lourenco/mgmt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: lourenco:0.0.13
Branches Tags
lourenco:master lourenco:feat/cloudflaredns
lourenco:0.0.27 lourenco:0.0.26 lourenco:0.0.25 lourenco:0.0.24 lourenco:0.0.23 lourenco:0.0.22 lourenco:0.0.21 lourenco:0.0.20 lourenco:0.0.19 lourenco:0.0.18 lourenco:0.0.17 lourenco:0.0.16 lourenco:0.0.15 lourenco:0.0.14 lourenco:0.0.13 lourenco:0.0.12 lourenco:0.0.11 lourenco:0.0.10 lourenco:0.0.9 lourenco:0.0.8 lourenco:0.0.7 lourenco:0.0.6 lourenco:0.0.5 lourenco:0.0.4 lourenco:0.0.3 lourenco:0.0.2 lourenco:0.0.1
...
compare: lourenco:0.0.14
Branches Tags
lourenco:feat/cloudflaredns lourenco:master
lourenco:0.0.27 lourenco:0.0.26 lourenco:0.0.25 lourenco:0.0.24 lourenco:0.0.23 lourenco:0.0.22 lourenco:0.0.21 lourenco:0.0.20 lourenco:0.0.19 lourenco:0.0.18 lourenco:0.0.17 lourenco:0.0.16 lourenco:0.0.15 lourenco:0.0.14 lourenco:0.0.13 lourenco:0.0.12 lourenco:0.0.11 lourenco:0.0.10 lourenco:0.0.9 lourenco:0.0.8 lourenco:0.0.7 lourenco:0.0.6 lourenco:0.0.5 lourenco:0.0.4 lourenco:0.0.3 lourenco:0.0.2 lourenco:0.0.1

62 Commits
0.0.13 ... 0.0.14

Author SHA1 Message Date
James Shubin
e8b03545bb test: Don't fail on tag builds 
This seems to be causing our failures with:

$ git fetch --unshallow
fatal: Couldn't find remote ref refs/heads/0.0.x

where x is some tag.

Hopefully this doesn't break the other use case we added this patch for!
 2018-01-11 18:03:56 -05:00
James Shubin
70c59eab4a misc: Don't display script name in output 2018-01-11 18:03:04 -05:00
jonathangold
3c677543e0 resources: aws: ec2: Fix closed channel handling 
If awschan closes, longpollWatch and snsWatch return nil
instead of an error. This will prevent the engine from
shutting down in case we choose to close the channel
early or from other struct methods.
 2018-01-06 15:15:30 -05:00
jonathangold
c455ef2c62 resources: aws: ec2: Send IP addresses and InstanceID 2018-01-03 21:34:28 -05:00
Jonathan Gold
032d0992d6 resources: aws: ec2: Refactor CheckApply 
CheckApply was rewritten, using the new describe methods to improve
readability and maintainability.
 2018-01-03 21:34:28 -05:00
jonathangold
67837a47ac resources: aws: ec2: Refactor longpollWatch 
Complete rewrite of longpollWatch() for correctness and maintanability.
 2018-01-03 21:34:28 -05:00
Jonathan Gold
32e3c4e029 resources: aws: ec2: Refactor longpollWatch 
This patch simplifies longpollwatch by getting rid of some unnecessary
api calls and breaking the waiters out into their own functions.
 2018-01-03 21:34:28 -05:00
Jonathan Gold
76fcb7a06e resources: aws: ec2: Wait for stop and terminate concurrently 
In longpollWatch it was no longer sufficient to use only
WaitUntilInstanceStopped as it would block if the instance was
terminated. This patch launches two goroutines in its place, one
waits until the instance stops and the other waits until it
terminates. When either one returns, it cancels their context,
and execution continues.
 2018-01-03 21:34:28 -05:00
Jonathan Gold
149a2188e2 resources: aws: ec2: Retry on exceeded wait attempts error 
The waiters now return the AwsErr error "ResourceNotReady: exceeded wait
attempts" when the instance state does not converge after 40 retries.
During longpollWatch() we need to detect this error and continue to
the top of the loop so we can restart the waiters and keep watching for
events.
 2018-01-03 21:34:28 -05:00
Jonathan Gold
08e7caea6b resources: aws: ec2: CheckApply fix pending and stopping cases 
If CheckApply was called when the instance was pending or stopping, it
would return an error. This patch supresses these errors and tells the
engine that the state can't yet be changed.
 2018-01-03 21:34:28 -05:00
Jonathan Gold
e330ebc8c9 resources: aws: ec2: Verify SNS message signatures 2018-01-03 21:34:28 -05:00
Jonathan Gold
388a08e13a resources: aws: ec2: Check that policy.Statement != nil 2018-01-03 21:34:28 -05:00
Jonathan Gold
9ba9ef1cbf resources: aws: ec2: Close closeChan before server shutdown 
This patch makes sure that closeChan is closed as soon as the main loop
returns, so any channel operations are unblocked before we run shutdown.
This ensures that the server's goroutine can return before shutdown
completes and we don't panic by trying to serve the client after
shutdown returns.
 2018-01-03 21:34:27 -05:00
Jonathan Gold
fac004b774 resources: aws: ec2: Update postHandler to process messages 2018-01-03 21:34:27 -05:00
Jonathan Gold
8cd3f28734 resources: aws: ec2: Authorize CloudWatch to publish to sns 2018-01-03 21:34:27 -05:00
Jonathan Gold
dcd23fcf75 resources: aws: ec2: Add CloudWatch rule and target SNS 
This patch creates the cloudwatch rule that detects ec2 instance
state changes, and targets the rule to publish on our sns topic
which, in turn, pushes those event notifications to our endpoint.
 2018-01-03 21:34:27 -05:00
Jonathan Gold
1162485c2c resources: aws: ec2: Subscribe SNS endpoint to topic 
This patch adds methods to subscribe and confirm the subscription
to the sns topic.
 2018-01-03 21:34:27 -05:00
Jonathan Gold
966172eac6 resources: aws: ec2: Use custom listener for snsServer 
This patch replaces the call to Server.ListenAndServe() with
Server.Serve(listener) in order to make sure the listener is up
and running before we subscribe to the topic in a future patch.
 2018-01-03 21:34:27 -05:00
James Shubin
12fce52cd7 legal: Happy 2018 everyone... 
Done with:

ack '2017+' -l | xargs sed -i -e 's/2017+/2018+/g'

Checked manually with:

git add -p

Hello to future James from 2019, and Happy Hacking!
 2018-01-03 21:22:07 -05:00
Felix Frank
5ca1e2a23f puppet: Avoid empty parameters to puppet mgmtgraph 
This solves an issue first observed with golang 1.8.

Creating an exec.Command with an empty string parameter (when no puppet.conf
file is specified) would lead to an error from Puppet, stating that an
unexpected argument was passed to "puppet mgmtgraph print".

The workaround is to not include *any* positional argument (not even the
empty string) when --puppet-conf is not used.
 2017-12-26 00:18:46 +01:00
Paul Morgan
98f8a61e83 git: Configure editorconfig to indent with tabs in bash scripts 
This follows `test/test-bashfmt.sh` style check(s).
 2017-12-20 21:09:15 +00:00
Paul Morgan
2e86d7c5ab git: Ensure the tagging script is idempotent 2017-12-20 21:04:57 +00:00
Jonathan Gold
62ca12608d cli: Add license flag 
This patch adds the option to print the license with a cli flag. It
uses go-bindata to store the license file. The file is generated by
running `make bindata` and the result is stored in the bindata
directory.
 2017-12-08 00:57:58 -05:00
Jonathan Gold
406aa55667 resources: virt: Update libvirt-xml target 
Builds started failing due to go-libvirt-xml 6d97448. In that patch,
the DomainChannelTarget struct was changed from having a single type
field, to having an individual field for each virtualization type.

This patch updates the connection check in Init to reflect the changes
to go-libvirt-xml, so that builds no longer fail.
 2017-11-29 19:03:56 -05:00
James Shubin
a76dce8b15 docs: Add missing blog post about augeas resource 2017-11-26 17:15:49 -05:00
James Shubin
b01d453ae3 docs: Refresh documentation to provide a better new user experience 
This does some cleanups and moves some things around for a better
experience. If you're an expert in this area, or are a new user who has
some feedback about their first impressions and experiences, please let
us know!
 2017-11-25 20:45:57 -05:00
Guillaume Herail
ac629404f4 test: Switch to goimports instead of gofmt 
see https://github.com/purpleidea/mgmt/pull/256#issuecomment-346360414
 2017-11-25 06:49:00 -05:00
Guillaume Herail
3575d597f7 resources: Add User/Group to ExecRes 2017-11-24 10:38:16 -05:00
Toshaan Bharvani
2affcba3b4 build: Added build option to strip binary 
This is a build option in Golang that will strip the binary.
The binary becomes about 50% smaller.

Signed-off-by: Toshaan Bharvani <toshaan@vantosh.com>
 2017-11-24 10:26:48 -05:00
James Shubin
846c5f8762 test: Add another check for off-by-one-error commit tags 2017-11-24 09:46:32 -05:00
Julien Pivotto
086af712d2 example: Remove content out of directory definition 
Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
 2017-11-24 14:26:20 +01:00
Julien Pivotto
2b6e39f283 build: Remove go 1.3 and 1.4 support 
Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
 2017-11-24 05:35:09 -05:00
Julien Pivotto
472663193a prometheus: Initialize all metrics 
Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
 2017-11-24 11:02:36 +01:00
James Shubin
879ff838ae resources: Replace golang 1.6 specific code with newer 1.7 version 
We now require at least 1.8 so we might as well fix this up.
 2017-11-23 10:57:11 -05:00
Julien Pivotto
5e9a085e39 exec: Add autoEdges between ExecRes and PkgRes 
Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
 2017-11-23 16:30:22 +01:00
Julien Pivotto
c2b5729ebd build: Build mgmt on any go file change 
Prior to this commit, running make would only rebuild mgmt when
main.go was changed. It means that make clean build was needed.

With this commit, any go file change in this directory will
trigger a new compilation.

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
 2017-11-23 09:32:02 -05:00
Julien Pivotto
fdce9d6a6a prometheus: Initialize mgmt_checkapply_total metrics 
It is recommended by Prometheus to initialize metrics:

https://prometheus.io/docs/practices/instrumentation/#avoid-missing-metrics

This commits initialize the mgmt_checkapply_total metric
for each registered resource.

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
 2017-11-23 15:23:41 +01:00
Guillaume Herail
bfc2549289 resources: Move FileRes.uid()/.gid() to util.go 2017-11-23 08:34:38 -05:00
James Shubin
52fd1ae73e test: Add check for common doc vs docs ambiguity 2017-11-23 08:20:44 -05:00
Julien Pivotto
23e167616f doc: Fix link to the prometheus wiki 
Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
 2017-11-23 09:52:28 +01:00
James Shubin
51ce83f20b test: Add extra commit message tests for some common mistakes 
Feel free to add more if we identify them.
 2017-11-21 11:05:20 -05:00
Jonathan Gold
5e5bbf4b39 travis: Allow travis builds to access target branches 
Because travis builds only fetch a single branch (master) by default,
test-commit-message.sh only had access to commits in the master branch.
In order to fetch the correct branch for our build, we need to run
'git config remote.origin.fetch..' with the target branch's information
before executing git fetch on the repo in before_install.

Now git will always fetch the appropriate branch.
 2017-11-18 21:04:12 -05:00
Guillaume Herail
cbc3a691b9 docker: Bump to golang 1.8 2017-11-16 17:36:35 +01:00
Jonathan Gold
a5247d6e69 resources: aws: ec2: Change event messages to iota consts 2017-11-14 16:48:51 -05:00
Jonathan Gold
d698b82a83 resources: aws: ec2: Start and stop SNS endpoint in snsWatch 
This patch adds snsWatch which launches the HTTP server and listens
for messages on awsChan to forward as events to the mgmt engine.
 2017-11-11 23:07:12 -05:00
Jonathan Gold
91eff75288 resources: aws: ec2: Add method to make sns topic 2017-11-10 17:31:19 -05:00
James Shubin
91a9edb322 resources: aws: ec2: Fix deadlock on rare error scenarios 
If we get an error in the Watch loop, it will send this on awsChan,
which will cause Watch to loop. However, in this scenario it will never
cause closeChan to close, and we will deadlock because we have a
waitGroup in a helper goroutine which is waiting on this channel to
close the context.

Normally this wouldn't be an issue, but since we have more than one
goroutine (with associated waitGroup) it is. It's also good practice to
close all the channels to help avoid this kind of bug.

