Merge branch 'main' into allow-bastion-server

lib/mrsk/commands/accessory.rb

@@ -1,5 +1,3 @@
-require "mrsk/commands/base"
-
 class Mrsk::Commands::Accessory < Mrsk::Commands::Base
   attr_reader :accessory_config
   delegate :service_name, :image, :host, :port, :files, :directories, :env_args, :volume_args, :label_args, to: :accessory_config
@@ -10,7 +8,7 @@ class Mrsk::Commands::Accessory < Mrsk::Commands::Base
   end
 
   def run
-    docker :run, 
+    docker :run,
       "--name", service_name,
       "-d",
       "--restart", "unless-stopped",
@@ -33,6 +31,7 @@ class Mrsk::Commands::Accessory < Mrsk::Commands::Base
     docker :ps, *service_filter
   end
 
+
   def logs(since: nil, lines: nil, grep: nil)
     pipe \
       docker(:logs, service_name, (" --since #{since}" if since), (" -n #{lines}" if lines), "-t", "2>&1"),
@@ -46,14 +45,15 @@ class Mrsk::Commands::Accessory < Mrsk::Commands::Base
     ).join(" ")
   end
 
-  def exec(*command, interactive: false)
+
+  def execute_in_existing_container(*command, interactive: false)
     docker :exec,
       ("-it" if interactive),
       service_name,
       *command
   end
 
-  def run_exec(*command, interactive: false)
+  def execute_in_new_container(*command, interactive: false)
     docker :run,
       ("-it" if interactive),
       "--rm",
@@ -63,17 +63,18 @@ class Mrsk::Commands::Accessory < Mrsk::Commands::Base
       *command
   end
 
+  def execute_in_existing_container_over_ssh(*command)
+    run_over_ssh execute_in_existing_container(*command, interactive: true).join(" ")
+  end
+
+  def execute_in_new_container_over_ssh(*command)
+    run_over_ssh execute_in_new_container(*command, interactive: true).join(" ")
+  end
+
   def run_over_ssh(command)
     super command, host: host
   end
 
-  def exec_over_ssh(*command)
-    run_over_ssh run_exec(*command, interactive: true).join(" ")
-  end
-
-  def bash
-    exec_over_ssh "bash"
-  end
 
   def ensure_local_file_present(local_file)
     if !local_file.is_a?(StringIO) && !Pathname.new(local_file).exist?

lib/mrsk/commands/app.rb

@@ -1,9 +1,4 @@
-require "mrsk/commands/base"
-require "mrsk/commands/concerns/repository"
-
 class Mrsk::Commands::App < Mrsk::Commands::Base
-  include Mrsk::Commands::Concerns::Repository
-
   def run(role: :web)
     role = config.role(role)
 
@@ -23,18 +18,15 @@ class Mrsk::Commands::App < Mrsk::Commands::Base
     docker :start, service_with_version
   end
 
-  def current_container_id
-    docker :ps, "-q", *service_filter
-  end
-
   def stop
-    pipe current_container_id, "xargs docker stop"
+    pipe current_container_id, xargs(docker(:stop))
   end
 
   def info
     docker :ps, *service_filter
   end
 
+
   def logs(since: nil, lines: nil, grep: nil)
     pipe \
       current_container_id,
@@ -42,28 +34,6 @@ class Mrsk::Commands::App < Mrsk::Commands::Base
       ("grep '#{grep}'" if grep)
   end
 
-  def exec(*command, interactive: false)
-    docker :exec,
-      ("-it" if interactive),
-      config.service_with_version,
-      *command
-  end
-
-  def run_exec(*command, interactive: false)
-    docker :run,
-      ("-it" if interactive),
-      "--rm",
-      *rails_master_key_arg,
-      *config.env_args,
-      *config.volume_args,
-      config.absolute_image,
-      *command
-  end
-
-  def exec_over_ssh(*command, host:)
-    run_over_ssh run_exec(*command, interactive: true).join(" "), host: host
-  end
-
   def follow_logs(host:, grep: nil)
     run_over_ssh pipe(
       current_container_id,
@@ -72,14 +42,57 @@ class Mrsk::Commands::App < Mrsk::Commands::Base
     ).join(" "), host: host
   end
 
-  def console(host:)
-    exec_over_ssh "bin/rails", "c", host: host
+
+  def execute_in_existing_container(*command, interactive: false)
+    docker :exec,
+      ("-it" if interactive),
+      config.service_with_version,
+      *command
   end
 
-  def bash(host:)
-    exec_over_ssh "bash", host: host
+  def execute_in_new_container(*command, interactive: false)
+    docker :run,
+      ("-it" if interactive),
+      "--rm",
+      *rails_master_key_arg,
+      *config.env_args,
+      *config.volume_args,
+      config.absolute_image,
+      *command
   end
 
+  def execute_in_existing_container_over_ssh(*command, host:)
+    run_over_ssh execute_in_existing_container(*command, interactive: true).join(" "), host: host
+  end
+
+  def execute_in_new_container_over_ssh(*command, host:)
+    run_over_ssh execute_in_new_container(*command, interactive: true).join(" "), host: host
+  end
+
+
+  def current_container_id
+    docker :ps, "-q", *service_filter
+  end
+
+  def container_id_for(container_name:)
+    docker :container, :ls, "-a", "-f", "name=#{container_name}", "-q"
+  end
+
+  def current_running_version
+    # FIXME: Find more graceful way to extract the version from "app-version" than using sed and tail!
+    pipe \
+      docker(:ps, "--filter", "label=service=#{config.service}", "--format", '"{{.Names}}"'),
+      %(sed 's/-/\\n/g'),
+      "tail -n 1"
+  end
+
+  def most_recent_version_from_available_images
+    pipe \
+      docker(:image, :ls, "--format", '"{{.Tag}}"', config.repository),
+      "head -n 1"
+  end
+
+
   def list_containers
     docker :container, :ls, "-a", *service_filter
   end
@@ -87,7 +100,7 @@ class Mrsk::Commands::App < Mrsk::Commands::Base
   def remove_container(version:)
     pipe \
       container_id_for(container_name: service_with_version(version)),
-      docker(:container, :rm)
+      xargs(docker(:container, :rm))
   end
 
   def remove_containers
@@ -102,6 +115,7 @@ class Mrsk::Commands::App < Mrsk::Commands::Base
     docker :image, :prune, "-a", "-f", *service_filter
   end
 
