def createDomain(url, user, password, project, domain, orig_project, region='eqiad1-r', ttl=120): auth = v3.Password(auth_url=url, username=user, password=password, user_domain_name='Default', project_domain_name='Default', project_id=orig_project) createSession = keystone_session.Session(auth=auth) createClient = client.Client(session=createSession, region_name=region) auth = v3.Password(auth_url=url, username=user, password=password, user_domain_name='Default', project_domain_name='Default', project_id=project) targetSession = keystone_session.Session(auth=auth) # Fixme: Once we move to a more modern version of designateclient (newton?) # we should pass sudo-project-id=wmflabsdotorg here, change createSession # to use the 'admin' project, and remove novaadmin's 'admin' role from wmflabsdotorg. targetClient = client.Client(session=targetSession, region_name=region) # Create the zone in the initial wmflabsdotorg project. This # is needed since wmflabs.org lives in that project and # designate prevents subdomain creation elsewhere. LOG.info("Creating %s" % domain) zone = createClient.zones.create(domain, email='*****@*****.**', ttl=ttl) status = 'PENDING' # Wait for the domain to actually exist before we transfer it while status == 'PENDING': zone = createClient.zones.get(domain) status = zone['status'] time.sleep(2) transferRequest = createClient.zone_transfers.create_request( domain, project) transferId = transferRequest['id'] transferKey = transferRequest['key'] targetClient.zone_transfers.accept_request(transferId, transferKey)
def get_designateclient(): session = _get_session() return designate_client.Client( session=session, region_name=CONF.service_credentials.os_region_name, endpoint_type=CONF.service_credentials.os_endpoint_type)
def _get_client(self): if self._client is not None: return self._client if (self.tenant_id is not None or self.tenant_name is not None): auth = v2_auth.Password(auth_url=self.auth_url, username=self.username, password=self.password, tenant_id=self.tenant_id, tenant_name=self.tenant_name) elif self.project_name is not None: auth = v3_auth.Password( auth_url=self.auth_url, username=self.username, password=self.password, project_name=self.project_name, project_domain_name=self.project_domain_name, user_domain_name=self.user_domain_name) else: auth = None session = ks_session.Session(auth=auth) self._client = client.Client(session=session, service_type=self.service_type) return self._client
def designateclient(request): token = request.user.token.id if keystone.get_version() < 3: tenant_id = request.user.tenant_id logwrap_info("using keystone v2.") # keystone auth object auth = v2_plugin.Token(auth_url="https://%s:5000/v2.0" % settings.OPENSTACK_HOST, tenant_id=tenant_id, token=token) else: project_id = request.user.project_id project_domain_id = request.session.get('domain_context') logwrap_info("using keystone v3.") auth = v3_plugin.Token(auth_url="https://%s:5000/v3" % settings.OPENSTACK_HOST, token=token, project_id=project_id, project_domain_id=project_domain_id) # create a session ks_session = keystone_session.Session(auth=auth) # spawn designate client object dns_client = designate_client.Client(session=ks_session) logwrap_info("Created a new DNSaaS API Client Object.") return dns_client
def deleteDomain(url, user, password, project, domain="", region='eqiad1-r', delete_all=False): auth = v3.Password(auth_url=url, username=user, password=password, user_domain_name='Default', project_domain_name='Default', project_id=project) targetSession = keystone_session.Session(auth=auth) targetClient = client.Client(session=targetSession, region_name=region) domains = targetClient.zones.list() for thisdomain in domains: if delete_all: LOG.info("Deleting %s" % thisdomain['name']) targetClient.zones.delete(thisdomain['id']) else: if thisdomain['name'] == domain: targetClient.zones.delete(thisdomain['id']) return if not delete_all: LOG.warning("Domain %s not found" % domain)