This patch also moves the waitGroup Wait into a more logical place for
visibility.
 2017-11-10 14:17:54 -05:00
Jonathan Gold
c8ddbeaa5c resource: aws: ec2: Add http server 2017-11-09 13:13:42 -05:00
Jonathan Gold
3634b3450d resource: aws: ec2: Move waitgroup to resource struct 2017-11-08 16:57:41 -05:00
Jonathan Gold
c2a5e3f5d8 resources: aws: ec2: Move watch channels into struct 2017-11-08 16:16:01 -05:00
Jonathan Gold
db49fe85e4 resources: aws: ec2: Move chanStruct type out of longpollWatch 2017-11-08 16:08:25 -05:00
Jonathan Gold
567a2e9fd8 resources: aws: ec2: Reorganized consts 2017-11-08 16:02:29 -05:00
Jonathan Gold
987de00e17 resources: aws: ec2: Remove extra wait from Watch 
There were two calls to WaitUntilInstanceTerminatedWithContext in a row.
There's no reason to make the call twice.
 2017-11-08 16:02:24 -05:00
Jonathan Gold
baeafec74a resources: aws: ec2: Move Watch to longpollWatch 2017-11-08 16:02:12 -05:00
James Shubin
9cfa0b14d4 yamlgraph: Improve error output 
This makes it easier to know what's missing.
 2017-11-02 09:13:27 -04:00
James Shubin
948ded6792 github: This event is over 
And it wasn't successful at all.
 2017-11-01 07:07:14 -04:00
James Shubin
3c69619fd9 github: Add new label for design discussions and trackers 
Open ideas related to designs can be tracked here. We've already got a
few such tickets open.
 2017-11-01 07:04:32 -04:00
Jonathan Gold
e7c4bc7f47 resources: Add UserData field to AwsEc2 
UserData specifies first-launch bash and cloud-init commands. See
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html
for documentation and examples.
 2017-10-30 00:22:30 -04:00
Jonathan Gold
277ecc901b etcd: Plumbed in the new cli flags for advertise urls 2017-10-29 17:16:51 -04:00
Jonathan Gold
0f70c31a30 etcd: Add advertise urls to cli 
This patch adds the option to specify URLs to advertise for clients and peers.
This will facilitate etcd communication through nat, where we want to listen
on a local IP, but expose a public IP to clients/peers.
 2017-10-28 22:42:27 -04:00
James Shubin
9a97a92e31 github: Use third-party settings app to sync github settings 
Let's give this a try. One downside is that giving anyone push access
gives them ability to rename repo and do other bad admin type things.
 2017-10-26 05:04:41 -04:00
James Shubin
f9d452ad2c examples: Add longpoll server and client 
This is an example of a race-free long-poll server and client. It uses a
redirection method to signal that the "Watch" is running.

Other race-free methods exist.
 2017-10-24 04:20:19 -04:00
118 changed files with 2699 additions and 985 deletions
Expand all files Collapse all files

3
.editorconfig
View File

@@ -12,6 +12,9 @@ end_of_line = lf
insert_final_newline = true
trim_trailing_whitespace = true
[*.sh]
indent_style = tab
[*.go]
indent_style = tab

96
.github/settings.yml vendored Normal file
View File

@@ -0,0 +1,96 @@
# These settings are synced to GitHub by https://probot.github.io/apps/settings/
repository:
# See https://developer.github.com/v3/repos/#edit for all available settings.
# The name of the repository. Changing this will rename the repository
name: mgmt
# A short description of the repository that will show up on GitHub
description: Next generation distributed, event-driven, parallel config management!
# A URL with more information about the repository
homepage: https://ttboj.wordpress.com/?s=mgmtconfig
# A comma-separated list of topics to set on the repository
topics: golang, go, configuration-management, config-management, devops, etcd, distributed-systems, graph-theory
# Either `true` to make the repository private, or `false` to make it public.
private: false
# Either `true` to enable issues for this repository, `false` to disable them.
has_issues: true
# Either `true` to enable projects for this repository, or `false` to disable them.
# If projects are disabled for the organization, passing `true` will cause an API error.
has_projects: false
# Either `true` to enable the wiki for this repository, `false` to disable it.
has_wiki: false
# Either `true` to enable downloads for this repository, `false` to disable them.
has_downloads: true
# Updates the default branch for this repository.
default_branch: master
# Either `true` to allow squash-merging pull requests, or `false` to prevent
# squash-merging.
allow_squash_merge: false
# Either `true` to allow merging pull requests with a merge commit, or `false`
# to prevent merging pull requests with merge commits.
allow_merge_commit: false
# Either `true` to allow rebase-merging pull requests, or `false` to prevent
# rebase-merging.
allow_rebase_merge: true
# Labels: define labels for Issues and Pull Requests (in alphabetical order)
labels:
- name: bug
color: fc2929
- name: confirmed
color: d93f0b
- name: design
color: 5319e7
- name: duplicate
color: cccccc
- name: enhancement
color: 84b6eb
- name: good first issue
color: 7057ff
- name: help wanted
color: 159818
- name: invalid
color: e6e6e6
- name: mgmtlove
color: e11d21
- name: question
color: cc317c
- name: wontfix
color: ffffff
# - name: first-timers-only
# # include the old name to rename an existing label
# oldname: Help Wanted
# Collaborators: give specific users access to this repository.
#collaborators:
# - username: purpleidea
# # Note: Only valid on organization-owned repositories.
# # The permission to grant the collaborator. Can be one of:
# # * `pull` - can pull, but not push to or administer this repository.
# # * `push` - can pull and push, but not administer this repository.
# # * `admin` - can pull, push and administer this repository.
# permission: push
# - username: hubot
# permission: pull
# NOTE: The APIs needed for teams are not supported yet by GitHub Apps
# https://developer.github.com/v3/apps/available-endpoints/
#teams:
# - name: core
# permission: admin
# - name: docs
# permission: push

1
.gitignore vendored
View File

@@ -6,6 +6,7 @@
old/
tmp/
*_stringer.go
bindata/*.go
mgmt
mgmt.static
mgmt.iml

1
.travis.yml
View File

@@ -8,6 +8,7 @@ sudo: true
dist: trusty
before_install:
- sudo apt update
- git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*"
- git fetch --unshallow
install: 'make deps'
script: 'make test'

2
COPYRIGHT
View File

@@ -1,5 +1,5 @@
Mgmt
Copyright (C) 2013-2017+ James Shubin and the project contributors
Copyright (C) 2013-2018+ James Shubin and the project contributors
Written by James Shubin <james@shubin.ca> and the project contributors
This program is free software: you can redistribute it and/or modify

36
Makefile
View File

@@ -1,5 +1,5 @@
# Mgmt
# Copyright (C) 2013-2017+ James Shubin and the project contributors
# Copyright (C) 2013-2018+ James Shubin and the project contributors
# Written by James Shubin <james@shubin.ca> and the project contributors
#
# This program is free software: you can redistribute it and/or modify
@@ -16,13 +16,13 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
SHELL = /usr/bin/env bash
.PHONY: all art cleanart version program path deps run race generate build clean test gofmt yamlfmt format docs rpmbuild mkdirs rpm srpm spec tar upload upload-sources upload-srpms upload-rpms copr
.SILENT: clean
.PHONY: all art cleanart version program path deps run race bindata generate build clean test gofmt yamlfmt format docs rpmbuild mkdirs rpm srpm spec tar upload upload-sources upload-srpms upload-rpms copr
.SILENT: clean bindata
GO_FILES := $(shell find . -name '*.go')
SVERSION := $(or $(SVERSION),$(shell git describe --match '[0-9]*\.[0-9]*\.[0-9]*' --tags --dirty --always))
VERSION := $(or $(VERSION),$(shell git describe --match '[0-9]*\.[0-9]*\.[0-9]*' --tags --abbrev=0))
PROGRAM := $(shell echo $(notdir $(CURDIR)) | cut -f1 -d"-")
OLDGOLANG := $(shell go version | grep -E 'go1.3|go1.4')
ifeq ($(VERSION),$(SVERSION))
RELEASE = 1
else
@@ -101,40 +101,36 @@ run:
race:
find . -maxdepth 1 -type f -name '*.go' -not -name '*_test.go' | xargs go run -race -ldflags "-X main.program=$(PROGRAM) -X main.version=$(SVERSION)"
# generate go files from non-go source
bindata:
$(MAKE) --quiet -C bindata
generate:
go generate
build: $(PROGRAM)
build: bindata $(PROGRAM)
$(PROGRAM): main.go
$(PROGRAM): $(GO_FILES)
@echo "Building: $(PROGRAM), version: $(SVERSION)..."
ifneq ($(OLDGOLANG),)
@# avoid equals sign in old golang versions eg in: -X foo=bar
time go build -ldflags "-X main.program $(PROGRAM) -X main.version $(SVERSION)" -o $(PROGRAM) $(BUILD_FLAGS);
else
time go build -i -ldflags "-X main.program=$(PROGRAM) -X main.version=$(SVERSION)" -o $(PROGRAM) $(BUILD_FLAGS);
endif
$(PROGRAM).static: main.go
$(PROGRAM).static: $(GO_FILES)
@echo "Building: $(PROGRAM).static, version: $(SVERSION)..."
go generate
ifneq ($(OLDGOLANG),)
@# avoid equals sign in old golang versions eg in: -X foo=bar
go build -a -installsuffix cgo -tags netgo -ldflags '-extldflags "-static" -X main.program $(PROGRAM) -X main.version $(SVERSION)' -o $(PROGRAM).static $(BUILD_FLAGS);
else
go build -a -installsuffix cgo -tags netgo -ldflags '-extldflags "-static" -X main.program=$(PROGRAM) -X main.version=$(SVERSION)' -o $(PROGRAM).static $(BUILD_FLAGS);
endif
go build -a -installsuffix cgo -tags netgo -ldflags '-extldflags "-static" -X main.program=$(PROGRAM) -X main.version=$(SVERSION) -s -w' -o $(PROGRAM).static $(BUILD_FLAGS);
clean:
[ ! -e $(PROGRAM) ] || rm $(PROGRAM)
rm -f *_stringer.go # generated by `go generate`
rm -f *_mock.go # generated by `go generate`
test:
test: bindata
./test.sh
gofmt:
find . -maxdepth 3 -type f -name '*.go' -not -path './old/*' -not -path './tmp/*' -exec gofmt -w {} \;
# TODO: remove gofmt once goimports has a -s option
find . -maxdepth 3 -type f -name '*.go' -not -path './old/*' -not -path './tmp/*' -exec gofmt -s -w {} \;
find . -maxdepth 3 -type f -name '*.go' -not -path './old/*' -not -path './tmp/*' -exec goimports -w {} \;
yamlfmt:
find . -maxdepth 3 -type f -name '*.yaml' -not -path './old/*' -not -path './tmp/*' -not -path './omv.yaml' -exec ruby -e "require 'yaml'; x=YAML.load_file('{}').to_yaml.each_line.map(&:rstrip).join(10.chr)+10.chr; File.open('{}', 'w').write x" \;

33
README.md
View File

@@ -22,6 +22,7 @@ Mgmt is a fairly new project.
We're working towards being minimally useful for production environments.
We aren't feature complete for what we'd consider a 1.x release yet.
With your help you'll be able to influence our design and get us there sooner!
Interested developers should read the [quick start guide](docs/quick-start-guide.md).
## Documentation:
Please read, enjoy and help improve our documentation!
@@ -30,6 +31,7 @@ Please read, enjoy and help improve our documentation!
|---|---|
| [general documentation](docs/documentation.md) | for everyone |
| [quick start guide](docs/quick-start-guide.md) | for mgmt developers |
| [frequently asked questions](docs/faq.md) | for everyone |
| [resource guide](docs/resource-guide.md) | for mgmt developers |
| [godoc API reference](https://godoc.org/github.com/purpleidea/mgmt) | for mgmt developers |
| [prometheus guide](docs/prometheus.md) | for everyone |
@@ -40,9 +42,9 @@ Please ask in the [community](#community)!
If you have a well phrased question that might benefit others, consider asking it by sending a patch to the documentation [FAQ](https://github.com/purpleidea/mgmt/blob/master/docs/documentation.md#usage-and-frequently-asked-questions) section. I'll merge your question, and a patch with the answer!
## Roadmap:
Feel free to grab one of the straightforward [#mgmtlove](https://github.com/purpleidea/mgmt/labels/mgmtlove) issues if you're a first time contributor to the project or if you're unsure about what to hack on!
Please see: [TODO.md](TODO.md) for a list of upcoming work and TODO items.
Please get involved by working on one of these items or by suggesting something else!
Feel free to grab one of the straightforward [#mgmtlove](https://github.com/purpleidea/mgmt/labels/mgmtlove) issues if you're a first time contributor to the project or if you're unsure about what to hack on!
## Bugs:
Please set the `DEBUG` constant in [main.go](https://github.com/purpleidea/mgmt/blob/master/main.go) to `true`, and post the logs when you report the [issue](https://github.com/purpleidea/mgmt/issues).
@@ -53,34 +55,7 @@ Feel free to read my article on [debugging golang programs](https://ttboj.wordpr
We'd love to have your patches! Please send them by email, or as a pull request.
## On the web:
| Author | Format | Subject |
|---|---|---|
| James Shubin | blog | [Next generation configuration mgmt](https://ttboj.wordpress.com/2016/01/18/next-generation-configuration-mgmt/) |
| James Shubin | video | [Introductory recording from DevConf.cz 2016](https://www.youtube.com/watch?v=GVhpPF0j-iE&html5=1) |
| James Shubin | video | [Introductory recording from CfgMgmtCamp.eu 2016](https://www.youtube.com/watch?v=fNeooSiIRnA&html5=1) |
| Julian Dunn | video | [On mgmt at CfgMgmtCamp.eu 2016](https://www.youtube.com/watch?v=kfF9IATUask&t=1949&html5=1) |
| Walter Heck | slides | [On mgmt at CfgMgmtCamp.eu 2016](http://www.slideshare.net/olindata/configuration-management-time-for-a-4th-generation/3) |
| Marco Marongiu | blog | [On mgmt](http://syslog.me/2016/02/15/leap-or-die/) |
| Felix Frank | blog | [From Catalog To Mgmt (on puppet to mgmt "transpiling")](https://ffrank.github.io/features/2016/02/18/from-catalog-to-mgmt/) |
| James Shubin | blog | [Automatic edges in mgmt (...and the pkg resource)](https://ttboj.wordpress.com/2016/03/14/automatic-edges-in-mgmt/) |
| James Shubin | blog | [Automatic grouping in mgmt](https://ttboj.wordpress.com/2016/03/30/automatic-grouping-in-mgmt/) |
| John Arundel | tweet | [“Puppets days are numbered.”](https://twitter.com/bitfield/status/732157519142002688) |
| Felix Frank | blog | [Puppet, Meet Mgmt (on puppet to mgmt internals)](https://ffrank.github.io/features/2016/06/12/puppet,-meet-mgmt/) |
| Felix Frank | blog | [Puppet Powered Mgmt (puppet to mgmt tl;dr)](https://ffrank.github.io/features/2016/06/19/puppet-powered-mgmt/) |
| James Shubin | blog | [Automatic clustering in mgmt](https://ttboj.wordpress.com/2016/06/20/automatic-clustering-in-mgmt/) |
| James Shubin | video | [Recording from CoreOSFest 2016](https://www.youtube.com/watch?v=KVmDCUA42wc&html5=1) |
| James Shubin | video | [Recording from DebConf16](http://meetings-archive.debian.net/pub/debian-meetings/2016/debconf16/Next_Generation_Config_Mgmt.webm) ([Slides](https://annex.debconf.org//debconf-share/debconf16/slides/15-next-generation-config-mgmt.pdf)) |
| Felix Frank | blog | [Edging It All In (puppet and mgmt edges)](https://ffrank.github.io/features/2016/07/12/edging-it-all-in/) |
| Felix Frank | blog | [Translating All The Things (puppet to mgmt translation warnings)](https://ffrank.github.io/features/2016/08/19/translating-all-the-things/) |
| James Shubin | video | [Recording from systemd.conf 2016](https://www.youtube.com/watch?v=jB992Zb3nH0&html5=1) |
| James Shubin | blog | [Remote execution in mgmt](https://ttboj.wordpress.com/2016/10/07/remote-execution-in-mgmt/) |
| James Shubin | video | [Recording from High Load Strategy 2016](https://vimeo.com/191493409) |
| James Shubin | video | [Recording from NLUUG 2016](https://www.youtube.com/watch?v=MmpwOQAb_SE&html5=1) |
| James Shubin | blog | [Send/Recv in mgmt](https://ttboj.wordpress.com/2016/12/07/sendrecv-in-mgmt/) |
| James Shubin | blog | [Metaparameters in mgmt](https://ttboj.wordpress.com/2017/03/01/metaparameters-in-mgmt/) |
| James Shubin | video | [Recording from Incontro DevOps 2017](https://vimeo.com/212241877) |
| Yves Brissaud | blog | [mgmt aux HumanTalks Grenoble (french)](http://log.winsos.net/2017/04/12/mgmt-aux-human-talks-grenoble.html) |
| James Shubin | video | [Recording from OSDC Berlin 2017](https://www.youtube.com/watch?v=LkEtBVLfygE&html5=1) |
[Read what people are saying and publishing about mgmt!](docs/on-the-web.md)
##

