def request(self, method, path, headers={}, data=None):
auth_headers = sign_request(key=self.key,
http_method=method,
path=self.parsed_url.path +
path.split('?', 1)[0],
body=data,
host=self.parsed_url.netloc,
timestamp=datetime.datetime.utcnow(),
user_id=self.client)
request_headers = {}
request_headers.update(self.headers)
request_headers.update(
dict((k.lower(), v) for k, v in headers.iteritems()))
request_headers['x-chef-version'] = self.version
request_headers.update(auth_headers)
try:
response = self._request(
method, self.url + path, data,
dict((k.capitalize(), v)
for k, v in request_headers.iteritems()))
except urllib2.HTTPError, e:
e.content = e.read()
try:
e.content = json.loads(e.content)
raise ChefServerError.from_error(e.content['error'],
code=e.code)
except ValueError:
pass
raise e
def request(self, method, path, headers={}, data=None):
auth_headers = sign_request(key=self.key, http_method=method,
path=self.parsed_url.path+path.split('?', 1)[0], body=data,
host=self.parsed_url.netloc, timestamp=datetime.datetime.utcnow(),
user_id=self.client)
request_headers = {}
request_headers.update(self.headers)
request_headers.update(dict((k.lower(), v) for k, v in six.iteritems(headers)))
request_headers['x-chef-version'] = self.version
request_headers.update(auth_headers)
try:
response = self._request(method, self.url + path, data, dict(
(k.capitalize(), v) for k, v in six.iteritems(request_headers)))
response.raise_for_status()
except six.moves.urllib.error.HTTPError as uhe:
uhe.content = uhe.read()
try:
uhe.content = json.loads(uhe.content.decode())
raise ChefServerError.from_error(uhe.content['error'], code=uhe.code)
except ValueError:
pass
raise uhe
except requests.exceptions.HTTPError as rhe:
try:
content = response.json()
raise ChefServerError.from_error(content['error'], code=rhe.response.status_code)
except ValueError:
pass
raise rhe
return response
def api_request(self, method, path, headers={}, data=None):
headers = dict((k.lower(), v) for k, v in headers.iteritems())
headers['accept'] = 'application/json'
if data is not None:
headers['content-type'] = 'application/json'
data = json.dumps(data)
response = self.request(method, path, headers, data)
return json.loads(response)
def api_request(self, method, path, headers={}, data=None):
headers = dict((k.lower(), v) for k, v in headers.iteritems())
headers['accept'] = 'application/json'
if data is not None:
headers['content-type'] = 'application/json'
data = json.dumps(data)
response = self.request(method, path, headers, data)
return json.loads(response)
def decrypt(self):
value = self.decryptor.decrypt(self.data)
# After decryption we should get a string with JSON
try:
value = json.loads(value)
except ValueError:
raise ChefDecryptionError("Error decrypting data bag value. Most likely the provided key is incorrect")
return value["json_wrapper"]
def get_logs(self):
trails_list = self.__conn.describe_trails()["trailList"]
logs_list = []
for trail in trails_list:
bucket_name = trail["S3BucketName"]
bucket_prefix = trail["S3KeyPrefix"]
file_contents_list = self.__storage.get_all_files(bucket_name, bucket_prefix)
for file_content in file_contents_list:
json_content = json.loads(file_content)
for event in json_content["Records"]:
log_entry = self.__get_log_entry_from_json(event)
logs_list.append(log_entry)
return logs_list
def _populate(self, data):
super(EncryptedDataBagItem, self)._populate(data)
raw_data = {}
for key in self.raw_data:
if 'encrypted_data' in self.raw_data[key]:
cipher = Cipher.factory(self._key, self.raw_data[key])
decrypted_data = cipher.decrypt()
raw_data[key] = json.loads(self._strip_wrapper(decrypted_data))
else:
raw_data[key] = self.raw_data[key]
self._encrypted_data = self.raw_data # save an actual raw copy
self.raw_data = raw_data
def request(self, method, path, headers={}, data=None):
auth_headers = sign_request(key=self.key, http_method=method,
path=self.parsed_url.path+path.split('?', 1)[0], body=data,
host=self.parsed_url.netloc, timestamp=datetime.datetime.utcnow(),
user_id=self.client)
headers = dict((k.lower(), v) for k, v in headers.iteritems())
headers['x-chef-version'] = self.version
headers.update(auth_headers)
try:
response = self._request(method, self.url+path, data, dict((k.capitalize(), v) for k, v in headers.iteritems()))
except urllib2.HTTPError, e:
err = e.read()
try:
err = json.loads(err)
raise ChefServerError.from_error(err['error'], code=e.code)
except ValueError:
pass
raise
def from_config_file(cls, path):
"""Load Chef API paraters from a config file. Returns None if the
config can't be used.
