From 2063f5c953ed17ced7173edf174bbaf929f2add6 Mon Sep 17 00:00:00 2001
From: Sebastian Kippe <sebastian@kip.pe>
Date: Sun, 13 Jun 2021 16:58:53 +0200
Subject: [PATCH] WIP RSK cookbook

---
 .gitignore                                    |   2 +
 .../kosmos_rsk/.delivery/project.toml         |  32 +++++
 site-cookbooks/kosmos_rsk/.gitignore          |  25 ++++
 site-cookbooks/kosmos_rsk/Berksfile           |   3 +
 site-cookbooks/kosmos_rsk/CHANGELOG.md        |  10 ++
 site-cookbooks/kosmos_rsk/LICENSE             |   3 +
 site-cookbooks/kosmos_rsk/README.md           |   4 +
 .../kosmos_rsk/attributes/default.rb          |   1 +
 site-cookbooks/kosmos_rsk/chefignore          | 115 ++++++++++++++++++
 site-cookbooks/kosmos_rsk/kitchen.yml         |  35 ++++++
 site-cookbooks/kosmos_rsk/metadata.rb         |  11 ++
 site-cookbooks/kosmos_rsk/recipes/rskj.rb     |  38 ++++++
 .../kosmos_rsk/templates/rskj-preseed.cfg.erb |   6 +
 .../test/integration/rskj/rskj_test.rb        |  23 ++++
 14 files changed, 308 insertions(+)
 create mode 100644 site-cookbooks/kosmos_rsk/.delivery/project.toml
 create mode 100644 site-cookbooks/kosmos_rsk/.gitignore
 create mode 100644 site-cookbooks/kosmos_rsk/Berksfile
 create mode 100644 site-cookbooks/kosmos_rsk/CHANGELOG.md
 create mode 100644 site-cookbooks/kosmos_rsk/LICENSE
 create mode 100644 site-cookbooks/kosmos_rsk/README.md
 create mode 100644 site-cookbooks/kosmos_rsk/attributes/default.rb
 create mode 100644 site-cookbooks/kosmos_rsk/chefignore
 create mode 100644 site-cookbooks/kosmos_rsk/kitchen.yml
 create mode 100644 site-cookbooks/kosmos_rsk/metadata.rb
 create mode 100644 site-cookbooks/kosmos_rsk/recipes/rskj.rb
 create mode 100644 site-cookbooks/kosmos_rsk/templates/rskj-preseed.cfg.erb
 create mode 100644 site-cookbooks/kosmos_rsk/test/integration/rskj/rskj_test.rb

diff --git a/.gitignore b/.gitignore
index 6bf6e4a..7883c5e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,6 @@
 /.chef/encrypted_data_bag_secret
+.chef/chef_guid
 /.bundle/
 /.vagrant/
+/.kitchen
 /nodes/vagrant-node.json
diff --git a/site-cookbooks/kosmos_rsk/.delivery/project.toml b/site-cookbooks/kosmos_rsk/.delivery/project.toml
new file mode 100644
index 0000000..3496f78
--- /dev/null
+++ b/site-cookbooks/kosmos_rsk/.delivery/project.toml
@@ -0,0 +1,32 @@
+# Delivery for Local Phases Execution
+#
+# This file allows you to execute test phases locally on a workstation or
+# in a CI pipeline. The delivery-cli will read this file and execute the
+# command(s) that are configured for each phase. You can customize them
+# by just modifying the phase key on this file.
+#
+# By default these phases are configured for Cookbook Workflow only
+#
+
+[local_phases]
+unit = "echo skipping unit phase."
+lint = "chef exec cookstyle"
+# foodcritic has been deprecated in favor of cookstyle so we skip the syntax
+# phase now.
+syntax = "echo skipping syntax phase. Use lint phase instead."
+provision = "chef exec kitchen create"
+deploy = "chef exec kitchen converge"
+smoke = "chef exec kitchen verify"
+# The functional phase is optional, you can define it by uncommenting
+# the line below and running the command: `delivery local functional`
+# functional = ""
+cleanup = "chef exec kitchen destroy"
+
+# Remote project.toml file
+#
+# Instead of the local phases above, you may specify a remote URI location for
+# the `project.toml` file. This is useful for teams that wish to centrally
+# manage the behavior of the `delivery local` command across many different
+# projects.
