def init_flask_app(): config.instance.load_configuration() setup_flask_app( manager_ip=config.instance.postgresql_host, hash_salt=config.instance.security_hash_salt, secret_key=config.instance.security_secret_key )
def _init_db_tables(config): print 'Setting up a Flask app' setup_flask_app(manager_ip=config['postgresql_host'], hash_salt=config['hash_salt'], secret_key=config['secret_key']) print 'Creating tables in the DB' upgrade(directory=config['db_migrate_dir'])
def main(): """Run migration command.""" args = parse_arguments(sys.argv[1:]) configure_logging(args['log_level']) setup_flask_app() func = args['func'] func(args)
def main(): """Run migration command.""" args = parse_arguments(sys.argv[1:]) setup_config(args) configure_logging(args['log_level']) setup_flask_app(manager_ip=args['postgresql_host']) func = args['func'] func(args)
def _init_db_tables(config): print 'Setting up a Flask app' setup_flask_app( manager_ip=config['postgresql_host'], hash_salt=config['hash_salt'], secret_key=config['secret_key'] ) print 'Creating tables in the DB' upgrade(directory=config['db_migrate_dir'])
def main(deployment_id): setup_flask_app() config.instance.load_configuration(from_db=False) sm = storage.get_storage_manager() dep = sm.get(storage.models.Deployment, deployment_id) dep.inputs['input1'] = 'bbb' dep.inputs['fail_create'] = False sm.update(dep, modified_attrs=['inputs']) for node in dep.nodes: node.properties['prop2'] = 'bbb' sm.update(node, modified_attrs=['properties'])
def _init_db_tables(db_migrate_dir): print 'Setting up a Flask app' setup_flask_app(manager_ip=config.instance.postgresql_host, hash_salt=config.instance.security_hash_salt, secret_key=config.instance.security_secret_key) # Clean up the DB, in case it's not a clean install db.drop_all() db.engine.execute('DROP TABLE IF EXISTS alembic_version;') print 'Creating tables in the DB' upgrade(directory=db_migrate_dir)
def main(tempdir): """ Create a Flask app, and using the updated security config file get a new REST token. Then write the new token to a file under the snapshot`s tmp dir. :param tempdir: The temp dir used by `restore snapshot` wf. """ setup_flask_app() sm = get_storage_manager() admin_user = sm.get(models.User, 0) token = admin_user.get_auth_token() _write_token_to_file(tempdir, token)
def main(deployment_id): # We need to set the environment variable for rest config path as its # only available on the context of restservice os.environ['MANAGER_REST_CONFIG_PATH'] = '/opt/manager/cloudify-rest.conf' setup_flask_app() config.instance.load_configuration(from_db=False) sm = storage.get_storage_manager() dep = sm.get(storage.models.Deployment, deployment_id) dep.inputs['input1'] = 'bbb' dep.inputs['fail_create'] = False sm.update(dep, modified_attrs=['inputs']) for node in dep.nodes: node.properties['prop2'] = 'bbb' sm.update(node, modified_attrs=['properties'])
def _get_storage_manager(self, tenant_name): app = setup_flask_app() admin = self._set_current_user(app) storage_manager = get_storage_manager() tenant = self._get_or_create_tenant(tenant_name) self._set_tenant_in_app(tenant, app, storage_manager, admin) return storage_manager
def _update_manager_networks(hostname, networks, with_broker=False): """ Add the new networks to the `provider context` DB table :param networks: a dict containing the new networks """ with setup_flask_app().app_context(): sm = get_storage_manager() filters = {} if hostname: filters = {'hostname': hostname} managers = sm.list(models.Manager, filters=filters) if len(managers) != 1: raise RuntimeError( 'Expected 1 manager, found {0} (passed hostname: {1}'.format( len(managers), hostname)) manager = managers[0] if with_broker: brokers = sm.list(models.RabbitMQBroker) if len(brokers) != 1: raise RuntimeError('Expected 1 broker, found {0}'.format( len(brokers))) broker = brokers[0] broker.networks.update(networks) flag_modified(broker, 'networks') sm.update(broker) manager.networks.update(networks) flag_modified(manager, 'networks') sm.update(manager) if update_agents: update_agents(sm)