"""
log.debug('Trying to load from "%s"', path)
if not os.path.isfile(path) or not os.access(path, os.R_OK):
# Can't even read the config file
log.debug('Unable to read config file "%s"', path)
return
url = key_path = client_name = None
ssl_verify = True
for line in open(path):
if not line.strip() or line.startswith('#'):
continue # Skip blanks and comments
parts = line.split(None, 1)
if len(parts) != 2:
continue # Not a simple key/value, we can't parse it anyway
key, value = parts
md = cls.ruby_string_re.search(value)
if md:
value = md.group(2)
elif key == 'ssl_verify_mode':
log.debug('Found ssl_verify_mode: %r', value)
ssl_verify = (value.strip() != ':verify_none')
log.debug('ssl_verify = %s', ssl_verify)
else:
# Not a string, don't even try
log.debug('Value for {0} does not look like a string: {1}'.format(key, value))
continue
def _ruby_value(match):
expr = match.group(1).strip()
if expr == 'current_dir':
return os.path.dirname(path)
envmatch = cls.env_value_re.match(expr)
if envmatch:
envmatch = envmatch.group(1).strip('"').strip("'")
return os.environ.get(envmatch) or ''
log.debug('Unknown ruby expression in line "%s"', line)
raise UnknownRubyExpression
try:
value = cls.ruby_value_re.sub(_ruby_value, value)
except UnknownRubyExpression:
continue
if key == 'chef_server_url':
log.debug('Found URL: %r', value)
url = value
elif key == 'node_name':
log.debug('Found client name: %r', value)
client_name = value
elif key == 'client_key':
log.debug('Found key path: %r', value)
key_path = value
if not os.path.isabs(key_path):
# Relative paths are relative to the config file
key_path = os.path.abspath(os.path.join(os.path.dirname(path), key_path))
if not (url and client_name and key_path):
# No URL, no chance this was valid, try running Ruby
log.debug('No Chef server config found, trying Ruby parse')
url = key_path = client_name = None
proc = subprocess.Popen('ruby', stdin=subprocess.PIPE, stdout=subprocess.PIPE)
script = config_ruby_script % path.replace('\\', '\\\\').replace("'", "\\'")
out, err = proc.communicate(script)
if proc.returncode == 0 and out.strip():
data = json.loads(out)
log.debug('Ruby parse succeeded with %r', data)
url = data.get('chef_server_url')
client_name = data.get('node_name')
key_path = data.get('client_key')
else:
log.debug('Ruby parse failed with exit code %s: %s', proc.returncode, out.strip())
if not url:
# Still no URL, can't use this config
log.debug('Still no Chef server URL found')
return
if not key_path:
# Try and use ./client.pem
key_path = os.path.join(os.path.dirname(path), 'client.pem')
if not os.path.isfile(key_path) or not os.access(key_path, os.R_OK):
# Can't read the client key
log.debug('Unable to read key file "%s"', key_path)
return
if not client_name:
client_name = socket.getfqdn()
return cls(url, key_path, client_name, ssl_verify=ssl_verify)
def from_config_file(cls, path):
"""Load Chef API paraters from a config file. Returns None if the
config can't be used.
