def __init__(self, uda_class, view_name, uda_fields, key_fields=None):
self.uda_class = uda_class
self.uda_encoded = base64.b64_encode(pickle_dump(uda_class))
self.view_name = view_name
self.uda_fields = uda_fields
self.key_fields = key_fields
def __init__(self, uda_class, view_name, uda_fields, key_fields=None):
self.uda_class = uda_class
self.uda_encoded = base64.b64_encode(pickle_dump(uda_class))
self.view_name = view_name
self.uda_fields = uda_fields
self.key_fields = key_fields
def encode(data):
"""
base64 encode helper for jinja
:param data: encodeable bytes-object
:type model: byte
:returns: base64 encoded bytes-object
:rtype: byte
"""
return b64_encode(data)
def encodes(data, code="ascii"):
"""
base64 encode helper for jinja taking string and returning string
:param data: string which should be encoded
:type model: string
:param code: code to use for bytes en-/decoding (default: ascii)
:type model: string
:returns: base64-encoded string
:rtype: string
"""
return b64_encode(data.encode(code)).decode(code)
def post_process(output):
cleanup = output['cleanup']
if cleanup:
cleanup = '/' + cleanup
datapack = output['datapack']
from base64 import encodestring as b64_encode
return {
'zip': b64_encode(datapack).decode('utf8'),
'cleanup': cleanup,
'namespace': output['namespace'],
}
def _request(self, method, url, data=None):
authorization = '%s:%s' % (self.user, self.token)
base64 = b64_encode(authorization).replace('\n', '')
headers = {'Authorization': 'Basic %s' % base64}
if data:
headers['Content-Type'] = 'application/json'
data = json.dumps(data)
req_method = getattr(requests, method.lower())
resp = req_method(url, data=data, headers=headers)
data, code = resp.text, resp.status_code
if code < 200 or code >= 300:
print 'Got a %s response: %r' % (code, data)
raise Exception
if resp.headers.get('Content-Encoding') == 'gzip':
fd = GzipFile(fileobj=StringIO(data))
data = fd.read()
return (resp.headers, json.loads(data))
def build(self, build_context):
"""Build launches the previously-built AMI.
Requires:
build_context['image_id']
build_context['build_vpc']
build_context['build_region']
build_context['key_name']
build_context['customer_id']
build_context['customer_email']
build_context['basiton_id']
build_context['vpn_password']
"""
self._ec2 = boto3.client('ec2',
region_name=build_context['build_region'])
self._cfn = boto3.client('cloudformation',
region_name=build_context['build_region'])
self._iam = boto3.client('iam',
region_name=build_context['build_region'])
self._as = boto3.client('autoscaling',
region_name=build_context['build_region'])
customer_id = build_context['customer_id']
build_time = int(time.time())
stack_name = 'opsee-stack-%s' % customer_id
role_name = 'opsee-role-%s' % customer_id
policy_name = 'opsee-policy-%s' % customer_id
resp = requests.get(
get_bucket_path(build_context['build_region'], 'opsee-role.json'))
policy = resp.text
self._iam.create_role(RoleName=role_name,
AssumeRolePolicyDocument=assume_role_policy)
self._iam.put_role_policy(RoleName=role_name,
PolicyName=policy_name,
PolicyDocument=policy)
build_context['role_name'] = role_name
build_context['policy_name'] = policy_name
userdata_t = Template(userdata_template)
userdata = b64_encode(
userdata_t.render(
customer_id=build_context['customer_id'],
bastion_id=build_context['bastion_id'],
customer_email=build_context['customer_email'],
vpn_password=build_context['vpn_password'],
))
build_context['launch_stack_name'] = stack_name
resp = self._ec2.describe_subnets(Filters=[
{
'Name': 'vpc-id',
'Values': [build_context['build_vpc']]
