class DataShipperCloudWatchEventTarget(CloudWatchEventTargetResource): rule = DataShipperEventRule.get_output_attr('name') arn = SubmitJobLambdaFunction.get_output_attr('arn') target_id = 'DataShipperTarger' # Unique identifier target_input = json.dumps({ 'jobName': "aws-redshift-es-data-shipper", 'jobUuid': "data-shipper-jar-with-dependencies", 'jobType': "jar", 'jobDesc': "Ship aws data periodically from redshfit to ES", 'environmentVariables': [ {'name': "ES_HOST", 'value': ESDomain.get_output_attr('endpoint')}, {'name': "RDS_DB_URL", 'value': MySQLDatabase.get_rds_db_url()}, {'name': "REDSHIFT_DB_URL", 'value': RedshiftCluster.get_redshift_url()}, {'name': "ES_PORT", 'value': "80"}, {'name': "ASSET_API_URL", 'value': ApplicationLoadBalancer.get_api_version_url('asset')}, {'name': "CMPL_API_URL", 'value': ApplicationLoadBalancer.get_api_version_url('compliance')}, {'name': "STAT_API_URL", 'value': ApplicationLoadBalancer.get_api_version_url('statistics')}, {'name': "AUTH_API_URL", 'value': ApplicationLoadBalancer.get_api_version_url('auth')}, ], 'params': [ {'encrypt': False, 'key': "package_hint", 'value': "com.tmobile"}, {'encrypt': False, 'key': "datasource", 'value': "aws"}, {'encrypt': False, 'key': "redshiftinfo", 'value': RedshiftCluster.get_redshift_info()}, {'encrypt': False, 'key': "rdsinfo", 'value': MySQLDatabase.get_rds_info()}, {'encrypt': False, 'key': "apiauthinfo", 'value': "MjJlMTQ5MjItODdkNy00ZWU0LWE0NzAtZGEwYmIxMGQ0NWQzOmNzcldwYzVwN0pGRjR2RVpCa3dHQ0FoNjdrR1FHd1h2NDZxdWc3djVad3RLZw=="} ] })
def get_provisioners(self): db_user_name = MySQLDatabase.get_input_attr('username') db_password = MySQLDatabase.get_input_attr('password') db_host = MySQLDatabase.get_output_attr('address') local_execs = [{ 'local-exec': { 'command': "mysql -u %s -p%s -h %s < %s" % (db_user_name, db_password, db_host, ReplaceSQLPlaceHolder.dest_file) } }] return local_execs
def get_provisioners(self): script = os.path.join(get_terraform_scripts_dir(), 'sql_replace_placeholder.py') db_user_name = MySQLDatabase.get_input_attr('username') db_password = MySQLDatabase.get_input_attr('password') db_host = MySQLDatabase.get_output_attr('endpoint') local_execs = [{ 'local-exec': { 'command': script, 'environment': { 'AWS_REGION': AwsRegion.get_output_attr('name'), 'AWS_ACCOUNT_ID': AwsAccount.get_output_attr('account_id'), 'ES_HOST': ESDomain.get_http_url(), 'ES_PORT': ESDomain.get_es_port(), 'SQL_FILE_PATH': self.dest_file }, 'interpreter': [Settings.PYTHON_INTERPRETER] } }] return local_execs
class ContainerDefinitions: ui_image = UIEcrRepository.get_output_attr( 'repository_url') + ":" + "latest" api_image = APIEcrRepository.get_output_attr( 'repository_url') + ":" + "latest" ui_cw_log_group = UiCloudWatchLogGroup.get_output_attr('name') api_cw_log_group = ApiCloudWatchLogGroup.get_output_attr('name') CONFIG_PASSWORD = "******" CONFIG_SERVER_URL = ApplicationLoadBalancer.get_api_server_url('config') ES_CLUSTER_NAME = ESDomain.get_input_attr('domain_name') ES_HEIMDALL_HOST_NAME = ESDomain.get_output_attr('endpoint') ES_HEIMDALL_PORT = str(ESDomain.get_es_port()) ES_HOST_NAME = ESDomain.get_output_attr('endpoint') ES_PORT = str(ESDomain.get_es_port()) LOGGING_ES_HOST_NAME = ESDomain.get_output_attr('endpoint') LOGGING_ES_PORT = str(ESDomain.get_es_port()) PACMAN_HOST_NAME = ApplicationLoadBalancer.get_http_url() RDS_USERNAME = MySQLDatabase.get_input_attr('username') RDS_PASSWORD = MySQLDatabase.get_input_attr('password') RDS_URL = MySQLDatabase.get_rds_db_url() REDSHIFT_URL = RedshiftCluster.get_redshift_url() REDSHIFT_USER_NAME = RedshiftCluster.get_input_attr('master_username') REDSHIFT_PASSWORD = RedshiftCluster.get_input_attr('master_password') ES_UPDATE_HOST = ESDomain.get_output_attr('endpoint') ES_UPDATE_PORT = str(ESDomain.get_es_port()) ES_UPDATE_CLUSTER_NAME = ESDomain.get_input_attr('domain_name') LDAP_DOMAIN = "http://localhost" LDAP_PORT = "389" LDAP_BASEDN = "http://localhost" LDAP_HOSTLIST = "http://localhost" LDAP_RESPONSETIMEOUT = "60" LDAP_CONNECTIONTIMEOUT = "60" def get_container_definitions_without_env_vars(self, container_name): return { 'name': container_name, "image": self.ui_image if container_name == 'nginx' else self.api_image, "essential": True, "entrypoint": ["sh", "-c"], "command": ["sh /entrypoint.sh"], "portMappings": [{ "containerPort": 80, "hostPort": 80 }], "memory": 1024, "networkMode": "awsvpc", "logConfiguration": { "logDriver": "awslogs", "options": { "awslogs-group": self.ui_cw_log_group if container_name == 'nginx' else self.api_cw_log_group, "awslogs-region": AwsRegion.get_output_attr('name'), "awslogs-stream-prefix": Settings.RESOURCE_NAME_PREFIX + "-" + container_name } } } def get_container_definitions(self, container_name): definitions = self.get_container_definitions_without_env_vars( container_name) env_vars = self._get_env_vars_for_container_service(container_name) if env_vars: definitions['environment'] = env_vars return json.dumps([definitions]) def _get_env_vars_for_container_service(self, container_name): def function_not_found(): return None fun_name = "get_%s_container_env_vars" % container_name.replace( '-', '_') call_fun = getattr(self, fun_name, function_not_found) return call_fun() def get_config_container_env_vars(self): return [{ 'name': "JAR_FILE", 'value': "config.jar" }, { 'name': "CONFIG_PASSWORD", 'value': self.CONFIG_PASSWORD }] def get_admin_container_env_vars(self): return [{ 'name': "JAR_FILE", 'value': "pacman-api-admin.jar" }, { 'name': "CONFIG_PASSWORD", 'value': self.CONFIG_PASSWORD }, { 'name': "CONFIG_SERVER_URL", 'value': self.CONFIG_SERVER_URL }, { 'name': "ES_CLUSTER_NAME", 'value': self.ES_CLUSTER_NAME }, { 'name': "ES_HEIMDALL_HOST_NAME", 'value': self.ES_HEIMDALL_HOST_NAME }, { 'name': "ES_HEIMDALL_PORT", 'value': self.ES_HEIMDALL_PORT }, { 'name': "ES_HOST_NAME", 'value': self.ES_HOST_NAME }, { 'name': "ES_PORT", 'value': self.ES_PORT }, { 'name': "LOGGING_ES_HOST_NAME", 'value': self.LOGGING_ES_HOST_NAME }, { 'name': "LOGGING_ES_PORT", 'value': self.LOGGING_ES_PORT }, { 'name': "PACMAN_HOST_NAME", 'value': self.PACMAN_HOST_NAME }, { 'name': "RDS_PASSWORD", 'value': self.RDS_PASSWORD }, { 'name': "RDS_URL", 'value': self.RDS_URL }, { 'name': "RDS_USERNAME", 'value': self.RDS_USERNAME }, { 'name': "ES_UPDATE_HOST", 'value': self.ES_UPDATE_HOST }, { 'name': "ES_UPDATE_PORT", 'value': self.ES_UPDATE_PORT }, { 'name': "ES_UPDATE_CLUSTER_NAME", 'value': self.ES_UPDATE_CLUSTER_NAME }, { 'name': "SECURITY_USERNAME", 