def init_flask_app():
config.instance.load_configuration()
setup_flask_app(
manager_ip=config.instance.postgresql_host,
hash_salt=config.instance.security_hash_salt,
secret_key=config.instance.security_secret_key
)
def _init_db_tables(config):
print 'Setting up a Flask app'
setup_flask_app(manager_ip=config['postgresql_host'],
hash_salt=config['hash_salt'],
secret_key=config['secret_key'])
print 'Creating tables in the DB'
upgrade(directory=config['db_migrate_dir'])
def main():
"""Run migration command."""
args = parse_arguments(sys.argv[1:])
configure_logging(args['log_level'])
setup_flask_app()
func = args['func']
func(args)
def main():
"""Run migration command."""
args = parse_arguments(sys.argv[1:])
setup_config(args)
configure_logging(args['log_level'])
setup_flask_app(manager_ip=args['postgresql_host'])
func = args['func']
func(args)
def _init_db_tables(config):
print 'Setting up a Flask app'
setup_flask_app(
manager_ip=config['postgresql_host'],
hash_salt=config['hash_salt'],
secret_key=config['secret_key']
)
print 'Creating tables in the DB'
upgrade(directory=config['db_migrate_dir'])
def main(deployment_id):
setup_flask_app()
config.instance.load_configuration(from_db=False)
sm = storage.get_storage_manager()
dep = sm.get(storage.models.Deployment, deployment_id)
dep.inputs['input1'] = 'bbb'
dep.inputs['fail_create'] = False
sm.update(dep, modified_attrs=['inputs'])
for node in dep.nodes:
node.properties['prop2'] = 'bbb'
sm.update(node, modified_attrs=['properties'])
def _init_db_tables(db_migrate_dir):
print 'Setting up a Flask app'
setup_flask_app(manager_ip=config.instance.postgresql_host,
hash_salt=config.instance.security_hash_salt,
secret_key=config.instance.security_secret_key)
# Clean up the DB, in case it's not a clean install
db.drop_all()
db.engine.execute('DROP TABLE IF EXISTS alembic_version;')
print 'Creating tables in the DB'
upgrade(directory=db_migrate_dir)
def main(tempdir):
"""
Create a Flask app, and using the updated security config file get a new
REST token. Then write the new token to a file under the snapshot`s
tmp dir.
:param tempdir: The temp dir used by `restore snapshot` wf.
"""
setup_flask_app()
sm = get_storage_manager()
admin_user = sm.get(models.User, 0)
token = admin_user.get_auth_token()
_write_token_to_file(tempdir, token)
def main(deployment_id):
# We need to set the environment variable for rest config path as its
# only available on the context of restservice
os.environ['MANAGER_REST_CONFIG_PATH'] = '/opt/manager/cloudify-rest.conf'
setup_flask_app()
config.instance.load_configuration(from_db=False)
sm = storage.get_storage_manager()
dep = sm.get(storage.models.Deployment, deployment_id)
dep.inputs['input1'] = 'bbb'
dep.inputs['fail_create'] = False
sm.update(dep, modified_attrs=['inputs'])
for node in dep.nodes:
node.properties['prop2'] = 'bbb'
sm.update(node, modified_attrs=['properties'])
def _get_storage_manager(self, tenant_name):
app = setup_flask_app()
admin = self._set_current_user(app)
storage_manager = get_storage_manager()
tenant = self._get_or_create_tenant(tenant_name)
self._set_tenant_in_app(tenant, app, storage_manager, admin)
return storage_manager
def _update_manager_networks(hostname, networks, with_broker=False):
"""
Add the new networks to the `provider context` DB table
:param networks: a dict containing the new networks
"""
with setup_flask_app().app_context():
sm = get_storage_manager()
filters = {}
if hostname:
filters = {'hostname': hostname}
managers = sm.list(models.Manager, filters=filters)
if len(managers) != 1:
raise RuntimeError(
'Expected 1 manager, found {0} (passed hostname: {1}'.format(
len(managers), hostname))
manager = managers[0]
if with_broker:
brokers = sm.list(models.RabbitMQBroker)
if len(brokers) != 1:
raise RuntimeError('Expected 1 broker, found {0}'.format(
len(brokers)))
broker = brokers[0]
broker.networks.update(networks)
flag_modified(broker, 'networks')
sm.update(broker)
manager.networks.update(networks)
flag_modified(manager, 'networks')
sm.update(manager)
if update_agents:
update_agents(sm)
def _create_db_and_defaults(config):
print 'Setting up a Flask app'
setup_flask_app(
manager_ip=config['postgresql_host'],
hash_salt=config['hash_salt'],
secret_key=config['secret_key']
)
print 'Creating tables in the DB'
db.create_all()
print 'Creating bootstrap admin, default tenant and security roles'
create_default_user_tenant_and_roles(
admin_username=config['admin_username'],
admin_password=config['admin_password'],
)
def _get_storage_manager(self, tenant_name):
app = flask_utils.setup_flask_app()
admin = flask_utils.set_admin_current_user(app)
storage_manager = get_storage_manager()
tenant = flask_utils.get_tenant_by_name(tenant_name)
self._set_tenant_in_app(tenant, app, storage_manager, admin)
return storage_manager
def _update_admin_password(new_password):
"""Update the admin user's password."""
