
context 'When all attributes are default, on Ubuntu 16.04' do
let(:chef_run) do
runner = ChefSpec::ServerRunner.new(platform: 'ubuntu', version: '16.04')
runner.converge(described_recipe)
end
it 'installs zsh' do
expect(chef_run).to install_package('zsh')
end
end
end
```
Commit the local changes as work in progress. The `delivery job` expects to use a clean git repository.
```
git add ../..
git commit -m 'WIP: Testing changes'
```
From _this_ directory (`.delivery/build_cookbook`, relative to the parent cookbook project), run
```
cd .delivery/build_cookbook
kitchen converge
```
This will take some time at first, because the VMs need to be created, Chef installed, the Delivery CLI installed, etc. Later runs will be faster until they are destroyed. It will also fail on the first VM, as expected, because we wrote the test first. Now edit the parent cookbook project's default recipe to install `zsh`.
```
cd ../../
$EDITOR/recipes/default.rb
```
It should look like this:
```
package 'zsh'
```
Create another commit.
```
git add .
git commit -m 'WIP: Install zsh in default recipe'
```
Now rerun kitchen from the build_cookbook.
```
cd .delivery/build_cookbook
kitchen converge
```
This will take awhile because it will now pass on the first VM, and then create the second VM. We should have warned you this was a good time for a coffee break.
```
Recipe: test::default
- execute HOME=/home/vagrant delivery job verify unit --server localhost --ent test --org kitchen
* execute[HOME=/home/vagrant delivery job verify lint --server localhost --ent test --org kitchen] action run
- execute HOME=/home/vagrant delivery job verify lint --server localhost --ent test --org kitchen
- execute HOME=/home/vagrant delivery job verify syntax --server localhost --ent test --org kitchen
Running handlers:
Running handlers complete
Chef Client finished, 3/32 resources updated in 54.665445968 seconds
Finished converging <default-centos-71> (1m26.83s).
```
Victory is ours! Our verify phase passed on the build nodes.
We are ready to run this through our Delivery pipeline. Simply run `delivery review` on the local system from the parent project, and it will open a browser window up to the change we just added.
```
cd ../..
delivery review
```
## FAQ
### Why don't I just run rspec and foodcritic/rubocop on my local system?
An objection to the Test Kitchen approach is that it is much faster to run the unit, lint, and syntax commands for the project on the local system. That is totally true, and also totally valid. Do that for the really fast feedback loop. However, the dance we do with Test Kitchen brings a much higher degree of confidence in the changes we're making, that everything will run on the build nodes in Chef Delivery. We strongly encourage this approach before actually pushing the changes to Delivery.
### Why do I have to make a commit every time?
When running `delivery job`, it expects to merge the commit for the changeset against the clean master branch. If we don't save our progress by making a commit, our local changes aren't run through `delivery job` in the Test Kitchen build instances. We can always perform an interactive rebase, and modify the original changeset message in Delivery with `delivery review --edit`. The latter won't modify the git commits, only the changeset in Delivery.
### What do I do next?
Make changes in the cookbook project as required for organizational goals and needs. Modify the `build_cookbook` as necessary for the pipeline phases that the cookbook should go through.
### What if I get stuck?
Contact Chef Support, or your Chef Customer Success team and they will help you get unstuck.

104
ops/cookbooks/app/.delivery/build_cookbook/chefignore Normal file
View File

@ -0,0 +1,104 @@
# Put files/directories that should be ignored in this file when uploading
# to a chef-server or supermarket.
# Lines that start with '# ' are comments.
# OS generated files #
######################
.DS_Store
Icon?
nohup.out
ehthumbs.db
Thumbs.db
# SASS #
########
.sass-cache
# EDITORS #
###########
\#*
.#*
*~
*.sw[a-z]
*.bak
REVISION
TAGS*
tmtags
*_flymake.*
*_flymake
*.tmproj
.project
.settings
mkmf.log
## COMPILED ##
##############
a.out
*.o
*.pyc
*.so
*.com
*.class
*.dll
*.exe
*/rdoc/
# Testing #
###########
.watchr
.rspec
spec/*
spec/fixtures/*
test/*
features/*
examples/*
Guardfile
Procfile
.kitchen*
kitchen.yml*
.rubocop.yml
spec/*
Rakefile
.travis.yml
.foodcritic
.codeclimate.yml
# SCM #
#######
.git
*/.git
.gitignore
.gitmodules
.gitconfig
.gitattributes
.svn
*/.bzr/*
*/.hg/*
*/.svn/*
# Berkshelf #
#############
Berksfile
Berksfile.lock
cookbooks/*
tmp
# Bundler #
###########
vendor/*
# Policyfile #
##############
Policyfile.rb
Policyfile.lock.json
# Cookbooks #
#############
CONTRIBUTING*
CHANGELOG*
TESTING*
# Vagrant #
###########
.vagrant
Vagrantfile

1
ops/cookbooks/app/.delivery/build_cookbook/data_bags/keys/delivery_builder_keys.json Normal file
View File

@ -0,0 +1 @@
{"id": "delivery_builder_keys"}

8
ops/cookbooks/app/.delivery/build_cookbook/metadata.rb Normal file
View File

@ -0,0 +1,8 @@
name 'build_cookbook'
maintainer 'The Authors'
maintainer_email 'you@example.com'
license 'all_rights'
version '0.1.0'
chef_version '>= 13.0'
depends 'delivery-truck'

6
ops/cookbooks/app/.delivery/build_cookbook/recipes/default.rb Normal file
View File

@ -0,0 +1,6 @@
#
# Cookbook:: build_cookbook
# Recipe:: default
#
# Copyright:: 2019, The Authors, All Rights Reserved.
include_recipe 'delivery-truck::default'

6
ops/cookbooks/app/.delivery/build_cookbook/recipes/deploy.rb Normal file
View File

@ -0,0 +1,6 @@
#
# Cookbook:: build_cookbook
# Recipe:: deploy
#
# Copyright:: 2019, The Authors, All Rights Reserved.
include_recipe 'delivery-truck::deploy'

6
ops/cookbooks/app/.delivery/build_cookbook/recipes/functional.rb Normal file
View File

@ -0,0 +1,6 @@
#
# Cookbook:: build_cookbook
# Recipe:: functional
#
# Copyright:: 2019, The Authors, All Rights Reserved.
include_recipe 'delivery-truck::functional'

6
ops/cookbooks/app/.delivery/build_cookbook/recipes/lint.rb Normal file
View File

@ -0,0 +1,6 @@
#
# Cookbook:: build_cookbook
# Recipe:: lint
#
# Copyright:: 2019, The Authors, All Rights Reserved.
include_recipe 'delivery-truck::lint'

6
ops/cookbooks/app/.delivery/build_cookbook/recipes/provision.rb Normal file
View File

@ -0,0 +1,6 @@
#
# Cookbook:: build_cookbook
# Recipe:: provision
#
# Copyright:: 2019, The Authors, All Rights Reserved.
include_recipe 'delivery-truck::provision'

6
ops/cookbooks/app/.delivery/build_cookbook/recipes/publish.rb Normal file
View File

@ -0,0 +1,6 @@
#
# Cookbook:: build_cookbook
# Recipe:: publish
#
# Copyright:: 2019, The Authors, All Rights Reserved.
include_recipe 'delivery-truck::publish'

6
ops/cookbooks/app/.delivery/build_cookbook/recipes/quality.rb Normal file
View File

@ -0,0 +1,6 @@
#
# Cookbook:: build_cookbook
# Recipe:: quality
#
# Copyright:: 2019, The Authors, All Rights Reserved.
include_recipe 'delivery-truck::quality'

6
ops/cookbooks/app/.delivery/build_cookbook/recipes/security.rb Normal file
View File

@ -0,0 +1,6 @@
#
# Cookbook:: build_cookbook
# Recipe:: security
#
# Copyright:: 2019, The Authors, All Rights Reserved.
include_recipe 'delivery-truck::security'

6
ops/cookbooks/app/.delivery/build_cookbook/recipes/smoke.rb Normal file
View File

