def __init__(self, hostname, port=DEFAULT_SSH_PORT, username=None, password=None,
bastion_host=None,
key_files=None, key_material=None, timeout=None, passphrase=None):
"""
Authentication is always attempted in the following order:
- The key passed in (if key is provided)
- Any key we can find through an SSH agent (only if no password and
key is provided)
- Any "id_rsa" or "id_dsa" key discoverable in ~/.ssh/ (only if no
password and key is provided)
- Plain username/password auth, if a password was given (if password is
provided)
"""
self.hostname = hostname
self.port = port
self.username = username
self.password = password
self.key_files = key_files
self.timeout = timeout or ParamikoSSHClient.CONNECT_TIMEOUT
self.key_material = key_material
self.bastion_host = bastion_host
self.passphrase = passphrase
self.ssh_config_file = os.path.expanduser(
cfg.CONF.ssh_runner.ssh_config_file_path or
'~/.ssh/config'
)
self.logger = logging.getLogger(__name__)
self.client = None
self.sftp_client = None
self.bastion_client = None
self.bastion_socket = None
def __init__(
self, hostname, port=22, username=None, password=None, key=None, key_files=None, key_material=None, timeout=None
):
"""
Authentication is always attempted in the following order:
- The key passed in (if key is provided)
- Any key we can find through an SSH agent (only if no password and
key is provided)
- Any "id_rsa" or "id_dsa" key discoverable in ~/.ssh/ (only if no
password and key is provided)
- Plain username/password auth, if a password was given (if password is
provided)
"""
if key_files and key_material:
raise ValueError(("key_files and key_material arguments are " "mutually exclusive"))
self.hostname = hostname
self.port = port
self.username = username if username else cfg.CONF.system_user
self.password = password
self.key = key if key else cfg.CONF.system_user.ssh_key_file
self.key_files = key_files
if not self.key_files and self.key:
self.key_files = key # `key` arg is deprecated.
self.timeout = timeout or ParamikoSSHClient.CONNECT_TIMEOUT
self.key_material = key_material
self.client = paramiko.SSHClient()
self.client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
self.logger = logging.getLogger(__name__)
self.sftp = None
def __init__(self, hostname, port=22, username=None, password=None,
key=None, key_files=None, key_material=None, timeout=None):
"""
Authentication is always attempted in the following order:
- The key passed in (if key is provided)
- Any key we can find through an SSH agent (only if no password and
key is provided)
- Any "id_rsa" or "id_dsa" key discoverable in ~/.ssh/ (only if no
password and key is provided)
- Plain username/password auth, if a password was given (if password is
provided)
"""
if key_files and key_material:
raise ValueError(('key_files and key_material arguments are '
'mutually exclusive'))
self.hostname = hostname
self.port = port
self.username = username if username else cfg.CONF.system_user
self.password = password
self.key = key if key else cfg.CONF.system_user.ssh_key_file
self.key_files = key_files
if not self.key_files and self.key:
self.key_files = key # `key` arg is deprecated.
self.timeout = timeout or ParamikoSSHClient.CONNECT_TIMEOUT
self.key_material = key_material
self.client = paramiko.SSHClient()
self.client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
self.logger = logging.getLogger(__name__)
self.sftp = None
def __init__(
self,
hostname,
port=DEFAULT_SSH_PORT,
username=None,
password=None,
bastion_host=None,
key_files=None,
key_material=None,
timeout=None,
passphrase=None,
handle_stdout_line_func=None,
handle_stderr_line_func=None,
):
"""
Authentication is always attempted in the following order:
- The key passed in (if key is provided)
- Any key we can find through an SSH agent (only if no password and
key is provided)
- Any "id_rsa" or "id_dsa" key discoverable in ~/.ssh/ (only if no
password and key is provided)
- Plain username/password auth, if a password was given (if password is
provided)
"""
self.hostname = hostname
self.port = port
self.username = username
self.password = password
self.key_files = key_files
self.timeout = timeout
self.key_material = key_material
self.bastion_host = bastion_host
self.passphrase = passphrase
self.ssh_connect_timeout = cfg.CONF.ssh_runner.ssh_connect_timeout
self._handle_stdout_line_func = handle_stdout_line_func
self._handle_stderr_line_func = handle_stderr_line_func
self.ssh_config_file = os.path.expanduser(
cfg.CONF.ssh_runner.ssh_config_file_path or "~/.ssh/config")
if self.timeout and int(
self.ssh_connect_timeout) > int(self.timeout) - 2:
# the connect timeout should not be greater than the action timeout
self.ssh_connect_timeout = int(self.timeout) - 2
self.logger = logging.getLogger(__name__)
self.client = None
self.sftp_client = None
self.bastion_client = None
self.bastion_socket = None
self.socket = None
def __init__(self,
hostname,
port=22,
username=None,
password=None,
bastion_host=None,
key_files=None,
key_material=None,
timeout=None,
passphrase=None):
"""
Authentication is always attempted in the following order:
- The key passed in (if key is provided)