33
bindata/Makefile Normal file
View File

@@ -0,0 +1,33 @@
# Mgmt
# Copyright (C) 2013-2018+ James Shubin and the project contributors
# Written by James Shubin <james@shubin.ca> and the project contributors
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# The bindata target generates go files from any source defined below. To use
# the files, import the "bindata" package and use:
# `bytes, err := bindata.Asset("FILEPATH")`
# where FILEPATH is the path of the original input file relative to `bindata/`.
.PHONY: build
default: build
build: bindata.go
# add more input files as dependencies at the end here...
bindata.go: ../COPYING
# go-bindata --pkg bindata -o {OUTPUT} {INPUT}
go-bindata --pkg bindata -o ./$@ $^
# gofmt the output file
gofmt -s -w $@

2
converger/converger.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
doc.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

4
docker/Dockerfile
View File

@@ -1,10 +1,10 @@
FROM golang:1.6.2
FROM golang:1.8
MAINTAINER Michał Czeraszkiewicz <contact@czerasz.com>
# Set the reset cache variable
# Read more here: http://czerasz.com/2014/11/13/docker-tip-and-tricks/#use-refreshedat-variable-for-better-cache-control
ENV REFRESHED_AT 2016-05-10
ENV REFRESHED_AT 2017-11-16
# Update the package list to be able to use required packages
RUN apt-get update

7
docker/Dockerfile.development
View File

@@ -1,10 +1,10 @@
FROM golang:1.6.2
FROM golang:1.8
MAINTAINER Michał Czeraszkiewicz <contact@czerasz.com>
# Set the reset cache variable
# Read more here: http://czerasz.com/2014/11/13/docker-tip-and-tricks/#use-refreshedat-variable-for-better-cache-control
ENV REFRESHED_AT 2016-05-14
ENV REFRESHED_AT 2017-11-16
RUN apt-get update
@@ -27,5 +27,8 @@ WORKDIR /home/$USER_NAME/mgmt
# Install dependencies
RUN make deps
# Chown $GOPATH
RUN chown -R ${USER_ID}:${GROUP_ID} /go
# Change user
USER ${USER_NAME}

2
docs/conf.py
View File

@@ -51,7 +51,7 @@ master_doc = 'index'
# General information about the project.
project = u'mgmt'
copyright = u'2013-2017+ James Shubin and the project contributors'
copyright = u'2013-2018+ James Shubin and the project contributors'
author = u'James Shubin'
# The version info for the project you're documenting, acts as replacement for

268
docs/documentation.md
View File

@@ -1,9 +1,4 @@
# mgmt
Available from:
[https://github.com/purpleidea/mgmt/](https://github.com/purpleidea/mgmt/)
This documentation is available in: [Markdown](https://github.com/purpleidea/mgmt/blob/master/docs/documentation.md) or [PDF](https://pdfdoc-purpleidea.rhcloud.com/pdf/https://github.com/purpleidea/mgmt/blob/master/docs/documentation.md) format.
# General documentation
## Overview
@@ -26,16 +21,12 @@ For more information, you may like to read some blog posts from the author:
* [Send/Recv in mgmt](https://ttboj.wordpress.com/2016/12/07/sendrecv-in-mgmt/)
* [Metaparameters in mgmt](https://ttboj.wordpress.com/2017/03/01/metaparameters-in-mgmt/)
There is also an [introductory video](http://meetings-archive.debian.net/pub/debian-meetings/2016/debconf16/Next_Generation_Config_Mgmt.webm) available.
Older videos and other material [is available](https://github.com/purpleidea/mgmt/#on-the-web).
There is also an [introductory video](https://www.youtube.com/watch?v=LkEtBVLfygE&html5=1) available.
Older videos and other material [is available](on-the-web.md).
## Setup
During this prototype phase, the tool can be run out of the source directory.
You'll probably want to use ```./run.sh run --yaml examples/graph1.yaml``` to
get started. Beware that this _can_ cause data loss. Understand what you're
doing first, or perform these actions in a virtual environment such as the one
provided by [Oh-My-Vagrant](https://github.com/purpleidea/oh-my-vagrant).
You'll probably want to read the [quick start guide](quick-start-guide.md) to get going.
## Features
@@ -162,255 +153,6 @@ For more details and caveats see [Puppet.md](Puppet.md).
An introductory post on the Puppet support is on
[Felix's blog](http://ffrank.github.io/features/2016/06/19/puppet-powered-mgmt/).
## Resources
This section lists all the built-in resources and their properties. The
resource primitives in `mgmt` are typically more powerful than resources in
other configuration management systems because they can be event based which
lets them respond in real-time to converge to the desired state. This property
allows you to build more complex resources that you probably hadn't considered
in the past.
In addition to the resource specific properties, there are resource properties
(otherwise known as parameters) which can apply to every resource. These are
called [meta parameters](#meta-parameters) and are listed separately. Certain
meta parameters aren't very useful when combined with certain resources, but
in general, it should be fairly obvious, such as when combining the `noop` meta
parameter with the [Noop](#Noop) resource.
* [Augeas](#Augeas): Manipulate files using augeas.
* [Exec](#Exec): Execute shell commands on the system.
* [File](#File): Manage files and directories.
* [Hostname](#Hostname): Manages the hostname on the system.
* [KV](#KV): Set a key value pair in our shared world database.
* [Msg](#Msg): Send log messages.
* [Noop](#Noop): A simple resource that does nothing.
* [Nspawn](#Nspawn): Manage systemd-machined nspawn containers.
* [Password](#Password): Create random password strings.
* [Pkg](#Pkg): Manage system packages with PackageKit.
* [Svc](#Svc): Manage system systemd services.
* [Timer](#Timer): Manage system systemd services.
* [Virt](#Virt): Manage virtual machines with libvirt.
### Augeas
The augeas resource uses [augeas](http://augeas.net/) commands to manipulate
files.
### Exec
The exec resource can execute commands on your system.
### File
The file resource manages files and directories. In `mgmt`, directories are
identified by a trailing slash in their path name. File have no such slash.
It has the following properties:
- `path`: file path (directories have a trailing slash here)
- `content`: raw file content
- `state`: either `exists` (the default value) or `absent`
- `mode`: octal unix file permissions
- `owner`: username or uid for the file owner
- `group`: group name or gid for the file group
#### Path
The path property specifies the file or directory that we are managing.
#### Content
The content property is a string that specifies the desired file contents.
#### Source
The source property points to a source file or directory path that we wish to
copy over and use as the desired contents for our resource.
#### State
The state property describes the action we'd like to apply for the resource. The
possible values are: `exists` and `absent`.
#### Recurse
The recurse property limits whether file resource operations should recurse into
and monitor directory contents with a depth greater than one.
#### Force
The force property is required if we want the file resource to be able to change
a file into a directory or vice-versa. If such a change is needed, but the force
property is not set to `true`, then this file resource will error.
### Hostname
The hostname resource manages static, transient/dynamic and pretty hostnames
on the system and watches them for changes.
#### static_hostname
The static hostname is the one configured in /etc/hostname or a similar
file.
It is chosen by the local user. It is not always in sync with the current
host name as returned by the gethostname() system call.
#### transient_hostname
The transient / dynamic hostname is the one configured via the kernel's
sethostbyname().
It can be different from the static hostname in case DHCP or mDNS have been
configured to change the name based on network information.
#### pretty_hostname
The pretty hostname is a free-form UTF8 host name for presentation to the user.
#### hostname
Hostname is the fallback value for all 3 fields above, if only `hostname` is
specified, it will set all 3 fields to this value.
### KV
The KV resource sets a key and value pair in the global world database. This is
quite useful for setting a flag after a number of resources have run. It will
ignore database updates to the value that are greater in compare order than the
requested key if the `SkipLessThan` parameter is set to true. If we receive a
refresh, then the stored value will be reset to the requested value even if the
stored value is greater.
#### Key
The string key used to store the key.
#### Value
The string value to set. This can also be set via Send/Recv.
#### SkipLessThan
If this parameter is set to `true`, then it will ignore updating the value as
long as the database versions are greater than the requested value. The compare
operation used is based on the `SkipCmpStyle` parameter.
#### SkipCmpStyle
By default this converts the string values to integers and compares them as you
would expect.
### Msg
The msg resource sends messages to the main log, or an external service such
as systemd's journal.
### Noop
The noop resource does absolutely nothing. It does have some utility in testing
`mgmt` and also as a placeholder in the resource graph.
### Nspawn
The nspawn resource is used to manage systemd-machined style containers.
### Password
The password resource can generate a random string to be used as a password. It
will re-generate the password if it receives a refresh notification.
### Pkg
The pkg resource is used to manage system packages. This resource works on many
different distributions because it uses the underlying packagekit facility which
supports different backends for different environments. This ensures that we
have great Debian (deb/dpkg) and Fedora (rpm/dnf) support simultaneously.
### Svc
The service resource is still very WIP. Please help us my improving it!
### Timer
This resource needs better documentation. Please help us my improving it!
### Virt
The virt resource can manage virtual machines via libvirt.
## Usage and frequently asked questions
(Send your questions as a patch to this FAQ! I'll review it, merge it, and
respond by commit with the answer.)
### Why did you start this project?
I wanted a next generation config management solution that didn't have all of
the design flaws or limitations that the current generation of tools do, and no
tool existed!
### Why did you use etcd? What about consul?
Etcd and consul are both written in golang, which made them the top two
contenders for my prototype. Ultimately a choice had to be made, and etcd was
chosen, but it was also somewhat arbitrary. If there is available interest,
good reasoning, *and* patches, then we would consider either switching or
supporting both, but this is not a high priority at this time.
### Can I use an existing etcd cluster instead of the automatic embedded servers?
Yes, it's possible to use an existing etcd cluster instead of the automatic,
elastic embedded etcd servers. To do so, simply point to the cluster with the
`--seeds` variable, the same way you would if you were seeding a new member to
an existing mgmt cluster.
The downside to this approach is that you won't benefit from the automatic
elastic nature of the embedded etcd servers, and that you're responsible if you
accidentally break your etcd cluster, or if you use an unsupported version.
### What does the error message about an inconsistent dataDir mean?
If you get an error message similar to:
```
Etcd: Connect: CtxError...
Etcd: CtxError: Reason: CtxDelayErr(5s): No endpoints available yet!
Etcd: Connect: Endpoints: []
Etcd: The dataDir (/var/lib/mgmt/etcd) might be inconsistent or corrupt.
```
This happens when there are a series of fatal connect errors in a row. This can
happen when you start `mgmt` using a dataDir that doesn't correspond to the
current cluster view. As a result, the embedded etcd server never finishes
starting up, and as a result, a default endpoint never gets added. The solution
is to either reconcile the mistake, and if there is no important data saved, you
can remove the etcd dataDir. This is typically `/var/lib/mgmt/etcd/member/`.
### Why do resources have both a `Compare` method and an `IFF` (on the UID) method?
The `Compare()` methods are for determining if two resources are effectively the
same, which is used to make graph change delta's efficient. This is when we want
to change from the current running graph to a new graph, but preserve the common
vertices. Since we want to make this process efficient, we only update the parts
that are different, and leave everything else alone. This `Compare()` method can
tell us if two resources are the same.
The `IFF()` method is part of the whole UID system, which is for discerning if a
resource meets the requirements another expects for an automatic edge. This is
because the automatic edge system assumes a unified UID pattern to test for
equality. In the future it might be helpful or sane to merge the two similar
comparison functions although for now they are separate because they are
actually answer different questions.
### Did you know that there is a band named `MGMT`?
I didn't realize this when naming the project, and it is accidental. After much
anguishing, I chose the name because it was short and I thought it was
appropriately descriptive. If you need a less ambiguous search term or phrase,
you can try using `mgmtconfig` or `mgmt config`.
### You didn't answer my question, or I have a question!
It's best to ask on [IRC](https://webchat.freenode.net/?channels=#mgmtconfig)
to see if someone can help you. Once we get a big enough community going, we'll
add a mailing list. If you don't get any response from the above, you can
contact me through my [technical blog](https://ttboj.wordpress.com/contact/)
and I'll do my best to help. If you have a good question, please add it as a
patch to this documentation. I'll merge your question, and add a patch with the
answer!
## Reference
Please note that there are a number of undocumented options. For more
information on these options, please view the source at:
@@ -635,7 +377,7 @@ To report any bugs, please file a ticket at: [https://github.com/purpleidea/mgmt
## Authors
Copyright (C) 2013-2017+ James Shubin and the project contributors
Copyright (C) 2013-2018+ James Shubin and the project contributors
Please see the
[AUTHORS](https://github.com/purpleidea/mgmt/tree/master/AUTHORS) file