def _create_db_and_defaults(config): print 'Setting up a Flask app' setup_flask_app( manager_ip=config['postgresql_host'], hash_salt=config['hash_salt'], secret_key=config['secret_key'] ) print 'Creating tables in the DB' db.create_all() print 'Creating bootstrap admin, default tenant and security roles' create_default_user_tenant_and_roles( admin_username=config['admin_username'], admin_password=config['admin_password'], )
def _get_storage_manager(self, tenant_name): app = flask_utils.setup_flask_app() admin = flask_utils.set_admin_current_user(app) storage_manager = get_storage_manager() tenant = flask_utils.get_tenant_by_name(tenant_name) self._set_tenant_in_app(tenant, app, storage_manager, admin) return storage_manager
def _update_admin_password(new_password): """Update the admin user's password.""" with setup_flask_app().app_context(): user = user_datastore.get_user('admin') user.password = hash_password(new_password) # Unlock account user.failed_logins_counter = 0 user_datastore.commit()
def cli(): with setup_flask_app().app_context(): config.instance.load_configuration() parser = argparse.ArgumentParser() parser.add_argument('--logfile', default=DEFAULT_LOG_PATH, help='Path to the log file') parser.add_argument('--log-level', dest='loglevel', default='INFO', help='Logging level') args = parser.parse_args() logging.basicConfig(level=args.loglevel.upper(), filename=args.logfile, format="%(asctime)s %(message)s") logging.getLogger('pika').setLevel(logging.WARNING) with setup_flask_app().app_context(): main()
def test_try_run_schedule_locked(mock_should_run, mock_get_sm, mock_lock): mock_lock.return_value = False sm = mock_get_sm() next_occurrence = datetime.strftime(datetime.now(), '%Y-%m-%d %H:%M:%S') schedule = _get_mock_schedule(next_occurrence=next_occurrence) with setup_flask_app().app_context(): try_run(schedule, sm) # should_run should not run, and next occurrence won't be updated mock_should_run.assert_not_called() assert schedule.next_occurrence == next_occurrence
def _update_admin_password(new_password): """Update the admin user's password.""" with setup_flask_app().app_context(): config.instance.load_configuration() user = user_datastore.get_user('admin') user.password = hash_password(new_password) # Unlock account user.failed_logins_counter = 0 user.active = True user_datastore.commit()
def _get_flask_app(): for value, envvar in [ (REST_CONFIG_PATH, 'MANAGER_REST_CONFIG_PATH'), (REST_SECURITY_CONFIG_PATH, 'MANAGER_REST_SECURITY_CONFIG_PATH'), ]: if value is not None: environ[envvar] = value app = setup_flask_app() set_admin_current_user(app) return app
def connect(self): with setup_flask_app().app_context(): db_url = self.config.db_url # This is to cope with Azure external DB urls: # https://docs.microsoft.com/en-us/azure/postgresql/quickstart-create-server-database-azure-cli if db_url.count('@') > 1: db_url = db_url.replace('@', '%40', 1) return psycopg2.connect( db_url, cursor_factory=DictCursor, )
def _update_provider_context(hostname, networks): """ Add the new networks to the `provider context` DB table :param networks: a dict containing the new networks """ with setup_flask_app().app_context(): sm = get_storage_manager() manager = sm.get(models.Manger, None, filters={'hostname': hostname}) manager.networks.update(networks) flag_modified(manager, 'networks') sm.update(manager)
def _update_provider_context(networks): """ Add the new networks to the `provider context` DB table :param networks: a dict containing the new networks """ with setup_flask_app().app_context(): sm = get_storage_manager() ctx = sm.get(models.ProviderContext, PROVIDER_CONTEXT_ID) old_networks = ctx.context['cloudify']['cloudify_agent']['networks'] old_networks.update(networks) flag_modified(ctx, 'context') sm.update(ctx)
def setup_environment(): for value, envvar in [ (REST_CONFIG_PATH, 'MANAGER_REST_CONFIG_PATH'), (REST_SECURITY_CONFIG_PATH, 'MANAGER_REST_SECURITY_CONFIG_PATH'), ]: if value is not None: environ[envvar] = value app = setup_flask_app() with app.app_context(): config.instance.load_configuration() set_admin_current_user(app)