@ -0,0 +1,6 @@
#
# Cookbook:: build_cookbook
# Recipe:: smoke
#
# Copyright:: 2019, The Authors, All Rights Reserved.
include_recipe 'delivery-truck::smoke'

6
ops/cookbooks/app/.delivery/build_cookbook/recipes/syntax.rb Normal file
View File

@ -0,0 +1,6 @@
#
# Cookbook:: build_cookbook
# Recipe:: syntax
#
# Copyright:: 2019, The Authors, All Rights Reserved.
include_recipe 'delivery-truck::syntax'

6
ops/cookbooks/app/.delivery/build_cookbook/recipes/unit.rb Normal file
View File

@ -0,0 +1,6 @@
#
# Cookbook:: build_cookbook
# Recipe:: unit
#
# Copyright:: 2019, The Authors, All Rights Reserved.
include_recipe 'delivery-truck::unit'

0
ops/cookbooks/app/.delivery/build_cookbook/secrets/fakey-mcfakerton Normal file
View File

2
ops/cookbooks/app/.delivery/build_cookbook/test/fixtures/cookbooks/test/metadata.rb vendored Normal file
View File

@ -0,0 +1,2 @@
name 'test'
version '0.1.0'

9
ops/cookbooks/app/.delivery/build_cookbook/test/fixtures/cookbooks/test/recipes/default.rb vendored Normal file
View File

@ -0,0 +1,9 @@
# frozen_string_literal: true
%w(unit lint syntax).each do |phase|
# TODO: This works on Linux/Unix. Not Windows.
execute "HOME=/home/vagrant delivery job verify #{phase} --server localhost --ent test --org kitchen" do
cwd '/tmp/repo-data'
user 'vagrant'
environment('GIT_DISCOVERY_ACROSS_FILESYSTEM' => '1')
end
end

17
ops/cookbooks/app/.delivery/config.json Normal file
View File

@ -0,0 +1,17 @@
{
"version": "2",
"build_cookbook": {
"name": "build_cookbook",
"path": ".delivery/build_cookbook"
},
"delivery-truck": {
"lint": {
"enable_cookstyle": true
}
},
"skip_phases": [],
"job_dispatch": {
"version": "v2"
},
"dependencies": []
}

36
ops/cookbooks/app/.delivery/project.toml Normal file
View File

@ -0,0 +1,36 @@
# Delivery Prototype for Local Phases Execution
#
# The purpose of this file is to prototype a new way to execute
# phases locally on your workstation. The delivery-cli will read
# this file and execute the command(s) that are configured for
# each phase. You can customize them by just modifying the phase
# key on this file.
#
# By default these phases are configured for Cookbook Workflow only
#
# As this is still a prototype we are not modifying the current
# config.json file and it will continue working as usual.
[local_phases]
unit = "chef exec rspec spec/"
lint = "chef exec cookstyle"
# Foodcritic includes rules only appropriate for community cookbooks
# uploaded to Supermarket. We turn off any rules tagged "supermarket"
# by default. If you plan to share this cookbook you should remove
# '-t ~supermarket' below to enable supermarket rules.
syntax = "chef exec foodcritic . -t ~supermarket"
provision = "chef exec kitchen create"
deploy = "chef exec kitchen converge"
smoke = "chef exec kitchen verify"
# The functional phase is optional, you can define it by uncommenting
# the line below and running the command: `delivery local functional`
# functional = ""
cleanup = "chef exec kitchen destroy"
# Remote project.toml file
#
# Specify a remote URI location for the `project.toml` file.
# This is useful for teams that wish to centrally manage the behavior
# of the `delivery local` command across many different projects.
#
# remote_file = "https://url/project.toml"

22
ops/cookbooks/app/.gitignore vendored Normal file
View File

@ -0,0 +1,22 @@
.vagrant
*~
*#
.#*
\#*#
.*.sw[a-z]
*.un~
# Bundler
Gemfile.lock
gems.locked
bin/*
.bundle/*
# test kitchen
.kitchen/
.kitchen.local.yml
# Chef
Berksfile.lock
.zero-knife.rb
Policyfile.lock.json

26
ops/cookbooks/app/.kitchen.yml Normal file
View File

@ -0,0 +1,26 @@
---
driver:
name: vagrant
provisioner:
name: chef_zero
# You may wish to disable always updating cookbooks in CI or other testing environments.
# For example:
# always_update_cookbooks: <%= !ENV['CI'] %>
always_update_cookbooks: true
verifier:
name: inspec
platforms:
- name: ubuntu-16.04
- name: centos-7
suites:
- name: default
run_list:
- recipe[django-bakend::default]
verifier:
inspec_tests:
- test/integration/default
attributes:

5
ops/cookbooks/app/Berksfile Normal file
View File

@ -0,0 +1,5 @@
# frozen_string_literal: true
source 'https://supermarket.chef.io'
# cookbook 'mysql', '~> 8.5.1'
cookbook "library-cookbook", "~> 0.1.1", git: "https://github.com/example/library-cookbook.git"
metadata

11
ops/cookbooks/app/CHANGELOG.md Normal file
View File

@ -0,0 +1,11 @@
# django-bakend CHANGELOG
This file is used to list changes made in each version of the django-bakend cookbook.
# 0.1.0
Initial release.
- change 0
- change 1

3
ops/cookbooks/app/LICENSE Normal file
View File

@ -0,0 +1,3 @@
Copyright 2019 The Authors
All rights reserved, do not redistribute.

4
ops/cookbooks/app/README.md Normal file
View File

@ -0,0 +1,4 @@
# django-backend
TODO: Enter the cookbook description here.

104
ops/cookbooks/app/chefignore Normal file
View File

@ -0,0 +1,104 @@
# Put files/directories that should be ignored in this file when uploading
# to a chef-server or supermarket.
# Lines that start with '# ' are comments.
# OS generated files #
######################
.DS_Store
Icon?
nohup.out
ehthumbs.db
Thumbs.db
# SASS #
########
.sass-cache
# EDITORS #
###########
\#*
.#*
*~
*.sw[a-z]
*.bak
REVISION
TAGS*
tmtags
*_flymake.*
*_flymake
*.tmproj
.project
.settings
mkmf.log
## COMPILED ##
##############
a.out
*.o
*.pyc
*.so
*.com
*.class
*.dll
*.exe
*/rdoc/
# Testing #
###########
.watchr
.rspec
spec/*
spec/fixtures/*
test/*
features/*
examples/*
Guardfile
Procfile
.kitchen*
kitchen.yml*
.rubocop.yml
spec/*
Rakefile
.travis.yml
.foodcritic
.codeclimate.yml
# SCM #
#######
.git
*/.git
.gitignore
.gitmodules
.gitconfig
.gitattributes
.svn
*/.bzr/*
*/.hg/*
*/.svn/*
# Berkshelf #
#############
Berksfile
Berksfile.lock
cookbooks/*
tmp
# Bundler #
###########
vendor/*
# Policyfile #
##############
Policyfile.rb
Policyfile.lock.json
# Cookbooks #
#############
CONTRIBUTING*
CHANGELOG*
TESTING*
# Vagrant #
###########
.vagrant
Vagrantfile

22
ops/cookbooks/app/metadata.rb Normal file
View File

@ -0,0 +1,22 @@
name 'app'
maintainer 'The Authors'
maintainer_email 'you@example.com'
license 'All Rights Reserved'
description 'Installs/Configures django-backend'
long_description 'Installs/Configures django-backend'
version '0.1.0'
chef_version '>= 13.0'
depends 't42-common'
