Install fabfile with riaps-pycom

[jeholliday]

These changes cause the fabfile to be installed to /usr/local/riaps/fabfile with riaps-pycom-amd64. Additionally, the riaps_hosts.py configuration has been merged into riaps.conf. A ~/.fabricrc file can then be created which defines fabfile = /usr/local/riaps/fabfile. This will cause fab to automatically select the RIAPS fabfile from any directory.

[MMetelko]

Install location seems fine. Would like to make sure we have agreement on utilizing the riaps.conf file for the fabfile host configuration setup. Added Gabor as reviewer.

[gkarsai]

Does this mean that this is the ONLY fabfile a user can use if logged in with the 'riaps' username? Or, they can still use their own fabfile for specific tasks by issuing the fab commands in the directory where their custom fabfile is located?

[jeholliday]

I would think that they would have designed the flags, so that indicating a fabfile location in the command would override any default. However, I tested this and this is not the case. If we want to preserve the ability to use any fabfile, I think that we should implement a command alias. I tried adding alias riaps="fab -f /usr/local/riaps/fabfile" to my .bashrc . This test worked well. I'm not sure what we want the alias to be (i.e. riaps_fab, rfab, riaps, etc.).

I added the hosts configuration to riaps.conf, so that there wouldn't have to be another config file. However, this does mean that BBBs would have the same config option, where it doesn't make much sense. I could change it to be just riaps-hosts.conf. I also wasn't sure what format to use for the configuration, so I made the configparser module work for comma separated host names.

[gkarsai]

Let's not make this more complicated than it should be., I suggest developing a Python script: riaps_fab [-h hostfile] command that runs the fab script. This script should be installed in a standard location (like riaps_ctrl, riaps_deplo, etc.) . The host file argument is the name of a Python file that gets imported and sets up the env,hosts, it defaults to ./riaps_hosts.py . The command argument gets passed to the actual fab script, which should be installed in the standard riaps/Python locations (under /usr/local/lib/python3.6/dist-packages/...) For this, I don't mind moving the entire fab script into the riaps-pycom/src/riaps/.... subtree.

[MMetelko]

While we are integrating fabfile with pycom, should we consider having the __init___.py file import and use constants setup by pycom? The username is available in etc/riaps.conf.

Here is what is in __init__.py

# Standard riaps setup
env.password = 'riaps'
env.user = 'riaps'
env.sudo_password = 'riaps'

Or better yet, make it passwordless by using the keys indicated in consts/defs.py. This would allow all RIAPS platform activity to use the same access to the BBBs. We could then add a command for updating the BBB keys using the fabfile instead of using a shell script, which needs updating anyway for the security release. Found the following on using keys with fabric.

Note: If we add this key update to fabric, the existing updateKey() should be renamed to updateAptKey.

[gkarsai]

We must not store passwords in files, we should switch to passwordless approach, i.e. keys.

[jeholliday]

As long as riaps:riaps is the default login for the BBBs and SSH login with password is enabled, I think that this should remain in the fabfile because it will make the initial configuration easier. I added the line to automatically pull the RSA key from defs.py. I also added riaps.updateKey to rekey BBBs.

[MMetelko]

• Moved fabfile into riaps package.
• Added a riaps_fab script that will call into this fabfile. User now runs riaps_fab <command> -H <hosts>, where the host list is optional
• Security rekey command will be updated in 'develop' branch once this pull request is complete (so leaving current function alone for now)

[MMetelko]

Also tested that user can have their own fabfile in /home/riaps and it does not interfere with the riaps_fab set of fabric commands (or vice versa).