def init(): """Initializes all required variable for the tracer.""" global jrds_client, jrds_cert_path, jrds_key_path, jrds_base_uri, subscription_id, \ account_id, machine_id, hybrid_worker_group_name, worker_version, sandbox_id # Create the http client http_client_factory = HttpClientFactory(configuration.get_jrds_cert_path(), configuration.get_jrds_key_path(), configuration.get_verify_certificates()) http_client = http_client_factory.create_http_client(sys.version_info) jrds_client = JRDSClient(http_client) # Populate global configuration values jrds_cert_path = configuration.get_jrds_cert_path() jrds_key_path = configuration.get_jrds_key_path() jrds_base_uri = configuration.get_jrds_base_uri() subscription_id = "00000000-0000-0000-0000-000000000000" # temporary place holder account_id = configuration.get_account_id() machine_id = configuration.get_machine_id() hybrid_worker_group_name = configuration.get_hybrid_worker_name() worker_version = configuration.get_worker_version() sandbox_id = None try: sandbox_id = os.environ["sandbox_id"] except KeyError: pass # initialize the loggers for for all components except runbook if configuration.get_component() != "runbook": locallogger.init_logger()
def init(): """Initializes all required variable for the tracer.""" global jrds_client, jrds_cert_path, jrds_key_path, jrds_base_uri, subscription_id, \ account_id, machine_id, hybrid_worker_group_name, worker_version, activity_id, sandbox_id # Create the http client http_client_factory = HttpClientFactory( configuration.get_jrds_cert_path(), configuration.get_jrds_key_path(), configuration.get_verify_certificates()) http_client = http_client_factory.create_http_client(sys.version_info) jrds_client = JRDSClient(http_client) # Populate global configuration values jrds_cert_path = configuration.get_jrds_cert_path() jrds_key_path = configuration.get_jrds_key_path() jrds_base_uri = configuration.get_jrds_base_uri() subscription_id = "00000000-0000-0000-0000-000000000000" # temporary place holder account_id = configuration.get_account_id() machine_id = configuration.get_machine_id() hybrid_worker_group_name = configuration.get_hybrid_worker_name() worker_version = configuration.get_worker_version() sandbox_id = None try: sandbox_id = os.environ["sandbox_id"] except KeyError: pass # initialize the loggers for for all components except runbook if configuration.get_component() != "runbook": init_logger()
def validate_and_setup_path(): # default to user dir for exception logs to be writen to disk test_file_name = "test_file" # test certificate and key path if not os.path.isfile(configuration.get_jrds_cert_path()) or not os.path.isfile(configuration.get_jrds_key_path()): exit_on_error("Invalid certificate of key file path (absolute path is required).") # test working dirextory for existance and permissions if not os.path.exists(configuration.get_working_directory_path()): exit_on_error("Invalid working directory path (absolute path is required).") file_creation = test_file_creation(os.path.join(configuration.get_working_directory_path(), test_file_name)) if file_creation is False: exit_on_error("Invalid working directory permission (read/write permissions are required).") # test keyring paths keyring_path = configuration.get_gpg_public_keyring_path() if keyring_path != configuration.DEFAULT_GPG_PUBLIC_KEYRING_PATH and not os.path.isfile(keyring_path): exit_on_error("Invalid gpg public keyring path (absolute path is required).") # test state file path if configuration.get_state_directory_path() != configuration.DEFAULT_STATE_DIRECTORY_PATH: if not os.path.exists(configuration.get_state_directory_path()): exit_on_error("Invalid state directory path (absolute path is required).") file_creation = test_file_creation(os.path.join(configuration.get_state_directory_path(), test_file_name)) if file_creation is False: exit_on_error("Invalid state directory permission (read/write permissions are required).")