# The `issues_url` points to the location where issues for this cookbook are
# tracked. A `View Issues` link will be displayed on this cookbook's page when
# uploaded to a Supermarket.
#
# issues_url 'https://github.com/<insert_org_here>/django-backend/issues'
# The `source_url` points to the development repository for this cookbook. A
# `View Source` link will be displayed on this cookbook's page when uploaded to
# a Supermarket.
#
# source_url 'https://github.com/<insert_org_here>/django-backend'

1
ops/cookbooks/app/recipes/default.rb Normal file
View File

@ -0,0 +1 @@
package 'libpam0g-dev'

3
ops/cookbooks/app/spec/spec_helper.rb Normal file
View File

@ -0,0 +1,3 @@
# frozen_string_literal: true
require 'chefspec'
require 'chefspec/berkshelf'

35
ops/cookbooks/app/spec/unit/recipes/default_spec.rb Normal file
View File

@ -0,0 +1,35 @@
#
# Cookbook:: app
# Spec:: default
#
# Copyright:: 2019, The Authors, All Rights Reserved.
require 'spec_helper'
describe 'app::default' do
context 'When all attributes are default, on Ubuntu 16.04' do
let(:chef_run) do
# for a complete list of available platforms and versions see:
# https://github.com/customink/fauxhai/blob/master/PLATFORMS.md
runner = ChefSpec::ServerRunner.new(platform: 'ubuntu', version: '16.04')
runner.converge(described_recipe)
end
it 'converges successfully' do
expect { chef_run }.to_not raise_error
end
end
context 'When all attributes are default, on CentOS 7.4.1708' do
let(:chef_run) do
# for a complete list of available platforms and versions see:
# https://github.com/customink/fauxhai/blob/master/PLATFORMS.md
runner = ChefSpec::ServerRunner.new(platform: 'centos', version: '7.4.1708')
runner.converge(described_recipe)
end
it 'converges successfully' do
expect { chef_run }.to_not raise_error
end
end
end

16
ops/cookbooks/app/test/integration/default/default_test.rb Normal file
View File

@ -0,0 +1,16 @@
# InSpec test for recipe django-bakend::default
# The InSpec reference, with examples and extensive documentation, can be
# found at http://inspec.io/docs/reference/resources/
unless os.windows?
# This is an example test, replace with your own test.
describe user('root'), :skip do
it { should exist }
end
end
# This is an example test, replace it with your own test.
describe port(80), :skip do
it { should_not be_listening }
end

3
ops/cookbooks/metadata.rb Normal file
View File

@ -0,0 +1,3 @@
name 'change-me'
depnds 'app'

21
ops/cookbooks/vendor/app/.delivery/build_cookbook/.kitchen.yml vendored Normal file
View File

@ -0,0 +1,21 @@
---
driver:
name: vagrant
synced_folders:
- [<%= File.join(ENV['PWD'], '..', '..')%>, '/tmp/repo-data']
provisioner:
name: chef_zero
encrypted_data_bag_secret_key_path: 'secrets/fakey-mcfakerton'
data_bags_path: './data_bags'
product_name: chefdk
platforms:
- name: ubuntu-16.04
- name: centos-7
suites:
- name: default
run_list:
- recipe[test]
attributes:

7
ops/cookbooks/vendor/app/.delivery/build_cookbook/Berksfile vendored Normal file
View File

@ -0,0 +1,7 @@
source 'https://supermarket.chef.io'
metadata
group :delivery do
cookbook 'test', path: './test/fixtures/cookbooks/test'
end

3
ops/cookbooks/vendor/app/.delivery/build_cookbook/LICENSE vendored Normal file
View File

@ -0,0 +1,3 @@
Copyright 2019 The Authors
All rights reserved, do not redistribute.

146
ops/cookbooks/vendor/app/.delivery/build_cookbook/README.md vendored Normal file
View File

@ -0,0 +1,146 @@
# build_cookbook
A build cookbook for running the parent project through Chef Delivery
This build cookbook should be customized to suit the needs of the parent project. Using this cookbook can be done outside of Chef Delivery, too. If the parent project is a Chef cookbook, we've detected that and "wrapped" [delivery-truck](https://github.com/chef-cookbooks/delivery-truck). That means it is a dependency, and each of its pipeline phase recipes is included in the appropriate phase recipes in this cookbook. If the parent project is not a cookbook, it's left as an exercise to the reader to customize the recipes as needed for each phase in the pipeline.
## .delivery/config.json
In the parent directory to this build_cookbook, the `config.json` can be modified as necessary. For example, phases can be skipped, publishing information can be added, and so on. Refer to customer support or the Chef Delivery documentation for assistance on what options are available for this configuration.
## Test Kitchen - Local Verify Testing
This cookbook also has a `.kitchen.yml` which can be used to create local build nodes with Test Kitchen to perform the verification phases, `unit`, `syntax`, and `lint`. When running `kitchen converge`, the instances will be set up like Chef Delivery "build nodes" with the [delivery_build cookbook](https://github.com/chef-cookbooks/delivery_build). The reason for this is to make sure that the same exact kind of nodes are used by this build cookbook are run on the local workstation as would run Delivery. It will run `delivery job verify PHASE` for the parent project.
Modify the `.kitchen.yml` if necessary to change the platforms or other configuration to run the verify phases. After making changes in the parent project, `cd` into this directory (`.delivery/build_cookbook`), and run:
```
kitchen test
```
## Recipes
Each of the recipes in this build_cookbook are run in the named phase during the Chef Delivery pipeline. The `unit`, `syntax`, and `lint` recipes are additionally run when using Test Kitchen for local testing as noted in the above section.
## Making Changes - Cookbook Example
When making changes in the parent project (that which lives in `../..` from this directory), or in the recipes in this build cookbook, there is a bespoke workflow for Chef Delivery. As an example, we'll discuss a Chef Cookbook as the parent.
First, create a new branch for the changes.
```
git checkout -b testing-build-cookbook
```
Next, increment the version in the metadata.rb. This should be in the _parent_, not in this, the build_cookbook. If this is not done, the verify phase will fail.
```
% git diff
<SNIP>
-version '0.1.0'
+version '0.1.1'
```
The change we'll use for an example is to install the `zsh` package. Write a failing ChefSpec in the cookbook project's `spec/unit/recipes/default_spec.rb`.
```ruby
require 'spec_helper'
describe 'godzilla::default' do
context 'When all attributes are default, on Ubuntu 16.04' do
let(:chef_run) do
runner = ChefSpec::ServerRunner.new(platform: 'ubuntu', version: '16.04')
runner.converge(described_recipe)
end
it 'installs zsh' do
expect(chef_run).to install_package('zsh')
end
end
end
```
Commit the local changes as work in progress. The `delivery job` expects to use a clean git repository.
```
git add ../..
git commit -m 'WIP: Testing changes'
```
From _this_ directory (`.delivery/build_cookbook`, relative to the parent cookbook project), run
```
cd .delivery/build_cookbook
kitchen converge
```
This will take some time at first, because the VMs need to be created, Chef installed, the Delivery CLI installed, etc. Later runs will be faster until they are destroyed. It will also fail on the first VM, as expected, because we wrote the test first. Now edit the parent cookbook project's default recipe to install `zsh`.
```
cd ../../
$EDITOR/recipes/default.rb
```
It should look like this:
```
package 'zsh'
```
Create another commit.
```
git add .
git commit -m 'WIP: Install zsh in default recipe'
```
Now rerun kitchen from the build_cookbook.
```
cd .delivery/build_cookbook
kitchen converge
```
This will take awhile because it will now pass on the first VM, and then create the second VM. We should have warned you this was a good time for a coffee break.
```
Recipe: test::default
- execute HOME=/home/vagrant delivery job verify unit --server localhost --ent test --org kitchen
* execute[HOME=/home/vagrant delivery job verify lint --server localhost --ent test --org kitchen] action run
- execute HOME=/home/vagrant delivery job verify lint --server localhost --ent test --org kitchen
- execute HOME=/home/vagrant delivery job verify syntax --server localhost --ent test --org kitchen
Running handlers:
Running handlers complete
Chef Client finished, 3/32 resources updated in 54.665445968 seconds
Finished converging <default-centos-71> (1m26.83s).
```
Victory is ours! Our verify phase passed on the build nodes.
We are ready to run this through our Delivery pipeline. Simply run `delivery review` on the local system from the parent project, and it will open a browser window up to the change we just added.
```
cd ../..
delivery review
```
## FAQ
### Why don't I just run rspec and foodcritic/rubocop on my local system?
An objection to the Test Kitchen approach is that it is much faster to run the unit, lint, and syntax commands for the project on the local system. That is totally true, and also totally valid. Do that for the really fast feedback loop. However, the dance we do with Test Kitchen brings a much higher degree of confidence in the changes we're making, that everything will run on the build nodes in Chef Delivery. We strongly encourage this approach before actually pushing the changes to Delivery.
