def install_package(package, version, options): """Install a Universe package on DC/OS.""" display.vvv("DC/OS: installing package {} version {}".format( package, version)) # create a temporary file for the options json file with tempfile.NamedTemporaryFile('w+') as f: json.dump(options, f) # force write the file to disk to make sure subcommand can read it f.flush() os.fsync(f) display.vvv(subprocess.check_output( ['cat', f.name]).decode()) cmd = [ 'dcos', 'package', 'install', package, '--yes', '--package-version', version, '--options', f.name ] run_command(cmd, 'install package', stop_on_error=True)
def secret_delete(path, store): """Delete a secret""" display.vvv("DC/OS: delete secret {}".format(path)) cmd = ['dcos', 'security', 'secrets', 'delete', '--store-id', store, path] run_command(cmd, 'delete secret', stop_on_error=True)
def user_create(uid, password, description): """Create a user""" display.vvv("DC/OS: IAM create user {}".format(uid)) cmd = [ 'dcos', 'security', 'org', 'users', 'create', uid, '--description', description, '--password', password ] run_command(cmd, 'create user', stop_on_error=True)
def user_update(uid, groups): """Update user groups""" display.vvv("DC/OS: IAM update user {}".format(uid)) for g in groups: display.vvv("Assigning user {} to group {}".format(uid, g)) cmd = ['dcos', 'security', 'org', 'groups', 'add_user', g, uid] run_command(cmd, 'update user', stop_on_error=False)
def service_account_update(sid, groups): """Update service_account groups""" display.vvv("DC/OS: IAM update service_account {}".format(sid)) for g in groups: display.vvv("Assigning service_account {} to group {}".format(sid, g)) cmd = ['dcos', 'security', 'org', 'groups', 'add_user', g, sid] run_command(cmd, 'update service_account', stop_on_error=False)
def secret_update(path, value, store): """Update a secret""" display.vvv("DC/OS: update secret {} with {}".format(path, value)) cmd = [ 'dcos', 'security', 'secrets', 'update', '--store-id', store, '--value', value, path ] run_command(cmd, 'update secret', stop_on_error=True)
def quota_delete(gid): """Delete a quota""" display.vvv("DC/OS: delete quota {}".format(gid)) cmd = [ 'dcos', 'quota', 'delete', gid, ] run_command(cmd, 'delete quota', stop_on_error=True)
def app_remove(app_id): display.vvv("DC/OS: remove app {}".format(app_id)) cmd = [ 'dcos', 'marathon', 'app', 'remove', '/' + app_id, ] run_command(cmd, 'remove app', stop_on_error=True)
def pool_delete(pool_id, instance_name): """Delete a pool""" display.vvv("DC/OS: Edge-LB delete pool {}".format(pool_id)) cmd = [ 'dcos', 'edgelb', 'delete', '--name=' + instance_name, pool_id, ] run_command(cmd, 'delete pool', stop_on_error=True)
def group_remove(group_id): """Remove an group via Marathon""" display.vvv("DC/OS: Marathon remove group {}".format(group_id)) cmd = [ 'dcos', 'marathon', 'group', 'remove', '/' + group_id, ] run_command(cmd, 'remove group', stop_on_error=True)
def repo_remove(name): """Delete a repo""" display.vvv("DC/OS: remove repo {}".format(name)) cmd = [ 'dcos', 'package', 'repo', 'remove', name, ] run_command(cmd, 'remove repo', stop_on_error=True)
def pod_remove(pod_id): """Remove an pod via Marathon""" display.vvv("DC/OS: Marathon remove pod {}".format(pod_id)) cmd = [ 'dcos', 'marathon', 'pod', 'remove', '/' + pod_id, ] run_command(cmd, 'remove pod', stop_on_error=True)
def group_update(gid, permissions): """Update group permissions""" display.vvv("DC/OS: IAM update group {}".format(gid)) for p in permissions: display.vvv("Granting {} permission on {} to group {}".format( p['rid'], p['action'], gid)) cmd = [ 'dcos', 'security', 'org', 'groups', 'grant', gid, p['rid'], p['action'] ] run_command(cmd, 'update group', stop_on_error=False)
def user_delete(uid): """Delete a user""" display.vvv("DC/OS: IAM delete user {}".format(uid)) cmd = [ 'dcos', 'security', 'org', 'users', 'delete', uid, ] run_command(cmd, 'delete user', stop_on_error=True)
def service_account_delete(sid): """Delete a service_account""" display.vvv("DC/OS: IAM delete service_account {}".format(sid)) cmd = [ 'dcos', 'security', 'org', 'service-accounts', 'delete', sid, ] run_command(cmd, 'delete service_account', stop_on_error=True)
def group_delete(gid): """Delete a group""" display.vvv("DC/OS: IAM delete group {}".format(gid)) cmd = [ 'dcos', 'security', 'org', 'groups', 'delete', gid, ] run_command(cmd, 'delete group', stop_on_error=True)
def uninstall_package(package, app_id): display.vvv("DC/OS: uninstalling package {}".format(package)) cmd = [ 'dcos', 'package', 'uninstall', package, '--yes', '--app', '--app-id', '/' + app_id, ] run_command(cmd, 'uninstall package', stop_on_error=True)
