def init():
"""Initializes all required variable for the tracer."""
global jrds_client, jrds_cert_path, jrds_key_path, jrds_base_uri, subscription_id, \
account_id, machine_id, hybrid_worker_group_name, worker_version, sandbox_id
# Create the http client
http_client_factory = HttpClientFactory(configuration.get_jrds_cert_path(), configuration.get_jrds_key_path(),
configuration.get_verify_certificates())
http_client = http_client_factory.create_http_client(sys.version_info)
jrds_client = JRDSClient(http_client)
# Populate global configuration values
jrds_cert_path = configuration.get_jrds_cert_path()
jrds_key_path = configuration.get_jrds_key_path()
jrds_base_uri = configuration.get_jrds_base_uri()
subscription_id = "00000000-0000-0000-0000-000000000000" # temporary place holder
account_id = configuration.get_account_id()
machine_id = configuration.get_machine_id()
hybrid_worker_group_name = configuration.get_hybrid_worker_name()
worker_version = configuration.get_worker_version()
sandbox_id = None
try:
sandbox_id = os.environ["sandbox_id"]
except KeyError:
pass
# initialize the loggers for for all components except runbook
if configuration.get_component() != "runbook":
locallogger.init_logger()
def init():
"""Initializes all required variable for the tracer."""
global jrds_client, jrds_cert_path, jrds_key_path, jrds_base_uri, subscription_id, \
account_id, machine_id, hybrid_worker_group_name, worker_version, activity_id, sandbox_id
# Create the http client
http_client_factory = HttpClientFactory(
configuration.get_jrds_cert_path(), configuration.get_jrds_key_path(),
configuration.get_verify_certificates())
http_client = http_client_factory.create_http_client(sys.version_info)
jrds_client = JRDSClient(http_client)
# Populate global configuration values
jrds_cert_path = configuration.get_jrds_cert_path()
jrds_key_path = configuration.get_jrds_key_path()
jrds_base_uri = configuration.get_jrds_base_uri()
subscription_id = "00000000-0000-0000-0000-000000000000" # temporary place holder
account_id = configuration.get_account_id()
machine_id = configuration.get_machine_id()
hybrid_worker_group_name = configuration.get_hybrid_worker_name()
worker_version = configuration.get_worker_version()
sandbox_id = None
try:
sandbox_id = os.environ["sandbox_id"]
except KeyError:
pass
# initialize the loggers for for all components except runbook
if configuration.get_component() != "runbook":
init_logger()
def validate_and_setup_path():
# default to user dir for exception logs to be writen to disk
test_file_name = "test_file"
# test certificate and key path
if not os.path.isfile(configuration.get_jrds_cert_path()) or not os.path.isfile(configuration.get_jrds_key_path()):
exit_on_error("Invalid certificate of key file path (absolute path is required).")
# test working dirextory for existance and permissions
if not os.path.exists(configuration.get_working_directory_path()):
exit_on_error("Invalid working directory path (absolute path is required).")
file_creation = test_file_creation(os.path.join(configuration.get_working_directory_path(), test_file_name))
if file_creation is False:
exit_on_error("Invalid working directory permission (read/write permissions are required).")
# test keyring paths
keyring_path = configuration.get_gpg_public_keyring_path()
if keyring_path != configuration.DEFAULT_GPG_PUBLIC_KEYRING_PATH and not os.path.isfile(keyring_path):
exit_on_error("Invalid gpg public keyring path (absolute path is required).")
# test state file path
if configuration.get_state_directory_path() != configuration.DEFAULT_STATE_DIRECTORY_PATH:
if not os.path.exists(configuration.get_state_directory_path()):
exit_on_error("Invalid state directory path (absolute path is required).")
file_creation = test_file_creation(os.path.join(configuration.get_state_directory_path(), test_file_name))
if file_creation is False:
exit_on_error("Invalid state directory permission (read/write permissions are required).")