'value': "admin" }, { 'name': "SECURITY_PASSWORD", 'value': "admin@123" }, { 'name': "ACCESS_KEY", 'value': "test_key_1" }, { 'name': "SECRET_KEY", 'value': "test_key_2" }, { 'name': "DOMAIN_URL", 'value': ApplicationLoadBalancer.get_api_server_url('admin') }, { 'name': "ADMIN_SERVER", 'value': "http://localhost/pacmonitor" }, { 'name': "ROLE_ARN", 'value': ECSRole.get_output_attr('arn') }, { 'name': "JOB_FUNCTION_NAME", 'value': SubmitJobLambdaFunction.get_input_attr('function_name') }, { 'name': "JOB_FUNCTION_ARN", 'value': SubmitJobLambdaFunction.get_output_attr('arn') }, { 'name': "JOB_LAMBDA_REGION", 'value': AwsRegion.get_output_attr('name') }, { 'name': "JOB_BUCKET_REGION", 'value': AwsRegion.get_output_attr('name') }, { 'name': "RULE_FUNCTION_NAME", 'value': RuleEngineLambdaFunction.get_input_attr('function_name') }, { 'name': "RULE_FUNCTION_ARN", 'value': RuleEngineLambdaFunction.get_output_attr('arn') }, { 'name': "RULE_BUCKET_REGION", 'value': AwsRegion.get_output_attr('name') }, { 'name': "RULE_LAMBDA_REGION", 'value': AwsRegion.get_output_attr('name') }, { 'name': "RULE_JOB_BUCKET_NAME", 'value': BucketStorage.get_output_attr('bucket') }] def get_compliance_container_env_vars(self): return [{ 'name': "JAR_FILE", 'value': "pacman-api-compliance.jar" }, { 'name': "CONFIG_PASSWORD", 'value': self.CONFIG_PASSWORD }, { 'name': "CONFIG_SERVER_URL", 'value': self.CONFIG_SERVER_URL }, { 'name': "ES_CLUSTER_NAME", 'value': self.ES_CLUSTER_NAME }, { 'name': "ES_HEIMDALL_HOST_NAME", 'value': self.ES_HEIMDALL_HOST_NAME }, { 'name': "ES_HEIMDALL_PORT", 'value': self.ES_HEIMDALL_PORT }, { 'name': "ES_HOST_NAME", 'value': self.ES_HOST_NAME }, { 'name': "ES_PORT", 'value': self.ES_PORT }, { 'name': "LOGGING_ES_HOST_NAME", 'value': self.LOGGING_ES_HOST_NAME }, { 'name': "LOGGING_ES_PORT", 'value': self.LOGGING_ES_PORT }, { 'name': "PACMAN_HOST_NAME", 'value': self.PACMAN_HOST_NAME }, { 'name': "RDS_PASSWORD", 'value': self.RDS_PASSWORD }, { 'name': "RDS_URL", 'value': self.RDS_URL }, { 'name': "RDS_USERNAME", 'value': self.RDS_USERNAME }, { 'name': "REDSHIFT_URL", 'value': self.REDSHIFT_URL }, { 'name': "REDSHIFT_USER_NAME", 'value': self.REDSHIFT_USER_NAME }, { 'name': "REDSHIFT_PASSWORD", 'value': self.REDSHIFT_PASSWORD }, { 'name': "ES_UPDATE_HOST", 'value': self.ES_UPDATE_HOST }, { 'name': "ES_UPDATE_PORT", 'value': self.ES_UPDATE_PORT }, { 'name': "ES_UPDATE_CLUSTER_NAME", 'value': self.ES_UPDATE_CLUSTER_NAME }, { 'name': "LDAP_DOMAIN", 'value': self.LDAP_DOMAIN }, { 'name': "LDAP_BASEDN", 'value': self.LDAP_BASEDN }, { 'name': "LDAP_PORT", 'value': self.LDAP_PORT }, { 'name': "LDAP_RESPONSETIMEOUT", 'value': self.LDAP_RESPONSETIMEOUT }, { 'name': "LDAP_CONNECTIONTIMEOUT", 'value': self.LDAP_CONNECTIONTIMEOUT }, { 'name': "LDAP_HOSTLIST", 'value': self.LDAP_HOSTLIST }, { 'name': "CERTIFICATE_FEATURE_ENABLED", 'value': "false" }, { 'name': "PATCHING_FEATURE_ENABLED", 'value': "false" }, { 'name': "VULNERABILITY_FEATURE_ENABLED", 'value': "false" }] def get_notifications_container_env_vars(self): return [{ 'name': "JAR_FILE", 'value': "pacman-api-notification.jar" }, { 'name': "CONFIG_PASSWORD", 'value': self.CONFIG_PASSWORD }, { 'name': "CONFIG_SERVER_URL", 'value': self.CONFIG_SERVER_URL }, { 'name': "ES_CLUSTER_NAME", 'value': self.ES_CLUSTER_NAME }, { 'name': "ES_HEIMDALL_HOST_NAME", 'value': self.ES_HEIMDALL_HOST_NAME }, { 'name': "ES_HEIMDALL_PORT", 'value': self.ES_HEIMDALL_PORT }, { 'name': "ES_HOST_NAME", 'value': self.ES_HOST_NAME }, { 'name': "ES_PORT", 'value': self.ES_PORT }, { 'name': "LOGGING_ES_HOST_NAME", 'value': self.LOGGING_ES_HOST_NAME }, { 'name': "LOGGING_ES_PORT", 'value': self.LOGGING_ES_PORT }, { 'name': "PACMAN_HOST_NAME", 'value': self.PACMAN_HOST_NAME }, { 'name': "RDS_PASSWORD", 'value': self.RDS_PASSWORD }, { 'name': "RDS_URL", 'value': self.RDS_URL }, { 'name': "RDS_USERNAME", 'value': self.RDS_USERNAME }, { 'name': "REDSHIFT_URL", 'value': self.REDSHIFT_URL }, { 'name': "REDSHIFT_USER_NAME", 'value': self.REDSHIFT_USER_NAME }, { 'name': "REDSHIFT_PASSWORD", 'value': self.REDSHIFT_PASSWORD }, { 'name': "ES_UPDATE_HOST", 'value': self.ES_UPDATE_HOST }, { 'name': "ES_UPDATE_PORT", 'value': self.ES_UPDATE_PORT }, { 'name': "ES_UPDATE_CLUSTER_NAME", 'value': self.ES_UPDATE_CLUSTER_NAME }, { 'name': "LDAP_DOMAIN", 'value': self.LDAP_DOMAIN }, { 'name': "LDAP_BASEDN", 'value': self.LDAP_BASEDN }, { 'name': "LDAP_PORT", 'value': self.LDAP_PORT }, { 'name': "LDAP_RESPONSETIMEOUT", 'value': self.LDAP_RESPONSETIMEOUT }, { 'name': "LDAP_CONNECTIONTIMEOUT", 'value': self.LDAP_CONNECTIONTIMEOUT }, { 'name': "LDAP_HOSTLIST", 'value': self.LDAP_HOSTLIST }] def get_statistics_container_env_vars(self): return [{ 'name': "JAR_FILE", 'value': "pacman-api-statistics.jar" }, { 'name': "CONFIG_PASSWORD", 'value': self.CONFIG_PASSWORD }, { 'name': "CONFIG_SERVER_URL", 'value': self.CONFIG_SERVER_URL }, { 'name': "ES_CLUSTER_NAME", 'value': self.ES_CLUSTER_NAME }, { 'name': "ES_HEIMDALL_HOST_NAME", 'value': self.ES_HEIMDALL_HOST_NAME }, { 'name': "ES_HEIMDALL_PORT", 'value': self.ES_HEIMDALL_PORT }, { 'name': "ES_HOST_NAME", 'value': self.ES_HOST_NAME }, { 'name': "ES_PORT", 'value': self.ES_PORT }, { 'name': "LOGGING_ES_HOST_NAME", 'value': self.LOGGING_ES_HOST_NAME }, { 'name': "LOGGING_ES_PORT", 'value': self.LOGGING_ES_PORT }, { 'name': "PACMAN_HOST_NAME", 'value': self.PACMAN_HOST_NAME }, { 'name': "RDS_PASSWORD", 'value': self.RDS_PASSWORD }, { 'name': "RDS_URL", 'value': self.RDS_URL }, { 'name': "RDS_USERNAME", 'value': self.RDS_USERNAME }, { 'name': "REDSHIFT_URL", 'value': self.REDSHIFT_URL }, { 'name': "REDSHIFT_USER_NAME", 'value': self.REDSHIFT_USER_NAME }, { 'name': "REDSHIFT_PASSWORD", 'value': self.REDSHIFT_PASSWORD }, { 'name': "ES_UPDATE_HOST", 'value': self.ES_UPDATE_HOST }, { 'name': "ES_UPDATE_PORT", 'value': self.ES_UPDATE_PORT }, { 'name': "ES_UPDATE_CLUSTER_NAME", 'value': self.ES_UPDATE_CLUSTER_NAME }, { 'name': "LDAP_DOMAIN", 'value': self.LDAP_DOMAIN }, { 'name': "LDAP_BASEDN", 'value': self.LDAP_BASEDN }, { 'name': "LDAP_PORT", 'value': self.LDAP_PORT }, { 'name': "LDAP_RESPONSETIMEOUT", 'value': self.LDAP_RESPONSETIMEOUT }, { 'name': "LDAP_CONNECTIONTIMEOUT", 'value': self.LDAP_CONNECTIONTIMEOUT }, { 'name': "LDAP_HOSTLIST", 'value': self.LDAP_HOSTLIST }] def get_asset_container_env_vars(self): return [{ 'name': "JAR_FILE", 'value': "pacman-api-asset.jar" }, { 'name': "CONFIG_PASSWORD", 'value': self.CONFIG_PASSWORD }, { 'name': "CONFIG_SERVER_URL", 