Add support for running hooks with sudo

[bw-intuit]

Code Deploy,

This PR is meant to open a conversation around adding support for running hooks with sudo. We have a requirement to run commands as sudo to provide additional logs to our operation center. There is also a secondary to desire to run the code deploy agent as a non-root user (if possible).

You can add now add sudo to hooks to have them executed with sudo:

version: 0.0
os: linux
files:
  - source: /index.html
    destination: /var/www/html/
hooks:
  BeforeInstall:
    - location: scripts/install_dependencies
      timeout: 300
      runas: root
      sudo: true
    - location: scripts/start_server
      timeout: 300
      runas: root
      sudo: true
  ApplicationStop:
    - location: scripts/stop_server
      timeout: 300
      runas: root
      sudo: true

This has also been tested to allow for running the code deploy agent as a non root user (#5) on RHEL 7 via the following process:

useradd deploy
yum install ruby
aws s3 cp s3://aws-codedeploy-us-west-2/latest/codedeploy-agent.noarch.rpm . --region us-west-2
rpm -ivh codedeploy-agent.noarch.rpm
chown -R deploy:deploy /var/log/aws/codedeploy-agent /opt/codedeploy-agent
chmod 755 /var/log/aws
/etc/init.d/codedeploy-agent restart

Please provide feedback / guidance on the approach and appropriateness of this change.

[bw-intuit]

FYI, not ready to merge, once I receive feedback on the approach I will clean up the code and fix / add the appropriate tests.

cc @amartyag / @Suryanarayanan

[bw-intuit]

ping @amartyag @Suryanarayanan

[yubangxi]

Shouldn't here be:
if(script.runas.nil? && !script.sudo.nil?)

[bw-intuit]

@yubangxi that looks correct, I will verify and update.

[yubangxi]

Thanks for the PR.
Looks like some tests are failing. Can you take a look?

[bw-intuit]

@yubangxi thanks for reviewing. If you are supportive of the approach I will clean it up and ensure all tests are passing.

[yubangxi]

@brettweavnet-intuit I just did the review, the code change overall looks good to me. I will need to talk with the team about how we want to support this feature. I will post a update here soon.

Thanks!

[bw-intuit]

@yubangxi Thanks, please let me know if you will support this feature. I will update the tests in preparation.

[bw-intuit]

@yubangxi I've updated the tests and fixed the bug. Please let me know once you have discussed the changes with the team.

[surybala]

This uses systemctl to run start, stop, restart commands. systemctl doesn't stop the agent for the first time when you issue the stop command. This seems to be happening only on RHEL boxes. Could you please address this issue before we could release the changes?
Thanks.

[ccloes]

Since this is already merged, I will add a new PR with logic to check for RHEL 7. Will that suffice?

[feverLu]

Yes, it should be fine to do so. Thanks a lot!