def program(): config = Config() config.get("plainstr1") config.require("plainstr2") config.get_secret("plainstr3") config.require_secret("plainstr4") config.get_bool("plainbool1") config.require_bool("plainbool2") config.get_secret_bool("plainbool3") config.require_secret_bool("plainbool4") config.get_int("plainint1") config.require_int("plainint2") config.get_secret_int("plainint3") config.require_secret_int("plainint4") config.get_float("plainfloat1") config.require_float("plainfloat2") config.get_secret_float("plainfloat3") config.require_secret_float("plainfloat4") config.get_object("plainobj1") config.require_object("plainobj2") config.get_secret_object("plainobj3") config.require_secret_object("plainobj4") config.get("str1") config.require("str2") config.get_secret("str3") config.require_secret("str4") config.get_bool("bool1") config.require_bool("bool2") config.get_secret_bool("bool3") config.require_secret_bool("bool4") config.get_int("int1") config.require_int("int2") config.get_secret_int("int3") config.require_secret_int("int4") config.get_float("float1") config.require_float("float2") config.get_secret_float("float3") config.require_secret_float("float4") config.get_object("obj1") config.require_object("obj2") config.get_secret_object("obj3") config.require_secret_object("obj4")
def build_secrets(config: pulumi.Config): secrets_template = """export CTR_FQDN="{fqdn}" export CTR_EMAIL="{email}" export CTR_PASSWORD="******" export CTR_FIRSTNAME="{admin_first_name}" export CTR_LASTNAME="{admin_last_name}" export CTR_SMTP_HOST={smtp_host} export CTR_SMTP_PORT={smtp_port} export CTR_SMTP_TLS={smtp_tls} export CTR_SMTP_AUTH={smtp_auth} export CTR_SMTP_FROM={smtp_from} """ if config.get('db_type') == 'sass': secrets_template += """export PG_INSTALL_TYPE=sass export CTR_DB_HOST="{db_hostname}" export CTR_DB_USER="******" export CTR_DB_PASS="******" """ elif config.get('db_type') == 'local': secrets_template += 'export PG_INSTALL_TYPE=local\n' if config.get_bool('smtp_auth'): if config.get('smtp_user'): secrets_template += 'export CTR_SMTP_USER={0}\n'.format(config.get('smtp_user')) if config.get('smtp_pass'): secrets_template += 'export CTR_SMTP_PASS={0}\n'.format(config.get('smtp_pass')) hostname = build_vm_domain(config) db_admin_username = config.get('db_admin_username') or 'controller' installation_id = config.get('installation_id') values = { 'fqdn': hostname, 'email': config.get('admin_email'), 'admin_pass': config.get('admin_password'), 'admin_first_name': config.get('admin_first_name'), 'admin_last_name': config.get('admin_last_name'), 'db_hostname': 'config-db-{0}.postgres.database.azure.com'.format(installation_id), 'db_user': '******'.format(db_admin_username, installation_id), 'db_pass': config.get('db_admin_password'), 'smtp_host': config.get('smtp_host'), 'smtp_port': config.get('smtp_port'), 'smtp_tls': 'true' if config.get_bool('smtp_tls') else 'false', 'smtp_from': config.get('smtp_from'), 'smtp_auth': 'true' if config.get_bool('smtp_auth') else 'false' } return secrets_template.format_map(values)
if separator == ' ': separator = '' suffix = config.get('suffix') or '' # retrieve project and stack (org not yet available) project = get_project() stack = get_stack() # set default tags to be applied to all taggable resources default_tags = { 'manager': 'pulumi', 'project': project, 'stack': stack, } # Azure Bastion hosts in hub and spokes (until functional across peerings) azure_bastion = config.get_bool('azure_bastion') # Azure Firewall to route all Internet-bound traffic to designated next hop forced_tunnel = config.get('forced_tunnel') if forced_tunnel: ft_ip = ip_address(forced_tunnel) # check IP address is valid # another stack may be peered in the same project, even across organizations peer = config.get('peer') porg = config.get('org') proj = config.get('project') if porg and not proj: # assume the same project in other organization proj = project if not porg: # assume the same organization porg = '' if not proj: # assume the same project
""" def __init__(self, keys: [str], message: str): self.keys = keys self.message = message # retrieve the stack configuration data config = Config() # set default tags to be applied to all taggable resources stack = get_stack() default_tags = { 'environment': stack } # Azure Bastion hosts in hub and spokes (until functional across peerings) azure_bastion = config.get_bool('azure_bastion') # Azure Firewall to route all Internet-bound traffic to designated next hop forced_tunnel = config.get_bool('forced_tunnel') # another stack in the same project and organization may be peered peer = config.get('peer') if peer: org = config.require('org') project = get_project() reference = f'{org}/{project}/{peer}' else: reference = None # validate firewall_address_space and hub_address_space firewall_address_space = config.require('firewall_address_space')