def process_cli_args(self):
# We need to parse out -t and -p *before* argparse can see it because
# of Python bug 9334, which prevents argparse from recognizing '-1:-1'
# as an option value and not a (nonexistent) option name.
saved_sys_argv = list(sys.argv)
def parse_neg_one_value(opt_name):
if opt_name in sys.argv:
index = sys.argv.index(opt_name)
if (index < len(sys.argv) - 1
and sys.argv[index + 1].startswith('-1')):
opt_val = sys.argv[index + 1]
del sys.argv[index:index + 2]
return opt_val
icmp_type_code = (parse_neg_one_value('-t')
or parse_neg_one_value('--icmp-type-code'))
port_range = (parse_neg_one_value('-p')
or parse_neg_one_value('--port-range'))
EucalyptusRequest.process_cli_args(self)
if icmp_type_code:
self.args['icmp_type_code'] = icmp_type_code
if port_range:
self.args['port_range'] = port_range
sys.argv = saved_sys_argv
def configure(self):
EucalyptusRequest.configure(self)
if self.args.get('user_data'):
if os.path.isfile(self.args['user_data']):
raise ArgumentError(
'argument -d/--user-data: to pass the contents of a file '
'as user data, use -f/--user-data-file. To pass the '
"literal value '{0}' as user data even though it matches "
'the name of a file, use --user-data-force.')
else:
self.params['UserData'] = base64.b64encode(
self.args['user_data'])
elif self.args.get('user_data_force'):
self.params['UserData'] = base64.b64encode(
self.args['user_data_force'])
elif self.args.get('user_data_file'):
with open(self.args['user_data_file']) as user_data_file:
self.params['UserData'] = base64.b64encode(
user_data_file.read())
if self.args.get('KeyName') is None:
default_key_name = self.config.get_region_option(
'ec2-default-keypair')
if default_key_name:
self.log.info("using default key pair '%s'", default_key_name)
self.params['KeyName'] = default_key_name
def configure(self):
EucalyptusRequest.configure(self)
if self.args.get('user_data'):
if os.path.isfile(self.args['user_data']):
raise ArgumentError(
'argument -d/--user-data: to pass the contents of a file '
'as user data, use -f/--user-data-file. To pass the '
"literal value '{0}' as user data even though it matches "
'the name of a file, use --user-data-force.')
else:
self.params['UserData'] = base64.b64encode(
self.args['user_data'])
elif self.args.get('user_data_force'):
self.params['UserData'] = base64.b64encode(
self.args['user_data_force'])
elif self.args.get('user_data_file'):
with open(self.args['user_data_file']) as user_data_file:
self.params['UserData'] = base64.b64encode(
user_data_file.read())
if self.args.get('KeyName') is None:
default_key_name = self.config.get_region_option(
'ec2-default-keypair')
if default_key_name:
self.log.info("using default key pair '%s'", default_key_name)
self.params['KeyName'] = default_key_name
def process_cli_args(self):
# We need to parse out -t and -p *before* argparse can see it because
# of Python bug 9334, which prevents argparse from recognizing '-1:-1'
# as an option value and not a (nonexistent) option name.
saved_sys_argv = list(sys.argv)
def parse_neg_one_value(opt_name):
if opt_name in sys.argv:
index = sys.argv.index(opt_name)
if (index < len(sys.argv) - 1 and
sys.argv[index + 1].startswith('-1')):
opt_val = sys.argv[index + 1]
del sys.argv[index:index + 2]
return opt_val
icmp_type_code = (parse_neg_one_value('-t') or
parse_neg_one_value('--icmp-type-code'))
port_range = (parse_neg_one_value('-p') or
parse_neg_one_value('--port-range'))
EucalyptusRequest.process_cli_args(self)
if icmp_type_code:
self.args['icmp_type_code'] = icmp_type_code
if port_range:
self.args['port_range'] = port_range
sys.argv = saved_sys_argv
def configure(self):
EucalyptusRequest.configure(self)
if (self.args.get('Reset') and
any(self.args.get(attr) is not None for attr in ('Cpu', 'Disk',
'Memory'))):
