def configure_fabric(eb_environment_name, ip_address, key_filename=None):
if eb_environment_name is not None:
get_finalized_environment_variables(eb_environment_name)
if key_filename is None:
key_filename = get_global_config()['DEPLOYMENT_KEY_FILE_PATH']
fabric_env.host_string = ip_address
fabric_env.user = REMOTE_USERNAME
fabric_env.key_filename = key_filename
retry(run, "# waiting for ssh to be connectable...")
run("echo >> {log}".format(log=LOG_FILE))
sudo("chmod 666 {log}".format(log=LOG_FILE))
def encrypt_eb_s3_bucket():
'''
This function obtain the account ID and the region, constructs the
elasticbeanstalk s3 bucket name and applies a encrypt by default policy
to the bucket.
'''
global_config = get_global_config()
sts_client = create_sts_client()
account_id = sts_client.get_caller_identity().get('Account')
# There ought to be an easier way to get this name, but this works.
s3_eb_bucket = 'elasticbeanstalk-{}-{}'.format(global_config['AWS_REGION'],
account_id)
log.info('Enabling encryption on S3 bucket: %s' % s3_eb_bucket)
s3_encrypt_bucket(s3_eb_bucket)
def construct_eb_environment_variables(eb_environment_name):
global_config = get_global_config()
try:
environment_variables = get_finalized_environment_variables(
eb_environment_name)
except Exception as e:
log.error("could not get your environment settings.")
log.error(e)
raise
try:
server_settings = get_server_configuration_file(eb_environment_name)
except Exception as e:
log.error("could not get your server settings.")
log.error(e)
raise
# This needs to be a comma separated list of environment variables declared as "var=value"
env_var_string = ",".join(
["%s=%s" % (k, v) for k, v in environment_variables.iteritems()])
generated_configuration_details = {
"ServiceRole": get_or_create_eb_service_role()['Arn'],
"IamInstanceProfile": get_or_create_eb_instance_profile()['Arn'],
"EnvironmentVariables": env_var_string,
"EC2KeyName": global_config["DEPLOYMENT_KEY_NAME"],
"InstanceType": server_settings['ELASTIC_BEANSTALK_INSTANCE_TYPE'],
"Notification Endpoint": global_config['SYSTEM_ADMINISTRATOR_EMAIL']
}
configuration = get_base_eb_configuration()
for option in configuration:
if isinstance(option['Value'], DynamicParameter):
option['Value'] = generated_configuration_details.pop(
option['OptionName'])
if generated_configuration_details:
pprint(generated_configuration_details)
raise Exception(
"encountered unused autogenerated configs, see print statement above to debug."
)
return configuration
from time import sleep
from botocore.exceptions import ClientError
from deployment_helpers.aws.boto_helpers import create_ec2_client, create_ec2_resource
from deployment_helpers.aws.rds import (get_rds_security_groups_by_eb_name)
from deployment_helpers.aws.security_groups import (
create_sec_grp_rule_parameters_allowing_traffic_from_another_security_group,
create_security_group, get_security_group_by_name, InvalidSecurityGroupNameException,
open_tcp_port, get_security_group_by_id)
from deployment_helpers.constants import get_global_config, RABBIT_MQ_PORT
from deployment_helpers.general_utils import log
GLOBAL_CONFIGURATION = get_global_config()
RABBIT_MQ_SEC_GRP_DESCRIPTION = "allows connections to rabbitmq from servers with security group %s"
PROCESSING_MANAGER_NAME = "%s data processing manager"
####################################################################################################
######################################## Accessors #################################################
####################################################################################################
def get_instance_by_id(instance_id):
ec2_client = create_ec2_client()
return ec2_client.describe_instances(InstanceIds=[instance_id])['Reservations'][0]["Instances"][0]
def get_manager_private_ip(eb_environment_name):
instance = get_manager_instance_by_eb_environment_name(eb_environment_name)
print instance['NetworkInterfaces']
def validate_beiwe_environment_config(eb_environment_name):
# DOMAIN_NAME
# SENTRY_ANDROID_DSN
# SENTRY_DATA_PROCESSING_DSN
# SENTRY_ELASTIC_BEANSTALK_DSN
# SENTRY_JAVASCRIPT_DSN
# SYSADMIN_EMAILS
errors = []
try:
aws_credentials = get_aws_credentials()
global_config = get_global_config()
beiwe_variables = get_beiwe_environment_variables(eb_environment_name)
except Exception as e:
log.error(
"encountered an error while trying to read configuration files.")
