harlowja/gist:e6d79d1de62e0edd821bedf76bfd5a20

## gistfile1.txt
# Map action name to (function, frequency).
actions_to_func_freq = {
    'init': (do_init, PER_ONCE),
    'cron': (do_cron, PER_INSTANCE),
    'pbis_auth': (do_pbis_auth, PER_INSTANCE),
    'spacewalk_register': (do_spacewalk_register, PER_INSTANCE),
    'sysctl': (do_sysctl, PER_INSTANCE),
    # This one creates the initial login user and the service account
    # and we want to run it at every boot incase a new login user or
    # service account gets added.
    'service_account': (do_service_account, PER_ALWAYS),
    # This one is special since a cron job will also call into it
    # periodically to trigger sudoers refreshing... (see `update-sudoers`
    # script and cron action).
    'sudoers': (do_sudoers, PER_INSTANCE),
    'ds_agent': (do_ds_agent, PER_INSTANCE),
    'cleanup': (do_cleanup, PER_ALWAYS),
    'ntpd': (do_ntpd, PER_INSTANCE),
}


def handle(mod_name, cfg, cloud, log, args):
    # This uses vendordata *only* and currently does not allow itself
    # to be overridden (at least for the time being); at a future point
    # we can consider merging the two or doing something different, but
    # for now this module can't really be user 'controlled/tweaked'.
    vd_cfg = cloud.datasource.get_vendordata()
    if not vd_cfg:
        vd_cfg = {}
    # Use a subkey so that we could at some point have other root keys
    # in vendordata that may or may not be godaddy related...
    try:
        gd_cfg = vd_cfg['godaddy']
        if not gd_cfg:
            gd_cfg = {}
    except KeyError:
        gd_cfg = {}
    # Disable ourself by default; so that this code can be activated/installed
    # without causing issues with the existing puppet codes and packages...
    try:
        if gd_cfg["disabled"]:
            log.debug("Skipping module named %s, it is"
                      " actively (explicitly) disabled.", mod_name)
            return
    except KeyError:
        log.debug("Skipping module named %s, it is"
                  " passively (by default) disabled.", mod_name)
        return
    # The actions that we will run (and the order in which they
    # will run); these must match to a method of the action class/object.
    actions = list(gd_cfg.get('actions', default_actions))
    gd_meta = fetch_gd_meta(cloud)
    disable_spacewalk = util.get_cfg_option_bool(
        gd_cfg, 'disable_spacewalk',
        default=util.get_cfg_option_bool(gd_meta, 'disable_spacewalk',
                                         default=False))
    if not disable_spacewalk:
        # Only add it if not explicitly (already) provided...
        if 'spacewalk_register' not in actions:
            actions.append('spacewalk_register')
    # See: https://www.powerbrokeropen.org/ (PowerBroker Identity Services)
    disable_pbis = util.get_cfg_option_bool(
        gd_cfg, 'disable_pbis',
        default=util.get_cfg_option_bool(gd_meta, 'disable_pbis',
                                         default=False))
    if not disable_pbis:
        # Only add it if not explicitly (already) provided...
        if 'pbis_auth' not in actions:
            # Ensure that pbis auth happens before 'sudoers'
            # or 'service_account' activities...
            find_mods = ['sudoers', 'service_account']
            if not disable_spacewalk:
                # Make sure PBIS is *also* done before
                # spacewalk registration, if we are doing both.
                find_mods.append('spacewalk_register')
            idx_choices = []
            for mod in find_mods:
                try:
                    idx_choices.append(actions.index(mod))
                except (IndexError, ValueError):
                    pass
            if len(idx_choices):
                actions.insert(min(idx_choices), 'pbis_auth')
            else:
                actions.append('pbis_auth')
    log.info("Godaddy module %s will run the"
             " following subactions (in order): %s", mod_name, actions)
    needs_secrets = False
    for action in actions:
        handler_func, _freq = actions_to_func_freq[action]
        if getattr(handler_func, 'needs_secrets', False):
            needs_secrets = True
    if needs_secrets:
        secrets_blob = gd_cfg['secrets']
        secrets = read_secrets(
            util.load_file(gd_cfg.get('secrets_key', key_path)),
            secrets_blob)
    else:
        secrets = {}
    # TODO(harlowja): it'd be nice to have sub-modules in cloud-init at
    # some point so that we don't have to do this ourselves here...
    runner = helpers.Runners(cloud.paths)
    for action in actions:
        handler_func, freq = actions_to_func_freq[action]
        action_name = "%s%s.%s" % (sem_prefix, mod_name, action)
        runner.run(
            action_name, handler_func,
            [mod_name, action, gd_cfg, cloud, log, secrets], freq=freq)
	# Map action name to (function, frequency).
	actions_to_func_freq = {
	'init': (do_init, PER_ONCE),
	'cron': (do_cron, PER_INSTANCE),
	'pbis_auth': (do_pbis_auth, PER_INSTANCE),
	'spacewalk_register': (do_spacewalk_register, PER_INSTANCE),
	'sysctl': (do_sysctl, PER_INSTANCE),
	# This one creates the initial login user and the service account
	# and we want to run it at every boot incase a new login user or
	# service account gets added.
	'service_account': (do_service_account, PER_ALWAYS),
	# This one is special since a cron job will also call into it
	# periodically to trigger sudoers refreshing... (see `update-sudoers`
	# script and cron action).
	'sudoers': (do_sudoers, PER_INSTANCE),
	'ds_agent': (do_ds_agent, PER_INSTANCE),
	'cleanup': (do_cleanup, PER_ALWAYS),
	'ntpd': (do_ntpd, PER_INSTANCE),
	}


