Added users recipes

README.md

@@ -22,8 +22,59 @@ Optional:
 - Install gnome gui and set keyboard shortcuts
 
 ## Attributes
+- `default['users']`: This is used for a lot of different things, defaults to `['php']`
+  - If you include the optional users recipe these users will be created and added to the ühp group
+  - If the gnome recipe is included it is used to setup keyboard shortcuts
 
-### Users
- There is the `default['users'] = []` attribute that is used by different resources e.g. for setting keyboard shortcuts etc. The purpose for this is to have
- multiple resources to configure the users the same way. You don't have to set this but it provides an easy way to just set an attribute and have users configured
- without addtional cookbooks.
+### users_from_data_bag
+
+Used in the optional users_from_data_bag recipe:
+- `default['codenamephp']['workstation_php']['users_from_data_bag']['data_bag_name']`: The name of the databag to get the users from, defaults to `'users'`
+- `default['codenamephp']['workstation_php']['users_from_data_bag']['groups']`: The groups to find the users that will be managed. Defaults to `%w(php docker sudo sysadmin)`
+
+### users
+Used in the optional users cookbook:
+
+The recipe checks for a specific path within the attributes that corresponds to the values of `default['users']` to copy ssh keys and manage git configs.
+There is a default set for the default 'chef' user:
+
+- `default['codenamephp']['workstation_php']['ssh_keys']['local_copy']['php']['private_key_source']`: `'/var/workspace/id_rsa'`
+- `default['codenamephp']['workstation_php']['git_client']['php']['config'] = {}`
+
+## Recipes
+
+These are the recipes that are not included in the default recipe and can be used to "customize" the chef run.
+The default recipe sets up everything else by including the recipes not listed here. Most notably, users and gui are optional.
+
+### Gnome
+Installs the gnome desktop and sets serveral settings and keyboard shortcuts
+
+### Creating users
+There are several ways to create users. These should be included before the default recipe so the users are already set up when the other tools are installed.
+If you don't use one of those recipes make sure to create the users yourself since you might run into problems when the recipes try to setup tools that are bound to a user (like vscode)
+
+#### Users
+The users recipe is very very simple user setup. It just creates all users in the `default['users']` attribute with a home directory and an empty password and add them to the chef group.
+
+It checks for a specific path within the attributes that corresponds to the values of `default['users']` to copy ssh keys.
+There is a default set for the default 'php' user:
+
+- `default['codenamephp']['workstation_php']['ssh_keys']['local_copy']['php']['private_key_source']`: `'/var/workspace/id_rsa'`
+
+You can change this value or add additional attributes for additional users. If you need anything more sophisticated you should provide your own logic in a wrapper cookbook.
+
+It also manages the git config for the set users. By default it's empty but you can set this the same way as attributes:
+
+- `default['codenamephp']['workstation_php']['git_client']['php']['config'] = {}`
+
+#### Users From Data Bag
+A more sophisticated method of creating users. It looks for a databag with the name in `default['codenamephp']['workstation_php']['users_from_data_bag']['data_bag_name']`
+and adds all users that have one the groups from `default['codenamephp']['workstation_php']['users_from_data_bag']['groups']`.
+
+Note that the `default['users']` attribute is still important since this is used to setup things like gnome keyboard shortcuts The databag is just for the
+creation of the users so yous hould try to match them (for now).
+
+Also any users according to the [codenamephp_git_client_config_users_from_data_bag resource][codenamephp_git_client_config_users_from_data_bag_url] are managed as well.
+
+[user_cookbook_url]: https://supermarket.chef.io/cookbooks/user
+[codenamephp_git_client_config_users_from_data_bag_url]: https://github.com/codenamephp/chef.cookbook.gitClient#config_users_from_data_bag

attributes/default.rb

@@ -1 +1,5 @@
-default['users'] = []
+default['users'] = ['php']
+default['codenamephp']['workstation_php']['users_from_data_bag']['data_bag_name'] = 'users'
+default['codenamephp']['workstation_php']['users_from_data_bag']['groups'] = %w(php docker sudo sysadmin)
+default['codenamephp']['workstation_php']['ssh_keys']['local_copy']['php']['private_key_source'] = '/var/workspace/id_rsa'
+default['codenamephp']['workstation_php']['git_client']['php']['config'] = {}

kitchen.yml

@@ -14,17 +14,42 @@ platforms:
 
