def _get_service_info(application, service_addr): if _service_is_registered(application, service_addr): key = create_resource_key(service_addr, _SERVICE_RESOURCE_TYPE) service_info = get_resource(key) return service_info else: raise Exception("%s service not registered" % service_addr)
def aws_handler(event, context): import boto3 vendor = 'aws' params = event with open('./cloud/app_id.txt', 'r') as file: app_id = file.read() resource = get_resource(vendor, None, app_id, boto3.Session()) return abstracted_handler(params, resource)
def fetch_signed_url(url: str, signature_url: str, keyring_resource: str) -> bytes: signature = fetch_url(signature_url) data = fetch_url(url) keyring = resource.get_resource(keyring_resource) if not verify_gpg_signature(data, signature, keyring): command.fail("signature verification FAILED on %s!" % url) return data
def __init__(self, vendor, credentials, app_id): """ :param credentials: :param app_id: """ self.credentials = credentials self.app_id = app_id resource = get_resource(vendor, credentials, app_id) self.service_controller = type(self).SC_CLASS(resource, app_id)
def gen_kube_specs(output_dir: str) -> None: if not os.path.isdir(output_dir): os.mkdir(output_dir) clustered, = keycheck(yaml.safe_load( resource.get_resource("clustered/list.yaml")), "clustered", validator=lambda _, x: type(x) == list) vars = get_kube_spec_vars() for configname in clustered: templated = template.template("clustered/%s" % configname, vars) util.writefile(os.path.join(output_dir, configname), templated.encode())
def setup_supervisor_ssh(ops: Operations, config: configuration.Config) -> None: for node in config.nodes: if node.kind != "supervisor": continue ssh_config = resource.get_resource("sshd_config") ops.ssh_upload_bytes("upload new ssh configuration to @HOST", node, ssh_config, "/etc/ssh/sshd_config") ops.ssh("reload ssh configuration on @HOST", node, "systemctl", "restart", "ssh") ops.ssh("shift aside old authorized_keys on @HOST", node, "mv", "/root/.ssh/authorized_keys", "/root/original_authorized_keys")
def gen_kube_specs(output_dir: str) -> None: if not os.path.isdir(output_dir): os.mkdir(output_dir) config = Config.load_from_project() vars = { "NETWORK": config.cidr_pods, "SERVIP_DNS": config.service_dns, "INTERNAL_DOMAIN": config.internal_domain } clustered, = keycheck(yaml.safe_load( resource.get_resource("clustered/list.yaml")), "clustered", validator=lambda _, x: type(x) == list) for configname in clustered: templated = template.template("clustered/%s" % configname, vars) util.writefile(os.path.join(output_dir, configname), templated.encode())
def aws_handler(event, context): import boto3 query_params = event.get('queryStringParameters', {}) if query_params is None: query_params = {} try: params = json.loads('{}'.format(event.get('body', '{}'))) except Exception as ex: print(ex) params = event.get('body', {}) vendor = 'aws' with open('./cloud/app_id.txt', 'r') as file: app_id = file.read() resource = get_resource(vendor, None, app_id, boto3.Session()) body = abstracted_gateway(params, query_params, resource) response = AWSResponse(body) return response
def gen_iso(iso_image, authorized_key, mode=None): with tempfile.TemporaryDirectory() as d: inclusion = [] with open(os.path.join(d, "dns_bootstrap_lines"), "w") as outfile: outfile.write(setup.dns_bootstrap_lines()) inclusion += ["dns_bootstrap_lines"] util.copy(authorized_key, os.path.join(d, "authorized.pub")) util.writefile(os.path.join(d, "keyservertls.pem"), authority.get_pubkey_by_filename("./server.pem")) resource.copy_to("postinstall.sh", os.path.join(d, "postinstall.sh")) os.chmod(os.path.join(d, "postinstall.sh"), 0o755) inclusion += ["authorized.pub", "keyservertls.pem", "postinstall.sh"] for