def getCIFCredentials(dconf, session, prefix=""): credentials = None domain = None if (containsCredentials(dconf, prefix)): username, domain = splitDomainAndUsername(dconf['username']) credentials = {} credentials["USER"] = util.to_plain_string(username) util.SMlog("CIFS user = {user}".format(user=credentials["USER"])) key_password, key_secret = getDconfPasswordKey(prefix) if key_secret in dconf: password = util.get_secret(session, dconf[key_secret]) if password is not None: util.SMlog("Obtained CIFS password via secret") else: password = dconf[key_password] if password is not None: util.SMlog("Obtained CIFS password") credentials["PASSWD"] = util.to_plain_string(password) if credentials["PASSWD"] is not None: util.SMlog("Obtained CIFS plain text password") domain = util.to_plain_string(domain) else: util.SMlog("NOTE: No CIFS credentials found in dconf") return credentials, domain
def post_user(client, s, c, u, key=None): data = {'date': 'now', 'result': 2700, 'detail': 'it"s fake'} if key is None: with api.app.app_context(): key = get_secret(s) encrypt(data, key) data = json.dumps(data) return client.post('/api/v0/s/{}/c/{}/user/{}'.format(s, c, u), data=data)
def main(): url = get_secret("WEBHOOK") # 웹훅 URL text = "테스트 메세지 입니다 : " + str(datetime.datetime.now()) payload = { "text": text, "username": "******", "channel": "general", "icon_emoji": ":ghost:" } requests.post(url, json=payload)
def getMountOptions(self): """Creates option string based on parameters provided""" options = ['sec=ntlm', 'cache=loose', 'vers=3.0', 'actimeo=0' ] if self.dconf.has_key('username') and \ (self.dconf.has_key('password') or self.dconf.has_key('password_secret')): dom_username = self.dconf['username'].split('\\') if len(dom_username) == 1: domain = None username = dom_username[0] elif len(dom_username) == 2: domain = dom_username[0] username = dom_username[1] else: raise SMBException("A maximum of 2 tokens are expected " "(<domain>\<username>). {} were given." .format(len(dom_username))) domain = util.to_plain_string(domain) username = util.to_plain_string(username) if self.dconf.has_key('password_secret'): password = util.get_secret( self.session, self.dconf['password_secret'] ) else: password = self.dconf['password'] password = util.to_plain_string(password) cred_str = 'username={}\npassword={}\n'.format(username, password) if domain: cred_str += 'domain={}\n'.format(domain) # Open credentials file and truncate try: with open(self.credentials, 'w') as f: f.write(cred_str) except IOError, e: raise SMBException("Failed to create credentials file") options.append('credentials=%s' % self.credentials)
def __init__(self, email: Email, config: EWSConfig): self._email = email self._config = config self._gcs_client = storage.Client() credentials = Credentials(config.email_account, config.password) version = Version(build=Build(config.exchange_version["major"], config.exchange_version["minor"])) ews_config = Configuration( service_endpoint=config.exchange_url, credentials=credentials, auth_type="basic", version=version, retry_policy=FaultTolerance(max_wait=300), ) self._account = Account( primary_smtp_address=config.email_account, config=ews_config, autodiscover=False, access_type="delegate", ) # Setup reply-mail client. recipient = "" if self._config.hardcoded_recipients: recipient = self._config.mail_to_mapping.get(self._email.recipient) else: recipient = self._config.mail_to_mapping.get("STANDARD") acc_credentials = Credentials( username=recipient["sender_account"], password=util.get_secret(os.environ["PROJECT_ID"], recipient["sender_account_secret"]), ) acc_config = Configuration( service_endpoint=config.exchange_url, credentials=acc_credentials, auth_type="basic", version=version, retry_policy=FaultTolerance(max_wait=300), ) self._reply_email_account = Account( primary_smtp_address=recipient["sender_account"], config=acc_config, autodiscover=False, access_type="delegate", )
