def connection_factory(request, user, host, ssh_priv_key):
host, port = config_host(host)
connect_kwargs = {
"password": "",
"banner_timeout": 60,
"auth_timeout": 60,
"look_for_keys": False,
"allow_agent": False,
}
if ssh_priv_key != "":
connect_kwargs["key_filename"] = ssh_priv_key
conn = Connection(
host=host,
user=user,
port=port,
connect_timeout=60,
connect_kwargs=connect_kwargs,
)
conn.client.set_missing_host_key_policy(WarningPolicy())
def fin():
conn.close()
request.addfinalizer(fin)
return conn
def _create_connection(self, ip_address):
self._sshclient.set_missing_host_key_policy(WarningPolicy())
self._sshclient.connect(
ip_address,
username=self._ssh_config.username,
key_filename=self._ssh_config.private_key_file_path
)
def comment(review_number, patchset_version, comment):
"""
Comment a review.
"""
connection_options = {}
connection_options['port'] = settings.GERRIT_PORT
connection_options['username'] = settings.GERRIT_USERNAME
connection_options['hostname'] = settings.GERRIT_HOSTNAME
connection_options['key_filename'] = settings.GERRIT_SSH_KEY_FILENAME
try:
client = paramiko.SSHClient()
client.load_system_host_keys()
client.set_missing_host_key_policy(WarningPolicy())
client.connect(hostname=connection_options['hostname'],
username=connection_options['username'],
port=connection_options['port'],
key_filename=connection_options['key_filename'],
look_for_keys=True,
timeout=5000)
client.get_transport().set_keepalive(60)
_, _, _ = client.exec_command(
'gerrit review --message "%s" %s,%s' %
(comment, review_number, patchset_version)) # noqa
except Exception as e:
LOG.exception('gerrit error: %s' % str(e))
finally:
client.close()
def open(self):
self._client = SSHClient()
self._client.load_system_host_keys()
self._client.set_missing_host_key_policy(WarningPolicy())
print(f'Connecting to {self.username}@{self.hostname}')
self._client.connect(hostname=self.hostname, username=self.username)
self._transport = self._client.get_transport()
def download(self, sftp_action, remote_file, local_file, callback=None):
"""Download a file from a SFTP server."""
with SSHClient() as ssh:
ssh.set_missing_host_key_policy(WarningPolicy())
ssh.connect(sftp_action.host,
port=sftp_action.port,
username=sftp_action.sftp_username,
password=sftp_action.sftp_password)
with ssh.open_sftp() as sftp:
sftp.get(remote_file, local_file, callback)
def _create_connection(self, ip_address):
self._ssh_tunnel = self._get_ssh_tunnel(
self._ssh_config,
ip_address
)
self._sshclient.set_missing_host_key_policy(WarningPolicy())
self._sshclient.connect(
"localhost",
port=self._ssh_tunnel.local_bind_port,
username=self._ssh_config.username,
key_filename=self._ssh_config.private_key_file_path
)
def open(self):
self._client = SSHClient()
self._client.load_system_host_keys()
self._client.set_missing_host_key_policy(WarningPolicy())
print(f'Connecting to {self.username}@{self.hostname}')
if self.proxy_command:
print('ProxyCommand:', self.proxy_command)
sock = (paramiko.ProxyCommand(self.proxy_command)
if self.proxy_command else None)
try:
self._client.connect(hostname=self.hostname,
username=self.username, sock=sock,
key_filename=self.key_filenames)
except paramiko.ssh_exception.BadHostKeyException:
sys.exit('Connection error: bad host key')
self._transport = self._client.get_transport()
def connection(request, user, host):
host, port = config_host(host)
conn = Connection(
host=host,
user=user,
port=port,
connect_timeout=60,
connect_kwargs={"password": "", "banner_timeout": 60, "auth_timeout": 60},
)
conn.client.set_missing_host_key_policy(WarningPolicy())
def fin():
conn.close()
request.addfinalizer(fin)
return conn
def ssh_signup(user):
# TODO: configure nodes used for authentication
auth_node = next(iter(SSH.AVAILABLE_NODES))
ssh_key = TensorHiveManager().dedicated_ssh_key
test_client = SSHClient()
test_client.load_system_host_keys()
test_client.set_missing_host_key_policy(WarningPolicy())
try:
test_client.connect(auth_node, username=user['username'], pkey=ssh_key)
except AuthenticationException:
return {'msg': G['unpriviliged']}, 403
except (BadHostKeyException, SSHException, socket.error) as e:
return 'An error ocurred while authenticating: {}'.format(e), 500
finally:
test_client.close()
return do_create(user)
def run(self):
while self._running:
LOG.debug('%s: running %s' % (self.getName(), self._running))
client = paramiko.SSHClient()
client.load_system_host_keys()
client.set_missing_host_key_policy(WarningPolicy())
try:
client.connect(
hostname=self._connection_options['hostname'],
username=self._connection_options['username'],
port=self._connection_options['port'],
key_filename=self.
