def _sign_agent_package(agent_package, **kwargs):
'''Sign an agent package'''
if not os.path.exists(agent_package):
raise AgentPackageError('Invalid package {}'.format(agent_package))
cert_type = _cert_type_from_kwargs(**kwargs)
files = _files_from_kwargs(**kwargs)
certs_dir = kwargs.get('certs_dir', None)
certsobj = None
if certs_dir is not None:
certsobj = certs.Certs(certs_dir)
if cert_type == 'admin':
if files:
raise AgentPackageError("admin's aren't allowed to add files.")
verified = auth.sign_as_admin(agent_package, 'admin', certsobj = certsobj)
elif cert_type == 'creator':
verified = auth.sign_as_creator(agent_package, 'creator', files, certsobj = certsobj)
elif cert_type == 'initiator':
verified = auth.sign_as_initiator(agent_package, 'initiator', files, certsobj = certsobj)
elif cert_type == 'platform':
verified = auth.sign_as_platform(agent_package, 'platform', files)
else:
raise AgentPackageError('Unknown packaging options')
if verified:
print('{} signed as {}'.format(agent_package, cert_type))
else:
print('Verification of signing failed!')
def install_agent(self, agent_wheel, vip_identity=None, publickey=None,
secretkey=None, add_auth=True):
while True:
agent_uuid = str(uuid.uuid4())
if agent_uuid in self.agents:
continue
agent_path = os.path.join(self.install_dir, agent_uuid)
try:
os.mkdir(agent_path)
break
except OSError as exc:
if exc.errno != errno.EEXIST:
raise
try:
if auth is not None and self.env.verify_agents:
unpacker = auth.VolttronPackageWheelFile(agent_wheel, certsobj=certs.Certs())
unpacker.unpack(dest=agent_path)
else:
unpack(agent_wheel, dest=agent_path)
final_identity = self._setup_agent_vip_id(agent_uuid,
vip_identity=vip_identity)
if publickey is not None and secretkey is not None:
keystore = self.get_agent_keystore(agent_uuid)
keystore.public = publickey
keystore.secret = secretkey
if add_auth:
self._authorize_agent_keys(agent_uuid, final_identity)
except Exception:
shutil.rmtree(agent_path)
raise
return agent_uuid
def setUp(self):
self.fixtureDir = os.path.join(os.path.dirname(__file__), "fixtures")
# now change to the newly created tmpdir
self.tmpdir = tempfile.mkdtemp()
self.delete_temp = True
os.chdir(self.tmpdir)
# only do the certs stuf if the restricted are available.
if certs:
self.certificate_dir = os.path.join(self.tmpdir, 'certs')
self.certs_dir = os.path.join(self.tmpdir, 'certs/certs')
self.private_dir = os.path.join(self.tmpdir, 'certs/private')
os.makedirs(self.certs_dir)
os.makedirs(self.private_dir)
self.admin_cert_name = 'admin'
self.creator_cert_name = 'creator'
self.initiator_cert_name = 'initiator'
admin = {'C': 'US', 'CN': self.admin_cert_name}
creator = {'C': 'US', 'CN': self.creator_cert_name}
initiator = {'C': 'US', 'CN': self.initiator_cert_name}
self.certsobj = certs.Certs(self.certificate_dir)
self.certsobj.create_root_ca()
self.certsobj.create_ca_signed_cert(self.admin_cert_name, **admin)
self.certsobj.create_ca_signed_cert(self.creator_cert_name,
**creator)
self.certsobj.create_ca_signed_cert(self.initiator_cert_name,
**initiator)
os.mkdir('packagetest')
with open(os.path.join('packagetest', '__init__.py'), 'w') as file:
pass
with open(os.path.join('packagetest', 'packagetest.py'), 'w') as file:
file.write('''
import sys
if __name__ == '__main__':
sys.stdout.write('Hello World!\n')
''')
with open(os.path.join('setup.py'), 'w') as file:
file.write('''
from setuptools import setup
setup(
name = 'packagetest',
version = '0.1',
packages = ['packagetest'],
zip_safe = False,
)
''')
p = subprocess.Popen([sys.executable, 'setup.py', 'bdist_wheel'])
p.wait()
self.wheel = os.path.join('dist', 'packagetest-0.1-py2-none-any.whl')
def _create_ca(certs_dir=DEFAULT_CERTS_DIR):
'''Creates a root ca cert using the Certs class'''
crts = certs.Certs(certs_dir)
if crts.ca_exists():
msg = '''Creating a new root ca will overwrite the current ca and
invalidate any signed certs.
