Python call_go_binaryの例

コード例 #1

ファイル: create_project.py プロジェクト: qc-node-1001/healthcare

 def grant_access(config):
     utils.call_go_binary([
         FLAGS.grant_forseti_access_binary,
         '--project_id',
         project_id,
         '--forseti_service_account',
         config.generated_fields['forseti']['service_account'],
     ])

コード例 #2

ファイル: create_project.py プロジェクト: nus-mornin-lab/datathon

def deploy_new_style_resources(config):
    """Deploy new style resources."""
    utils.call_go_binary([
        FLAGS.apply_binary,
        '--project_yaml_path',
        FLAGS.project_yaml,
        '--project',
        config.project['project_id'],
    ])

コード例 #3

ファイル: create_project.py プロジェクト: p-r-t/healthcare

def deploy_resources(config):
    """Deploy resources."""
    utils.call_go_binary([
        FLAGS.apply_binary,
        '--project_yaml_path',
        FLAGS.project_yaml,
        '--generated_fields_path',
        FLAGS.generated_fields_path or FLAGS.project_yaml,
        '--project',
        config.project['project_id'],
    ])

コード例 #4

ファイル: create_project.py プロジェクト: qc-node-1001/healthcare

def deploy_resources(config):
    """Deploy resources."""
    utils.call_go_binary([
        FLAGS.apply_binary,
        '--project_yaml_path',
        FLAGS.project_yaml,
        '--generated_fields_path',
        FLAGS.generated_fields_path,
        '--project',
        config.project['project_id'],
        '--enable_terraform=%s' % FLAGS.enable_terraform,
    ])

コード例 #5

ファイル: create_project.py プロジェクト: chriskaspar/healthcare

def install_forseti(config):
  """Install forseti based on the given config."""
  utils.call_go_binary([
      FLAGS.apply_forseti_binary,
      '--project_yaml_path',
      FLAGS.project_yaml,
  ])
  forseti_config = config.root['forseti']

  forseti_project_id = forseti_config['project']['project_id']
  generated_field = {
      'service_account': forseti.get_server_service_account(forseti_project_id),
      'server_bucket': forseti.get_server_bucket(forseti_project_id)
  }
  field_generation.set_forseti_service_generated_fields(generated_field,
                                                        config.root)

コード例 #6

ファイル: create_project.py プロジェクト: qc-node-1001/healthcare

def install_forseti(config):
    """Install forseti based on the given config."""
    utils.call_go_binary([
        FLAGS.apply_forseti_binary,
        '--project_yaml_path',
        FLAGS.project_yaml,
        '--generated_fields_path',
        FLAGS.generated_fields_path,
        '--enable_remote_state=%s' % FLAGS.enable_terraform,
    ])
    forseti_config = config.root['forseti']
    forseti_project_id = forseti_config['project']['project_id']
    generated_fields = {
        'service_account':
        forseti.get_server_service_account(forseti_project_id),
        'server_bucket': forseti.get_server_bucket(forseti_project_id)
    }
    config.generated_fields['forseti'] = generated_fields

コード例 #7

ファイル: create_project.py プロジェクト: qc-node-1001/healthcare

def main(argv):
    del argv  # Unused.

    if FLAGS.generated_fields_path == FLAGS.project_yaml:
        raise Exception(
            '--generated_fields_path must not be set to the same as --project_yaml.'
        )

    if FLAGS.output_rules_path:
        FLAGS.output_rules_path = utils.normalize_path(FLAGS.output_rules_path)

    FLAGS.project_yaml = utils.normalize_path(FLAGS.project_yaml)
    FLAGS.generated_fields_path = utils.normalize_path(
        FLAGS.generated_fields_path)

    # touch file if it has not been created yet
    open(FLAGS.generated_fields_path, 'a').close()

    config_string = runner.run_command([
        FLAGS.load_config_binary,
        '--project_yaml_path',
        FLAGS.project_yaml,
        '--generated_fields_path',
        FLAGS.generated_fields_path,
    ],
                                       get_output=True)
    root_config = yaml.load(config_string)

    if not root_config:
        logging.error('Error loading project YAML.')
        return

    generated_fields = utils.read_yaml_file(FLAGS.generated_fields_path)
    if not generated_fields:
        generated_fields = {'projects': {}}

    want_projects = set(FLAGS.projects)

    def want_project(project_config_dict):
        if not project_config_dict:
            return False

        return want_projects == {
            '*'
        } or project_config_dict['project_id'] in want_projects

    projects = []
    audit_logs_project = root_config.get('audit_logs_project')

