def test_get_credentials(self):
creds = get_credentials(
) # botocore should discover these from os.environ
self.assertEqual(creds['aws_access_key'], 'test-AWS_ACCESS_KEY_ID')
self.assertEqual(creds['aws_secret_access_key'],
'test-AWS_SECRET_ACCESS_KEY')
self.assertEqual(creds['aws_token'], 'test-AWS_SESSION_TOKEN')
def elasticsearch_client():
kwargs = {
'host': ES_HOST,
'port': ES_PORT,
}
if ES_SSL:
kwargs.update({
'use_ssl': True,
'ca_certs': certifi.where(),
})
if ES_SIGNING:
kwargs.update({
'connection_class':
RequestsHttpConnection,
'http_auth':
AWSRequestsAuth(aws_host=ES_HOST,
aws_region=ES_REGION,
aws_service='es',
**boto_utils.get_credentials()),
})
return Elasticsearch(**kwargs)
def _lazy_haystack_setup():
from django.conf import settings
es_url = '%s%s' % (settings.ES_PROTOCOL, settings.ES_HOST)
if settings.AWS_ES_SIGN_REQUESTS:
from aws_requests_auth.aws_auth import AWSRequestsAuth
from elasticsearch import RequestsHttpConnection
auth = AWSRequestsAuth(
aws_host=settings.ES_HOST,
aws_region=config('AWS_ES_REGION', default=''),
aws_service='es',
**boto_utils.get_credentials()
)
haystack_connections = {
'default': {
'ENGINE': 'haystack.backends.elasticsearch_backend.ElasticsearchSearchEngine',
'URL': es_url,
'INDEX_NAME': config('ES_INDEX_NAME', default='mozillians_haystack'),
'KWARGS': {
'http_auth': auth,
'connection_class': RequestsHttpConnection,
}
}
}
else:
haystack_connections = {
'default': {
'ENGINE': 'haystack.backends.elasticsearch_backend.ElasticsearchSearchEngine',
'URL': es_url,
'INDEX_NAME': config('ES_INDEX_NAME', default='mozillians_haystack')
}
}
return haystack_connections
def init_elasticsearch():
auth = AWSRequestsAuth(
aws_host=current_app.config["AWS_ELASTICSEARCH_HOST"],
aws_region=current_app.config["AWS_ELASTICSEARCH_REGION"],
aws_service="es",
**boto_utils.get_credentials())
return Elasticsearch(host=current_app.config["AWS_ELASTICSEARCH_HOST"],
port=current_app.config["AWS_ELASTICSEARCH_PORT"],
connection_class=RequestsHttpConnection,
http_auth=auth)
def get_aws_auth(url):
api_gateway_netloc = urlparse.urlparse(url).netloc
api_gateway_region = re.match(
r"[a-z0-9]+\.execute-api\.(.+)\.amazonaws\.com",
api_gateway_netloc).group(1)
return AWSRequestsAuth(aws_host=api_gateway_netloc,
aws_region=api_gateway_region,
aws_service='execute-api',
**boto_utils.get_credentials())
def get_aws_auth(url):
api_gateway_netloc = urlparse.urlparse(url).netloc
api_gateway_region = re.match(
r"[a-z0-9]+\.execute-api\.(.+)\.amazonaws\.com",
api_gateway_netloc
).group(1)
return AWSRequestsAuth(
aws_host=api_gateway_netloc,
aws_region=api_gateway_region,
aws_service='execute-api',
**boto_utils.get_credentials()
)
def __init__(self):
log.info("Initializing incidents manager ...")
# Slack
self.slack_channel = config['slack']['channel']
self.slack = Slacker(config['slack']['self']['token'])
self.slack_self_user = config['slack']['self']
self.slack_fake_user = Slacker(config['slack']['fake_user']['token'])
self.apiai_user = self.slack_fake_user.users.info(
user=config['slack']['apiai_user']['id']).body['user']
# FIXME SMTP
# Elasticsearch
log.info("Connecting to Elasticsearch ...")
self.es_index = config['elasticsearch']['index']
try:
# @formatter:off
aws_auth = AWSRequestsAuth(
aws_host = config['elasticsearch']['host'],
aws_region = config['elasticsearch']['region'],
aws_service = 'es',
**boto_utils.get_credentials()
)
self.es = Elasticsearch(
hosts = [{'host': config['elasticsearch']['host'],
'port': 443}],
http_auth = aws_auth,
use_ssl = True,
verify_certs = True,
connection_class = RequestsHttpConnection
)
# @formatter:on
except:
log.error("Couldn't connect to Elasticsearch")
try:
self.create_es_index(self.es_index)
except:
log.error("Couldn't create Elasticsearch index")
# Jira
log.info("Connecting to Jira ...")