def _getCEPH_response(self, cmd): s = pxssh.pxssh() s.force_password = True password = "" if self.dconf.has_key('chappassword_secret'): password = util.get_secret(self.session, self.dconf['chappassword_secret']) elif self.dconf.has_key('chappassword'): password = self.dconf['chappassword'] user = self.srcmd.dconf['chapuser'] target = self.srcmd.dconf['target'].split(',')[0] port = self.srcmd.dconf['port'] if not s.login(target,user,password): util.SMlog('ssh login failed with last message %s' % s) else: s.sendline (cmd) s.prompt() result = s.before.split('\n') return result
def generate_config(self, sr_uuid, vdi_uuid): util.SMlog("OCFSoISCSIVDI.generate_config") dict = {} self.sr.dconf['localIQN'] = self.sr.iscsi.localIQN self.sr.dconf['multipathing'] = self.sr.mpath self.sr.dconf['multipathhandle'] = self.sr.mpathhandle dict['device_config'] = self.sr.dconf if dict['device_config'].has_key('chappassword_secret'): s = util.get_secret(self.session, dict['device_config']['chappassword_secret']) del dict['device_config']['chappassword_secret'] dict['device_config']['chappassword'] = s dict['sr_uuid'] = sr_uuid dict['vdi_uuid'] = vdi_uuid dict['command'] = 'vdi_attach_from_config' # Return the 'config' encoded within a normal XMLRPC response so that # we can use the regular response/error parsing code. config = xmlrpclib.dumps(tuple([dict]), "vdi_attach_from_config") return xmlrpclib.dumps((config,), "", True)
def _getCEPH_response(self, cmd): s = pxssh.pxssh() s.force_password = True password = "" if self.dconf.has_key('chappassword_secret'): password = util.get_secret(self.session, self.dconf['chappassword_secret']) elif self.dconf.has_key('chappassword'): password = self.dconf['chappassword'] user = self.srcmd.dconf['chapuser'] target = self.srcmd.dconf['target'].split(',')[0] port = self.srcmd.dconf['port'] if not s.login(target, user, password): util.SMlog('ssh login failed with last message %s' % s) else: s.sendline(cmd) s.prompt() result = s.before.split('\n') return result
def handler(request): """ Handler function that extracts a mail message from a pubsub message for processing. """ try: envelope = json.loads(request.data.decode('utf-8')) bytes = base64.b64decode(envelope['message']['data']) message = json.loads(bytes) except Exception as e: logging.exception('Failed while extracting message!') raise e if message['email'].get('subject', None) is None: message['email']['subject'] = '' if message['email'].get('body', None) is None: message['email']['body'] = '' email = from_dict(data_class=Email, data=message['email']) configuration = EWSConfig( email_account=config.EMAIL_ADDRESS, password=util.get_secret(os.environ['PROJECT_ID'], config.SECRET_ID), mail_from=config.EMAIL_ADDRESS, mail_to_mapping=config.EMAILS_SENDER_RECEIVER_MAPPING, hardcoded_recipients=config.HARDCODED_RECIPIENTS, send_replies=config.SEND_REPLIES, needs_pdfs=config.NEEDS_PDFS, pdf_only=config.PDF_ONLY, merge_pdfs=config.MERGE_PDF, exchange_url=config.EXCHANGE_URL, exchange_version=config.EXCHANGE_VERSION, reply_to_email=config.REPLY_TO_EMAIL_ADDRESS, ignore_reply_subjects=config.IGNORE_REPLY_SUBJECTS, ignore_reply_senders=config.IGNORE_REPLY_SENDERS) processor = MailProcessor(email, configuration) process_bool = processor.process() if not process_bool: logging.error("Mail was not send")
