# For securely passing the actions list via the browser
from itsdangerous import JSONWebSignatureSerializer
workflow = CortexWorkflow(__name__,
check_config={
'PROVIDERS': list,
'DEFAULT_PROVIDER': str,
'ENVS': list,
'DEFAULT_ENV': str,
'KEY_SIZES': list,
'DEFAULT_KEY_SIZE': int,
'LENGTHS': list,
'DEFAULT_LENGTH': int,
'NLBS': list,
'ACME_SERVERS': list,
'NLB_INTERMEDIATE_CN_FILES': dict,
'NLB_INTERMEDIATE_CN_OCSP_STAPLING_PARAMS': dict,
'CLIENT_SSL_PROFILE_PREFIX': str,
'CLIENT_SSL_PROFILE_SUFFIX': str,
'CERT_SELF_SIGNED_C': str,
'CERT_SELF_SIGNED_ST': str,
'CERT_SELF_SIGNED_L': str,
'CERT_SELF_SIGNED_O': str,
'CERT_SELF_SIGNED_OU': str,
'ACME_DNS_VIEW': str,
'DNS_WAIT_TIME': int,
'CERT_CACHE_TIME': int,
'EXTERNAL_DNS_SERVER_IP': str
})
workflow.add_permission('certmgr.create', 'Create SSL Certificate')
# FQDN regex
from flask import abort, flash, redirect, request, session, url_for
import cortex.lib.core
from cortex.lib.systems import get_systems
from cortex.lib.user import (does_user_have_any_system_permission,
does_user_have_system_permission,
does_user_have_workflow_permission)
from cortex.lib.workflow import CortexWorkflow
workflow = CortexWorkflow(__name__, check_config={})
workflow.add_permission('systems.all.snapshot',
'Create VMware Snapshots on any system')
workflow.add_system_permission('snapshot',
'Create a VMware snapshot for this system')
def snapshot_create_permission_callback():
return does_user_have_workflow_permission(
'systems.all.snapshot') or does_user_have_any_system_permission(
'snapshot')
@workflow.action('system',
title='Snapshot',
desc='Take a VMware snapshot of this system',
system_permission='snapshot',
permission='systems.all.snapshot',
require_vm=True,
methods=['GET', 'POST'])
def snapshot_system(target_id):
#!/usr/bin/python
from cortex import app
from cortex.lib.workflow import CortexWorkflow, raise_if_workflows_locked
import cortex.lib.core
import cortex.lib.classes
import cortex.views
from flask import Flask, request, session, redirect, url_for, flash, g, abort, render_template
import MySQLdb as mysql
import json
workflow = CortexWorkflow(__name__)
workflow.add_permission('newserver', 'Create System Record')
@workflow.route("create",
title='Create System Record',
order=30,
permission="newserver",
methods=['GET', 'POST'])
def allocateserver():
# Don't go any further if workflows are currently locked
raise_if_workflows_locked()
# Get the list of enabled classes
classes = cortex.lib.classes.list(hide_disabled=True)
# Extract the classes the have servers in (so hide storage and switches, for example)
server_classes = [c for c in classes if c['cmdb_type'] == "cmdb_ci_server"]
# Get the list of environments
#!/usr/bin/python
from cortex import app
from cortex.lib.workflow import CortexWorkflow
import cortex.lib.core
import cortex.lib.systems
from cortex.corpus import Corpus
from flask import Flask, request, session, redirect, url_for, flash, g, abort, render_template
from pyVmomi import vim
from itsdangerous import JSONWebSignatureSerializer
import requests
workflow = CortexWorkflow(__name__)
workflow.add_permission('systems.all.decom', 'Decommission any system')
workflow.add_system_permission('decom', 'Decommission system')
@workflow.action("prepare",
title='Decommission',
desc="Begins the process of decommissioning this system",
system_permission="decom",
permission="systems.all.decom")
def decom_step1(id):
system = cortex.lib.systems.get_system_by_id(id)
if system is None:
abort(404)
return workflow.render_template("step1.html",
system=system,
title="Decommission system")
import re
import string
from flask import flash, g, redirect, request, session, url_for
import cortex.lib.core
from cortex import app
from cortex.lib.user import does_user_have_permission
from cortex.lib.workflow import CortexWorkflow
workflow = CortexWorkflow(__name__)
workflow.add_permission("puppet.environments.create",
"Create Puppet Environments")
ENVIRONMENT_NAME_REGEX = re.compile(r"\A[a-z0-9_]+\Z")
ENVIRONMENT_TYPES = {
0: "Infrastructure", # Common / Legacy environments (static)
1: "Service", # Per-Service Puppet environment
2: "Dynamic" # Dynamic environment for testing
}
@workflow.route("environment/create",
title="Create Puppet Environment",
order=50,
permission="puppet.environment.create",
methods=["GET", "POST"])
def puppet_environment_create():
"""Create a new Puppet environment"""
can_create_all = does_user_have_permission(
#!/usr/bin/python
from cortex import app
from cortex.lib.workflow import CortexWorkflow
import cortex.lib.core
import cortex.lib.classes
import cortex.views
from flask import Flask, request, session, redirect, url_for, flash, g, abort, render_template
workflow = CortexWorkflow(__name__)
workflow.add_permission('newserver', 'Create system record')
@workflow.route("create",title='Create system record', order=30, permission="newserver", methods=['GET', 'POST'])
def allocateserver():
# Get the list of enabled classes
classes = cortex.lib.classes.list(hide_disabled=True)
# Extract the classes the have servers in (so hide storage and switches, for example)
server_classes = [c for c in classes if c['cmdb_type'] == "cmdb_ci_server"]
# Get the list of environments
environments = cortex.lib.core.get_cmdb_environments()
# Get the list of networks
networks = workflow.config['NETWORKS']
# Get the list of operating systems
oses = workflow.config['OPERATING_SYSTEMS']
# Get the list of domains
#!/usr/bin/python
from cortex import app
from cortex.lib.workflow import CortexWorkflow