self.jira = JIRA(
{'server': config['jira']['host']},
basic_auth=(config['jira']['user'], config['jira']['password'])
)
self.jira_project = config['jira']['project']
log.debug("Connecting to Cachet ...")
self.cachet_client = cachet.Incidents(endpoint=config['cachet']['host'],
api_token=config['cachet']['token'])
return
def _lazy_haystack_setup():
from django.conf import settings
es_url = settings.ES_URLS[0]
if settings.AWS_ES_SIGN_REQUESTS:
from aws_requests_auth import boto_utils
from aws_requests_auth.aws_auth import AWSRequestsAuth
from elasticsearch import RequestsHttpConnection
auth = AWSRequestsAuth(
aws_region=config('AWS_ES_REGION', default=''),
aws_service='es',
**boto_utils.get_credentials()
)
haystack_connections = {
'default': {
'ENGINE': 'haystack.backends.elasticsearch_backend.ElasticsearchSearchEngine',
'URL': es_url,
'INDEX_NAME': config('ES_INDEX_URL', default='mozillians_haystack'),
'KWARGS': {
'http_auth': auth,
'connection_class': RequestsHttpConnection,
}
}
}
else:
haystack_connections = {
'default': {
'ENGINE': 'haystack.backends.elasticsearch_backend.ElasticsearchSearchEngine',
'URL': es_url,
'INDEX_NAME': config('ES_INDEX_URL', default='mozillians_haystack')
}
}
return haystack_connections
replica = os.environ.get("REPLICA", "aws")
# Get settings for elasticsearch
with open('chalicelib/settings.json') as f:
es_settings = json.loads(f.read())
with open('chalicelib/config.json') as f:
index_mapping_config = json.loads(f.read())
# Choose which Elasticsearch to use
if es_host.endswith('.es.amazonaws.com'):
# need to have the AWS CLI and $aws configure
awsauth = AWSRequestsAuth(aws_host=es_host,
aws_region='us-west-2',
aws_service='es',
**boto_utils.get_credentials())
# use the requests connection_class and pass in our custom auth class
es = Elasticsearch(hosts=[{
'host': es_host,
'port': 443
}],
http_auth=awsauth,
use_ssl=True,
verify_certs=True,
connection_class=RequestsHttpConnection)
else:
# default auth for testing purposes
es = Elasticsearch([{'host': es_host, 'port': es_port}])
# for blue box notification
HMAC_KEYS = {
'2011-01-01': 'cheesecake',
}
PASSWORD_HASHERS = get_password_hashers(BASE_PASSWORD_HASHERS, HMAC_KEYS)
# Email
EMAIL_BACKEND = config('EMAIL_BACKEND', default='django.core.mail.backends.console.EmailBackend')
FROM_NOREPLY = config('FROM_NOREPLY', default='Mozillians.org <*****@*****.**>')
FROM_NOREPLY_VIA = config('FROM_NOREPLY_VIA',
default='%s via Mozillians.org <*****@*****.**>')
if EMAIL_BACKEND == 'django_ses.SESBackend':
# Get AWS credentials from boto
_aws_credentials = boto_utils.get_credentials()
AWS_SES_REGION_NAME = config('AWS_SES_REGION_NAME',
default='us-east-1')
AWS_SES_REGION_ENDPOINT = config('AWS_SES_REGION_ENDPOINT',
default='email.us-east-1.amazonaws.com')
AWS_SES_ACCESS_KEY_ID = config('AWS_SES_ACCESS_KEY_ID',
default=_aws_credentials['aws_access_key'])
AWS_SES_SECRET_ACCESS_KEY = config('AWS_SES_SECRET_ACCESS_KEY',
default=_aws_credentials['aws_secret_access_key'])
else:
EMAIL_HOST = config('SMTP_EMAIL_HOST', default='localhost')
EMAIL_PORT = config('SMTP_EMAIL_PORT', default='1025')
EMAIL_HOST_USER = config('SMTP_EMAIL_HOST_USER', default='')
EMAIL_HOST_PASSWORD = config('SMTP_EMAIL_HOST_PASSWORD', default='')