Class: Chef::Knife::CfnBase

Inherits:

Chef::Knife

• Object
• Chef::Knife
• Chef::Knife::CfnBase

Defined in:

lib/chef/knife/cfn_base.rb

Direct Known Subclasses

CfnCreate, CfnDelete, CfnDescribe, CfnEvents, CfnOutputs, CfnResources, CfnUpdate, CfnValidate

Class Method Summary

• .included(includer) ⇒ Object

  :nodoc: Would prefer to do this in a rational way, but can’t be done b/c of Mixlib::CLI’s design :(.

Instance Method Summary

• #connection ⇒ Object
• #is_image_windows? ⇒ Boolean
• #locate_config_value(key) ⇒ Object
• #msg_pair(label, value, color = :cyan) ⇒ Object
• #validate!(keys = [:aws_access_key_id, :aws_secret_access_key]) ⇒ Object

Methods inherited from Chef::Knife

#create_create_def, #create_update_def, #iam_name_from_profile, #ini_parse

Class Method Details

.included(includer) ⇒ Object

:nodoc: Would prefer to do this in a rational way, but can’t be done b/c of Mixlib::CLI’s design :(

# File 'lib/chef/knife/cfn_base.rb', line 28

def self.included(includer)
  includer.class_eval do

    deps do
      require 'fog'
      require 'readline'
      require 'chef/json_compat'
    end

    option :aws_credential_file,
      :long => "--aws-credential-file FILE",
      :description => "File containing AWS credentials as used by aws cmdline tools",
      :proc => Proc.new { |key| Chef::Config[:knife][:aws_credential_file] = key }

    option :aws_profile,
      :long => "--aws-profile PROFILE",
      :description => "AWS profile, from credential file, to use",
      :default => 'default',
      :proc => Proc.new { |key| Chef::Config[:knife][:aws_profile] = key }

    option :aws_access_key_id,
      :short => "-A ID",
      :long => "--aws-access-key-id KEY",
      :description => "Your AWS Access Key ID",
      :proc => Proc.new { |key| Chef::Config[:knife][:aws_access_key_id] = key }

    option :aws_secret_access_key,
      :short => "-K SECRET",
      :long => "--aws-secret-access-key SECRET",
      :description => "Your AWS API Secret Access Key",
      :proc => Proc.new { |key| Chef::Config[:knife][:aws_secret_access_key] = key }

    option :aws_session_token,
      :long => "--aws-session-token TOKEN",
      :description => "Your AWS Session Token, for use with AWS STS Federation or Session Tokens",
      :proc => Proc.new { |key| Chef::Config[:knife][:aws_session_token] = key }

    option :region,
      :long => "--region REGION",
      :description => "Your AWS region",
      :proc => Proc.new { |key| Chef::Config[:knife][:region] = key }

    option :use_iam_profile,
      :long => "--use-iam-profile",
      :description => "Use IAM profile assigned to current machine",
      :boolean => true,
      :default => false,
      :proc => Proc.new { |key| Chef::Config[:knife][:use_iam_profile] = key }
  end
end

Instance Method Details

#connection ⇒ Object

# File 'lib/chef/knife/cfn_base.rb', line 79

def connection
  connection_settings = {
#          :provider => 'AWS',
    :region => locate_config_value(:region)
  }
  if locate_config_value(:use_iam_profile)
    connection_settings[:use_iam_profile] = true
  else
    connection_settings[:aws_access_key_id] = locate_config_value(:aws_access_key_id)
    connection_settings[:aws_secret_access_key] = locate_config_value(:aws_secret_access_key)
    connection_settings[:aws_session_token] = locate_config_value(:aws_session_token)
  end
  @connection ||= begin
    connection = Fog::AWS::CloudFormation.new(connection_settings)
  end
end

#is_image_windows? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/chef/knife/cfn_base.rb', line 107

def is_image_windows?
  image_info = connection.images.get(@server.image_id)
  return image_info.platform == 'windows'
end

#locate_config_value(key) ⇒ Object

# File 'lib/chef/knife/cfn_base.rb', line 96

def locate_config_value(key)
  key = key.to_sym
  config[key] || Chef::Config[:knife][key]
end

#msg_pair(label, value, color = :cyan) ⇒ Object

# File 'lib/chef/knife/cfn_base.rb', line 101

def msg_pair(label, value, color=:cyan)
  if value && !value.to_s.empty?
    puts "#{ui.color(label, color)}: #{value}"
  end
end

#validate!(keys = [:aws_access_key_id, :aws_secret_access_key]) ⇒ Object

# File 'lib/chef/knife/cfn_base.rb', line 112

def validate!(keys=[:aws_access_key_id, :aws_secret_access_key])
  errors = []

  unless locate_config_value(:use_iam_profile)
    unless Chef::Config[:knife][:aws_credential_file].nil?
      unless (Chef::Config[:knife].keys & [:aws_access_key_id, :aws_secret_access_key]).empty?
        errors << "Either provide a credentials file or the access key and secret keys but not both."
      end
      # File format:
      # AWSAccessKeyId=somethingsomethingdarkside
      # AWSSecretKey=somethingsomethingcomplete
      #               OR
      # [default]
      # aws_access_key_id = somethingsomethingdarkside
      # aws_secret_access_key = somethingsomethingdarkside

      aws_creds = ini_parse(File.read(Chef::Config[:knife][:aws_credential_file]))
      profile = Chef::Config[:knife][:aws_profile] || 'default'
      entries = aws_creds.values.first.has_key?("AWSAccessKeyId") ? aws_creds.values.first : aws_creds[profile]

      Chef::Config[:knife][:aws_access_key_id] = entries['AWSAccessKeyId'] || entries['aws_access_key_id']
      Chef::Config[:knife][:aws_secret_access_key] = entries['AWSSecretKey'] || entries['aws_secret_access_key']
    end

    keys.each do |k|
      pretty_key = k.to_s.gsub(/_/, ' ').gsub(/\w+/){ |w| (w =~ /(ssh)|(aws)/i) ? w.upcase  : w.capitalize }
      if Chef::Config[:knife][k].nil?
        errors << "You did not provide a valid '#{pretty_key}' value."
      end
    end

    if errors.each{|e| ui.error(e)}.any?
      exit 1
    end
  end
end