def free(network, display, limit): """Display defined PTR record for the given CIDR range.""" ds = designate_client.Client(session=get_session()) # Save the raw input of the network raw_network = network network = try_assign(ipaddress.ip_network, network, strict=False, exit=True) # Get the lead IP address to skip of the network lead_ip_address = raw_network.split('/')[0] # Break the network into /24 chunks for PTR search # if NETWORK prefix < 24 if (network.prefixlen < 24): network = network.subnets(new_prefix=24) else: network = [network] # Search the subnet for data records = [] for net in network: net_ptr, net_zone = _get_ptr_name_zone(net) records.extend(_find_free_entries(ds, net, net_zone)) _list(records, display, limit, lead_ip_address)
def get_clients(context): global _SESSION if not _SESSION: _SESSION = session.Session() auth = token_endpoint.Token(CONF.designate.url, context.auth_token) client = d_client.Client(session=_SESSION, auth=auth) admin_auth = password.Password( auth_url=CONF.designate.admin_auth_url, username=CONF.designate.admin_username, password=CONF.designate.admin_password, tenant_name=CONF.designate.admin_tenant_name, tenant_id=CONF.designate.admin_tenant_id) admin_client = d_client.Client(session=_SESSION, auth=admin_auth) return client, admin_client
def __init__(self, config_path, debug=False, log=None, region=None): """ Create a new designate client to manaage DNS `**config_path`` path to ini file with config `**log` logger object """ super(Designate, self).__init__(config_path, debug, log, region) self.client = designateclient.Client(session=self.sess, service_type=self.SERVICE_TYPE, region_name=self.region)
def designateclient(self, project=None): if not project: project = self.project if project not in self.designateclients: session = self.session(project) self.designateclients[project] = designateclient.Client( session=session, timeout=300, sudo_project_id=project, region_name=self.region) return self.designateclients[project]
def get_clients(context): global _SESSION if not _SESSION: _SESSION = loading.load_session_from_conf_options(CONF, 'designate') auth = token_endpoint.Token(CONF.designate.url, context.auth_token) client = d_client.Client(session=_SESSION, auth=auth) if CONF.designate.auth_type: admin_auth = loading.load_auth_from_conf_options(CONF, 'designate') else: admin_auth = password.Password( auth_url=CONF.designate.admin_auth_url, username=CONF.designate.admin_username, password=CONF.designate.admin_password, tenant_name=CONF.designate.admin_tenant_name, tenant_id=CONF.designate.admin_tenant_id) admin_client = d_client.Client(session=_SESSION, auth=admin_auth) return client, admin_client
def client(request): auth_url = base.url_for(request, 'identity') token_kwargs = dict( auth_url=auth_url, token=request.user.token.id, tenant_id=request.user.project_id, tenant_name=request.user.project_name, ) auth = generic.Token(**token_kwargs) session = keystone_session.Session(auth=auth) return designate.Client(session=session)
def get_clients(context): global _SESSION if not _SESSION: if CONF.designate.insecure: verify = False else: verify = CONF.designate.ca_cert or True _SESSION = session.Session(verify=verify) auth = token_endpoint.Token(CONF.designate.url, context.auth_token) client = d_client.Client(session=_SESSION, auth=auth) admin_auth = password.Password( auth_url=CONF.designate.admin_auth_url, username=CONF.designate.admin_username, password=CONF.designate.admin_password, tenant_name=CONF.designate.admin_tenant_name, tenant_id=CONF.designate.admin_tenant_id) admin_client = d_client.Client(session=_SESSION, auth=admin_auth) return client, admin_client
