Merge pull request #8659 from echohack/scaffolding-chef

added scaffolding-chef plan

11 files changed, 389 insertions, 6 deletions

diff --git a/habitat-packages/.bldr.toml b/habitat-packages/.bldr.toml
new file mode 100644
index 0000000000..a58453e9a6
--- /dev/null
+++ b/habitat-packages/.bldr.toml
@@ -0,0 +1,4 @@
+[chef-client]
+plan_path = "chef-client/*"
+[scaffolding-chef]
+plan_path = "scaffolding-chef/*"
diff --git a/habitat/config/client.rb b/habitat-packages/chef-client/config/client.rb
index db38c62510..3dd6d67e1b 100644
--- a/habitat/config/client.rb
+++ b/habitat-packages/chef-client/config/client.rb
@@ -4,15 +4,15 @@ pid_file "{{pkg.svc_data_path}}/{{cfg.pid_file}}"
 data_collector.server_url "{{cfg.data_collector.url}}"
 data_collector.token "{{cfg.data_collector.token}}"
 data_collector.mode "{{cfg.data_collector.mode}}".to_sym
-data_collector.raise_on_failure {{cfg.data_collector.raise_on_failure}}
-minimal_ohai {{cfg.minimal_ohai}}
-local_mode {{cfg.local_mode}}
+data_collector.raise_on_failure "{{cfg.data_collector.raise_on_failure}}"
+minimal_ohai "{{cfg.minimal_ohai}}"
+local_mode "{{cfg.local_mode}}"
 {{#if cfg.chef-client.node_name ~}}
 node_name "{{cfg.node_name}}"
 {{/if ~}}
-splay {{cfg.splay}}
-interval {{cfg.interval}}
-log_location {{cfg.log_location}}
+splay "{{cfg.splay}}"
+interval "{{cfg.interval}}"
+log_location "{{cfg.log_location}}"
 log_level "{{cfg.log_level}}".to_sym
 {{#if cfg.use_member_id_as_uuid ~}}
 chef_guid "{{svc.me.member_id}}"
diff --git a/habitat/default.toml b/habitat-packages/chef-client/default.toml
index 2bea08934b..2bea08934b 100644
--- a/habitat/default.toml
+++ b/habitat-packages/chef-client/default.toml
diff --git a/habitat/hooks/init b/habitat-packages/chef-client/hooks/init
index a23344b2a9..a23344b2a9 100644
--- a/habitat/hooks/init
+++ b/habitat-packages/chef-client/hooks/init
diff --git a/habitat/hooks/run b/habitat-packages/chef-client/hooks/run
index 598d609d7f..598d609d7f 100644
--- a/habitat/hooks/run
+++ b/habitat-packages/chef-client/hooks/run
diff --git a/habitat/plan.sh b/habitat-packages/chef-client/plan.sh
index 5569999a12..5569999a12 100644
--- a/habitat/plan.sh
+++ b/habitat-packages/chef-client/plan.sh
diff --git a/habitat-packages/scaffolding-chef/README.md b/habitat-packages/scaffolding-chef/README.md
new file mode 100644
index 0000000000..e75a9391bf
--- /dev/null
+++ b/habitat-packages/scaffolding-chef/README.md
@@ -0,0 +1,15 @@
+# Chef Scaffolding for Habitat
+
+This will take a Chef policy file, and build it for use as a habitat service.
+
+```
+scaffold_policy_name="base"
+pkg_name=chef-base
+pkg_origin=adam
+pkg_version="0.1.0"
+pkg_maintainer="The Habitat Maintainers <humans@habitat.sh>"
+pkg_license=("Apache-2.0")
+pkg_description="The Chef $scaffold_policy_name Policy"
+pkg_upstream_url="http://chef.io"
+pkg_scaffolding="core/scaffolding-chef"
+```
diff --git a/habitat-packages/scaffolding-chef/lib/scaffolding.ps1 b/habitat-packages/scaffolding-chef/lib/scaffolding.ps1
new file mode 100644
index 0000000000..d4107a01aa
--- /dev/null
+++ b/habitat-packages/scaffolding-chef/lib/scaffolding.ps1
@@ -0,0 +1,132 @@
+#
+# A scaffolding for Chef Policyfile packages
+#
+
+if (!$scaffold_policy_name) {
+    Write-Host "You must set `$scaffold_policy_name to a valid policy name. For example:`n `$scaffold_policy_name=base `n Will build a base.rb policyfile."