87
docs/faq.md Normal file
View File

@@ -0,0 +1,87 @@
# Frequently asked questions
(Send your questions as a patch to this FAQ! I'll review it, merge it, and
respond by commit with the answer.)
### Why did you start this project?
I wanted a next generation config management solution that didn't have all of
the design flaws or limitations that the current generation of tools do, and no
tool existed!
### Why did you use etcd? What about consul?
Etcd and consul are both written in golang, which made them the top two
contenders for my prototype. Ultimately a choice had to be made, and etcd was
chosen, but it was also somewhat arbitrary. If there is available interest,
good reasoning, *and* patches, then we would consider either switching or
supporting both, but this is not a high priority at this time.
### Can I use an existing etcd cluster instead of the automatic embedded servers?
Yes, it's possible to use an existing etcd cluster instead of the automatic,
elastic embedded etcd servers. To do so, simply point to the cluster with the
`--seeds` variable, the same way you would if you were seeding a new member to
an existing mgmt cluster.
The downside to this approach is that you won't benefit from the automatic
elastic nature of the embedded etcd servers, and that you're responsible if you
accidentally break your etcd cluster, or if you use an unsupported version.
### What does the error message about an inconsistent dataDir mean?
If you get an error message similar to:
```
Etcd: Connect: CtxError...
Etcd: CtxError: Reason: CtxDelayErr(5s): No endpoints available yet!
Etcd: Connect: Endpoints: []
Etcd: The dataDir (/var/lib/mgmt/etcd) might be inconsistent or corrupt.
```
This happens when there are a series of fatal connect errors in a row. This can
happen when you start `mgmt` using a dataDir that doesn't correspond to the
current cluster view. As a result, the embedded etcd server never finishes
starting up, and as a result, a default endpoint never gets added. The solution
is to either reconcile the mistake, and if there is no important data saved, you
can remove the etcd dataDir. This is typically `/var/lib/mgmt/etcd/member/`.
### Why do resources have both a `Compare` method and an `IFF` (on the UID) method?
The `Compare()` methods are for determining if two resources are effectively the
same, which is used to make graph change delta's efficient. This is when we want
to change from the current running graph to a new graph, but preserve the common
vertices. Since we want to make this process efficient, we only update the parts
that are different, and leave everything else alone. This `Compare()` method can
tell us if two resources are the same.
The `IFF()` method is part of the whole UID system, which is for discerning if a
resource meets the requirements another expects for an automatic edge. This is
because the automatic edge system assumes a unified UID pattern to test for
equality. In the future it might be helpful or sane to merge the two similar
comparison functions although for now they are separate because they are
actually answer different questions.
### Does this support Windows? OSX? GNU Hurd?
Mgmt probably works best on Linux, because that's what most developers use for
serious automation workloads. Support for non-Linux operating systems isn't a
high priority of mine, but we're happy to accept patches for missing features
or resources that you think would make sense on your favourite platform.
### Did you know that there is a band named `MGMT`?
I didn't realize this when naming the project, and it is accidental. After much
anguishing, I chose the name because it was short and I thought it was
appropriately descriptive. If you need a less ambiguous search term or phrase,
you can try using `mgmtconfig` or `mgmt config`.
### You didn't answer my question, or I have a question!
It's best to ask on [IRC](https://webchat.freenode.net/?channels=#mgmtconfig)
to see if someone can help you. Once we get a big enough community going, we'll
add a mailing list. If you don't get any response from the above, you can
contact me through my [technical blog](https://ttboj.wordpress.com/contact/)
and I'll do my best to help. If you have a good question, please add it as a
patch to this documentation. I'll merge your question, and add a patch with the
answer!

36
docs/on-the-web.md Normal file
View File

@@ -0,0 +1,36 @@
# On the web
Here is a list of places mgmt has appeared on the web. Feel free to send a patch
if we missed something that you think is relevant!
## Links
| Author | Format | Subject |
|---|---|---|
| James Shubin | blog | [Next generation configuration mgmt](https://ttboj.wordpress.com/2016/01/18/next-generation-configuration-mgmt/) |
| James Shubin | video | [Introductory recording from DevConf.cz 2016](https://www.youtube.com/watch?v=GVhpPF0j-iE&html5=1) |
| James Shubin | video | [Introductory recording from CfgMgmtCamp.eu 2016](https://www.youtube.com/watch?v=fNeooSiIRnA&html5=1) |
| Julian Dunn | video | [On mgmt at CfgMgmtCamp.eu 2016](https://www.youtube.com/watch?v=kfF9IATUask&t=1949&html5=1) |
| Walter Heck | slides | [On mgmt at CfgMgmtCamp.eu 2016](http://www.slideshare.net/olindata/configuration-management-time-for-a-4th-generation/3) |
| Marco Marongiu | blog | [On mgmt](http://syslog.me/2016/02/15/leap-or-die/) |
| Felix Frank | blog | [From Catalog To Mgmt (on puppet to mgmt "transpiling")](https://ffrank.github.io/features/2016/02/18/from-catalog-to-mgmt/) |
| James Shubin | blog | [Automatic edges in mgmt (...and the pkg resource)](https://ttboj.wordpress.com/2016/03/14/automatic-edges-in-mgmt/) |
| James Shubin | blog | [Automatic grouping in mgmt](https://ttboj.wordpress.com/2016/03/30/automatic-grouping-in-mgmt/) |
| John Arundel | tweet | [“Puppets days are numbered.”](https://twitter.com/bitfield/status/732157519142002688) |
| Felix Frank | blog | [Puppet, Meet Mgmt (on puppet to mgmt internals)](https://ffrank.github.io/features/2016/06/12/puppet,-meet-mgmt/) |
| Felix Frank | blog | [Puppet Powered Mgmt (puppet to mgmt tl;dr)](https://ffrank.github.io/features/2016/06/19/puppet-powered-mgmt/) |
| James Shubin | blog | [Automatic clustering in mgmt](https://ttboj.wordpress.com/2016/06/20/automatic-clustering-in-mgmt/) |
| James Shubin | video | [Recording from CoreOSFest 2016](https://www.youtube.com/watch?v=KVmDCUA42wc&html5=1) |
| James Shubin | video | [Recording from DebConf16](http://meetings-archive.debian.net/pub/debian-meetings/2016/debconf16/Next_Generation_Config_Mgmt.webm) ([Slides](https://annex.debconf.org//debconf-share/debconf16/slides/15-next-generation-config-mgmt.pdf)) |
| Felix Frank | blog | [Edging It All In (puppet and mgmt edges)](https://ffrank.github.io/features/2016/07/12/edging-it-all-in/) |
| Felix Frank | blog | [Translating All The Things (puppet to mgmt translation warnings)](https://ffrank.github.io/features/2016/08/19/translating-all-the-things/) |
| James Shubin | video | [Recording from systemd.conf 2016](https://www.youtube.com/watch?v=jB992Zb3nH0&html5=1) |
| James Shubin | blog | [Remote execution in mgmt](https://ttboj.wordpress.com/2016/10/07/remote-execution-in-mgmt/) |
| James Shubin | video | [Recording from High Load Strategy 2016](https://vimeo.com/191493409) |
| James Shubin | video | [Recording from NLUUG 2016](https://www.youtube.com/watch?v=MmpwOQAb_SE&html5=1) |
| James Shubin | blog | [Send/Recv in mgmt](https://ttboj.wordpress.com/2016/12/07/sendrecv-in-mgmt/) |
| Julien Pivotto | blog | [Augeas resource for mgmt](https://roidelapluie.be/blog/2017/02/14/mgmt-augeas/) |
| James Shubin | blog | [Metaparameters in mgmt](https://ttboj.wordpress.com/2017/03/01/metaparameters-in-mgmt/) |
| James Shubin | video | [Recording from Incontro DevOps 2017](https://vimeo.com/212241877) |
| Yves Brissaud | blog | [mgmt aux HumanTalks Grenoble (french)](http://log.winsos.net/2017/04/12/mgmt-aux-human-talks-grenoble.html) |
| James Shubin | video | [Recording from OSDC Berlin 2017](https://www.youtube.com/watch?v=LkEtBVLfygE&html5=1) |
| Jonathan Gold | blog | [AWS:EC2 in mgmt](http://jonathangold.ca/awsec2-in-mgmt/) |

4
docs/prometheus.md
View File

@@ -30,7 +30,7 @@ Here is a list of the metrics we provide:
- `mgmt_resources_total`: The number of resources that mgmt is managing
- `mgmt_checkapply_total`: The number of CheckApply's that mgmt has run
- `mgmt_failures_total`: The number of resources that have failed
- `mgmt_failures_current`: The number of resources that have failed
- `mgmt_failures`: The number of resources that have failed
- `mgmt_graph_start_time_seconds`: Start time of the current graph since unix epoch in seconds
For each metric, you will get some extra labels:
@@ -63,4 +63,4 @@ We do not have grafana dashboards yet. Patches welcome!
[pgc]: https://github.com/prometheus/client_golang/blob/master/prometheus/go_collector.go
[etcdm]: https://coreos.com/etcd/docs/latest/metrics.html
[pd]: https://github.com/prometheus/prometheus/wiki/Default-port-allocation
[pd]: https://github.com/prometheus/prometheus/wiki/Default-port-allocations