variant in configuration.KEYCLIENT_VARIANTS: util.writefile(os.path.join(d, "keyclient-%s.yaml" % variant), configuration.get_keyclient_yaml(variant).encode()) inclusion.append("keyclient-%s.yaml" % variant) resource.copy_to("sshd_config", os.path.join(d, "sshd_config.new")) preseeded = resource.get_resource("preseed.cfg.in") generated_password = util.pwgen(20) creation_time = datetime.datetime.now().isoformat() git_hash = get_git_version().encode() add_password_to_log(generated_password, creation_time) print("generated password added to log") preseeded = preseeded.replace(b"{{HASH}}", util.mkpasswd(generated_password)) preseeded = preseeded.replace(b"{{BUILDDATE}}", creation_time.encode()) preseeded = preseeded.replace(b"{{GITHASH}}", git_hash) mirror = configuration.get_config().mirror if mirror.count("/") < 1 or mirror.count(".") < 1: command.fail( "invalid mirror specification '%s'; must be of the form HOST.NAME/PATH" ) mirror_host, mirror_dir = mirror.split("/", 1) preseeded = preseeded.replace(b"{{MIRROR-HOST}}", mirror_host.encode()) preseeded = preseeded.replace(b"{{MIRROR-DIR}}", ("/" + mirror_dir).encode()) realm = configuration.get_config().realm preseeded = preseeded.replace(b"{{KERBEROS-REALM}}", realm.encode()) cidr_nodes, upstream_dns_servers = configuration.get_config( ).cidr_nodes, configuration.get_config().dns_upstreams node_cidr_prefix = ".".join(str(cidr_nodes.ip).split(".")[:-1]) + "." preseeded = preseeded.replace(b"{{IP-PREFIX}}", node_cidr_prefix.encode()) node_cidr_gateway = cidr_nodes.gateway() preseeded = preseeded.replace(b"{{GATEWAY}}", str(node_cidr_gateway).encode()) node_cidr_netmask = cidr_nodes.netmask() preseeded = preseeded.replace(b"{{NETMASK}}", str(node_cidr_netmask).encode()) preseeded = preseeded.replace( b"{{NAMESERVERS}}", " ".join(str(server_ip) for server_ip in upstream_dns_servers).encode()) util.writefile(os.path.join(d, "preseed.cfg"), preseeded) inclusion += ["sshd_config.new", "preseed.cfg"] for package_name, (short_filename, package_bytes) in packages.verified_download_full( PACKAGES).items(): assert "/" not in short_filename, "invalid package name: %s for %s" % ( short_filename, package_name) assert short_filename.startswith( package_name + "_"), "invalid package name: %s for %s" % (short_filename, package_name) assert short_filename.endswith( "_amd64.deb"), "invalid package name: %s for %s" % ( short_filename, package_name) util.writefile(os.path.join(d, short_filename), package_bytes) inclusion.append(short_filename) cddir = os.path.join(d, "cd") os.mkdir(cddir) subprocess.check_call( ["bsdtar", "-C", cddir, "-xzf", "/usr/share/homeworld/debian.iso"]) subprocess.check_call(["chmod", "+w", "--recursive", cddir]) if mode is not None: if mode not in MODES: command.fail("no such ISO mode: %s" % mode) MODES[mode](d, cddir, inclusion) with gzip.open(os.path.join(cddir, "initrd.gz"), "ab") as f: subprocess.run(["cpio", "--create", "--format=newc"], check=True, stdout=f, input="".join("%s\n" % filename for filename in inclusion).encode(), cwd=d) files_for_md5sum = subprocess.check_output( ["find", ".", "-follow", "-type", "f", "-print0"], cwd=cddir).decode().split("\0") assert files_for_md5sum.pop() == "" md5s = subprocess.check_output(["md5sum", "--"] + files_for_md5sum, cwd=cddir) util.writefile(os.path.join(cddir, "md5sum.txt"), md5s) temp_iso = os.path.join(d, "temp.iso") subprocess.check_call([ "xorriso", "-as", "mkisofs", "-quiet", "-o", temp_iso, "-r", "-J", "-c", "boot.cat", "-b", "isolinux.bin", "-no-emul-boot", "-boot-load-size", "4", "-boot-info-table", cddir ]) subprocess.check_call(["isohybrid", "-h", "64", "-s", "32", temp_iso]) util.copy(temp_iso, iso_image)