# Basically, reset is mutually exclusive with everything else.
raise ArgumentError('argument --reset may not be used with '
'instance type attributes')
def configure(self):
EucalyptusRequest.configure(self)
if (self.args.get('Reset') and any(
self.args.get(attr) is not None
for attr in ('Cpu', 'Disk', 'Memory'))):
# Basically, reset is mutually exclusive with everything else.
raise ArgumentError('argument --reset may not be used with '
'instance type attributes')
def configure(self):
EucalyptusRequest.configure(self)
if self.args.get('all'):
if self.args.get('Owner'):
raise ArgumentError('argument -a/--all: not allowed with '
'argument -o/--owner')
if self.args.get('RestorableBy'):
raise ArgumentError('argument -a/--all: not allowed with '
'argument -r/--restorable-by')
def configure(self):
EucalyptusRequest.configure(self)
if self.args.get('all'):
if self.args.get('Owner'):
raise ArgumentError('argument -a/--all: not allowed with '
'argument -o/--owner')
if self.args.get('RestorableBy'):
raise ArgumentError('argument -a/--all: not allowed with '
'argument -r/--restorable-by')
def configure(self):
EucalyptusRequest.configure(self)
if not self.args.get('Size') and not self.args.get('SnapshotId'):
raise ArgumentError('-s/--size or --snapshot must be specified')
if self.args.get('Iops') and not self.args.get('VolumeType'):
raise ArgumentError('argument -i/--iops: -t/--type is required')
if self.args.get('Iops') and self.args.get('VolumeType') == 'standard':
raise ArgumentError(
'argument -i/--iops: not allowed with volume type "standard"')
def configure(self):
EucalyptusRequest.configure(self)
if not self.args.get('Size') and not self.args.get('SnapshotId'):
raise ArgumentError('-s/--size or --snapshot must be specified')
if self.args.get('Iops') and not self.args.get('VolumeType'):
raise ArgumentError('argument -i/--iops: -t/--type is required')
if self.args.get('Iops') and self.args.get('VolumeType') == 'standard':
raise ArgumentError(
'argument -i/--iops: not allowed with volume type "standard"')
def configure(self):
EucalyptusRequest.configure(self)
if not self.args.get('Storage.S3.UploadPolicy'):
if not self.args.get('owner_sak'):
raise ArgumentError('argument -w/--owner-sak is required when '
'-c/--policy is not used')
elif not self.args.get('Storage.S3.UploadPolicySignature'):
if not self.args.get('owner_sak'):
raise ArgumentError('argument -w/--owner-sak is required when '
'-s/--policy-signature is not used')
def configure(self):
EucalyptusRequest.configure(self)
if self.args.get('all', False):
if self.args.get('ImageId'):
raise ArgumentError('argument -a/--all: not allowed with '
'a list of images')
if self.args.get('ExecutableBy'):
raise ArgumentError('argument -a/--all: not allowed with '
'argument -x/--executable-by')
if self.args.get('Owner'):
raise ArgumentError('argument -a/--all: not allowed with '
'argument -o/--owner')
def configure(self):
EucalyptusRequest.configure(self)
if (self.args.get('PublicIp') is not None and
self.args.get('AllocationId') is not None):
# Can't be both EC2 and VPC
raise ArgumentError(
'argument -a/--allocation-id: not allowed with an IP address')
if (self.args.get('PublicIp') is None and
self.args.get('AllocationId') is None):
# ...but we still have to be one of them
raise ArgumentError(
'argument -a/--allocation-id or an IP address is required')
def configure(self):
EucalyptusRequest.configure(self)
if self.args.get('all', False):
if self.args.get('ImageId'):
raise ArgumentError('argument -a/--all: not allowed with '
'a list of images')
if self.args.get('ExecutableBy'):
raise ArgumentError('argument -a/--all: not allowed with '
'argument -x/--executable-by')
if self.args.get('Owner'):
raise ArgumentError('argument -a/--all: not allowed with '
'argument -o/--owner')
def configure(self):
EucalyptusRequest.configure(self)
if (self.args.get('PublicIp') is not None
and self.args.get('AllocationId') is not None):
# Can't be both EC2 and VPC
raise ArgumentError(
'argument -a/--allocation-id: not allowed with an IP address')
if (self.args.get('PublicIp') is None
and self.args.get('AllocationId') is None):
# ...but we still have to be one of them
raise ArgumentError(
'argument -a/--allocation-id or an IP address is required')
def configure(self):
EucalyptusRequest.configure(self)
if self.args.get('PublicIp'):
if self.args.get('AssociationId'):
raise ArgumentError('argument -a/--association-id: not '
'allowed with an IP address')
elif self.args['PublicIp'].startswith('eipassoc'):
raise ArgumentError('VPC elastic IP association IDs must be '
'be specified with -a/--association-id')
elif not self.args.get('AssociationId'):
raise ArgumentError(
'argument -a/--association-id or an IP address is required')
def configure(self):
EucalyptusRequest.configure(self)
if self.args.get('by_zone', False):
self.params['Availability'] = True
def configure(self):
EucalyptusRequest.configure(self)
if (self.args['group'].startswith('sg-') and
len(self.args['group']) == 11):