+#
+# remote_file = "https://url/project.toml"
\ No newline at end of file
diff --git a/site-cookbooks/kosmos_rsk/.gitignore b/site-cookbooks/kosmos_rsk/.gitignore
new file mode 100644
index 0000000..f1e57b8
--- /dev/null
+++ b/site-cookbooks/kosmos_rsk/.gitignore
@@ -0,0 +1,25 @@
+.vagrant
+*~
+*#
+.#*
+\#*#
+.*.sw[a-z]
+*.un~
+
+# Bundler
+Gemfile.lock
+gems.locked
+bin/*
+.bundle/*
+
+# test kitchen
+.kitchen/
+kitchen.local.yml
+
+# Chef Infra
+Berksfile.lock
+.zero-knife.rb
+Policyfile.lock.json
+
+.idea/
+
diff --git a/site-cookbooks/kosmos_rsk/Berksfile b/site-cookbooks/kosmos_rsk/Berksfile
new file mode 100644
index 0000000..34fea21
--- /dev/null
+++ b/site-cookbooks/kosmos_rsk/Berksfile
@@ -0,0 +1,3 @@
+source 'https://supermarket.chef.io'
+
+metadata
diff --git a/site-cookbooks/kosmos_rsk/CHANGELOG.md b/site-cookbooks/kosmos_rsk/CHANGELOG.md
new file mode 100644
index 0000000..1f6dfc0
--- /dev/null
+++ b/site-cookbooks/kosmos_rsk/CHANGELOG.md
@@ -0,0 +1,10 @@
+# kosmos_rsk CHANGELOG
+
+This file is used to list changes made in each version of the kosmos_rsk cookbook.
+
+## 0.1.0
+
+Initial release.
+
+- change 0
+- change 1
diff --git a/site-cookbooks/kosmos_rsk/LICENSE b/site-cookbooks/kosmos_rsk/LICENSE
new file mode 100644
index 0000000..080dee9
--- /dev/null
+++ b/site-cookbooks/kosmos_rsk/LICENSE
@@ -0,0 +1,3 @@
+Copyright 2021 The Authors
+
+All rights reserved, do not redistribute.
diff --git a/site-cookbooks/kosmos_rsk/README.md b/site-cookbooks/kosmos_rsk/README.md
new file mode 100644
index 0000000..2dc44e4
--- /dev/null
+++ b/site-cookbooks/kosmos_rsk/README.md
@@ -0,0 +1,4 @@
+# kosmos_rsk
+
+TODO: Enter the cookbook description here.
+
diff --git a/site-cookbooks/kosmos_rsk/attributes/default.rb b/site-cookbooks/kosmos_rsk/attributes/default.rb
new file mode 100644
index 0000000..03904ba
--- /dev/null
+++ b/site-cookbooks/kosmos_rsk/attributes/default.rb
@@ -0,0 +1 @@
+node.default['rskj']['network'] = 'testnet'
diff --git a/site-cookbooks/kosmos_rsk/chefignore b/site-cookbooks/kosmos_rsk/chefignore
new file mode 100644
index 0000000..cc170ea
--- /dev/null
+++ b/site-cookbooks/kosmos_rsk/chefignore
@@ -0,0 +1,115 @@
+# Put files/directories that should be ignored in this file when uploading
+# to a Chef Infra Server or Supermarket.
+# Lines that start with '# ' are comments.
+
+# OS generated files #
+######################
+.DS_Store
+ehthumbs.db
+Icon?
+nohup.out
+Thumbs.db
+.envrc
+
+# EDITORS #
+###########
+.#*
+.project
+.settings
+*_flymake
+*_flymake.*
+*.bak
+*.sw[a-z]
+*.tmproj
+*~
+\#*
+REVISION
+TAGS*
+tmtags
+.vscode
+.editorconfig
+
+## COMPILED ##
+##############
+*.class
+*.com
+*.dll
+*.exe
+*.o
+*.pyc
+*.so
+*/rdoc/
+a.out
+mkmf.log
+
+# Testing #
+###########
+.circleci/*
+.codeclimate.yml
+.delivery/*
+.foodcritic
+.kitchen*
+.mdlrc
+.overcommit.yml
+.rspec
+.rubocop.yml
+.travis.yml
+.watchr
+.yamllint
+azure-pipelines.yml
+Dangerfile
+examples/*
+features/*
+Guardfile
+kitchen.yml*
+mlc_config.json
+Procfile
+Rakefile
+spec/*
+test/*
+
+# SCM #
+#######
+.git
+.gitattributes
+.gitconfig
+.github/*
+.gitignore
+.gitkeep
+.gitmodules
+.svn
+*/.bzr/*
+*/.git
+*/.hg/*
+*/.svn/*
+
+# Berkshelf #
+#############
+Berksfile
+Berksfile.lock
+cookbooks/*
+tmp
+
+# Bundler #
+###########
+vendor/*
+Gemfile
+Gemfile.lock
+
+# Policyfile #
+##############
+Policyfile.rb
+Policyfile.lock.json
+
+# Documentation #
+#############
+CODE_OF_CONDUCT*
+CONTRIBUTING*
+documentation/*
+TESTING*
+UPGRADING*
+
+# Vagrant #
+###########
+.vagrant
+Vagrantfile
diff --git a/site-cookbooks/kosmos_rsk/kitchen.yml b/site-cookbooks/kosmos_rsk/kitchen.yml
new file mode 100644
index 0000000..2f1b756
--- /dev/null
+++ b/site-cookbooks/kosmos_rsk/kitchen.yml
@@ -0,0 +1,35 @@
+---
+driver:
+  name: vagrant
+  ## The forwarded_port port feature lets you connect to ports on the VM guest via
+  ## localhost on the host.