def routine(self):
# die if pre-reqs are not met
if os.path.exists(configuration.get_jrds_cert_path()) is False or \
os.path.exists(configuration.get_jrds_key_path()) is False or \
os.path.exists(configuration.get_worker_configuration_file_path()) is False:
raise SystemExit()
# clean up finished jobs
self.stop_tracking_terminated_jobs()
# get job actions
try:
job_actions = self.jrds_client.get_job_actions(self.sandbox_id)
except JrdsSandboxTerminated:
tracer.log_sandbox_jrds_closure_request()
global routine_loop
routine_loop = False
return
for job_action in job_actions:
job_id = job_action["JobId"]
job_data = self.jrds_client.get_job_data(job_id)
job_pending_action = job_data.pending_action
job_status = job_data.job_status
# issue pending action
if job_pending_action == pendingactions.ACTIVATE_ENUM_INDEX or \
(job_pending_action is None and job_status == jobstatus.ACTIVATING_ENUM_INDEX) or \
(job_pending_action is None and job_status == jobstatus.RUNNING_ENUM_INDEX):
tracer.log_sandbox_pending_action_activate_detected(
job_id, job_status, job_pending_action)
# check if the specified job is already running to prevent duplicate
if job_id in job_map:
continue
# create and start the new job
job_message_queue = Queue()
job_thread_exception_queue = Queue()
job = Job(self.sandbox_id, job_id, job_message_queue,
self.jrds_client, job_thread_exception_queue)
job_map[job_id] = (job, job_message_queue,
job_thread_exception_queue)
tracer.log_sandbox_started_tracking_job(job_id)
job.start()
elif job_pending_action == pendingactions.STOP_ENUM_INDEX:
tracer.log_sandbox_pending_action_stop_detected(
job_id, job_status, job_pending_action)
# check if the specified job is already running before issuing pending action
if job_id not in job_map:
continue
# propagate pending action to job thread
job_map[job_id][1].put(job_pending_action)
elif job_pending_action is None:
tracer.log_sandbox_no_pending_action_detected(
job_id, job_status)
else:
tracer.log_sandbox_unsupported_pending_action_detected(
job_id, job_status, job_pending_action)
def __init__(self):
self.sandbox_id = os.environ["sandbox_id"]
tracer.log_sandbox_starting(self.sandbox_id, os.getpid())
http_client_factory = HttpClientFactory(
configuration.get_jrds_cert_path(),
configuration.get_jrds_key_path())
http_client = http_client_factory.create_http_client(
sys.version_info, configuration.get_verify_certificates())
self.jrds_client = JRDSClient(http_client)
def __init__(self):
tracer.log_worker_starting(configuration.get_worker_version())
http_client_factory = HttpClientFactory(
configuration.get_jrds_cert_path(),
configuration.get_jrds_key_path())
http_client = http_client_factory.create_http_client(
sys.version_info, configuration.get_verify_certificates())
self.jrds_client = JRDSClient(http_client)
self.running_sandboxes = {}
def __init__(self):
self.sandbox_id = os.environ["sandbox_id"]
tracer.log_sandbox_starting(sandbox_id=self.sandbox_id, pid=os.getpid(),
worker_type=configuration.get_worker_type())
tracer.log_sandbox_configuration(sandbox_id=self.sandbox_id,
enforce_runbook_signature_validation=configuration.get_enforce_runbook_signature_validation(),
gpg_public_keyring_paths=configuration.get_gpg_public_keyrings_path(),
working_directory=os.getcwd())
http_client_factory = HttpClientFactory(configuration.get_jrds_cert_path(), configuration.get_jrds_key_path(),
configuration.get_verify_certificates())
http_client = http_client_factory.create_http_client(sys.version_info)
self.jrds_client = JRDSClient(http_client)
def assert_environment_prerequisite():
jrds_cert_path = configuration.get_jrds_cert_path()
if util.assert_file_read_permission(jrds_cert_path) is False:
raise InvalidFilePermissionException(jrds_cert_path)
jrds_key_path = configuration.get_jrds_key_path()
if util.assert_file_read_permission(jrds_key_path) is False:
raise InvalidFilePermissionException(jrds_key_path)
worker_conf_path = configuration.get_worker_configuration_file_path()
if util.assert_file_read_permission(worker_conf_path) is False:
raise InvalidFilePermissionException(worker_conf_path)
proxy_conf_path = configuration.get_proxy_configuration_path()
if proxy_conf_path != configuration.DEFAULT_PROXY_CONFIGURATION_PATH and os.path.isfile(proxy_conf_path):
if util.assert_file_read_permission(proxy_conf_path) is False:
raise InvalidFilePermissionException(proxy_conf_path)
def validate_and_setup_path():
# default to user dir for exception logs to be writen to disk
test_file_name = "test_file"
# test certificate and key path
if not os.path.isfile(
configuration.get_jrds_cert_path()) or not os.path.isfile(
configuration.get_jrds_key_path()):
exit_on_error(
"Invalid certificate of key file path (absolute path is required)."