127
docs/quick-start-guide.md
View File

@@ -2,66 +2,22 @@
## Introduction
This guide is intended for developers. Once `mgmt` is minimally viable, we'll
publish a quick start guide for users too. In the meantime, please contribute!
If you're brand new to `mgmt`, it's probably a good idea to start by reading the
publish a quick start guide for users too. If you're brand new to `mgmt`, it's
probably a good idea to start by reading the
[introductory article](https://ttboj.wordpress.com/2016/01/18/next-generation-configuration-mgmt/)
or to watch an [introductory video](https://github.com/purpleidea/mgmt/#on-the-web).
or to watch an [introductory video](https://www.youtube.com/watch?v=LkEtBVLfygE&html5=1).
Once you're familiar with the general idea, please start hacking...
## Vagrant
If you would like to avoid doing the following steps manually, we have prepared
a [Vagrant](https://www.vagrantup.com/) environment for your convenience. From
the project directory, run a `vagrant up`, and then a `vagrant status`. From
there, you can `vagrant ssh` into the `mgmt` machine. The MOTD will explain the
rest.
## Dependencies
Software projects have a few different kinds of dependencies. There are _build_
dependencies, _runtime_ dependencies, and additionally, a few extra dependencies
required for running the _test_ suite.
### Build
* `golang` 1.8 or higher (required, available in some distros and distributed
as a binary officially by [golang.org](https://golang.org/dl/))
* golang libraries (required, available with `go get ./...`) a partial list includes:
```
github.com/coreos/etcd/client
gopkg.in/yaml.v2
gopkg.in/fsnotify.v1
github.com/urfave/cli
github.com/coreos/go-systemd/dbus
github.com/coreos/go-systemd/util
github.com/libvirt/libvirt-go
```
* `stringer` (optional), available as a package on some platforms, otherwise via `go get`
```
golang.org/x/tools/cmd/stringer
```
* `pandoc` (optional), for building a pdf of the documentation
### Runtime
A relatively modern GNU/Linux system should be able to run `mgmt` without any
problems. Since `mgmt` runs as a single statically compiled binary, all of the
library dependencies are included. It is expected, that certain advanced
resources require host specific facilities to work. These requirements are
listed below:
| Resource | Dependency | Version |
|----------|-------------------|---------|
| file | inotify | ? |
| hostname | systemd-hostnamed | ? |
| nspawn | systemd-nspawn | ? |
| pkg | packagekitd | ? |
| svc | systemd | ? |
| virt | libvirtd | ? |
For building a visual representation of the graph, `graphviz` is required.
### Testing
* golint `github.com/golang/lint/golint`
## Quick start
* Make sure you have golang version 1.8 or greater installed.
### Installing golang
* You need golang version 1.8 or greater installed.
** To install on rpm style systems: `sudo dnf install golang`
** To install on apt style systems: `sudo apt install golang`
* You can run `go version` to check the golang version.
* If your distro is tool old, you may need to [download](https://golang.org/dl/) a newer golang version.
### Setting up golang
* If you do not have a GOPATH yet, create one and export it:
```
mkdir $HOME/gopath
@@ -69,7 +25,9 @@ export GOPATH=$HOME/gopath
```
* You might also want to add the GOPATH to your `~/.bashrc` or `~/.profile`.
* For more information you can read the [GOPATH documentation](https://golang.org/cmd/go/#hdr-GOPATH_environment_variable).
* Next download the mgmt code base, and switch to that directory:
### Getting the mgmt code and dependencies
* Download the `mgmt` code into the GOPATH, and switch to that directory:
```
mkdir -p $GOPATH/src/github.com/purpleidea/
cd $GOPATH/src/github.com/purpleidea/
@@ -78,15 +36,64 @@ cd $GOPATH/src/github.com/purpleidea/mgmt
```
* Run `make deps` to install system and golang dependencies. Take a look at `misc/make-deps.sh` for details.
* Run `make build` to get a freshly built `mgmt` binary.
### Running mgmt
* Run `time ./mgmt run --yaml examples/graph0.yaml --converged-timeout=5 --tmp-prefix` to try out a very simple example!
* To run continuously in the default mode of operation, omit the `--converged-timeout` option.
* Have fun hacking on our future technology!
* Look in that example file that you ran to see if you can figure out what it did!
* The yaml frontend is provided as a developer tool to test the engine until the language is ready.
* Have fun hacking on our future technology and get involved to shape the project!
## Examples
Please look in the [examples/](../examples/) folder for some examples!
Please look in the [examples/](../examples/) folder for some more examples!
## Installation
## Vagrant
If you would like to avoid doing the above steps manually, we have prepared a
[Vagrant](https://www.vagrantup.com/) environment for your convenience. From the
project directory, run a `vagrant up`, and then a `vagrant status`. From there,
you can `vagrant ssh` into the `mgmt` machine. The MOTD will explain the rest.
## Information about dependencies
Software projects have a few different kinds of dependencies. There are _build_
dependencies, _runtime_ dependencies, and additionally, a few extra dependencies
required for running the _test_ suite.
### Build
* `golang` 1.8 or higher (required, available in some distros and distributed
as a binary officially by [golang.org](https://golang.org/dl/))
### Runtime
A relatively modern GNU/Linux system should be able to run `mgmt` without any
problems. Since `mgmt` runs as a single statically compiled binary, all of the
library dependencies are included. It is expected, that certain advanced
resources require host specific facilities to work. These requirements are
listed below:
| Resource | Dependency | Version | Check version with |
|----------|-------------------|-----------------------------|-----------------------------------------------------------|
| augeas | augeas-devel | `augeas 1.6` or greater | `dnf info augeas-devel` or `apt-cache show libaugeas-dev` |
| file | inotify | `Linux 2.6.27` or greater | `uname -a` |
| hostname | systemd-hostnamed | `systemd 25` or greater | `systemctl --version` |
| nspawn | systemd-nspawn | `systemd ???` or greater | `systemctl --version` |
| pkg | packagekitd | `packagekit 1.x` or greater | `pkcon --version` |
| svc | systemd | `systemd ???` or greater | `systemctl --version` |
| virt | libvirt-devel | `libvirt 1.2.0` or greater | `dnf info libvirt-devel` or `apt-cache show libvirt-dev` |
| virt | libvirtd | `libvirt 1.2.0` or greater | `libvirtd --version` |
For building a visual representation of the graph, `graphviz` is required.
To build `mgmt` without augeas support please run:
`GOTAGS='noaugeas' make build`
To build `mgmt` without libvirt support please run:
`GOTAGS='novirt' make build`
To build `mgmt` without augeas or libvirt support please run:
`GOTAGS='noaugeas novirt' make build`
## Binary Package Installation
Installation of `mgmt` from distribution packages currently needs improvement.
They are not always up-to-date with git master and as such are not recommended.
At the moment we have:
* [COPR](https://copr.fedoraproject.org/coprs/purpleidea/mgmt/)
* [Arch](https://aur.archlinux.org/packages/mgmt/)

169
docs/resources.md Normal file
View File

@@ -0,0 +1,169 @@
# Resources
Here we list all the built-in resources and their properties. The resource
primitives in `mgmt` are typically more powerful than resources in other
configuration management systems because they can be event based which lets them
respond in real-time to converge to the desired state. This property allows you
to build more complex resources that you probably hadn't considered in the past.
In addition to the resource specific properties, there are resource properties
(otherwise known as parameters) which can apply to every resource. These are
called [meta parameters](documentation.md#meta-parameters) and are listed
separately. Certain meta parameters aren't very useful when combined with
certain resources, but in general, it should be fairly obvious, such as when
combining the `noop` meta parameter with the [Noop](#Noop) resource.
You might want to look at the [generated documentation](https://godoc.org/github.com/purpleidea/mgmt/resources)
for more up-to-date information about these resources.
* [Augeas](#Augeas): Manipulate files using augeas.
* [Exec](#Exec): Execute shell commands on the system.
* [File](#File): Manage files and directories.
* [Hostname](#Hostname): Manages the hostname on the system.
* [KV](#KV): Set a key value pair in our shared world database.
* [Msg](#Msg): Send log messages.
* [Noop](#Noop): A simple resource that does nothing.
* [Nspawn](#Nspawn): Manage systemd-machined nspawn containers.
* [Password](#Password): Create random password strings.
* [Pkg](#Pkg): Manage system packages with PackageKit.
* [Svc](#Svc): Manage system systemd services.
* [Timer](#Timer): Manage system systemd services.
* [Virt](#Virt): Manage virtual machines with libvirt.
## Augeas
The augeas resource uses [augeas](http://augeas.net/) commands to manipulate
files.
## Exec
The exec resource can execute commands on your system.
## File
The file resource manages files and directories. In `mgmt`, directories are
identified by a trailing slash in their path name. File have no such slash.
It has the following properties:
- `path`: file path (directories have a trailing slash here)
- `content`: raw file content
- `state`: either `exists` (the default value) or `absent`
- `mode`: octal unix file permissions
- `owner`: username or uid for the file owner
- `group`: group name or gid for the file group
### Path
The path property specifies the file or directory that we are managing.
### Content
The content property is a string that specifies the desired file contents.
### Source
The source property points to a source file or directory path that we wish to
copy over and use as the desired contents for our resource.
### State
The state property describes the action we'd like to apply for the resource. The
possible values are: `exists` and `absent`.
### Recurse
The recurse property limits whether file resource operations should recurse into
and monitor directory contents with a depth greater than one.
### Force
The force property is required if we want the file resource to be able to change
a file into a directory or vice-versa. If such a change is needed, but the force
property is not set to `true`, then this file resource will error.
## Hostname
The hostname resource manages static, transient/dynamic and pretty hostnames
on the system and watches them for changes.
### static_hostname
The static hostname is the one configured in /etc/hostname or a similar
file.
It is chosen by the local user. It is not always in sync with the current
host name as returned by the gethostname() system call.
### transient_hostname
The transient / dynamic hostname is the one configured via the kernel's
sethostbyname().
It can be different from the static hostname in case DHCP or mDNS have been
configured to change the name based on network information.
### pretty_hostname
The pretty hostname is a free-form UTF8 host name for presentation to the user.
### hostname
Hostname is the fallback value for all 3 fields above, if only `hostname` is
specified, it will set all 3 fields to this value.
## KV
The KV resource sets a key and value pair in the global world database. This is
quite useful for setting a flag after a number of resources have run. It will
ignore database updates to the value that are greater in compare order than the
requested key if the `SkipLessThan` parameter is set to true. If we receive a
refresh, then the stored value will be reset to the requested value even if the
stored value is greater.
### Key
The string key used to store the key.
### Value
The string value to set. This can also be set via Send/Recv.
### SkipLessThan
If this parameter is set to `true`, then it will ignore updating the value as
long as the database versions are greater than the requested value. The compare
operation used is based on the `SkipCmpStyle` parameter.
### SkipCmpStyle
By default this converts the string values to integers and compares them as you
would expect.
## Msg
The msg resource sends messages to the main log, or an external service such
as systemd's journal.
## Noop
The noop resource does absolutely nothing. It does have some utility in testing
`mgmt` and also as a placeholder in the resource graph.
## Nspawn
The nspawn resource is used to manage systemd-machined style containers.
## Password
The password resource can generate a random string to be used as a password. It
will re-generate the password if it receives a refresh notification.
## Pkg
The pkg resource is used to manage system packages. This resource works on many
different distributions because it uses the underlying packagekit facility which
supports different backends for different environments. This ensures that we
have great Debian (deb/dpkg) and Fedora (rpm/dnf) support simultaneously.
## Svc
The service resource is still very WIP. Please help us my improving it!
## Timer
This resource needs better documentation. Please help us my improving it!
## Virt
The virt resource can manage virtual machines via libvirt.

64
etcd/etcd.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify
@@ -176,12 +176,14 @@ type EmbdEtcd struct { // EMBeddeD etcd
exitchan chan struct{}
exitTimeout <-chan time.Time
hostname string
memberID uint64 // cluster membership id of server if running
endpoints etcdtypes.URLsMap // map of servers a client could connect to
clientURLs etcdtypes.URLs // locations to listen for clients if i am a server
serverURLs etcdtypes.URLs // locations to listen for servers if i am a server (peer)
noServer bool // disable all server peering if true
hostname string
memberID uint64 // cluster membership id of server if running
endpoints etcdtypes.URLsMap // map of servers a client could connect to
clientURLs etcdtypes.URLs // locations to listen for clients if i am a server
serverURLs etcdtypes.URLs // locations to listen for servers if i am a server (peer)
advertiseClientURLs etcdtypes.URLs // client urls to advertise
advertiseServerURLs etcdtypes.URLs // server urls to advertise
noServer bool // disable all server peering if true
// local tracked state
nominated etcdtypes.URLsMap // copy of who's nominated to locally track state
@@ -208,7 +210,7 @@ type EmbdEtcd struct { // EMBeddeD etcd
}
// NewEmbdEtcd creates the top level embedded etcd struct client and server obj.
func NewEmbdEtcd(hostname string, seeds, clientURLs, serverURLs etcdtypes.URLs, noServer bool, idealClusterSize uint16, flags Flags, prefix string, converger converger.Converger) *EmbdEtcd {
func NewEmbdEtcd(hostname string, seeds, clientURLs, serverURLs, advertiseClientURLs, advertiseServerURLs etcdtypes.URLs, noServer bool, idealClusterSize uint16, flags Flags, prefix string, converger converger.Converger) *EmbdEtcd {
endpoints := make(etcdtypes.URLsMap)
if hostname == seedSentinel { // safety
return nil
@@ -229,11 +231,13 @@ func NewEmbdEtcd(hostname string, seeds, clientURLs, serverURLs etcdtypes.URLs,
nominated: make(etcdtypes.URLsMap),
hostname: hostname,
endpoints: endpoints,
clientURLs: clientURLs,
serverURLs: serverURLs,
noServer: noServer,
hostname: hostname,
endpoints: endpoints,
clientURLs: clientURLs,
serverURLs: serverURLs,
advertiseClientURLs: advertiseClientURLs,
advertiseServerURLs: advertiseServerURLs,
noServer: noServer,
idealClusterSize: idealClusterSize,
converger: converger,
@@ -396,9 +400,13 @@ func (obj *EmbdEtcd) Startup() error {
// if i am alone and will have to be a server...
if !obj.noServer && bootstrapping {
log.Printf("Etcd: Bootstrapping...")
surls := obj.serverURLs
if len(obj.advertiseServerURLs) > 0 {
surls = obj.advertiseServerURLs
}
// give an initial value to the obj.nominate map we keep in sync
// this emulates Nominate(obj, obj.hostname, obj.serverURLs)
obj.nominated[obj.hostname] = obj.serverURLs // initial value
obj.nominated[obj.hostname] = surls // initial value
// NOTE: when we are stuck waiting for the server to start up,
// it is probably happening on this call right here...
obj.nominateCallback(nil) // kick this off once
@@ -407,8 +415,12 @@ func (obj *EmbdEtcd) Startup() error {
// self volunteer
if !obj.noServer && len(obj.serverURLs) > 0 {
// we run this in a go routine because it blocks waiting for server
surls := obj.serverURLs
if len(obj.advertiseServerURLs) > 0 {
surls = obj.advertiseServerURLs
}
log.Printf("Etcd: Startup: Volunteering...")
go Volunteer(obj, obj.serverURLs)
go Volunteer(obj, surls)
}
if bootstrapping {
@@ -1436,14 +1448,21 @@ func (obj *EmbdEtcd) nominateCallback(re *RE) error {
// client connects to one of the obj.endpoints servers...
log.Printf("Etcd: Addresses are: %s", addresses)
surls := obj.serverURLs
if len(obj.advertiseServerURLs) > 0 {
surls = obj.advertiseServerURLs
}
// XXX: just put this wherever for now so we don't block
// nominate self so "member" list is correct for peers to see
Nominate(obj, obj.hostname, obj.serverURLs)
Nominate(obj, obj.hostname, surls)
// XXX: if this fails, where will we retry this part ?
}
// advertise client urls
if curls := obj.clientURLs; len(curls) > 0 {
if len(obj.advertiseClientURLs) > 0 {
curls = obj.advertiseClientURLs
}
// XXX: don't advertise local addresses! 127.0.0.1:2381 doesn't really help remote hosts
// XXX: but sometimes this is what we want... hmmm how do we decide? filter on callback?
AdvertiseEndpoints(obj, curls)
@@ -1647,14 +1666,23 @@ func (obj *EmbdEtcd) StartServer(newCluster bool, peerURLsMap etcdtypes.URLsMap)
initialPeerURLsMap[memberName] = peerURLs
}
aCUrls := obj.clientURLs
if len(obj.advertiseClientURLs) > 0 {
aCUrls = obj.advertiseClientURLs
}
aPUrls := peerURLs
if len(obj.advertiseServerURLs) > 0 {
aPUrls = obj.advertiseServerURLs
}
// embed etcd
cfg := embed.NewConfig()
cfg.Name = memberName // hostname
cfg.Dir = obj.dataDir
cfg.ACUrls = obj.clientURLs
cfg.APUrls = peerURLs
cfg.LCUrls = obj.clientURLs
cfg.LPUrls = peerURLs
cfg.ACUrls = aCUrls
cfg.APUrls = aPUrls
cfg.StrictReconfigCheck = false // XXX: workaround https://github.com/coreos/etcd/issues/6305
cfg.InitialCluster = initialPeerURLsMap.String() // including myself!