Are you sure you want to do this? type 'yes' to continue: '''
continue_yes = raw_input(msg)
if continue_yes.upper() != 'YES':
return
data = _create_cert_ui(certs.DEFAULT_ROOT_CA_CN)
crts.create_root_ca(**data)
def _create_cert(name=None, certs_dir=DEFAULT_CERTS_DIR, **kwargs):
'''Create a cert using options specified on the command line'''
crts = certs.Certs(certs_dir)
if not crts.ca_exists():
sys.stderr.write('Root CA ot must be created before certificates\n')
sys.exit(0)
cert_type = _cert_type_from_kwargs(**kwargs)
if name == None:
name = cert_type
cert_data = _create_cert_ui(cert_type)
else:
cert_data = _create_cert_ui('{} ({})'.format(cert_type, name))
crts.create_ca_signed_cert(name, **cert_data)
def __init__(self, volttron_home=None):
# os.chdir(rel_path)
self.tmpdir = tempfile.mkdtemp()
self.wheelhouse = '/'.join((self.tmpdir, 'wheelhouse'))
os.makedirs(self.wheelhouse)
if volttron_home is not None:
mergetree(volttron_home, self.tmpdir)
self.env = os.environ.copy()
self.env['VOLTTRON_HOME'] = self.tmpdir
print(self.env['VOLTTRON_HOME'])
if RESTRICTED_AVAILABLE:
certsdir = os.path.join(
os.path.expanduser(self.env['VOLTTRON_HOME']), 'certificates')
print("certsdir", certsdir)
self.certsobj = certs.Certs(certsdir)
def install_agent(self, agent_wheel):
while True:
agent_uuid = str(uuid.uuid4())
if agent_uuid in self.agents:
continue
agent_path = os.path.join(self.install_dir, agent_uuid)
try:
os.mkdir(agent_path)
break
except OSError as exc:
if exc.errno != errno.EEXIST:
raise
try:
if auth is not None and self.env.verify_agents:
unpacker = auth.VolttronPackageWheelFile(agent_wheel, certsobj=certs.Certs())
unpacker.unpack(dest=agent_path)
else:
unpack(agent_wheel, dest=agent_path)
except Exception:
shutil.rmtree(agent_path)
raise
return agent_uuid
def startup_platform(self, platform_config, use_twistd = False,
mode=UNRESTRICTED):
"""Start volttron in VOLTTRON_HOME.
platform_config is a json file like
"""
try:
print("PLATFORM CONFIG: ", platform_config)
config = json.loads(open(platform_config, 'r').read())
except Exception as e:
config = None
sys.stderr.write (str(e))
assert config != None, 'Invalid configuration file passed {}'.format(
platform_config)
# self.tmpdir = tempfile.mkdtemp()
config['tmpdir'] = self.tmpdir
pconfig = os.path.join(self.tmpdir, TMP_PLATFORM_CONFIG_FILENAME)
self.mode = mode
assert self.mode in MODES, 'Invalid platform mode set: '+str(mode)
opts = None
if self.mode == UNRESTRICTED:
if RESTRICTED_AVAILABLE:
config['mobility'] = False
config['resource-monitor'] = False
config['verify'] = False
with closing(open(pconfig, 'w')) as cfg:
cfg.write(PLATFORM_CONFIG_UNRESTRICTED.format(**config))
opts = type('Options', (), {'verify_agents': False,
'volttron_home': self.tmpdir})()
elif self.mode == RESTRICTED:
if not RESTRICTED_AVAILABLE:
raise ValueError("restricted is not available.")