def create_password(args): """ Change the rethinkdb admin password. """ host = util.get_pod_ip(db='rethinkdb') if not host: raise RuntimeError( "no running rethinkdb servers, so can't change password") path = args.path if not os.path.exists(path): os.makedirs(path) elif not os.path.isdir(path): raise RuntimeError('path must be a directory') new_password = util.random_password(63) name = 'rethinkdb-password' # Get the current RethinkDB password from Kubernetes old_password = util.get_secret(name).get('rethinkdb', None) if old_password: if input( "Password already set. Are you sure you want to change it? type 'YES'" ) != 'YES': raise RuntimeError("NOT changing password") if old_password == '': old_password = None # Write the new password to disk (better to have it so if we set it below and die then at least it isn't lost!) open(os.path.join(path, 'rethinkdb'), 'w').write(new_password) # Set the new password in rethinkdb import rethinkdb as r conn = r.connect(host=host, auth_key=old_password) r.db('rethinkdb').table('users').get('admin').update({ 'password': new_password }).run(conn) # Load the new password into Kubernetes util.create_secret(name, path)
def getCIFCredentials(dconf, session, prefix=""): credentials = None domain = None if (containsCredentials(dconf, prefix)): username, domain = splitDomainAndUsername(dconf['username']) credentials = {} credentials["USER"] = util.to_plain_string(username) key_password, key_secret = getDconfPasswordKey(prefix) if key_secret in dconf: password = util.get_secret(session, dconf[key_secret]) else: password = dconf[key_password] credentials["PASSWD"] = util.to_plain_string(password) domain = util.to_plain_string(domain) return credentials, domain
def _getCEPH_response(self, cmd): dbg_prt("[rbdsr] _getCEPH_response") s = pxssh.pxssh() s.force_password = True password = "" if self.dconf.has_key('chappassword_secret'): password = util.get_secret(self.session, self.dconf['chappassword_secret']) elif self.dconf.has_key('chappassword'): password = self.dconf['chappassword'] user = self.srcmd.dconf['chapuser'] target = self.srcmd.dconf['target'].split(',')[0] port = self.srcmd.dconf['port'] if not s.login(target,user,password): util.SMlog('ssh login failed with last message %s' % s) else: s.sendline (cmd) s.prompt() result = s.before.split('\n') # remove the last one which is a blank dbg_prt("[rbdsr] ceph_response cmd : [%s], result : [%s], result_len : %d", cmd, result, len(result)) return result[1:]
def generate_config(self, sr_uuid, vdi_uuid): util.SMlog("LVHDoISCSIVDI.generate_config") if not lvutil._checkLV(self.path): raise xs_errors.XenError('VDIUnavailable') dict = {} self.sr.dconf['localIQN'] = self.sr.iscsi.localIQN self.sr.dconf['multipathing'] = self.sr.mpath self.sr.dconf['multipathhandle'] = self.sr.mpathhandle dict['device_config'] = self.sr.dconf if 'chappassword_secret' in dict['device_config']: s = util.get_secret(self.session, dict['device_config']['chappassword_secret']) del dict['device_config']['chappassword_secret'] dict['device_config']['chappassword'] = s dict['sr_uuid'] = sr_uuid dict['vdi_uuid'] = vdi_uuid dict['command'] = 'vdi_attach_from_config' # Return the 'config' encoded within a normal XMLRPC response so that # we can use the regular response/error parsing code. config = xmlrpclib.dumps(tuple([dict]), "vdi_attach_from_config") return xmlrpclib.dumps((config, ), "", True)
def post_result(service, category, username): with get_db() as conn: c = conn.cursor() # Check for service and category c.execute("SELECT 1 FROM service WHERE id = ?", (service, )) if not c.fetchone(): raise APIError("Service not found") # get the JSON try: key = get_secret(service) data = request.get_json(force=True) if not verify(data, key): raise Exception except: raise APIError("Bad JSON") score = (service, category, username, data["date"], data["result"], data["detail"]) c.execute("""INSERT INTO score VALUES (?,?,?,?,?,?)""", score) return 'Successful'