def get_clients(context): global _SESSION if not _SESSION: _SESSION = loading.load_session_from_conf_options(CONF, 'designate') auth = token_endpoint.Token(CONF.designate.url, context.auth_token) client = d_client.Client(session=_SESSION, auth=auth) if CONF.designate.auth_type: admin_auth = loading.load_auth_from_conf_options(CONF, 'designate') else: # TODO(tkajinam): Make this fail when admin_* parameters are removed. admin_auth = password.Password( auth_url=CONF.designate.admin_auth_url, username=CONF.designate.admin_username, password=CONF.designate.admin_password, tenant_name=CONF.designate.admin_tenant_name, tenant_id=CONF.designate.admin_tenant_id) admin_client = d_client.Client(session=_SESSION, auth=admin_auth, endpoint_override=CONF.designate.url) return client, admin_client
def create(zone, name, type, record, description, ttl, yes): """Create a new designate NAME record in the fully qualified ZONE.""" ds = designate_client.Client(session=get_session()) if type in 'A': # Validate the record IP address ip_address = try_assign(ipaddress.ip_address, record, exit=True) _create_A_and_PTR_record(ds, zone, name, ip_address, description, ttl, yes) elif type in 'CNAME': _create_CNAME_record(ds, zone, name, record, description, ttl, yes) else: click.echo("Type")
def _get_client(self): if self._client is not None: return self._client auth = v3_auth.Password( auth_url=self.auth_url, username=self.username, password=self.password, project_name=self.project_name, project_domain_name=self.project_domain_name, user_domain_name=self.user_domain_name, ) session = ks_session.Session(auth=auth) self._client = client.Client( session=session, service_type=self.service_type, region_name=self.region_name, ) return self._client
def delete(zone, name, yes): """Delete the A record and PTR reverse record.""" ds = designate_client.Client(session=get_session()) # Get the record name record_name = "%s.%s" % (name, zone) record = try_assign(ds.recordsets.get, zone, record_name, exit=True) # Delete A record if record['type'] in 'A': _show(record) if (yes or click.confirm("Are you sure you want to delete this record?", abort=True)): click.echo("Deleting A record for %s" % record_name) old_record_ip = ipaddress.ip_address(record['records'][0]) old_ptr_record_name, old_ptr_zone = \ _get_ptr_name_zone(old_record_ip) _show(ds.recordsets.delete(zone, record_name)) ptr_record = try_assign(ds.recordsets.get, old_ptr_zone, old_ptr_record_name) if ptr_record is not None: _show(ptr_record) if (yes or click.confirm("Do you want to delete PTR record?", abort=True)): print("Deleting PTR record for %s" % old_ptr_record_name) _show(ds.recordsets.delete(old_ptr_zone, old_ptr_record_name)) # Delete CNAME record elif record['type'] in 'CNAME': _show(record) if (yes or click.confirm("Are you sure you want to delete this record?", abort=True)): click.echo("Deleting CNAME record for %s" % record_name) _show(ds.recordsets.delete(zone, record_name))
logging.basicConfig(level='DEBUG') """ Example script to create or get a domain and add some records to it. """ auth = generic.Password(auth_url=shell.env('OS_AUTH_URL'), username=shell.env('OS_USERNAME'), password=shell.env('OS_PASSWORD'), project_name=shell.env('OS_PROJECT_NAME'), project_domain_id='default', user_domain_id='default') session = keystone_session.Session(auth=auth) client = client.Client(session=session) try: zone = client.zones.create('i.io.', email='*****@*****.**') except exceptions.RemoteError: zone = dict([(z['name'], z) for z in client.zones.list()])['i.io.'] print("Recordset list...") for rs in client.recordsets.list(zone['id']): print(rs) # Here's an example of just passing "www" as the record name vs "www.i.io." records = ["10.0.0.1"] rs = client.recordsets.create(zone['id'], 'www', 'A', records) # Here we're replacing the records with new ones
def get_proxy_dns_zones(): session = clients.session('wmflabsdotorg') client = designateclientv2.Client(session=session) zones = client.zones.list() return zones
def get_proxy_dns_recordsets(zone): session = clients.session('wmflabsdotorg') client = designateclientv2.Client(session=session) domains = client.recordsets.list(zone['id']) return domains