'value': self.CONFIG_SERVER_URL }, { 'name': "ES_CLUSTER_NAME", 'value': self.ES_CLUSTER_NAME }, { 'name': "ES_HEIMDALL_HOST_NAME", 'value': self.ES_HEIMDALL_HOST_NAME }, { 'name': "ES_HEIMDALL_PORT", 'value': self.ES_HEIMDALL_PORT }, { 'name': "ES_HOST_NAME", 'value': self.ES_HOST_NAME }, { 'name': "ES_PORT", 'value': self.ES_PORT }, { 'name': "LOGGING_ES_HOST_NAME", 'value': self.LOGGING_ES_HOST_NAME }, { 'name': "LOGGING_ES_PORT", 'value': self.LOGGING_ES_PORT }, { 'name': "PACMAN_HOST_NAME", 'value': self.PACMAN_HOST_NAME }, { 'name': "RDS_PASSWORD", 'value': self.RDS_PASSWORD }, { 'name': "RDS_URL", 'value': self.RDS_URL }, { 'name': "RDS_USERNAME", 'value': self.RDS_USERNAME }, { 'name': "REDSHIFT_URL", 'value': self.REDSHIFT_URL }, { 'name': "REDSHIFT_USER_NAME", 'value': self.REDSHIFT_USER_NAME }, { 'name': "REDSHIFT_PASSWORD", 'value': self.REDSHIFT_PASSWORD }, { 'name': "ES_UPDATE_HOST", 'value': self.ES_UPDATE_HOST }, { 'name': "ES_UPDATE_PORT", 'value': self.ES_UPDATE_PORT }, { 'name': "ES_UPDATE_CLUSTER_NAME", 'value': self.ES_UPDATE_CLUSTER_NAME }, { 'name': "LDAP_DOMAIN", 'value': self.LDAP_DOMAIN }, { 'name': "LDAP_BASEDN", 'value': self.LDAP_BASEDN }, { 'name': "LDAP_PORT", 'value': self.LDAP_PORT }, { 'name': "LDAP_RESPONSETIMEOUT", 'value': self.LDAP_RESPONSETIMEOUT }, { 'name': "LDAP_CONNECTIONTIMEOUT", 'value': self.LDAP_CONNECTIONTIMEOUT }, { 'name': "LDAP_HOSTLIST", 'value': self.LDAP_HOSTLIST }, { 'name': "CLOUD_INSIGHTS_COST_URL", 'value': "http://localhost" }, { 'name': "CLOUD_INSIGHTS_TOKEN_URL", 'value': "http://localhost" }, { 'name': "SVC_CORP_PASSWORD", 'value': "password" }, { 'name': "SVC_CORP_USER_ID", 'value': "testid" }] def get_auth_container_env_vars(self): return [{ 'name': "JAR_FILE", 'value': "pacman-api-auth.jar" }, { 'name': "CONFIG_PASSWORD", 'value': self.CONFIG_PASSWORD }, { 'name': "CONFIG_SERVER_URL", 'value': self.CONFIG_SERVER_URL }, { 'name': "DOMAIN_URL", 'value': ApplicationLoadBalancer.get_api_server_url('auth') }, { 'name': "ES_CLUSTER_NAME", 'value': self.ES_CLUSTER_NAME }, { 'name': "ES_HEIMDALL_HOST_NAME", 'value': self.ES_HEIMDALL_HOST_NAME }, { 'name': "ES_HEIMDALL_PORT", 'value': self.ES_HEIMDALL_PORT }, { 'name': "ES_HOST_NAME", 'value': self.ES_HOST_NAME }, { 'name': "ES_PORT", 'value': self.ES_PORT }, { 'name': "LOGGING_ES_HOST_NAME", 'value': self.LOGGING_ES_HOST_NAME }, { 'name': "LOGGING_ES_PORT", 'value': self.LOGGING_ES_PORT }, { 'name': "PACMAN_HOST_NAME", 'value': self.PACMAN_HOST_NAME }, { 'name': "RDS_PASSWORD", 'value': self.RDS_PASSWORD }, { 'name': "RDS_URL", 'value': self.RDS_URL }, { 'name': "RDS_USERNAME", 'value': self.RDS_USERNAME }, { 'name': "REDSHIFT_URL", 'value': self.REDSHIFT_URL }, { 'name': "REDSHIFT_USER_NAME", 'value': self.REDSHIFT_USER_NAME }, { 'name': "REDSHIFT_PASSWORD", 'value': self.REDSHIFT_PASSWORD }, { 'name': "ES_UPDATE_HOST", 'value': self.ES_UPDATE_HOST }, { 'name': "ES_UPDATE_PORT", 'value': self.ES_UPDATE_PORT }, { 'name': "ES_UPDATE_CLUSTER_NAME", 'value': self.ES_UPDATE_CLUSTER_NAME }, { 'name': "LDAP_DOMAIN", 'value': self.LDAP_DOMAIN }, { 'name': "LDAP_BASEDN", 'value': self.LDAP_BASEDN }, { 'name': "LDAP_PORT", 'value': self.LDAP_PORT }, { 'name': "LDAP_RESPONSETIMEOUT", 'value': self.LDAP_RESPONSETIMEOUT }, { 'name': "LDAP_CONNECTIONTIMEOUT", 'value': self.LDAP_CONNECTIONTIMEOUT }, { 'name': "LDAP_HOSTLIST", 'value': self.LDAP_HOSTLIST }, { 'name': "OAUTH2_CLIENT_ID", 'value': "22e14922-87d7-4ee4-a470-da0bb10d45d3" }]