### Why do I have to make a commit every time?
When running `delivery job`, it expects to merge the commit for the changeset against the clean master branch. If we don't save our progress by making a commit, our local changes aren't run through `delivery job` in the Test Kitchen build instances. We can always perform an interactive rebase, and modify the original changeset message in Delivery with `delivery review --edit`. The latter won't modify the git commits, only the changeset in Delivery.
### What do I do next?
Make changes in the cookbook project as required for organizational goals and needs. Modify the `build_cookbook` as necessary for the pipeline phases that the cookbook should go through.
### What if I get stuck?
Contact Chef Support, or your Chef Customer Success team and they will help you get unstuck.

104
ops/cookbooks/vendor/app/.delivery/build_cookbook/chefignore vendored Normal file
View File

@ -0,0 +1,104 @@
# Put files/directories that should be ignored in this file when uploading
# to a chef-server or supermarket.
# Lines that start with '# ' are comments.
# OS generated files #
######################
.DS_Store
Icon?
nohup.out
ehthumbs.db
Thumbs.db
# SASS #
########
.sass-cache
# EDITORS #
###########
\#*
.#*
*~
*.sw[a-z]
*.bak
REVISION
TAGS*
tmtags
*_flymake.*
*_flymake
*.tmproj
.project
.settings
mkmf.log
## COMPILED ##
##############
a.out
*.o
*.pyc
*.so
*.com
*.class
*.dll
*.exe
*/rdoc/
# Testing #
###########
.watchr
.rspec
spec/*
spec/fixtures/*
test/*
features/*
examples/*
Guardfile
Procfile
.kitchen*
kitchen.yml*
.rubocop.yml
spec/*
Rakefile
.travis.yml
.foodcritic
.codeclimate.yml
# SCM #
#######
.git
*/.git
.gitignore
.gitmodules
.gitconfig
.gitattributes
.svn
*/.bzr/*
*/.hg/*
*/.svn/*
# Berkshelf #
#############
Berksfile
Berksfile.lock
cookbooks/*
tmp
# Bundler #
###########
vendor/*
# Policyfile #
##############
Policyfile.rb
Policyfile.lock.json
# Cookbooks #
#############
CONTRIBUTING*
CHANGELOG*
TESTING*
# Vagrant #
###########
.vagrant
Vagrantfile

1
ops/cookbooks/vendor/app/.delivery/build_cookbook/data_bags/keys/delivery_builder_keys.json vendored Normal file
View File

@ -0,0 +1 @@
{"id": "delivery_builder_keys"}

8
ops/cookbooks/vendor/app/.delivery/build_cookbook/metadata.rb vendored Normal file
View File

@ -0,0 +1,8 @@
name 'build_cookbook'
maintainer 'The Authors'
maintainer_email 'you@example.com'
license 'all_rights'
version '0.1.0'
chef_version '>= 13.0'
depends 'delivery-truck'

6
ops/cookbooks/vendor/app/.delivery/build_cookbook/recipes/default.rb vendored Normal file
View File

@ -0,0 +1,6 @@
#
# Cookbook:: build_cookbook
# Recipe:: default
#
# Copyright:: 2019, The Authors, All Rights Reserved.
include_recipe 'delivery-truck::default'

6
ops/cookbooks/vendor/app/.delivery/build_cookbook/recipes/deploy.rb vendored Normal file
View File

@ -0,0 +1,6 @@
#
# Cookbook:: build_cookbook
# Recipe:: deploy
#
# Copyright:: 2019, The Authors, All Rights Reserved.
include_recipe 'delivery-truck::deploy'

6
ops/cookbooks/vendor/app/.delivery/build_cookbook/recipes/functional.rb vendored Normal file
View File

@ -0,0 +1,6 @@
#
# Cookbook:: build_cookbook
# Recipe:: functional
#
# Copyright:: 2019, The Authors, All Rights Reserved.
include_recipe 'delivery-truck::functional'

6
ops/cookbooks/vendor/app/.delivery/build_cookbook/recipes/lint.rb vendored Normal file
View File

@ -0,0 +1,6 @@
#
# Cookbook:: build_cookbook
# Recipe:: lint
#
# Copyright:: 2019, The Authors, All Rights Reserved.
include_recipe 'delivery-truck::lint'

6
ops/cookbooks/vendor/app/.delivery/build_cookbook/recipes/provision.rb vendored Normal file
View File

@ -0,0 +1,6 @@
#
# Cookbook:: build_cookbook
# Recipe:: provision
#
# Copyright:: 2019, The Authors, All Rights Reserved.
include_recipe 'delivery-truck::provision'

6
ops/cookbooks/vendor/app/.delivery/build_cookbook/recipes/publish.rb vendored Normal file
View File

@ -0,0 +1,6 @@
#
# Cookbook:: build_cookbook
# Recipe:: publish
#
# Copyright:: 2019, The Authors, All Rights Reserved.
include_recipe 'delivery-truck::publish'

6
ops/cookbooks/vendor/app/.delivery/build_cookbook/recipes/quality.rb vendored Normal file
View File

@ -0,0 +1,6 @@
#
# Cookbook:: build_cookbook
# Recipe:: quality
#
# Copyright:: 2019, The Authors, All Rights Reserved.
include_recipe 'delivery-truck::quality'

6
ops/cookbooks/vendor/app/.delivery/build_cookbook/recipes/security.rb vendored Normal file
View File

@ -0,0 +1,6 @@
#
# Cookbook:: build_cookbook
# Recipe:: security
#
# Copyright:: 2019, The Authors, All Rights Reserved.
include_recipe 'delivery-truck::security'

6
ops/cookbooks/vendor/app/.delivery/build_cookbook/recipes/smoke.rb vendored Normal file
View File

@ -0,0 +1,6 @@
#
# Cookbook:: build_cookbook
# Recipe:: smoke
#
# Copyright:: 2019, The Authors, All Rights Reserved.
include_recipe 'delivery-truck::smoke'

6
ops/cookbooks/vendor/app/.delivery/build_cookbook/recipes/syntax.rb vendored Normal file
View File

@ -0,0 +1,6 @@
#
# Cookbook:: build_cookbook
# Recipe:: syntax
#
# Copyright:: 2019, The Authors, All Rights Reserved.
include_recipe 'delivery-truck::syntax'

6
ops/cookbooks/vendor/app/.delivery/build_cookbook/recipes/unit.rb vendored Normal file
View File

@ -0,0 +1,6 @@
#
# Cookbook:: build_cookbook
# Recipe:: unit
#
# Copyright:: 2019, The Authors, All Rights Reserved.
include_recipe 'delivery-truck::unit'

0
ops/cookbooks/vendor/app/.delivery/build_cookbook/secrets/fakey-mcfakerton vendored Normal file
View File

2
ops/cookbooks/vendor/app/.delivery/build_cookbook/test/fixtures/cookbooks/test/metadata.rb vendored Normal file
View File

@ -0,0 +1,2 @@
name 'test'
version '0.1.0'

9
ops/cookbooks/vendor/app/.delivery/build_cookbook/test/fixtures/cookbooks/test/recipes/default.rb vendored Normal file
View File

@ -0,0 +1,9 @@
# frozen_string_literal: true
%w(unit lint syntax).each do |phase|
# TODO: This works on Linux/Unix. Not Windows.
execute "HOME=/home/vagrant delivery job verify #{phase} --server localhost --ent test --org kitchen" do
cwd '/tmp/repo-data'
user 'vagrant'
environment('GIT_DISCOVERY_ACROSS_FILESYSTEM' => '1')
end
end

17
ops/cookbooks/vendor/app/.delivery/config.json vendored Normal file
View File

@ -0,0 +1,17 @@
{
"version": "2",
"build_cookbook": {
"name": "build_cookbook",
"path": ".delivery/build_cookbook"
},
"delivery-truck": {
"lint": {
"enable_cookstyle": true
}
},
"skip_phases": [],
"job_dispatch": {
"version": "v2"
},
"dependencies": []
}

36
ops/cookbooks/vendor/app/.delivery/project.toml vendored Normal file
View File

