func getArtifactVerifier(preparerConfig *PreparerConfig, logger *logging.Logger) (auth.ArtifactVerifier, error) { var verif ManifestVerification var err error switch t, _ := preparerConfig.ArtifactAuth["type"].(string); t { case "", auth.VerifyNone: return auth.NopVerifier(), nil case auth.VerifyManifest: err = castYaml(preparerConfig.ArtifactAuth, &verif) if err != nil { return nil, util.Errorf("error configuring artifact verification: %v", err) } return auth.NewBuildManifestVerifier(verif.KeyringPath, uri.DefaultFetcher, logger) case auth.VerifyBuild: err = castYaml(preparerConfig.ArtifactAuth, &verif) if err != nil { return nil, util.Errorf("error configuring artifact verification: %v", err) } return auth.NewBuildVerifier(verif.KeyringPath, uri.DefaultFetcher, logger) case auth.VerifyEither: err = castYaml(preparerConfig.ArtifactAuth, &verif) if err != nil { return nil, util.Errorf("error configuring artifact verification: %v", err) } return auth.NewCompositeVerifier(verif.KeyringPath, uri.DefaultFetcher, logger) default: return nil, util.Errorf("Unrecognized artifact verification type: %v", t) } }
func installBaseAgent(podFactory pods.Factory, agentManifest manifest.Manifest, registryURL *url.URL) error { agentPod := podFactory.NewPod(agentManifest.ID()) err := agentPod.Install(agentManifest, auth.NopVerifier(), artifact.NewRegistry(registryURL, uri.DefaultFetcher, osversion.DefaultDetector)) if err != nil { return err } _, err = agentPod.Launch(agentManifest) return err }
func testHookListener(t *testing.T) (HookListener, string, <-chan struct{}) { hookPrefix := kp.HOOK_TREE destDir, _ := ioutil.TempDir("", "pods") defer os.RemoveAll(destDir) execDir, err := ioutil.TempDir("", "exec") defer os.RemoveAll(execDir) Assert(t).IsNil(err, "should not have erred creating a tempdir") current, err := user.Current() Assert(t).IsNil(err, "test setup: could not get the current user") builder := manifest.NewBuilder() builder.SetID("users") builder.SetRunAsUser(current.Username) builder.SetLaunchables(map[launch.LaunchableID]launch.LaunchableStanza{ "create": { Location: util.From(runtime.Caller(0)).ExpandPath("hoisted-hello_def456.tar.gz"), LaunchableType: "hoist", LaunchableId: "create", }, }) podManifest := builder.GetManifest() manifestBytes, err := podManifest.Marshal() Assert(t).IsNil(err, "manifest bytes error should have been nil") fakeSigner, err := openpgp.NewEntity("p2", "p2-test", "*****@*****.**", nil) Assert(t).IsNil(err, "NewEntity error should have been nil") var buf bytes.Buffer sigWriter, err := clearsign.Encode(&buf, fakeSigner.PrivateKey, nil) Assert(t).IsNil(err, "clearsign encode error should have been nil") sigWriter.Write(manifestBytes) sigWriter.Close() podManifest, err = manifest.FromBytes(buf.Bytes()) Assert(t).IsNil(err, "should have generated manifest from signed bytes") fakeIntent := fakeStoreWithManifests(kp.ManifestResult{ Manifest: podManifest, }) hookFactory := pods.NewHookFactory(destDir, "testNode") listener := HookListener{ Intent: fakeIntent, HookPrefix: hookPrefix, ExecDir: execDir, HookFactory: hookFactory, Logger: logging.DefaultLogger, authPolicy: auth.FixedKeyringPolicy{openpgp.EntityList{fakeSigner}, nil}, artifactVerifier: auth.NopVerifier(), artifactRegistry: artifact.NewRegistry(nil, uri.DefaultFetcher, osversion.DefaultDetector), } return listener, destDir, fakeIntent.quit }
func installConsul(consulPod *pods.Pod, consulManifest manifest.Manifest, registryURL *url.URL) error { // Inject servicebuilder? err := consulPod.Install(consulManifest, auth.NopVerifier(), artifact.NewRegistry(registryURL, uri.DefaultFetcher, osversion.DefaultDetector)) if err != nil { return util.Errorf("Can't install Consul, aborting: %s", err) } ok, err := consulPod.Launch(consulManifest) if err != nil || !ok { return util.Errorf("Can't launch Consul, aborting: %s", err) } return nil }
func TestInstall(t *testing.T) { fetcher := uri.NewLoggedFetcher(nil) testContext := util.From(runtime.Caller(0)) currentUser, err := user.Current() Assert(t).IsNil(err, "test setup: couldn't get current user") testLocation := testContext.ExpandPath("hoisted-hello_3c021aff048ca8117593f9c71e03b87cf72fd440.tar.gz") launchables := map[launch.LaunchableID]launch.LaunchableStanza{ "hello": { LaunchableId: "hello", Location: testLocation, LaunchableType: "hoist", }, } builder := manifest.NewBuilder() builder.SetID("hello") builder.SetLaunchables(launchables) builder.SetRunAsUser(currentUser.Username) manifest := builder.GetManifest() testPodDir, err := ioutil.TempDir("", "testPodDir") Assert(t).IsNil(err, "Got an unexpected error