def __init__(self): config = get_config() server = config['vault']['server'] role_id = config['vault']['role_id'] secret_id = config['vault']['secret_id'] # This is a threaded world. Let's define a big # connections pool to live in that world # (this avoids the warning "Connection pool is # full, discarding connection: vault.devshift.net") session = requests.Session() adapter = HTTPAdapter(pool_connections=100, pool_maxsize=100) session.mount('https://', adapter) self._client = hvac.Client(url=server, session=session) self._cache = {} authenticated = False for i in range(0, 3): try: self._client.auth_approle(role_id, secret_id) authenticated = self._client.is_authenticated() break except requests.exceptions.ConnectionError: time.sleep(1) if not authenticated: raise VaultConnectionError()
def __init__(self, auto_refresh=True): config = get_config() server = config["vault"]["server"] self.role_id = config["vault"]["role_id"] self.secret_id = config["vault"]["secret_id"] # This is a threaded world. Let's define a big # connections pool to live in that world # (this avoids the warning "Connection pool is # full, discarding connection: vault.devshift.net") session = requests.Session() adapter = HTTPAdapter(pool_connections=100, pool_maxsize=100) session.mount("https://", adapter) self._client = hvac.Client(url=server, session=session) authenticated = False for _ in range(0, 3): try: self._refresh_client_auth() authenticated = self._client.is_authenticated() break except requests.exceptions.ConnectionError: time.sleep(1) if not authenticated: raise VaultConnectionError() if auto_refresh: t = threading.Thread(target=self._auto_refresh_client_auth, daemon=True) t.start()
def init_from_config(): global _base_dn config = get_config() serverUrl = config['ldap']['server'] _base_dn = config['ldap']['base_dn'] return init(serverUrl)
def __init__(self, settings): config = get_config() smtp_secret_path = config['smtp']['secret_path'] smtp_config = self.get_smtp_config(smtp_secret_path, settings) self.host = smtp_config['server'] self.port = str(smtp_config['port']) self.user = smtp_config['username'] self.passwd = smtp_config['password'] self.mail_address = config['smtp']['mail_address'] self._client = None self._server = None
def create( cls, command_data: GPGEncryptCommandData, secret_reader: Optional[SecretReader] = None, ) -> GPGEncryptCommand: cls_secret_reader = ( secret_reader if secret_reader else SecretReader(settings=config.get_config()) ) return cls( command_data=command_data, secret_reader=cls_secret_reader, )
def run(dry_run: bool, enable_deletion: bool): settings = queries.get_app_interface_settings() secret_reader = SecretReader(settings=settings) creds_path = get_config().get("dyn", {}).get("secrets_path", None) if not creds_path: raise ConfigNotFound("Dyn config missing from config file") creds = secret_reader.read_all({"path": creds_path}) dyn_session.DynectSession(creds["customer"], creds["dyn_id"], creds["password"]) desired = fetch_desired_state() current = fetch_current_state() process_tds( current["tds"], desired["tds"], dry_run=dry_run, enable_deletion=enable_deletion )
def __init__(self, settings): config = get_config() smtp_secret_path = config['smtp']['secret_path'] smtp_config = self.get_smtp_config(smtp_secret_path, settings) self.host = smtp_config['server'] self.port = str(smtp_config['port']) self.user = smtp_config['username'] self.passwd = smtp_config['password'] self.mail_address = config['smtp']['mail_address'] self.client = smtplib.SMTP(host=self.host, port=self.port) self.client.send self.client.starttls() self.client.login(self.user, self.passwd) self._server = None
def promquery(cluster, query): """Run a PromQL query""" config_data = config.get_config() auth = { 'path': config_data['promql-auth']['secret_path'], 'field': 'token' } settings = queries.get_app_interface_settings() secret_reader = SecretReader(settings=settings) prom_auth_creds = secret_reader.read(auth) prom_auth = requests.auth.HTTPBasicAuth(*prom_auth_creds.split(':')) url = f"https://prometheus.{cluster}.devshift.net/api/v1/query" response = requests.get(url, params={'query': query}, auth=prom_auth) response.raise_for_status() print(json.dumps(response.json(), indent=4))