@ -0,0 +1,36 @@
# Delivery Prototype for Local Phases Execution
#
# The purpose of this file is to prototype a new way to execute
# phases locally on your workstation. The delivery-cli will read
# this file and execute the command(s) that are configured for
# each phase. You can customize them by just modifying the phase
# key on this file.
#
# By default these phases are configured for Cookbook Workflow only
#
# As this is still a prototype we are not modifying the current
# config.json file and it will continue working as usual.
[local_phases]
unit = "chef exec rspec spec/"
lint = "chef exec cookstyle"
# Foodcritic includes rules only appropriate for community cookbooks
# uploaded to Supermarket. We turn off any rules tagged "supermarket"
# by default. If you plan to share this cookbook you should remove
# '-t ~supermarket' below to enable supermarket rules.
syntax = "chef exec foodcritic . -t ~supermarket"
provision = "chef exec kitchen create"
deploy = "chef exec kitchen converge"
smoke = "chef exec kitchen verify"
# The functional phase is optional, you can define it by uncommenting
# the line below and running the command: `delivery local functional`
# functional = ""
cleanup = "chef exec kitchen destroy"
# Remote project.toml file
#
# Specify a remote URI location for the `project.toml` file.
# This is useful for teams that wish to centrally manage the behavior
# of the `delivery local` command across many different projects.
#
# remote_file = "https://url/project.toml"

3
ops/cookbooks/vendor/app/LICENSE vendored Normal file
View File

@ -0,0 +1,3 @@
Copyright 2019 The Authors
All rights reserved, do not redistribute.

4
ops/cookbooks/vendor/app/README.md vendored Normal file
View File

@ -0,0 +1,4 @@
# django-backend
TODO: Enter the cookbook description here.

104
ops/cookbooks/vendor/app/chefignore vendored Normal file
View File

@ -0,0 +1,104 @@
# Put files/directories that should be ignored in this file when uploading
# to a chef-server or supermarket.
# Lines that start with '# ' are comments.
# OS generated files #
######################
.DS_Store
Icon?
nohup.out
ehthumbs.db
Thumbs.db
# SASS #
########
.sass-cache
# EDITORS #
###########
\#*
.#*
*~
*.sw[a-z]
*.bak
REVISION
TAGS*
tmtags
*_flymake.*
*_flymake
*.tmproj
.project
.settings
mkmf.log
## COMPILED ##
##############
a.out
*.o
*.pyc
*.so
*.com
*.class
*.dll
*.exe
*/rdoc/
# Testing #
###########
.watchr
.rspec
spec/*
spec/fixtures/*
test/*
features/*
examples/*
Guardfile
Procfile
.kitchen*
kitchen.yml*
.rubocop.yml
spec/*
Rakefile
.travis.yml
.foodcritic
.codeclimate.yml
# SCM #
#######
.git
*/.git
.gitignore
.gitmodules
.gitconfig
.gitattributes
.svn
*/.bzr/*
*/.hg/*
*/.svn/*
# Berkshelf #
#############
Berksfile
Berksfile.lock
cookbooks/*
tmp
# Bundler #
###########
vendor/*
# Policyfile #
##############
Policyfile.rb
Policyfile.lock.json
# Cookbooks #
#############
CONTRIBUTING*
CHANGELOG*
TESTING*
# Vagrant #
###########
.vagrant
Vagrantfile

35
ops/cookbooks/vendor/app/metadata.json vendored Normal file
View File

@ -0,0 +1,35 @@
{
"name": "app",
"description": "Installs/Configures django-backend",
"long_description": "Installs/Configures django-backend",
"maintainer": "The Authors",
"maintainer_email": "you@example.com",
"license": "All Rights Reserved",
"platforms": {
},
"dependencies": {
"t42-common": ">= 0.0.0"
},
"providing": {
},
"recipes": {
},
"version": "0.1.0",
"source_url": "",
"issues_url": "",
"privacy": false,
"chef_versions": [
[
">= 13.0"
]
],
"ohai_versions": [
],
"gems": [
]
}

22
ops/cookbooks/vendor/app/metadata.rb vendored Normal file
View File

@ -0,0 +1,22 @@
name 'app'
maintainer 'The Authors'
maintainer_email 'you@example.com'
license 'All Rights Reserved'
description 'Installs/Configures django-backend'
long_description 'Installs/Configures django-backend'
version '0.1.0'
chef_version '>= 13.0'
depends 't42-common'
# The `issues_url` points to the location where issues for this cookbook are
# tracked. A `View Issues` link will be displayed on this cookbook's page when
# uploaded to a Supermarket.
#
# issues_url 'https://github.com/<insert_org_here>/django-backend/issues'
# The `source_url` points to the development repository for this cookbook. A
# `View Source` link will be displayed on this cookbook's page when uploaded to
# a Supermarket.
#
# source_url 'https://github.com/<insert_org_here>/django-backend'

1
ops/cookbooks/vendor/app/recipes/default.rb vendored Normal file
View File

@ -0,0 +1 @@
package 'libpam0g-dev'

0
ops/cookbooks/vendor/ark/.foodcritic vendored Normal file
View File

263
ops/cookbooks/vendor/ark/CHANGELOG.md vendored Normal file
View File

@ -0,0 +1,263 @@
# ark Cookbook CHANGELOG
This file is used to list changes made in each version of the ark cookbook.
## 4.0.0 (2018-07-25)
- Support append_env_path property on Windows, which increases the minimum required Chef release to Chef 13.4
## 3.1.1 (2018-07-24)
- Remove ChefSpec matchers since these are autogenerated now
- Update specs to the latest platform versions
- Remove template out of defaults directory
- Remove dependency on the Windows cookbook
## 3.1.0 (2017-05-06)
- Ensure the dependencies get installed on Chef 13 Amazon Linux systems
- Require Chef 12.7+ and remove action_class.class_eval usage
## 3.0.0 (2017-04-05)
- Rewrite of resource to custom resources.
- Remove EOL platforms from testing.
- Update zlib URL
-
## 2.2.1 (2016-12-16)
- Use Ohai root_group attribute to avoid trying to set the group to root on BSD/macOS.
- Add missing accessor for owner property
## 2.2.0 (2016-12-14)
- Add detection of .7z file extensions
- Fix 7zip extraction using strip_components >= 1 to properly extract to the path instead of the user's home_dir
- Always quote the path to the 7zip and xcopy binaries as they may have spaces
- Clarified in the readme that the install_with_make action includes the configure action
- Fix files with very long paths failing to extract on Windows
- Fix default owner of 'root' failing on Windows
- Fix 7-zip extraction with long paths when strip_components is >= 1
- Add the group attribute parameter to README
- Fix package installation failure on macOS systems
- Use x to extract with 7-zip, not e. Use e only for dump, which strips directories.