certsdir = os.path.join(os.path.expanduser(self.env['VOLTTRON_HOME']),
'certificates')
print ("certsdir", certsdir)
self.certsobj = certs.Certs(certsdir)
with closing(open(pconfig, 'w')) as cfg:
cfg.write(PLATFORM_CONFIG_RESTRICTED.format(**config))
opts = type('Options', (), {'resource-monitor':False,
'verify_agents': True,
'volttron_home': self.tmpdir})()
else:
raise PlatformWrapperError("Invalid platform mode specified: {}".format(mode))
self.test_aip = aip.AIPplatform(opts)
self.test_aip.setup()
lfile = os.path.join(self.tmpdir, "volttron.log")
print("VOLTTRON_ROOT: ", VOLTTRON_ROOT)
pparams = [VSTART, "-c", pconfig, "-vv", "-l", lfile]
print("PARAMS: ", pparams)
self.p_process = subprocess.Popen(pparams, env=self.env)
#Setup connector
path = '{}/run/control'.format(self.env['VOLTTRON_HOME'])
time.sleep(5)
tries = 0
max_tries = 5
while(not os.path.exists(path) and tries < max_tries):
time.sleep(5)
tries += 1
self.conn= server.ControlConnector(path)
# if self.mode == RESTRICTED:
# self.conn.call.create_cgroups()
self.use_twistd = use_twistd
#TODO: Revise this to start twistd with platform.
if self.use_twistd:
tconfig = os.path.join(self.tmpdir, TMP_SMAP_CONFIG_FILENAME)
with closing(open(tconfig, 'w')) as cfg:
cfg.write(TWISTED_CONFIG.format(**config))
tparams = [TWISTED_START, "-n", "smap", tconfig]
self.t_process = subprocess.Popen(tparams, env=self.env)
time.sleep(5)
def startup_platform(self,
vip_address,
auth_dict=None,
use_twistd=False,
mode=UNRESTRICTED,
bind_web_address=None,
volttron_central_address=None,
volttron_central_serverkey=None):
# if not isinstance(vip_address, list):
# self.vip_address = [vip_address]
# else:
# self.vip_address = vip_address
self.vip_address = vip_address
self.mode = mode
self.bind_web_address = bind_web_address
if self.bind_web_address:
self.discovery_address = "{}/discovery/".format(
self.bind_web_address)
# Only available if vc is installed!
self.jsonrpc_endpoint = "{}/jsonrpc".format(self.bind_web_address)
enable_logging = self.env.get('ENABLE_LOGGING', False)
debug_mode = self.env.get('DEBUG_MODE', False)
if not debug_mode:
debug_mode = self.env.get('DEBUG', False)
self.skip_cleanup = self.env.get('SKIP_CLEANUP', False)
if debug_mode:
self.skip_cleanup = True
enable_logging = True
self.logit("In start up platform enable_logging is {} ".format(
enable_logging))
assert self.mode in MODES, 'Invalid platform mode set: ' + str(mode)
opts = None
# see main.py for how we handle pub sub addresses.
ipc = 'ipc://{}{}/run/'.format(
'@' if sys.platform.startswith('linux') else '',
self.volttron_home)
self.local_vip_address = ipc + 'vip.socket'
self.set_auth_dict(auth_dict)
self.opts = {
'verify_agents': False,
'volttron_home': self.volttron_home,
'vip_address': vip_address,
'vip_local_address': ipc + 'vip.socket',
'publish_address': ipc + 'publish',
'subscribe_address': ipc + 'subscribe',
'bind_web_address': bind_web_address,
'volttron_central_address': volttron_central_address,
'volttron_central_serverkey': volttron_central_serverkey,
'platform_name': None,
'log': os.path.join(self.volttron_home, 'volttron.log'),
'log_config': None,
'monitor': True,
'autostart': True,
'log_level': logging.DEBUG,
'verboseness': logging.DEBUG
}
pconfig = os.path.join(self.volttron_home, 'config')
config = {}
# Add platform's public key to known hosts file
publickey = self.keystore.public
known_hosts_file = os.path.join(self.volttron_home, 'known_hosts')
known_hosts = KnownHostsStore(known_hosts_file)
known_hosts.add(self.opts['vip_local_address'], publickey)
known_hosts.add(self.opts['vip_address'], publickey)