log.error(e)
EXIT(1)
beiwe_variables_name = os.path.basename(
get_beiwe_python_environment_variables_file_path(eb_environment_name))
reference_environment_configuration_keys = reference_environment_configuration_file(
).keys()
# Validate the data
sysadmin_email = global_config.get('SYSTEM_ADMINISTRATOR_EMAIL', "")
if not sysadmin_email:
errors.append(
'(Global Configuration) System administrator email cannot be empty.'
)
else:
if not re.match('^[\S]+@[\S]+\.[\S]+$', sysadmin_email):
errors.append(
'(Global Configuration) Invalid email address: {}'.format(
sysadmin_email))
# check sentry urls
sentry_dsns = {
"SENTRY_ELASTIC_BEANSTALK_DSN":
beiwe_variables.get('SENTRY_ELASTIC_BEANSTALK_DSN', ''),
"SENTRY_DATA_PROCESSING_DSN":
beiwe_variables.get('SENTRY_DATA_PROCESSING_DSN', ''),
"SENTRY_ANDROID_DSN":
beiwe_variables.get('SENTRY_ANDROID_DSN', ''),
"SENTRY_JAVASCRIPT_DSN":
beiwe_variables.get('SENTRY_JAVASCRIPT_DSN', ''),
}
for name, dsn in sentry_dsns.iteritems():
if ensure_nonempty_string(dsn, name, errors, beiwe_variables_name):
if not DSN_REGEX.match(dsn):
errors.append('({}) Invalid DSN: {}'.format(
beiwe_variables_name, dsn))
# if name == "SENTRY_JAVASCRIPT_DSN":
# if not PUBLIC_DSN_REGEX.match(dsn):
# errors.append('({}) Invalid DSN: {}'.format(beiwe_variables_name, dsn))
# elif not PRIVATE_DSN_REGEX.match(dsn):
# errors.append('({}) Invalid DSN: {}'.format(beiwe_variables_name, dsn))
domain_name = beiwe_variables.get('DOMAIN', None)
ensure_nonempty_string(domain_name, 'Domain name', errors,
beiwe_variables_name)
for key in reference_environment_configuration_keys:
if key not in beiwe_variables:
errors.append("{} is missing.".format(key))
for key in beiwe_variables:
if key not in reference_environment_configuration_keys:
errors.append("{} is present but was not expected.".format(key))
# Raise any errors
if errors:
for e in errors:
log.error(e)
sleep(
0.1
) # python logging has some issues if you exit too fast... isn't it supposed to be synchronous?
EXIT(1) # forcibly exit, do not continue to run any code.
# Check for presence of the server settings file:
if not file_exists(
get_server_configuration_file_path(eb_environment_name)):
log.error("No server settings file exists at %s." %
get_server_configuration_file_path(eb_environment_name))
EXIT(1)
# Put the data into one dict to be returned
return {
'DOMAIN_NAME': domain_name,
'SYSADMIN_EMAILS': sysadmin_email,
'SENTRY_ELASTIC_BEANSTALK_DSN':
sentry_dsns['SENTRY_ELASTIC_BEANSTALK_DSN'],
'SENTRY_DATA_PROCESSING_DSN':
sentry_dsns['SENTRY_DATA_PROCESSING_DSN'],
'SENTRY_ANDROID_DSN': sentry_dsns['SENTRY_ANDROID_DSN'],
'SENTRY_JAVASCRIPT_DSN': sentry_dsns['SENTRY_JAVASCRIPT_DSN']
}