)
# test working dirextory for existance and permissions
if not os.path.exists(configuration.get_working_directory_path()):
exit_on_error(
"Invalid working directory path (absolute path is required).")
file_creation = test_file_creation(
os.path.join(configuration.get_working_directory_path(),
test_file_name))
if file_creation is False:
exit_on_error(
"Invalid working directory permission (read/write permissions are required)."
)
# test keyring paths
keyring_path = configuration.get_gpg_public_keyring_path()
if keyring_path != configuration.DEFAULT_GPG_PUBLIC_KEYRING_PATH and not os.path.isfile(
keyring_path):
exit_on_error(
"Invalid gpg public keyring path (absolute path is required).")
# test state file path
if configuration.get_state_directory_path(
) != configuration.DEFAULT_STATE_DIRECTORY_PATH:
if not os.path.exists(configuration.get_state_directory_path()):
exit_on_error(
"Invalid state directory path (absolute path is required).")
file_creation = test_file_creation(
os.path.join(configuration.get_state_directory_path(),
test_file_name))
if file_creation is False:
exit_on_error(
"Invalid state directory permission (read/write permissions are required)."
)
def init():
"""Initializes all required variable for the tracer."""
global default_logger, sandbox_stdout, jrds_client, jrds_cert_path, jrds_key_path, jrds_base_uri, subscription_id, \
account_id, machine_id, hybrid_worker_group_name, worker_version, activity_id, sandbox_id
# Create the http client
http_client_factory = HttpClientFactory(
configuration.get_jrds_cert_path(), configuration.get_jrds_key_path(),
configuration.get_verify_certificates())
http_client = http_client_factory.create_http_client(sys.version_info)
jrds_client = JRDSClient(http_client)
# Populate global configuration values
jrds_cert_path = configuration.get_jrds_cert_path()
jrds_key_path = configuration.get_jrds_key_path()
jrds_base_uri = configuration.get_jrds_base_uri()
subscription_id = "00000000-0000-0000-0000-000000000000" # temporary place holder
account_id = configuration.get_account_id()
machine_id = configuration.get_machine_id()
hybrid_worker_group_name = configuration.get_hybrid_worker_name()
worker_version = configuration.get_worker_version()
sandbox_id = None
try:
sandbox_id = os.environ["sandbox_id"]
except KeyError:
pass
if sandbox_id is not None:
log_file_name = configuration.get_component() + sandbox_id
else:
log_file_name = configuration.get_component()
file_name = os.path.join(configuration.get_working_directory_path(),
log_file_name + '.log')
logging.Formatter.converter = time.gmtime
# Default logger
default_logger = logging.getLogger("default_logger")
default_logger.setLevel(logging.INFO)
# Logger for the sandbox traces coming back to worker
sandbox_stdout = logging.getLogger("sandbox_stdout_logger")
sandbox_stdout.setLevel(logging.INFO)
# Default rotating file handler write traces with the specified format to disk.
default_rf_handler = logging.handlers.RotatingFileHandler(
file_name, maxBytes=10485760, backupCount=5)
formatter = logging.Formatter('%(asctime)s (' + str(os.getpid()) + ')' +
configuration.get_component() +
' : %(message)s',
datefmt="%Y-%m-%d %H:%M:%S")
default_rf_handler.setFormatter(formatter)
default_logger.addHandler(default_rf_handler)
# Traces coming from sandbox child process and collected by the worker are already formatted, hence no formatter
# needed.
worker_sandbox_rf_handler = logging.handlers.RotatingFileHandler(
file_name, maxBytes=10485760, backupCount=5)
sandbox_stdout.addHandler(worker_sandbox_rf_handler)