# Set up the configuration file based upon the passed parameters.
parser = configparser.ConfigParser()
parser.add_section('volttron')
parser.set('volttron', 'vip-address', vip_address)
if bind_web_address:
parser.set('volttron', 'bind-web-address', bind_web_address)
if volttron_central_address:
parser.set('volttron', 'volttron-central-address',
volttron_central_address)
if volttron_central_serverkey:
parser.set('volttron', 'volttron-central-serverkey',
volttron_central_serverkey)
if self.mode == UNRESTRICTED:
# TODO Restricted code should set with volttron as contianer
# if RESTRICTED_AVAILABLE:
# config['mobility'] = False
# config['resource-monitor'] = False
# config['verify'] = False
with closing(open(pconfig, 'wb')) as cfg:
cfg.write(PLATFORM_CONFIG_UNRESTRICTED.format(**config))
parser.write(cfg)
elif self.mode == RESTRICTED:
if not RESTRICTED_AVAILABLE:
raise ValueError("restricted is not available.")
certsdir = os.path.join(self.volttron_home, 'certificates')
print("certsdir", certsdir)
self.certsobj = certs.Certs(certsdir)
with closing(open(pconfig, 'wb')) as cfg:
cfg.write(PLATFORM_CONFIG_RESTRICTED.format(**config))
else:
raise PlatformWrapperError(
"Invalid platform mode specified: {}".format(mode))
log = os.path.join(self.volttron_home, 'volttron.log')
if enable_logging:
cmd = ['volttron', '-vv', '-l{}'.format(log)]
else:
cmd = ['volttron', '-l{}'.format(log)]
print('process environment: {}'.format(self.env))
print('popen params: {}'.format(cmd))
self.p_process = Popen(cmd,
env=self.env,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
assert self.p_process is not None
# A None value means that the process is still running.
# A negative means that the process exited with an error.
assert self.p_process.poll() is None
self.serverkey = self.keystore.public
assert self.serverkey
agent = self.build_agent()
has_control = False
times = 0
while not has_control and times < 10:
times += 1
try:
has_control = agent.vip.peerlist().get(timeout=.2)
except gevent.Timeout:
pass
if not has_control:
self.shutdown_platform()
raise "Couldn't connect to core platform!"
if bind_web_address:
times = 0
has_discovery = False
while times < 10:
times += 1
try:
resp = requests.get(self.discovery_address)
if resp.ok:
has_discovery = True
break
except Exception as e:
gevent.sleep(0.1)
self.logit("Connection error found {}".format(e))
if not has_discovery:
raise "Couldn't connect to discovery platform."
self.use_twistd = use_twistd
# TODO: Revise this to start twistd with platform.
if self.use_twistd:
tconfig = os.path.join(self.volttron_home,
TMP_SMAP_CONFIG_FILENAME)
with closing(open(tconfig, 'w')) as cfg:
cfg.write(TWISTED_CONFIG.format(**config))
tparams = [TWISTED_START, "-n", "smap", tconfig]
self.t_process = subprocess.Popen(tparams, env=self.env)
time.sleep(5)
def startup_platform(self,
vip_address,
auth_dict=None,
use_twistd=False,
mode=UNRESTRICTED,
encrypt=False,
bind_web_address=None):
# if not isinstance(vip_address, list):
# self.vip_address = [vip_address]
# else:
# self.vip_address = vip_address
self.vip_address = vip_address
self.mode = mode
self.bind_web_address = bind_web_address
enable_logging = os.environ.get('ENABLE_LOGGING', False)
debug_mode = os.environ.get('DEBUG_MODE', False)
self.skip_cleanup = os.environ.get('SKIP_CLEANUP', False)
if debug_mode:
self.skip_cleanup = True
enable_logging = True
self.logit("In start up platform enable_logging is {} ".format(
enable_logging))
assert self.mode in MODES, 'Invalid platform mode set: ' + str(mode)
