def main():
reporting_cf = common.get_template(TEMPLATE_BASE).replace(
"{{import_config_rule_status}}",
get_checksum_zip.get_checksum_zip("import_config_rule_status"))
common.generate_file(TEMPLATE_DESTINATION,
reporting_cf) # Creates the deployable CF file
def main():
args = parse_args()
path = Path(args.filename)
version = AsdfVersion(args.version)
generate_file(path, version)
def main():
citizen_rules_cfn = get_temp(RULES_TEMP_BASE).replace(
"{{citizen_rules}}",
get_rules_cf(get_rules())
# get_rules_cf([{'description': 'Placeholder', 'name': 'check_root_access_keys' }])
)
generate_file(TEMP_DESTINATION, citizen_rules_cfn)
def main():
"""Main function."""
template = common.get_template(TEMPLATE_SOURCE).replace(
"{{bakery_account}}",
BAKERY_VARS.BakeryAccount).replace("{{access_type_roles}}",
get_access_type_roles())
common.generate_file(TEMPLATE_DESTINATION, template)
def main():
"""Main function."""
template = common.get_template(TEMPLATE_SOURCE).replace(
"{{groups_policies}}",
get_groups_policies()
)
common.generate_file(TEMPLATE_DESTINATION, template)
def main():
roles_cf = get_temp(
TEMP_BASE).replace( # Update Citizen roles with Citizen account info
"{{citizen_roles}}", get_citizen_roles(get_accounts())
).replace( # Update CitizenUpdate roles with Citizen account info
"{{citizen_update_roles}}",
get_citizen_update_roles(get_accounts()))
generate_file(TEMP_DESTINATION, roles_cf) # Creates the deployable CF file
def main():
citizen_update_cf = get_temp(
TEMP_BASE
).replace( # Update bucket policy with child account information
"{{bucket_policy_accounts}}", get_bucket_policy_cf(get_accounts())
).replace( # Update CitizenUpdate lambda function with checksum details
"{{update_citizen_stacks}}", get_checksum_zip("update_citizen_stacks"))
generate_file(TEMP_DESTINATION,
citizen_update_cf) # Creates the deployable CF file
def main():
"""Main function"""
template = common.get_template(RULE_TEMPLATE_BASE).replace(
"{{proxy_lambda_zip}}",
get_checksum_zip.get_checksum_zip("proxy_lambda")).replace(
"{{proxy_lambda_permissions}}",
get_accounts_permissions(get_accounts.get_accounts()))
common.generate_file(TEMPLATE_DESTINATION, template)
def main():
reporting_cf = get_temp(
TEMP_BASE
).replace( # Update CF template with all CloudWatch events
"{{event_rule}}", get_event_rule_cf(get_accounts())
).replace( # Update generate_compliance_report lambda function with checksum details
"{{generate_compliance_report}}",
get_checksum_zip("generate_compliance_report"))
generate_file(TEMP_DESTINATION,
reporting_cf) # Creates the deployable CF file
def main():
"""Main function"""
template = common.get_template(RULE_TEMPLATE_BASE).replace(
"{{notifications_slack}}",
get_notifications.get_notification_slack()).replace(
"{{slack_channel_hook_url}}",
get_notifications.get_slack_channel_hook_url()).replace(
"{{notifications_email}}",
get_notifications.get_notification_email())
common.generate_file(TEMPLATE_DESTINATION, template)
def main():
"""Main function."""
template = common.get_template(TEMPLATE_SOURCE).replace(
"{{bakery_account}}",
BAKERY_VARS.BakeryAccount
).replace(
"{{access_type_roles}}",
get_access_type_roles()
)
common.generate_file(TEMPLATE_DESTINATION, template)
def test_file_compatibility(asdf_version, env_path, tmpdir):
# Sanity check to ensure we're not accidentally comparing
# the current code to itself.
installed_version = get_installed_version(env_path)
assert installed_version == asdf_version, (
"The version of asdf in the virtualenv ({}) does ".format(
installed_version) +
"not match the version being tested ({})".format(asdf_version))