import cortex.lib.core
import datetime
from flask import Flask, request, session, redirect, url_for, flash, g, abort
workflow = CortexWorkflow(__name__)
workflow.add_permission('buildvm.sandbox', 'Create Sandbox VM')
workflow.add_permission('buildvm.standard', 'Create Standard VM')
################################################################################
## Sandbox VM Workflow view handler
@workflow.route("sandbox",title='Create Sandbox VM', order=20, permission="buildvm.sandbox", methods=['GET', 'POST'])
def sandbox():
# Get the list of clusters
clusters = cortex.lib.core.vmware_list_clusters("srv01197")
# Get the list of environments
environments = cortex.lib.core.get_cmdb_environments()
if request.method == 'GET':
## Show form
return workflow.render_template("sandbox.html", clusters=clusters, environments=environments, title="Create Sandbox Virtual Machine", default_env='dev', default_cluster='CHARTREUSE', os_names=workflow.config['SB_OS_DISP_NAMES'], os_order=workflow.config['SB_OS_ORDER'])
elif request.method == 'POST':
# Ensure we have all parameters that we require
if 'sockets' not in request.form or 'cores' not in request.form or 'ram' not in request.form or 'disk' not in request.form or 'template' not in request.form or 'environment' not in request.form:
flash('You must select options for all questions before creating', 'alert-danger')
return redirect(url_for('sandbox'))
#!/usr/bin/env python
import datetime
from flask import abort, flash, redirect, request, session, url_for
import cortex.lib.admin
import cortex.lib.core
from cortex import app
from cortex.lib.user import get_user_list_from_cache
from cortex.lib.workflow import CortexWorkflow
workflow = CortexWorkflow(__name__)
workflow.add_permission("buildvm.sandbox", "Create Sandbox VM")
workflow.add_permission("buildvm.standard", "Create Standard VM")
################################################################################
## Common data validation / form extraction
def validate_data(r, templates, envs):
# Get the VM Specs Config from the DB.
try:
vm_spec_config_json = cortex.lib.admin.get_kv_setting(
"vm.specs.config", load_as_json=True)
except ValueError:
flash("Could not parse JSON from the database.", "alert-danger")
vm_spec_config_json = {}
# Pull data out of request
from flask import abort, flash, redirect, request, session, url_for
import cortex.lib.core
from cortex.lib.systems import get_system_by_id, get_systems
from cortex.lib.user import (does_user_have_any_system_permission,
does_user_have_system_permission,
does_user_have_workflow_permission)
from cortex.lib.workflow import CortexWorkflow
workflow = CortexWorkflow(__name__, check_config={})
workflow.add_permission("systems.all.adddisk", "Add a virtual disk in VMware on any system")
workflow.add_system_permission("adddisk", "Add a virtual disk in VMware to this system")
# Define some disk limits (GiB)
MIN_DISK_SIZE = 10
MAX_DISK_SIZE = 2000
def adddisk_create_permission_callback():
return does_user_have_workflow_permission("systems.all.adddisk") or does_user_have_any_system_permission("adddisk")
@workflow.action("system", title="Add VMware Disk", desc="Add a virtual disk in VMware to this system", system_permission="adddisk", permission="systems.all.adddisk", require_vm=True, methods=["GET", "POST"])
def adddisk_system(target_id):
return redirect(url_for("adddisk_add", system=target_id))
@workflow.route("add", title="Add VMware Disk", order=50, permission=adddisk_create_permission_callback, methods=["GET", "POST"])
def adddisk_add():
selected_system = None
systems = None
#!/usr/bin/env python
from cortex import app
from cortex.lib.workflow import CortexWorkflow, raise_if_workflows_locked
from cortex.lib.user import get_user_list_from_cache
import cortex.lib.core
import cortex.lib.admin
import datetime
from flask import Flask, request, session, redirect, url_for, flash, g, abort
import MySQLdb as mysql
import re
import json
from cortex.corpus import Corpus
workflow = CortexWorkflow(__name__)
workflow.add_permission('buildvm.sandbox', 'Create Sandbox VM')
workflow.add_permission('buildvm.standard', 'Create Standard VM')
################################################################################
## Sandbox VM Workflow view handler
@workflow.route("sandbox",
title='Create Sandbox VM',
order=20,
permission="buildvm.sandbox",
methods=['GET', 'POST'])
def sandbox():
# Don't go any further if workflows are currently locked
raise_if_workflows_locked()
#!/usr/bin/python
import cortex.lib.core
from cortex.lib.workflow import CortexWorkflow, raise_if_workflows_locked
from cortex.lib.systems import get_systems
from cortex.lib.user import does_user_have_workflow_permission, does_user_have_system_permission, does_user_have_any_system_permission
from flask import request, session, redirect, url_for, abort, flash, g
from datetime import datetime
import json
workflow = CortexWorkflow(__name__, check_config={})
workflow.add_permission('systems.all.snapshot',
'Create VMware Snapshots on any system')
workflow.add_permission(
'systems.snapshot',
'Access the VMware Snapshot form; requires permission on individual systems to snapshot them.'
)
workflow.add_system_permission('snapshot',
'Create a VMware snapshot for this system')
@workflow.action('system',
title='Snapshot',
desc='Take a VMware snapshot of this system',
system_permission='snapshot',
permission='systems.all.snapshot',
methods=['GET', 'POST'])
def snapshot_system(id):
return redirect(url_for('snapshot_create', systems=id))