def generate_config(self, sr_uuid, vdi_uuid): util.SMlog("LVHDoISCSIVDI.generate_config") if not lvutil._checkLV(self.path): raise xs_errors.XenError('VDIUnavailable') if self.sr.sm_config['allocation'] == "xlvhd": lvutil.flushLV(self.path) dict = {} self.sr.dconf['localIQN'] = self.sr.iscsi.localIQN self.sr.dconf['multipathing'] = self.sr.mpath self.sr.dconf['multipathhandle'] = self.sr.mpathhandle dict['device_config'] = self.sr.dconf if dict['device_config'].has_key('chappassword_secret'): s = util.get_secret(self.session, dict['device_config']['chappassword_secret']) del dict['device_config']['chappassword_secret'] dict['device_config']['chappassword'] = s dict['sr_uuid'] = sr_uuid dict['vdi_uuid'] = vdi_uuid dict['allocation'] = self.sr.sm_config['allocation'] dict['command'] = 'vdi_attach_from_config' # Return the 'config' encoded within a normal XMLRPC response so that # we can use the regular response/error parsing code. config = xmlrpclib.dumps(tuple([dict]), "vdi_attach_from_config") return xmlrpclib.dumps((config,), "", True)
def create_password(args): """ Change the rethinkdb admin password. """ host = util.get_pod_ip(db='rethinkdb') if not host: raise RuntimeError("no running rethinkdb servers, so can't change password") path = args.path if not os.path.exists(path): os.makedirs(path) elif not os.path.isdir(path): raise RuntimeError('path must be a directory') new_password = util.random_password(63) name = 'rethinkdb-password' # Get the current RethinkDB password from Kubernetes old_password = util.get_secret(name).get('rethinkdb', None) if old_password: if input("Password already set. Are you sure you want to change it? type 'YES'") != 'YES': raise RuntimeError("NOT changing password") if old_password == '': old_password = None # Write the new password to disk (better to have it so if we set it below and die then at least it isn't lost!) open(os.path.join(path, 'rethinkdb'), 'w').write(new_password) # Set the new password in rethinkdb import rethinkdb as r conn = r.connect(host=host, auth_key=old_password) r.db('rethinkdb').table('users').get('admin').update({'password': new_password}).run(conn) # Load the new password into Kubernetes util.create_secret(name, path)
def _getCEPH_response(self, cmd): dbg_prt("[rbdsr] _getCEPH_response") s = pxssh.pxssh() s.force_password = True password = "" if self.dconf.has_key('chappassword_secret'): password = util.get_secret(self.session, self.dconf['chappassword_secret']) elif self.dconf.has_key('chappassword'): password = self.dconf['chappassword'] user = self.srcmd.dconf['chapuser'] target = self.srcmd.dconf['target'].split(',')[0] port = self.srcmd.dconf['port'] if not s.login(target, user, password): util.SMlog('ssh login failed with last message %s' % s) else: s.sendline(cmd) s.prompt() result = s.before.split('\n') # remove the last one which is a blank dbg_prt( "[rbdsr] ceph_response cmd : [%s], result : [%s], result_len : %d", cmd, result, len(result)) return result[1:]
def load(self, sr_uuid): if self.force_tapdisk: self.sr_vditype = 'aio' else: self.sr_vditype = 'phy' self.discoverentry = 0 self.default_vdi_visibility = False # Required parameters if 'target' not in self.dconf or not self.dconf['target']: raise xs_errors.XenError('ConfigTargetMissing') # we are no longer putting hconf in the xml. # Instead we pass a session and host ref and let the SM backend query XAPI itself try: if 'localIQN' not in self.dconf: self.localIQN = self.session.xenapi.host.get_other_config( self.host_ref)['iscsi_iqn'] else: self.localIQN = self.dconf['localIQN'] except: raise xs_errors.XenError('ConfigISCSIIQNMissing') # Check for empty string if not self.localIQN: raise xs_errors.XenError('ConfigISCSIIQNMissing') try: self.target = util._convertDNS(self.dconf['target'].split(',')[0]) except: raise xs_errors.XenError('DNSError') self.targetlist = self.target if 'targetlist' in self.dconf: self.targetlist = self.dconf['targetlist'] # Optional parameters self.chapuser = "" self.chappassword = "" if 'chapuser' in self.dconf \ and ('chappassword' in self.dconf or 'chappassword_secret' in self.dconf): self.chapuser = self.dconf['chapuser'].encode('utf-8') if 'chappassword_secret' in self.dconf: self.chappassword = util.get_secret( self.session, self.dconf['chappassword_secret']) else: self.chappassword = self.dconf['chappassword'] self.chappassword = self.chappassword.encode('utf-8') self.incoming_chapuser = "" self.incoming_chappassword = "" if 'incoming_chapuser' in self.dconf \ and ('incoming_chappassword' in self.dconf or 'incoming_chappassword_secret' in self.dconf): self.incoming_chapuser = self.dconf['incoming_chapuser'].encode( 'utf-8') if 'incoming_chappassword_secret' in self.dconf: self.incoming_chappassword = util.get_secret( self.session, self.dconf['incoming_chappassword_secret']) else: self.incoming_chappassword = self.dconf[ 'incoming_chappassword'] self.incoming_chappassword = self.incoming_chappassword.encode( 'utf-8') self.port = DEFAULT_PORT if 'port' in self.dconf and self.dconf['port']: try: self.port = long(self.dconf['port']) except: raise xs_errors.XenError('ISCSIPort') if self.port > MAXPORT or self.port < 1: raise xs_errors.XenError('ISCSIPort') # For backwards compatibility if 'usediscoverynumber' in self.dconf: self.discoverentry = self.dconf['usediscoverynumber'] self.multihomed = False if 'multihomed' in self.dconf: if self.dconf['multihomed'] == "true": self.multihomed = True elif self.mpath == 'true': self.multihomed = True if 'targetIQN' not in self.dconf or not self.dconf['targetIQN']: self._scan_IQNs() raise xs_errors.XenError('ConfigTargetIQNMissing') self.targetIQN = unicode(self.dconf['targetIQN']).encode('utf-8') self._attached = None self._pathdict = None self._adapter = None self._devs = None self._tgtidx = None self._path = None self._address = None
def load(self, sr_uuid): self.sr_vditype = 'phy' self.discoverentry = 0 self.default_vdi_visibility = False # Required parameters if not self.dconf.has_key('target') or not self.dconf['target']: raise xs_errors.XenError('ConfigTargetMissing') # we are no longer putting hconf in the xml. # Instead we pass a session and host ref and let the SM backend query XAPI itself try: if not self.dconf.has_key('localIQN'): self.localIQN = self.session.xenapi.host.get_other_config(self.host_ref)['iscsi_iqn'] else: self.localIQN = self.dconf['localIQN'] except: raise xs_errors.XenError('ConfigISCSIIQNMissing') # Check for empty string if not self.localIQN: raise xs_errors.XenError('ConfigISCSIIQNMissing') try: self.target = util._convertDNS(self.dconf['target'].split(',')[0]) except: raise xs_errors.XenError('DNSError') self.targetlist = self.target if self.dconf.has_key('targetlist'): self.targetlist = self.dconf['targetlist'] # Optional parameters self.chapuser = "" self.chappassword = "" if self.dconf.has_key('chapuser') \ and (self.dconf.has_key('chappassword') or self.dconf.has_key('chappassword_secret')): self.chapuser = self.dconf['chapuser'] if self.dconf.has_key('chappassword_secret'): self.chappassword = util.get_secret(self.session, self.dconf['chappassword_secret']) else: self.chappassword = self.dconf['chappassword'] self.incoming_chapuser = "" self.incoming_chappassword = "" if self.dconf.has_key('incoming_chapuser') \ and (self.dconf.has_key('incoming_chappassword') or self.dconf.has_key('incoming_chappassword_secret')): self.incoming_chapuser = self.dconf['incoming_chapuser'] if self.dconf.has_key('incoming_chappassword_secret'): self.incoming_chappassword = util.get_secret(self.session, self.dconf['incoming_chappassword_secret']) else: self.incoming_chappassword = self.dconf['incoming_chappassword'] self.port = DEFAULT_PORT if self.dconf.has_key('port') and self.dconf['port']: try: self.port = long(self.dconf['port']) except: raise xs_errors.XenError('ISCSIPort') if self.port > MAXPORT or self.port < 1: raise xs_errors.XenError('ISCSIPort') # For backwards compatibility if self.dconf.has_key('usediscoverynumber'): self.discoverentry = self.dconf['usediscoverynumber'] self.multihomed = False if self.dconf.has_key('multihomed'): if self.dconf['multihomed'] == "true": self.multihomed = True elif self.mpath == 'true': self.multihomed = True if not self.dconf.has_key('targetIQN') or not self.dconf['targetIQN']: self._scan_IQNs() raise xs_errors.XenError('ConfigTargetIQNMissing') self.targetIQN = self.dconf['targetIQN'] self.attached = False try: self.attached = iscsilib._checkTGT(self.targetIQN) except: pass self._initPaths()
from typing import List # import boto3 import requests from requests.auth import HTTPBasicAuth from slack_api import Slack from util import get_secret logger = logging.getLogger(__name__) logger.setLevel(logging.INFO) secrets = json.loads(get_secret("message-all-users/secrets")) logger.info(secrets) bamboo_domain = secrets.get("BAMBOO_DOMAIN") bamboo_reports_url = f"https://api.bamboohr.com/api/gateway.php/{bamboo_domain}/v1/reports/custom" bamboo_api_key = secrets.get("BAMBOO_API_KEY") bamboo_auth = HTTPBasicAuth(bamboo_api_key, "x") slack_token = secrets.get('SLACK_TOKEN') # with statement is a context manager # with open("message_format.json", "r") as json_file: # message_format = json.loads(json_file.read()) #List of users to message goes into 'lll' in CSV format. lll = [
def initiate_connection(username, cluster): """ Initiate connection with Redshift cluster @param username: master username from replay.yaml @param cluster: cluster dictionary """ response = None logger = logging.getLogger("SimpleReplayLogger") if cluster.get("is_serverless"): secret_name = get_secret(cluster.get('secret_name'), cluster.get("region")) response = { 'DbUser': secret_name["admin_username"], 'DbPassword': secret_name["admin_password"] } else: rs_client = client('redshift', region_name=cluster.get("region")) # get response from redshift to get cluster credentials using provided cluster info try: response = rs_client.get_cluster_credentials( DbUser=username, DbName=cluster.get("database"), ClusterIdentifier=cluster.get("id"), DurationSeconds=900, AutoCreate=False, ) except rs_client.exceptions.ClusterNotFoundFault: logger.error( f"Cluster {cluster.get('id')} not found. Please confirm cluster endpoint, account, and region." ) exit(-1) except Exception as e: logger.error( f"Unable to connect to Redshift. Confirm IAM permissions include Redshift::GetClusterCredentials." f" {e}") exit(-1) if response is None or response.get('DbPassword') is None: logger.error(f"Failed to retrieve credentials for user {username} ") response = None # define cluster string/dict cluster_string = { "username": response["DbUser"], "password": response["DbPassword"], "host": cluster.get("host"), "port": cluster.get("port"), "database": cluster.get("database"), } conn = None try: logger.info(f"Connecting to {cluster.get('id')}") conn = db_connect( host=cluster_string["host"], port=int(cluster_string["port"]), username=cluster_string["username"], password=cluster_string["password"], database=cluster_string["database"]) # yield to reuse connection yield conn except redshift_connector.error.Error as e: logger.error( f"Unable to connect to Redshift. Please confirm credentials. {e} ") exit(-1) except Exception as e: logger.error(f"Unable to connect to Redshift. {e}") exit(-1) finally: if conn is not None: conn.close()