## 2.1.0 (2016-11-15)
- Move tar/7zip path logic out of attributes and into helpers to prevent failures when 7zip is not installed before the chef run starts
- Improve platform testing in Test Kitchen
- Recognize Windows as a supported platform in the readme
- Introduce a new attribute for overriding the 7-zip location: node['ark']['sevenzip_binary']
## 2.0.2 (2016-11-03)
- Fix suse support and centos < 6
## 2.1.0 (2016-11-01)
- Use multipackage installs to speed up installation
- Avoid installation package dependencies on Windows entirely
- Remove the testing bin stubs
## 2.0.0 (2016-09-15)
- Add CentOS 7.2, Fedora 23, and Suse specs
- Add centos 5, debian, and opensuse travis testing
- Add a contributing doc
- Fix cookstyle warnings
- Require Chef 12.1+
## [v1.2.0](https://github.com/chef-cookbooks/ark/tree/v1.2.0) (2016-07-03)
[Full Changelog](https://github.com/chef-cookbooks/ark/compare/v1.1.0...v1.2.0)
- Create seven_zip unpack command when strip_components is 0 [#155](https://github.com/chef-cookbooks/ark/pull/155) ([terkill](https://github.com/terkill))
- Get 7zip path from the windows registry. [#153](https://github.com/chef-cookbooks/ark/pull/153) ([buri17](https://github.com/buri17))
- Use fullpath for xcopy and icacls. [#152](https://github.com/chef-cookbooks/ark/pull/152) ([buri17](https://github.com/buri17))
- Define custom matcher helper for notification testing, fixes #139 [#144](https://github.com/chef-cookbooks/ark/pull/144) ([szymonpk](https://github.com/szymonpk))
## v1.1.0 (2016-05-19)
- Add support for RHEL 7
- Fixes to the readme to clarify actions / properties
- Expose the backup property in remote file to the ark resource
- Transfer the cookbook back to Chef
- Resolve all rubocop warnings
- Add maintainers files and Chef contributing docs
- Test on the latest platforms in .kitchen.yml and update Travis to use kitchen-dokken with additional platforms
## v1.0.1 (2016-02-16)
- Remove a large number of zero byte archives that snuck into the repository
- Remove a Chef 10 compatibility check in the custom resource
## v1.0.0 (2016-02-09)
- Added the pkg-config package to the debian platform family
- Added tar, xz-lzma-compat, and bzip2 packages to the RHEL and fedora platform families
- Updated FreeBSD to install gmake instead of make
- Added OS X, SmartOS, and FreeBSD to the tar path attributes to support those platforms
- Removed the has_binaries attribute from put action documentation in the readme file since this isn't supported there
- Moved the libraries module locations to no longer be under Opscode:: and broke out libraries into more logical units
- Fixed issues with spaces in Windows paths that could cause failures
- Fixed a bad attribute for the 7zip home on windows. Instead of using a node attribute use the value directly to avoid computed attribute overiding issues
- Switched from the 7-zip cookbook to seven_zip since the 7-zip cookbook is now deprecated
- Changed unzip commands to not use -u so that a newer archive can overwrite an existing directory
- Added support for actions py_setup, py_setup_install, py_setup_build
- Fixed setting home_dir attribute
- Added source_url and issues_url to the metadata.rb
- Expanded the supported platforms in metadata.rb
- Removed all references to Opscode
- Improved error logging when an unknown extension is encountered
- Added support for .tar files
- Improved overall testing:
- Removed the kitchen.cloud.yml file and gem dependencies
- Added integration testing in Travis with Kitchen-Docker and Travis tests now run using the nightly build of ChefDK
- Expanded platforms tested in the .kitchen.yml file
- Updated the Gemfile with the latest testing dependencies
- Added full Chefspec coverage
- Greatly expanded the ark_spec test cookbook
- Removed the original minitests
- Added standard Chef .gitignore and chefignore files
- Resolved a large number of rubocop warnings
- Removed old Opscode contributing and testing docs
- Added a cookbook version badge to the readme
- Removed the Toftfile
## v0.9.0 (2014-06-06)
- [COOK-3642] Add Windows support
## v0.8.2 (2014-04-23)
- [COOK-4514] - Support for SLES with the Ark cookbook
## v0.8.0 (2014-04-10)
- [COOK-2771] - Add support for XZ compression
## v0.7.2 (2014-03-28)
- [COOK-4477] - Fix failing test suite
- [COOK-4484] - Replace strip_leading_dir attribute with more general strip_components
## v0.7.0 (2014-03-18)
- [COOK-4437] - configure and install_with_make should chown after unpack
## v0.6.0 (2014-02-27)
[COOK-3786] - Unable to install multiple versions of archive without duplication
## v0.5.0 (2014-02-21)
### Bug
- **[COOK-4288](https://tickets.opscode.com/browse/COOK-4288)** - Cleanup the Kitchen
### Improvement
- **[COOK-4264](https://tickets.opscode.com/browse/COOK-4264)** - Add node['ark']['package_dependencies'] to allow tuning packages.
## v0.4.2
### Improvement
- **[COOK-3854](https://tickets.opscode.com/browse/COOK-3854)** - Capability with mac_os_x: '/bin/chown' - No such file or directory
- Cleaning up some style for rubucop
- Updating test harness
## v0.4.0
### Improvement
- **[COOK-3539](https://tickets.opscode.com/browse/COOK-3539)** - Allow dumping of bz2 and gzip files
## v0.3.2
### Bug
- **[COOK-3191](https://tickets.opscode.com/browse/COOK-3191)** - Propogate unzip failures
- **[COOK-3118](https://tickets.opscode.com/browse/COOK-3118)** - Set cookbook attribute in provider
- **[COOK-3055](https://tickets.opscode.com/browse/COOK-3055)** - Use proper scope in helper module
- **[COOK-3054](https://tickets.opscode.com/browse/COOK-3054)** - Fix notification resource updating
### Improvement
- **[COOK-3179](https://tickets.opscode.com/browse/COOK-3179)** - README updates and refactor
## v0.3.0
### Improvement
- [COOK-3087]: Can't use ark with chef < 11
### Bug
- [COOK-3064]: `only_if` statements in ark's `install_with_make` and configure actions are not testing for file existence correctly.
- [COOK-3067]: ark kitchen test for `cherry_pick` is expecting the binary to be in the same parent folder as in the archive.
## v0.2.4
### Bug
- [COOK-3048]: Ark provider contains a `ruby_block` resource without a block attribute
- [COOK-3063]: Ark cookbook `cherry_pick` action's unzip command does not close if statement
- [COOK-3065]: Ark install action does not symlink binaries correctly
## v0.2.2
- Update the README to reflect the requirement for Chef 11 to use the ark resource (`use_inline_resources`).
- Making this a release so it will also appear on the community site page.
## v0.2.0
### Bug
- [COOK-2772]: Ark cookbook has foodcritic failures in provides/default.rb
### Improvement
- [COOK-2520]: Refactor ark providers to use the '`use_inline_resources`' LWRP DSL feature
## v0.1.0
- [COOK-2335] - ark resource broken on Chef 11
## v0.0.1
- [COOK-2026] - Allow `cherry_pick` action to be used for directories as well as files
## v0.0.1
- [COOK-1593] - README formatting updates for better display on Community Site
## v0.0.1
### Bug
- dangling "unless"
### Improvement
- add `setup_py_*` actions
- add vagrantfile
- add foodcritic test
- travis.ci support
## v0.0.10 (May 23, 2012
### Bug
- `strip_leading_dir` not working for zip files <https://github.com/bryanwb/chef-ark/issues/19>
### Improvement
- use autogen.sh to generate configure script for configure action <https://github.com/bryanwb/chef-ark/issues/16>
- support more file extensions <https://github.com/bryanwb/chef-ark/pull/18>
- add extension attribute which allows you to download files which do not have the file extension as part of the URL

2
ops/cookbooks/vendor/ark/CONTRIBUTING.md vendored Normal file
View File

@ -0,0 +1,2 @@
Please refer to
https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD

298
ops/cookbooks/vendor/ark/README.md vendored Normal file
View File

@ -0,0 +1,298 @@
# ark cookbook
[![Build Status](https://travis-ci.org/chef-cookbooks/ark.svg?branch=master)](https://travis-ci.org/chef-cookbooks/ark) [![Cookbook Version](https://img.shields.io/cookbook/v/ark.svg)](https://supermarket.chef.io/cookbooks/ark)
## Overview
This cookbook provides `ark`, a resource for managing software archives. It manages the fetch-unpack-configure-build-install process common to installing software from source, or from binary distributions that are not fully fledged OS packages.
This cookbook started its life as a modified version of Infochimp's install_from cookbook. It has since been heavily refactored and extended to meet different use cases.
Given a simple project archive available at a url:
```ruby
ark 'pig' do
url 'http://apache.org/pig/pig-0.8.0.tar.gz'
end
```
The `ark` resource will:
- fetch it to to `/var/cache/chef/`
- unpack it to the default path (`/usr/local/pig-0.8.0`)
- create a symlink for `:home_dir` (`/usr/local/pig`) pointing to path
- add specified binary commands to the environment `PATH` variable
By default, the ark will not run again if the `:path` is not empty. Ark provides many actions to accommodate different use cases, such as `:dump`, `:cherry_pick`, `:put`, and `:install_with_make`.
At this time ark only handles files available from URLs using the [remote_file](http://docs.chef.io/resource_remote_file.html) provider. It does handle local files using the `file://` protocol.