set_castellan_defaults(GCONF) else: LOG.debug("Using Tatu as key manager.") set_castellan_defaults(GCONF, api_class='tatu.castellano.TatuKeyManager') global_config_files = ['/etc/tatu/tatu.conf'] if CONF.tatu.use_pat_bastions: from dragonflow import conf as dragonflow_cfg from dragonflow.db import api_nb global_files.append('/etc/neutron/dragonflow.ini') GCONF(args=[], default_config_files=global_config_files) auth = v3.Password(auth_url=CONF.tatu.auth_url, user_id=CONF.tatu.user_id, password=CONF.tatu.password, project_id=CONF.tatu.project_id) session = keystone_session.Session(auth=auth) KEYSTONE = keystone_client.Client(session=session) NOVA = nova_client.Client('2', session=session) NEUTRON = neutron_client.Client(session=session) DESIGNATE = designate_client.Client(session=session) DRAGONFLOW = None if CONF.tatu.use_pat_bastions: dragonflow_cfg.CONF.set_override('enable_df_pub_sub', False, group='df') DRAGONFLOW = api_nb.NbApi.get_instance(False) # Create a context for use by Castellan CONTEXT = castellan_utils.credential_factory(conf=CONF)
def __init__(self, instance_id, common_config, source_config, dest_config): self.dnsdomain = common_config['dnsdomain'] self.instance_id = instance_id self.source_config = source_config self.dest_config = dest_config self.common_config = common_config source_auth = generic.Password( auth_url=self.common_config['keystone_url'], username=self.common_config['user'], password=self.common_config['password'], user_domain_name='Default', project_domain_name='Default', project_name='admin') source_session = keystone_session.Session(auth=source_auth) self.source_novaclient = novaclient.Client( '2', session=source_session, region_name=source_config['region']) self.refresh_instance() self.project_id = self.source_instance.tenant_id self.user_id = self.source_instance.user_id project_auth = generic.Password( auth_url=self.common_config['keystone_url'], username=self.common_config['user'], password=self.common_config['password'], user_domain_name='Default', project_domain_name='Default', project_name=self.project_id) project_session = keystone_session.Session(auth=project_auth) self.designateclient = designateclient.Client( session=project_session, region_name=source_config['region']) self.novaclient_projectscope = novaclient.Client( '2', session=project_session, region_name=dest_config['region']) wmflabs_auth = generic.Password( auth_url=self.common_config['keystone_url'], username=self.common_config['user'], password=self.common_config['password'], user_domain_name='Default', project_domain_name='Default', project_name='wmflabsdotorg') wmflabs_session = keystone_session.Session(auth=wmflabs_auth) self.wmflabsdesignateclient = designateclient.Client( session=wmflabs_session, region_name=source_config['region']) dest_auth = generic.Password( auth_url=self.common_config['keystone_url'], username=self.common_config['user'], password=self.common_config['password'], user_domain_name='Default', project_domain_name='Default', project_name='admin') self.dest_session = keystone_session.Session(auth=dest_auth) self.dest_novaclient = novaclient.Client( '2', session=self.dest_session, region_name=dest_config['region']) self.dest_neutronclient = neutronclient.Client( session=self.dest_session, region_name=dest_config['region']) self.dest_keystoneclient = keystoneclient.Client( session=self.dest_session, region_name=dest_config['region']) self.proxy_endpoint = self.get_proxy_endpoint(self.dest_keystoneclient, dest_config['region'])
def purge_leaks(delete=False): proxyzones = get_proxy_dns_zones() proxy_recordsets = {} for zone in proxyzones: if zone['name'] == 'wmflabs.org.': for recordset in get_proxy_dns_recordsets(zone): if recordset['records'][0] == PROXY_BACKEND_IP: proxy_recordsets[recordset['name']] = recordset allinstances = clients.allinstances(allregions=True) all_nova_ips = [] for instance in allinstances: for network in instance.addresses: all_nova_ips.append(instance.addresses[network][0]['addr']) for project in clients.allprojects(): projectzones = get_project_dns_zones(project.id) project_recordsets = {} for zone in projectzones: for recordset in