+    exit 1
+}
+
+function Load-Scaffolding {
+    $scaffold_chef_client = "stuartpreston/chef-client-detox"
+    $scaffold_chef_dk = "core/chef-dk"
+
+    $pkg_deps += @("$scaffold_chef_client", "core/cacerts")
+    $pkg_build_deps += @("$scaffold_chef_dk", "core/git")
+    $pkg_svc_run = "set_just_so_you_will_render"
+}
+
+function Invoke-DefaultBuildService {
+    New-Item -ItemType directory -Path "$pkg_prefix/hooks"
+
+    Add-Content -Path "$pkg_prefix/hooks/run" -Value @"
+function Invoke-ChefClient {
+  {{pkgPathFor "stuartpreston/chef-client-detox"}}/bin/chef-client.bat -z -l {{cfg.log_level}} -c $pkg_svc_config_path/client-config.rb -j $pkg_svc_config_path/attributes.json --once --no-fork --run-lock-timeout {{cfg.run_lock_timeout}}
+}
+
+`$splay_duration = Get-Random -InputObject (0..{{cfg.splay}}) -Count 1
+
+`$splay_first_run_duration = Get-Random -InputObject (0..{{cfg.splay_first_run}}) -Count 1
+
+`$env:SSL_CERT_FILE="{{pkgPathFor "core/cacerts"}}/ssl/cert.pem"
+
+cd {{pkg.path}}
+
+Start-Sleep -Seconds `$splay_first_run_duration
+Invoke-ChefClient
+
+while(`$true){
+  Start-Sleep -Seconds `$splay_duration
+  Start-Sleep -Seconds {{cfg.interval}}
+  Invoke-ChefClient
+}
+"@
+}
+
+
+function Invoke-DefaultBuild {
+    if (!(Test-Path -Path "$scaffold_policyfile_path")) {
+        Write-BuildLine "Could not detect a policyfiles directory, this is required to proceed!"
+        exit 1
+    }
+
+    Remove-Item "$scaffold_policyfile_path/*.lock.json" -Force
+    $policyfile = "$scaffold_policyfile_path/$scaffold_policy_name.rb"
+
+    Get-Content $policyfile | ? { $_.StartsWith("include_policy") } | % {
+        $p = $_.Split()[1]
+        $p = $p.Replace("`"", "").Replace(",", "")
+        Write-BuildLine "Detected included policyfile, $p.rb, installing"
+        chef install "$scaffold_policyfile_path/$p.rb"
+    }
+    Write-BuildLine "Installing $policyfile"
+    chef install "$policyfile"
+}
+
+function Invoke-DefaultInstall {
+    Write-BuildLine "Exporting Chef Infra Repository"
+    chef export "$scaffold_policyfile_path/$scaffold_policy_name.lock.json" "$pkg_prefix"
+
+    Write-BuildLine "Creating Chef Infra configuration"
+    New-Item -ItemType directory -Path "$pkg_prefix/config"
+    Add-Content -Path "$pkg_prefix/.chef/config.rb" -Value @"
+cache_path "$($ExecutionContext.SessionState.Path.GetUnresolvedProviderPathFromPSPath("$pkg_svc_data_path/cache").Replace("\","/"))"
+node_path "$($ExecutionContext.SessionState.Path.GetUnresolvedProviderPathFromPSPath("$pkg_svc_data_path/nodes").Replace("\","/"))"
+role_path "$($ExecutionContext.SessionState.Path.GetUnresolvedProviderPathFromPSPath("$pkg_svc_data_path/roles").Replace("\","/"))"
+chef_zero.enabled true
+ENV['PSModulePath'] += "C:/Program\ Files/WindowsPowerShell/Modules"
+"@
+
+    Write-BuildLine "Creating initial bootstrap configuration"
+    Copy-Item -Path "$pkg_prefix/.chef/config.rb" -Destination "$pkg_prefix/config/bootstrap-config.rb"