+  ## see also: https://www.vagrantup.com/docs/networking/forwarded_ports
+  network:
+   - ["forwarded_port", { guest: 4444, host: 4444 }]
+
+provisioner:
+  name: chef_zero
+  # You may wish to disable always updating cookbooks in CI or other testing environments.
+  # For example:
+  #   always_update_cookbooks: <%= !ENV['CI'] %>
+  always_update_cookbooks: true
+
+  ## product_name and product_version specifies a specific Chef product and version to install.
+  ## see the Chef documentation for more details: https://docs.chef.io/workstation/config_yml_kitchen/
+  #  product_name: chef
+  #  product_version: 16
+
+verifier:
+  name: inspec
+
+platforms:
+  - name: ubuntu-20.04
+
+suites:
+  - name: rskj
+    run_list:
+      - recipe[kosmos_rsk::rskj]
+    verifier:
+      inspec_tests:
+        - test/integration/rskj
+    attributes:
diff --git a/site-cookbooks/kosmos_rsk/metadata.rb b/site-cookbooks/kosmos_rsk/metadata.rb
new file mode 100644
index 0000000..b5cd6c7
--- /dev/null
+++ b/site-cookbooks/kosmos_rsk/metadata.rb
@@ -0,0 +1,11 @@
+name 'kosmos_rsk'
+maintainer 'Kosmos Developers'
+maintainer_email 'ops@kosmos.org'
+license 'MIT'
+description 'Installs/configures RSK and related software'
+version '0.1.0'
+chef_version '>= 15.0'
+issues_url 'https://gitea.kosmos.org/kosmos/chef/issues'
+source_url 'https://gitea.kosmos.org/kosmos/chef'
+
+depends 'firewall'
diff --git a/site-cookbooks/kosmos_rsk/recipes/rskj.rb b/site-cookbooks/kosmos_rsk/recipes/rskj.rb
new file mode 100644
index 0000000..6bb98cd
--- /dev/null
+++ b/site-cookbooks/kosmos_rsk/recipes/rskj.rb
@@ -0,0 +1,38 @@
+#
+# Cookbook:: kosmos_rsk
+# Recipe:: rskj
+#
+
+group 'rsk' do
+  gid 888
+end
+
+user 'rsk' do
+  uid 888
+  gid 888
+  home '/var/lib/rsk'
+  shell '/sbin/nologin'
+end
+
+apt_repository 'rskj' do
+  uri 'ppa:rsksmart/rskj'
+  key '5EED9995C84A49BC02D4F507DF10691F518C7BEA'
+end
+
+apt_package 'rskj' do
+  response_file 'rskj-preseed.cfg.erb'
+  response_file_variables network: node['rskj']['network']
+  options '--assume-yes'
+end
+
+service "rsk" do
+  action [:enable, :start]
+end
+
+include_recipe 'firewall'
+
+firewall_rule 'rskj' do
+  port     [4444,50505]
+  protocol :tcp
+  command  :allow
+end
diff --git a/site-cookbooks/kosmos_rsk/templates/rskj-preseed.cfg.erb b/site-cookbooks/kosmos_rsk/templates/rskj-preseed.cfg.erb
new file mode 100644
index 0000000..d0b825b
--- /dev/null
+++ b/site-cookbooks/kosmos_rsk/templates/rskj-preseed.cfg.erb
@@ -0,0 +1,6 @@
+#_preseed_V1
+# Do you agree to the terms of the applicable licenses?
+rskj shared/accepted-rsk-license-v1-1 boolean true
+# Choose a configuration environment to run your node.
+# Choices: mainnet, testnet, regtest
+rskj shared/config select <%= @network %>
diff --git a/site-cookbooks/kosmos_rsk/test/integration/rskj/rskj_test.rb b/site-cookbooks/kosmos_rsk/test/integration/rskj/rskj_test.rb
new file mode 100644
index 0000000..3f5cac9
--- /dev/null
+++ b/site-cookbooks/kosmos_rsk/test/integration/rskj/rskj_test.rb
@@ -0,0 +1,23 @@
+# InSpec test for recipe kosmos_rsk::rskj
+
+# The Chef InSpec reference, with examples and extensive documentation, can be
+# found at https://docs.chef.io/inspec/resources/
+
+describe user('rsk') do
+  it { should exist }
+end
+
+describe package('rskj') do
+  it { should be_installed }
+  its('version') { should eq '2.2.0' }
+end
+
+describe service('rsk') do
+  it { should be_enabled }
+  it { should be_installed }
+  it { should be_running }
+end
+
+describe port(4444) do
+  it { should be_listening }
+end