2
etcd/methods.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
etcd/resources.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
etcd/str.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
etcd/strmap.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
etcd/world.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
event/event.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
examples/autoedges1.yaml
View File

@@ -13,7 +13,5 @@ resources:
meta:
autoedge: true
path: "/tmp/foo/"
content: |
i am f2
state: exists
edges: []

21
examples/autoedges5.yaml Normal file
View File

@@ -0,0 +1,21 @@
---
graph: mygraph
resources:
pkg:
- name: httpd
meta:
autoedge: true
noop: true
state: installed
exec:
- name: pkg10
cmd: /usr/bin/apachectl status
shell: ''
timeout: 0
watchcmd: ''
watchshell: ''
ifcmd: ''
ifshell: ''
pollint: 0
state: present
edges: []

52
examples/longpoll/redirect-client.go Normal file
View File

@@ -0,0 +1,52 @@
// This is an example longpoll client. The connection to the corresponding
// server initiates a request on a "Watch". It then waits until a redirect is
// received from the server which indicates that the watch is ready. To signal
// than an event on this watch has occurred, the server sends a final message.
package main
import (
"bytes"
"fmt"
"io/ioutil"
"log"
"math/rand"
"net/http"
"time"
)
const (
timeout = 15
)
func main() {
log.Printf("Starting...")
checkRedirectFunc := func(req *http.Request, via []*http.Request) error {
log.Printf("Watch is ready!")
return nil
}
client := &http.Client{
Timeout: time.Duration(timeout) * time.Second,
CheckRedirect: checkRedirectFunc,
}
id := rand.Intn(2 ^ 32 - 1)
body := bytes.NewBufferString("hello")
url := fmt.Sprintf("http://127.0.0.1:12345/watch?id=%d", id)
req, err := http.NewRequest("GET", url, body)
if err != nil {
log.Printf("err: %+v", err)
return
}
result, err := client.Do(req)
if err != nil {
log.Printf("err: %+v", err)
return
}
log.Printf("Event received: %+v", result)
s, err := ioutil.ReadAll(result.Body) // TODO: apparently we can stream
result.Body.Close()
log.Printf("Response: %+v", string(s))
}

56
examples/longpoll/redirect-server.go Normal file
View File

@@ -0,0 +1,56 @@
// This is an example longpoll server. On client connection it starts a "Watch",
// and notifies the client with a redirect when that watch is ready. This is
// important to avoid a possible race between when the client believes the watch
// is actually ready, and when the server actually is watching.
package main
import (
"fmt"
"io"
"log"
"math/rand"
"net/http"
"time"
)
// you can use `wget http://127.0.0.1:12345/hello -O /dev/null`
// or `go run client.go`
const (
addr = ":12345"
)
// WatchStart kicks off the initial watch and then redirects the client to
// notify them that we're ready. The watch operation here is simulated.
func WatchStart(w http.ResponseWriter, req *http.Request) {
log.Printf("Start received...")
time.Sleep(time.Duration(5) * time.Second) // 5 seconds to get ready and start *our* watch ;)
//started := time.Now().UnixNano() // time since watch is "started"
log.Printf("URL: %+v", req.URL)
token := fmt.Sprintf("%d", rand.Intn(2^32-1))
http.Redirect(w, req, fmt.Sprintf("/ready?token=%s", token), http.StatusSeeOther) // TODO: which code should we use ?
log.Printf("Redirect sent!")
}
// WatchReady receives the client connection when it has been notified that the
// watch has started, and it returns to signal that an event on the watch
// occurred. The event operation here is simulated.
func WatchReady(w http.ResponseWriter, req *http.Request) {
log.Printf("Ready received")
log.Printf("URL: %+v", req.URL)
//time.Sleep(time.Duration(10) * time.Second)
time.Sleep(time.Duration(rand.Intn(10)) * time.Second) // wait until an "event" happens
io.WriteString(w, "Event happened!\n")
log.Printf("Event sent")
}
func main() {
log.Printf("Starting...")
//rand.Seed(time.Now().UTC().UnixNano())
http.HandleFunc("/watch", WatchStart)
http.HandleFunc("/ready", WatchReady)
log.Printf("Listening on %s", addr)
log.Fatal(http.ListenAndServe(addr, nil))
}

2
gapi/gapi.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
hcl/gapi.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
hcl/parse.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
hil/interpolate.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

46
lib/cli.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify
@@ -24,6 +24,7 @@ import (
"os/signal"
"syscall"
"github.com/purpleidea/mgmt/bindata"
"github.com/purpleidea/mgmt/hcl"
"github.com/purpleidea/mgmt/puppet"
"github.com/purpleidea/mgmt/yamlgraph"
@@ -114,6 +115,8 @@ func run(c *cli.Context) error {
obj.Seeds = c.StringSlice("seeds")
obj.ClientURLs = c.StringSlice("client-urls")
obj.ServerURLs = c.StringSlice("server-urls")
obj.AdvertiseClientURLs = c.StringSlice("advertise-client-urls")
obj.AdvertiseServerURLs = c.StringSlice("advertise-server-urls")
obj.IdealClusterSize = c.Int("ideal-cluster-size")
obj.NoServer = c.Bool("no-server")
@@ -186,7 +189,32 @@ func CLI(program, version string, flags Flags) error {
app.Metadata = map[string]interface{}{ // additional flags
"flags": flags,
}
//app.Action = ... // without a default action, help runs
// if no app.Command is specified
app.Action = func(c *cli.Context) error {
// print the license
if c.Bool("license") {
license, err := bindata.Asset("../COPYING") // use go-bindata to get the bytes
if err != nil {
return err
}
fmt.Printf("%s", license)
return nil
}
// print help if no flags are set
cli.ShowAppHelp(c)
return nil
}
// global flags
app.Flags = []cli.Flag{
cli.BoolFlag{
Name: "license",
Usage: "prints the software license",
},
}
app.Commands = []cli.Command{
{
@@ -318,6 +346,20 @@ func CLI(program, version string, flags Flags) error {
Usage: "list of URLs to listen on for server (peer) traffic",
EnvVar: "MGMT_SERVER_URLS",
},
// port 2379 and 4001 are common
cli.StringSliceFlag{
Name: "advertise-client-urls",
Value: &cli.StringSlice{},
Usage: "list of URLs to listen on for client traffic",
EnvVar: "MGMT_ADVERTISE_CLIENT_URLS",
},
// port 2380 and 7001 are common
cli.StringSliceFlag{
Name: "advertise-server-urls, advertise-peer-urls",
Value: &cli.StringSlice{},
Usage: "list of URLs to listen on for server (peer) traffic",
EnvVar: "MGMT_ADVERTISE_SERVER_URLS",
},
cli.IntFlag{
Name: "ideal-cluster-size",
Value: -1,

42
lib/main.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify
@@ -76,11 +76,13 @@ type Main struct {
ConvergedTimeout int // exit after approximately this many seconds in a converged state; -1 to disable
MaxRuntime uint // exit after a maximum of approximately this many seconds
Seeds []string // default etc client endpoint
ClientURLs []string // list of URLs to listen on for client traffic
ServerURLs []string // list of URLs to listen on for server (peer) traffic
IdealClusterSize int // ideal number of server peers in cluster; only read by initial server
NoServer bool // do not let other servers peer with me
Seeds []string // default etc client endpoint
ClientURLs []string // list of URLs to listen on for client traffic
ServerURLs []string // list of URLs to listen on for server (peer) traffic
AdvertiseClientURLs []string // list of URLs to advertise for client traffic
AdvertiseServerURLs []string // list of URLs to advertise for server (peer) traffic
IdealClusterSize int // ideal number of server peers in cluster; only read by initial server
NoServer bool // do not let other servers peer with me
CConns uint16 // number of maximum concurrent remote ssh connections to run, 0 for unlimited
AllowInteractive bool // allow interactive prompting, such as for remote passwords
@@ -88,10 +90,12 @@ type Main struct {
NoCaching bool // don't allow remote caching of remote execution binary
Depth uint16 // depth in remote hierarchy; for internal use only
seeds etcdtypes.URLs // processed seeds value
clientURLs etcdtypes.URLs // processed client urls value
serverURLs etcdtypes.URLs // processed server urls value
idealClusterSize uint16 // processed ideal cluster size value
seeds etcdtypes.URLs // processed seeds value
clientURLs etcdtypes.URLs // processed client urls value
serverURLs etcdtypes.URLs // processed server urls value
advertiseClientURLs etcdtypes.URLs // processed advertise client urls value
advertiseServerURLs etcdtypes.URLs // processed advertise server urls value
idealClusterSize uint16 // processed ideal cluster size value
NoPgp bool // disallow pgp functionality
PgpKeyPath *string // import a pre-made key pair
@@ -173,6 +177,18 @@ func (obj *Main) Init() error {
if err != nil && len(obj.ServerURLs) > 0 {
return fmt.Errorf("the ServerURLs didn't parse correctly")
}
obj.advertiseClientURLs, err = etcdtypes.NewURLs(
util.FlattenListWithSplit(obj.AdvertiseClientURLs, []string{",", ";", " "}),
)
if err != nil && len(obj.AdvertiseClientURLs) > 0 {
return fmt.Errorf("the AdvertiseClientURLs didn't parse correctly")
}
obj.advertiseServerURLs, err = etcdtypes.NewURLs(
util.FlattenListWithSplit(obj.AdvertiseServerURLs, []string{",", ";", " "}),
)
if err != nil && len(obj.AdvertiseServerURLs) > 0 {
return fmt.Errorf("the AdvertiseServerURLs didn't parse correctly")
}
obj.exit = make(chan error)
return nil
@@ -253,6 +269,10 @@ func (obj *Main) Run() error {
if err := prom.Start(); err != nil {
return errwrap.Wrapf(err, "can't start initiate Prometheus instance")
}
if err := prom.InitKindMetrics(resources.RegisteredResourcesNames()); err != nil {
return errwrap.Wrapf(err, "can't initialize kind-specific prometheus metrics")
}
}
if !obj.NoPgp {
@@ -330,6 +350,8 @@ func (obj *Main) Run() error {
obj.seeds,
obj.clientURLs,
obj.serverURLs,
obj.advertiseClientURLs,
obj.advertiseServerURLs,
obj.NoServer,
obj.idealClusterSize,
etcd.Flags{

2
main.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

5
misc/make-deps.sh
View File

@@ -78,7 +78,8 @@ ret=$?
if [[ $ret != 0 ]]; then
go get golang.org/x/tools/cmd/vet # add in `go vet` for travis
fi
go get golang.org/x/tools/cmd/stringer # for automatic stringer-ing
go get github.com/golang/lint/golint # for `golint`-ing
go get golang.org/x/tools/cmd/stringer # for automatic stringer-ing
go get github.com/jteeuwen/go-bindata/go-bindata # for compiling in non golang files
go get github.com/golang/lint/golint # for `golint`-ing
go get -u gopkg.in/alecthomas/gometalinter.v1 && mv "$(dirname $(which gometalinter.v1))/gometalinter.v1" "$(dirname $(which gometalinter.v1))/gometalinter" && gometalinter --install # bonus
cd "$XPWD" >/dev/null

2
pgp/pgp.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
pgraph/graphsync.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
pgraph/graphsync_test.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
pgraph/graphviz.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
pgraph/pgraph.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
pgraph/pgraph_test.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
pgraph/subgraph.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
pgraph/subgraph_test.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
pgraph/util_test.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