+    Add-Content -Path "$pkg_prefix/config/bootstrap-config.rb" -Value @"
+ENV['PATH'] += ";C:/WINDOWS;C:/WINDOWS/system32/;C:/WINDOWS/system32/WindowsPowerShell/v1.0;C:/ProgramData/chocolatey/bin"
+"@
+
+    Write-BuildLine "Creating Chef Infra client configuration"
+    Copy-Item -Path "$pkg_prefix/.chef/config.rb" -Destination "$pkg_prefix/config/client-config.rb"
+    Add-Content -Path "$pkg_prefix/config/client-config.rb" -Value @"
+ssl_verify_mode {{cfg.ssl_verify_mode}}
+ENV['PATH'] += "{{cfg.env_path_prefix}}"
+
+{{#if cfg.data_collector.enable ~}}
+chef_guid "{{sys.member_id}}"
+data_collector.token "{{cfg.data_collector.token}}"
+data_collector.server_url "{{cfg.data_collector.server_url}}"
+{{/if ~}}
+"@
+
+    Write-BuildLine "Generating config/attributes.json"
+    Add-Content -Path "$pkg_prefix/config/attributes.json" -Value @"
+{{#if cfg.attributes}}
+{{toJson cfg.attributes}}
+{{else ~}}
+{}
+{{/if ~}}
+"@
+
+    Write-BuildLine "Generating Chef Habiat configuration, default.toml"
+    Add-Content -Path "$pkg_prefix/default.toml" -Value @"
+interval = 1800
+splay = 1800
+splay_first_run = 0
+run_lock_timeout = 1800
+log_level = "warn"
+env_path_prefix = ";C:/WINDOWS;C:/WINDOWS/system32/;C:/WINDOWS/system32/WindowsPowerShell/v1.0;C:/ProgramData/chocolatey/bin"
+ssl_verify_mode = ":verify_peer"
+
+[chef_license]
+acceptance = "undefined"
+
+[data_collector]
+enable = false
+token = "set_to_your_token"
+server_url = "set_to_your_url"
+"@
+
+    $scaffold_data_bags_path = "not_using_data_bags" # Set default to some string so Test-Path returns false instead of error. Thanks Powershell!
+    if (Test-Path "$scaffold_data_bags_path") {
+        Write-BuildLine "Detected a data bags directory, installing into package"
+        Copy-Item "$scaffold_data_bags_path/*" -Destination "$pkg_prefix" -Recurse
+    }
+}
diff --git a/habitat-packages/scaffolding-chef/lib/scaffolding.sh b/habitat-packages/scaffolding-chef/lib/scaffolding.sh
new file mode 100644
index 0000000000..7c098ff1cf
--- /dev/null
+++ b/habitat-packages/scaffolding-chef/lib/scaffolding.sh
@@ -0,0 +1,189 @@
+#
+# A scaffolding for Chef Policyfile packages
+#
+
+if [ -z "${scaffold_policy_name+x}" ]; then
+  echo "You must set \$scaffold_policy_name to a valid policy name. For example:"
+  echo
+  echo "\$scaffold_policy_name=base"
+  echo
+  echo "Will build a base.rb policyfile"
+  exit 1
+fi
+
+scaffolding_load() {
+  : "${scaffold_chef_client:=chef/chef-client}"
+  : "${scaffold_chef_dk:=chef/chef-dk}"
+  : "${scaffold_policyfiles_path:=$PLAN_CONTEXT/../policyfiles}"
+  : "${scaffold_data_bags_path:=$PLAN_CONTEXT/../data_bags}"
+
+  pkg_deps=(
+    "${pkg_deps[@]}"
+    "${scaffold_chef_client}"
+    "core/cacerts"
+  )
+  pkg_build_deps=(
+    "${pkg_build_deps[@]}"
+    "${scaffold_chef_dk}"
+    "core/git"
+  )
+
+  pkg_svc_user="root"
+  pkg_svc_run="set_just_so_you_will_render"
+}
+
+do_default_download() {
+  return 0
+}
+
+do_default_verify() {
+  return 0
+}
+
