def get_resource(resource): """:param resource: optional filename or http(s) url for the application or group resource :type resource: str :returns: resource :rtype: dict """ if resource is None: return None if os.path.isfile(resource): with util.open_file(resource) as resource_file: return util.load_json(resource_file) else: try: auth = DCOSAcsAuth(dcos_acs_token()) req = requests.get(resource, auth=auth, verify=verify_ssl()) if req.status_code == 200: return req.json() else: raise Exception except Exception: raise DCOSException( "Can't read from resource: {0}. Please check that it exists.". format(resource))
def delete_marathon_path(name, marathon_name='marathon'): """Invokes HTTP DELETE for marathon url with name. For example, name='v2/leader': http DELETE {dcos_url}/service/marathon/v2/leader """ url = get_marathon_endpoint(name, marathon_name) auth = DCOSAcsAuth(dcos_acs_token()) return requests.delete(url, auth=auth, verify=verify_ssl())
def test_non_authorized_user(): with new_dcos_user('kenny', 'kenny') as auth_token: auth = DCOSAcsAuth(auth_token) response = requests.get(dcos_url_path('service/marathon/v2/apps'), auth=auth, verify=verify_ssl()) assert response.status_code == 403
def add_acs_resource(resource): """Create given ACS `{resource}`. For more information consult the DC/OS documentation: https://docs.mesosphere.com/1.9/administration/id-and-access-mgt/permissions/user-service-perms/ """ import json try: logger.info('Adding ACS resource: {}'.format(resource)) url = dcos_url_path('acs/api/v1/acls/{}'.format(resource)) auth = DCOSAcsAuth(dcos_acs_token()) req = requests.put(url, data=json.dumps({'description': resource}), headers={'Content-Type': 'application/json'}, auth=auth, verify=verify_ssl()) req.raise_for_status() assert req.status_code == 201, 'Failed create ACS resource: {}, {}'.format( req, req.text) except requests.HTTPError as e: if (e.response.status_code == 409): logger.info('ACS resource {} already exists'.format(resource)) else: logger.error("Unexpected HTTP error: {}, {}".format( e.response, e.response.text)) raise except Exception: logger.exception( "Unexpected error while adding ACS resource {}".format(resource)) raise
def test_head_request_to_pods_endpoint(): """Tests the pods HTTP end-point by firing a HEAD request to it.""" url = urljoin(DCOS_SERVICE_URL, get_pods_url()) auth = DCOSAcsAuth(dcos_acs_token()) result = requests.head(url, auth=auth, verify=verify_ssl()) assert result.status_code == 200
def set_service_account_permissions(service_account, resource='dcos:superuser', action='full'): """Set permissions for given `{service_account}` for passed `{resource}` with `{action}`. For more information consult the DC/OS documentation: https://docs.mesosphere.com/1.9/administration/id-and-access-mgt/permissions/user-service-perms/ """ try: logger.info('Granting {} permissions to {}/users/{}'.format( action, resource, service_account)) url = dcos_url_path('acs/api/v1/acls/{}/users/{}/{}'.format( resource, service_account, action)) auth = DCOSAcsAuth(dcos_acs_token()) req = requests.put(url, auth=auth, verify=verify_ssl()) req.raise_for_status() msg = 'Failed to grant permissions to the service account: {}, {}'.format( req, req.text) assert req.status_code == 204, msg except requests.HTTPError as e: if (e.response.status_code == 409): logger.info( 'Service account {} already has {} permissions set'.format( service_account, resource)) else: logger.error("Unexpected HTTP error: {}".format(e.response)) raise except Exception: logger.exception( "Unexpected error when setting service account permissions") raise
def http_get_marathon_path(name, marathon_name='marathon'): """Invokes HTTP GET for marathon url with name. For example, name='ping': http GET {dcos_url}/service/marathon/ping """ url = get_marathon_endpoint(name, marathon_name) headers = {'Accept': '*/*'} auth = DCOSAcsAuth(dcos_acs_token()) return requests.get(url, headers=headers, auth=auth, verify=verify_ssl())
def test_ui_available(marathon_service_name): """Simply verifies that a request to the UI endpoint is successful if Marathon is launched.""" auth = DCOSAcsAuth(dcos_acs_token()) response = requests.get("{}/ui/".format( dcos_service_url(marathon_service_name)), auth=auth, verify=verify_ssl()) assert response.status_code == 200, "HTTP status code is {}, but 200 was expected".format( response.status_code)
def master_service_status_code(url): logger.info('Querying %s', url) auth = DCOSAcsAuth(authentication.dcos_acs_token()) response = requests.get(url=url, timeout=5, auth=auth, verify=verify_ssl()) return response.status_code
def ensure_permissions(): common.set_service_account_permissions(MOM_EE_SERVICE_ACCOUNT) url = urljoin( dcos_url(), 'acs/api/v1/acls/dcos:superuser/users/{}'.format( MOM_EE_SERVICE_ACCOUNT)) auth = DCOSAcsAuth(dcos_acs_token()) req = requests.get(url, auth=auth, verify=verify_ssl()) expected = '/acs/api/v1/acls/dcos:superuser/users/{}/full'.format( MOM_EE_SERVICE_ACCOUNT) assert req.json()['array'][0][ 'url'] == expected, "Service account permissions couldn't be set"
def abdicate_marathon_leader(params="", marathon_name='marathon'): """ Abdicates current leader. Waits until the HTTP service is stopped. params arg should include a "?" prefix. """ leader_endpoint = get_marathon_endpoint('/v2/leader', marathon_name) auth = DCOSAcsAuth(dcos_acs_token()) result = requests.delete(leader_endpoint + params, auth=auth, verify=verify_ssl()) wait_until_fail(leader_endpoint) return result
def test_metrics_endpoint(marathon_service_name): service_url = dcos_service_url(marathon_service_name) auth = DCOSAcsAuth(dcos_acs_token()) response = requests.get("{}metrics".format(service_url), auth=auth, verify=verify_ssl()) assert response.status_code == 200, "HTTP status code {} is NOT 200".format( response.status_code) if marathon_version_less_than('1.7'): metric_name = 'service.mesosphere.marathon.app.count' else: metric_name = 'marathon.apps.active.gauge' response_json = response.json() logger.info('Found metric gauges: '.format(response_json['gauges'])) assert response_json['gauges'][metric_name] is not None, \ "{} is absent".format(metric_name)
def wait_until_fail(endpoint): auth = DCOSAcsAuth(dcos_acs_token()) response = requests.delete(endpoint, auth=auth, verify=verify_ssl()) return response.ok
def get_pod_version(pod_id, version_id): url = urljoin(DCOS_SERVICE_URL, get_pod_versions_url(pod_id, version_id)) auth = DCOSAcsAuth(dcos_acs_token()) return requests.get(url, auth=auth, verify=verify_ssl()).json()