# We can only test ASDF Standard versions that both library
# versions support.
current_supported_versions = set(asdf.versioning.supported_versions)
old_supported_versions = set(get_supported_versions(env_path))
standard_versions = [
v for v in current_supported_versions.intersection(
old_supported_versions)
]
# Confirm that this test isn't giving us a false sense of security.
assert len(standard_versions) > 0
for standard_version in standard_versions:
# Confirm that a file generated by the current version of the code
# can be read by the older version of the library.
if asdf_version >= MIN_VERSION_NEW_FILES:
current_file_path = Path(str(tmpdir)) / "test-current.asdf"
generate_file(current_file_path, standard_version)
assert env_run(
env_path,
"python",
ASSERT_SCRIPT_PATH,
current_file_path,
capture_output=True
), ("asdf library version {} failed to read an ASDF Standard {} ".
format(asdf_version, standard_version) +
"file produced by this code")
# Confirm that a file generated by the older version of the library
# can be read by the current version of the code.
if asdf_version >= MIN_VERSION_OLD_FILES:
old_file_path = Path(str(tmpdir)) / "test-old.asdf"
assert env_run(
env_path,
"python",
GENERATE_SCRIPT_PATH,
old_file_path,
str(standard_version),
capture_output=True
), ("asdf library version {} failed to generate an ASDF Standard {} file"
.format(asdf_version, standard_version))
assert_file_correct(old_file_path), (
"asdf library version {} produced an ASDF Standard {} ".format(
asdf_version, standard_version) +
"that this code failed to read")
def main():
citizen_update_cf = common.get_template(TEMPLATE_BASE).replace(
"{{bucket_policy_accounts}}",
get_bucket_policy_cf(get_accounts.get_accounts())).replace(
"{{update_citizen_stacks}}",
get_checksum_zip.get_checksum_zip(
"update_citizen_stacks")).replace(
"{{external_cidr}}", get_external_cidr.get_external_cidr())
common.generate_file(TEMPLATE_DESTINATION,
citizen_update_cf) # Creates the deployable CF file
def main():
elasticsearch_cf = get_temp(
TEMP_BASE
).replace( # Update logs_to_elastic_search lambda function with checksum details
"{{logs_to_elastic_search}}",
get_checksum_zip("logs_to_elastic_search")
).replace( # Update roll_indexes lambda function with checksum details
"{{roll_indexes}}",
get_checksum_zip("roll_indexes")).replace("{{external_cidr}}",
get_external_cidr())
generate_file(TEMP_DESTINATION,
elasticsearch_cf) # Creates the deployable CF file
def main(args):
# If no parameters were passed in
if len(args) == 1:
rules = get_verification_rules.get_rules()
else:
# Parameter contains paths, e.g. ./verification_rules,./folder1/verification_rules
rules = get_verification_rules.get_rules(args[1].split(","))
citizen_rules_cfn = common.get_template(RULES_TEMPLATE_BASE).replace(
"{{citizen_rules}}", get_rules_cf(rules))
common.generate_file(TEMPLATE_DESTINATION, citizen_rules_cfn)
def main():
verification_rule_cf = get_temp(
RULES_TEMP_BASE
).replace( # Update cf with each rule stack
"{{verification_rules}}", get_rules_cf(get_rules())
).replace( # Update S3 bucket policy to only allow access from company's IP address range
"{{external_cidr}}",
get_external_cidr()).replace("{{notifications_slack}}",
get_notification_slack()).replace(
"{{slack_channel_hook_url}}",
get_slack_channel_hook_url()).replace(
"{{notifications_email}}",
get_notification_email())
generate_file(TEMP_DESTINATION, verification_rule_cf)
def main(args):
"""Main function"""
# If no parameters were passed in
if len(args) == 1:
cloud_formation_snippet = get_cloud_formation_snippet()
else:
# Parameter contains paths, e.g. ./verification_rules,./folder1/verification_rules
cloud_formation_snippet = get_cloud_formation_snippet(
args[1].split(","))
template = common.get_template(RULE_TEMPLATE_BASE).replace(
"{{proxy_rules}}", cloud_formation_snippet)
common.generate_file(TEMPLATE_DESTINATION, template)
def main(args):
"""Opens a "template" file, substitutes values into it and then writes
the contents to a new file.
