summaryrefslogtreecommitdiffstats
path: root/helm
diff options
context:
space:
mode:
authorjh245g <jh245g@att.com>2018-08-02 11:10:49 -0400
committerjh245g <jh245g@att.com>2018-08-02 11:11:23 -0400
commit7ea7c4c8d4f368d831fc145684661594f4f6561c (patch)
tree305cb4030040e6ba65e1532d9fee7ec2f1ec31be /helm
parent544487f0c1ea4b5efa94a4e97348ea0c412df19c (diff)
Support basic authentication in config repo
Change-Id: Ic2f40abfbb54bf006f750e4aab7993cb1f4bd5c5 Issue-ID: CCSDK-425 Signed-off-by: jh245g <jh245g@att.com>
Diffstat (limited to 'helm')
-rw-r--r--helm/plugin/tasks.py30
-rw-r--r--helm/plugin/workflows.py14
2 files changed, 36 insertions, 8 deletions
diff --git a/helm/plugin/tasks.py b/helm/plugin/tasks.py
index 9d03fba..5ff7df8 100644
--- a/helm/plugin/tasks.py
+++ b/helm/plugin/tasks.py
@@ -30,6 +30,7 @@ from cloudify.exceptions import OperationRetry
from cloudify_rest_client.exceptions import CloudifyClientError
import pip
import json
+import base64
import yaml
import urllib2
from cloudify.decorators import operation
@@ -71,10 +72,12 @@ def configure_admin_conf():
admin_file_dest = os.path.join(os.path.expanduser('~'), 'admin.conf')
execute_command(
- 'sudo cp {0} {1}'.format('/etc/kubernetes/admin.conf', admin_file_dest))
+ 'sudo cp {0} {1}'.format('/etc/kubernetes/admin.conf',
+ admin_file_dest))
execute_command('sudo chown {0}:{1} {2}'.format(uid, gid, admin_file_dest))
- with open(os.path.join(os.path.expanduser('~'), '.bashrc'), 'a') as outfile:
+ with open(os.path.join(os.path.expanduser('~'), '.bashrc'),
+ 'a') as outfile:
outfile.write('export KUBECONFIG=$HOME/admin.conf')
os.environ['KUBECONFIG'] = admin_file_dest
@@ -87,7 +90,8 @@ def get_current_helm_value(chart_name):
if str_to_bool(ctx.node.properties['tls-enable']):
getValueCommand = subprocess.Popen(
["helm", "get", "values", "-a", chart_name, '--host', tiller_host,
- '--tls', '--tls-ca-cert', config_dir + 'ca.cert.pem', '--tls-cert',
+ '--tls', '--tls-ca-cert', config_dir + 'ca.cert.pem',
+ '--tls-cert',
config_dir + 'helm.cert.pem', '--tls-key',
config_dir + 'helm.key.pem'], stdout=subprocess.PIPE)
else:
@@ -216,7 +220,18 @@ def config(**kwargs):
if configJson == '' and configUrl == '':
ctx.logger.debug("Will use default HELM value")
elif configJson == '' and configUrl != '':
- response = urllib2.urlopen(configUrl)
+ if configUrl.find("@"):
+ head, end = configUrl.rsplit('@', 1)
+ head, auth = head.rsplit('//', 1)
+ configUrl = head + '//' + end
+ username, password = auth.rsplit(':', 1)
+ request = urllib2.Request(configUrl)
+ base64string = base64.encodestring(
+ '%s:%s' % (username, password)).replace('\n', '')
+ request.add_header("Authorization", "Basic %s" % base64string)
+ response = urllib2.urlopen(request)
+ else:
+ response = urllib2.urlopen(configUrl)
if configUrlInputFormat == 'json':
configObj = json.load(response)
elif configUrlInputFormat == 'yaml':
@@ -293,10 +308,11 @@ def stop(**kwargs):
# Delete helm chart
command = 'helm delete --purge ' + chartName + tiller_host() + tls()
output = execute_command(command)
- config_dir = config_dir_root + str(ctx.deployment.id)
- shutil.rmtree(config_dir)
if output == False:
raise NonRecoverableError("helm delete failed")
+ config_file = config_dir_root + str(
+ ctx.deployment.id) + '/' + component + '.yaml'
+ os.remove(config_file)
@operation
@@ -322,7 +338,7 @@ def upgrade(**kwargs):
with open(configPath, 'w') as outfile:
yaml.safe_dump(configJson, outfile, default_flow_style=False)
# configure_admin_conf()
- upgradeCommand = 'helm upgrade ' + chartName + ' ' + chart + ' -f ' +\
+ upgradeCommand = 'helm upgrade ' + chartName + ' ' + chart + ' -f ' + \
configPath + tiller_host() + tls()
output = execute_command(upgradeCommand)
if output == False:
diff --git a/helm/plugin/workflows.py b/helm/plugin/workflows.py
index c21f27c..9870bdf 100644
--- a/helm/plugin/workflows.py
+++ b/helm/plugin/workflows.py
@@ -21,6 +21,7 @@ from cloudify.exceptions import NonRecoverableError
import urllib2
import json
import yaml
+import base64
@workflow
@@ -37,7 +38,18 @@ def upgrade(node_instance_id, config_json, config_url, config_format,
if config_json == '' and config_url == '':
kwargs['config'] = config_json
elif config_json == '' and config_url != '':
- response = urllib2.urlopen(config_url)
+ if config_url.find("@"):
+ head, end = config_url.rsplit('@', 1)
+ head, auth = head.rsplit('//', 1)
+ config_url = head + '//' + end
+ username, password = auth.rsplit(':', 1)
+ request = urllib2.Request(config_url)
+ base64string = base64.encodestring(
+ '%s:%s' % (username, password)).replace('\n', '')
+ request.add_header("Authorization", "Basic %s" % base64string)
+ response = urllib2.urlopen(request)
+ else:
+ response = urllib2.urlopen(config_url)
if config_format == 'json':
kwargs['config'] = json.load(response)
elif config_format == 'yaml':