+
   private
     def service_with_version(version = nil)
       if version

lib/mrsk/commands/auditor.rb

@@ -0,0 +1,34 @@
+require "active_support/core_ext/time/conversions"
+
+class Mrsk::Commands::Auditor < Mrsk::Commands::Base
+  def record(line)
+    append \
+      [ :echo, tagged_line(line) ],
+      audit_log_file
+  end
+
+  def reveal
+    [ :tail, "-n", 50, audit_log_file ]
+  end
+
+  private
+    def audit_log_file
+      "mrsk-#{config.service}-audit.log"
+    end
+
+    def tagged_line(line)
+      "'#{tags} #{line}'"
+    end
+
+    def tags
+      "[#{timestamp}] [#{performer}]"
+    end
+
+    def performer
+      `whoami`.strip
+    end
+
+    def timestamp
+      Time.now.to_fs(:db)
+    end
+end

lib/mrsk/commands/base.rb

@@ -34,6 +34,14 @@ module Mrsk::Commands
         combine *commands, by: "|"
       end
 
+      def append(*commands)
+        combine *commands, by: ">>"
+      end
+
+      def xargs(command)
+        [ :xargs, command ].flatten
+      end
+
       def docker(*args)
         args.compact.unshift :docker
       end

lib/mrsk/commands/builder.rb

@@ -1,5 +1,3 @@
-require "mrsk/commands/base"
-
 class Mrsk::Commands::Builder < Mrsk::Commands::Base
   delegate :create, :remove, :push, :pull, :info, to: :target
 
@@ -36,8 +34,3 @@ class Mrsk::Commands::Builder < Mrsk::Commands::Base
     @multiarch_remote ||= Mrsk::Commands::Builder::Multiarch::Remote.new(config)
   end
 end
-
-require "mrsk/commands/builder/native"
-require "mrsk/commands/builder/native/remote"
-require "mrsk/commands/builder/multiarch"
-require "mrsk/commands/builder/multiarch/remote"

lib/mrsk/commands/builder/base.rb

@@ -1,5 +1,3 @@
-require "mrsk/commands/base"
-
 class Mrsk::Commands::Builder::Base < Mrsk::Commands::Base
   delegate :argumentize, to: Mrsk::Utils
 

lib/mrsk/commands/builder/multiarch.rb

@@ -1,5 +1,3 @@
-require "mrsk/commands/builder/base"
-
 class Mrsk::Commands::Builder::Multiarch < Mrsk::Commands::Builder::Base
   def create
     docker :buildx, :create, "--use", "--name", builder_name

lib/mrsk/commands/builder/multiarch/remote.rb

@@ -1,5 +1,3 @@
-require "mrsk/commands/builder/multiarch"
-
 class Mrsk::Commands::Builder::Multiarch::Remote < Mrsk::Commands::Builder::Multiarch
   def create
     combine \

lib/mrsk/commands/builder/native.rb

@@ -1,5 +1,3 @@
-require "mrsk/commands/builder/base"
-
 class Mrsk::Commands::Builder::Native < Mrsk::Commands::Builder::Base
   def create
     # No-op on native

lib/mrsk/commands/builder/native/remote.rb

@@ -1,5 +1,3 @@
-require "mrsk/commands/builder/native"
-
 class Mrsk::Commands::Builder::Native::Remote < Mrsk::Commands::Builder::Native
   def create
     chain \

lib/mrsk/commands/concerns/repository.rb

@@ -1,21 +0,0 @@
-module Mrsk::Commands::Concerns
-  module Repository
-    def container_id_for(container_name:)
-      docker :container, :ls, "-a", "-f", "name=#{container_name}", "-q"
-    end
-
-    def current_running_version
-      # FIXME: Find more graceful way to extract the version from "app-version" than using sed and tail!
-      pipe \
-        docker(:ps, "--filter", "label=service=#{config.service}", "--format", '"{{.Names}}"'),
-        "sed 's/-/\n/g'",
-        "tail -n 1"
-    end
-
-    def most_recent_version_from_available_images
-      pipe \
-        docker(:image, :ls, "--format", '"{{.Tag}}"', config.repository),
-        "head -n 1"
-    end
-  end
-end

lib/mrsk/commands/prune.rb

@@ -1,4 +1,3 @@
-require "mrsk/commands/base"
 require "active_support/duration"
 require "active_support/core_ext/numeric/time"
 

lib/mrsk/commands/registry.rb

@@ -1,5 +1,3 @@
-require "mrsk/commands/base"
-
 class Mrsk::Commands::Registry < Mrsk::Commands::Base
   delegate :registry, to: :config
 

lib/mrsk/commands/traefik.rb

@@ -1,5 +1,3 @@
-require "mrsk/commands/base"
-
 class Mrsk::Commands::Traefik < Mrsk::Commands::Base
   def run
     docker :run, "--name traefik",