def main(args): logging.basicConfig( level=args.get('loglevel', 'INFO').upper(), filename=args.get('logfile', DEFAULT_LOG_PATH), format="%(asctime)s %(message)s") config.instance.load_from_file(args['config']) with setup_flask_app().app_context(): config.instance.load_from_db() amqp_client, db_publisher = _create_connections() logger.info('Starting consuming...') amqp_client.consume() if db_publisher.error_exit: raise db_publisher.error_exit
def update_provider_context(args): with setup_flask_app().app_context(): sm = get_storage_manager() for manager in sm.list(models.Manager): manager.private_ip = args.manager_ip manager.public_ip = args.manager_ip manager.networks['default'] = args.manager_ip flag_modified(manager, 'networks') sm.update(manager) for broker in sm.list(models.RabbitMQBroker): broker.host = args.manager_ip broker.networks['default'] = args.manager_ip flag_modified(broker, 'networks') sm.update(broker)
def test_try_run_schedule(mock_execute_workflow, mock_get_sm, mock_db): sm = mock_get_sm() next_occurrence = datetime.strftime(datetime.now(), '%Y-%m-%d %H:%M:%S') schedule = _get_mock_schedule(next_occurrence=next_occurrence) with setup_flask_app().app_context(): try_run(schedule, sm) mock_execute_workflow.assert_called_once() mock_db_call_args = [call.args for call in mock_db.method_calls] assert 'try_advisory_lock' in mock_db_call_args[0][0] assert 'advisory_unlock' in mock_db_call_args[1][0] for call_arg in mock_db_call_args: assert call_arg[1]['lock_number'] == 10001 start_time = date_parser.parse(next_occurrence) assert (schedule.next_occurrence - start_time).seconds == 60
def reset_storage(script_config): app = setup_flask_app() amqp_manager = setup_amqp_manager() # Clear the old RabbitMQ resources amqp_manager.remove_tenant_vhost_and_user(DEFAULT_TENANT_NAME) # Rebuild the DB safe_drop_all(keep_tables=['roles']) upgrade(directory=migrations_dir) # Add default tenant, admin user and provider context _add_defaults(app, amqp_manager, script_config) # Clear the connection close_session(app)
def load_permissions(authorization_file_path, debug=False): with open(authorization_file_path) as f: auth_data = yaml.safe_load(f) with setup_flask_app().app_context(): existing_roles = db.session.query(models.Role) existing_role_names = [role.name for role in existing_roles] new_roles = {role['name']: role for role in auth_data['roles']} for role in existing_roles: if role.name in new_roles: role.type = new_roles[role.name]['type'] role.description = new_roles[role.name]['description'] for role_name, role in new_roles.items(): if role_name not in existing_role_names: db.session.add( models.Role(name=role['name'], type=role['type'], description=role['description'])) roles = { r.name: r.id for r in db.session.query(models.Role.name, models.Role.id) } existing_permissions = [(perm.role_id, perm.name) for perm in db.session.query(models.Permission) ] for permission, permission_roles in auth_data['permissions'].items(): for role_name in permission_roles: if role_name not in roles: sys.stderr.write( 'Could not add permission {perm} for role {role} as ' 'role does not exist.\n'.format( perm=permission, role=role_name, )) continue if (roles[role_name], permission) in existing_permissions: if debug: print('Permission {perm} for role {role} already ' 'exists.'.format(perm=permission, role=role_name)) continue db.session.add( models.Permission(role_id=roles[role_name], name=permission)) db.session.commit()
def set_ldap(config_dict): app = setup_flask_app() # Mock current user, and reload rest configuration set_admin_current_user(app) config.instance.load_from_file(CONFIG_FILE_LOCATION) # Update the config table on manager DB to include LDAP configurations config.instance.update_db(config_dict) # Restart the rest service to load the new LDAP configuration os.system('systemctl restart cloudify-restservice') # Wait for rest service to reload, up to 5 seconds end = time.time() + 5 while not time.time() > end: sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) p_open = sock.connect_ex(("localhost", 80)) == 0 if p_open: break