"""
log.debug('Trying to load from "%s"', path)
if not os.path.isfile(path) or not os.access(path, os.R_OK):
# Can't even read the config file
log.debug('Unable to read config file "%s"', path)
return
url = key_path = client_name = None
ssl_verify = True
for line in open(path):
if not line.strip() or line.startswith('#'):
continue # Skip blanks and comments
parts = line.split(None, 1)
if len(parts) != 2:
continue # Not a simple key/value, we can't parse it anyway
key, value = parts
md = cls.ruby_string_re.search(value)
if md:
value = md.group(2)
elif key == 'ssl_verify_mode':
log.debug('Found ssl_verify_mode: %r', value)
ssl_verify = (value.strip() != ':verify_none')
log.debug('ssl_verify = %s', ssl_verify)
else:
# Not a string, don't even try
log.debug('Value for {0} does not look like a string: {1}'.format(key, value))
continue
def _ruby_value(match):
expr = match.group(1).strip()
if expr == 'current_dir':
return os.path.dirname(path)
envmatch = cls.env_value_re.match(expr)
if envmatch:
envmatch = envmatch.group(1).strip('"').strip("'")
return os.environ.get(envmatch) or ''
log.debug('Unknown ruby expression in line "%s"', line)
raise UnknownRubyExpression
try:
value = cls.ruby_value_re.sub(_ruby_value, value)
except UnknownRubyExpression:
continue
if key == 'chef_server_url':
log.debug('Found URL: %r', value)
url = value
elif key == 'node_name':
log.debug('Found client name: %r', value)
client_name = value
elif key == 'client_key':
log.debug('Found key path: %r', value)
key_path = value
if not os.path.isabs(key_path):
# Relative paths are relative to the config file
key_path = os.path.abspath(os.path.join(os.path.dirname(path), key_path))
if not (url and client_name and key_path):
# No URL, no chance this was valid, try running Ruby
log.debug('No Chef server config found, trying Ruby parse')
url = key_path = client_name = None
proc = subprocess.Popen('ruby', stdin=subprocess.PIPE, stdout=subprocess.PIPE)
script = config_ruby_script % path.replace('\\', '\\\\').replace("'", "\\'")
out, err = proc.communicate(script.encode())
if proc.returncode == 0 and out.strip():
data = json.loads(out.decode())
log.debug('Ruby parse succeeded with %r', data)
url = data.get('chef_server_url')
client_name = data.get('node_name')
key_path = data.get('client_key')
if key_path and not os.path.isabs(key_path):
# Relative paths are relative to the config file
key_path = os.path.abspath(os.path.join(os.path.dirname(path), key_path))
else:
log.debug('Ruby parse failed with exit code %s: %s', proc.returncode, out.strip())
if not url:
# Still no URL, can't use this config
log.debug('Still no Chef server URL found')
return
if not key_path:
# Try and use ./client.pem
key_path = os.path.join(os.path.dirname(path), 'client.pem')
if not os.path.isfile(key_path) or not os.access(key_path, os.R_OK):
# Can't read the client key
log.debug('Unable to read key file "%s"', key_path)
return
if not client_name:
client_name = socket.getfqdn()
return cls(url, key_path, client_name, ssl_verify=ssl_verify)
def from_config_file(cls, path):
"""Load Chef API paraters from a config file. Returns None if the
config can't be used.
