# For securely passing the actions list via the browser from itsdangerous import JSONWebSignatureSerializer workflow = CortexWorkflow(__name__, check_config={ 'PROVIDERS': list, 'DEFAULT_PROVIDER': str, 'ENVS': list, 'DEFAULT_ENV': str, 'KEY_SIZES': list, 'DEFAULT_KEY_SIZE': int, 'LENGTHS': list, 'DEFAULT_LENGTH': int, 'NLBS': list, 'ACME_SERVERS': list, 'NLB_INTERMEDIATE_CN_FILES': dict, 'NLB_INTERMEDIATE_CN_OCSP_STAPLING_PARAMS': dict, 'CLIENT_SSL_PROFILE_PREFIX': str, 'CLIENT_SSL_PROFILE_SUFFIX': str, 'CERT_SELF_SIGNED_C': str, 'CERT_SELF_SIGNED_ST': str, 'CERT_SELF_SIGNED_L': str, 'CERT_SELF_SIGNED_O': str, 'CERT_SELF_SIGNED_OU': str, 'ACME_DNS_VIEW': str, 'DNS_WAIT_TIME': int, 'CERT_CACHE_TIME': int, 'EXTERNAL_DNS_SERVER_IP': str }) workflow.add_permission('certmgr.create', 'Create SSL Certificate') # FQDN regex
from flask import abort, flash, redirect, request, session, url_for import cortex.lib.core from cortex.lib.systems import get_systems from cortex.lib.user import (does_user_have_any_system_permission, does_user_have_system_permission, does_user_have_workflow_permission) from cortex.lib.workflow import CortexWorkflow workflow = CortexWorkflow(__name__, check_config={}) workflow.add_permission('systems.all.snapshot', 'Create VMware Snapshots on any system') workflow.add_system_permission('snapshot', 'Create a VMware snapshot for this system') def snapshot_create_permission_callback(): return does_user_have_workflow_permission( 'systems.all.snapshot') or does_user_have_any_system_permission( 'snapshot') @workflow.action('system', title='Snapshot', desc='Take a VMware snapshot of this system', system_permission='snapshot', permission='systems.all.snapshot', require_vm=True, methods=['GET', 'POST']) def snapshot_system(target_id):
#!/usr/bin/python from cortex import app from cortex.lib.workflow import CortexWorkflow, raise_if_workflows_locked import cortex.lib.core import cortex.lib.classes import cortex.views from flask import Flask, request, session, redirect, url_for, flash, g, abort, render_template import MySQLdb as mysql import json workflow = CortexWorkflow(__name__) workflow.add_permission('newserver', 'Create System Record') @workflow.route("create", title='Create System Record', order=30, permission="newserver", methods=['GET', 'POST']) def allocateserver(): # Don't go any further if workflows are currently locked raise_if_workflows_locked() # Get the list of enabled classes classes = cortex.lib.classes.list(hide_disabled=True) # Extract the classes the have servers in (so hide storage and switches, for example) server_classes = [c for c in classes if c['cmdb_type'] == "cmdb_ci_server"] # Get the list of environments
#!/usr/bin/python from cortex import app from cortex.lib.workflow import CortexWorkflow import cortex.lib.core import cortex.lib.systems from cortex.corpus import Corpus from flask import Flask, request, session, redirect, url_for, flash, g, abort, render_template from pyVmomi import vim from itsdangerous import JSONWebSignatureSerializer import requests workflow = CortexWorkflow(__name__) workflow.add_permission('systems.all.decom', 'Decommission any system') workflow.add_system_permission('decom', 'Decommission system') @workflow.action("prepare", title='Decommission', desc="Begins the process of decommissioning this system", system_permission="decom", permission="systems.all.decom") def decom_step1(id): system = cortex.lib.systems.get_system_by_id(id) if system is None: abort(404) return workflow.render_template("step1.html", system=system, title="Decommission system")
import re import string from flask import flash, g, redirect, request, session, url_for import cortex.lib.core from cortex import app from cortex.lib.user import does_user_have_permission from cortex.lib.workflow import CortexWorkflow workflow = CortexWorkflow(__name__) workflow.add_permission("puppet.environments.create", "Create Puppet Environments") ENVIRONMENT_NAME_REGEX = re.compile(r"\A[a-z0-9_]+\Z") ENVIRONMENT_TYPES = { 0: "Infrastructure", # Common / Legacy environments (static) 1: "Service", # Per-Service Puppet environment 2: "Dynamic" # Dynamic environment for testing } @workflow.route("environment/create", title="Create Puppet Environment", order=50, permission="puppet.environment.create", methods=["GET", "POST"]) def puppet_environment_create(): """Create a new Puppet environment""" can_create_all = does_user_have_permission(
#!/usr/bin/python from cortex import app from cortex.lib.workflow import CortexWorkflow import cortex.lib.core import cortex.lib.classes import cortex.views from flask import Flask, request, session, redirect, url_for, flash, g, abort, render_template workflow = CortexWorkflow(__name__) workflow.add_permission('newserver', 'Create system record') @workflow.route("create",title='Create system record', order=30, permission="newserver", methods=['GET', 'POST']) def allocateserver(): # Get the list of enabled classes classes = cortex.lib.classes.list(hide_disabled=True) # Extract the classes the have servers in (so hide storage and switches, for example) server_classes = [c for c in classes if c['cmdb_type'] == "cmdb_ci_server"] # Get the list of environments environments = cortex.lib.core.get_cmdb_environments() # Get the list of networks networks = workflow.config['NETWORKS'] # Get the list of operating systems oses = workflow.config['OPERATING_SYSTEMS'] # Get the list of domains