def do_current_state_test(path): fixture = fxt.get_anymarkup(path) with patch("reconcile.github_org.RawGithubApi") as m_rga: with patch("reconcile.github_org.Github") as m_gh: m_gh.return_value = GithubMock(fixture["gh_api"]) m_rga.return_value = RawGithubApiMock() gh_api_store = github_org.GHApiStore(config.get_config()) current_state = github_org.fetch_current_state(gh_api_store) current_state = current_state.dump() expected_current_state = fixture["state"] assert len(current_state) == len(expected_current_state) for group in current_state: params = group["params"] items = sorted(group["items"]) assert items == get_items_by_params(expected_current_state, params)
def run(dry_run): gqlapi = gql.get_api() result = gqlapi.query(REPOS_QUERY) config = get_config()['github-repo-invites'] settings = queries.get_app_interface_settings() secret_reader = SecretReader(settings=settings) secret = {'path': config['secret_path'], 'field': config['secret_field']} token = secret_reader.read(secret) g = raw_github_api.RawGithubApi(token) urls = set() known_orgs = set() for app in result['apps_v1']: code_components = app['codeComponents'] if code_components is None: continue for code_component in app['codeComponents']: url = code_component['url'] urls.add(url) org = url[:url.rindex('/')] known_orgs.add(org) invitations = set() for i in g.repo_invitations(): invitation_id = i['id'] invitation_url = i['html_url'] url = os.path.dirname(invitation_url) accept = url in urls or any(url.startswith(org) for org in known_orgs) if accept: logging.info(['accept', url]) invitations.add(url) if not dry_run: g.accept_repo_invitation(invitation_id) else: logging.debug(['skipping', url]) return invitations
def run(dry_run: bool, enable_deletion: bool): settings = queries.get_app_interface_settings() secret_reader = SecretReader(settings=settings) creds_path = get_config().get('dyn', {}).get('secrets_path', None) if not creds_path: raise ConfigNotFound('Dyn config missing from config file') creds = secret_reader.read_all({'path': creds_path}) dyn_session.DynectSession(creds['customer'], creds['dyn_id'], creds['password']) desired = fetch_desired_state() current = fetch_current_state() process_tds(current['tds'], desired['tds'], dry_run=dry_run, enable_deletion=enable_deletion)
def init_from_config(sha_url=True, integration=None, validate_schemas=False, print_url=True): config = get_config() server_url = urlparse(config['graphql']['server']) server = server_url.geturl() token = config['graphql'].get('token') if sha_url: sha = get_sha(server_url, token) server = server_url._replace(path=f'/graphqlsha/{sha}').geturl() runing_state = RunningState() git_commit_info = get_git_commit_info(sha, server_url, token) runing_state.timestamp = git_commit_info.get('timestamp') runing_state.commit = git_commit_info.get('commit') if print_url: logging.info(f'using gql endpoint {server}') return init(server, token, integration, validate_schemas)
def init_from_config( sha_url=True, integration=None, validate_schemas=False, print_url=True ): config = get_config() server_url = urlparse(config["graphql"]["server"]) server = server_url.geturl() token = config["graphql"].get("token") if sha_url: sha = get_sha(server_url, token) server = server_url._replace(path=f"/graphqlsha/{sha}").geturl() runing_state = RunningState() git_commit_info = get_git_commit_info(sha, server_url, token) runing_state.timestamp = git_commit_info.get("timestamp") runing_state.commit = git_commit_info.get("commit") if print_url: logging.info(f"using gql endpoint {server}") return init(server, token, integration, validate_schemas)
def get_user_id_by_name(self, user_name: str) -> str: """ Get user id from their username. :param user_name: Slack user name :return: encoded user ID (ex. W012A3CDE) :raises slack_sdk.errors.SlackApiError: if unsuccessful response from Slack API :raises UserNotFoundException: if the Slack user is not found """ config = get_config() mail_address = config['smtp']['mail_address'] try: result = self._sc.users_lookupByEmail( email=f"{user_name}@{mail_address}") except SlackApiError as e: if e.response['error'] == 'users_not_found': raise UserNotFoundException(e.response['error']) else: raise return result['user']['id']