def __init__(self):
config = get_config()
server = config['vault']['server']
role_id = config['vault']['role_id']
secret_id = config['vault']['secret_id']
# This is a threaded world. Let's define a big
# connections pool to live in that world
# (this avoids the warning "Connection pool is
# full, discarding connection: vault.devshift.net")
session = requests.Session()
adapter = HTTPAdapter(pool_connections=100, pool_maxsize=100)
session.mount('https://', adapter)
self._client = hvac.Client(url=server, session=session)
self._cache = {}
authenticated = False
for i in range(0, 3):
try:
self._client.auth_approle(role_id, secret_id)
authenticated = self._client.is_authenticated()
break
except requests.exceptions.ConnectionError:
time.sleep(1)
if not authenticated:
raise VaultConnectionError()
def __init__(self, auto_refresh=True):
config = get_config()
server = config["vault"]["server"]
self.role_id = config["vault"]["role_id"]
self.secret_id = config["vault"]["secret_id"]
# This is a threaded world. Let's define a big
# connections pool to live in that world
# (this avoids the warning "Connection pool is
# full, discarding connection: vault.devshift.net")
session = requests.Session()
adapter = HTTPAdapter(pool_connections=100, pool_maxsize=100)
session.mount("https://", adapter)
self._client = hvac.Client(url=server, session=session)
authenticated = False
for _ in range(0, 3):
try:
self._refresh_client_auth()
authenticated = self._client.is_authenticated()
break
except requests.exceptions.ConnectionError:
time.sleep(1)
if not authenticated:
raise VaultConnectionError()
if auto_refresh:
t = threading.Thread(target=self._auto_refresh_client_auth,
daemon=True)
t.start()
def init_from_config():
global _base_dn
config = get_config()
serverUrl = config['ldap']['server']
_base_dn = config['ldap']['base_dn']
return init(serverUrl)
def __init__(self, settings):
config = get_config()
smtp_secret_path = config['smtp']['secret_path']
smtp_config = self.get_smtp_config(smtp_secret_path, settings)
self.host = smtp_config['server']
self.port = str(smtp_config['port'])
self.user = smtp_config['username']
self.passwd = smtp_config['password']
self.mail_address = config['smtp']['mail_address']
self._client = None
self._server = None
def create(
cls,
command_data: GPGEncryptCommandData,
secret_reader: Optional[SecretReader] = None,
) -> GPGEncryptCommand:
cls_secret_reader = (
secret_reader
if secret_reader
else SecretReader(settings=config.get_config())
)
return cls(
command_data=command_data,
secret_reader=cls_secret_reader,
)
def run(dry_run: bool, enable_deletion: bool):
settings = queries.get_app_interface_settings()
secret_reader = SecretReader(settings=settings)
creds_path = get_config().get("dyn", {}).get("secrets_path", None)
if not creds_path:
raise ConfigNotFound("Dyn config missing from config file")
creds = secret_reader.read_all({"path": creds_path})
dyn_session.DynectSession(creds["customer"], creds["dyn_id"], creds["password"])
desired = fetch_desired_state()
current = fetch_current_state()
process_tds(
current["tds"], desired["tds"], dry_run=dry_run, enable_deletion=enable_deletion
)
def __init__(self, settings):
config = get_config()
smtp_secret_path = config['smtp']['secret_path']
smtp_config = self.get_smtp_config(smtp_secret_path, settings)
self.host = smtp_config['server']
self.port = str(smtp_config['port'])
self.user = smtp_config['username']
self.passwd = smtp_config['password']
self.mail_address = config['smtp']['mail_address']
self.client = smtplib.SMTP(host=self.host, port=self.port)
self.client.send
self.client.starttls()
self.client.login(self.user, self.passwd)
self._server = None
def promquery(cluster, query):
"""Run a PromQL query"""
config_data = config.get_config()
auth = {
'path': config_data['promql-auth']['secret_path'],
'field': 'token'
}
settings = queries.get_app_interface_settings()
secret_reader = SecretReader(settings=settings)
prom_auth_creds = secret_reader.read(auth)
prom_auth = requests.auth.HTTPBasicAuth(*prom_auth_creds.split(':'))
url = f"https://prometheus.{cluster}.devshift.net/api/v1/query"
response = requests.get(url, params={'query': query}, auth=prom_auth)
response.raise_for_status()
print(json.dumps(response.json(), indent=4))
