def get_asset_info(self):
"""
获取所有可连接资产信息
:return:
"""
with DBContext('r') as session:
# 只拿到登陆用到的IP Port User
server_list = session.query(Server.ip, Server.port, AdminUser.system_user,
).outerjoin(AdminUser,
AdminUser.admin_user == Server.admin_user).filter(
Server.state == 'true').all()
return server_list
def delete(self, *args, **kwargs):
data = json.loads(self.request.body.decode("utf-8"))
args_id = data.get('args_id', None)
if not args_id:
self.write(dict(status=-1, msg='ID不能为空'))
return
with DBContext('default') as session:
session.query(ArgsList).filter(
ArgsList.args_id.in_(args_id)).delete(
synchronize_session=False)
session.commit()
self.write(dict(status=0, msg='删除成功'))
def getproviderlist():
"""
Get id, key, secret
"""
provider_list = []
with DBContext('r') as se:
provider_info = se.query(DNSDomainProvider).filter(
DNSDomainProvider.pro_platform == 'godaddy',
DNSDomainProvider.pro_status == 1).all()
for provider in provider_info:
data_dict = model_to_dict(provider)
provider_list.append(data_dict)
return provider_list
def post(self, *args, **kwargs):
data = json.loads(self.request.body.decode("utf-8"))
args_name = data.get('args_name', None)
args_self = data.get('args_self', None)
if not args_name or not args_self:
self.write(dict(status=-1, msg='参数不能为空'))
return
with DBContext('readonly') as session:
args_info = session.query(ArgsList).filter(
ArgsList.args_name == args_name).first()
if args_info:
self.write(dict(status=-2, msg='名称不能重复'))
return
with DBContext('default') as session:
session.add(
ArgsList(args_name=args_name,
args_self=args_self,
creator=self.get_current_user().decode("utf-8")))
session.commit()
self.write(dict(status=0, msg='添加成功'))
def get_host_info(self):
'''获取主机信息,并写入数据库'''
id_list = self.check_server_state()
with DBContext('r') as session:
for i in id_list:
server_list = session.query(
Server.ip, Server.port, AdminUser.system_user).outerjoin(
AdminUser,
AdminUser.admin_user == Server.admin_user).filter(
Server.id == i).all()
asset_data = get_server_sysinfo(server_list)
ins_log.read_log('info', '资产信息:{}'.format(asset_data))
self.update_asset(asset_data)
def get_zabbix_configs():
"""
从数据库里面看下用户有几个监控
:return:
"""
zabbix_configs_list = []
with DBContext('w') as session:
zabbix_config_info = session.query(ZabbixConfig).all()
for data in zabbix_config_info:
data_dict = model_to_dict(data)
zabbix_configs_list.append(data_dict)
return zabbix_configs_list
def get(self, *args, **kwargs):
"""查询出标签服务关联的数据接口"""
tag_list = []
with DBContext('r') as session:
tag_services_info = session.query(ServicesTagMiddle).all()
for data in tag_services_info:
data_dict = model_to_dict(data)
tag_info = session.query(TagList).filter(TagList.id == data_dict["tag_id"]).first()
tag_name = model_to_dict(tag_info)["key"]
services_info = session.query(ServicesList).filter(ServicesList.id == data_dict["services_id"]).first()
services_name = model_to_dict(services_info)["services_name"]
tag_list.append({tag_name: services_name})
return tag_list
def exec_task22(self, flow_id):
'''
开始执行任务
0 为等审核
1 审核通过,待执行,任务接手后状态为标记为2
2 正在执行
'''
### 如果任务没有审批,则进入休眠,初始休眠时间为0秒
int_sleep, end_sleep = 1, 1
while True:
### 挂起的任务设置休眠时间
ins_log.read_log(
'info',
'The task-{0} is not ready, retry after {1} s of sleep'.format(
flow_id, int_sleep))
time.sleep(int_sleep)
int_sleep += 2
end_sleep += int_sleep
if int_sleep > 15: int_sleep = 15
with DBContext('readonly') as session:
status = session.query(Publish).filter(
Publish.id == flow_id, Publish.status == '0').first()
#status==0,那么继续循环并sleep任务,直到任务被接手
if not status: break #任务状态!=new,比如ready,那么就开始退出循环,开始执行
if end_sleep > 150: raise SystemExit('message timeout')
### 审核通过,现在开始执行,标记状态为2
with DBContext('default') as session:
session.query(Publish).filter(Publish.id == flow_id).update({
Publish.status:
'2',
Publish.start_exe_time:
datetime.now()
})
session.commit()
print('start exec....')