get_project_dns_recordsets(project.id, zone): if recordset['records'][0] == PROXY_BACKEND_IP: project_recordsets[recordset['name']] = recordset mappings = all_mappings(project.id) projectinstances = clients.allinstances(project.id, allregions=True) all_project_ips = [] for instance in projectinstances: for network in instance.addresses: all_project_ips.append(instance.addresses[network][0]['addr']) for mapping in mappings: backend_ip = mapping['backends'][0].split(":")[1].strip('/') if backend_ip not in all_project_ips: if backend_ip not in all_nova_ips: print "%s: possible stray proxy: %s" % (project.id, mapping) if delete: delete_mapping(project.id, mapping['domain']) else: print "%s: proxy mapping outside of its project: %s" % (project.id, mapping) searchname = mapping['domain'] if not searchname.endswith('.'): searchname += '.' if searchname.count('.') > 3: print "ignoring outlier %s" % searchname # These are old leftovers in a different domain, hard to deal with automatically continue if searchname not in proxy_recordsets and searchname not in project_recordsets: print "No dns recordset found for %s" % searchname else: proxy_recordsets.pop(searchname, None) session = clients.session('wmflabsdotorg') dotorgclient = designateclientv2.Client(session=session) for domain in proxy_recordsets: if domain == 'wmflabs.org.': continue if domain == 'proxy-eqiad.wmflabs.org.': continue if domain == 'proxy-eqiad1.wmflabs.org.': continue rset = proxy_recordsets[domain] print "found record unassociated with a proxy: %s" % rset # Let's make sure there's really nothing there. url = "https://%s" % domain.rstrip('.') resp = requests.get(url, verify=False) print "%s: %s" % (resp.status_code, url) if resp.status_code != 502 and resp.status_code != 404: print " ---- We found a weird one, at %s" % url else: if delete: dotorgclient.recordsets.delete(rset['zone_id'], rset['id'])
for p in payloads: # Decode data from base64 data = base64.b64decode(p['Payload']) try: # Retrieve data from Payload data = json.loads(base64.b64decode(p['Payload'])) tenant_id = data['tenant_id'] floating_ip = data['floating_ip'] tenant_name = getTenantName(tenant_id) if tenant_name is not None: print "Modifying Tenant " + tenant_name # Set authentication of admin user for this tenant session = getAuthSession(tenant_id) client = desigClient.Client(session=session) # Get default zone of tenant zone_id = getZoneID(client, tenant_id) if zone_id is not None: print "Zone present : " + zone_id rs = client.recordsets.create(zone_id, '*', 'A', [floating_ip]) print "New IP added : " + floating_ip else: syslog.syslog( syslog.LOG_ERR, '[CONSUL_HANDLER] Zone ID not found for tenant_id: ' + tenant_id) else: print "Tenant Not Found for id : " + tenant_id
from keystoneclient.session import Session as KeystoneSession from keystoneclient.auth.identity.v3 import Password as KeystonePassword from keystoneclient.v3 import Client as KeystoneClient #from novaclient import client as novaclient from designateclient.v2 import client as designateclient def get_keystone_session(project): return KeystoneSession(auth=KeystonePassword( auth_url="http://cloudcontrol1003.wikimedia.org:5000/v3", username="******", password=open('novaobserver_password').read(), project_name=project, user_domain_name='default', project_domain_name='default')) session = get_keystone_session('admin') #nclient = novaclient.Client("2.0", session=session, region_name='eqiad1-r') #for s in nclient.servers.list(): # print(s) from designateclient.v2.base import V2Controller client = designateclient.Client(session=session) for zone in client.zones.list(): print(zone, dir(zone))
def get_project_dns_zones(project_id): session = clients.session(project_id) client = designateclientv2.Client(session=session) zones = client.zones.list() return zones
