diff --git a/builtin/bins/provisioner-file/main.go b/builtin/bins/provisioner-file/main.go new file mode 100644 index 000000000..6b6747803 --- /dev/null +++ b/builtin/bins/provisioner-file/main.go @@ -0,0 +1,10 @@ +package main + +import ( + "github.com/hashicorp/terraform/builtin/provisioners/file" + "github.com/hashicorp/terraform/plugin" +) + +func main() { + plugin.Serve(new(file.ResourceProvisioner)) +} diff --git a/builtin/bins/provisioner-file/main_test.go b/builtin/bins/provisioner-file/main_test.go new file mode 100644 index 000000000..06ab7d0f9 --- /dev/null +++ b/builtin/bins/provisioner-file/main_test.go @@ -0,0 +1 @@ +package main diff --git a/builtin/provisioners/file/resource_provisioner.go b/builtin/provisioners/file/resource_provisioner.go new file mode 100644 index 000000000..9eae86481 --- /dev/null +++ b/builtin/provisioners/file/resource_provisioner.go @@ -0,0 +1,116 @@ +package file + +import ( + "fmt" + "log" + "os" + "time" + + "github.com/hashicorp/terraform/helper/config" + helper "github.com/hashicorp/terraform/helper/ssh" + "github.com/hashicorp/terraform/terraform" +) + +type ResourceProvisioner struct{} + +func (p *ResourceProvisioner) Apply(s *terraform.ResourceState, + c *terraform.ResourceConfig) (*terraform.ResourceState, error) { + // Ensure the connection type is SSH + if err := helper.VerifySSH(s); err != nil { + return s, err + } + + // Get the SSH configuration + conf, err := helper.ParseSSHConfig(s) + if err != nil { + return s, err + } + + // Get the source and destination + sRaw := c.Config["source"] + src, ok := sRaw.(string) + if !ok { + return s, fmt.Errorf("Unsupported 'source' type! Must be string.") + } + + dRaw := c.Config["destination"] + dst, ok := dRaw.(string) + if !ok { + return s, fmt.Errorf("Unsupported 'destination' type! Must be string.") + } + return s, p.copyFiles(conf, src, dst) +} + +func (p *ResourceProvisioner) Validate(c *terraform.ResourceConfig) (ws []string, es []error) { + v := &config.Validator{ + Required: []string{ + "source", + "destination", + }, + } + return v.Validate(c) +} + +// copyFiles is used to copy the files from a source to a destination +func (p *ResourceProvisioner) copyFiles(conf *helper.SSHConfig, src, dst string) error { + // Get the SSH client config + config, err := helper.PrepareConfig(conf) + if err != nil { + return err + } + + // Wait and retry until we establish the SSH connection + var comm *helper.SSHCommunicator + err = retryFunc(conf.TimeoutVal, func() error { + host := fmt.Sprintf("%s:%d", conf.Host, conf.Port) + comm, err = helper.New(host, config) + return err + }) + if err != nil { + return err + } + + info, err := os.Stat(src) + if err != nil { + return err + } + + // If we're uploading a directory, short circuit and do that + if info.IsDir() { + if err := comm.UploadDir(dst, src, nil); err != nil { + return fmt.Errorf("Upload failed: %v", err) + } + return nil + } + + // We're uploading a file... + f, err := os.Open(src) + if err != nil { + return err + } + defer f.Close() + + err = comm.Upload(dst, f) + if err != nil { + return fmt.Errorf("Upload failed: %v", err) + } + return err +} + +// retryFunc is used to retry a function for a given duration +func retryFunc(timeout time.Duration, f func() error) error { + finish := time.After(timeout) + for { + err := f() + if err == nil { + return nil + } + log.Printf("Retryable error: %v", err) + + select { + case <-finish: + return err + case <-time.After(3 * time.Second): + } + } +} diff --git a/builtin/provisioners/file/resource_provisioner_test.go b/builtin/provisioners/file/resource_provisioner_test.go new file mode 100644 index 000000000..0fc990cb4 --- /dev/null +++ b/builtin/provisioners/file/resource_provisioner_test.go @@ -0,0 +1,51 @@ +package file + +import ( + "testing" + + "github.com/hashicorp/terraform/config" + "github.com/hashicorp/terraform/terraform" +) + +func TestResourceProvisioner_impl(t *testing.T) { + var _ terraform.ResourceProvisioner = new(ResourceProvisioner) +} + +func TestResourceProvider_Validate_good(t *testing.T) { + c := testConfig(t, map[string]interface{}{ + "source": "/tmp/foo", + "destination": "/tmp/bar", + }) + p := new(ResourceProvisioner) + warn, errs := p.Validate(c) + if len(warn) > 0 { + t.Fatalf("Warnings: %v", warn) + } + if len(errs) > 0 { + t.Fatalf("Errors: %v", errs) + } +} + +func TestResourceProvider_Validate_bad(t *testing.T) { + c := testConfig(t, map[string]interface{}{ + "source": "nope", + }) + p := new(ResourceProvisioner) + warn, errs := p.Validate(c) + if len(warn) > 0 { + t.Fatalf("Warnings: %v", warn) + } + if len(errs) == 0 { + t.Fatalf("Should have errors") + } +} + +func testConfig( + t *testing.T, + c map[string]interface{}) *terraform.ResourceConfig { + r, err := config.NewRawConfig(c) + if err != nil { + t.Fatalf("bad: %s", err) + } + return terraform.NewResourceConfig(r) +} diff --git a/builtin/provisioners/remote-exec/resource_provisioner.go b/builtin/provisioners/remote-exec/resource_provisioner.go index 7fdf37cb3..7b02bd7e3 100644 --- a/builtin/provisioners/remote-exec/resource_provisioner.go +++ b/builtin/provisioners/remote-exec/resource_provisioner.go @@ -11,55 +11,26 @@ import ( "strings" "time" - "code.google.com/p/go.crypto/ssh" helper "github.com/hashicorp/terraform/helper/ssh" "github.com/hashicorp/terraform/terraform" - "github.com/mitchellh/mapstructure" ) const ( - // DefaultUser is used if there is no default user given - DefaultUser = "root" - - // DefaultPort is used if there is no port given - DefaultPort = 22 - - // DefaultScriptPath is used as the path to copy the file to - // for remote execution if not provided otherwise. - DefaultScriptPath = "/tmp/script.sh" - - // DefaultTimeout is used if there is no timeout given - DefaultTimeout = 5 * time.Minute - // DefaultShebang is added at the top of the script file DefaultShebang = "#!/bin/sh" ) type ResourceProvisioner struct{} -// SSHConfig is decoded from the ConnInfo of the resource. These -// are the only keys we look at. If a KeyFile is given, that is used -// instead of a password. -type SSHConfig struct { - User string - Password string - KeyFile string `mapstructure:"key_file"` - Host string - Port int - Timeout string - ScriptPath string `mapstructure:"script_path"` - TimeoutVal time.Duration `mapstructure:"-"` -} - func (p *ResourceProvisioner) Apply(s *terraform.ResourceState, c *terraform.ResourceConfig) (*terraform.ResourceState, error) { // Ensure the connection type is SSH - if err := p.verifySSH(s); err != nil { + if err := helper.VerifySSH(s); err != nil { return s, err } // Get the SSH configuration - conf, err := p.sshConfig(s) + conf, err := helper.ParseSSHConfig(s) if err != nil { return s, err } @@ -100,50 +71,6 @@ func (p *ResourceProvisioner) Validate(c *terraform.ResourceConfig) (ws []string return } -// verifySSH is used to verify the ConnInfo is usable by remote-exec -func (p *ResourceProvisioner) verifySSH(s *terraform.ResourceState) error { - connType := s.ConnInfo["type"] - switch connType { - case "": - case "ssh": - default: - return fmt.Errorf("Connection type '%s' not supported", connType) - } - return nil -} - -// sshConfig is used to convert the ConnInfo of the ResourceState into -// a SSHConfig struct -func (p *ResourceProvisioner) sshConfig(s *terraform.ResourceState) (*SSHConfig, error) { - sshConf := &SSHConfig{} - decConf := &mapstructure.DecoderConfig{ - WeaklyTypedInput: true, - Result: sshConf, - } - dec, err := mapstructure.NewDecoder(decConf) - if err != nil { - return nil, err - } - if err := dec.Decode(s.ConnInfo); err != nil { - return nil, err - } - if sshConf.User == "" { - sshConf.User = DefaultUser - } - if sshConf.Port == 0 { - sshConf.Port = DefaultPort - } - if sshConf.ScriptPath == "" { - sshConf.ScriptPath = DefaultScriptPath - } - if sshConf.Timeout != "" { - sshConf.TimeoutVal = safeDuration(sshConf.Timeout, DefaultTimeout) - } else { - sshConf.TimeoutVal = DefaultTimeout - } - return sshConf, nil -} - // generateScript takes the configuration and creates a script to be executed // from the inline configs func (p *ResourceProvisioner) generateScript(c *terraform.ResourceConfig) (string, error) { @@ -234,37 +161,17 @@ func (p *ResourceProvisioner) collectScripts(c *terraform.ResourceConfig) ([]io. } // runScripts is used to copy and execute a set of scripts -func (p *ResourceProvisioner) runScripts(conf *SSHConfig, scripts []io.ReadCloser) error { - sshConf := &ssh.ClientConfig{ - User: conf.User, - } - if conf.KeyFile != "" { - key, err := ioutil.ReadFile(conf.KeyFile) - if err != nil { - return fmt.Errorf("Failed to read key file '%s': %v", conf.KeyFile, err) - } - signer, err := ssh.ParsePrivateKey(key) - if err != nil { - return fmt.Errorf("Failed to parse key file '%s': %v", conf.KeyFile, err) - } - sshConf.Auth = append(sshConf.Auth, ssh.PublicKeys(signer)) - } - if conf.Password != "" { - sshConf.Auth = append(sshConf.Auth, - ssh.Password(conf.Password)) - sshConf.Auth = append(sshConf.Auth, - ssh.KeyboardInteractive(helper.PasswordKeyboardInteractive(conf.Password))) - } - host := fmt.Sprintf("%s:%d", conf.Host, conf.Port) - config := &helper.Config{ - SSHConfig: sshConf, - Connection: helper.ConnectFunc("tcp", host), +func (p *ResourceProvisioner) runScripts(conf *helper.SSHConfig, scripts []io.ReadCloser) error { + // Get the SSH client config + config, err := helper.PrepareConfig(conf) + if err != nil { + return err } // Wait and retry until we establish the SSH connection var comm *helper.SSHCommunicator - err := retryFunc(conf.TimeoutVal, func() error { - var err error + err = retryFunc(conf.TimeoutVal, func() error { + host := fmt.Sprintf("%s:%d", conf.Host, conf.Port) comm, err = helper.New(host, config) return err }) @@ -334,16 +241,6 @@ func retryFunc(timeout time.Duration, f func() error) error { } } -// safeDuration returns either the parsed duration or a default value -func safeDuration(dur string, defaultDur time.Duration) time.Duration { - d, err := time.ParseDuration(dur) - if err != nil { - log.Printf("Invalid duration '%s' for remote-exec, using default", dur) - return defaultDur - } - return d -} - // streamLogs is used to stream lines from stdout/stderr // of a remote command to log output for users. func streamLogs(r io.ReadCloser, name string) { diff --git a/builtin/provisioners/remote-exec/resource_provisioner_test.go b/builtin/provisioners/remote-exec/resource_provisioner_test.go index 