Taste Tester
Intro
Ohai!
Welcome to Taste Tester, software to manage a chef-zero instance and use it to test changes on production servers.
At its core, Taste Tester starts up a chef-zero server on localhost, uploads a repository to it, ssh's to a remote server and points its configs to your new chef-zero instance.
Further, it keeps track of where in git you were when that happened so future uploads will do the right thing, even as you switch branches.
Taste Tester can be controlled via a variety of config-file options, and can be further customized by writing a plugin.
Synopsis
Typical usage is:
vi cookbooks/... # Make your changes and commit locally
taste-tester impact # Check where your changes are used
taste-tester test -s [host] # Put host in Taste Tester mode
ssh root@[host] # Log in to host
# Run chef and watch it break
vi cookbooks/... # Fix your cookbooks
taste-tester upload # Upload the diff
ssh root@[host]
# Run chef and watch it succeed
<Verify your changes were actually applied as intended!>
taste-tester untest [host] # Put host back in production
# (optional - will revert itself after 1 hour)
See the help for further information.
Prerequisites
-
Taste Tester assumes that
/etc/chef/client.rb
and/etc/chef/client.pem
on your servers is a symlink and that your real config is/etc/chef/client-prod.rb
and/etc/chef/client-prod.pem
, respectively. -
Taste Tester assumes that it's generally safe to "go back" to production. I.e. We set things up so you can set a cronjob to un-taste-test a server after the desired amount of time, which means it must be (relatively) safe to revert back.
-
Taste Tester assumes you use a setup similar to grocery-delivery in production. Specifically that you don't use versions or environments.
-
Taste Tester assumes you have password-less SSH authentication to the hosts you want to test on, i.e. SSH public/private keys, SSH certificates, Kerberos
Dependencies
- Mixlib::Config
- Colorize
- BetweenMeals
- Minitar
- Chef
Automatic Untesting
Taste Tester touches /etc/chef/test_timestamp
on the remote server as far into
the future as the user wants to test (default is 1h). You should have a cronjob
to check the timestamp of this file, and if it is old, remove it and put the
symlinks for /etc/chef/client.rb
back to where they belong.
A small shell script to do this is included called taste-untester
. We
recommend running this at least every 15 minutes.
If you let Taste Tester setup reverse-SSH tunnels, make sure your untester
is also killing the ssh tunnel whose PID is in /etc/chef/test_timestamp
(taste-untester will do this for you).
Config file
The default config file is /etc/taste-tester-config.rb
but you may use -c to
specify another. The config file works the same as client.rb
does for Chef -
there are a series of keywords that take an argument and anything else is just
standard Ruby.
All command-line options are available in the config file:
- debug (bool, default:
false
) - timestamp (bool, default:
false
) - config_file (string, default:
/etc/taste-tester-config.rb
) - plugin_path (string, no default)
- repo (string, default:
#{ENV['HOME']}/ops
) - testing_time (int, default:
3600
) - chef_client_command (string, default:
chef-client
) - json (bool, default:
false
) - skip_repo_checks (bool, default:
false
) - skip_pre_upload_hook (bool, default:
false
) - skip_post_upload_hook (bool, default:
false
) - skip_pre_test_hook (bool, default:
false
) - skip_post_test_hook (bool, default:
false
) - skip_repo_checks_hook (bool, default:
false
)
The following options are also available:
- base_dir - The directory in the repo under which to find chef configs.
Default:
chef
- cookbook_dirs - An array of cookbook directories relative to base_dir.
Default:
['cookbooks']
- role_dir - A directory of roles, relative to base_dir. Default:
roles
- databag_dir - A directory of databags, relative to base_dir.
Default:
databags
- ref_file - The file to store the last git revision we uploaded in. Default:
#{ENV['HOME']}/.chef/taste-tester-ref.txt
- checksum_dir - The checksum directory to put in knife.conf for users. Default:
#{ENV['HOME']}/.chef/checksums
- bundle - use a single tar.gz file for transporting cookbooks, roles and
databags to clients. Experimental. Value is tri-state:
-
false
- server uses knife upload, client useschef_server
-
:compatible
- make server support both methods, client uses tar.gz -
true
- server only creates tar.gz, client uses tar.gz Default: false
-
- impact - analyze local changes to determine which hosts/roles to test. Default: false
- ssh_cmd_gen_template - Provide a command to run, whose stdout will be a
vanilla ssh command Taste Tester will invoke to access test nodes.
The command should be a template and will be passed the
following variables:
-
jumps
- any jumphost arguments supplied via -J option -
host
- the host to SSH to -
user
- the user to SSH as For example:ssh_gen %{jumps} --user %{user} %{host}
Default: nil
-
Plugin
The plugin should be a ruby file which defines several class methods. It is class_eval()d into a Hooks class.
The following functions can optionally be defined:
- self.pre_upload(dryrun, repo, last_ref, cur_ref)
Stuff to do before we upload anything to chef-zero. Repo
is a BetweenMeals::Repo
object. last_ref
is the last git ref we uploaded and cur_ref
is the git ref
the repo is currently at,
- self.post_upload(dryrun, repo, last_ref, cur_ref)
Stuff to do after we upload to chef-zero.
- self.pre_test(dryrun, repo, hosts)
Stuff to do before we put machines in test mode. hosts
is an array of
hostnames.
- self.test_remote_cmds(dryrun, hostname)
Additional commands to run on the remote host when putting it in test mode.
Should return an array of strings. hostname
is the hostname.
- self.test_remote_client_rb_extra_code(hostname)
Should return a string of additional code to include in the remote client.rb
.
Example uses: defining json_attribs
- self.post_test(dryrun, repo, hosts)
Stuff to do after putting all hosts in test mode.
- self.repo_checks(dryrun, repo)
Additional checks you want to do on the repo as sanity checks.
- self.find_impact(changes)
Custom implementation of impact analysis. Uses knife deps
by default. May
return any data structure, provided one or both of self.post_impact
or
self.print_impact
are defined.
- self.post_impact(basic_impact)
Stuff to do after preliminary impact analysis. May be used to extend the
information generated by self.find_impact
, reformat the data structure, etc.
- self.print_impact(final_impact)
Custom output of calculated impact, useful if defining either of the other impact hooks. Must return a truthy value to prevent the default output from printing.
- self.post_error(dryrun, exception, mode, hostname)
A hook which will be called just before taste-tester throws an exception/exits.
Passes down the exception
object and the mode
taste-tester was invoked with
for further analysis and doing any additional logging, output, or cleanup.
Plugin example
This is an example /etc/taste-tester-plugin.rb
to add a user-defined string
to client-taste-tester.rb
on the remote system:
Hooks.class_eval do
def self.test_remote_client_rb_extra_code(_hostname)
%(
# This comment gets added to client-taste-tester.rb
# This one too.
)
end
end
Be sure to pass this plugin file with -p
on the command line or set it as
plugin_path
in your taste-tester-config.rb
file.
License
See the LICENSE
file.