def gen_iso(iso_image, authorized_key, cdpack=None): with tempfile.TemporaryDirectory() as d: inclusion = [] util.copy(authorized_key, os.path.join(d, "authorized.pub")) util.writefile(os.path.join(d, "keyservertls.pem"), authority.get_pubkey_by_filename("./server.pem")) resource.copy_to("postinstall.sh", os.path.join(d, "postinstall.sh")) os.chmod(os.path.join(d, "postinstall.sh"), 0o755) inclusion += ["authorized.pub", "keyservertls.pem", "postinstall.sh"] for variant in configuration.KEYCLIENT_VARIANTS: util.writefile(os.path.join(d, "keyclient-%s.yaml" % variant), configuration.get_keyclient_yaml(variant).encode()) inclusion.append("keyclient-%s.yaml" % variant) resource.copy_to("sshd_config", os.path.join(d, "sshd_config.new")) preseeded = resource.get_resource("preseed.cfg.in") generated_password = util.pwgen(20) add_password_to_log(generated_password) print("generated password added to log") preseeded = preseeded.replace(b"{{HASH}}", util.mkpasswd(generated_password)) util.writefile(os.path.join(d, "preseed.cfg"), preseeded) inclusion += ["sshd_config.new", "preseed.cfg"] for package_name, (short_filename, package_bytes) in packages.verified_download_full( PACKAGES).items(): assert "/" not in short_filename, "invalid package name: %s for %s" % ( short_filename, package_name) assert short_filename.startswith( package_name + "_"), "invalid package name: %s for %s" % (short_filename, package_name) assert short_filename.endswith( "_amd64.deb"), "invalid package name: %s for %s" % ( short_filename, package_name) util.writefile(os.path.join(d, short_filename), package_bytes) inclusion.append(short_filename) if cdpack is not None: subprocess.check_call(["tar", "-C", d, "-xzf", cdpack, "cd"]) else: subprocess.check_output( ["tar", "-C", d, "-xz", "cd"], input=resource.get_resource("debian-9.2.0-cdpack.tgz")) subprocess.check_output([ "cpio", "--create", "--append", "--format=newc", "--file=cd/initrd" ], input="".join( "%s\n" % filename for filename in inclusion).encode(), cwd=d) subprocess.check_call(["gzip", os.path.join(d, "cd/initrd")]) files_for_md5sum = subprocess.check_output( ["find", ".", "-follow", "-type", "f", "-print0"], cwd=os.path.join(d, "cd")).decode().split("\0") assert files_for_md5sum.pop() == "" md5s = subprocess.check_output(["md5sum", "--"] + files_for_md5sum, cwd=os.path.join(d, "cd")) util.writefile(os.path.join(d, "cd", "md5sum.txt"), md5s) subprocess.check_call([ "genisoimage", "-quiet", "-o", iso_image, "-r", "-J", "-no-emul-boot", "-boot-load-size", "4", "-boot-info-table", "-b", "isolinux.bin", "-c", "isolinux.cat", os.path.join(d, "cd") ])
import cloud.libs.simplejson as json import cloud.logic.run_function as run_function import cloud.notification.send_slack_message_as_system_notification as slack # Localhost server, Internal gate to make logic call fast from http.server import BaseHTTPRequestHandler, HTTPServer from threading import Thread from socketserver import ThreadingMixIn, ForkingMixIn from cloud import env # Imports AWS related resources try: import boto3 with open('./cloud/app_id.txt', 'r') as file: app_id = file.read() resource = get_resource('aws', None, app_id, boto3.Session()) except Exception as e: print(e) class S(BaseHTTPRequestHandler): def _set_response(self): self.send_response(200) self.send_header('Content-type', 'application/json') self.end_headers() def do_GET(self): # print("GET request,\nPath: %s\nHeaders:\n%s\n", str(self.path), str(self.headers)) self._set_response() self.wfile.write("GET request for {}".format( self.path).encode('utf-8'))
def __init__(self, filename_or_contents, load=True): if load: filename_or_contents = resource.get_resource( filename_or_contents).decode() self._template = filename_or_contents.split("\n")