def run(args): k8s = Kubernetes(args.kubernetes_url, namespace='noel') wait_for_kubernetes(k8s) keys = get_host_keys(k8s) if keys: logger.info('Existing ssh host keys found.') write_ssh_host_keys(args.destination, keys) return logger.warning('No existing ssh host keys. Generating keys.') keys = generate_ssh_host_keys(args.destination) try: put_host_keys(k8s, keys) logger.info('Host keys saved to Kubernetes.') except KubernetesError as e: if e.httperror.response.status_code == 409: logger.error( 'Conflict while writing ssh keys to Kubernetes, retrying...') return run(args) else: logger.exception('Unexpected error while writing ssh host keys.') raise
def main(): setup_logging() try: if post_receive_hook_command() is False: sys.exit(1) except Exception: logger.exception('Deploy failed') sys.exit(1)
def run_command(parser): setup_logging() args = parser.parse_args() try: result = args.func(args) if result is False: sys.exit(1) except Exception: logger.exception('Command failed') sys.exit(1)
def run(args): k8s = Kubernetes(args.kubernetes_url, namespace='noel') resource_version = None try: secret = k8s.get_secret('ssh-keys') keys = secret['data'] resource_version = secret['metadata']['resourceVersion'] write_authorized_keys_file(keys, args.destination) logger.info('Wrote authorized keys. {} known keys.'.format( len(keys))) except KubernetesError as e: if e.httperror.response.status_code == 404: logger.warning('No ssh keys found, will watch for more.') else: logger.exception( 'Unexpected error while retrieving initial ssh keys.') while True: try: params = { 'labelSelector': 'type=ssh-keys', 'resourceVersion': resource_version } for change in k8s.watch_secrets(params=params): if change['type'] not in ['CREATED', 'ADDED', 'MODIFIED']: continue secret = change['object'] if secret['metadata']['name'] != 'ssh-keys': continue keys = k8s.decode_secret_data(secret['data']) write_authorized_keys_file(keys, args.destination) logger.info('Updated authorized keys. {} known keys.'.format( len(keys))) # Set the resource version param, so that any exception occurs # we only get the changes since the last one we saw. resource_version = secret['metadata']['resourceVersion'] except Exception: logger.exception( 'Error while refreshing ssh keys, waiting 30 seconds.') time.sleep(30)