38
prometheus/prometheus.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify
@@ -16,7 +16,7 @@
// along with this program. If not, see <http://www.gnu.org/licenses/>.
// Package prometheus provides functions that are useful to control and manage
// the build-in prometheus instance.
// the built-in prometheus instance.
package prometheus
import (
@@ -149,6 +149,40 @@ func (obj *Prometheus) Stop() error {
return nil
}
// InitKindMetrics initialized prometheus counters. For each kind of
// resource checkApply counters are initialized with all the possible value.
func (obj *Prometheus) InitKindMetrics(kinds []string) error {
if obj == nil {
return nil // happens when mgmt is launched without --prometheus
}
bools := []bool{true, false}
for _, kind := range kinds {
for _, apply := range bools {
for _, eventful := range bools {
for _, errorful := range bools {
labels := prometheus.Labels{
"kind": kind,
"apply": strconv.FormatBool(apply),
"eventful": strconv.FormatBool(eventful),
"errorful": strconv.FormatBool(errorful),
}
obj.checkApplyTotal.With(labels)
}
}
}
obj.managedResources.With(prometheus.Labels{"kind": kind})
failures := []string{"soft", "hard"}
for _, f := range failures {
failLabels := prometheus.Labels{"kind": kind, "failure": f}
obj.failedResourcesTotal.With(failLabels)
obj.failedResources.With(failLabels)
}
}
return nil
}
// UpdateCheckApplyTotal refreshes the failing gauge by parsing the internal
// state map.
func (obj *Prometheus) UpdateCheckApplyTotal(kind string, apply, eventful, errorful bool) error {

75
prometheus/prometheus_test.go Normal file
View File

@@ -0,0 +1,75 @@
// Mgmt
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package prometheus
import (
"testing"
"github.com/prometheus/client_golang/prometheus"
)
// TestInitKindMetrics tests that we are initializing the Prometheus
// metrics correctly for all kind of resources.
func TestInitKindMetrics(t *testing.T) {
var prom Prometheus
prom.Init()
prom.InitKindMetrics([]string{"file", "exec"})
// Get a list of metrics collected by Prometheus.
// This is the only way to get Prometheus metrics
// without implicitly creating them.
gatherer := prometheus.DefaultGatherer
metrics, err := gatherer.Gather()
if err != nil {
t.Errorf("Error while gathering metrics: %s", err)
return
}
// expectedMetrics is a map: keys are metrics name and
// values are expected and actual count of metrics with
// that name.
expectedMetrics := map[string][2]int{
"mgmt_checkapply_total": {
16, 0,
},
"mgmt_failures_total": {
4, 0,
},
"mgmt_failures": {
4, 0,
},
"mgmt_resources": {
2, 0,
},
}
for _, metric := range metrics {
for name, count := range expectedMetrics {
if *metric.Name == name {
value := len(metric.Metric)
expectedMetrics[name] = [2]int{count[0], value}
}
}
}
for name, count := range expectedMetrics {
if count[1] != count[0] {
t.Errorf("%s: Expected %d metrics, got %d metrics", name, count[0], count[1])
}
}
}

2
puppet/gapi.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

23
puppet/puppet.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify
@@ -89,20 +89,21 @@ func runPuppetCommand(cmd *exec.Cmd) ([]byte, error) {
// ParseConfigFromPuppet takes a special puppet param string and config and
// returns the graph configuration structure.
func ParseConfigFromPuppet(puppetParam, puppetConf string) *yamlgraph.GraphConfig {
var puppetConfArg string
if puppetConf != "" {
puppetConfArg = "--config=" + puppetConf
var args []string
if puppetParam == "agent" {
args = []string{"mgmtgraph", "print"}
} else if strings.HasSuffix(puppetParam, ".pp") {
args = []string{"mgmtgraph", "print", "--manifest", puppetParam}
} else {
args = []string{"mgmtgraph", "print", "--code", puppetParam}
}
var cmd *exec.Cmd
if puppetParam == "agent" {
cmd = exec.Command("puppet", "mgmtgraph", "print", puppetConfArg)
} else if strings.HasSuffix(puppetParam, ".pp") {
cmd = exec.Command("puppet", "mgmtgraph", "print", puppetConfArg, "--manifest", puppetParam)
} else {
cmd = exec.Command("puppet", "mgmtgraph", "print", puppetConfArg, "--code", puppetParam)
if puppetConf != "" {
args = append(args, "--config="+puppetConf)
}
cmd := exec.Command("puppet", args...)
log.Println("Puppet: launching translator")
var config yamlgraph.GraphConfig

2
recwatch/configwatch.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
recwatch/flags.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
recwatch/recwatch.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
remote/remote.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/actions.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/augeas.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/augeas_disabled.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/autoedge.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/autogroup.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/autogroup_test.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

1482
resources/aws_ec2.go
View File

File diff suppressed because it is too large Load Diff

2
resources/edge.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

130
resources/exec.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify
@@ -23,6 +23,7 @@ import (
"fmt"
"log"
"os/exec"
"os/user"
"strings"
"sync"
"syscall"
@@ -46,6 +47,8 @@ type ExecRes struct {
WatchShell string `yaml:"watchshell"` // the (optional) shell to use to run the watch cmd
IfCmd string `yaml:"ifcmd"` // the if command to run
IfShell string `yaml:"ifshell"` // the (optional) shell to use to run the if cmd
User string `yaml:"user"` // the (optional) user to use to execute the command
Group string `yaml:"group"` // the (optional) group to use to execute the command
Output *string // all cmd output, read only, do not set!
Stdout *string // the cmd stdout, read only, do not set!
Stderr *string // the cmd stderr, read only, do not set!
@@ -66,6 +69,17 @@ func (obj *ExecRes) Validate() error {
return fmt.Errorf("command can't be empty")
}
// check that, if an user or a group is set, we're running as root
if obj.User != "" || obj.Group != "" {
currentUser, err := user.Current()
if err != nil {
return errwrap.Wrapf(err, "error looking up current user")
}
if currentUser.Uid != "0" {
return errwrap.Errorf("running as root is required if you want to use exec with a different user/group")
}
}
return obj.BaseRes.Validate()
}
@@ -121,6 +135,12 @@ func (obj *ExecRes) Watch() error {
Pgid: 0,
}
// if we have a user and group, use them
var err error
if cmd.SysProcAttr.Credential, err = obj.getCredential(); err != nil {
return errwrap.Wrapf(err, "error while setting credential")
}
cmdReader, err := cmd.StdoutPipe()
if err != nil {
return errwrap.Wrapf(err, "error creating StdoutPipe for Cmd")
@@ -208,6 +228,13 @@ func (obj *ExecRes) CheckApply(apply bool) (bool, error) {
Setpgid: true,
Pgid: 0,
}
// if we have an user and group, use them
var err error
if cmd.SysProcAttr.Credential, err = obj.getCredential(); err != nil {
return false, errwrap.Wrapf(err, "error while setting credential")
}
if err := cmd.Run(); err != nil {
// TODO: check exit value
return true, nil // don't run
@@ -245,6 +272,12 @@ func (obj *ExecRes) CheckApply(apply bool) (bool, error) {
Pgid: 0,
}
// if we have a user and group, use them
var err error
if cmd.SysProcAttr.Credential, err = obj.getCredential(); err != nil {
return false, errwrap.Wrapf(err, "error while setting credential")
}
var out splitWriter
out.Init()
// from the docs: "If Stdout and Stderr are the same writer, at most one
@@ -263,7 +296,6 @@ func (obj *ExecRes) CheckApply(apply bool) (bool, error) {
done := make(chan error)
go func() { done <- cmd.Wait() }()
var err error // error returned by cmd
select {
case e := <-done:
err = e // store
@@ -331,11 +363,39 @@ type ExecUID struct {
// TODO: add more elements here
}
// AutoEdges returns the AutoEdge interface. In this case no autoedges are used.
// ExecResAutoEdges holds the state of the auto edge generator.
type ExecResAutoEdges struct {
edges []ResUID
}
// Next returns the next automatic edge.
func (obj *ExecResAutoEdges) Next() []ResUID {
return obj.edges
}
// Test gets results of the earlier Next() call, & returns if we should continue!
func (obj *ExecResAutoEdges) Test(input []bool) bool {
return false // Never keep going
// TODO: We could return false if we find as many edges as the number of different path in cmdFiles()
}
// AutoEdges returns the AutoEdge interface. In this case the systemd units.
func (obj *ExecRes) AutoEdges() (AutoEdge, error) {
// TODO: parse as many exec params to look for auto edges, for example
// the path of the binary in the Cmd variable might be from in a pkg
return nil, nil
var data []ResUID
for _, x := range obj.cmdFiles() {
var reversed = true
data = append(data, &PkgFileUID{
BaseUID: BaseUID{
Name: obj.GetName(),
Kind: obj.GetKind(),
Reversed: &reversed,
},
path: x, // what matters
})
}
return &ExecResAutoEdges{
edges: data,
}, nil
}
// UIDs includes all params to make a unique identification of this object.
@@ -394,6 +454,12 @@ func (obj *ExecRes) Compare(r Res) bool {
if obj.IfShell != res.IfShell {
return false
}
if obj.User != res.User {
return false
}
if obj.Group != res.Group {
return false
}
return true
}
@@ -418,6 +484,37 @@ func (obj *ExecRes) UnmarshalYAML(unmarshal func(interface{}) error) error {
return nil
}
// getCredential returns the correct *syscall.Credential if an User and Group
// are set.
func (obj *ExecRes) getCredential() (*syscall.Credential, error) {
var uid, gid int
var err error
var currentUser *user.User
if currentUser, err = user.Current(); err != nil {
return nil, errwrap.Wrapf(err, "error looking up current user")
}
if currentUser.Uid != "0" {
// since we're not root, we've got nothing to do
return nil, nil
}
if obj.Group != "" {
gid, err = GetGID(obj.Group)
if err != nil {
return nil, errwrap.Wrapf(err, "error looking up gid for %s", obj.Group)
}
}
if obj.User != "" {
uid, err = GetUID(obj.User)
if err != nil {
return nil, errwrap.Wrapf(err, "error looking up uid for %s", obj.User)
}
}
return &syscall.Credential{Uid: uint32(uid), Gid: uint32(gid)}, nil
}
// splitWriter mimics what the ssh.CombinedOutput command does, but stores the
// the stdout and stderr separately. This is slightly tricky because we don't
// want the combined output to be interleaved incorrectly. It creates sub writer
@@ -485,3 +582,24 @@ func (w *wrapWriter) Write(p []byte) (int, error) {
func (w *wrapWriter) String() string {
return w.Buffer.String()
}
// cmdFiles returns all the potential files/commands this command might need.
func (obj *ExecRes) cmdFiles() []string {
var paths []string
if obj.Shell != "" {
paths = append(paths, obj.Shell)
} else if cmdSplit := strings.Fields(obj.Cmd); len(cmdSplit) > 0 {
paths = append(paths, cmdSplit[0])
}
if obj.WatchShell != "" {
paths = append(paths, obj.WatchShell)
} else if watchSplit := strings.Fields(obj.WatchCmd); len(watchSplit) > 0 {
paths = append(paths, watchSplit[0])
}
if obj.IfShell != "" {
paths = append(paths, obj.IfShell)
} else if ifSplit := strings.Fields(obj.IfCmd); len(ifSplit) > 0 {
paths = append(paths, ifSplit[0])
}
return paths
}

2
resources/exec_test.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

27
resources/file.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify
@@ -26,7 +26,6 @@ import (
"io/ioutil"
"log"
"os"
"os/user"
"path"
"path/filepath"
"strconv"
@@ -97,11 +96,11 @@ func (obj *FileRes) Validate() error {
}
}
if _, err := obj.uid(); obj.Owner != "" && err != nil {
if _, err := GetUID(obj.Owner); obj.Owner != "" && err != nil {
return err
}
if _, err := obj.gid(); obj.Group != "" && err != nil {
if _, err := GetGID(obj.Group); obj.Group != "" && err != nil {
return err
}
@@ -124,22 +123,6 @@ func (obj *FileRes) mode() (os.FileMode, error) {
return os.FileMode(m), nil
}
// uid returns the user id for the owner specified in the yaml file graph.
// Caller should first check obj.Owner is not empty
func (obj *FileRes) uid() (int, error) {
u2, err2 := user.LookupId(obj.Owner)
if err2 == nil {
return strconv.Atoi(u2.Uid)
}
u, err := user.Lookup(obj.Owner)
if err == nil {
return strconv.Atoi(u.Uid)
}
return -1, errwrap.Wrapf(err, "owner lookup error (%s)", obj.Owner)
}
// Init runs some startup code for this resource.
func (obj *FileRes) Init() error {
obj.sha256sum = ""
@@ -767,7 +750,7 @@ func (obj *FileRes) chownCheckApply(apply bool) (checkOK bool, _ error) {
}
if obj.Owner != "" {
expectedUID, err = obj.uid()
expectedUID, err = GetUID(obj.Owner)
if err != nil {
return false, err
}
@@ -777,7 +760,7 @@ func (obj *FileRes) chownCheckApply(apply bool) (checkOK bool, _ error) {
}
if obj.Group != "" {
expectedGID, err = obj.gid()
expectedGID, err = GetGID(obj.Group)
if err != nil {
return false, err
}