def load(self, sr_uuid): if self.force_tapdisk: self.sr_vditype = "aio" else: self.sr_vditype = "phy" self.discoverentry = 0 self.default_vdi_visibility = False # Required parameters if not self.dconf.has_key("target") or not self.dconf["target"]: raise xs_errors.XenError("ConfigTargetMissing") # we are no longer putting hconf in the xml. # Instead we pass a session and host ref and let the SM backend query XAPI itself try: if not self.dconf.has_key("localIQN"): self.localIQN = self.session.xenapi.host.get_other_config(self.host_ref)["iscsi_iqn"] else: self.localIQN = self.dconf["localIQN"] except: raise xs_errors.XenError("ConfigISCSIIQNMissing") # Check for empty string if not self.localIQN: raise xs_errors.XenError("ConfigISCSIIQNMissing") try: self.target = util._convertDNS(self.dconf["target"].split(",")[0]) except: raise xs_errors.XenError("DNSError") self.targetlist = self.target if self.dconf.has_key("targetlist"): self.targetlist = self.dconf["targetlist"] # Optional parameters self.chapuser = "" self.chappassword = "" if self.dconf.has_key("chapuser") and ( self.dconf.has_key("chappassword") or self.dconf.has_key("chappassword_secret") ): self.chapuser = self.dconf["chapuser"] if self.dconf.has_key("chappassword_secret"): self.chappassword = util.get_secret(self.session, self.dconf["chappassword_secret"]) else: self.chappassword = self.dconf["chappassword"] self.incoming_chapuser = "" self.incoming_chappassword = "" if self.dconf.has_key("incoming_chapuser") and ( self.dconf.has_key("incoming_chappassword") or self.dconf.has_key("incoming_chappassword_secret") ): self.incoming_chapuser = self.dconf["incoming_chapuser"] if self.dconf.has_key("incoming_chappassword_secret"): self.incoming_chappassword = util.get_secret(self.session, self.dconf["incoming_chappassword_secret"]) else: self.incoming_chappassword = self.dconf["incoming_chappassword"] self.port = DEFAULT_PORT if self.dconf.has_key("port") and self.dconf["port"]: try: self.port = long(self.dconf["port"]) except: raise xs_errors.XenError("ISCSIPort") if self.port > MAXPORT or self.port < 1: raise xs_errors.XenError("ISCSIPort") # For backwards compatibility if self.dconf.has_key("usediscoverynumber"): self.discoverentry = self.dconf["usediscoverynumber"] self.multihomed = False if self.dconf.has_key("multihomed"): if self.dconf["multihomed"] == "true": self.multihomed = True elif self.mpath == "true": self.multihomed = True if not self.dconf.has_key("targetIQN") or not self.dconf["targetIQN"]: self._scan_IQNs() raise xs_errors.XenError("ConfigTargetIQNMissing") self.targetIQN = self.dconf["targetIQN"] self.attached = False try: self.attached = iscsilib._checkTGT(self.targetIQN) except: pass self._initPaths()
# from mongoengine import connect import os import motor.motor_asyncio from util import get_secret # from models import User, Position, Order # connect('trader', host=f'mongodb://*****:*****@{os.environ["DATABASE_HOSTNAME"]}:27017', io_loop=loop)
import os import boto3 from util import get_secret FQDN = os.getenv("FQDN") if not FQDN: raise ValueError("Need to define FQDN environment variable") AZURE_SCOPE = ["User.ReadBasic.All", "profile", "openid", "User.Read", "email"] APP_DEBUG = os.getenv("APP_DEBUG") if not APP_DEBUG: APP_DEBUG = 0 REGION = "us-east-1" SECRET_NAME = os.getenv("SECRET_NAME") if not SECRET_NAME: raise ValueError("Need to define SECRET_NAME environment variable") STAGE = os.getenv("STAGE") if not STAGE: raise ValueError("Need to define STAGE environment variable") USERS_TABLE = os.getenv("USERS_TABLE") if not USERS_TABLE: raise ValueError("Need to define USERS_TABLE environment variable") # get secrets SECRETS = get_secret(SECRET_NAME, REGION) if not SECRETS: raise Exception('Unable to load secrets')
