Python cli_hash Beispiele

Beispiel #1

def env(client, paths, opt):
    """Renders a shell snippet based on paths in a Secretfile"""
    old_prefix = False
    old_prefix = opt.prefix and not (opt.add_prefix or opt.add_suffix
                                     or not opt.merge_path)
    if old_prefix:
        LOG.warning("the prefix option is deprecated but being used "
                    "due to not passing in new options")
    elif opt.prefix:
        LOG.warning("the prefix option is deprecated but not being "
                    "used due to passing in new options")
    key_map = cli_hash(opt.key_map)
    for path in paths:
        secrets = client.read(path)
        if secrets and 'data' in secrets:
            if is_aws(secrets['data']):
                renew_secret(client, secrets, opt)

            for s_key, s_val in secrets['data'].items():
                o_key = s_key
                if s_key in key_map:
                    o_key = key_map[s_key]

                # see https://github.com/Autodesk/aomi/issues/40
                env_name = None
                if old_prefix:
                    env_name = ("%s_%s" % (opt.prefix, o_key)).upper()
                else:
                    env_name = secret_key_name(path, o_key, opt).upper()

                print("%s=\"%s\"" % (env_name, s_val))
                if opt.export:
                    print("export %s" % env_name)

Beispiel #2

Datei: seed.py Projekt: jpasko1/aomi

def seed_aws_roles(client, mount, roles, opt):
    """Handles the seeding of roles associated with an AWS account"""
    for role in roles:
        aomi.validation.aws_role_obj(role)

        role_path = "%s/roles/%s" % (mount, role['name'])
        if role.get('state', 'present') == 'present':
            if 'policy' in role:
                role_file = hard_path(role['policy'], opt.policies)
                role_template_obj = role.get('vars', {})
                cli_obj = merge_dicts(load_var_files(opt),
                                      cli_hash(opt.extra_vars))
                obj = merge_dicts(role_template_obj, cli_obj)
                data = render(role_file, obj)
                log(
                    'writing inline role %s from %s' %
                    (role['name'], role_file), opt)
                write(client, role_path, {'policy': data}, opt)
            elif 'arn' in role:
                log('writing role %s for %s' % (role['name'], role['arn']),
                    opt)
                write(client, role_path, {'arn': role['arn']}, opt)
        else:
            log('removing role %s' % role['name'], opt)
            delete(client, role_path, opt)

Beispiel #3

Datei: render.py Projekt: Autodesk/aomi

def template(client, src, dest, paths, opt):
    """Writes a template using variables from a vault path"""
    key_map = cli_hash(opt.key_map)
    obj = {}
    for path in paths:
        response = client.read(path)
        if not response:
            raise aomi.exceptions.VaultData("Unable to retrieve %s" % path)
        if is_aws(response['data']) and 'sts' not in path:
            renew_secret(client, response, opt)

        for s_k, s_v in response['data'].items():
            o_key = s_k
            if s_k in key_map:
                o_key = key_map[s_k]

            k_name = secret_key_name(path, o_key, opt) \
                .lower() \
                .replace('-', '_')
            obj[k_name] = s_v

    template_obj = blend_vars(obj, opt)
    output = render(grok_template_file(src),
                    template_obj)
    write_raw_file(output, abspath(dest))

Beispiel #4

 def __init__(self, obj, opt):
     super(Policy, self).__init__(obj, opt)
     self.path = obj['name']
     if self.present:
         self.filename = hard_path(obj['file'], opt.policies)
         cli_obj = merge_dicts(load_var_files(opt),
                               cli_hash(opt.extra_vars))
         self._obj = merge_dicts(cli_obj, obj.get('vars', {}))

Beispiel #5

def blend_vars(secrets, opt):
    """Blends secret and static variables together"""
    extra_obj = merge_dicts(load_var_files(opt), cli_hash(opt.extra_vars))
    merged = merge_dicts(extra_obj, secrets)
    template_obj = dict((k, v) for k, v in iteritems(merged) if v)
    # give templates something to iterate over
    template_obj['aomi_items'] = template_obj.copy()
    return template_obj

Beispiel #6

Datei: template.py Projekt: otakup0pe/aomi

def load_vars(opt):
    """Loads variable from cli and var files, passing in cli options
    as a seed (although they can be overwritten!).
    Note, turn this into an object so it's a nicer "cache"."""
    if not hasattr(opt, '_vars_cache'):
        cli_opts = cli_hash(opt.extra_vars)
        setattr(opt, '_vars_cache',
                merge_dicts(load_var_files(opt, cli_opts), cli_opts))

    return getattr(opt, '_vars_cache')