def group_create(gid, description): """Create a group""" display.vvv("DC/OS: IAM create group {}".format(gid)) cmd = [ 'dcos', 'security', 'org', 'groups', 'create', '--description', '\'' + description + '\'', gid, ] run_command(cmd, 'create group', stop_on_error=True)
def app_create(app_id, options): """Deploy an app via Marathon""" display.vvv("DC/OS: Marathon create app {}".format(app_id)) # create a temporary file for the options json file with tempfile.NamedTemporaryFile('w+') as f: json.dump(options, f) # force write the file to disk to make sure subcommand can read it f.flush() os.fsync(f) display.vvv(subprocess.check_output(['cat', f.name]).decode()) cmd = ['dcos', 'marathon', 'app', 'add', f.name] run_command(cmd, 'add app', stop_on_error=True)
def pool_update(pool_id, instance_name, options): """Update an pool""" display.vvv("DC/OS: Edgelb update pool {}".format(pool_id)) # create a temporary file for the options json file with tempfile.NamedTemporaryFile('w+') as f: json.dump(options, f) # force write the file to disk to make sure subcommand can read it f.flush() os.fsync(f) display.vvv(subprocess.check_output(['cat', f.name]).decode()) cmd = ['dcos', 'edgelb', 'update', '--name=' + instance_name, f.name] run_command(cmd, 'update pool', stop_on_error=True)
def secret_update_from_file(path, file, store): """Update a secret from file""" display.vvv("DC/OS: update secret from file {} at path {}".format(file,path)) cmd = [ 'dcos', 'security', 'secrets', 'update', '--store-id', store, '-f', file, path ] run_command(cmd, 'update secret', stop_on_error=True)
def repo_add(name, url, index): """Create a repo""" display.vvv("DC/OS: create repo {}".format(name)) quotes = '\"' cmd = [ 'dcos', 'package', 'repo', 'add', '--index', str(index), name, url, ] run_command(cmd, 'add repo', stop_on_error=True)
def update_package(package, app_id, version, options): """Update a Universe package on DC/OS.""" display.vvv("DC/OS: updating package {} version {}".format( package, version)) # create a temporary file for the options json file with tempfile.NamedTemporaryFile('w+') as f: json.dump(options, f) # force write the file to disk to make sure subcommand can read it f.flush() os.fsync(f) display.vvv(subprocess.check_output( ['cat', f.name]).decode()) r = subprocess.check_output([ 'dcos', 'package', 'describe', package, '--options', f.name, '--package-version', version, '--render', '--app', ], env=_dcos_path()) app_update(app_id, json.loads(r)) # workaround: install cli to refresh dcos package list cmd = [ 'dcos', 'package', 'install', package, '--package-version', version, '--yes', '--cli' ] run_command(cmd, 'install cli', stop_on_error=True)
def quota_update(gid, cpu, mem, disk, gpu): """Update quota permissions""" display.vvv("DC/OS: update quota {}".format(gid)) cmd = [ 'dcos', 'quota', 'update', gid, ] if cpu is not None: cmd.extend(['--cpu', str(cpu)]) if mem is not None: cmd.extend(['--mem', str(mem)]) if disk is not None: cmd.extend(['--disk', str(disk)]) if gpu is not None: cmd.extend(['--gpu', str(gpu)]) run_command(cmd, 'update quota', stop_on_error=True)
def service_account_create(sid, secret_path, store, description): """Create a service_account""" display.vvv("DC/OS: IAM create service_account {}".format(sid)) if get_secret_value(secret_path, store) is not None: secret_delete(secret_path, store) with tempfile.NamedTemporaryFile('w+') as f_private: with tempfile.NamedTemporaryFile('w+') as f_public: cmd = [ 'dcos', 'security', 'org', 'service-accounts', 'keypair', f_private.name, f_public.name ] run_command(cmd, 'create kepypairs', stop_on_error=True) display.vvv( subprocess.check_output(['cat', f_private.name]).decode()) display.vvv( subprocess.check_output(['cat', f_public.name]).decode()) cmd = [ 'dcos', 'security', 'org', 'service-accounts', 'create', sid, '--public-key', f_public.name, '--description', description ] run_command(cmd, 'create service account', stop_on_error=True) cmd = [ 'dcos', 'security', 'secrets', 'create-sa-secret', '--store-id', store, '--strict', f_private.name, sid, secret_path ] run_command(cmd, 'create service secret', stop_on_error=True)
def ensure_auth(**connect_args): valid = False r = run_command(['dcos', 'config', 'show', 'core.dcos_acs_token']) if r.returncode == 0: parts = r.stdout.read().decode().split('.') info = json.loads(base64.b64decode(parts[1])) exp = int(info['exp']) limit = int(time.time()) + 5 * 60 if exp > limit: valid = True if not valid: refresh_auth(**connect_args)
def refresh_auth(**kwargs): """Run the authentication command using the DC/OS CLI.""" cli_args = parse_connect_options(False, **kwargs) return run_command(['dcos', 'auth', 'login'] + cli_args, 'refresh auth token', True)