5d6dca377..74944771f 100644 --- a/builtin/provisioners/remote-exec/resource_provisioner_test.go +++ b/builtin/provisioners/remote-exec/resource_provisioner_test.go @@ -41,64 +41,6 @@ func TestResourceProvider_Validate_bad(t *testing.T) { } } -func TestResourceProvider_verifySSH(t *testing.T) { - p := new(ResourceProvisioner) - r := &terraform.ResourceState{ - ConnInfo: map[string]string{ - "type": "telnet", - }, - } - if err := p.verifySSH(r); err == nil { - t.Fatalf("expected error with telnet") - } - r.ConnInfo["type"] = "ssh" - if err := p.verifySSH(r); err != nil { - t.Fatalf("err: %v", err) - } -} - -func TestResourceProvider_sshConfig(t *testing.T) { - p := new(ResourceProvisioner) - r := &terraform.ResourceState{ - ConnInfo: map[string]string{ - "type": "ssh", - "user": "root", - "password": "supersecret", - "key_file": "/my/key/file.pem", - "host": "127.0.0.1", - "port": "22", - "timeout": "30s", - }, - } - - conf, err := p.sshConfig(r) - if err != nil { - t.Fatalf("err: %v", err) - } - - if conf.User != "root" { - t.Fatalf("bad: %v", conf) - } - if conf.Password != "supersecret" { - t.Fatalf("bad: %v", conf) - } - if conf.KeyFile != "/my/key/file.pem" { - t.Fatalf("bad: %v", conf) - } - if conf.Host != "127.0.0.1" { - t.Fatalf("bad: %v", conf) - } - if conf.Port != 22 { - t.Fatalf("bad: %v", conf) - } - if conf.Timeout != "30s" { - t.Fatalf("bad: %v", conf) - } - if conf.ScriptPath != DefaultScriptPath { - t.Fatalf("bad: %v", conf) - } -} - func TestResourceProvider_generateScript(t *testing.T) { p := new(ResourceProvisioner) conf := testConfig(t, map[string]interface{}{ diff --git a/config.go b/config.go index 77bf01a07..efe46ad94 100644 --- a/config.go +++ b/config.go @@ -38,6 +38,7 @@ func init() { BuiltinConfig.Provisioners = map[string]string{ "local-exec": "terraform-provisioner-local-exec", "remote-exec": "terraform-provisioner-remote-exec", + "file": "terraform-provisioner-file", } } diff --git a/helper/ssh/provisioner.go b/helper/ssh/provisioner.go new file mode 100644 index 000000000..d84bfa356 --- /dev/null +++ b/helper/ssh/provisioner.go @@ -0,0 +1,126 @@ +package ssh + +import ( + "fmt" + "io/ioutil" + "log" + "time" + + "code.google.com/p/go.crypto/ssh" + "github.com/hashicorp/terraform/terraform" + "github.com/mitchellh/mapstructure" +) + +const ( + // DefaultUser is used if there is no default user given + DefaultUser = "root" + + // DefaultPort is used if there is no port given + DefaultPort = 22 + + // DefaultScriptPath is used as the path to copy the file to + // for remote execution if not provided otherwise. + DefaultScriptPath = "/tmp/script.sh" + + // DefaultTimeout is used if there is no timeout given + DefaultTimeout = 5 * time.Minute +) + +// SSHConfig is decoded from the ConnInfo of the resource. These +// are the only keys we look at. If a KeyFile is given, that is used +// instead of a password. +type SSHConfig struct { + User string + Password string + KeyFile string `mapstructure:"key_file"` + Host string + Port int + Timeout string + ScriptPath string `mapstructure:"script_path"` + TimeoutVal time.Duration `mapstructure:"-"` +} + +// verifySSH is used to verify the ConnInfo is usable by remote-exec +func VerifySSH(s *terraform.ResourceState) error { + connType := s.ConnInfo["type"] + switch connType { + case "": + case "ssh": + default: + return fmt.Errorf("Connection type '%s' not supported", connType) + } + return nil +} + +// ParseSSHConfig is used to convert the ConnInfo of the ResourceState