task = TaskPublish(flow_id)
task.task_exec()
def get_asset_server(self):
"""
获取CMDB里面所有主机
:return:
"""
server_list = []
with DBContext('r') as session:
server_info = session.query(Server).order_by(Server.id).all()
for msg in server_info:
data_dict = model_to_dict(msg)
data_dict['create_time'] = str(data_dict['create_time'])
server_list.append(data_dict)
return server_list
def update_project_budget():
with DBContext('w') as session:
data = session.query(AwsProjectBudgetControl).all()
bill_list = [model_to_dict(e) for e in data]
for i in bill_list:
session.query(AwsProjectBudgetControl) \
.filter(AwsProjectBudgetControl.userproject == i.get("userproject"),
AwsProjectBudgetControl.bill_date == i.get("bill_date")) \
.update(
{
AwsProjectBudgetControl.aws_percentage: i.get("aws_total_cost") / i.get("aws_budget_cost") if i.get("aws_budget_cost") else 0,
}
)
session.commit()
def check_group(self, gid='before'):
with DBContext('readonly') as session:
if gid == 'before':
status = session.query(TaskSched.task_status).filter(
TaskSched.list_id == self.flow_id,
TaskSched.task_group < self.group_id).all()
else:
status = session.query(TaskSched.task_status).filter(
TaskSched.list_id == self.flow_id).all()
session.commit()
for i in status:
if i[0] != '3':
return '4'
return '3'
def write_verify(self):
rrr = redis.Redis(connection_pool=self.pool)
for meth in self.method_list:
user_meth = self.user_id + meth
rrr.delete(user_meth)
with DBContext('readonly') as session:
func_list = session.query(Functions.method_type, Functions.uri
).outerjoin(RoleFunctions, Functions.func_id == RoleFunctions.func_id).outerjoin(
UserRoles, RoleFunctions.role_id == UserRoles.role_id).filter(UserRoles.user_id == self.user_id).all()
for func in func_list:
### 把权限写入redis
rrr.sadd(self.user_id + func[0], func[1])
return '权限已经写入缓存'
def put(self, *args, **kwargs):
data = json.loads(self.request.body.decode("utf-8"))
role_name = data.get('role_name', None)
role_id = data.get('role_id', None)
if not role_name:
self.write(dict(status=-1, msg='不能为空'))
return
with DBContext('default') as session:
session.query(Roles).filter(Roles.role_id == role_id).update(
{Roles.role_name: role_name})
session.commit()
self.write(dict(status=0, msg='编辑成功'))
def put(self, *args, **kwargs):
data = json.loads(self.request.body.decode("utf-8"))
args_id = data.get('args_id', None)
args_self = data.get('args_self', None)
if not args_id or not args_self:
self.write(dict(status=-1, msg='ID不能为空'))
return
with DBContext('default') as session:
session.query(ArgsList).filter(ArgsList.args_id == args_id).update(
{ArgsList.args_self: args_self})
session.commit()
self.write(dict(status=0, msg='编辑成功'))
def sync_cmdb(self):
"""
写入CMDB
:return:
"""
reids_list = self.get_uredis_all()
if not reids_list:
ins_log.read_log('error', 'Not fount reids info...')