def routine(self): # die if pre-reqs are not met if os.path.exists(configuration.get_jrds_cert_path()) is False or \ os.path.exists(configuration.get_jrds_key_path()) is False or \ os.path.exists(configuration.get_worker_configuration_file_path()) is False: raise SystemExit() # clean up finished jobs self.stop_tracking_terminated_jobs() # get job actions try: job_actions = self.jrds_client.get_job_actions(self.sandbox_id) except JrdsSandboxTerminated: tracer.log_sandbox_jrds_closure_request() global routine_loop routine_loop = False return for job_action in job_actions: job_id = job_action["JobId"] job_data = self.jrds_client.get_job_data(job_id) job_pending_action = job_data.pending_action job_status = job_data.job_status # issue pending action if job_pending_action == pendingactions.ACTIVATE_ENUM_INDEX or \ (job_pending_action is None and job_status == jobstatus.ACTIVATING_ENUM_INDEX) or \ (job_pending_action is None and job_status == jobstatus.RUNNING_ENUM_INDEX): tracer.log_sandbox_pending_action_activate_detected( job_id, job_status, job_pending_action) # check if the specified job is already running to prevent duplicate if job_id in job_map: continue # create and start the new job job_message_queue = Queue() job_thread_exception_queue = Queue() job = Job(self.sandbox_id, job_id, job_message_queue, self.jrds_client, job_thread_exception_queue) job_map[job_id] = (job, job_message_queue, job_thread_exception_queue) tracer.log_sandbox_started_tracking_job(job_id) job.start() elif job_pending_action == pendingactions.STOP_ENUM_INDEX: tracer.log_sandbox_pending_action_stop_detected( job_id, job_status, job_pending_action) # check if the specified job is already running before issuing pending action if job_id not in job_map: continue # propagate pending action to job thread job_map[job_id][1].put(job_pending_action) elif job_pending_action is None: tracer.log_sandbox_no_pending_action_detected( job_id, job_status) else: tracer.log_sandbox_unsupported_pending_action_detected( job_id, job_status, job_pending_action)
def __init__(self): self.sandbox_id = os.environ["sandbox_id"] tracer.log_sandbox_starting(self.sandbox_id, os.getpid()) http_client_factory = HttpClientFactory( configuration.get_jrds_cert_path(), configuration.get_jrds_key_path()) http_client = http_client_factory.create_http_client( sys.version_info, configuration.get_verify_certificates()) self.jrds_client = JRDSClient(http_client)
def __init__(self): tracer.log_worker_starting(configuration.get_worker_version()) http_client_factory = HttpClientFactory( configuration.get_jrds_cert_path(), configuration.get_jrds_key_path()) http_client = http_client_factory.create_http_client( sys.version_info, configuration.get_verify_certificates()) self.jrds_client = JRDSClient(http_client) self.running_sandboxes = {}
def __init__(self): self.sandbox_id = os.environ["sandbox_id"] tracer.log_sandbox_starting(sandbox_id=self.sandbox_id, pid=os.getpid(), worker_type=configuration.get_worker_type()) tracer.log_sandbox_configuration(sandbox_id=self.sandbox_id, enforce_runbook_signature_validation=configuration.get_enforce_runbook_signature_validation(), gpg_public_keyring_paths=configuration.get_gpg_public_keyrings_path(), working_directory=os.getcwd()) http_client_factory = HttpClientFactory(configuration.get_jrds_cert_path(), configuration.get_jrds_key_path(), configuration.get_verify_certificates()) http_client = http_client_factory.create_http_client(sys.version_info) self.jrds_client = JRDSClient(http_client)
def assert_environment_prerequisite(): jrds_cert_path = configuration.get_jrds_cert_path() if util.assert_file_read_permission(jrds_cert_path) is False: raise InvalidFilePermissionException(jrds_cert_path) jrds_key_path = configuration.get_jrds_key_path() if util.assert_file_read_permission(jrds_key_path) is False: raise InvalidFilePermissionException(jrds_key_path) worker_conf_path = configuration.get_worker_configuration_file_path() if util.assert_file_read_permission(worker_conf_path) is False: raise InvalidFilePermissionException(worker_conf_path) proxy_conf_path = configuration.get_proxy_configuration_path() if proxy_conf_path != configuration.DEFAULT_PROXY_CONFIGURATION_PATH and os.path.isfile(proxy_conf_path): if util.assert_file_read_permission(proxy_conf_path) is False: raise InvalidFilePermissionException(proxy_conf_path)