def main(): if len(sys.argv) != 6 and len(sys.argv) != 2: print( "Usgae: {} input_file [auth_url username password tenant]".format( sys.argv[0])) exit(1) if len(sys.argv) == 6: print( "Creating DNS records using record defs from {}, authurl {}, username {}, tenant {}" .format(sys.argv[1], sys.argv[2], sys.argv[3], sys.argv[5])) else: print( "Creating DNS records using record defs from {}, authurl {}, username {}, tenant {}" .format(shell.env('OS_AUTH_URL'), shell.env('OS_USERNAME'), shell.env('OS_PASSWORD'), shell.env('OS_PROJECT_NAME'))) print("Usage: {} disabled until changed".format(sys.argv[0])) exit(1) inputfilepath = sys.argv[1] auth = "" if len(sys.argv) == 2: auth = generic.Password(auth_url=shell.env('OS_AUTH_URL'), username=shell.env('OS_USERNAME'), password=shell.env('OS_PASSWORD'), project_name=shell.env('OS_PROJECT_NAME'), project_domain_id='default', user_domain_id='default') else: auth = generic.Password(auth_url=sys.argv[2], username=sys.argv[3], password=sys.argv[4], project_name=sys.argv[5], project_domain_id='default', user_domain_id='default') if not auth: print("Fail to get authenticated from OpenStack") exit(1) session = keystone_session.Session(auth=auth) client = designate_client.Client(session=session) zone_name = 'simpledemo.onap.org' zone_name_dot = zone_name + '.' zone_list = client.zones.list() print("before: \n{}".format(json.dumps(zone_list, indent=4))) zone = find_entry_by_name(entry_list=zone_list, entry_name=zone_name_dot) if zone: print("exitsing zone: zone id {}".format(zone['id'])) else: zone = client.zones.create(zone_name_dot, email='*****@*****.**') print("newly created zone: zone id {}".format(zone['id'])) recordsets = client.recordsets.list(zone['id']) # delete all exitsing A and CNAME records under the zone_name for recordset in recordsets: if not recordset['name'].endswith(zone_name_dot): continue print("Deleting recordset {}".format(recordset['name'])) if recordset['type'] == 'A': client.recordsets.delete(zone['id'], recordset['id']) elif recordset['type'] == 'CNAME': client.recordsets.delete(zone['id'], recordset['id']) with open(inputfilepath, 'r') as inputfile: records_to_add = yaml.load(inputfile) for key, value in records_to_add.iteritems(): if not key.endswith(zone_name): continue try: socket.inet_aton(value) # take zone name out (including the . before it) key = key[:-(len(zone_name) + 1)] print("Creating DNS A record for: {} - {}".format(key, value)) rs = client.recordsets.create(zone['id'], key, 'A', [value]) except: print() for key, value in records_to_add.iteritems(): if not key.endswith(zone_name): continue try: socket.inet_aton(value) except: # take zone name out (and the . before it) key = key[:-(len(zone_name) + 1)] if not value.endswith('.'): value = value + '.' print("Creating DNS CNAME record for: {} - {}".format( key, value)) rs = client.recordsets.create(zone['id'], key, 'CNAME', [value]) recordsets = client.recordsets.list(zone['id']) print("before: \n{}".format(json.dumps(recordsets, indent=4)))
def get_project_dns_recordsets(project_id, zone): session = clients.session(project_id) client = designateclientv2.Client(session=session) domains = client.recordsets.list(zone['id']) return domains
def handle(self, request, data): proxyip = socket.gethostbyname( urlparse.urlparse(base.url_for(request, 'proxy')).hostname) if data.get('domain') == 'wmflabs.org.': auth = identity_generic.Password( auth_url=base.url_for(request, 'identity'), username=getattr(settings, "WMFLABSDOTORG_ADMIN_USERNAME", ''), password=getattr(settings, "WMFLABSDOTORG_ADMIN_PASSWORD", ''), tenant_name='wmflabsdotorg', user_domain_id='default', project_domain_id='default') c = designateclientv2.Client(session=keystone_session.Session( auth=auth)) LOG.warn('Got create client') # Create the record in the wmflabsdotorg project. This is needed # since wmflabs.org lives in that project and designate prevents # subdomain creation elsewhere. zoneid = None for zone in c.zones.list(): if zone['name'] == 'wmflabs.org.': zoneid = zone['id'] break else: raise Exception("No zone ID") LOG.warn('Got zone ID') c.recordsets.create(zoneid, data.get('record') + '.wmflabs.org.', 'A', [proxyip]) else: # TODO: Move this