Beispiel #7

Datei: aws.py Projekt: wattdave/aomi

    def obj(self):
        s_obj = {}
        if 'policy' in self._obj:
            role_template_obj = self._obj.get('vars', {})
            cli_obj = merge_dicts(load_var_files(self.opt),
                                  cli_hash(self.opt.extra_vars))
            template_obj = merge_dicts(role_template_obj, cli_obj)
            s_obj = {'policy': render(self._obj['policy'], template_obj)}
        elif 'arn' in self._obj:
            s_obj = {'arn': self._obj['arn']}

        return s_obj

Beispiel #8

def template(client, src, dest, paths, opt):
    """Writes a template using variables from a vault path"""
    key_map = cli_hash(opt.key_map)
    obj = {}
    for path in paths:
        response = client.read(path)
        if is_aws(response['data']):
            renew_secret(client, response, opt)

        for s_k, s_v in response['data'].items():
            o_key = s_k
            if s_k in key_map:
                o_key = key_map[s_k]

            k_name = secret_key_name(path, o_key, opt) \
                .lower() \
                .replace('-', '_')
            obj[k_name] = s_v

    template_obj = blend_vars(obj, opt)
    output = render(grok_template_file(src), template_obj)
    open(abspath(dest), 'w').write(output)

Beispiel #9

Datei: render.py Projekt: Autodesk/aomi

def env(client, paths, opt):
    """Renders a shell snippet based on paths in a Secretfile"""
    old_prefix = False
    old_prefix = opt.prefix and not (opt.add_prefix or
                                     opt.add_suffix or
                                     not opt.merge_path)
    if old_prefix:
        LOG.warning("the prefix option is deprecated "
                    "please use"
                    "--no-merge-path --add-prefix $OLDPREFIX_ instead")
    elif opt.prefix:
        LOG.warning("the prefix option is deprecated"
                    "please use"
                    "--no-merge-path --add-prefix $OLDPREFIX_ instead")
    key_map = cli_hash(opt.key_map)
    for path in paths:
        secrets = client.read(path)
        if secrets and 'data' in secrets:
            if is_aws(secrets['data']) and 'sts' not in path:
                renew_secret(client, secrets, opt)

            for s_key, s_val in secrets['data'].items():
                o_key = s_key
                if s_key in key_map:
                    o_key = key_map[s_key]

                # see https://github.com/Autodesk/aomi/issues/40
                env_name = None
                if old_prefix:
                    env_name = ("%s_%s" % (opt.prefix, o_key)).upper()
                else:
                    env_name = secret_key_name(path, o_key, opt).upper()

                print("%s=\"%s\"" % (env_name, s_val))
                if opt.export:
                    print("export %s" % env_name)

Beispiel #10

def template(client, src, dest, paths, opt):
    """Writes a template using variables from a vault path"""
    key_map = cli_hash(opt.key_map)
    obj = {}
    for path in paths:
        response = client.read(path)
        if not response:
            raise aomi.exceptions.VaultData("Unable to retrieve %s" % path)
        if is_aws(response['data']) and 'sts' not in path:
            renew_secret(client, response, opt)

        for s_k, s_v in response['data'].items():
            o_key = s_k
            if s_k in key_map:
                o_key = key_map[s_k]

            k_name = secret_key_name(path, o_key, opt) \
                .lower() \
                .replace('-', '_')
            obj[k_name] = s_v

    template_obj = blend_vars(obj, opt)
    output = render(grok_template_file(src), template_obj)
    write_raw_file(output, abspath(dest))

Beispiel #11

Datei: seed.py Projekt: jpasko1/aomi

def policy_data(file_name, policy_vars, opt):
    """Returns the rendered policy"""
    policy_path = hard_path(file_name, opt.policies)
    cli_obj = merge_dicts(load_var_files(opt), cli_hash(opt.extra_vars))
    obj = merge_dicts(policy_vars, cli_obj)
    return render(policy_path, obj)

Beispiel #12

def get_secretfile(opt):
    """Renders, YAMLs, and returns the Secretfile construct"""
    secretfile_path = abspath(opt.secretfile)
    obj = merge_dicts(load_var_files(opt),
                      cli_hash(opt.extra_vars))
    return yaml.safe_load(render(secretfile_path, obj))