return False
with DBContext('w') as session:
for data in reids_list:
for redis in data:
ins_log.read_log('info', '资产信息:{}'.format(redis))
try:
db_user = redis['user']
except KeyError:
db_user = '******'
db_name = redis.get('db_name')
exist_redis = session.query(DB).filter(
DB.db_code == db_name).first()
if exist_redis:
session.query(DB).filter(DB.db_code == db_name).update(
{
DB.idc: self.idc,
DB.db_host: redis.get('db_host'),
DB.db_port: redis.get('db_port'),
DB.db_user: db_user,
DB.db_region: redis.get('db_region'),
DB.db_type: redis.get('db_type'),
DB.db_version: redis.get('db_version'),
DB.state: redis.get('instance_state'),
DB.db_instance_id: redis.get('db_instance_id')
})
else:
new_db = DB(idc=self.idc,
db_code=db_name,
db_host=redis.get('db_host'),
db_port=redis.get('db_port'),
db_user=db_user,
db_region=redis.get('db_region'),
db_type=redis.get('db_type'),
db_version=redis.get('db_version'),
state=redis.get('instance_state'),
db_instance_id=redis.get('db_instance_id'))
session.add(new_db)
session.commit()
def __init__(self, flow_id, group_id):
self.flow_id = str(flow_id)
self.group_id = group_id
self.exec_method = my_settings['exec_method']
self.salt_api = my_settings['salt_api']
self.salt_username = my_settings['salt_username']
self.salt_password = my_settings['salt_password']
self.salt_timeout = my_settings['salt_timeout']
with DBContext('readonly') as session:
taskinfo = session.query(
TaskList.hosts,
TaskList.args).filter(TaskList.list_id == self.flow_id).one()
self.all_exec_ip = literal_eval(taskinfo[0]).get(self.group_id, '')
self.all_args_info = literal_eval(taskinfo[1])
def get_configs():
"""
get id / key / region info
:return:
"""
aws_configs_list = []
with DBContext('r') as session:
aws_configs_info = session.query(AssetConfigs).filter(AssetConfigs.account == 'AWS').all()
for data in aws_configs_info:
data_dict = model_to_dict(data)
data_dict['create_time'] = str(data_dict['create_time'])
data_dict['update_time'] = str(data_dict['update_time'])
aws_configs_list.append(data_dict)
return aws_configs_list
def get_system_user(self):
"""
获取所有系统用户
:return:
"""
with DBContext('r') as session:
system_user_list = []
system_user_data = session.query(SystemUser).all()
for data in system_user_data:
data_dict = model_to_dict(data)
data_dict['create_time'] = str(data_dict['create_time'])
data_dict['update_time'] = str(data_dict['update_time'])
system_user_list.append(data_dict)
return system_user_list
def change_list(self):
status_list = []
with DBContext('readonly') as session:
status = session.query(TaskSched.task_status).filter(
TaskSched.list_id == self.flow_id).all()
for s in status:
status_list.append(s[0])
if '0' in status_list:
status = '0'
if '1' in status_list:
status = '1'
if '2' in status_list:
status = '2'
if '5' in status_list and '1' not in status_list and '2' not in status_list:
status = '5'
if '4' in status_list:
status = '4'
if '3' in status_list and len(list(set(status_list))) == 1:
status = '3'
with DBContext('default') as session:
session.query(TaskList).filter(
TaskList.list_id == self.flow_id).update(
{TaskList.status: status})
session.commit()
def copy_file_and_exec(self, host):
if not self.check_file():
self.msg = '{} Not Fount'.format(self.file_name)
return False
if not isinstance(host, list):
raise ValueError()
ip = host[0][0]
port = host[0][1]
user = host[0][2]
# 这里已经推送玩publick key后就不再使用管理用户了,直接使用本机的Key登陆
with DBContext('r') as session:
cmdb_key = session.query(
SSHConfigs.id_rsa).filter(SSHConfigs.name == 'cmdb').first()
if not cmdb_key:
return False, '{}, 认证失败,cmdb key不存在'.format(ip)
else:
cmdb_key = cmdb_key[0]
cmd = 'python /tmp/sysinfo.py'
ssh_key_file = get_key_file(cmdb_key)
if ssh_key_file:
try:
# res_info,获取到的资产信息, error_info
res_info, error_info = remote_upload_file(
ip, user, ssh_key_file, cmd, self.file_path,
'/tmp/sysinfo.py', port)
if res_info:
self.msg = {
'status': True,
'data': {
ip: json.loads(res_info)
}
}
return self.msg
else:
# self.msg = '{}获取资产信息失败,错误信息:{}'.format(ip, error_info)
self.msg = {'status': False, 'data': {ip: error_info}}
return self.msg
except paramiko.ssh_exception.AuthenticationException:
# self.msg = False, '{}, 认证失败,请检查Key是否正确'.format(ip)
self.msg = {'status': False, 'data': {ip: '认证失败,请检查Key是否正确'}}
except Exception as e:
print(e)
return self.msg
def check_server_state(self):
'''查询Server状态, 新建的推送Key并更新'''
new_asset_list = []
id_list = []
with DBContext('r') as session:
# 新加的资产,state:new
new_asset = session.query(Server).filter(Server.state == self.state).all()
for msg in new_asset:
data_dict = model_to_dict(msg)
data_dict['create_time'] = str(data_dict['create_time'])
new_asset_list.append(data_dict)
for i in new_asset_list:
id_list.append(i.get('id'))
return id_list
def write_error_log(error_list):
with DBContext('w') as session:
for i in error_list:
ip = i.get('ip')
msg = i.get('msg')
error_log = '推送公钥失败, 错误信息:{}'.format(msg)
ins_log.read_log('error', error_log)
session.query(Server).filter(Server.ip == ip).update({Server.state: 'false'})
exist_ip = session.query(AssetErrorLog).filter(AssetErrorLog.ip == ip).first()
if exist_ip:
session.query(AssetErrorLog).filter(AssetErrorLog.ip == ip).update(
{AssetErrorLog.error_log: error_log})
else:
new_error_log = AssetErrorLog(ip=ip, error_log=error_log)
session.add(new_error_log)
session.commit()
def get_host_info(self):
id_list = self.check_server_state()
'''获取主机信息'''
connect_server_list = []
with DBContext('r') as session:
for i in id_list:
connect_info = session.query(
Server.ip, Server.port, AdminUser.system_user).outerjoin(
AdminUser,
AdminUser.admin_user == Server.admin_user).filter(
Server.id == i).all()
connect_server_list.append(connect_info)
print('connect_server_list--->', connect_server_list)
res_data = get_server_sysinfo(connect_server_list)
print(res_data)
return res_data
def get_configs():
"""
get id / key / region info
:return:
"""
qcloud_configs_list = []
with DBContext('r') as session:
qcloud_configs_info = session.query(AssetConfigs).filter(
AssetConfigs.account == '腾讯云', AssetConfigs.state == 'true').all()
for data in qcloud_configs_info:
data_dict = model_to_dict(data)
data_dict['create_time'] = str(data_dict['create_time'])
data_dict['update_time'] = str(data_dict['update_time'])
qcloud_configs_list.append(data_dict)
return qcloud_configs_list
def patch(self, args=None):
'''更新任务状态'''
ret = dict(status=True, msg=None, data=None)
try:
data = json.loads(self.request.body.decode("utf-8"))
status = data.get('status')
with DBContext('default') as session:
res = session.query(Publish).filter(Publish.id == args).first()
res.status = status
res.review_time = datetime.now()
session.commit()
ret['data'] = model_to_dict(res)
ret['msg'] = '任务状态更新成功'
except Exception as e:
print(e)
ret['status'] = False
if not ret['msg']: ret['msg'] = str(e)
self.write(ret)
def main():
mc = MyCryptV2()
aws_configs_list = get_configs()
