def cleanup(args): input_filename = args["<output_file>"] log.info("Reading service definition from %s", input_filename) with open(input_filename) as fp: services = json.load(fp) for k, services in services.items(): log.info("Processing cleanup of %s", k) for s in services: service_name = s["service"]["name"] log.info("Uninstalling %s with name %s", s["package_name"], service_name) sdk_install.uninstall(s["package_name"], service_name) service_account = sdk_utils.get_in(["service", "service_account"], s) if service_account: log.info("Removing service accounts and secrets") sdk_security.cleanup_security(service_name, s["service_account_info"])
def zookeeper_server(kerberos): service_options = { "service": { "name": config.ZOOKEEPER_SERVICE_NAME, "security": { "kerberos": { "enabled": True, "kdc": { "hostname": kerberos.get_host(), "port": int(kerberos.get_port()) }, "realm": kerberos.get_realm(), "keytab_secret": kerberos.get_keytab_path(), } } } } zk_account = "kafka-zookeeper-service-account" zk_secret = "kakfa-zookeeper-secret" if sdk_utils.is_strict_mode(): service_options = sdk_install.merge_dictionaries( { 'service': { 'service_account': zk_account, 'service_account_secret': zk_secret, } }, service_options) try: sdk_install.uninstall(config.ZOOKEEPER_PACKAGE_NAME, config.ZOOKEEPER_SERVICE_NAME) service_account_info = sdk_security.setup_security( config.ZOOKEEPER_SERVICE_NAME, linux_user="******", service_account=zk_account, service_account_secret=zk_secret) sdk_install.install(config.ZOOKEEPER_PACKAGE_NAME, config.ZOOKEEPER_SERVICE_NAME, config.ZOOKEEPER_TASK_COUNT, additional_options=service_options, timeout_seconds=30 * 60, insert_strict_options=False) yield { **service_options, **{ "package_name": config.ZOOKEEPER_PACKAGE_NAME } } finally: sdk_install.uninstall(config.ZOOKEEPER_PACKAGE_NAME, config.ZOOKEEPER_SERVICE_NAME) sdk_security.cleanup_security(config.ZOOKEEPER_SERVICE_NAME, service_account_info)
def cleanup_service_account(service_name: str, service_account_info: dict): """ Clean up the specified service account. Ideally, this service account was created using the setup_service_account function. """ if isinstance(service_account_info, str): service_account_info = {"name": service_account_info} sdk_security.cleanup_security(service_name, service_account_info)
def zookeeper_service(configure_security): service_options = sdk_utils.merge_dictionaries( sdk_networks.ENABLE_VIRTUAL_NETWORKS_OPTIONS, {"service": { "name": config.ZOOKEEPER_SERVICE_NAME }}, ) zk_account = "test-zookeeper-service-account" zk_secret = "test-zookeeper-secret" try: sdk_install.uninstall(config.ZOOKEEPER_PACKAGE_NAME, config.ZOOKEEPER_SERVICE_NAME) if sdk_utils.is_strict_mode(): service_options = sdk_utils.merge_dictionaries( { "service": { "service_account": zk_account, "service_account_secret": zk_secret } }, service_options, ) service_account_info = sdk_security.setup_security( config.ZOOKEEPER_SERVICE_NAME, linux_user="******", service_account=zk_account, service_account_secret=zk_secret, ) sdk_install.install( config.ZOOKEEPER_PACKAGE_NAME, config.ZOOKEEPER_SERVICE_NAME, config.ZOOKEEPER_TASK_COUNT, additional_options=service_options, timeout_seconds=30 * 60, insert_strict_options=False, ) yield { **service_options, **{ "package_name": config.ZOOKEEPER_PACKAGE_NAME } } finally: sdk_install.uninstall(config.ZOOKEEPER_PACKAGE_NAME, config.ZOOKEEPER_SERVICE_NAME) sdk_security.cleanup_security(config.ZOOKEEPER_SERVICE_NAME, service_account_info)
def cleanup_service_account( service_name: str, service_account_info: Dict[str, Any], ) -> None: """ Clean up the specified service account. Ideally, this service account was created using the setup_service_account function. """ if isinstance(service_account_info, str): service_account_info = {"name": service_account_info} sdk_security.cleanup_security(service_name, service_account_info)
def cleanup_service_account(service_name: str, service_account_info: dict): """ Clean up the specified service account. Ideally, this service account was created using the setup_service_account function. """ if isinstance(service_account_info, str): service_account_info = {"name": service_account_info} name = service_account_info["name"] secret = service_account_info["secret"] if "secret" in service_account_info else name sdk_security.cleanup_security(service_name, service_account=name, service_account_secret=secret)
def zookeeper_server(configure_security): service_options = { "service": { "name": config.ZOOKEEPER_SERVICE_NAME, "virtual_network_enabled": True } } zk_account = "test-zookeeper-service-account" zk_secret = "test-zookeeper-secret" try: sdk_install.uninstall(config.ZOOKEEPER_PACKAGE_NAME, config.ZOOKEEPER_SERVICE_NAME) if sdk_utils.is_strict_mode(): service_options = sdk_install.merge_dictionaries( { 'service': { 'service_account': zk_account, 'service_account_secret': zk_secret, } }, service_options) service_account_info = sdk_security.setup_security( config.ZOOKEEPER_SERVICE_NAME, linux_user="******", service_account=zk_account, service_account_secret=zk_secret) sdk_install.install(config.ZOOKEEPER_PACKAGE_NAME, config.ZOOKEEPER_SERVICE_NAME, config.ZOOKEEPER_TASK_COUNT, additional_options=service_options, timeout_seconds=30 * 60, insert_strict_options=False) yield { **service_options, **{ "package_name": config.ZOOKEEPER_PACKAGE_NAME } } finally: sdk_install.uninstall(config.ZOOKEEPER_PACKAGE_NAME, config.ZOOKEEPER_SERVICE_NAME) sdk_security.cleanup_security(config.ZOOKEEPER_SERVICE_NAME, service_account_info)
def cleanup_service_account(service_name: str, service_account_info: dict): """ Clean up the specified service account. Ideally, this service account was created using the setup_service_account function. """ if isinstance(service_account_info, str): service_account_info = {"name": service_account_info} name = service_account_info["name"] secret = service_account_info[ "secret"] if "secret" in service_account_info else name sdk_security.cleanup_security(service_name, service_account=name, service_account_secret=secret)