Breaking: remove outdated mixins

This commit is contained in:
Michael Jerger 2023-05-22 09:53:50 +02:00
parent 8b348771e0
commit bae844dfdb
2 changed files with 0 additions and 148 deletions

View file

@ -1,117 +0,0 @@
from .python_util import execute
from .credential import gopass_password_from_path, gopass_field_from_path
from .devops_build import DevopsBuild
def add_aws_rds_pg_mixin_config(config, rds_host_name, db_name,
rds_resolve_dns=False,
db_port='5432'):
config.update({'AwsRdsPgMixin':
{'rds_host_name': rds_host_name,
'db_name': db_name,
'rds_resolve_dns': rds_resolve_dns,
'db_port': db_port,
}})
return config
class AwsRdsPgMixin(DevopsBuild):
def __init__(self, project, config):
super().__init__(project, config)
aws_rds_pg_mixin_config = config['AwsRdsPgMixin']
self.rds_host_name = aws_rds_pg_mixin_config['rds_host_name']
self.rds_resolve_dns = aws_rds_pg_mixin_config['rds_resolve_dns']
self.db_name = aws_rds_pg_mixin_config['db_name']
self.db_port = aws_rds_pg_mixin_config['db_port']
def execute_pg_rds_sql(self, user, password, sql):
if self.rds_resolve_dns:
host_cmd = "dig " + self.rds_host_name + " +short | head -n1"
host = execute(host_cmd, shell=True)
else:
host = self.rds_host_name
cmd = "PGUSER=" + user + " PGPASSWORD=" + password + \
" psql --dbname=" + self.db_name + " --host=" + host + " --port=" + self.db_port + \
" --set=sslmode=require -Atc \"" + sql + "\""
result = execute(cmd, shell=True)
print("PSQL: ", host, result.rstrip())
return result
def alter_db_user_password(self, gopass_path):
user_name = gopass_field_from_path(gopass_path, 'user')
user_old_password = gopass_field_from_path(gopass_path, 'old-password')
user_new_password = gopass_password_from_path(gopass_path)
self.execute_pg_rds_sql(user_name, user_old_password,
"ALTER ROLE " + user_name + " WITH PASSWORD '" + user_new_password + "';")
print("changed password:", user_name)
def add_new_user(self, gopass_path_superuser, gopass_path_new_user, group_role):
superuser_name = gopass_field_from_path(gopass_path_superuser, 'user')
superuser_password = gopass_password_from_path(gopass_path_superuser)
new_user_name = gopass_field_from_path(gopass_path_new_user, 'user')
new_user_password = gopass_password_from_path(gopass_path_new_user)
self.execute_pg_rds_sql(superuser_name, superuser_password,
"CREATE ROLE " + new_user_name + " WITH LOGIN INHERIT PASSWORD '" + new_user_password + "';" +
"GRANT " + group_role + " TO " + new_user_name + ";")
print("created user:", new_user_name)
def deactivate_user(self, gopass_path_superuser, to_deactivate_user_name):
superuser_name = gopass_field_from_path(gopass_path_superuser, 'user')
superuser_password = gopass_password_from_path(gopass_path_superuser)
owned_by_wrong_user = self.execute_pg_rds_sql(superuser_name, superuser_password,
"SELECT count(*) FROM pg_class c, pg_user u WHERE c.relowner = u.usesysid " +
"and u.usename='" + to_deactivate_user_name + "';")
if int(owned_by_wrong_user) > 0:
owned_objects = self.execute_pg_rds_sql(superuser_name, superuser_password,
"SELECT c.relname FROM pg_class c, pg_user u WHERE c.relowner = u.usesysid " +
"and u.usename='" + to_deactivate_user_name + "';")
raise AssertionError(
"There are still objects owned by the user to be deactivated:", owned_objects,to_deactivate_user_name)
connections = self.execute_pg_rds_sql(superuser_name, superuser_password,
"SELECT count(*) FROM pg_stat_activity WHERE application_name = " +
"'PostgreSQL JDBC Driver' AND usename = '" + to_deactivate_user_name + "';")
if int(connections) > 0:
raise AssertionError("User is still connected.")
self.execute_pg_rds_sql(superuser_name, superuser_password,
"ALTER ROLE " + to_deactivate_user_name + " WITH NOLOGIN NOCREATEROLE;")
print('deactivated user:', to_deactivate_user_name)
def change_owned_objects(self, gopass_path_superuser, to_deactivate_user_name, owner):
superuser_name = gopass_field_from_path(gopass_path_superuser, 'user')
superuser_password = gopass_password_from_path(gopass_path_superuser)
alter_objects = f"""SELECT 'ALTER TABLE ' || c.relname || ' OWNER TO {owner};'
FROM pg_class c, pg_user u
WHERE c.relowner = u.usesysid
and c.relkind = 'r'
and u.usename='{to_deactivate_user_name}'
UNION
SELECT 'ALTER INDEX ' || c.relname || ' OWNER TO {owner};'
FROM pg_class c, pg_user u
WHERE c.relowner = u.usesysid
and c.relkind = 'i'
and c.relname not like 'pg_toast%'
and u.usename='{to_deactivate_user_name}'
UNION
SELECT 'ALTER SEQUENCE ' || c.relname || ' OWNER TO {owner};'
FROM pg_class c, pg_user u
WHERE c.relowner = u.usesysid
and c.relkind = 'S'
and u.usename='{to_deactivate_user_name}';"""
alter_stmt = self.execute_pg_rds_sql(superuser_name, superuser_password, alter_objects)
alter_stmt.strip()
if alter_stmt != '':
print('apply alter statements? \n', alter_stmt)
proceed = input('\n[y/n] \n')
if proceed == 'y':
self.execute_pg_rds_sql(superuser_name, superuser_password, alter_stmt)

View file

@ -1,31 +0,0 @@
from .devops_terraform_build import DevopsTerraformBuild
def add_exoscale_mixin_config(config, exoscale_api_key, exoscale_secret_key):
config.update({'ExoscaleMixin':
{'exoscale_api_key': exoscale_api_key,
'exoscale_secret_key': exoscale_secret_key}})
return config
class ExoscaleMixin(DevopsTerraformBuild):
def __init__(self, project, config):
super().__init__(project, config)
exoscale_mixin_config = config['ExoscaleMixin']
self.exoscale_api_key = exoscale_mixin_config['exoscale_api_key']
self.exoscale_secret_key = exoscale_mixin_config['exoscale_secret_key']
def project_vars(self):
ret = super().project_vars()
if self.exoscale_api_key:
ret['exoscale_api_key'] = self.exoscale_api_key
if self.exoscale_secret_key:
ret['exoscale_secret_key'] = self.exoscale_secret_key
return ret
def copy_build_resources_from_package(self):
super().copy_build_resources_from_package()
self.copy_build_resource_file_from_package('provider_registry.tf')
self.copy_build_resource_file_from_package('exoscale_provider.tf')
self.copy_build_resource_file_from_package('exoscale_mixin_vars.tf')