 suites:
   - name: default
+    lifecycle:
+      pre_converge:
+        - remote: |
+            /bin/bash -c "mkdir --parents /var/workspace && \
+            echo -n 'my private key' > /var/workspace/id_rsa && \
+            echo -n 'my public key' > /var/workspace/id_rsa.pub"
     run_list:
+      - recipe[codenamephp_workstation_php::users]
       - recipe[codenamephp_workstation_php]
+      - recipe[codenamephp_workstation_php::gnome]
     verifier:
       inspec_tests:
         - test/integration/default
-    attributes:
-  - name: with-gnome
+        - test/integration/users
+    attributes: {
+      "codenamephp": {
+        "workstation_php": {
+          "git_client": {
+            "php": {
+              "config": {
+                "user.name": "I am php",
+                "user.email": "php@test.de"
+              }
+            }
+          }
+        }
+      }
+    }
+  - name: users-from-data-bag
+    data_bags_path: "test/integration/data_bags"
     run_list:
-      - recipe[codenamephp_workstation_php]
+      - recipe[codenamephp_workstation_php::users_from_data_bag]
+      - recipe[codenamephp_workstation_php::default]
       - recipe[codenamephp_workstation_php::gnome]
     verifier:
       inspec_tests:
         - test/integration/default
-    attributes:
+        - test/integration/users_from_data_bag
+    attributes: { users: ["user1", "user3"] }

metadata.rb

@@ -18,3 +18,5 @@
 depends 'codenamephp_git_client', '~> 1.0'
 depends 'codenamephp_gnome', '~> 1.0'
 depends 'codenamephp_keyboard_layout', '~> 1.0'
+depends 'codenamephp_ssh_keys', '~> 1.0'
+depends 'codenamephp_users', '~> 1.0'

recipes/users.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+#
+# Cookbook:: codenamephp_workstation_php
+# Recipe:: users
+#
+# Copyright:: 2020, CodenamePHP
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+include_recipe '::git'
+
+group 'php'
+
+node['users'].each do |username|
+  user username do
+    group 'php'
+    manage_home true
+    shell '/bin/bash'
+  end
+
+  codenamephp_ssh_keys_local_copy "Copy ssh keys for #{username}" do
+    user username
+    private_key_source node.dig(:codenamephp, :workstation_php, :ssh_keys, :local_copy, username, :private_key_source)
+    only_if { node.dig(:codenamephp, :workstation_php, :ssh_keys, :local_copy, username, :private_key_source).is_a? String }
+  end
+
+  codenamephp_git_client_config_user "Set configs for #{username}" do
+    user username
+    configs lazy { node.dig(:codenamephp, :workstation_php, :git_client, username, :config) || {} }
+    only_if do
+      configs = node.dig(:codenamephp, :workstation_php, :git_client, username, :config)
+      configs.is_a?(Hash) && !configs.empty?
+    end
+  end
+end

recipes/users_from_data_bag.rb

@@ -0,0 +1,12 @@
+include_recipe '::git'
+
+codenamephp_users_from_data_bag 'Create users' do
+  data_bag_name node.dig(:codenamephp, :workstation_php, :users_from_data_bag, :data_bag_name)
+  groups node.dig(:codenamephp, :workstation_php, :users_from_data_bag, :groups)
+  only_if do
+    groups = node.dig(:codenamephp, :workstation_php, :users_from_data_bag, :groups)
+    node.dig(:codenamephp, :workstation_php, :users_from_data_bag, :data_bag_name).is_a?(String) && groups.is_a?(::Array) && !groups.empty?
+  end
+end
+
+codenamephp_git_client_config_users_from_data_bag 'Manage git users'

spec/unit/recipes/users_from_data_bag_spec.rb

@@ -0,0 +1,54 @@
+# frozen_string_literal: true
+
+#
+# Cookbook:: codenamephp_workstation_php
+# Spec:: users_from_data_bag
+#
+# Copyright:: 2020, CodenamePHP
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'spec_helper'
+
+describe 'codenamephp_workstation_php::users_from_data_bag' do
+  context 'When all attributes are default' do
+    it 'converges successfully' do
+      expect { chef_run }.to_not raise_error
+    end
+
+    it 'creates chef users from databag' do
+      expect(chef_run).to create_codenamephp_users_from_data_bag('Create users').with(
+        data_bag_name: 'users',
+        groups: %w(php docker sudo sysadmin)
+      )
+    end
+
+    it 'managers git users from data bag' do
+      expect(chef_run).to include_recipe('codenamephp_workstation_php::git')
+
+      expect(chef_run).to manage_codenamephp_git_client_config_users_from_data_bag('Manage git users')
+    end
+  end
+
+  context 'With custom users attributes' do
+    override_attributes['codenamephp']['workstation_php']['users_from_data_bag']['data_bag_name'] = 'some databag'
+    override_attributes['codenamephp']['workstation_php']['users_from_data_bag']['groups'] = %w(some groups)
+
+    it 'Creates all users' do
+      expect(chef_run).to create_codenamephp_users_from_data_bag('Create users').with(
+        data_bag_name: 'some databag',
+        groups: %w(some groups)
+      )
+    end
+  end
+end