def set_ldap(config_dict): app = setup_flask_app() # Mock current user, and reload rest configuration set_admin_current_user(app) config.instance.load_from_file(CONFIG_FILE_LOCATION) # Update the config table on manager DB to include LDAP configurations config.instance.update_db(config_dict) # Restart the rest service to load the new LDAP configuration os.system('systemctl restart cloudify-restservice') # Wait for rest service to reload, up to 5 seconds end = time.time() + 5 while not time.time() > end: sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) p_open = sock.connect_ex(("localhost", 80)) == 0 if p_open: break
def reset_storage(script_config): app = setup_flask_app() config.instance.load_configuration() amqp_manager = setup_amqp_manager() # Clear the old RabbitMQ resources amqp_manager.remove_tenant_vhost_and_user(DEFAULT_TENANT_NAME) # Rebuild the DB safe_drop_all(keep_tables=['roles', 'config', 'rabbitmq_brokers', 'certificates', 'managers', 'db_nodes']) upgrade(directory=migrations_dir) # Add default tenant, admin user and provider context _add_defaults(app, amqp_manager, script_config) # Clear the connection close_session(app) subprocess.check_call(['sudo', ADMIN_TOKEN_RESET_SCRIPT])
def reset_storage(script_config): app = setup_flask_app() config.instance.load_configuration() amqp_manager = setup_amqp_manager() # Clear the old RabbitMQ resources amqp_manager.remove_tenant_vhost_and_user(DEFAULT_TENANT_NAME) # Rebuild the DB safe_drop_all(keep_tables=['roles', 'config', 'rabbitmq_brokers', 'certificates']) upgrade(directory=migrations_dir) # Add default tenant, admin user and provider context _add_defaults(app, amqp_manager, script_config) # Clear the connection close_session(app) subprocess.check_call(['sudo', ADMIN_TOKEN_RESET_SCRIPT])
def update_provider_context(args): if args.networks: networks = json.load(args.networks)['networks'] else: networks = None with setup_flask_app().app_context(): sm = get_storage_manager() ctx = sm.get(models.ProviderContext, PROVIDER_CONTEXT_ID) agent_dict = ctx.context['cloudify']['cloudify_agent'] if networks: for network_name, address in networks.items(): previous_address = agent_dict['networks'].get(network_name) if previous_address and address != previous_address: raise ValueError('Cannot change network {0} address' .format(network_name)) else: agent_dict['networks'][network_name]['manager'] = address agent_dict['broker_ip'] = args.manager_ip agent_dict['networks']['default']['manager'] = args.manager_ip flag_modified(ctx, 'context') sm.update(ctx)
def _get_flask_app(): config.instance.load_from_file(RESTSERVICE_CONFIG_PATH) return setup_flask_app()
def setup_flask_app(tenant_name): app = flask_utils.setup_flask_app() flask_utils.set_admin_current_user(app) tenant = flask_utils.get_tenant_by_name(tenant_name) flask_utils.set_tenant_in_app(tenant)
# # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # * See the License for the specific language governing permissions and # * limitations under the License. from os import environ from manager_rest.config import instance from manager_rest.amqp_manager import AMQPManager from manager_rest.flask_utils import setup_flask_app environ['MANAGER_REST_CONFIG_PATH'] = '/opt/manager/cloudify-rest.conf' app = setup_flask_app() with app.app_context(): instance.load_configuration() amqp_manager = AMQPManager( host=instance.amqp_host, username=instance.amqp_username, password=instance.amqp_password ) amqp_manager.sync_metadata()
# You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # * See the License for the specific language governing permissions and # * limitations under the License. from os import environ from manager_rest.config import instance from manager_rest.amqp_manager import AMQPManager from manager_rest.flask_utils import setup_flask_app from manager_rest.constants import SECURITY_FILE_LOCATION environ['MANAGER_REST_CONFIG_PATH'] = '/opt/manager/cloudify-rest.conf' environ['MANAGER_REST_SECURITY_CONFIG_PATH'] = SECURITY_FILE_LOCATION app = setup_flask_app() with app.app_context(): instance.load_configuration() amqp_manager = AMQPManager( host=instance.amqp_management_host, username=instance.amqp_username, password=instance.amqp_password, verify=instance.amqp_ca_path ) amqp_manager.sync_metadata()