to designate v2 API, reuse some code c = designateapi.designateclient(request) domainid = None for domain in c.domains.list(): if domain.name == data.get('domain'): domainid = domain.id break else: raise Exception("No domain ID") record = Record(name=data.get('record') + '.' + data.get('domain'), type='A', data=proxyip) c.records.create(domainid, record) d = { "backends": [ 'http://%s:%s' % (data.get('backendInstance'), data.get('backendPort')) ], "domain": data.get('record') + '.' + data.get('domain').rstrip('.') } try: resp = requests.put(base.url_for(request, 'proxy') + '/mapping', data=json.dumps(d)) if resp: return True else: raise Exception("Got status: " + resp.status_code) except Exception: exceptions.handle(self.request, _("Unable to create proxy: " + resp.text)) return False
#!/usr/bin/python3 from datetime import datetime, timedelta import yaml from designateclient.v2 import client as designateclient from keystoneauth1.identity import v3 from keystoneauth1 import session as keystone_session with open('/etc/acme-chief/designate-sync-config.yaml') as f: config = yaml.safe_load(f) client = designateclient.Client(session=keystone_session.Session( auth=v3.Password(auth_url=config['OS_AUTH_URL'], username=config['OS_USERNAME'], password=config['OS_PASSWORD'], user_domain_name='default', project_domain_name='default', project_name=config['OS_PROJECT_NAME'])), region_name=config['OS_REGION_NAME']) # This type of script is unnecessary for gdnsd which doesn't really have much # of an API, it just has a command to add records specifically for ACME. # However, when we add such records to designate in designate-sync.py it # expects them to be permanent - they're not, so this script cleans them up # after an hour. for zone in client.zones.list(): for recordset in client.recordsets.list(zone['id']): if recordset['name'].startswith( '_acme-challenge.') and recordset['type'] == 'TXT': updated = datetime.fromisoformat(recordset['updated_at'] or recordset['created_at'])
def delete(self, request, obj_id): record = obj_id[:obj_id.find('.')] domain = obj_id[obj_id.find('.') + 1:] if not domain.endswith('.'): domain += '.' # First let's make sure that this proxy is really ours to delete. existing_domains = [proxy.domain for proxy in get_proxy_list(request)] if obj_id not in existing_domains: raise Exception( "Proxy \'%s\' is to be deleted but is not owned by this view." % obj_id) if domain == 'wmflabs.org.': auth = identity_generic.Password( auth_url=base.url_for(request, 'identity'), username=getattr(settings, "WMFLABSDOTORG_ADMIN_USERNAME", ''), password=getattr(settings, "WMFLABSDOTORG_ADMIN_PASSWORD", ''), tenant_name='wmflabsdotorg', user_domain_id='default', project_domain_id='default') c = designateclientv2.Client(session=keystone_session.Session( auth=auth)) # Delete the record from the wmflabsdotorg project. This is needed # since wmflabs.org lives in that project and designate (quite # reasonably) prevents subdomain deletion elsewhere. zoneid = None for zone in c.zones.list(): if zone['name'] == 'wmflabs.org.': zoneid = zone['id'] break else: raise Exception("No zone ID") recordsetid = None for recordset in c.recordsets.list(zoneid): if recordset['type'] == 'A' and recordset[ 'name'] == record + '.' + domain: recordsetid = recordset['id'] break else: raise Exception("No recordset ID") c.recordsets.delete(zoneid, recordsetid) else: c = designateapi.designateclient(request) domainid = None for d in c.domains.list(): if d.name == domain: domainid = d.id break else: LOG.warn('Woops! Failed domain ID for domain ' + domain) raise Exception("No domain ID") recordid = None for r in c.records.list(domainid): if r.name == obj_id and r.type == 'A': recordid = r.id break else: LOG.warn('Woops! Failed record ID for record ' + record) raise Exception("No record ID") c.records.delete(domainid, recordid) resp = requests.delete( base.url_for(request, 'proxy') + '/mapping/' + obj_id) if not resp: raise Exception("Got status " + resp.status_code)