def get_provisioners(self): script = os.path.join(get_terraform_scripts_dir(), 'sql_replace_placeholder.py') db_user_name = MySQLDatabase.get_input_attr('username') db_password = MySQLDatabase.get_input_attr('password') db_host = MySQLDatabase.get_output_attr('endpoint') local_execs = [ { 'local-exec': { 'command': script, 'environment': { 'SQL_FILE_PATH': self.dest_file, 'ENV_region': AwsRegion.get_output_attr('name'), 'ENV_account': AwsAccount.get_output_attr('account_id'), 'ENV_eshost': ESDomain.get_http_url(), 'ENV_esport': ESDomain.get_es_port(), 'ENV_LOGGING_ES_HOST_NAME': ESDomain.get_output_attr('endpoint'), 'ENV_LOGGING_ES_PORT': str(ESDomain.get_es_port()), 'ENV_ES_HOST_NAME': ESDomain.get_output_attr('endpoint'), 'ENV_ES_PORT': str(ESDomain.get_es_port()), 'ENV_ES_CLUSTER_NAME': ESDomain.get_input_attr('domain_name'), 'ENV_ES_PORT_ADMIN': str(ESDomain.get_es_port()), 'ENV_ES_HEIMDALL_HOST_NAME': ESDomain.get_output_attr('endpoint'), 'ENV_ES_HEIMDALL_PORT': str(ESDomain.get_es_port()), 'ENV_ES_HEIMDALL_CLUSTER_NAME': ESDomain.get_input_attr('domain_name'), 'ENV_ES_HEIMDALL_PORT_ADMIN': str(ESDomain.get_es_port()), 'ENV_ES_UPDATE_HOST': ESDomain.get_output_attr('endpoint'), 'ENV_ES_UPDATE_PORT': str(ESDomain.get_es_port()), 'ENV_ES_UPDATE_CLUSTER_NAME': ESDomain.get_input_attr('domain_name'), 'ENV_PACMAN_HOST_NAME': ApplicationLoadBalancer.get_http_url(), 'ENV_RDS_URL': MySQLDatabase.get_rds_db_url(), 'ENV_RDS_USERNAME': MySQLDatabase.get_input_attr('username'), 'ENV_RDS_PASSWORD': MySQLDatabase.get_input_attr('password'), 'ENV_JOB_BUCKET_REGION': AwsRegion.get_output_attr('name'), 'ENV_RULE_JOB_BUCKET_NAME': BucketStorage.get_output_attr('bucket'), 'ENV_JOB_LAMBDA_REGION': AwsRegion.get_output_attr('name'), 'ENV_JOB_FUNCTION_NAME': SubmitJobLambdaFunction.get_input_attr('function_name'), 'ENV_JOB_FUNCTION_ARN': SubmitJobLambdaFunction.get_output_attr('arn'), 'ENV_RULE_BUCKET_REGION': AwsRegion.get_output_attr('name'), 'ENV_RULE_JOB_BUCKET_NAME': BucketStorage.get_output_attr('bucket'), 'ENV_RULE_LAMBDA_REGION': AwsRegion.get_output_attr('name'), 'ENV_RULE_FUNCTION_NAME': RuleEngineLambdaFunction.get_input_attr('function_name'), 'ENV_RULE_FUNCTION_ARN': RuleEngineLambdaFunction.get_output_attr('arn'), 'ENV_CLOUD_INSIGHTS_TOKEN_URL': "http://localhost", 'ENV_CLOUD_INSIGHTS_COST_URL': "http://localhost", 'ENV_SVC_CORP_USER_ID': "testid", 'ENV_SVC_CORP_PASSWORD': "******", 'ENV_CERTIFICATE_FEATURE_ENABLED': "false", 'ENV_PATCHING_FEATURE_ENABLED': "false", 'ENV_VULNERABILITY_FEATURE_ENABLED': str(Settings.get('ENABLE_VULNERABILITY_FEATURE', False)).lower(), 'ENV_MAIL_SERVER': Settings.MAIL_SERVER, 'ENV_PACMAN_S3': "pacman-email-templates", 'ENV_DATA_IN_DIR': "inventory", 'ENV_DATA_BKP_DIR': "backup", 'ENV_PAC_ROLE': BaseRole.get_input_attr('name'), 'ENV_BASE_REGION': AwsRegion.get_output_attr('name'), 'ENV_DATA_IN_S3': BucketStorage.get_output_attr('bucket'), 'ENV_BASE_ACCOUNT': AwsAccount.get_output_attr('account_id'), 'ENV_PAC_RO_ROLE': BaseRole.get_input_attr('name'), 'ENV_MAIL_SERVER_PORT': Settings.MAIL_SERVER_PORT, 'ENV_MAIL_PROTOCOL': Settings.MAIL_PROTOCOL, 'ENV_MAIL_SERVER_USER': Settings.MAIL_SERVER_USER, 'ENV_MAIL_SERVER_PWD': Settings.MAIL_SERVER_PWD, 'ENV_MAIL_SMTP_AUTH': Settings.MAIL_SMTP_AUTH, 'ENV_MAIL_SMTP_SSL_ENABLE': Settings.MAIL_SMTP_SSL_ENABLE, 'ENV_MAIL_SMTP_SSL_TEST_CONNECTION': Settings.MAIL_SMTP_SSL_TEST_CONNECTION, 'ENV_PACMAN_LOGIN_USER_NAME': "*****@*****.