# The check could probably be a little better, but meh. Fix if
# needed.
self.params['GroupId'] = self.args['group']
else:
if self.args['egress']:
raise ArgumentError('egress rules must use group IDs, not '
'names')
self.params['GroupName'] = self.args['group']
target_group = self.args.get('target_group')
if (target_group is not None and target_group.startswith('sg-') and
len(target_group) == 11):
# Same note as above
self.params['IpPermissions.1.Groups.1.GroupId'] = target_group
else:
if self.args['egress']:
raise ArgumentError('argument -o: egress rules must use group '
'IDs, not names')
self.params['IpPermissions.1.Groups.1.GroupName'] = target_group
protocol = self.args.get('IpPermissions.1.IpProtocol')
if protocol in ['icmp', '1']:
if self.args.get('port_range'):
raise ArgumentError('argument -p/--port-range: not compatible '
'with protocol ' + protocol)
if not self.args.get('icmp_type_code'):
self.args['icmp_type_code'] = '-1:-1'
types = self.args['icmp_type_code'].split(':')
if len(types) == 2:
try:
from_port = int(types[0])
to_port = int(types[1])
except ValueError:
raise ArgumentError('argument -t/--icmp-type-code: value '
'must have format "1:2"')
else:
raise ArgumentError('argument -t/--icmp-type-code: value must '
'have format "1:2"')
if from_port < -1 or to_port < -1:
raise ArgumentError('argument -t/--icmp-type-code: type, code '
'must be at least -1')
elif protocol in ['tcp', 'udp', '6', '17']:
if self.args.get('icmp_type_code'):
raise ArgumentError('argument -t/--icmp-type-code: not '
'compatible with protocol ' + protocol)
if not self.args.get('port_range'):
raise ArgumentError('argument -p/--port-range is required for '
'protocol ' + protocol)
if ':' in self.args['port_range']:
# Be extra helpful in the event of this common typo
raise ArgumentError('argument -p/--port-range: multi-port '
'range must be separated by "-", not ":"')
if self.args['port_range'].startswith('-'):
ports = self.args['port_range'][1:].split('-')
ports[0] = '-' + ports[0]
else:
ports = self.args['port_range'].split('-')
if len(ports) == 2:
try:
from_port = int(ports[0])
to_port = int(ports[1])
except ValueError:
raise ArgumentError('argument -p/--port-range: multi-port '
'value must be comprised of integers')
elif len(ports) == 1:
try:
from_port = to_port = int(ports[0])
except ValueError:
raise ArgumentError('argument -p/--port-range: single '
'port value must be an integer')
else:
raise ArgumentError('argument -p/--port-range: value must '
'have format "1" or "1-2"')
if from_port < -1 or to_port < -1:
raise ArgumentError('argument -p/--port-range: port number(s) '
'must be at least -1')
else:
# Shouldn't get here since argparse should only allow the values we
# handle
raise ValueError('unrecognized protocol: "{0}"'.format(protocol))
self.params['IpPermissions.1.FromPort'] = from_port
self.params['IpPermissions.1.ToPort'] = to_port
if (not self.args.get('IpPermissions.1.IpRanges.1.GroupName') and
not self.args.get('IpPermissions.1.IpRanges.1.CidrIp')):
# Default rule target is the entire Internet
self.params['IpPermissions.1.IpRanges.1.CidrIp'] = '0.0.0.0/0'
if (self.params.get('IpPermissions.1.Groups.1.GroupName') and
not self.args.get('IpPermissions.1.Groups.1.UserId')):
raise ArgumentError('argument -u is required when -o names a '
'security group by name')
def configure(self):
EucalyptusRequest.configure(self)
if self.args.get("all", False):
if self.args.get("SubnetId"):
raise ArgumentError("argument -a/--all: not allowed with " "a list of subnets")
def configure(self):
EucalyptusRequest.configure(self)
if self.args.get('by_zone', False):
self.params['Availability'] = True
def configure(self):
EucalyptusRequest.configure(self)
if self.args.get('all', False):
if self.args.get('VpcId'):
raise ArgumentError('argument -a/--all: not allowed with '
'a list of vpcs')
def configure(self):
EucalyptusRequest.configure(self)
if (self.args['group'].startswith('sg-')
and len(self.args['group']) == 11):