## Requirements
### Platforms
- Debian/Ubuntu
- RHEL/CentOS/Scientific/Oracle
- Fedora
- FreeBSD
- SmartOS
- Mac OS X
- openSUSE / SUSE Linux Enterprises
- Windows
Should work on common Unix/Linux systems with typical userland utilities like tar, gzip, etc. May require the installation of build tools for compiling from source, but that installation is outside the scope of this cookbook.
### Chef
- Chef 13.4+
### Cookbooks
- build-essential
- seven_zip
## Attributes
Customize the attributes to suit site specific conventions and defaults.
- `node['ark']['apache_mirror']` - if the URL is an apache mirror, use the attribute as the default. default: `http://apache.mirrors.tds.net`
- `node['ark']['prefix_root']` - default base location if the `prefix_root` is not passed into the resource. default: `/usr/local`
- `node['ark']['prefix_bin']` - default binary location if the `prefix_bin` is not passed into the resource. default: `/usr/local/bin`
- `node['ark']['prefix_home']` - default home location if the `prefix_home` is not passed into the resource. default: `/usr/local`
- `node['ark']['package_dependencies']` - prerequisite system packages that need to be installed to support ark. default: varies based on platform
- `node['ark']['tar']` - allows overriding the default path to the tar binary, which varies based on platform
- `node['ark']['sevenzip_binary']` - allows overriding the default path to the 7zip binary, which is determined based on registry key value
## Resources
- `ark` - does the extract/build/configure
### Actions
- `:install`: extracts the file and creates a 'friendly' symbolic link to the extracted directory path
- `:configure`: configure ahead of the install action
- `:install_with_make`: extracts the archive to a path, runs `configure`, `make`, and `make install`.
- `:dump`: strips all directories from the archive and dumps the contained files into a specified path
- `:cherry_pick`: extract a specified file from an archive and places in specified path
- `:put`: extract the archive to a specified path, does not create any symbolic links
- `:remove`: removes the extracted directory and related symlink #TODO
- `:setup_py`: runs the command "python setup.py" in the extracted directory
- `:setup_py_build`: runs the command "python setup.py build" in the extracted directory
- `:setup_py_install`: runs the command "python setup.py install" in the extracted directory
### :cherry_pick
Extract a specified file from an archive and places in specified path.
#### Relevant Attribute Parameters for :cherry_pick
- `path`: directory to place file in.
- `creates`: specific file to cherry-pick.
### :dump
Strips all directories from the archive and dumps the contained files into a specified path.
NOTE: This currently only works for zip archives
#### Attribute Parameters for :dump
- `path`: path to dump files to.
- `mode`: file mode for `app_home`, as an integer.
- Example: `0775`
- `creates`: if you are appending files to a given directory, ark needs a condition to test whether the file has already been extracted. You can specify with creates, a file whose existence indicates the ark has previously been extracted and does not need to be extracted again.
### :put
Extract the archive to a specified path, does not create any symbolic links.
#### Attribute Parameters for :put
- `path`: path to extract to.
- Default: `/usr/local`
- `append_env_path`: boolean, if true, append the `./bin` directory of the extracted directory to the global `PATH` variable for all users.
### Attribute Parameters
- `name`: name of the package, defaults to the resource name.
- `url`: url for tarball, `.tar.gz`, `.bin` (oracle-specific), `.war`, and `.zip` currently supported. Also supports special syntax
- `:name:version:apache_mirror:` that will auto-magically construct download url from the apache mirrors site.
- `version`: software version, defaults to `1`.
- `mode`: file mode for `app_home`, is an integer.
- `prefix_root`: default `prefix_root`, for use with `:install*` actions.
- `prefix_home`: default directory prefix for a friendly symlink to the path.
- Example: `/usr/local/maven` -> `/usr/local/maven-2.2.1`
- `prefix_bin`: default directory to place a symlink to a binary command.
- Example: `/opt/bin/mvn` -> `/opt/maven-2.2.1/bin/mvn`, where the `prefix_bin` is `/opt/bin`
- `path`: path to extract the ark to. The `:install*` actions overwrite any user-provided values for `:path`.
- Default: `/usr/local/<name>-<version>` for the `:install`, `:install_with_make` actions
- `home_dir`: symbolic link to the path `:prefix_root/:name-:version`, does not apply to `:dump`, `:put`, or `:cherry_pick` actions.
- Default: `:prefix_root/:name`
- `has_binaries`: array of binary commands to symlink into `/usr/local/bin/`, you must specify the relative path.
- Example: `[ 'bin/java', 'bin/javaws' ]`
- `append_env_path`: boolean, similar to `has_binaries` but less granular. If true, append the `./bin` directory of the extracted directory to. the `PATH` environment variable for all users, by placing a file in `/etc/profile.d/`. The commands are symbolically linked into `/usr/bin/*`. This option provides more granularity than the boolean option.
- Example: `mvn`, `java`, `javac`, etc.
- `environment`: hash of environment variables to pass to invoked shell commands like `tar`, `unzip`, `configure`, and `make`.
- `strip_components`: number of components in path to strip when extracting archive. With default value of `1`, ark strips the leading directory from an archive, which is the default for both `unzip` and `tar` commands.
- `autoconf_opts`: an array of command line options for use with the GNU `autoconf` script.
- Example: `[ '--include=/opt/local/include', '--force' ]`
- `make_opts`: an array of command line options for use with `make`.
- Example: `[ '--warn-undefined-variables', '--load-average=2' ]`
- `owner`: owner of extracted directory.
- Default: `root`
- `group`: group of extracted directory.
- Default: `root`
- `backup`: The number of backups to be kept in /var/chef/backup (for UNIX- and Linux-based platforms) or C:/chef/backup (for the Microsoft Windows platform). Set to false to prevent backups from being kept.
- Default: `5`
#### Examples
This example copies `ivy.tar.gz` to `/var/cache/chef/ivy-2.2.0.tar.gz`, unpacks its contents to `/usr/local/ivy-2.2.0/` -- stripping the leading directory, and symlinks `/usr/local/ivy` to `/usr/local/ivy-2.2.0`
```ruby
# install Apache Ivy dependency resolution tool
ark "ivy" do
url 'http://someurl.example.com/ivy.tar.gz'
version '2.2.0'
checksum '89ba5fde0c596db388c3bbd265b63007a9cc3df3a8e6d79a46780c1a39408cb5'
action :install
end
```
This example copies `jdk-7u2-linux-x64.tar.gz` to `/var/cache/chef/jdk-7.2.tar.gz`, unpacks its contents to `/usr/local/jvm/jdk-7.2/` -- stripping the leading directory, symlinks `/usr/local/jvm/default` to `/usr/local/jvm/jdk-7.2`, and adds `/usr/local/jvm/jdk-7.2/bin/` to the global `PATH` for all users. The user 'foobar' is the owner of the `/usr/local/jvm/jdk-7.2` directory:
```ruby
ark 'jdk' do
url 'http://download.example.com/jdk-7u2-linux-x64.tar.gz'
version '7.2'
path "/usr/local/jvm/"
home_dir "/usr/local/jvm/default"
checksum '89ba5fde0c596db388c3bbd265b63007a9cc3df3a8e6d79a46780c1a39408cb5'
append_env_path true
owner 'foobar'
end
```
Install Apache Ivy dependency resolution tool in `/resource_name` in this case `/usr/local/ivy`, do not symlink, and strip any leading directory if one exists in the tarball:
```ruby
ark "ivy" do
url 'http://someurl.example.com/ivy.tar.gz'
checksum '89ba5fde0c596db388c3bbd265b63007a9cc3df3a8e6d79a46780c1a39408cb5'
action :put
end
```
Install Apache Ivy dependency resolution tool in `/home/foobar/ivy`, strip any leading directory if one exists, don't keep backup copies of `ivy.tar.gz`:
```ruby
ark "ivy" do
path "/home/foobar"
url 'http://someurl.example.com/ivy.tar.gz'
checksum '89ba5fde0c596db388c3bbd265b63007a9cc3df3a8e6d79a46780c1a39408cb5'
action :put
backup false
end
```
Strip all directories and dump files into path specified by the path attribute. You must specify the `creates` attribute in order to keep the extraction from running every time. The directory path will be created if it doesn't already exist:
```ruby
ark "my_jars" do
url "http://example.com/bunch_of_jars.zip"
path "/usr/local/tomcat/lib"
creates "mysql.jar"
owner "tomcat"
action :dump
end
```
Extract specific files from a tarball (currently only handles one named file):
```ruby
ark 'mysql-connector-java' do
url 'http://oracle.com/mysql-connector.zip'
creates 'mysql-connector-java-5.0.8-bin.jar'
path '/usr/local/tomcat/lib'
action :cherry_pick
end
```
Build and install haproxy and use alternative values for `prefix_root`, `prefix_home`, and `prefix_bin`:
```ruby
ark "haproxy" do
url "http://haproxy.1wt.eu/download/1.5/src/snapshot/haproxy-ss-20120403.tar.gz"
version "1.5"
checksum 'ba0424bf7d23b3a607ee24bbb855bb0ea347d7ffde0bec0cb12a89623cbaf911'
make_opts [ 'TARGET=linux26' ]
prefix_root '/opt'
prefix_home '/opt'
prefix_bin '/opt/bin'
action :install_with_make
end
```
You can also supply the file extension in case the file extension can not be determined by the URL:
```ruby
ark "test_autogen" do
url 'https://github.com/zeromq/libzmq/tarball/master'
extension "tar.gz"
action :install_with_make
end
```
## License & Authors
- Author: Philip (flip) Kromer - Infochimps, Inc([coders@infochimps.com](mailto:coders@infochimps.com))
- Author: Bryan W. Berry ([bryan.berry@gmail.com](mailto:bryan.berry@gmail.com))
- Author: Denis Barishev ([denis.barishev@gmail.com](mailto:denis.barishev@gmail.com))
- Author: Sean OMeara ([someara@chef.io](mailto:someara@chef.io))
- Author: John Bellone ([jbellone@bloomberg.net](mailto:jbellone@bloomberg.net))
- Copyright: 2011, Philip (flip) Kromer - Infochimps, Inc
- Copyright: 2012, Bryan W. Berry
- Copyright: 2012, Denis Barishev
- Copyright: 2013-2017, Chef Software, Inc
- Copyright: 2014, Bloomberg L.P.