**", 'ENV_PACMAN_LOGIN_PASSWORD': "******", 'ENV_CONFIG_CREDENTIALS': "dXNlcjpwYWNtYW4=", 'ENV_CONFIG_SERVICE_URL': ApplicationLoadBalancer.get_http_url() + "/api/config/rule/prd/latest", 'ENV_PACBOT_AUTOFIX_RESOURCEOWNER_FALLBACK_MAILID': Settings.get('USER_EMAIL_ID', ""), 'ENV_QUALYS_INFO': Settings.get('QUALYS_INFO', ""), 'ENV_QUALYS_API_URL': Settings.get('QUALYS_API_URL', "") }, 'interpreter': [Settings.PYTHON_INTERPRETER] } } ] return local_execs
class ContainerDefinitions: """Friend class for getting the container definitions of each service""" ui_image = UIEcrRepository.get_output_attr( 'repository_url') + ":" + "latest" api_image = APIEcrRepository.get_output_attr( 'repository_url') + ":" + "latest" ui_cw_log_group = UiCloudWatchLogGroup.get_output_attr('name') api_cw_log_group = ApiCloudWatchLogGroup.get_output_attr('name') CONFIG_PASSWORD = "******" CONFIG_SERVER_URL = ApplicationLoadBalancer.get_api_server_url('config') PACMAN_HOST_NAME = ApplicationLoadBalancer.get_http_url() RDS_USERNAME = MySQLDatabase.get_input_attr('username') RDS_PASSWORD = MySQLDatabase.get_input_attr('password') RDS_URL = MySQLDatabase.get_rds_db_url() def get_container_definitions_without_env_vars(self, container_name): """ This method returns the basic common container definitioons for all task definitions Returns: container_definitions (dict): Container definitions """ memory = 1024 if container_name == "nginx" else 3072 return { 'name': container_name, "image": self.ui_image if container_name == 'nginx' else self.api_image, "essential": True, "entrypoint": ["sh", "-c"], "command": ["sh /entrypoint.sh"], "portMappings": [{ "containerPort": 80, "hostPort": 80 }], "memory": memory, "networkMode": "awsvpc", "logConfiguration": { "logDriver": "awslogs", "options": { "awslogs-group": self.ui_cw_log_group if container_name == 'nginx' else self.api_cw_log_group, "awslogs-region": AwsRegion.get_output_attr('name'), "awslogs-stream-prefix": Settings.RESOURCE_NAME_PREFIX + "-" + container_name } } } def get_container_definitions(self, container_name): """ This method find complete container definitions for a task definiiton and returns it Returns: container_definitions (json): Josn data of complete Container definitions """ definitions = self.get_container_definitions_without_env_vars( container_name) env_vars = self._get_env_vars_for_container_service(container_name) if env_vars: definitions['environment'] = env_vars return json.dumps([definitions]) def _get_env_vars_for_container_service(self, container_name): """ Dynamically call the function based on the container name to get all environment variables Returns: env_variables (list): List of dict of env variables """ def function_not_found(): return None fun_name = "get_%s_container_env_vars" % container_name.replace( '-', '_') call_fun = getattr(self, fun_name, function_not_found) return call_fun() def get_config_container_env_vars(self): return [ { 'name': "JAR_FILE", 'value': "config.jar" }, { 'name': "CONFIG_PASSWORD", 'value': self.CONFIG_PASSWORD }, { 'name': "RDS_PASSWORD", 'value': self.RDS_PASSWORD }, { 'name': "RDS_URL", 'value': self.RDS_URL }, { 'name': "RDS_USERNAME", 'value': self.RDS_USERNAME }, { 'name': "PACMAN_HOST_NAME", 'value': self.PACMAN_HOST_NAME }, ] def get_admin_container_env_vars(self): return [{ 'name': "JAR_FILE", 'value': "pacman-api-admin.jar" }, { 'name': "CONFIG_PASSWORD", 'value': self.CONFIG_PASSWORD }, { 'name': "CONFIG_SERVER_URL", 'value': self.CONFIG_SERVER_URL }, { 'name': "PACMAN_HOST_NAME", 'value': self.PACMAN_HOST_NAME }, { 'name': "DOMAIN_URL", 'value': ApplicationLoadBalancer.get_api_server_url('admin') }] def get_compliance_container_env_vars(self): return [{ 'name': "JAR_FILE", 'value': "pacman-api-compliance.jar" }, { 'name': "CONFIG_PASSWORD", 'value': self.CONFIG_PASSWORD }, { 'name': "CONFIG_SERVER_URL", 'value': self.CONFIG_SERVER_URL }, { 'name': "PACMAN_HOST_NAME", 'value': self.PACMAN_HOST_NAME }, { 'name': "DOMAIN_URL", 'value': ApplicationLoadBalancer.get_api_server_url('compliance') }] def get_notifications_container_env_vars(self): return [{ 'name': "JAR_FILE", 'value': "pacman-api-notification.jar" }, { 'name': "CONFIG_PASSWORD", 'value': self.CONFIG_PASSWORD }, { 'name': "CONFIG_SERVER_URL", 'value': self.CONFIG_SERVER_URL }, { 'name': "PACMAN_HOST_NAME", 'value': self.PACMAN_HOST_NAME }, { 'name': "DOMAIN_URL", 'value': ApplicationLoadBalancer.get_api_server_url('notifications') }] def get_statistics_container_env_vars(self): return [{ 'name': "JAR_FILE", 'value': "pacman-api-statistics.jar" }, { 'name': "CONFIG_PASSWORD", 'value': self.CONFIG_PASSWORD }, { 'name': "CONFIG_SERVER_URL", 'value': self.CONFIG_SERVER_URL }, { 'name': "PACMAN_HOST_NAME", 'value': self.PACMAN_HOST_NAME }, { 'name': "DOMAIN_URL", 'value': ApplicationLoadBalancer.get_api_server_url('statistics') }] def get_asset_container_env_vars(self): return [{ 'name': "JAR_FILE", 'value': "pacman-api-asset.jar" }, { 'name': "CONFIG_PASSWORD", 'value': self.CONFIG_PASSWORD }, { 'name': "CONFIG_SERVER_URL", 'value': self.CONFIG_SERVER_URL }, { 'name': "PACMAN_HOST_NAME", 'value': self.PACMAN_HOST_NAME }, { 'name': "DOMAIN_URL", 'value': ApplicationLoadBalancer.get_api_server_url('asset') }] def get_auth_container_env_vars(self): return [{ 'name': "JAR_FILE", 'value': "pacman-api-auth.jar" }, { 'name': "CONFIG_PASSWORD", 'value': self.CONFIG_PASSWORD }, { 'name': "CONFIG_SERVER_URL", 'value': self.CONFIG_SERVER_URL }, { 'name': "PACMAN_HOST_NAME", 'value': self.PACMAN_HOST_NAME }, { 'name': "DOMAIN_URL", 'value': ApplicationLoadBalancer.get_api_server_url('auth') }] def get_vulnerability_container_env_vars(self): return [{ 'name': "JAR_FILE", 'value': "pacman-api-vulnerability.jar" }, { 'name': "CONFIG_PASSWORD", 'value': self.CONFIG_PASSWORD }, { 'name': "CONFIG_SERVER_URL", 'value': self.CONFIG_SERVER_URL }, { 'name': "PACMAN_HOST_NAME", 'value': self.PACMAN_HOST_NAME }, { 'name': "DOMAIN_URL", 'value': ApplicationLoadBalancer.get_api_server_url('vulnerability') }]