kosmos/chef
8
3
Fork 0
Code Issues 34 Pull Requests 3 Projects 2 Activity

Set up an instance of Mastodon for Kosmos

Browse Source 
Refs #19

Use new application cookbook, update our cookbooks
This commit is contained in:
Greg Karékinian
2017-04-06 21:20:51 +02:00
parent a3f5c5f646
commit de11c0d691
345 changed files with 22591 additions and 3473 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
cookbooks/application_git/CHANGELOG.md Normal file
View File

@@ -0,0 +1,10 @@
# Application_Git Changelog
## v1.1.0
* [#2](https://github.com/poise/application_git/issues/2) Inherit user and group values from the parent `application` resource.
* [#3](https://github.com/poise/application_git/issues/3) Fix usage with users created during the current Chef run.
## v1.0.0
* Initial release.

108
cookbooks/application_git/README.md Normal file
View File

@@ -0,0 +1,108 @@
# Application_Git Cookbook
[![Build Status](https://img.shields.io/travis/poise/application_git.svg)](https://travis-ci.org/poise/application_git)
[![Gem Version](https://img.shields.io/gem/v/poise-application-git.svg)](https://rubygems.org/gems/poise-application-git)
[![Cookbook Version](https://img.shields.io/cookbook/v/application_git.svg)](https://supermarket.chef.io/cookbooks/application_git)
[![Coverage](https://img.shields.io/codecov/c/github/poise/application_git.svg)](https://codecov.io/github/poise/application_git)
[![Gemnasium](https://img.shields.io/gemnasium/poise/application_git.svg)](https://gemnasium.com/poise/application_git)
[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0)
A [Chef](https://www.chef.io/) cookbook to handle deploying code from git when
using the [application cookbook](https://github.com/poise/application).
## Quick Start
To deploy from a private GitHub repository:
```ruby
application '/srv/myapp' do
git 'git@github.com:example/myapp.git' do
deploy_key chef_vault_item('deploy_keys', 'myapp')['key']
end
end
```
## Requirements
Chef 12 or newer is required.
## Resources
### `application_git`
The `application_git` resource deploys code from git. It extends the core `git`
resource to support deploy keys and disabling strict host key verification.
```ruby
application '/srv/myapp' do
git 'git@github.com:example/myapp.git'
end
```
#### Actions
All actions work the same as the core `git` resource.
* `:sync` Clone and checkout the requested revision *(default)*
* `:checkout` Checkout the request revision. If the repository isn't already
cloned, this action does nothing.
* `:export` Export the repository without the `.git` folder.
#### Properties
All properties from the core `git` resource work the same way with the following
additions:
* `deploy_key` SSH key to use with git. Can be specified either as a path to
key file already created or as a string value containing the key directly.
* `strict_ssh` Enable strict SSH host key checking. *(default: false)*
### DSL Usage
The `application_git` resource can be used directly as a replacement for the
core `git` resource:
```ruby
application_git '/srv/myapp' do
repository 'git@github.com:example/myapp.git'
deploy_key chef_vault_item('deploy_keys', 'myapp')['key']
end
```
Within the `application` resource, a simplified DSL is available. As with other
`application` plugins, the default name of the resource if unspecified is the
application path. The following two examples are equivalent:
```ruby
application '/srv/myapp' do
git do
repository 'git@github.com:example/myapp.git'
end
end
application '/srv/myapp' do
git 'git@github.com:example/myapp.git'
end
```
## Sponsors
Development sponsored by [Chef Software](https://www.chef.io/), [Symonds & Son](http://symondsandson.com/), and [Orion](https://www.orionlabs.co/).
The Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/).
## License
Copyright 2015-2016, Noah Kantrowitz
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

17
cookbooks/application_git/files/halite_gem/poise-application-git.rb Normal file
View File

@@ -0,0 +1,17 @@
#
# Copyright 2015-2016, Noah Kantrowitz
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
require 'poise_application_git'

21
cookbooks/application_git/files/halite_gem/poise_application_git.rb Normal file
View File

@@ -0,0 +1,21 @@
#
# Copyright 2015-2016, Noah Kantrowitz
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
require 'poise_application_git/resource'
module PoiseApplicationGit
end

17
cookbooks/application_git/files/halite_gem/poise_application_git/cheftie.rb Normal file
View File

@@ -0,0 +1,17 @@
#
# Copyright 2015-2016, Noah Kantrowitz
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
require 'poise_application_git/resource'

204
cookbooks/application_git/files/halite_gem/poise_application_git/resource.rb Normal file
View File