with setup_flask_app().app_context():
user = user_datastore.get_user('admin')
user.password = hash_password(new_password)
# Unlock account
user.failed_logins_counter = 0
user_datastore.commit()
def cli():
with setup_flask_app().app_context():
config.instance.load_configuration()
parser = argparse.ArgumentParser()
parser.add_argument('--logfile',
default=DEFAULT_LOG_PATH,
help='Path to the log file')
parser.add_argument('--log-level',
dest='loglevel',
default='INFO',
help='Logging level')
args = parser.parse_args()
logging.basicConfig(level=args.loglevel.upper(),
filename=args.logfile,
format="%(asctime)s %(message)s")
logging.getLogger('pika').setLevel(logging.WARNING)
with setup_flask_app().app_context():
main()
def test_try_run_schedule_locked(mock_should_run, mock_get_sm, mock_lock):
mock_lock.return_value = False
sm = mock_get_sm()
next_occurrence = datetime.strftime(datetime.now(), '%Y-%m-%d %H:%M:%S')
schedule = _get_mock_schedule(next_occurrence=next_occurrence)
with setup_flask_app().app_context():
try_run(schedule, sm)
# should_run should not run, and next occurrence won't be updated
mock_should_run.assert_not_called()
assert schedule.next_occurrence == next_occurrence
def _update_admin_password(new_password):
"""Update the admin user's password."""
with setup_flask_app().app_context():
config.instance.load_configuration()
user = user_datastore.get_user('admin')
user.password = hash_password(new_password)
# Unlock account
user.failed_logins_counter = 0
user.active = True
user_datastore.commit()
def _get_flask_app():
for value, envvar in [
(REST_CONFIG_PATH, 'MANAGER_REST_CONFIG_PATH'),
(REST_SECURITY_CONFIG_PATH, 'MANAGER_REST_SECURITY_CONFIG_PATH'),
]:
if value is not None:
environ[envvar] = value
app = setup_flask_app()
set_admin_current_user(app)
return app
def connect(self):
with setup_flask_app().app_context():
db_url = self.config.db_url
# This is to cope with Azure external DB urls:
# https://docs.microsoft.com/en-us/azure/postgresql/quickstart-create-server-database-azure-cli
if db_url.count('@') > 1:
db_url = db_url.replace('@', '%40', 1)
return psycopg2.connect(
db_url,
cursor_factory=DictCursor,
)
def _update_provider_context(hostname, networks):
"""
Add the new networks to the `provider context` DB table
:param networks: a dict containing the new networks
"""
with setup_flask_app().app_context():
sm = get_storage_manager()
manager = sm.get(models.Manger, None, filters={'hostname': hostname})
manager.networks.update(networks)
flag_modified(manager, 'networks')
sm.update(manager)
def _update_provider_context(networks):
"""
Add the new networks to the `provider context` DB table
:param networks: a dict containing the new networks
"""
with setup_flask_app().app_context():
sm = get_storage_manager()
ctx = sm.get(models.ProviderContext, PROVIDER_CONTEXT_ID)
old_networks = ctx.context['cloudify']['cloudify_agent']['networks']
old_networks.update(networks)
flag_modified(ctx, 'context')
sm.update(ctx)
def setup_environment():
for value, envvar in [
(REST_CONFIG_PATH, 'MANAGER_REST_CONFIG_PATH'),
(REST_SECURITY_CONFIG_PATH, 'MANAGER_REST_SECURITY_CONFIG_PATH'),
]:
if value is not None:
environ[envvar] = value
app = setup_flask_app()
with app.app_context():
config.instance.load_configuration()
set_admin_current_user(app)
def main(args):
logging.basicConfig(
level=args.get('loglevel', 'INFO').upper(),
filename=args.get('logfile', DEFAULT_LOG_PATH),
format="%(asctime)s %(message)s")
config.instance.load_from_file(args['config'])
with setup_flask_app().app_context():
config.instance.load_from_db()
amqp_client, db_publisher = _create_connections()
logger.info('Starting consuming...')