_connection_options['key_filename'], # noqa
look_for_keys=True,
timeout=5000)
client.get_transport().set_keepalive(60)
_, stdout, _ = client.exec_command(
'gerrit stream-events -s comment-added')
while self._running:
LOG.debug('%s: checking incoming data' % self.getName())
# check if there is some data in the underlying paramiko
# channel, this for the thread to not sleep on IO.
if stdout.channel.recv_ready():
event = stdout.readline()
json_event = json.loads(event)
if 'project' in json_event and json_event[
'project'] == 'dci-rhel-agent':
self._event_queue.put(json_event)
if self._running:
time.sleep(1)
LOG.debug('%s: stop running' % self.getName())
except Exception as e:
LOG.exception('gerrit error: %s' % str(e))
finally:
client.close()
if self._running:
time.sleep(2)
LOG.info('%s: terminated' % self.getName())
def _inner(ssh_env, no_cache=False, *args, **kwargs):
_rename_kwargs(ssh_env)
key = (ssh_env['hostname'],
ssh_env.get('port', 22),
ssh_env['username'])
with connect_lock:
if key not in cache or no_cache:
client = SSHClient()
client.set_missing_host_key_policy(WarningPolicy())
client.connect(**ssh_env)
if no_cache:
return f(*args, **kwargs)
proxy = NetstringMultiCtxProxy()
transport = client.get_transport()
port = transport.request_port_forward('127.0.0.1', 0,
proxy.handle)
proxy.proxy_url = 'netstring://127.0.0.1:{0}'.format(port)
cache[key] = (client, proxy)
kwargs['client'], kwargs['proxy'] = cache[key]
try:
return f(*args, **kwargs)
finally:
if no_cache:
client.close()
def vote_on_review(review_number, patchset_version, vote, job_id):
"""
Vote on a review given the review number, the patchet version and
the vote status in (-1, 0, +1). This use the Verified label.
"""
connection_options = {}
connection_options['port'] = settings.GERRIT_PORT
connection_options['username'] = settings.GERRIT_USERNAME
connection_options['hostname'] = settings.GERRIT_HOSTNAME
connection_options['key_filename'] = settings.GERRIT_SSH_KEY_FILENAME
try:
client = paramiko.SSHClient()
client.load_system_host_keys()
client.set_missing_host_key_policy(WarningPolicy())
client.connect(hostname=connection_options['hostname'],
username=connection_options['username'],
port=connection_options['port'],
key_filename=connection_options['key_filename'],
look_for_keys=True,
timeout=5000)
client.get_transport().set_keepalive(60)
job_url = "https://www.distributed-ci.io/jobs/%s" % job_id
if vote == 1:
_, _, _ = client.exec_command(
'gerrit review --message "dci-third-party success ! %s" --verified %s %s,%s'
% (job_url, vote, review_number, patchset_version)) # noqa
else:
_, _, _ = client.exec_command(
'gerrit review --message "dci-third-party failure ! %s" --verified %s %s,%s'
% (job_url, vote, review_number, patchset_version)) # noqa
except Exception as e:
LOG.exception('gerrit error: %s' % str(e))
finally:
client.close()
def start_server_over_ssh(self):
try:
client = SSHClient()
client.load_system_host_keys()
client.set_missing_host_key_policy(WarningPolicy())
client.connect(
self.ssh_host,
port=self.ssh_port,
username=self.ssh_user,
password=self.text,
)
transport = client.get_transport()
ip, _ = transport.getpeername()
if ip:
self.update_ip_linedt_signal.emit(ip)
logger.info(f"IP for {self.ssh_host} detected as {ip}.")
ws_name = self.run_config["workspace_name"]
server_port = self.run_config["server_port"]
# TODO Check if the server port is already in use
logger.info(
f"Checking if server port: {server_port} at ip: {ip} is already in use."