#!/usr/bin/python from cortex import app from cortex.lib.workflow import CortexWorkflow import cortex.lib.core import datetime from flask import Flask, request, session, redirect, url_for, flash, g, abort workflow = CortexWorkflow(__name__) workflow.add_permission('buildvm.sandbox', 'Create Sandbox VM') workflow.add_permission('buildvm.standard', 'Create Standard VM') ################################################################################ ## Sandbox VM Workflow view handler @workflow.route("sandbox",title='Create Sandbox VM', order=20, permission="buildvm.sandbox", methods=['GET', 'POST']) def sandbox(): # Get the list of clusters clusters = cortex.lib.core.vmware_list_clusters("srv01197") # Get the list of environments environments = cortex.lib.core.get_cmdb_environments() if request.method == 'GET': ## Show form return workflow.render_template("sandbox.html", clusters=clusters, environments=environments, title="Create Sandbox Virtual Machine", default_env='dev', default_cluster='CHARTREUSE', os_names=workflow.config['SB_OS_DISP_NAMES'], os_order=workflow.config['SB_OS_ORDER']) elif request.method == 'POST': # Ensure we have all parameters that we require if 'sockets' not in request.form or 'cores' not in request.form or 'ram' not in request.form or 'disk' not in request.form or 'template' not in request.form or 'environment' not in request.form: flash('You must select options for all questions before creating', 'alert-danger') return redirect(url_for('sandbox'))
#!/usr/bin/env python import datetime from flask import abort, flash, redirect, request, session, url_for import cortex.lib.admin import cortex.lib.core from cortex import app from cortex.lib.user import get_user_list_from_cache from cortex.lib.workflow import CortexWorkflow workflow = CortexWorkflow(__name__) workflow.add_permission("buildvm.sandbox", "Create Sandbox VM") workflow.add_permission("buildvm.standard", "Create Standard VM") ################################################################################ ## Common data validation / form extraction def validate_data(r, templates, envs): # Get the VM Specs Config from the DB. try: vm_spec_config_json = cortex.lib.admin.get_kv_setting( "vm.specs.config", load_as_json=True) except ValueError: flash("Could not parse JSON from the database.", "alert-danger") vm_spec_config_json = {} # Pull data out of request
from flask import abort, flash, redirect, request, session, url_for import cortex.lib.core from cortex.lib.systems import get_system_by_id, get_systems from cortex.lib.user import (does_user_have_any_system_permission, does_user_have_system_permission, does_user_have_workflow_permission) from cortex.lib.workflow import CortexWorkflow workflow = CortexWorkflow(__name__, check_config={}) workflow.add_permission("systems.all.adddisk", "Add a virtual disk in VMware on any system") workflow.add_system_permission("adddisk", "Add a virtual disk in VMware to this system") # Define some disk limits (GiB) MIN_DISK_SIZE = 10 MAX_DISK_SIZE = 2000 def adddisk_create_permission_callback(): return does_user_have_workflow_permission("systems.all.adddisk") or does_user_have_any_system_permission("adddisk") @workflow.action("system", title="Add VMware Disk", desc="Add a virtual disk in VMware to this system", system_permission="adddisk", permission="systems.all.adddisk", require_vm=True, methods=["GET", "POST"]) def adddisk_system(target_id): return redirect(url_for("adddisk_add", system=target_id)) @workflow.route("add", title="Add VMware Disk", order=50, permission=adddisk_create_permission_callback, methods=["GET", "POST"]) def adddisk_add(): selected_system = None systems = None
#!/usr/bin/env python from cortex import app from cortex.lib.workflow import CortexWorkflow, raise_if_workflows_locked from cortex.lib.user import get_user_list_from_cache import cortex.lib.core import cortex.lib.admin import datetime from flask import Flask, request, session, redirect, url_for, flash, g, abort import MySQLdb as mysql import re import json from cortex.corpus import Corpus workflow = CortexWorkflow(__name__) workflow.add_permission('buildvm.sandbox', 'Create Sandbox VM') workflow.add_permission('buildvm.standard', 'Create Standard VM') ################################################################################ ## Sandbox VM Workflow view handler @workflow.route("sandbox", title='Create Sandbox VM', order=20, permission="buildvm.sandbox", methods=['GET', 'POST']) def sandbox(): # Don't go any further if workflows are currently locked raise_if_workflows_locked()
#!/usr/bin/python import cortex.lib.core from cortex.lib.workflow import CortexWorkflow, raise_if_workflows_locked from cortex.lib.systems import get_systems from cortex.lib.user import does_user_have_workflow_permission, does_user_have_system_permission, does_user_have_any_system_permission from flask import request, session, redirect, url_for, abort, flash, g from datetime import datetime import json workflow = CortexWorkflow(__name__, check_config={}) workflow.add_permission('systems.all.snapshot', 'Create VMware Snapshots on any system') workflow.add_permission( 'systems.snapshot', 'Access the VMware Snapshot form; requires permission on individual systems to snapshot them.' ) workflow.add_system_permission('snapshot', 'Create a VMware snapshot for this system') @workflow.action('system', title='Snapshot', desc='Take a VMware snapshot of this system', system_permission='snapshot', permission='systems.all.snapshot', methods=['GET', 'POST']) def snapshot_system(id): return redirect(url_for('snapshot_create', systems=id))