def _get_encrypted_validator(self):
state_persistor = StatePersistor(
self._models, self._controllers,
persistence_file='private_data.yml')
property_name = 'encryption_key_checker'
value = state_persistor.recall_info([property_name])
return value
def _was_persisted_value_encrypted(self, property_name):
secure_property_name = '%s__is_secure' % property_name
state_persistor = StatePersistor(
self._models, self._controllers,
persistence_file='private_data.yml')
value = state_persistor.recall_info([secure_property_name])
if value is None:
return False
return value is not None
def _encrypt_validator(self, secret):
state_persistor = StatePersistor(
self._models, self._controllers,
persistence_file='private_data.yml')
property_name = 'encryption_key_checker'
property_value = 'encryption_key_checker'
property_value = CPSecurity.encrypt(secret, property_value)
info = {property_name: property_value}
state_persistor.persist_info(info)
def is_deleted(models, controllers, elem_s):
state_persistor = StatePersistor(
models, controllers, persistence_file='server_allocations.yml')
info = state_persistor.recall_info()
for k, v in six.iteritems(info):
if (v['pxe-mac-addr'] != elem_s['pxe-mac-addr']
or v['pxe-ip-addr'] != elem_s['pxe-ip-addr']):
continue
if 'state' not in v:
return False
if not CPState.is_active(v['state']):
return True
return False
return False
def _migrate_keys(self, prev_encryption_key, encryption_key):
state_persistor = StatePersistor(
self._models, self._controllers,
persistence_file='private_data.yml')
all_private_data = state_persistor.recall_info()
for k, v in six.iteritems(all_private_data):
if k == 'encryption_key_checker':
continue
if not self._was_persisted_value_encrypted(k):
continue
v = CPSecurity.decrypt(prev_encryption_key, v)
v = CPSecurity.encrypt(encryption_key, v)
info = {k: v}
state_persistor.persist_info(info)
def is_deleted(models, controllers, elem_s):
state_persistor = StatePersistor(
models, controllers,
persistence_file='server_allocations.yml')
info = state_persistor.recall_info()
for k, v in six.iteritems(info):
if (v['pxe-mac-addr'] != elem_s['pxe-mac-addr'] or
v['pxe-ip-addr'] != elem_s['pxe-ip-addr']):
continue
if 'state' not in v:
return False
if not CPState.is_active(v['state']):
return True
return False
return False
def generate_value(instructions, models, controllers, name, value,
payload=None):
if not isinstance(value, str):
return value
if value.count('%') != 2:
return value
sp = StatePersistor(models, controllers, 'private_data.yml')
if not instructions['refresh_passwords']:
ri = sp.recall_info([name])
ri_e = HlmVariable.was_persisted_value_encrypted(sp, name)
if ri and not ri_e:
if 'encryption_key' in instructions:
key = instructions['encryption_key']
secure_value = CPSecurity.encrypt(key, ri)
HlmVariable.persist_value(sp, name, secure_value, True)
return ri
elif ri and ri_e:
return HlmVariable.decrypt_value(ri, instructions)
p1 = value.find('%') + 1
p2 = value.rfind('%')
variable_type = value[p1:p2]
version = instructions['model_version']
version = Version.normalize(version)
if float(version) > 1.0:
variable_type += '-%s' % version
try:
namespace = 'helion.configurationprocessor.variable'
mgr = driver.DriverManager(
namespace=namespace, name=variable_type, invoke_on_load=True,
invoke_args=(instructions, models, controllers))
except RuntimeError as e:
return value
value = mgr.driver.calculate(payload)
if not mgr.driver.ok:
msg = '@@@@ Variable %s Failed to complete for name %s:\n' % (
variable_type, name)
for e in mgr.driver.errors:
msg += '@@@@ \t%s\n' % e
print(msg)
return None
if 'encryption_key' in instructions:
key = instructions['encryption_key']
secure_value = CPSecurity.encrypt(key, value)
is_secure_val = True
else:
secure_value = value
is_secure_val = False
HlmVariable.persist_value(sp, name, secure_value, is_secure_val)
return value
def generate_value(instructions,
models,
controllers,
name,
value,
payload=None):
if not isinstance(value, str):
return value
if value.count('%') != 2:
return value
sp = StatePersistor(models, controllers, 'private_data.yml')
if not instructions['refresh_passwords']:
ri = sp.recall_info([name])
ri_e = HlmVariable.was_persisted_value_encrypted(sp, name)
if ri and not ri_e:
if 'encryption_key' in instructions:
key = instructions['encryption_key']
secure_value = CPSecurity.encrypt(key, ri)
HlmVariable.persist_value(sp, name, secure_value, True)
return ri
elif ri and ri_e:
return HlmVariable.decrypt_value(ri, instructions)
p1 = value.find('%') + 1
p2 = value.rfind('%')
variable_type = value[p1:p2]
version = instructions['model_version']
version = Version.normalize(version)
if float(version) > 1.0:
variable_type += '-%s' % version
try:
namespace = 'helion.configurationprocessor.variable'
mgr = driver.DriverManager(namespace=namespace,
name=variable_type,
invoke_on_load=True,
invoke_args=(instructions, models,
controllers))
except RuntimeError as e:
return value
value = mgr.driver.calculate(payload)
if not mgr.driver.ok:
msg = '@@@@ Variable %s Failed to complete for name %s:\n' % (
variable_type, name)
for e in mgr.driver.errors:
msg += '@@@@ \t%s\n' % e
print(msg)
return None
if 'encryption_key' in instructions:
key = instructions['encryption_key']
secure_value = CPSecurity.encrypt(key, value)
is_secure_val = True
else:
secure_value = value
is_secure_val = False
HlmVariable.persist_value(sp, name, secure_value, is_secure_val)
return value