# Stdout handler (Worker traces have to be formatted).
log_stream = logging.StreamHandler(sys.stdout)
log_stream.setFormatter(formatter)
default_logger.addHandler(log_stream)
# Stdout handler (traces coming from child process are already formatted).
sandbox_log_stream = logging.StreamHandler(sys.stdout)
sandbox_stdout.addHandler(sandbox_log_stream)
def __init__(self):
tracer.log_worker_starting(configuration.get_worker_version())
http_client_factory = HttpClientFactory(configuration.get_jrds_cert_path(), configuration.get_jrds_key_path())
http_client = http_client_factory.create_http_client(sys.version_info, configuration.get_verify_certificates())
self.jrds_client = JRDSClient(http_client)
self.running_sandboxes = {}
return json.loads(variable[KEY_VALUE])
def set_automation_variable(name, value):
jrds_client.set_variable_asset(name, json.dumps(value), False)
def get_automation_credential(name):
credential = jrds_client.get_credential_asset(name)
return CredentialModelV1(credential[KEY_USERNAME], credential[KEY_VALUE])
def get_automation_connection(name):
connection = jrds_client.get_connection_asset(name)
return connection[KEY_CONNECTION_FIELDS]
class CredentialModelV1:
def __init__(self, username, password):
self.username = username
self.password = password
configuration.set_config({configuration.COMPONENT: "assets"})
json = serializerfactory.get_serializer(sys.version_info)
http_client_factory = HttpClientFactory(
configuration.get_jrds_cert_path(), configuration.get_jrds_key_path(),
configuration.get_verify_certificates())
http_client = http_client_factory.create_http_client(sys.version_info)
jrds_client = JRDSClient(http_client)
def get_automation_variable(name):
variable = jrds_client.get_variable_asset(name)
return json.loads(variable[KEY_VALUE])
def set_automation_variable(name, value):
jrds_client.set_variable_asset(name, json.dumps(value), False)
def get_automation_credential(name):
credential = jrds_client.get_credential_asset(name)
return {"username": credential[KEY_USERNAME], "password": credential[KEY_VALUE]}
def get_automation_connection(name):
connection = jrds_client.get_connection_asset(name)
return connection[KEY_CONNECTION_FIELDS]
def get_automation_certificate(name):
certificate = jrds_client.get_certificate_asset(name)
return binascii.a2b_base64(certificate[KEY_VALUE])
configuration.set_config({configuration.COMPONENT: "assets"})
json = serializerfactory.get_serializer(sys.version_info)
http_client_factory = HttpClientFactory(configuration.get_jrds_cert_path(), configuration.get_jrds_key_path(),
configuration.get_verify_certificates())
http_client = http_client_factory.create_http_client(sys.version_info)
jrds_client = JRDSClient(http_client)
def validate_and_setup_path():
# default to user dir for exception logs to be writen to disk
test_file_name = "test_file"
# test certificate and key path
if not os.path.isfile(
configuration.get_jrds_cert_path()) or not os.path.isfile(
configuration.get_jrds_key_path()):
exit_on_error(
"Invalid certificate of key file path (absolute path is required)."
)
# test working directory for existence and permissions
working_directory_path = configuration.get_working_directory_path()
if not os.path.exists(working_directory_path):
exit_on_error(
"Invalid working directory path (absolute path is required).")
file_creation = test_file_creation(
os.path.join(working_directory_path, test_file_name))
if file_creation is False:
exit_on_error(
"Invalid working directory permission (read/write permissions are required)."
)
# test keyring paths
keyrings = configuration.get_gpg_public_keyrings_path()
for keyring_path in keyrings:
if keyring_path != configuration.DEFAULT_GPG_PUBLIC_KEYRING_PATH and not os.path.isfile(
keyring_path):
exit_on_error(
"Invalid gpg public keyring path (absolute path is required).")
# test state file path
if configuration.get_state_directory_path(
) != configuration.DEFAULT_STATE_DIRECTORY_PATH:
if not os.path.exists(configuration.get_state_directory_path()):
exit_on_error(
"Invalid state directory path (absolute path is required).")
file_creation = test_file_creation(
os.path.join(configuration.get_state_directory_path(),
test_file_name))
if file_creation is False:
exit_on_error(
"Invalid state directory permission (read/write permissions are required)."