"""
log.debug('Trying to load from "%s"', path)
if not os.path.isfile(path) or not os.access(path, os.R_OK):
# Can't even read the config file
log.debug('Unable to read config file "%s"', path)
return
url = key_path = client_name = None
for line in open(path):
if not line.strip() or line.startswith('#'):
continue # Skip blanks and comments
parts = line.split(None, 1)
if len(parts) != 2:
continue # Not a simple key/value, we can't parse it anyway
key, value = parts
value = value.strip().strip('"\'')
def _ruby_value(match):
expr = match.group(1).strip()
if expr == 'current_dir':
return os.path.dirname(path)
log.debug('Unknown ruby expression in line "%s"', line)
raise UnknownRubyExpression
try:
value = cls.ruby_value_re.sub(_ruby_value, value)
except UnknownRubyExpression:
continue
if key == 'chef_server_url':
url = value
elif key == 'node_name':
client_name = value
elif key == 'client_key':
key_path = value
if not os.path.isabs(key_path):
# Relative paths are relative to the config file
key_path = os.path.abspath(os.path.join(os.path.dirname(path), key_path))
if not url:
# No URL, no chance this was valid, try running Ruby
log.debug('No Chef server URL found, trying Ruby parse')
proc = subprocess.Popen('ruby', stdin=subprocess.PIPE, stdout=subprocess.PIPE)
script = config_ruby_script % path.replace('\\', '\\\\').replace("'", "\\'")
out, err = proc.communicate(script)
if proc.returncode == 0 and out.strip():
data = json.loads(out)
url = data.get('chef_server_url')
client_name = data.get('node_name')
key_path = data.get('client_key')
if not url:
# Still no URL, can't use this config
log.debug('Still no Chef server URL found')
return
if not key_path:
# Try and use ./client.pem
key_path = os.path.join(os.path.dirname(path), 'client.pem')
if not os.path.isfile(key_path) or not os.access(key_path, os.R_OK):
# Can't read the client key
log.debug('Unable to read key file "%s"', key_path)
return
if not client_name:
client_name = socket.getfqdn()
return cls(url, key_path, client_name)
def from_config_file(cls, path):
"""Load Chef API paraters from a config file. Returns None if the
config can't be used.
"""
log.debug('Trying to load from "%s"', path)
if not os.path.isfile(path) or not os.access(path, os.R_OK):
# Can't even read the config file
log.debug('Unable to read config file "%s"', path)
return
url = key_path = client_name = None
for line in open(path):
if not line.strip() or line.startswith('#'):
continue # Skip blanks and comments
parts = line.split(None, 1)
if len(parts) != 2:
continue # Not a simple key/value, we can't parse it anyway
key, value = parts
value = value.strip().strip('"\'')
def _ruby_value(match):
expr = match.group(1).strip()
if expr == 'current_dir':
return os.path.dirname(path)
log.debug('Unknown ruby expression in line "%s"', line)
raise UnknownRubyExpression
try:
value = cls.ruby_value_re.sub(_ruby_value, value)
except UnknownRubyExpression:
continue
if key == 'chef_server_url':
url = value
elif key == 'node_name':
client_name = value
elif key == 'client_key':
key_path = value
if not os.path.isabs(key_path):
# Relative paths are relative to the config file
key_path = os.path.abspath(
os.path.join(os.path.dirname(path), key_path))
if not url:
# No URL, no chance this was valid, try running Ruby
log.debug('No Chef server URL found, trying Ruby parse')
proc = subprocess.Popen('ruby',
stdin=subprocess.PIPE,
stdout=subprocess.PIPE)
script = config_ruby_script % path.replace('\\', '\\\\').replace(
"'", "\\'")
out, err = proc.communicate(script)
if proc.returncode == 0 and out.strip():
data = json.loads(out)
url = data.get('chef_server_url')
client_name = data.get('node_name')
key_path = data.get('client_key')
if not url:
# Still no URL, can't use this config
log.debug('Still no Chef server URL found')
return
if not key_path:
# Try and use ./client.pem
key_path = os.path.join(os.path.dirname(path), 'client.pem')
if not os.path.isfile(key_path) or not os.access(key_path, os.R_OK):
# Can't read the client key
log.debug('Unable to read key file "%s"', key_path)
return
if not client_name:
client_name = socket.getfqdn()
return cls(url, key_path, client_name)