spec/unit/recipes/users_spec.rb

@@ -0,0 +1,87 @@
+# frozen_string_literal: true
+
+#
+# Cookbook:: codenamephp_workstation_php
+# Spec:: users
+#
+# Copyright:: 2020, CodenamePHP
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'spec_helper'
+
+describe 'codenamephp_workstation_php::users' do
+  context 'When all attributes are default' do
+    it 'converges successfully' do
+      expect { chef_run }.to_not raise_error
+    end
+
+    it 'creates teh chef group' do
+      expect(chef_run).to create_group('php')
+    end
+
+    it 'creates the chef user' do
+      expect(chef_run).to create_user('php').with(
+        group: 'php',
+        manage_home: true
+      )
+    end
+
+    it 'copies the ssh key' do
+      expect(chef_run).to install_codenamephp_ssh_keys_local_copy('Copy ssh keys for php').with(
+        user: 'php',
+        private_key_source: '/var/workspace/id_rsa'
+      )
+    end
+
+    it 'will not try to config git' do
+      expect(chef_run).to_not set_codenamephp_git_client_config_user('Set configs for php')
+    end
+  end
+
+  context 'With custom users attributes' do
+    override_attributes['users'] = %w(user1 user2)
+    override_attributes['codenamephp']['workstation_php']['ssh_keys']['local_copy']['user1']['private_key_source'] = '/some/private/key'
+    override_attributes['codenamephp']['workstation_php']['git_client']['user1']['config'] = { 'user.name' => 'User 1', 'user.email' => 'user1@test.de' }
+
+    it 'includes git recipe' do
+      expect(chef_run).to include_recipe('codenamephp_workstation_php::git')
+    end
+
+    it 'Creates all users' do
+      expect(chef_run).to create_user('user1').with(
+        group: 'php',
+        manage_home: true
+      )
+
+      expect(chef_run).to create_user('user2').with(
+        group: 'php',
+        manage_home: true
+      )
+    end
+
+    it 'copies the ssh key for user1 and not user2' do
+      expect(chef_run).to install_codenamephp_ssh_keys_local_copy('Copy ssh keys for user1').with(
+        user: 'user1',
+        private_key_source: '/some/private/key'
+      )
+
+      expect(chef_run).to_not install_codenamephp_ssh_keys_local_copy('Copy ssh keys for user2')
+    end
+
+    it 'will config git for user1 but not user2' do
+      expect(chef_run).to set_codenamephp_git_client_config_user('Set configs for user1').with(user: 'user1', configs: { 'user.name' => 'User 1', 'user.email' => 'user1@test.de' })
+      expect(chef_run).to_not set_codenamephp_git_client_config_user('Set configs for user2')
+    end
+  end
+end

test/integration/data_bags/users/user1.json

@@ -0,0 +1,19 @@
+{
+  "id": "user1",
+  "groups": [
+    "php",
+    "docker",
+    "sudo",
+    "sysadmin"
+  ],
+  "shell": "/bin/bash",
+  "manage_home": true,
+  "codenamephp": {
+    "git_client": {
+      "config": {
+        "user.name": "User 1",
+        "user.email": "user1@test.de"
+      }
+    }
+  }
+}

test/integration/data_bags/users/user2.json

@@ -0,0 +1,14 @@
+{
+  "id": "user2",
+  "groups": [
+    "not-php"
+  ],
+  "codenamephp": {
+    "git_client": {
+      "config": {
+        "user.name": "User 2",
+        "user.email": "user2@test.de"
+      }
+    }
+  }
+}

test/integration/data_bags/users/user3.json

@@ -0,0 +1,16 @@
+{
+  "id": "user3",
+  "groups": [
+    "php"
+  ],
+  "shell": "/bin/bash",
+  "manage_home": true,
+  "codenamephp": {
+    "git_client": {
+      "config": {
+        "user.name": "User 3",
+        "user.email": "user3@test.de"
+      }
+    }
+  }
+}