into +// a SSHConfig struct +func ParseSSHConfig(s *terraform.ResourceState) (*SSHConfig, error) { + sshConf := &SSHConfig{} + decConf := &mapstructure.DecoderConfig{ + WeaklyTypedInput: true, + Result: sshConf, + } + dec, err := mapstructure.NewDecoder(decConf) + if err != nil { + return nil, err + } + if err := dec.Decode(s.ConnInfo); err != nil { + return nil, err + } + if sshConf.User == "" { + sshConf.User = DefaultUser + } + if sshConf.Port == 0 { + sshConf.Port = DefaultPort + } + if sshConf.ScriptPath == "" { + sshConf.ScriptPath = DefaultScriptPath + } + if sshConf.Timeout != "" { + sshConf.TimeoutVal = safeDuration(sshConf.Timeout, DefaultTimeout) + } else { + sshConf.TimeoutVal = DefaultTimeout + } + return sshConf, nil +} + +// safeDuration returns either the parsed duration or a default value +func safeDuration(dur string, defaultDur time.Duration) time.Duration { + d, err := time.ParseDuration(dur) + if err != nil { + log.Printf("Invalid duration '%s', using default of %s", dur, defaultDur) + return defaultDur + } + return d +} + +// PrepareConfig is used to turn the *SSHConfig provided into a +// usable *Config for client initialization. +func PrepareConfig(conf *SSHConfig) (*Config, error) { + sshConf := &ssh.ClientConfig{ + User: conf.User, + } + if conf.KeyFile != "" { + key, err := ioutil.ReadFile(conf.KeyFile) + if err != nil { + return nil, fmt.Errorf("Failed to read key file '%s': %v", conf.KeyFile, err) + } + signer, err := ssh.ParsePrivateKey(key) + if err != nil { + return nil, fmt.Errorf("Failed to parse key file '%s': %v", conf.KeyFile, err) + } + sshConf.Auth = append(sshConf.Auth, ssh.PublicKeys(signer)) + } + if conf.Password != "" { + sshConf.Auth = append(sshConf.Auth, + ssh.Password(conf.Password)) + sshConf.Auth = append(sshConf.Auth, + ssh.KeyboardInteractive(PasswordKeyboardInteractive(conf.Password))) + } + host := fmt.Sprintf("%s:%d", conf.Host, conf.Port) + config := &Config{ + SSHConfig: sshConf, + Connection: ConnectFunc("tcp", host), + } + return config, nil +} diff --git a/helper/ssh/provisioner_test.go b/helper/ssh/provisioner_test.go new file mode 100644 index 000000000..c215e8d29 --- /dev/null +++ b/helper/ssh/provisioner_test.go @@ -0,0 +1,63 @@ +package ssh + +import ( + "testing" + + "github.com/hashicorp/terraform/terraform" +) + +func TestResourceProvider_verifySSH(t *testing.T) { + r := &terraform.ResourceState{ + ConnInfo: map[string]string{ + "type": "telnet", + }, + } + if err := VerifySSH(r); err == nil { + t.Fatalf("expected error with telnet") + } + r.ConnInfo["type"] = "ssh" + if err := VerifySSH(r); err != nil { + t.Fatalf("err: %v", err) + } +} + +func TestResourceProvider_sshConfig(t *testing.T) { + r := &terraform.ResourceState{ + ConnInfo: map[string]string{ + "type": "ssh", + "user": "root", + "password": "supersecret", + "key_file": "/my/key/file.pem", + "host": "127.0.0.1", + "port": "22", + "timeout": "30s", + }, + } + + conf, err := ParseSSHConfig(r) + if err != nil { + t.Fatalf("err: %v", err) + } + + if conf.User != "root" { + t.Fatalf("bad: %v", conf) + } + if conf.Password != "supersecret" { + t.Fatalf("bad: %v", conf) + } + if conf.KeyFile != "/my/key/file.pem" { + t.Fatalf("bad: %v", conf) + } + if conf.Host != "127.0.0.1" { + t.Fatalf("bad: %v", conf) + } + if conf.Port != 22 { + t.Fatalf("bad: %v", conf) + } + if conf.Timeout != "30s" { + t.Fatalf("bad: %v", conf) + } + if conf.ScriptPath != DefaultScriptPath { + t.Fatalf("bad: %v", conf) + } +}