    # Always deploy the remote audit logs project first (if present).
    if want_project(audit_logs_project):
        projects.append(
            ProjectConfig(root=root_config,
                          project=audit_logs_project,
                          audit_logs_project=None,
                          extra_steps=[],
                          generated_fields=generated_fields))

    forseti_config = root_config.get('forseti')

    if forseti_config and want_project(forseti_config['project']):
        extra_steps = [
            Step(
                func=install_forseti,
                description='Install Forseti',
                updatable=False,
            ),
            get_forseti_access_granter_step(
                forseti_config['project']['project_id']),
        ]

        if audit_logs_project:
            extra_steps.append(
                get_forseti_access_granter_step(
                    audit_logs_project['project_id']))

        forseti_project_config = ProjectConfig(
            root=root_config,
            project=forseti_config['project'],
            audit_logs_project=audit_logs_project,
            extra_steps=extra_steps,
            generated_fields=generated_fields)
        projects.append(forseti_project_config)

    for project_config in root_config.get('projects', []):
        if not want_project(project_config):
            continue

        extra_steps = []
        if forseti_config:
            extra_steps.append(
                get_forseti_access_granter_step(project_config['project_id']))

        projects.append(
            ProjectConfig(root=root_config,
                          project=project_config,
                          audit_logs_project=audit_logs_project,
                          extra_steps=extra_steps,
                          generated_fields=generated_fields))

    validate_project_configs(root_config['overall'], projects)

    logging.info('Found %d projects to deploy', len(projects))

    for config in projects:
        logging.info('Setting up project %s', config.project['project_id'])

        if not setup_project(config):
            # Don't attempt to deploy additional projects if one project failed.
            return

    if forseti_config:
        call = [
            FLAGS.rule_generator_binary,
            '--project_yaml_path',
            FLAGS.project_yaml,
            '--generated_fields_path',
            FLAGS.generated_fields_path,
            '--output_path',
            FLAGS.output_rules_path or '',
        ]
        logging.info('Running rule generator: %s', call)
        utils.call_go_binary(call)

    logging.info('All projects successfully deployed.')

コード例 #8

ファイル: create_project.py プロジェクト: nus-mornin-lab/datathon

def main(argv):
    del argv  # Unused.

    if FLAGS.enable_new_style_resources:
        logging.info('--enable_new_style_resources is true.')

    FLAGS.output_yaml_path = utils.normalize_path(FLAGS.output_yaml_path)
    if FLAGS.output_rules_path:
        FLAGS.output_rules_path = utils.normalize_path(FLAGS.output_rules_path)

    FLAGS.project_yaml = utils.normalize_path(FLAGS.project_yaml)
    if field_generation.move_generated_fields_out_of_projects(
            FLAGS.project_yaml):
        if FLAGS.dry_run:
            logging.error(
                'Must convert generated fields in nodry_run before running!')
            return
        elif not utils.wait_for_yes_no(
                'Use converted generated fields to continue? [y/N]?'):
            return

    # Read and parse the project configuration YAML file.
    root_config = utils.load_config(FLAGS.project_yaml)
    if not root_config:
        logging.error('Error loading project YAML.')
        return

    logging.info('Validating project YAML against schema.')
    try:
        utils.validate_config_yaml(root_config)
    except jsonschema.exceptions.ValidationError as e:
        logging.error('Error in YAML config: %s', e)
        return

    want_projects = set(FLAGS.projects)

    def want_project(project_config_dict):
        if not project_config_dict:
            return False

        return want_projects == {
            '*'
        } or project_config_dict['project_id'] in want_projects

    projects = []
    audit_logs_project = root_config.get('audit_logs_project')

    # Always deploy the remote audit logs project first (if present).
    if want_project(audit_logs_project):
        projects.append(
            ProjectConfig(root=root_config,
                          project=audit_logs_project,
                          audit_logs_project=None,
                          extra_steps=[]))

    forseti_config = root_config.get('forseti')

    if forseti_config and want_project(forseti_config['project']):
        extra_steps = [
            Step(
                func=install_forseti,
                description='Install Forseti',
                updatable=False,
            ),
            get_forseti_access_granter_step(
                forseti_config['project']['project_id']),
        ]

        if audit_logs_project:
            extra_steps.append(
                get_forseti_access_granter_step(
                    audit_logs_project['project_id']))

        forseti_project_config = ProjectConfig(
            root=root_config,
            project=forseti_config['project'],
            audit_logs_project=audit_logs_project,
            extra_steps=extra_steps)
        projects.append(forseti_project_config)

    for project_config in root_config.get('projects', []):
        if not want_project(project_config):
            continue

        extra_steps = []
        if forseti_config:
            extra_steps.append(
                get_forseti_access_granter_step(project_config['project_id']))

        projects.append(
            ProjectConfig(root=root_config,
                          project=project_config,
                          audit_logs_project=audit_logs_project,
                          extra_steps=extra_steps))

    validate_project_configs(root_config['overall'], projects)

    logging.info('Found %d projects to deploy', len(projects))

    for config in projects:
        logging.info('Setting up project %s', config.project['project_id'])

        if not setup_project(config, FLAGS.project_yaml,
                             FLAGS.output_yaml_path):
            # Don't attempt to deploy additional projects if one project failed.
            return

    if forseti_config:
        if FLAGS.enable_new_style_resources:
            call = [
                FLAGS.rule_generator_binary,
                '--project_yaml_path',
                FLAGS.project_yaml,
                '--output_path',
                FLAGS.output_rules_path or '',
            ]
            logging.info('Running rule generator: %s', call)
            utils.call_go_binary(call)
        else:
            rule_generator.run(root_config,
                               output_path=FLAGS.output_rules_path)

    logging.info(
        'All projects successfully deployed. Please remember to sync '
        'any changes written to the config at --output_yaml_path with '
        '--project_yaml before running the script again (Note: only applicable '
        'if --output_yaml_path != --project_yaml)')