def validate_and_setup_path(): # default to user dir for exception logs to be writen to disk test_file_name = "test_file" # test certificate and key path if not os.path.isfile( configuration.get_jrds_cert_path()) or not os.path.isfile( configuration.get_jrds_key_path()): exit_on_error( "Invalid certificate of key file path (absolute path is required)." ) # test working dirextory for existance and permissions if not os.path.exists(configuration.get_working_directory_path()): exit_on_error( "Invalid working directory path (absolute path is required).") file_creation = test_file_creation( os.path.join(configuration.get_working_directory_path(), test_file_name)) if file_creation is False: exit_on_error( "Invalid working directory permission (read/write permissions are required)." ) # test keyring paths keyring_path = configuration.get_gpg_public_keyring_path() if keyring_path != configuration.DEFAULT_GPG_PUBLIC_KEYRING_PATH and not os.path.isfile( keyring_path): exit_on_error( "Invalid gpg public keyring path (absolute path is required).") # test state file path if configuration.get_state_directory_path( ) != configuration.DEFAULT_STATE_DIRECTORY_PATH: if not os.path.exists(configuration.get_state_directory_path()): exit_on_error( "Invalid state directory path (absolute path is required).") file_creation = test_file_creation( os.path.join(configuration.get_state_directory_path(), test_file_name)) if file_creation is False: exit_on_error( "Invalid state directory permission (read/write permissions are required)." )
def init(): """Initializes all required variable for the tracer.""" global default_logger, sandbox_stdout, jrds_client, jrds_cert_path, jrds_key_path, jrds_base_uri, subscription_id, \ account_id, machine_id, hybrid_worker_group_name, worker_version, activity_id, sandbox_id # Create the http client http_client_factory = HttpClientFactory( configuration.get_jrds_cert_path(), configuration.get_jrds_key_path(), configuration.get_verify_certificates()) http_client = http_client_factory.create_http_client(sys.version_info) jrds_client = JRDSClient(http_client) # Populate global configuration values jrds_cert_path = configuration.get_jrds_cert_path() jrds_key_path = configuration.get_jrds_key_path() jrds_base_uri = configuration.get_jrds_base_uri() subscription_id = "00000000-0000-0000-0000-000000000000" # temporary place holder account_id = configuration.get_account_id() machine_id = configuration.get_machine_id() hybrid_worker_group_name = configuration.get_hybrid_worker_name() worker_version = configuration.get_worker_version() sandbox_id = None try: sandbox_id = os.environ["sandbox_id"] except KeyError: pass if sandbox_id is not None: log_file_name = configuration.get_component() + sandbox_id else: log_file_name = configuration.get_component() file_name = os.path.join(configuration.get_working_directory_path(), log_file_name + '.log') logging.Formatter.converter = time.gmtime # Default logger default_logger = logging.getLogger("default_logger") default_logger.setLevel(logging.INFO) # Logger for the sandbox traces coming back to worker sandbox_stdout = logging.getLogger("sandbox_stdout_logger") sandbox_stdout.setLevel(logging.INFO) # Default rotating file handler write traces with the specified format to disk. default_rf_handler = logging.handlers.RotatingFileHandler( file_name, maxBytes=10485760, backupCount=5) formatter = logging.Formatter('%(asctime)s (' + str(os.getpid()) + ')' + configuration.get_component() + ' : %(message)s', datefmt="%Y-%m-%d %H:%M:%S") default_rf_handler.setFormatter(formatter) default_logger.addHandler(default_rf_handler) # Traces coming from sandbox child process and collected by the worker are already formatted, hence no formatter # needed. worker_sandbox_rf_handler = logging.handlers.RotatingFileHandler( file_name, maxBytes=10485760, backupCount=5) sandbox_stdout.addHandler(worker_sandbox_rf_handler) # Stdout handler (Worker traces have to be formatted). log_stream = logging.StreamHandler(sys.stdout) log_stream.setFormatter(formatter) default_logger.addHandler(log_stream) # Stdout handler (traces coming from child process are already formatted). sandbox_log_stream = logging.StreamHandler(sys.stdout) sandbox_stdout.addHandler(sandbox_log_stream)