@@ -0,0 +1,204 @@
#
# Copyright 2015-2016, Noah Kantrowitz
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
require 'zlib'
require 'chef/provider'
require 'chef/resource'
require 'poise_application/app_mixin'
require 'poise_application/resources/application'
require 'poise_application_git/safe_string'
module PoiseApplicationGit
# An `application_git` resource to clone application code from git.
#
# @since 1.0.0
# @provides application_git
# @action sync
# @action checkout
# @action export
# @example
# application '/srv/myapp' do
# git 'git@github.com:example/myapp.git' do
# deploy_key data_bag_item('deploy_keys', 'myapp')['key']
# end
# end
class Resource < Chef::Resource::Git
include PoiseApplication::AppMixin
provides(:application_git)
# @api private
def initialize(*args)
super
# Because the superclass declares this, we have to as well. Should be
# removable at some point when Chef makes everything use the provider
# resolver system instead.
@resource_name = :application_git
@provider = PoiseApplicationGit::Provider
# Clear defaults in older versions of Chef.
remove_instance_variable(:@group) if instance_variable_defined?(:@group)
remove_instance_variable(:@user) if instance_variable_defined?(:@user)
end
# @!attribute group
# Group to run git as. Defaults to the application group.
# @return [String, Integer, nil, false]
attribute(:group, kind_of: [String, Integer, NilClass, FalseClass], default: lazy { parent && parent.group })
# @!attribute strict_ssh
# Enable strict SSH host key checking. Defaults to false.
# @return [Boolean]
attribute(:strict_ssh, equal_to: [true, false], default: false)
# @!attribute user
# User to run git as. Defaults to the application owner.
# @return [String, Integer, nil, false]
attribute(:user, kind_of: [String, Integer, NilClass, FalseClass], default: lazy { parent && parent.owner })
# @api private
def after_created
# Allow using the repository as the name in an application block.
if parent && !repository
destination(parent.path)
repository(name)
end
end
# @!attribute deploy_key
# SSH deploy key as either a string value or a path to a key file.
# @return [String]
def deploy_key(val=nil)
# Use a SafeString for literal deploy keys so they aren't shown.
val = SafeString.new(val) if val && !deploy_key_is_local?(val)
set_or_return(:deploy_key, val, kind_of: String)
end
# Default SSH wrapper path.
#
# @api private
# @return [String]
def ssh_wrapper_path
@ssh_wrapper_path ||= ::File.expand_path("~#{user}/.ssh/ssh_wrapper_#{Zlib.crc32(name)}")
end
# Guess if the deploy key is a local path or literal value.
#
# @api private
# @param key [String, nil] Key value to check. Defaults to self.key.
# @return [Boolean]
def deploy_key_is_local?(key=nil)
key ||= deploy_key
key && key[0] == '/'
end
# Path to deploy key.
#
# @api private
# @return [String]
def deploy_key_path
@deploy_key_path ||= if deploy_key_is_local?
deploy_key
else
::File.expand_path("~#{user}/.ssh/id_deploy_#{Zlib.crc32(name)}")
end
end
end
# Provider for `application_git`.
#
# @since 1.0.0
# @see Resource
# @provides application_git
class Provider < Chef::Provider::Git
include PoiseApplication::AppMixin
provides(:application_git)
# @api private
def initialize(*args)
super
# Set the SSH wrapper path in a late-binding kind of way. This better
# supports situations where the user doesn't exist until Chef converges.
new_resource.ssh_wrapper(new_resource.ssh_wrapper_path) if new_resource.deploy_key
end
# @api private
def whyrun_supported?
false # Just not dealing with this right now
end
# Hack our special login in before load_current_resource runs because that
# needs access to the git remote.
#
# @api private
def load_current_resource
include_recipe('git')
notifying_block do
create_dotssh
write_deploy_key
write_ssh_wrapper
end if new_resource.deploy_key
super
end
private
# Create a .ssh folder for the user.
#
# @return [void]
def create_dotssh
directory ::File.expand_path("~#{new_resource.user}/.ssh") do
owner new_resource.user
group new_resource.group
mode '755'
end
end
# Copy the deploy key to a file if needed.
#
# @return [void]
def write_deploy_key
# Check if we have a local path or some actual content
return if new_resource.deploy_key_is_local?
file new_resource.deploy_key_path do
owner new_resource.user
group new_resource.group
mode '600'
content new_resource.deploy_key
sensitive true
end
end
# Create the SSH wrapper script.
#
# @return [void]
def write_ssh_wrapper
# Write out the GIT_SSH script, it should already be enabled above
file new_resource.ssh_wrapper_path do
owner new_resource.user
group new_resource.group
mode '700'
content %Q{#!/bin/sh\n/usr/bin/env ssh #{'-o "StrictHostKeyChecking=no" ' unless new_resource.strict_ssh}-i "#{new_resource.deploy_key_path}" $@\n}
end
end
# Patch back in the `#git` from the git provider. This otherwise conflicts
# with the `#git` defined by the DSL, which gets included in such a way
# that the DSL takes priority.
def git(*args, &block)
Chef::Provider::Git.instance_method(:git).bind(self).call(*args, &block)
end
end
end