)
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
result = sock.connect_ex((ip, int(server_port)))
if result == 0:
logger.error(f"Port {server_port} is already open.")
self.button_message_signal.emit([
f"Port: {server_port} at ip: {ip} is already in use!",
"maroon", 3
])
self.error_signal.emit()
sock.close()
client.close()
return
else:
logger.info(f"Port {server_port} is not open.")
sock.close()
cuda_command = "module load cuda/10.1\n"
command = (
"/dls_sw/apps/SuRVoS2/s2_conda/bin/python -u "
"/dls/science/groups/das/SuRVoS/s2/s2_dec/SuRVoS2/survos.py "
f"start_server {ws_name} {server_port} > {date.today()}_survos2.log &\n"
)
logger.info(f"Running command on remote machine: {command}")
session = transport.open_session()
session.setblocking(0) # Set to non-blocking mode
session.get_pty()
session.invoke_shell()
# Send commands
session.send(cuda_command)
session.send(command)
# Loop for 15 seconds
self.button_message_signal.emit([
f"Starting server on {self.ssh_host}. Please Wait!", "navy", 14
])
start = time.time()
while time.time() - start < 15:
if session.recv_ready():
data = session.recv(512)
print(data.decode(), flush=True)
time.sleep(1) # Yield CPU so we don't take up 100% usage...
self.finished.emit()
except AuthenticationException:
logger.error("SSH Authentication failed!")
self.button_message_signal.emit(
["Incorrect Password!", "maroon", 3])
self.error_signal.emit()
def run_agent_on_jumpbox(jumpbox_ip, event_parsed):
def _download_patchset(client, event):
review_number = event['review_number']
patchset_version = event['patchset_version']
LOG.debug('fetch patchset %s,%s' % (review_number, patchset_version))
command = 'cd /home/dci/dci-rhel-agent; git fetch "https://softwarefactory-project.io/r/dci-rhel-agent" %s && git checkout FETCH_HEAD' % (
event['patchset_ref'])
rc, stdout, stderr = exec_remote_command(client, command)
if rc != 0:
LOG.error(
'fail to download the patchset from the jumphost: stdout: %s, stderr: %s'
% (stdout.readlines(), stderr.readlines()))
def _install_rpm_review(client, rpm_url):
LOG.debug('install rpm of the review: %s' % rpm_url)
rpm_name = rpm_url.split('/')[-1]
command = 'wget %s -O /tmp/%s' % (rpm_url, rpm_name)
LOG.debug(command)
rc, stdout, stderr = exec_remote_command(client, command)
if rc != 0:
LOG.error(
'fail to download the rpm from the jumphost: stdout: %s, stderr: %s'
% (stdout.readlines(), stderr.readlines()))
command = 'sudo rpm -i --force /tmp/%s' % rpm_name
LOG.debug(command)
rc, stdout, stderr = exec_remote_command(client, command)
if rc != 0:
LOG.error(
'fail to install the rpm in the the jumphost: stdout: %s, stderr: %s'
% (stdout.readlines(), stderr.readlines()))
def _build_container(client):
LOG.debug('build the container locally')
command = 'cd /home/dci/dci-rhel-agent; sudo dci-rhel-agent-ctl --build'
LOG.debug(command)
rc, stdout, stderr = exec_remote_command(client, command)
if rc != 0:
LOG.error(
'fail to build the container in the jumphost: stdout: %s, stderr: %s'
% (stdout.readlines(), stderr.readlines()))
def _run_agent(client):
LOG.debug('start the agent')
command = 'cd /home/dci/dci-rhel-agent; sudo dci-rhel-agent-ctl --start --url localhost/dci-rhel-agent:latest --local --skip-download'
LOG.debug(command)
rc, stdout, stderr = exec_remote_command(client, command)
if rc != 0:
LOG.error('agent failed: stdout: %s, stderr: %s' %
(stdout.readlines(), stderr.readlines()))
return rc, None
job_output = str(stdout.read())
job_id = re.search(
'\"job_id\": \"(\w{8}-\w{4}-\w{4}-\w{4}-\w{12})\".*', job_output,
re.IGNORECASE)
job_id_str = 'job_not_found'
if len(job_id.groups(0)) > 0:
job_id_str = job_id.groups(0)[0]
return rc, job_id_str
client = paramiko.SSHClient()
client.load_system_host_keys()
client.set_missing_host_key_policy(WarningPolicy())
client.connect(hostname=jumpbox_ip,
username='******',
key_filename=settings.HOST_SSH_KEY_FILENAME,
look_for_keys=True,
timeout=5000)
client.get_transport().set_keepalive(60)
_download_patchset(client, event_parsed)
_install_rpm_review(client, event_parsed['rpm_url'])
_build_container(client)
return _run_agent(client)
from paramiko.client import AutoAddPolicy, WarningPolicy, RejectPolicy, SSHClient client = SSHClient() client.set_missing_host_key_policy(AutoAddPolicy) # bad client.set_missing_host_key_policy(RejectPolicy) # good client.set_missing_host_key_policy(WarningPolicy) # bad # Using instances client.set_missing_host_key_policy(AutoAddPolicy()) # bad client.set_missing_host_key_policy(RejectPolicy()) # good client.set_missing_host_key_policy(WarningPolicy()) # bad