amqp_client.consume()
if db_publisher.error_exit:
raise db_publisher.error_exit
def update_provider_context(args):
with setup_flask_app().app_context():
sm = get_storage_manager()
for manager in sm.list(models.Manager):
manager.private_ip = args.manager_ip
manager.public_ip = args.manager_ip
manager.networks['default'] = args.manager_ip
flag_modified(manager, 'networks')
sm.update(manager)
for broker in sm.list(models.RabbitMQBroker):
broker.host = args.manager_ip
broker.networks['default'] = args.manager_ip
flag_modified(broker, 'networks')
sm.update(broker)
def test_try_run_schedule(mock_execute_workflow, mock_get_sm, mock_db):
sm = mock_get_sm()
next_occurrence = datetime.strftime(datetime.now(), '%Y-%m-%d %H:%M:%S')
schedule = _get_mock_schedule(next_occurrence=next_occurrence)
with setup_flask_app().app_context():
try_run(schedule, sm)
mock_execute_workflow.assert_called_once()
mock_db_call_args = [call.args for call in mock_db.method_calls]
assert 'try_advisory_lock' in mock_db_call_args[0][0]
assert 'advisory_unlock' in mock_db_call_args[1][0]
for call_arg in mock_db_call_args:
assert call_arg[1]['lock_number'] == 10001
start_time = date_parser.parse(next_occurrence)
assert (schedule.next_occurrence - start_time).seconds == 60
def reset_storage(script_config):
app = setup_flask_app()
amqp_manager = setup_amqp_manager()
# Clear the old RabbitMQ resources
amqp_manager.remove_tenant_vhost_and_user(DEFAULT_TENANT_NAME)
# Rebuild the DB
safe_drop_all(keep_tables=['roles'])
upgrade(directory=migrations_dir)
# Add default tenant, admin user and provider context
_add_defaults(app, amqp_manager, script_config)
# Clear the connection
close_session(app)
def load_permissions(authorization_file_path, debug=False):
with open(authorization_file_path) as f:
auth_data = yaml.safe_load(f)
with setup_flask_app().app_context():
existing_roles = db.session.query(models.Role)
existing_role_names = [role.name for role in existing_roles]
new_roles = {role['name']: role for role in auth_data['roles']}
for role in existing_roles:
if role.name in new_roles:
role.type = new_roles[role.name]['type']
role.description = new_roles[role.name]['description']
for role_name, role in new_roles.items():
if role_name not in existing_role_names:
db.session.add(
models.Role(name=role['name'],
type=role['type'],
description=role['description']))
roles = {
r.name: r.id
for r in db.session.query(models.Role.name, models.Role.id)
}
existing_permissions = [(perm.role_id, perm.name)
for perm in db.session.query(models.Permission)
]
for permission, permission_roles in auth_data['permissions'].items():
for role_name in permission_roles:
if role_name not in roles:
sys.stderr.write(
'Could not add permission {perm} for role {role} as '
'role does not exist.\n'.format(
perm=permission,
role=role_name,
))
continue
if (roles[role_name], permission) in existing_permissions:
if debug:
print('Permission {perm} for role {role} already '
'exists.'.format(perm=permission,
role=role_name))
continue
db.session.add(
models.Permission(role_id=roles[role_name],
name=permission))
db.session.commit()
def set_ldap(config_dict):
app = setup_flask_app()
# Mock current user, and reload rest configuration
set_admin_current_user(app)
config.instance.load_from_file(CONFIG_FILE_LOCATION)
# Update the config table on manager DB to include LDAP configurations
config.instance.update_db(config_dict)
# Restart the rest service to load the new LDAP configuration
os.system('systemctl restart cloudify-restservice')
# Wait for rest service to reload, up to 5 seconds
end = time.time() + 5
while not time.time() > end:
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
p_open = sock.connect_ex(("localhost", 80)) == 0
if p_open:
break
def set_ldap(config_dict):
app = setup_flask_app()
# Mock current user, and reload rest configuration
set_admin_current_user(app)
config.instance.load_from_file(CONFIG_FILE_LOCATION)
# Update the config table on manager DB to include LDAP configurations
config.instance.update_db(config_dict)