- Any key we can find through an SSH agent (only if no password and
key is provided)
- Any "id_rsa" or "id_dsa" key discoverable in ~/.ssh/ (only if no
password and key is provided)
- Plain username/password auth, if a password was given (if password is
provided)
"""
if key_files and key_material:
raise ValueError(('key_files and key_material arguments are '
'mutually exclusive'))
if passphrase and not (key_files or key_material):
raise ValueError(
'passphrase should accompany private key material')
credentials_provided = password or key_files or key_material
if not credentials_provided and cfg.CONF.system_user.ssh_key_file:
key_files = cfg.CONF.system_user.ssh_key_file
self.hostname = hostname
self.port = port
self.username = username if username else cfg.CONF.system_user
self.password = password
self.key_files = key_files
self.timeout = timeout or ParamikoSSHClient.CONNECT_TIMEOUT
self.key_material = key_material
self.bastion_host = bastion_host
self.passphrase = passphrase
self.logger = logging.getLogger(__name__)
self.client = None
self.sftp_client = None
self.bastion_client = None
self.bastion_socket = None
def __init__(self, hostname, port=22, username=None, password=None, bastion_host=None,
key_files=None, key_material=None, timeout=None, passphrase=None):
"""
Authentication is always attempted in the following order:
- The key passed in (if key is provided)
- Any key we can find through an SSH agent (only if no password and
key is provided)
- Any "id_rsa" or "id_dsa" key discoverable in ~/.ssh/ (only if no
password and key is provided)
- Plain username/password auth, if a password was given (if password is
provided)
"""
if key_files and key_material:
raise ValueError(('key_files and key_material arguments are '
'mutually exclusive'))
if passphrase and not (key_files or key_material):
raise ValueError('passphrase should accompany private key material')
credentials_provided = password or key_files or key_material
if not credentials_provided and cfg.CONF.system_user.ssh_key_file:
key_files = cfg.CONF.system_user.ssh_key_file
self.hostname = hostname
self.port = port
self.username = username if username else cfg.CONF.system_user
self.password = password
self.key_files = key_files
self.timeout = timeout or ParamikoSSHClient.CONNECT_TIMEOUT
self.key_material = key_material
self.bastion_host = bastion_host
self.passphrase = passphrase
self.logger = logging.getLogger(__name__)
self.client = None
self.sftp_client = None
self.bastion_client = None
self.bastion_socket = None
def __init__(self,
hostname,
port=DEFAULT_SSH_PORT,
username=None,
password=None,
bastion_host=None,
key_files=None,
key_material=None,
timeout=None,
passphrase=None):
"""
Authentication is always attempted in the following order:
- The key passed in (if key is provided)
- Any key we can find through an SSH agent (only if no password and
key is provided)
- Any "id_rsa" or "id_dsa" key discoverable in ~/.ssh/ (only if no
password and key is provided)
- Plain username/password auth, if a password was given (if password is
provided)
"""
self.hostname = hostname
self.port = port
self.username = username
self.password = password
self.key_files = key_files
self.timeout = timeout or ParamikoSSHClient.CONNECT_TIMEOUT
self.key_material = key_material
self.bastion_host = bastion_host
self.passphrase = passphrase
self.ssh_config_file = os.path.expanduser(
cfg.CONF.ssh_runner.ssh_config_file_path or '~/.ssh/config')
self.logger = logging.getLogger(__name__)
self.client = None
self.sftp_client = None
self.bastion_client = None
self.bastion_socket = None
from st2common.constants.keyvalue import SYSTEM_SCOPE, USER_SCOPE
from st2common.exceptions.keyvalue import (
CryptoKeyNotSetupException,
InvalidScopeException,
)
from st2common.log import logging
from st2common.util import isotime
from st2common.util import date as date_utils
from st2common.util.crypto import read_crypto_key, symmetric_encrypt, symmetric_decrypt
from st2common.models.api.base import BaseAPI
from st2common.models.system.keyvalue import UserKeyReference
from st2common.models.db.keyvalue import KeyValuePairDB
__all__ = ["KeyValuePairAPI", "KeyValuePairSetAPI"]
LOG = logging.getLogger(__name__)
class KeyValuePairAPI(BaseAPI):
crypto_setup = False
model = KeyValuePairDB
schema = {
"type": "object",
"properties": {
"id": {
"type": "string"
},
"uid": {
"type": "string"
},
"name": {
from st2common.constants.keyvalue import SYSTEM_SCOPE, USER_SCOPE
from st2common.exceptions.keyvalue import CryptoKeyNotSetupException, InvalidScopeException
from st2common.log import logging
from st2common.util import isotime
from st2common.util import date as date_utils
from st2common.util.crypto import read_crypto_key, symmetric_encrypt, symmetric_decrypt
from st2common.models.api.base import BaseAPI
from st2common.models.system.keyvalue import UserKeyReference
from st2common.models.db.keyvalue import KeyValuePairDB
__all__ = [
'KeyValuePairAPI',
'KeyValuePairSetAPI'
]
LOG = logging.getLogger(__name__)
class KeyValuePairAPI(BaseAPI):
crypto_setup = False
model = KeyValuePairDB
schema = {
'type': 'object',
'properties': {
'id': {
'type': 'string'
},
"uid": {
"type": "string"
},
'name': {