def load(self, sr_uuid): self.sr_vditype = 'phy' self.discoverentry = 0 self.default_vdi_visibility = False # Required parameters if not self.dconf.has_key('target') or not self.dconf['target']: raise xs_errors.XenError('ConfigTargetMissing') # we are no longer putting hconf in the xml. # Instead we pass a session and host ref and let the SM backend query XAPI itself try: if not self.dconf.has_key('localIQN'): self.localIQN = self.session.xenapi.host.get_other_config( self.host_ref)['iscsi_iqn'] else: self.localIQN = self.dconf['localIQN'] except: raise xs_errors.XenError('ConfigISCSIIQNMissing') # Check for empty string if not self.localIQN: raise xs_errors.XenError('ConfigISCSIIQNMissing') try: self.target = util._convertDNS(self.dconf['target'].split(',')[0]) except: raise xs_errors.XenError('DNSError') self.targetlist = self.target if self.dconf.has_key('targetlist'): self.targetlist = self.dconf['targetlist'] # Optional parameters self.chapuser = "" self.chappassword = "" if self.dconf.has_key('chapuser') \ and (self.dconf.has_key('chappassword') or self.dconf.has_key('chappassword_secret')): self.chapuser = self.dconf['chapuser'] if self.dconf.has_key('chappassword_secret'): self.chappassword = util.get_secret( self.session, self.dconf['chappassword_secret']) else: self.chappassword = self.dconf['chappassword'] self.incoming_chapuser = "" self.incoming_chappassword = "" if self.dconf.has_key('incoming_chapuser') \ and (self.dconf.has_key('incoming_chappassword') or self.dconf.has_key('incoming_chappassword_secret')): self.incoming_chapuser = self.dconf['incoming_chapuser'] if self.dconf.has_key('incoming_chappassword_secret'): self.incoming_chappassword = util.get_secret( self.session, self.dconf['incoming_chappassword_secret']) else: self.incoming_chappassword = self.dconf[ 'incoming_chappassword'] self.port = DEFAULT_PORT if self.dconf.has_key('port') and self.dconf['port']: try: self.port = long(self.dconf['port']) except: raise xs_errors.XenError('ISCSIPort') if self.port > MAXPORT or self.port < 1: raise xs_errors.XenError('ISCSIPort') # For backwards compatibility if self.dconf.has_key('usediscoverynumber'): self.discoverentry = self.dconf['usediscoverynumber'] self.multihomed = False if self.dconf.has_key('multihomed'): if self.dconf['multihomed'] == "true": self.multihomed = True elif self.mpath == 'true': self.multihomed = True if not self.dconf.has_key('targetIQN') or not self.dconf['targetIQN']: self._scan_IQNs() raise xs_errors.XenError('ConfigTargetIQNMissing') self.targetIQN = self.dconf['targetIQN'] self.attached = False try: self.attached = iscsilib._checkTGT(self.targetIQN) except: pass self._initPaths()
from util import get_secret API_TOKEN = get_secret("API_TOKEN") PLUGINS = [ "dice_bot" ]
# import time import json import os from pywebpush import webpush, WebPushException from util import get_secret VAPID_PRIVATE_KEY = None VAPID_PUBLIC_KEY = None if 'VAPID_PRIVATE_KEY' in os.environ: VAPID_PRIVATE_KEY = os.environ["VAPID_PRIVATE_KEY"] else: VAPID_PRIVATE_KEY = get_secret('vapid_key_txt').strip("\n") # VAPID_PRIVATE_KEY = open('/run/secrets/vapid_key_txt', "r+").readline().strip("\n") if 'VAPID_PUBLIC_KEY' in os.environ: VAPID_PRIVATE_KEY = os.environ["VAPID_PUBLIC_KEY"] else: VAPID_PUBLIC_KEY = get_secret('vapid_public_key_txt').strip("\n") # VAPID_PUBLIC_KEY = open('/run/secrets/vapid_public_key_txt', "r+").read().strip("\n") VAPID_CLAIMS = {"sub": "mailto:[email protected]"} def send_web_push(subscription_information, message_body): return webpush(subscription_info=subscription_information, data=message_body, vapid_private_key=VAPID_PRIVATE_KEY, vapid_claims=VAPID_CLAIMS)