25
cookbooks/application_git/files/halite_gem/poise_application_git/safe_string.rb Normal file
View File

@@ -0,0 +1,25 @@
#
# Copyright 2015-2016, Noah Kantrowitz
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
module PoiseApplicationGit
# A string that won't be shown in Chef error output
class SafeString < String
def to_text
'"suppressed sensitive value"'
end
end
end

20
cookbooks/application_git/files/halite_gem/poise_application_git/version.rb Normal file
View File

@@ -0,0 +1,20 @@
#
# Copyright 2015-2016, Noah Kantrowitz
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
module PoiseApplicationGit
VERSION = '1.1.0'
end

19
cookbooks/application_git/libraries/default.rb Normal file
View File

@@ -0,0 +1,19 @@
#
# Copyright 2015-2016, Noah Kantrowitz
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
raise 'Halite is not compatible with no_lazy_load false, please set no_lazy_load true in your Chef configuration file.' unless Chef::Config[:no_lazy_load]
$LOAD_PATH << File.expand_path('../../files/halite_gem', __FILE__)
require "poise_application_git/cheftie"

1
cookbooks/application_git/metadata.json Normal file
View File

@@ -0,0 +1 @@
{"name":"application_git","version":"1.1.0","description":"A plugin for poise-application to deploy applications from git.","long_description":"# Application_Git Cookbook\n\n[![Build Status](https://img.shields.io/travis/poise/application_git.svg)](https://travis-ci.org/poise/application_git)\n[![Gem Version](https://img.shields.io/gem/v/poise-application-git.svg)](https://rubygems.org/gems/poise-application-git)\n[![Cookbook Version](https://img.shields.io/cookbook/v/application_git.svg)](https://supermarket.chef.io/cookbooks/application_git)\n[![Coverage](https://img.shields.io/codecov/c/github/poise/application_git.svg)](https://codecov.io/github/poise/application_git)\n[![Gemnasium](https://img.shields.io/gemnasium/poise/application_git.svg)](https://gemnasium.com/poise/application_git)\n[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0)\n\nA [Chef](https://www.chef.io/) cookbook to handle deploying code from git when\nusing the [application cookbook](https://github.com/poise/application).\n\n## Quick Start\n\nTo deploy from a private GitHub repository:\n\n```ruby\napplication '/srv/myapp' do\n git 'git@github.com:example/myapp.git' do\n deploy_key chef_vault_item('deploy_keys', 'myapp')['key']\n end\nend\n```\n\n## Requirements\n\nChef 12 or newer is required.\n\n## Resources\n\n### `application_git`\n\nThe `application_git` resource deploys code from git. It extends the core `git`\nresource to support deploy keys and disabling strict host key verification.\n\n```ruby\napplication '/srv/myapp' do\n git 'git@github.com:example/myapp.git'\nend\n```\n\n#### Actions\n\nAll actions work the same as the core `git` resource.\n\n* `:sync` Clone and checkout the requested revision *(default)*\n* `:checkout` Checkout the request revision. If the repository isn't already\n cloned, this action does nothing.\n* `:export` Export the repository without the `.git` folder.\n\n#### Properties\n\nAll properties from the core `git` resource work the same way with the following\nadditions:\n\n* `deploy_key` SSH key to use with git. Can be specified either as a path to\n key file already created or as a string value containing the key directly.\n* `strict_ssh` Enable strict SSH host key checking. *(default: false)*\n\n### DSL Usage\n\nThe `application_git` resource can be used directly as a replacement for the\ncore `git` resource:\n\n```ruby\napplication_git '/srv/myapp' do\n repository 'git@github.com:example/myapp.git'\n deploy_key chef_vault_item('deploy_keys', 'myapp')['key']\nend\n```\n\nWithin the `application` resource, a simplified DSL is available. As with other\n`application` plugins, the default name of the resource if unspecified is the\napplication path. The following two examples are equivalent:\n\n```ruby\napplication '/srv/myapp' do\n git do\n repository 'git@github.com:example/myapp.git'\n end\nend\n\napplication '/srv/myapp' do\n git 'git@github.com:example/myapp.git'\nend\n```\n\n## Sponsors\n\nDevelopment sponsored by [Chef Software](https://www.chef.io/), [Symonds & Son](http://symondsandson.com/), and [Orion](https://www.orionlabs.co/).\n\nThe Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/).\n\n## License\n\nCopyright 2015-2016, Noah Kantrowitz\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\nhttp://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n","maintainer":"Noah Kantrowitz","maintainer_email":"noah@coderanger.net","license":"Apache 2.0","platforms":{},"dependencies":{"git":">= 0.0.0","poise":"~> 2.0","application":"~> 5.0"},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{}}