diff options
author | jh245g <jh245g@att.com> | 2018-08-02 11:10:49 -0400 |
---|---|---|
committer | jh245g <jh245g@att.com> | 2018-08-02 11:11:23 -0400 |
commit | 7ea7c4c8d4f368d831fc145684661594f4f6561c (patch) | |
tree | 305cb4030040e6ba65e1532d9fee7ec2f1ec31be /helm | |
parent | 544487f0c1ea4b5efa94a4e97348ea0c412df19c (diff) |
Support basic authentication in config repo
Change-Id: Ic2f40abfbb54bf006f750e4aab7993cb1f4bd5c5
Issue-ID: CCSDK-425
Signed-off-by: jh245g <jh245g@att.com>
Diffstat (limited to 'helm')
-rw-r--r-- | helm/plugin/tasks.py | 30 | ||||
-rw-r--r-- | helm/plugin/workflows.py | 14 |
2 files changed, 36 insertions, 8 deletions
diff --git a/helm/plugin/tasks.py b/helm/plugin/tasks.py index 9d03fba..5ff7df8 100644 --- a/helm/plugin/tasks.py +++ b/helm/plugin/tasks.py @@ -30,6 +30,7 @@ from cloudify.exceptions import OperationRetry from cloudify_rest_client.exceptions import CloudifyClientError import pip import json +import base64 import yaml import urllib2 from cloudify.decorators import operation @@ -71,10 +72,12 @@ def configure_admin_conf(): admin_file_dest = os.path.join(os.path.expanduser('~'), 'admin.conf') execute_command( - 'sudo cp {0} {1}'.format('/etc/kubernetes/admin.conf', admin_file_dest)) + 'sudo cp {0} {1}'.format('/etc/kubernetes/admin.conf', + admin_file_dest)) execute_command('sudo chown {0}:{1} {2}'.format(uid, gid, admin_file_dest)) - with open(os.path.join(os.path.expanduser('~'), '.bashrc'), 'a') as outfile: + with open(os.path.join(os.path.expanduser('~'), '.bashrc'), + 'a') as outfile: outfile.write('export KUBECONFIG=$HOME/admin.conf') os.environ['KUBECONFIG'] = admin_file_dest @@ -87,7 +90,8 @@ def get_current_helm_value(chart_name): if str_to_bool(ctx.node.properties['tls-enable']): getValueCommand = subprocess.Popen( ["helm", "get", "values", "-a", chart_name, '--host', tiller_host, - '--tls', '--tls-ca-cert', config_dir + 'ca.cert.pem', '--tls-cert', + '--tls', '--tls-ca-cert', config_dir + 'ca.cert.pem', + '--tls-cert', config_dir + 'helm.cert.pem', '--tls-key', config_dir + 'helm.key.pem'], stdout=subprocess.PIPE) else: @@ -216,7 +220,18 @@ def config(**kwargs): if configJson == '' and configUrl == '': ctx.logger.debug("Will use default HELM value") elif configJson == '' and configUrl != '': - response = urllib2.urlopen(configUrl) + if configUrl.find("@"): + head, end = configUrl.rsplit('@', 1) + head, auth = head.rsplit('//', 1) + configUrl = head + '//' + end + username, password = auth.rsplit(':', 1) + request = urllib2.Request(configUrl) + base64string = base64.encodestring( + '%s:%s' % (username, password)).replace('\n', '') + request.add_header("Authorization", "Basic %s" % base64string) + response = urllib2.urlopen(request) + else: + response = urllib2.urlopen(configUrl) if configUrlInputFormat == 'json': configObj = json.load(response) elif configUrlInputFormat == 'yaml': @@ -293,10 +308,11 @@ def stop(**kwargs): # Delete helm chart command = 'helm delete --purge ' + chartName + tiller_host() + tls() output = execute_command(command) - config_dir = config_dir_root + str(ctx.deployment.id) - shutil.rmtree(config_dir) if output == False: raise NonRecoverableError("helm delete failed") + config_file = config_dir_root + str( + ctx.deployment.id) + '/' + component + '.yaml' + os.remove(config_file) @operation @@ -322,7 +338,7 @@ def upgrade(**kwargs): with open(configPath, 'w') as outfile: yaml.safe_dump(configJson, outfile, default_flow_style=False) # configure_admin_conf() - upgradeCommand = 'helm upgrade ' + chartName + ' ' + chart + ' -f ' +\ + upgradeCommand = 'helm upgrade ' + chartName + ' ' + chart + ' -f ' + \ configPath + tiller_host() + tls() output = execute_command(upgradeCommand) if output == False: diff --git a/helm/plugin/workflows.py b/helm/plugin/workflows.py index c21f27c..9870bdf 100644 --- a/helm/plugin/workflows.py +++ b/helm/plugin/workflows.py @@ -21,6 +21,7 @@ from cloudify.exceptions import NonRecoverableError import urllib2 import json import yaml +import base64 @workflow @@ -37,7 +38,18 @@ def upgrade(node_instance_id, config_json, config_url, config_format, if config_json == '' and config_url == '': kwargs['config'] = config_json elif config_json == '' and config_url != '': - response = urllib2.urlopen(config_url) + if config_url.find("@"): + head, end = config_url.rsplit('@', 1) + head, auth = head.rsplit('//', 1) + config_url = head + '//' + end + username, password = auth.rsplit(':', 1) + request = urllib2.Request(config_url) + base64string = base64.encodestring( + '%s:%s' % (username, password)).replace('\n', '') + request.add_header("Authorization", "Basic %s" % base64string) + response = urllib2.urlopen(request) + else: + response = urllib2.urlopen(config_url) if config_format == 'json': kwargs['config'] = json.load(response) elif config_format == 'yaml': |