def __init__(self): tracer.log_worker_starting(configuration.get_worker_version()) http_client_factory = HttpClientFactory(configuration.get_jrds_cert_path(), configuration.get_jrds_key_path()) http_client = http_client_factory.create_http_client(sys.version_info, configuration.get_verify_certificates()) self.jrds_client = JRDSClient(http_client) self.running_sandboxes = {}
return json.loads(variable[KEY_VALUE]) def set_automation_variable(name, value): jrds_client.set_variable_asset(name, json.dumps(value), False) def get_automation_credential(name): credential = jrds_client.get_credential_asset(name) return CredentialModelV1(credential[KEY_USERNAME], credential[KEY_VALUE]) def get_automation_connection(name): connection = jrds_client.get_connection_asset(name) return connection[KEY_CONNECTION_FIELDS] class CredentialModelV1: def __init__(self, username, password): self.username = username self.password = password configuration.set_config({configuration.COMPONENT: "assets"}) json = serializerfactory.get_serializer(sys.version_info) http_client_factory = HttpClientFactory( configuration.get_jrds_cert_path(), configuration.get_jrds_key_path(), configuration.get_verify_certificates()) http_client = http_client_factory.create_http_client(sys.version_info) jrds_client = JRDSClient(http_client)
def get_automation_variable(name): variable = jrds_client.get_variable_asset(name) return json.loads(variable[KEY_VALUE]) def set_automation_variable(name, value): jrds_client.set_variable_asset(name, json.dumps(value), False) def get_automation_credential(name): credential = jrds_client.get_credential_asset(name) return {"username": credential[KEY_USERNAME], "password": credential[KEY_VALUE]} def get_automation_connection(name): connection = jrds_client.get_connection_asset(name) return connection[KEY_CONNECTION_FIELDS] def get_automation_certificate(name): certificate = jrds_client.get_certificate_asset(name) return binascii.a2b_base64(certificate[KEY_VALUE]) configuration.set_config({configuration.COMPONENT: "assets"}) json = serializerfactory.get_serializer(sys.version_info) http_client_factory = HttpClientFactory(configuration.get_jrds_cert_path(), configuration.get_jrds_key_path(), configuration.get_verify_certificates()) http_client = http_client_factory.create_http_client(sys.version_info) jrds_client = JRDSClient(http_client)
def validate_and_setup_path(): # default to user dir for exception logs to be writen to disk test_file_name = "test_file" # test certificate and key path if not os.path.isfile( configuration.get_jrds_cert_path()) or not os.path.isfile( configuration.get_jrds_key_path()): exit_on_error( "Invalid certificate of key file path (absolute path is required)." ) # test working directory for existence and permissions working_directory_path = configuration.get_working_directory_path() if not os.path.exists(working_directory_path): exit_on_error( "Invalid working directory path (absolute path is required).") file_creation = test_file_creation( os.path.join(working_directory_path, test_file_name)) if file_creation is False: exit_on_error( "Invalid working directory permission (read/write permissions are required)." ) # test keyring paths keyrings = configuration.get_gpg_public_keyrings_path() for keyring_path in keyrings: if keyring_path != configuration.DEFAULT_GPG_PUBLIC_KEYRING_PATH and not os.path.isfile( keyring_path): exit_on_error( "Invalid gpg public keyring path (absolute path is required).") # test state file path if configuration.get_state_directory_path( ) != configuration.DEFAULT_STATE_DIRECTORY_PATH: if not os.path.exists(configuration.get_state_directory_path()): exit_on_error( "Invalid