43
resources/file_attrs.go
View File

@@ -1,43 +0,0 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
// +build go1.7
package resources
import (
"os/user"
"strconv"
errwrap "github.com/pkg/errors"
)
// gid returns the group id for the group specified in the yaml file graph.
// Caller should first check obj.Group is not empty
func (obj *FileRes) gid() (int, error) {
g2, err2 := user.LookupGroupId(obj.Group)
if err2 == nil {
return strconv.Atoi(g2.Gid)
}
g, err := user.LookupGroup(obj.Group)
if err == nil {
return strconv.Atoi(g.Gid)
}
return -1, errwrap.Wrapf(err, "Group lookup error (%s)", obj.Group)
}

43
resources/file_attrs_go1.6.go
View File

@@ -1,43 +0,0 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
// +build !go1.7
package resources
import (
"strconv"
group "github.com/hnakamur/group"
errwrap "github.com/pkg/errors"
)
// gid returns the group id for the group specified in the yaml file graph.
// Caller should first check obj.Group is not empty
func (obj *FileRes) gid() (int, error) {
g2, err2 := group.LookupId(obj.Group)
if err2 == nil {
return strconv.Atoi(g2.Gid)
}
g, err := group.Lookup(obj.Group)
if err == nil {
return strconv.Atoi(g.Gid)
}
return -1, errwrap.Wrapf(err, "Group lookup error (%s)", obj.Group)
}

2
resources/file_test.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/graph.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/group.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/hostname.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/kv.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/metaparams.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/mgraph.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/msg.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/msg_test.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/noop.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/nspawn.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/packagekit/packagekit.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/password.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

18
resources/pkg.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify
@@ -323,13 +323,19 @@ func (obj *PkgRes) CheckApply(apply bool) (checkOK bool, err error) {
return false, nil // success
}
// PkgUID is the UID struct for PkgRes.
// PkgUID is the main UID struct for PkgRes.
type PkgUID struct {
BaseUID
name string // pkg name
state string // pkg state or "version"
}
// PkgFileUID is the UID struct for PkgRes files.
type PkgFileUID struct {
BaseUID
path string // path of the file
}
// IFF aka if and only if they are equivalent, return true. If not, false.
func (obj *PkgUID) IFF(uid ResUID) bool {
res, ok := uid.(*PkgUID)
@@ -473,6 +479,14 @@ func (obj *PkgRes) UIDs() []ResUID {
state: obj.State,
}
result := []ResUID{x}
for _, y := range obj.fileList {
y := &PkgFileUID{
BaseUID: BaseUID{Name: obj.GetName(), Kind: obj.GetKind()},
path: y,
}
result = append(result, y)
}
return result
}

2
resources/pkg_test.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/refresh.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

11
resources/resources.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify
@@ -52,6 +52,15 @@ func RegisterResource(kind string, fn func() Res) {
registeredResources[kind] = fn
}
// RegisteredResourcesNames returns the kind of the registered resources.
func RegisteredResourcesNames() []string {
kinds := []string{}
for k := range registeredResources {
kinds = append(kinds, k)
}
return kinds
}
// NewResource returns an empty resource object from a registered kind. It
// errors if the resource kind doesn't exist.
func NewResource(kind string) (Res, error) {

14
resources/resources_test.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify
@@ -78,6 +78,18 @@ func TestIFF(t *testing.T) {
}
}
func TestRegisteredResourcesNames(t *testing.T) {
kinds := RegisteredResourcesNames()
for _, kind := range kinds {
if kind == "" {
t.Error("Empty kind found")
}
}
if len(kinds) == 0 {
t.Error("No registered resources")
}
}
func TestReadEvent(t *testing.T) {
//res := FileRes{}

2
resources/semaphore.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/semaphore_test.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/sendrecv.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/svc.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/timer.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/uid.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/user.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

42
resources/util.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify
@@ -22,8 +22,10 @@ import (
"encoding/base64"
"encoding/gob"
"fmt"
"os/user"
"reflect"
"sort"
"strconv"
"strings"
errwrap "github.com/pkg/errors"
@@ -94,10 +96,8 @@ func StructTagToFieldName(res Res) (map[string]string, error) {
for i := 0; i < st.NumField(); i++ {
field := st.Field(i)
name := field.Name
// TODO: golang 1.7+
// if !ok, then nothing is found
//if alias, ok := field.Tag.Lookup(StructTag); ok { // golang 1.7+
if alias := field.Tag.Get(StructTag); alias != "" { // golang 1.6
if alias, ok := field.Tag.Lookup(StructTag); ok { // golang 1.7+
if val, exists := result[alias]; exists {
return nil, fmt.Errorf("field `%s` uses the same key `%s` as field `%s`", name, alias, val)
}
@@ -133,3 +133,37 @@ func LowerStructFieldNameToFieldName(res Res) (map[string]string, error) {
}
return result, nil
}
// GetUID returns the UID of an user. It supports an UID or an username. Caller
// should first check user is not empty. It will return an error if it can't
// lookup the UID or username.
func GetUID(username string) (int, error) {
userObj, err := user.LookupId(username)
if err == nil {
return strconv.Atoi(userObj.Uid)
}
userObj, err = user.Lookup(username)
if err == nil {
return strconv.Atoi(userObj.Gid)
}
return -1, errwrap.Wrapf(err, "user lookup error (%s)", username)
}
// GetGID returns the GID of a group. It supports a GID or a group name. Caller
// should first check group is not empty. It will return an error if it can't
// lookup the GID or group name.
func GetGID(group string) (int, error) {
groupObj, err := user.LookupGroupId(group)
if err == nil {
return strconv.Atoi(groupObj.Gid)
}
groupObj, err = user.LookupGroup(group)
if err == nil {
return strconv.Atoi(groupObj.Gid)
}
return -1, errwrap.Wrapf(err, "group lookup error (%s)", group)
}

80
resources/util_test.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify
@@ -21,7 +21,9 @@ import (
"bytes"
"encoding/base64"
"encoding/gob"
"os/user"
"reflect"
"strconv"
"testing"
)
@@ -236,3 +238,79 @@ func TestLowerStructFieldNameToFieldName1(t *testing.T) {
return
}
}
func TestUnknownGroup(t *testing.T) {
gid, err := GetGID("unknowngroup")
if err == nil {
t.Errorf("expected failure, but passed with: %d", gid)
}
}
func TestUnknownUser(t *testing.T) {
uid, err := GetUID("unknownuser")
if err == nil {
t.Errorf("expected failure, but passed with: %d", uid)
}
}
func TestCurrentUserGroupByName(t *testing.T) {
// get current user
userObj, err := user.Current()
if err != nil {
t.Errorf("error trying to lookup current user: %s", err.Error())
}
currentUID := userObj.Uid
currentGID := userObj.Gid
var uid int
var gid int
// now try to get the uid/gid via our API (via username and group name)
if uid, err = GetUID(userObj.Username); err != nil {
t.Errorf("error trying to lookup current user UID: %s", err.Error())
}
if strconv.Itoa(uid) != currentUID {
t.Errorf("uid didn't match current user's: %s vs %s", strconv.Itoa(uid), currentUID)
}
if gid, err = GetGID(userObj.Username); err != nil {
t.Errorf("error trying to lookup current user UID: %s", err.Error())
}
if strconv.Itoa(gid) != currentGID {
t.Errorf("gid didn't match current user's: %s vs %s", strconv.Itoa(gid), currentGID)
}
}
func TestCurrentUserGroupById(t *testing.T) {
// get current user
userObj, err := user.Current()
if err != nil {
t.Errorf("error trying to lookup current user: %s", err.Error())
}
currentUID := userObj.Uid
currentGID := userObj.Gid
var uid int
var gid int
// now try to get the uid/gid via our API (via uid and gid)
if uid, err = GetUID(currentUID); err != nil {
t.Errorf("error trying to lookup current user UID: %s", err.Error())
}
if strconv.Itoa(uid) != currentUID {
t.Errorf("uid didn't match current user's: %s vs %s", strconv.Itoa(uid), currentUID)
}
if gid, err = GetGID(currentGID); err != nil {
t.Errorf("error trying to lookup current user UID: %s", err.Error())
}
if strconv.Itoa(gid) != currentGID {
t.Errorf("gid didn't match current user's: %s vs %s", strconv.Itoa(gid), currentGID)
}
}

6
resources/virt.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify
@@ -185,9 +185,9 @@ func (obj *VirtRes) Init() error {
// guest agent: domain->devices->channel->target->state == connected?
for _, x := range domXML.Devices.Channels {
if x.Target.Type == "virtio" && strings.HasPrefix(x.Target.Name, "org.qemu.guest_agent.") {
if x.Target.VirtIO != nil && strings.HasPrefix(x.Target.VirtIO.Name, "org.qemu.guest_agent.") {
// last connection found wins (usually 1 anyways)
obj.guestAgentConnected = (x.Target.State == "connected")
obj.guestAgentConnected = (x.Target.VirtIO.State == "connected")
}
}
}

2
resources/virt_disabled.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

2
resources/virt_test.go
View File

@@ -1,5 +1,5 @@
// Mgmt
// Copyright (C) 2013-2017+ James Shubin and the project contributors
// Copyright (C) 2013-2018+ James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify

46
tag.sh
View File

@@ -1,14 +1,50 @@
#!/bin/bash
# TODO: don't run if current HEAD is already tagged (ensure this is idempotent)
# take current HEAD with new version
set -eEu
set -o pipefail
################################################################################
# Tag and push a new release of the git repo.
# There are no arguments for this script.
################################################################################
# Variables:
#
# v: the old tag version, such as 0.0.13
# t: the new tag version, such as 0.0.14
# h: the head version, such as 0.0.13-40-g62ca126-dirty
v=`git describe --match '[0-9]*\.[0-9]*\.[0-9]*' --tags --abbrev=0`
t=`echo "${v%.*}.$((${v##*.}+1))"` # increment version
echo "Version $t is now tagged!"
echo "Pushing $t to origin..."
h="$(git describe --tags --dirty --always)"
if [[ $# -gt 0 ]]; then
echo "ERR: $0 does not take arguments." >&2
exit 1
fi
# Never tag a dirty git tree.
if [[ "${h}" =~ dirty ]]; then
echo "ERR: git tree is dirty. Commit or stash changes before tagging." >&2
exit 1
fi
# Be idempotent.
if [[ "${h}" == "${v}" ]]; then
echo "INFO: HEAD \"${h}\" is equivalent to the current (old) version tag \"${v}\"; nothing to do."
exit 0
fi
# Give the user a chance to abort.
echo "WARN: About to tag \"${h}\" as \"${t}\" and push."
echo "Press ^C within 3s to abort."
sleep 3s
# Tag and push.
echo "release: tag $t" | git tag --file=- --sign $t
echo "INFO: Version $t is now tagged."
echo "INFO: Pushing $t to origin."
git push origin $t
# Be informative.
GIT_PAGER=cat git diff --stat "$v" "$t"
if which contrib.sh 2>/dev/null; then contrib.sh "$v"; fi
if which contrib.sh &>/dev/null; then contrib.sh "$v"; fi
echo -e "run 'git log $v..$t' to see what has changed since $v"

76
test/shell/exec-usergroup.sh Executable file
View File

@@ -0,0 +1,76 @@
#!/bin/bash
set -x
set -o pipefail
if ! timeout 1s sudo -A true; then
echo "sudo disabled: not checking exec user and group"
exit
fi
BASE_PATH="/tmp/mgmt/"
BASE_PATH_TEST="${BASE_PATH}test-exec-usergroup/"
# on Fedora, it's nobody while on ubuntu it's nogroup
GROUP="nogroup"
if grep -q nobody /etc/group; then
GROUP="nobody"
fi
function setup {
mkdir -p "${BASE_PATH_TEST}"
sudo -A chown nobody:${GROUP} "${BASE_PATH_TEST}"
sudo -A chmod ug=rwx,o=rx "${BASE_PATH_TEST}"
}
function cleanup {
sudo -A rm -rf "${BASE_PATH_TEST}"
}
# run_test will run each test. It takes 3 parameters:
# - $1: graph (e.g. exec-usergroup-nobody.yaml)
# - $2: user to be tested (e.g. nobody or "")
# - $3: group to be tested (e.g. nobody or "")
function run_usergroup_test() {
graph=$1
user=$2
group=$3
setup
# run till completion
sudo -A timeout --kill-after=30s 25s ./mgmt run --yaml ./exec-usergroup/${graph} --converged-timeout=5 --no-watch --tmp-prefix &
pid=$!
wait $pid # get exit status
e=$?
# tests
test -e "${BASE_PATH_TEST}/result-exec-usergroup"
if [ $? != 0 ]; then
echo "${BASE_PATH_TEST}result-exec-usergroup has not been created"
exit 1
fi
if [ "${user}" != "" ]; then
test $(stat -c%U "${BASE_PATH_TEST}/result-exec-usergroup") = $user
if [ $? != 0 ]; then
echo "${BASE_PATH_TEST}result-exec-usergroup owner is not ${user}"
exit 1
fi
fi
if [ "${group}" != "" ]; then
test $(stat -c%G "${BASE_PATH_TEST}/result-exec-usergroup") = $group
if [ $? != 0 ]; then
echo "${BASE_PATH_TEST}result-exec-usergroup group is not ${group}"
exit 1
fi
fi
cleanup
}
# ensure the workspace is clean
cleanup
# run_usergroup_test <yaml file in ./exec-usergroup> <user to test> <group to test>
run_usergroup_test "exec-usergroup-${GROUP}.yaml" "nobody" "${GROUP}"
run_usergroup_test "exec-usergroup-user.yaml" "nobody" ""
run_usergroup_test "exec-usergroup-group-${GROUP}.yaml" "" "${GROUP}"

Some files were not shown because too many files have changed in this diff Show More