```
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
```

47
ops/cookbooks/vendor/ark/attributes/default.rb vendored Normal file
View File

@ -0,0 +1,47 @@
#
# Cookbook:: ark
# Attributes:: default
#
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
default['ark']['apache_mirror'] = 'http://apache.mirrors.tds.net'
default['ark']['prefix_root'] = '/usr/local'
default['ark']['prefix_bin'] = '/usr/local/bin'
default['ark']['prefix_home'] = '/usr/local'
# the default path will be determined based on platform, but can be overridden here
default['ark']['tar'] = nil
# the default path will be determined from the registry, but you may override here
default['ark']['sevenzip_binary'] = nil
pkgs = %w(libtool autoconf) unless platform_family?('mac_os_x')
pkgs += %w(make) unless platform_family?('mac_os_x', 'freebsd')
pkgs += %w(unzip rsync gcc) unless platform_family?('mac_os_x')
pkgs += %w(autogen) unless platform_family?('rhel', 'fedora', 'mac_os_x', 'suse', 'amazon')
pkgs += %w(gtar) if platform?('freebsd') || platform?('smartos')
pkgs += %w(gmake) if platform?('freebsd')
if platform_family?('rhel', 'suse', 'amazon')
if node['platform_version'].to_i >= 7
pkgs += %w(xz bzip2 tar)
elsif node['platform_version'].to_i < 7
pkgs += %w(xz-lzma-compat bzip2 tar)
end
elsif platform_family?('fedora')
pkgs += %w(xz-lzma-compat bzip2 tar)
end
pkgs += %w(shtool pkg-config) if platform_family?('debian')
default['ark']['package_dependencies'] = pkgs

BIN
ops/cookbooks/vendor/ark/files/default/foo.tar.gz vendored Normal file
View File

Binary file not shown.

BIN
ops/cookbooks/vendor/ark/files/default/foo.tbz vendored Normal file
View File

Binary file not shown.

BIN
ops/cookbooks/vendor/ark/files/default/foo.txz vendored Normal file
View File

Binary file not shown.

BIN
ops/cookbooks/vendor/ark/files/default/foo.zip vendored Normal file
View File

Binary file not shown.

BIN
ops/cookbooks/vendor/ark/files/default/foo_sub.tar.gz vendored Normal file
View File

Binary file not shown.

BIN
ops/cookbooks/vendor/ark/files/default/foo_sub.zip vendored Normal file
View File

Binary file not shown.

112
ops/cookbooks/vendor/ark/libraries/default.rb vendored Normal file
View File

@ -0,0 +1,112 @@
require_relative 'platform_specific_builders'
require_relative 'resource_deprecations'
require_relative 'resource_defaults'
require_relative 'sevenzip_command_builder'
require_relative 'unzip_command_builder'
require_relative 'tar_command_builder'
require_relative 'general_owner'
require_relative 'windows_owner'
module Ark
module ProviderHelpers
extend ::Ark::PlatformSpecificBuilders
generates_archive_commands_for :seven_zip,
when_the: -> { node['platform_family'] == 'windows' },
with_klass: ::Ark::SevenZipCommandBuilder
generates_archive_commands_for :unzip,
when_the: -> { new_resource.extension =~ /zip|war|jar/ },
with_klass: ::Ark::UnzipCommandBuilder
generates_archive_commands_for :tar,
when_the: -> { true },
with_klass: ::Ark::TarCommandBuilder
generates_owner_commands_for :windows,
when_the: -> { node['platform_family'] == 'windows' },
with_klass: ::Ark::WindowsOwner
generates_owner_commands_for :all_other_platforms,
when_the: -> { true },
with_klass: ::Ark::GeneralOwner
def deprecations
::Ark::ResourceDeprecations.on(new_resource)
end
def show_deprecations
deprecations.each { |message| Chef::Log.warn("DEPRECATED: #{message}") }
end
def defaults
@resource_defaults ||= ::Ark::ResourceDefaults.new(new_resource)
end
def set_paths
new_resource.extension = defaults.extension
new_resource.prefix_bin = defaults.prefix_bin
new_resource.prefix_root = defaults.prefix_root
new_resource.home_dir = defaults.home_dir
new_resource.version = defaults.version
new_resource.owner = defaults.owner
# TODO: what happens when the path is already set --
# with the current logic we overwrite it
# if you are in windows we overwrite it
# otherwise we overwrite it with the root/name-version
new_resource.path = defaults.path
new_resource.release_file = defaults.release_file
end
def set_put_paths
new_resource.extension = defaults.extension
# TODO: Should we be setting the prefix_root -
# as the prefix_root could be used in the path_with_version
# new_resource.prefix_root = default.prefix_root
new_resource.path = defaults.path_without_version
new_resource.release_file = defaults.release_file_without_version
end
def set_dump_paths
new_resource.extension = defaults.extension
new_resource.release_file = defaults.release_file_without_version
end
def unpack_command
archive_application.unpack
end
def dump_command
archive_application.dump
end
def cherry_pick_command
archive_application.cherry_pick
end
def unzip_command
archive_application.unpack
end
def owner_command
owner_builder_klass.new(new_resource).command
end
private
def archive_application
@archive_application ||= archive_builder_klass.new(new_resource)
end
def archive_builder_klass
new_resource.extension ||= defaults.extension
Ark::ProviderHelpers.archive_command_generators.find { |condition, _klass| instance_exec(&condition) }.last
end
def owner_builder_klass
Ark::ProviderHelpers.owner_command_generators.find { |condition, _klass| instance_exec(&condition) }.last
end
end
end

13
ops/cookbooks/vendor/ark/libraries/general_owner.rb vendored Normal file
View File

@ -0,0 +1,13 @@
module Ark
class GeneralOwner
def initialize(resource)
@resource = resource
end
attr_reader :resource
def command
"chown -R #{resource.owner}:#{resource.group} #{resource.path}"
end
end
end

Some files were not shown because too many files have changed in this diff Show More