"""
# If no parameters were passed in
if len(args) == 1:
rules = get_verification_rules.get_rules()
else:
# Parameter contains paths, e.g. ./verification_rules,./folder1/verification_rules
rules = get_verification_rules.get_rules(args[1].split(","))
elasticsearch_cf = common.get_template(RULES_TEMPLATE_BASE).replace(
"{{logs_to_elastic_search}}",
get_checksum_zip.get_checksum_zip("logs_to_elastic_search")).replace(
"{{roll_indexes}}",
get_checksum_zip.get_checksum_zip("roll_indexes")).replace(
"{{external_cidr}}",
get_external_cidr.get_external_cidr()).replace(
"{{rules-subscriptions}}", get_subscriptions_cf(rules))
common.generate_file(TEMPLATE_DESTINATION, elasticsearch_cf)
def main():
args = parse_args()
if not os.path.isdir(args.prefix):
common.print_error('Error: path "%s" is not a directory.' % args.prefix)
exit(-1)
outer_project_directory = os.path.join(args.prefix, args.project_name)
inner_project_directory = os.path.join(outer_project_directory, args.project_name)
try:
if os.path.exists(outer_project_directory):
if not args.force:
common.print_error('Error: path "%s" already exists. Use --force to remove it.' %
outer_project_directory)
exit(-1)
shutil.rmtree(outer_project_directory)
os.mkdir(outer_project_directory)
os.mkdir(inner_project_directory)
except Exception as e:
common.print_error(str(e))
exit(-1)
libraries = list()
if args.type == 'console':
common.generate_file(os.path.join(inner_project_directory, 'main.cpp'), generate_console_main_cpp)
elif args.type == 'ncurses':
common.generate_file(os.path.join(inner_project_directory, 'main.cpp'), generate_ncurses_main_cpp)
libraries.append('ncurses')
common.generate_file(os.path.join(inner_project_directory, 'CMakeLists.txt'),
cmake_project_generator.generate_cmakelists_txt, args.project_name, args.std, libraries)
configured_compilers = mkfish_settings.mkfish_settings['compilers']
configured_build_types = mkfish_settings.mkfish_settings['build_types']
for compiler in configured_compilers:
compiler_spec = configured_compilers[compiler]
for build_type in configured_build_types:
build_type_spec = configured_build_types[build_type]
build_directory_name = compiler + '.' + build_type
build_directory = os.path.join(outer_project_directory, build_directory_name)
os.mkdir(build_directory)
cmake_args = list()
cmake_args.append(mkfish_settings.mkfish_settings['cmake_executable'])
cmake_args.append('-DCMAKE_BUILD_TYPE='+ build_type_spec['cmake_build_type'])
cmake_args.append('-DCMAKE_C_COMPILER=' + compiler_spec['c_compiler'])
cmake_args.append('-DCMAKE_CXX_COMPILER=' + compiler_spec['cxx_compiler'])
cmake_args.append('../' + args.project_name)
subprocess.Popen(cmake_args, cwd=build_directory).wait()
def main():
verification_rule_cf = get_temp(
RULE_TEMP_BASE).replace( # Update cf with with resources for each rule
"{{verification_rule}}", get_rule_cf(get_accounts()))
generate_file(TEMP_DESTINATION, verification_rule_cf)
def main():
"""Main function."""
template = common.get_template(TEMPLATE_SOURCE).replace(
"{{groups_policies}}", get_groups_policies())
common.generate_file(TEMPLATE_DESTINATION, template)
def main():
common.generate_file(TEMPLATE_DESTINATION,
common.get_template(RULES_TEMPLATE_BASE))
def main():
roles_cf = common.get_template(TEMPLATE_BASE)
common.generate_file(TEMPLATE_DESTINATION,
roles_cf) # Creates the deployable CF file
def main():
subscriptions_cf = get_temp(
RULES_TEMP_BASE).replace( # Update cf with each rule subscription
"{{rules-subscriptions}}", get_subscriptions_cf(get_rules()))
generate_file(TEMP_DESTINATION,
subscriptions_cf) # Creates the deployable CF file