if not aws_configs_list:
ins_log.write_log('error', '没有获取到AWS资产配置信息,跳过')
return False
for config in aws_configs_list:
access_id = config.get('access_id')
access_key = mc.my_decrypt(config.get('access_key')) # 解密后使用
region = config.get('region')
default_admin_user = config.get('default_admin_user')
obj = ForDangersHandler(access_id, access_key, region,
default_admin_user)
result = [i for i in obj.get_tags()]
with DBContext('w', None) as session:
session.execute('''TRUNCATE TABLE asset_tag''')
session.bulk_insert_mappings(Tag, result)
session.commit()
def get(self, *args, **kwargs):
page_size = self.get_argument('page', default=1, strip=True)
limit = self.get_argument('limit', default=200, strip=True)
limit_start = (int(page_size) - 1) * int(limit)
temp_list = []
with DBContext('readonly') as session:
count = session.query(TempList).count()
temp_info = session.query(TempList).order_by(
TempList.temp_id).offset(limit_start).limit(int(limit))
for msg in temp_info:
data_dict = model_to_dict(msg)
data_dict.pop('ctime')
data_dict.pop('utime')
temp_list.append(data_dict)
kwargs = {"data": temp_list, "code": 0, "count": count, "msg": '获取成功'}
self.write(kwargs)
def put(self, *args, **kwargs):
data = json.loads(self.request.body.decode("utf-8"))
cmd_id = data.get('cmd_id', None)
args = data.get('args', None)
forc_ip = data.get('forc_ip', None)
if not cmd_id:
self.write(dict(status=-1, msg='ID不能为空'))
return
with DBContext('default') as session:
session.query(CmdList).filter(CmdList.cmd_id == cmd_id).update({
CmdList.args:
args,
CmdList.forc_ip:
forc_ip
})
session.commit()
self.write(dict(status=0, msg='编辑成功'))
def get(self, *args, **kwargs):
resource_id = self.get_argument('resource_id',
default=None,
strip=True)
service_name = self.get_argument('service_name',
default=None,
strip=True)
this_month = datetime.now().replace(day=1,
minute=0,
hour=0,
second=0,
microsecond=0)
month = self.get_argument('month', default=None, strip=True)
if not month:
month = this_month
else:
month = datetime.strptime(month, '%Y-%m')
next_month = month + relativedelta(months=+1)
month = month.strftime("%Y-%m-01 00:00:00")
next_month = next_month.strftime("%Y-%m-01,00:00:00")
if not resource_id or not service_name:
return self.write(dict(code=-2, msg='关键参数不能为空'))
with DBContext('r', const.DEFAULT_DB_KEY) as session:
bill_data = session.query(AwsServiceBillReport) \
.filter(AwsServiceBillReport.resource_id == resource_id,
AwsServiceBillReport.service_name == service_name,
AwsServiceBillReport.bill_date >= month,
AwsServiceBillReport.bill_date < next_month,
).all()
bill_list = [model_to_dict(e) for e in bill_data]
if bill_list:
bill_list = sorted(
bill_list,
key=lambda bill_list: int(bill_list["bill_date"][8:10]))
for bill in bill_list:
bill["total_cost"] = str(
decimal.Decimal(bill['total_cost']).quantize(
decimal.Decimal('0.00000')))
# 返回数据
return self.write(
dict(code=0, msg='获取成功', count=len(bill_list), data=bill_list))
def get(self, *args, **kwargs):
user_id = 2
with DBContext('readonly') as session:
func_list = session.query(
Functions.method_type, Functions.uri).outerjoin(
RoleFunctions,
Functions.func_id == RoleFunctions.func_id).outerjoin(
UserRoles,
RoleFunctions.role_id == UserRoles.role_id).filter(
UserRoles.user_id == user_id).all()
for func in func_list:
print(str(user_id) + func[0], func[1])
data = {func[1]: func[0]}
kargs = {
"data": data,
"status": 0,
}
self.write(kargs)