)
# OMS integration
# set the working directory owner to be nxautomation:omiusers
if os.name.lower() != "nt":
import pwd
try:
nxautomation_uid = int(pwd.getpwnam('nxautomation').pw_uid)
if os.getuid() == nxautomation_uid:
retval = subprocess.call([
"sudo", "chown", "-R", "nxautomation:omiusers",
working_directory_path
])
if retval != 0:
exit_on_error(
"Could not change owner of working directory %s to nxautomation:omiusers"
% (working_directory_path))
except KeyError:
# nxautomation user was not found on the system, skip this step
tracer.log_debug_trace(
"Ownership change of working directory skipped. nxautomation user not found."
)
pass
def __init__(self):
self.sandbox_id = os.environ["sandbox_id"]
tracer.log_sandbox_starting(self.sandbox_id, os.getpid())
http_client_factory = HttpClientFactory(configuration.get_jrds_cert_path(), configuration.get_jrds_key_path())
http_client = http_client_factory.create_http_client(sys.version_info, configuration.get_verify_certificates())
self.jrds_client = JRDSClient(http_client)
def init():
"""Initializes all required variable for the tracer."""
global default_logger, sandbox_stdout, jrds_client, jrds_cert_path, jrds_key_path, jrds_base_uri, subscription_id,\
account_id, machine_id, hybrid_worker_group_name, worker_version, activity_id
# Create the http client
http_client_factory = HttpClientFactory(configuration.get_jrds_cert_path(), configuration.get_jrds_key_path())
http_client = http_client_factory.create_http_client(sys.version_info, configuration.get_verify_certificates())
jrds_client = JRDSClient(http_client)
# Populate global configuration values
jrds_cert_path = configuration.get_jrds_cert_path()
jrds_key_path = configuration.get_jrds_key_path()
jrds_base_uri = configuration.get_jrds_base_uri()
subscription_id = "00000000-0000-0000-0000-000000000000" # temporary place holder
account_id = configuration.get_account_id()
machine_id = configuration.get_machine_id()
hybrid_worker_group_name = configuration.get_hybrid_worker_name()
worker_version = configuration.get_worker_version()
activity_id = generate_activity_id()
sandbox_id = None
try:
sandbox_id = os.environ["sandbox_id"]
except KeyError:
pass
if sandbox_id is not None:
log_file_name = configuration.get_component() + sandbox_id
else:
log_file_name = configuration.get_component()
file_name = os.path.join(configuration.get_working_directory_path(), log_file_name + '.log')
logging.Formatter.converter = time.gmtime
# Default logger
default_logger = logging.getLogger("default_logger")
default_logger.setLevel(logging.INFO)
# Logger for the sandbox traces coming back to worker
sandbox_stdout = logging.getLogger("sandbox_stdout_logger")
sandbox_stdout.setLevel(logging.INFO)
# Default rotating file handler write traces with the specified format to disk.
default_rf_handler = logging.handlers.RotatingFileHandler(file_name, maxBytes=10485760, backupCount=5)
formatter = logging.Formatter('%(asctime)s (' + str(os.getpid()) + ')' + configuration.get_component() +
' : %(message)s', datefmt="%Y-%m-%d %H:%M:%S")
default_rf_handler.setFormatter(formatter)
default_logger.addHandler(default_rf_handler)
# Traces coming from sandbox child process and collected by the worker are already formatted, hence no formatter
# needed.
worker_sandbox_rf_handler = logging.handlers.RotatingFileHandler(file_name, maxBytes=10485760, backupCount=5)
sandbox_stdout.addHandler(worker_sandbox_rf_handler)
# Stdout handler (Worker traces have to be formatted).
log_stream = logging.StreamHandler(sys.stdout)
log_stream.setFormatter(formatter)
default_logger.addHandler(log_stream)
# Stdout handler (traces coming from child process are already formatted).
sandbox_log_stream = logging.StreamHandler(sys.stdout)
sandbox_stdout.addHandler(sandbox_log_stream)