def do_current_state_test(path):
fixture = fxt.get_anymarkup(path)
with patch("reconcile.github_org.RawGithubApi") as m_rga:
with patch("reconcile.github_org.Github") as m_gh:
m_gh.return_value = GithubMock(fixture["gh_api"])
m_rga.return_value = RawGithubApiMock()
gh_api_store = github_org.GHApiStore(config.get_config())
current_state = github_org.fetch_current_state(gh_api_store)
current_state = current_state.dump()
expected_current_state = fixture["state"]
assert len(current_state) == len(expected_current_state)
for group in current_state:
params = group["params"]
items = sorted(group["items"])
assert items == get_items_by_params(expected_current_state, params)
def run(dry_run):
gqlapi = gql.get_api()
result = gqlapi.query(REPOS_QUERY)
config = get_config()['github-repo-invites']
settings = queries.get_app_interface_settings()
secret_reader = SecretReader(settings=settings)
secret = {'path': config['secret_path'],
'field': config['secret_field']}
token = secret_reader.read(secret)
g = raw_github_api.RawGithubApi(token)
urls = set()
known_orgs = set()
for app in result['apps_v1']:
code_components = app['codeComponents']
if code_components is None:
continue
for code_component in app['codeComponents']:
url = code_component['url']
urls.add(url)
org = url[:url.rindex('/')]
known_orgs.add(org)
invitations = set()
for i in g.repo_invitations():
invitation_id = i['id']
invitation_url = i['html_url']
url = os.path.dirname(invitation_url)
accept = url in urls or any(url.startswith(org) for org in known_orgs)
if accept:
logging.info(['accept', url])
invitations.add(url)
if not dry_run:
g.accept_repo_invitation(invitation_id)
else:
logging.debug(['skipping', url])
return invitations
def run(dry_run: bool, enable_deletion: bool):
settings = queries.get_app_interface_settings()
secret_reader = SecretReader(settings=settings)
creds_path = get_config().get('dyn', {}).get('secrets_path', None)
if not creds_path:
raise ConfigNotFound('Dyn config missing from config file')
creds = secret_reader.read_all({'path': creds_path})
dyn_session.DynectSession(creds['customer'], creds['dyn_id'],
creds['password'])
desired = fetch_desired_state()
current = fetch_current_state()
process_tds(current['tds'],
desired['tds'],
dry_run=dry_run,
enable_deletion=enable_deletion)
def init_from_config(sha_url=True, integration=None, validate_schemas=False,
print_url=True):
config = get_config()
server_url = urlparse(config['graphql']['server'])
server = server_url.geturl()
token = config['graphql'].get('token')
if sha_url:
sha = get_sha(server_url, token)
server = server_url._replace(path=f'/graphqlsha/{sha}').geturl()
runing_state = RunningState()
git_commit_info = get_git_commit_info(sha, server_url, token)
runing_state.timestamp = git_commit_info.get('timestamp')
runing_state.commit = git_commit_info.get('commit')
if print_url:
logging.info(f'using gql endpoint {server}')
return init(server, token, integration, validate_schemas)
def init_from_config(
sha_url=True, integration=None, validate_schemas=False, print_url=True
):
config = get_config()
server_url = urlparse(config["graphql"]["server"])
server = server_url.geturl()
token = config["graphql"].get("token")
if sha_url:
sha = get_sha(server_url, token)
server = server_url._replace(path=f"/graphqlsha/{sha}").geturl()
runing_state = RunningState()
git_commit_info = get_git_commit_info(sha, server_url, token)
runing_state.timestamp = git_commit_info.get("timestamp")
runing_state.commit = git_commit_info.get("commit")
if print_url:
logging.info(f"using gql endpoint {server}")
return init(server, token, integration, validate_schemas)
def get_user_id_by_name(self, user_name: str) -> str:
"""
Get user id from their username.
:param user_name: Slack user name
:return: encoded user ID (ex. W012A3CDE)
:raises slack_sdk.errors.SlackApiError: if unsuccessful response from
Slack API
:raises UserNotFoundException: if the Slack user is not found
"""
config = get_config()
mail_address = config['smtp']['mail_address']
try:
result = self._sc.users_lookupByEmail(
email=f"{user_name}@{mail_address}")
except SlackApiError as e:
if e.response['error'] == 'users_not_found':
raise UserNotFoundException(e.response['error'])
else:
raise
return result['user']['id']