+do_default_unpack() {
+  return 0
+}
+
+do_default_build_service() {
+  ## Create hooks
+  build_line "Creating lifecycle hooks"
+  mkdir -p "${pkg_prefix}/hooks"
+  chmod 0750 "${pkg_prefix}/hooks"
+
+  # Run hook
+  cat << EOF >> "${pkg_prefix}/hooks/run"
+#!/bin/sh
+
+CFG_ENV_PATH_PREFIX={{cfg.env_path_prefix}}
+CFG_ENV_PATH_PREFIX="\${CFG_ENV_PATH_PREFIX:-/sbin:/usr/sbin:/usr/local/sbin:/usr/local/bin:/usr/bin:/bin}"
+CFG_INTERVAL={{cfg.interval}}
+CFG_INTERVAL="\${CFG_INTERVAL:-1800}"
+CFG_LOG_LEVEL={{cfg.log_level}}
+CFG_LOG_LEVEL="\${CFG_LOG_LEVEL:-warn}"
+CFG_RUN_LOCK_TIMEOUT={{cfg.run_lock_timeout}}
+CFG_RUN_LOCK_TIMEOUT="\${CFG_RUN_LOCK_TIMEOUT:-1800}"
+CFG_SPLAY={{cfg.splay}}
+CFG_SPLAY="\${CFG_SPLAY:-1800}"
+CFG_SPLAY_FIRST_RUN={{cfg.splay_first_run}}
+CFG_SPLAY_FIRST_RUN="\${CFG_SPLAY_FIRST_RUN:-0}"
+CFG_SSL_VERIFY_MODE={{cfg.ssl_verify_mode}}
+CFG_SSL_VERIFY_MODE="\${CFG_SSL_VERIFY_MODE:-:verify_peer}"
+
+chef_client_cmd()
+{
+  chef-client -z -l \$CFG_LOG_LEVEL -c $pkg_svc_config_path/client-config.rb -j $pkg_svc_config_path/attributes.json --once --no-fork --run-lock-timeout \$CFG_RUN_LOCK_TIMEOUT
+}
+
+SPLAY_DURATION=\$(shuf -i 0-\$CFG_SPLAY -n 1)
+
+SPLAY_FIRST_RUN_DURATION=\$(shuf -i 0-\$CFG_SPLAY_FIRST_RUN -n 1)
+
+export SSL_CERT_FILE="{{pkgPathFor "core/cacerts"}}/ssl/cert.pem"
+
+cd {{pkg.path}}
+
+exec 2>&1
+sleep \$SPLAY_FIRST_RUN_DURATION
+chef_client_cmd
+
+while true; do
+
+sleep \$SPLAY_DURATION
+sleep \$CFG_INTERVAL
+chef_client_cmd
+done
+EOF
+
+  chmod 0750 "${pkg_prefix}/hooks/run"
+}
+
+do_default_build() {
+  if [ ! -d "${scaffold_policyfiles_path}" ]; then
+    build_line "Could not detect a policyfiles directory, this is required to proceed!"
+    exit 1
+  fi
+
+  rm -f "${scaffold_policyfiles_path}"/*.lock.json
+
+  policyfile="${scaffold_policyfiles_path}/${scaffold_policy_name}.rb"
+
+  for p in $(grep include_policy "${policyfile}" | awk -F "," '{print $1}' | awk -F '"' '{print $2}' | tr -d " "); do
+    build_line "Detected included policyfile, ${p}.rb, installing"
+    chef install "${scaffold_policyfiles_path}/${p}.rb"
+  done
+
+  build_line "Installing ${policyfile}"
+  chef install "${policyfile}"
+}
+
+do_default_install() {
+  build_line "Exporting Chef Infra Repository"
+  chef export "${scaffold_policyfiles_path}/${scaffold_policy_name}.lock.json" "${pkg_prefix}"
+
+  build_line "Creating Chef Infra configuration"
+  mkdir -p "${pkg_prefix}/config"
+  chmod 0750 "${pkg_prefix}/config"
+  cat << EOF >> "${pkg_prefix}/.chef/config.rb"
+cache_path "$pkg_svc_data_path/cache"
+node_path "$pkg_svc_data_path/nodes"
+role_path "$pkg_svc_data_path/roles"
+
+chef_zero.enabled true
+EOF
+
+  build_line "Creating initial bootstrap configuration"
+  cp "${pkg_prefix}/.chef/config.rb" "${pkg_prefix}/config/bootstrap-config.rb"
+  cat << EOF >> "${pkg_prefix}/config/bootstrap-config.rb"
+ENV['PATH'] = "/sbin:/usr/sbin:/usr/local/sbin:/usr/local/bin:/usr/bin:/bin:#{ENV['PATH']}"
+EOF
+
