def decrypt(tenant, env):
"""
Decrypt the tenant/environment data
:type tenant: string
:param tenant: The name of the tenant.
:type env: string
:param env: The name of the tenant.
:rtype: None
:return: the function prints to screen the ansible output of the
execution.
"""
target_folder = utils.get_tenant_env_dir(tenant, env)
password_file = utils.get_vault_file(tenant, env)
md5_store_folder = utils.get_md5_folder(tenant)
md5_store_file = md5_store_folder + "/appflow-" + env + "-md5"
utils.safe_remove(md5_store_file)
flie_list = utils.get_file_list(target_folder)
for file in flie_list:
os.system('ansible-vault decrypt ' + file +
' --vault-password-file ' + password_file)
utils.write_md5_sum(file, md5_store_file)
def git_check_in(tenant, env, commit):
"""
Git push.
This will affecy only the modified files (see git_status function).
Commit message can be specified.
:type tenant: string
:param tenant: The name of the tenant.
:type env: string
:param env: The name of the tenant.
:type commit: string
:param commit: The commit message to use when committing.
:rtype: None
:return: the function doesn't have a return statement.
"""
_dir = utils.get_tenant_dir(tenant)
folder = utils.get_tenant_env_dir(tenant, env)
file_list = utils.get_file_list(folder)
is_encrypted = False
for file in file_list:
if utils.check_string_in_file(file, 'AES256'):
is_encrypted = True
diff = git_status(tenant, env)
if is_encrypted is False:
apansible.encrypt(tenant, env)
_pipe = subprocess.PIPE
for file in diff:
out = subprocess.Popen(
['git', '-C', _dir, 'add', file], stdout=_pipe, stderr=_pipe)
for line in iter(out.stdout.readline, b''):
print(line.decode('utf-8'))
out = subprocess.Popen(
['git', '-C', _dir, 'commit', '-m', commit], stdout=_pipe, stderr=_pipe)
for line in iter(out.stdout.readline, b''):
print(line.decode('utf-8'))
out = subprocess.Popen(
['git', '-C', _dir, 'push'], stdout=_pipe, stderr=_pipe)
for line in iter(out.stdout.readline, b''):
print(line.decode('utf-8'))
git_reset(tenant, env)
def encrypt(tenant, env):
"""
Encrypt the tenant/environment data
:type tenant: string
:param tenant: The name of the tenant.
:type env: string
:param env: The name of the tenant.
:rtype: None
:return: the function prints to screen the ansible output of the
execution.
"""
target_folder = utils.get_tenant_env_dir(tenant, env)
password_file = utils.get_vault_file(tenant, env)
flie_list = utils.get_file_list(target_folder)
for file in flie_list:
os.system('ansible-vault encrypt ' + file +
' --vault-password-file ' + password_file)
def git_status(tenant, env):
"""
Return a status of modified files in the tenant/environment folder.
this is tracked separately from git, because encryption/decryption of files
will always override the git status method.
:type tenant: string
:param tenant: The name of the tenant.
:type env: string
:param env: The name of the tenant.
:rtype: list
:return: the function returns a list containing the different lines between
the 2 md5 files.
"""
_dir = utils.get_tenant_dir(tenant)
target_folder = _dir + env
if not utils.check_string_in_file(target_folder + "/inventory", 'AES256'):
md5_store_folder = utils.get_md5_folder(tenant)
md5_store_file = md5_store_folder + "/appflow-" + env + "-md5"
md5_store_file_new = md5_store_folder + "/appflow-" + env + "-md5-new"
utils.safe_remove(md5_store_file_new)
file_list = utils.get_file_list(target_folder)
for file in file_list:
utils.write_md5_sum(file, md5_store_file_new)
diff = utils.diff_files(md5_store_file, md5_store_file_new)
return diff
# Files are encrypted, simply do a git diff
_pipe = subprocess.PIPE
out = subprocess.Popen(['git', '-C', _dir,
'diff-files', '--name-only', '-B', '-R', '-M', env],
stdout=_pipe, stderr=_pipe)
result = []
for line in iter(out.stdout):
result.append(line.decode('utf-8'))
return result