},
{
'Name': 'availabilityZone',
# ${reigon}a is almost always going to exist. We can get AZs and pick one
# later if we need to.
'Values': ['%sa' % build_context['build_region']]
},
{
'Name': 'defaultForAz',
'Values': ['true']
},
])
subnet_id = resp['Subnets'][0]['SubnetId']
build_context['launch_subnet_id'] = subnet_id
resp = self._cfn.create_stack(
StackName=stack_name,
TemplateURL=get_bucket_path(build_context['build_region'],
'bastion-cf.template'),
Capabilities=['CAPABILITY_IAM'],
Parameters=[
{
'ParameterKey': 'AllowSSH',
'ParameterValue': 'False',
'UsePreviousValue': False,
},
{
'ParameterKey': 'ImageId',
'ParameterValue': build_context['image_id'],
'UsePreviousValue': False,
},
{
'ParameterKey': 'UserData',
'ParameterValue': userdata,
'UsePreviousValue': False,
},
{
'ParameterKey': 'KeyName',
'ParameterValue': build_context['key_name'],
'UsePreviousValue': False,
},
{
'ParameterKey': 'VpcId',
'ParameterValue': build_context['build_vpc'],
'UsePreviousValue': False,
},
{
'ParameterKey': 'SubnetId',
'ParameterValue': subnet_id,
'UsePreviousValue': False,
},
{
'ParameterKey': 'CustomerId',
'ParameterValue': stack_name,
'UsePreviousValue': False,
},
{
'ParameterKey': 'BastionId',
'ParameterValue': stack_name,
'UsePreviousValue': False,
},
{
'ParameterKey':
'BastionIngressTemplateUrl',
'ParameterValue':
get_bucket_path(build_context['build_region'],
'bastion-ingress-cf.template'),
'UsePreviousValue':
False,
},
],
)
stack_id = resp['StackId']
print 'Test stack id: %s' % stack_id
print 'Waiting for stack creation to finish...'
waiter = waiters.CloudFormationWaiter(self._cfn)
waiter.wait(stack_name, 'CREATE_COMPLETE')
resources = self._cfn.describe_stack_resources(StackName=stack_name)
asg_id = [
x for x in resources['StackResources']
if x['ResourceType'] == 'AWS::AutoScaling::AutoScalingGroup'
][0]['PhysicalResourceId']
resp = self._as.describe_auto_scaling_groups(
AutoScalingGroupNames=[asg_id])
instance_id = resp['AutoScalingGroups'][0]['Instances'][0][
'InstanceId']
print 'Waiting for build instance (%s) to become available...' % instance_id
waiter = self._ec2.get_waiter('instance_running')
waiter.wait(InstanceIds=[instance_id])
instance_info = self._ec2.describe_instances(
InstanceIds=[instance_id])['Reservations'][0]['Instances'][0]
public_ip = instance_info['NetworkInterfaces'][0]['Association'][
'PublicIp']
sg_id = instance_info['SecurityGroups'][0]['GroupId']
self._ec2.authorize_security_group_ingress(
GroupId=sg_id,
IpProtocol='tcp',
FromPort=22,
ToPort=22,
CidrIp='0.0.0.0/0',
)
print 'Got instance public IP: %s' % public_ip
build_context['launch_public_ip'] = public_ip
print 'Sleeping for 240 seconds to allow bastion to finish initialization...'
time.sleep(240)
return build_context
# See https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/
# Frankiz secret Key
FKZ_KEY = None
fkzkeyfile = os.path.join(BASE_DIR, ".keys/fkz.key")
if not os.path.exists(fkzkeyfile):
with open(fkzkeyfile, "wb") as f:
f.write("None")
with open(fkzkeyfile, "r") as f:
FKZ_KEY = f.read().strip()
# SECURITY WARNING: keep the secret key used in production secret!
secretkeyfile = os.path.join(BASE_DIR, ".keys/secret.key")
if not os.path.exists(secretkeyfile):
with open(secretkeyfile, "wb") as f:
f.write(base64.b64_encode(os.urandom(30)))
with open(secretkeyfile, "r") as f:
SECRET_KEY = f.read().strip()
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = os.environ.get("DJANGO_DEBUG", False)
ALLOWED_HOSTS = ["*"]
AUTH_USER_MODEL = 'event.User'
# Emails
DEFAULT_FROM_EMAIL = "*****@*****.**"
SERVER_EMAIL = DEFAULT_FROM_EMAIL