	def handle(mod_name, cfg, cloud, log, args):
	# This uses vendordata only and currently does not allow itself
	# to be overridden (at least for the time being); at a future point
	# we can consider merging the two or doing something different, but
	# for now this module can't really be user 'controlled/tweaked'.
	vd_cfg = cloud.datasource.get_vendordata()
	if not vd_cfg:
	vd_cfg = {}
	# Use a subkey so that we could at some point have other root keys
	# in vendordata that may or may not be godaddy related...
	try:
	gd_cfg = vd_cfg['godaddy']
	if not gd_cfg:
	gd_cfg = {}
	except KeyError:
	gd_cfg = {}
	# Disable ourself by default; so that this code can be activated/installed
	# without causing issues with the existing puppet codes and packages...
	try:
	if gd_cfg["disabled"]:
	log.debug("Skipping module named %s, it is"
	" actively (explicitly) disabled.", mod_name)
	return
	except KeyError:
	log.debug("Skipping module named %s, it is"
	" passively (by default) disabled.", mod_name)
	return
	# The actions that we will run (and the order in which they
	# will run); these must match to a method of the action class/object.
	actions = list(gd_cfg.get('actions', default_actions))
	gd_meta = fetch_gd_meta(cloud)
	disable_spacewalk = util.get_cfg_option_bool(
	gd_cfg, 'disable_spacewalk',
	default=util.get_cfg_option_bool(gd_meta, 'disable_spacewalk',
	default=False))
	if not disable_spacewalk:
	# Only add it if not explicitly (already) provided...
	if 'spacewalk_register' not in actions:
	actions.append('spacewalk_register')
	# See: https://www.powerbrokeropen.org/ (PowerBroker Identity Services)
	disable_pbis = util.get_cfg_option_bool(
	gd_cfg, 'disable_pbis',
	default=util.get_cfg_option_bool(gd_meta, 'disable_pbis',
	default=False))
	if not disable_pbis:
	# Only add it if not explicitly (already) provided...
	if 'pbis_auth' not in actions:
	# Ensure that pbis auth happens before 'sudoers'
	# or 'service_account' activities...
	find_mods = ['sudoers', 'service_account']
	if not disable_spacewalk:
	# Make sure PBIS is also done before
	# spacewalk registration, if we are doing both.
	find_mods.append('spacewalk_register')
	idx_choices = []
	for mod in find_mods:
	try:
	idx_choices.append(actions.index(mod))
	except (IndexError, ValueError):
	pass
	if len(idx_choices):
	actions.insert(min(idx_choices), 'pbis_auth')
	else:
	actions.append('pbis_auth')
	log.info("Godaddy module %s will run the"
	" following subactions (in order): %s", mod_name, actions)
	needs_secrets = False
	for action in actions:
	handler_func, _freq = actions_to_func_freq[action]
	if getattr(handler_func, 'needs_secrets', False):
	needs_secrets = True
	if needs_secrets:
	secrets_blob = gd_cfg['secrets']
	secrets = read_secrets(
	util.load_file(gd_cfg.get('secrets_key', key_path)),
	secrets_blob)
	else:
	secrets = {}
	# TODO(harlowja): it'd be nice to have sub-modules in cloud-init at
	# some point so that we don't have to do this ourselves here...
	runner = helpers.Runners(cloud.paths)
	for action in actions:
	handler_func, freq = actions_to_func_freq[action]
	action_name = "%s%s.%s" % (sem_prefix, mod_name, action)
	runner.run(
	action_name, handler_func,
	[mod_name, action, gd_cfg, cloud, log, secrets], freq=freq)