state directory path (absolute path is required).") file_creation = test_file_creation( os.path.join(configuration.get_state_directory_path(), test_file_name)) if file_creation is False: exit_on_error( "Invalid state directory permission (read/write permissions are required)." ) # OMS integration # set the working directory owner to be nxautomation:omiusers if os.name.lower() != "nt": import pwd try: nxautomation_uid = int(pwd.getpwnam('nxautomation').pw_uid) if os.getuid() == nxautomation_uid: retval = subprocess.call([ "sudo", "chown", "-R", "nxautomation:omiusers", working_directory_path ]) if retval != 0: exit_on_error( "Could not change owner of working directory %s to nxautomation:omiusers" % (working_directory_path)) except KeyError: # nxautomation user was not found on the system, skip this step tracer.log_debug_trace( "Ownership change of working directory skipped. nxautomation user not found." ) pass
def __init__(self): self.sandbox_id = os.environ["sandbox_id"] tracer.log_sandbox_starting(self.sandbox_id, os.getpid()) http_client_factory = HttpClientFactory(configuration.get_jrds_cert_path(), configuration.get_jrds_key_path()) http_client = http_client_factory.create_http_client(sys.version_info, configuration.get_verify_certificates()) self.jrds_client = JRDSClient(http_client)
def init(): """Initializes all required variable for the tracer.""" global default_logger, sandbox_stdout, jrds_client, jrds_cert_path, jrds_key_path, jrds_base_uri, subscription_id,\ account_id, machine_id, hybrid_worker_group_name, worker_version, activity_id # Create the http client http_client_factory = HttpClientFactory(configuration.get_jrds_cert_path(), configuration.get_jrds_key_path()) http_client = http_client_factory.create_http_client(sys.version_info, configuration.get_verify_certificates()) jrds_client = JRDSClient(http_client) # Populate global configuration values jrds_cert_path = configuration.get_jrds_cert_path() jrds_key_path = configuration.get_jrds_key_path() jrds_base_uri = configuration.get_jrds_base_uri() subscription_id = "00000000-0000-0000-0000-000000000000" # temporary place holder account_id = configuration.get_account_id() machine_id = configuration.get_machine_id() hybrid_worker_group_name = configuration.get_hybrid_worker_name() worker_version = configuration.get_worker_version() activity_id = generate_activity_id() sandbox_id = None try: sandbox_id = os.environ["sandbox_id"] except KeyError: pass if sandbox_id is not None: log_file_name = configuration.get_component() + sandbox_id else: log_file_name = configuration.get_component() file_name = os.path.join(configuration.get_working_directory_path(), log_file_name + '.log') logging.Formatter.converter = time.gmtime # Default logger default_logger = logging.getLogger("default_logger") default_logger.setLevel(logging.INFO) # Logger for the sandbox traces coming back to worker sandbox_stdout = logging.getLogger("sandbox_stdout_logger") sandbox_stdout.setLevel(logging.INFO) # Default rotating file handler write traces with the specified format to disk. default_rf_handler = logging.handlers.RotatingFileHandler(file_name, maxBytes=10485760, backupCount=5) formatter = logging.Formatter('%(asctime)s (' + str(os.getpid()) + ')' + configuration.get_component() + ' : %(message)s', datefmt="%Y-%m-%d %H:%M:%S") default_rf_handler.setFormatter(formatter) default_logger.addHandler(default_rf_handler) # Traces coming from sandbox child process and collected by the worker are already formatted, hence no formatter # needed. worker_sandbox_rf_handler = logging.handlers.RotatingFileHandler(file_name, maxBytes=10485760, backupCount=5) sandbox_stdout.addHandler(worker_sandbox_rf_handler) # Stdout handler (Worker traces have to be formatted). log_stream = logging.StreamHandler(sys.stdout) log_stream.setFormatter(formatter) default_logger.addHandler(log_stream) # Stdout handler (traces coming from child process are already formatted). sandbox_log_stream = logging.StreamHandler(sys.stdout) sandbox_stdout.addHandler(sandbox_log_stream)