# The check could probably be a little better, but meh. Fix if
# needed.
self.params['GroupId'] = self.args['group']
else:
if self.args['egress']:
raise ArgumentError('egress rules must use group IDs, not '
'names')
self.params['GroupName'] = self.args['group']
target_group = self.args.get('target_group')
if (target_group is not None and target_group.startswith('sg-')
and len(target_group) == 11):
# Same note as above
self.params['IpPermissions.1.Groups.1.GroupId'] = target_group
else:
if self.args['egress']:
raise ArgumentError('argument -o: egress rules must use group '
'IDs, not names')
self.params['IpPermissions.1.Groups.1.GroupName'] = target_group
protocol = self.args.get('IpPermissions.1.IpProtocol')
if protocol in ['icmp', '1']:
if self.args.get('port_range'):
raise ArgumentError('argument -p/--port-range: not compatible '
'with protocol ' + protocol)
if not self.args.get('icmp_type_code'):
self.args['icmp_type_code'] = '-1:-1'
types = self.args['icmp_type_code'].split(':')
if len(types) == 2:
try:
from_port = int(types[0])
to_port = int(types[1])
except ValueError:
raise ArgumentError('argument -t/--icmp-type-code: value '
'must have format "1:2"')
else:
raise ArgumentError('argument -t/--icmp-type-code: value must '
'have format "1:2"')
if from_port < -1 or to_port < -1:
raise ArgumentError('argument -t/--icmp-type-code: type, code '
'must be at least -1')
elif protocol in ['tcp', 'udp', '6', '17']:
if self.args.get('icmp_type_code'):
raise ArgumentError('argument -t/--icmp-type-code: not '
'compatible with protocol ' + protocol)
if not self.args.get('port_range'):
raise ArgumentError('argument -p/--port-range is required for '
'protocol ' + protocol)
if ':' in self.args['port_range']:
# Be extra helpful in the event of this common typo
raise ArgumentError('argument -p/--port-range: multi-port '
'range must be separated by "-", not ":"')
if self.args['port_range'].startswith('-'):
ports = self.args['port_range'][1:].split('-')
ports[0] = '-' + ports[0]
else:
ports = self.args['port_range'].split('-')
if len(ports) == 2:
try:
from_port = int(ports[0])
to_port = int(ports[1])
except ValueError:
raise ArgumentError('argument -p/--port-range: multi-port '
'value must be comprised of integers')
elif len(ports) == 1:
try:
from_port = to_port = int(ports[0])
except ValueError:
raise ArgumentError('argument -p/--port-range: single '
'port value must be an integer')
else:
raise ArgumentError('argument -p/--port-range: value must '
'have format "1" or "1-2"')
if from_port < -1 or to_port < -1:
raise ArgumentError('argument -p/--port-range: port number(s) '
'must be at least -1')
else:
# Shouldn't get here since argparse should only allow the values we
# handle
raise ValueError('unrecognized protocol: "{0}"'.format(protocol))
self.params['IpPermissions.1.FromPort'] = from_port
self.params['IpPermissions.1.ToPort'] = to_port
if (not self.args.get('IpPermissions.1.IpRanges.1.GroupName')
and not self.args.get('IpPermissions.1.IpRanges.1.CidrIp')):
# Default rule target is the entire Internet
self.params['IpPermissions.1.IpRanges.1.CidrIp'] = '0.0.0.0/0'
if (self.params.get('IpPermissions.1.Groups.1.GroupName')
and not self.args.get('IpPermissions.1.Groups.1.UserId')):
raise ArgumentError('argument -u is required when -o names a '
'security group by name')
