1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
#!/usr/bin/python
#
# Copyright (C) 2019 Bell Canada.
# Modifications Copyright © 2018-2019 AT&T Intellectual Property.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from builtins import KeyboardInterrupt
from concurrent import futures
import logging
import time
import grpc
from pathlib import Path, PurePath
from blueprints_grpc import BluePrintProcessing_pb2_grpc
from blueprints_grpc.request_header_validator_interceptor import RequestHeaderValidatorInterceptor
from blueprints_grpc.blueprint_processing_server import BluePrintProcessingServer
from blueprints_grpc import ScriptExecutorConfiguration
logger = logging.getLogger("Server")
_ONE_DAY_IN_SECONDS = 60 * 60 * 24
def serve(configuration: ScriptExecutorConfiguration):
port = configuration.script_executor_property('port')
authType = configuration.script_executor_property('authType')
maxWorkers = configuration.script_executor_property('maxWorkers')
if authType == 'tls-auth':
cert_chain_file = configuration.script_executor_property('certChain')
private_key_file = configuration.script_executor_property('privateKey')
logger.info("Setting GRPC server TLS authentication, cert file(%s) private key file(%s)", cert_chain_file,
private_key_file)
# read in key and certificate
with open(cert_chain_file, 'rb') as f:
certificate_chain = f.read()
with open(private_key_file, 'rb') as f:
private_key = f.read()
# create server credentials
server_credentials = grpc.ssl_server_credentials(((private_key, certificate_chain),))
# create server
server = grpc.server(futures.ThreadPoolExecutor(max_workers=int(maxWorkers)))
BluePrintProcessing_pb2_grpc.add_BluePrintProcessingServiceServicer_to_server(
BluePrintProcessingServer(configuration), server)
# add secure port using credentials
server.add_secure_port('[::]:' + port, server_credentials)
server.start()
else:
logger.info("Setting GRPC server base authentication")
basic_auth = configuration.script_executor_property('token')
header_validator = RequestHeaderValidatorInterceptor(
'authorization', basic_auth, grpc.StatusCode.UNAUTHENTICATED,
'Access denied!')
# create server with token authentication interceptors
server = grpc.server(futures.ThreadPoolExecutor(max_workers=int(maxWorkers)),
interceptors=(header_validator,))
BluePrintProcessing_pb2_grpc.add_BluePrintProcessingServiceServicer_to_server(
BluePrintProcessingServer(configuration), server)
server.add_insecure_port('[::]:' + port)
server.start()
logger.info("Command Executor Server started on %s" % port)
try:
while True:
time.sleep(_ONE_DAY_IN_SECONDS)
except KeyboardInterrupt:
server.stop(0)
if __name__ == '__main__':
config_file = str(PurePath(Path().absolute())) + '/configuration.ini'
configuration = ScriptExecutorConfiguration(config_file)
logging_formater = '%(asctime)s - %(name)s - %(threadName)s - %(levelname)s - %(message)s'
logging.basicConfig(filename=configuration.script_executor_property('logFile'),
level=logging.DEBUG,
format=logging_formater)
console = logging.StreamHandler()
console.setLevel(logging.INFO)
formatter = logging.Formatter(logging_formater)
console.setFormatter(formatter)
logging.getLogger('').addHandler(console)
serve(configuration)
|