+  build_line "Creating Chef Infra client configuration"
+  cp "${pkg_prefix}/.chef/config.rb" "${pkg_prefix}/config/client-config.rb"
+  cat << EOF >> "${pkg_prefix}/config/client-config.rb"
+ssl_verify_mode {{cfg.ssl_verify_mode}}
+ENV['PATH'] = "{{cfg.env_path_prefix}}:#{ENV['PATH']}"
+
+{{#if cfg.data_collector.enable ~}}
+chef_guid "{{sys.member_id}}"
+data_collector.token "{{cfg.data_collector.token}}"
+data_collector.server_url "{{cfg.data_collector.server_url}}"
+{{/if ~}}
+EOF
+  chmod 0640 "${pkg_prefix}/config/client-config.rb"
+
+  build_line "Generating config/attributes.json"
+  cat << EOF >> "${pkg_prefix}/config/attributes.json"
+{{#if cfg.attributes ~}}
+{{toJson cfg.attributes}}
+{{else ~}}
+{}
+{{/if ~}}
+EOF
+
+  build_line "Generating Chef Habitat configuration, default.toml"
+  cat << EOF >> "${pkg_prefix}/default.toml"
+interval = 1800
+splay = 1800
+splay_first_run = 0
+run_lock_timeout = 1800
+log_level = "warn"
+chef_client_ident = "" # this is blank by default so it can be populated from the bind
+env_path_prefix = "/sbin:/usr/sbin:/usr/local/sbin:/usr/local/bin:/usr/bin:/bin"
+ssl_verify_mode = ":verify_peer"
+
+[data_collector]
+enable = false
+token = "set_to_your_token"
+server_url = "set_to_your_url"
+EOF
+  chmod 0640 "${pkg_prefix}/default.toml"
+
+  if [ -d "${scaffold_data_bags_path}" ]; then
+    build_line "Detected a data bags directory, installing into package"
+    cp -a "${scaffold_data_bags_path}" "${pkg_prefix}"
+  fi
+}
+
+do_default_strip() {
+  return 0
+}
diff --git a/habitat-packages/scaffolding-chef/plan.ps1 b/habitat-packages/scaffolding-chef/plan.ps1
new file mode 100644
index 0000000000..d61241056a
--- /dev/null
+++ b/habitat-packages/scaffolding-chef/plan.ps1
@@ -0,0 +1,15 @@
+$pkg_name="scaffolding-chef"
+$pkg_description="Scaffolding for Chef Policyfiles"
+$pkg_origin="chef"
+$pkg_version="0.6.0"
+$pkg_maintainer="The Habitat Maintainers <humans@habitat.sh>"
+$pkg_license=("Apache-2.0")
+$pkg_upstream_url="https://www.chef.sh"
+$pkg_build_deps=@(
+    "core/chefdk"
+    "core/git"
+  )
+function Invoke-Install {
+  New-Item -ItemType directory -Path "${pkg_prefix}/lib"
+  Copy-Item -Path "$PLAN_CONTEXT/lib/scaffolding.ps1" -Destination "$pkg_prefix/lib/scaffolding.ps1"
+}
diff --git a/habitat-packages/scaffolding-chef/plan.sh b/habitat-packages/scaffolding-chef/plan.sh
new file mode 100644
index 0000000000..d3d49dfdc3
--- /dev/null
+++ b/habitat-packages/scaffolding-chef/plan.sh
@@ -0,0 +1,28 @@
+pkg_name=scaffolding-chef
+pkg_description="Scaffolding for Chef Policyfiles"
+pkg_origin=chef
+pkg_version="0.5.0"
+pkg_maintainer="The Habitat Maintainers <humans@habitat.sh>"
+pkg_license=('Apache-2.0')
+pkg_source=nope
+pkg_upstream_url="https://www.chef.sh"
+
+do_download() {
+  return 0
+}
+
+do_verify() {
+  return 0
+}
+
+do_unpack() {
+  return 0
+}
+
+do_build() {
+  return 0
+}
+
+do_install() {
+  install -D -m 0644 "$PLAN_CONTEXT/lib/scaffolding.sh" "$pkg_prefix/lib/scaffolding.sh"
+}