# Restart the rest service to load the new LDAP configuration
os.system('systemctl restart cloudify-restservice')
# Wait for rest service to reload, up to 5 seconds
end = time.time() + 5
while not time.time() > end:
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
p_open = sock.connect_ex(("localhost", 80)) == 0
if p_open:
break
def reset_storage(script_config):
app = setup_flask_app()
config.instance.load_configuration()
amqp_manager = setup_amqp_manager()
# Clear the old RabbitMQ resources
amqp_manager.remove_tenant_vhost_and_user(DEFAULT_TENANT_NAME)
# Rebuild the DB
safe_drop_all(keep_tables=['roles', 'config', 'rabbitmq_brokers',
'certificates', 'managers', 'db_nodes'])
upgrade(directory=migrations_dir)
# Add default tenant, admin user and provider context
_add_defaults(app, amqp_manager, script_config)
# Clear the connection
close_session(app)
subprocess.check_call(['sudo', ADMIN_TOKEN_RESET_SCRIPT])
def reset_storage(script_config):
app = setup_flask_app()
config.instance.load_configuration()
amqp_manager = setup_amqp_manager()
# Clear the old RabbitMQ resources
amqp_manager.remove_tenant_vhost_and_user(DEFAULT_TENANT_NAME)
# Rebuild the DB
safe_drop_all(keep_tables=['roles', 'config', 'rabbitmq_brokers',
'certificates'])
upgrade(directory=migrations_dir)
# Add default tenant, admin user and provider context
_add_defaults(app, amqp_manager, script_config)
# Clear the connection
close_session(app)
subprocess.check_call(['sudo', ADMIN_TOKEN_RESET_SCRIPT])
def update_provider_context(args):
if args.networks:
networks = json.load(args.networks)['networks']
else:
networks = None
with setup_flask_app().app_context():
sm = get_storage_manager()
ctx = sm.get(models.ProviderContext, PROVIDER_CONTEXT_ID)
agent_dict = ctx.context['cloudify']['cloudify_agent']
if networks:
for network_name, address in networks.items():
previous_address = agent_dict['networks'].get(network_name)
if previous_address and address != previous_address:
raise ValueError('Cannot change network {0} address'
.format(network_name))
else:
agent_dict['networks'][network_name]['manager'] = address
agent_dict['broker_ip'] = args.manager_ip
agent_dict['networks']['default']['manager'] = args.manager_ip
flag_modified(ctx, 'context')
sm.update(ctx)
def _get_flask_app():
config.instance.load_from_file(RESTSERVICE_CONFIG_PATH)
return setup_flask_app()
def setup_flask_app(tenant_name):
app = flask_utils.setup_flask_app()
flask_utils.set_admin_current_user(app)
tenant = flask_utils.get_tenant_by_name(tenant_name)
flask_utils.set_tenant_in_app(tenant)
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# * See the License for the specific language governing permissions and
# * limitations under the License.
from os import environ
from manager_rest.config import instance
from manager_rest.amqp_manager import AMQPManager
from manager_rest.flask_utils import setup_flask_app
environ['MANAGER_REST_CONFIG_PATH'] = '/opt/manager/cloudify-rest.conf'
app = setup_flask_app()
with app.app_context():
instance.load_configuration()
amqp_manager = AMQPManager(
host=instance.amqp_host,
username=instance.amqp_username,
password=instance.amqp_password
)
amqp_manager.sync_metadata()
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# * See the License for the specific language governing permissions and
# * limitations under the License.
from os import environ
from manager_rest.config import instance
from manager_rest.amqp_manager import AMQPManager
from manager_rest.flask_utils import setup_flask_app
from manager_rest.constants import SECURITY_FILE_LOCATION
environ['MANAGER_REST_CONFIG_PATH'] = '/opt/manager/cloudify-rest.conf'
environ['MANAGER_REST_SECURITY_CONFIG_PATH'] = SECURITY_FILE_LOCATION
app = setup_flask_app()
with app.app_context():
instance.load_configuration()
amqp_manager = AMQPManager(
host=instance.amqp_management_host,
username=instance.amqp_username,
password=instance.amqp_password,
verify=instance.amqp_ca_path
)
amqp_manager.sync_metadata()