opts = None
# see main.py for how we handle pub sub addresses.
ipc = 'ipc://{}{}/run/'.format(
'@' if sys.platform.startswith('linux') else '',
self.volttron_home)
self.local_vip_address = ipc + 'vip.socket'
if not encrypt:
# Remove connection encryption
with open(os.path.join(self.volttron_home, 'curve.key'), 'w'):
pass
self.set_auth_dict(auth_dict)
self.opts = {
'verify_agents': False,
'volttron_home': self.volttron_home,
'vip_address': vip_address,
'vip_local_address': ipc + 'vip.socket',
'publish_address': ipc + 'publish',
'subscribe_address': ipc + 'subscribe',
'bind_web_address': bind_web_address,
'developer_mode': not encrypt,
'log': os.path.join(self.volttron_home, 'volttron.log'),
'log_config': None,
'monitor': True,
'autostart': True,
'log_level': logging.DEBUG,
'verboseness': logging.DEBUG
}
pconfig = os.path.join(self.volttron_home, 'config')
config = {}
parser = configparser.ConfigParser()
parser.add_section('volttron')
parser.set('volttron', 'vip-address', vip_address)
if bind_web_address:
parser.set('volttron', 'bind-web-address', bind_web_address)
if self.mode == UNRESTRICTED:
if RESTRICTED_AVAILABLE:
config['mobility'] = False
config['resource-monitor'] = False
config['verify'] = False
with closing(open(pconfig, 'wb')) as cfg:
cfg.write(PLATFORM_CONFIG_UNRESTRICTED.format(**config))
parser.write(cfg)
elif self.mode == RESTRICTED:
if not RESTRICTED_AVAILABLE:
raise ValueError("restricted is not available.")
certsdir = os.path.join(
os.path.expanduser(self.env['VOLTTRON_HOME']), 'certificates')
print("certsdir", certsdir)
self.certsobj = certs.Certs(certsdir)
with closing(open(pconfig, 'wb')) as cfg:
cfg.write(PLATFORM_CONFIG_RESTRICTED.format(**config))
opts = type(
'Options', (), {
'resource-monitor': False,
'verify_agents': True,
'volttron_home': self.volttron_home
})()
else:
raise PlatformWrapperError(
"Invalid platform mode specified: {}".format(mode))
log = os.path.join(self.env['VOLTTRON_HOME'], 'volttron.log')
if enable_logging:
cmd = ['volttron', '-vv', '-l{}'.format(log)]
else:
cmd = ['volttron', '-l{}'.format(log)]
if self.opts['developer_mode']:
cmd.append('--developer-mode')
self._p_process = Popen(cmd,
env=self.env,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
assert self._p_process is not None
# A None value means that the process is still running.
# A negative means that the process exited with an error.
assert self._p_process.poll() is None
# # make sure we don't return too quickly.
gevent.sleep(0.2)
#os.environ['VOLTTRON_HOME'] = self.opts['volttron_home']
#self._p_process = Process(target=start_volttron_process, args=(self.opts,))
#self._p_process.daemon = True
#self._p_process.start()
gevent.sleep(0.2)
self.use_twistd = use_twistd
#TODO: Revise this to start twistd with platform.
if self.use_twistd:
tconfig = os.path.join(self.volttron_home,
TMP_SMAP_CONFIG_FILENAME)
with closing(open(tconfig, 'w')) as cfg:
cfg.write(TWISTED_CONFIG.format(**config))
tparams = [TWISTED_START, "-n", "smap", tconfig]
self._t_process = subprocess.Popen(tparams, env=self.env)
time.sleep(5)