creating a temp directory") defer os.RemoveAll(testPodDir) pod := Pod{ Id: "testPod", home: testPodDir, logger: Log.SubLogger(logrus.Fields{"pod": "testPod"}), Fetcher: fetcher, } err = pod.Install(manifest, auth.NopVerifier(), artifact.NewRegistry(nil, uri.DefaultFetcher, osversion.DefaultDetector)) Assert(t).IsNil(err, "there should not have been an error when installing") Assert(t).AreEqual( fetcher.SrcUri.String(), testLocation, "The correct url wasn't set for the curl library", ) hoistedHelloUnpacked := filepath.Join(testPodDir, "hello", "installs", "hello_3c021aff048ca8117593f9c71e03b87cf72fd440") if info, err := os.Stat(hoistedHelloUnpacked); err != nil || !info.IsDir() { t.Fatalf("Expected %s to be the unpacked artifact location", hoistedHelloUnpacked) } helloLaunch := filepath.Join(hoistedHelloUnpacked, "bin", "launch") if info, err := os.Stat(helloLaunch); err != nil || info.IsDir() { t.Fatalf("Expected %s to be a the launch script for hello", helloLaunch) } }
func TestInstallHooks(t *testing.T) { destDir, _ := ioutil.TempDir("", "pods") defer os.RemoveAll(destDir) execDir, err := ioutil.TempDir("", "exec") defer os.RemoveAll(execDir) Assert(t).IsNil(err, "should not have erred creating a tempdir") current, err := user.Current() Assert(t).IsNil(err, "test setup: could not get the current user") builder := manifest.NewBuilder() builder.SetID("users") builder.SetRunAsUser(current.Username) builder.SetLaunchables(map[launch.LaunchableID]launch.LaunchableStanza{ "create": { Location: util.From(runtime.Caller(0)).ExpandPath("testdata/hoisted-hello_def456.tar.gz"), LaunchableType: "hoist", }, }) podManifest := builder.GetManifest() hookFactory := pods.NewHookFactory(destDir, "testNode") hooksPod := hookFactory.NewHookPod(podManifest.ID()) preparer := Preparer{ hooksManifest: podManifest, hooksPod: hooksPod, hooksExecDir: execDir, Logger: logging.DefaultLogger, artifactRegistry: artifact.NewRegistry(nil, uri.DefaultFetcher, osversion.DefaultDetector), artifactVerifier: auth.NopVerifier(), } err = preparer.InstallHooks() Assert(t).IsNil(err, "There should not have been an error in the call to SyncOnce()") currentAlias := filepath.Join(destDir, "users", "create", "current", "bin", "launch") _, err = os.Stat(currentAlias) Assert(t).IsNil(err, fmt.Sprintf("%s should have been created", currentAlias)) hookFile := filepath.Join(execDir, "users__create__launch") _, err = os.Stat(hookFile) Assert(t).IsNil(err, "should have created the user launch script") }
func main() { kingpin.Version(version.VERSION) kingpin.Parse() if *nodeName == "" { hostname, err := os.Hostname() if err != nil { log.Fatalf("error getting node name: %v", err) } *nodeName = hostname } manifest, err := manifest.FromURI(*manifestURI) if err != nil { log.Fatalf("%s", err) } hookFactory := pods.NewHookFactory(filepath.Join(*podRoot, "hooks", *hookType), types.NodeName(*nodeName)) // /data/pods/hooks/<event>/<id> // if the event is the empty string (global hook), then that path segment // will be cleaned out pod := hookFactory.NewHookPod(manifest.ID()) // for now use noop verifier in this CLI err = pod.Install(manifest, auth.NopVerifier(), artifact.NewRegistry(*registryURI, uri.DefaultFetcher, osversion.DefaultDetector)) if err != nil { log.Fatalf("Could not install manifest %s: %s", manifest.ID(), err) } // hooks write their current manifest manually since it's normally done at // launch time _, err = pod.WriteCurrentManifest(manifest) if err != nil { log.Fatalf("Could not write current manifest for %s: %s", manifest.ID(), err) } err = hooks.InstallHookScripts(*hookRoot, pod, manifest, logging.DefaultLogger) if err != nil { log.Fatalf("Could not write hook scripts: %s", err) } }
func main() { kingpin.Version(version.VERSION) kingpin.Parse() if *nodeName == "" { hostname, err := os.Hostname() if err != nil { log.Fatalf("error getting node name: %v", err) } *nodeName = hostname } manifest, err := manifest.FromURI(*manifestURI) if err != nil { log.Fatalf("%s", err) } err = authorize(manifest) if err != nil { log.Fatalf("%s", err) } podFactory := pods.NewFactory(*podRoot, types.NodeName(*nodeName)) pod := podFactory.NewLegacyPod(manifest.ID()) err = pod.Install(manifest, auth.NopVerifier(), artifact.NewRegistry(nil, uri.DefaultFetcher, osversion.DefaultDetector)) if err != nil { log.Fatalf("Could not install manifest %s: %s", manifest.ID(), err) } success, err := pod.Launch(manifest) if err != nil { log.Fatalf("Could not launch manifest %s: %s", manifest.ID(), err) } if !success { log.Fatalln("Unsuccessful launch of one or more things in the manifest") } }