/gist:e6d79d1de62e0edd821bedf76bfd5a20
Created Aug 5, 2016
| # Map action name to (function, frequency). | |
| actions_to_func_freq = { | |
| 'init': (do_init, PER_ONCE), | |
| 'cron': (do_cron, PER_INSTANCE), | |
| 'pbis_auth': (do_pbis_auth, PER_INSTANCE), | |
| 'spacewalk_register': (do_spacewalk_register, PER_INSTANCE), | |
| 'sysctl': (do_sysctl, PER_INSTANCE), | |
| # This one creates the initial login user and the service account | |
| # and we want to run it at every boot incase a new login user or | |
| # service account gets added. | |
| 'service_account': (do_service_account, PER_ALWAYS), | |
| # This one is special since a cron job will also call into it | |
| # periodically to trigger sudoers refreshing... (see `update-sudoers` | |
| # script and cron action). | |
| 'sudoers': (do_sudoers, PER_INSTANCE), | |
| 'ds_agent': (do_ds_agent, PER_INSTANCE), | |
| 'cleanup': (do_cleanup, PER_ALWAYS), | |
| 'ntpd': (do_ntpd, PER_INSTANCE), | |
| } | |
| def handle(mod_name, cfg, cloud, log, args): | |
| # This uses vendordata *only* and currently does not allow itself | |
| # to be overridden (at least for the time being); at a future point | |
| # we can consider merging the two or doing something different, but | |
| # for now this module can't really be user 'controlled/tweaked'. | |
| vd_cfg = cloud.datasource.get_vendordata() | |
| if not vd_cfg: | |
| vd_cfg = {} | |
| # Use a subkey so that we could at some point have other root keys | |
| # in vendordata that may or may not be godaddy related... | |
| try: | |
| gd_cfg = vd_cfg['godaddy'] | |
| if not gd_cfg: | |
| gd_cfg = {} | |
| except KeyError: | |
| gd_cfg = {} | |
| # Disable ourself by default; so that this code can be activated/installed | |
| # without causing issues with the existing puppet codes and packages... | |
| try: | |
| if gd_cfg["disabled"]: | |
| log.debug("Skipping module named %s, it is" | |
| " actively (explicitly) disabled.", mod_name) | |
| return | |
| except KeyError: | |
| log.debug("Skipping module named %s, it is" | |
| " passively (by default) disabled.", mod_name) | |
| return | |
| # The actions that we will run (and the order in which they | |
| # will run); these must match to a method of the action class/object. | |
| actions = list(gd_cfg.get('actions', default_actions)) | |
| gd_meta = fetch_gd_meta(cloud) | |
| disable_spacewalk = util.get_cfg_option_bool( | |
| gd_cfg, 'disable_spacewalk', | |
| default=util.get_cfg_option_bool(gd_meta, 'disable_spacewalk', | |
| default=False)) | |
| if not disable_spacewalk: | |
| # Only add it if not explicitly (already) provided... | |
| if 'spacewalk_register' not in actions: | |
| actions.append('spacewalk_register') | |
| # See: https://www.powerbrokeropen.org/ (PowerBroker Identity Services) | |
| disable_pbis = util.get_cfg_option_bool( | |
| gd_cfg, 'disable_pbis', | |
| default=util.get_cfg_option_bool(gd_meta, 'disable_pbis', | |
| default=False)) | |
| if not disable_pbis: | |
| # Only add it if not explicitly (already) provided... | |
| if 'pbis_auth' not in actions: | |
| # Ensure that pbis auth happens before 'sudoers' | |
| # or 'service_account' activities... | |
| find_mods = ['sudoers', 'service_account'] | |
| if not disable_spacewalk: | |
| # Make sure PBIS is *also* done before | |
| # spacewalk registration, if we are doing both. | |
| find_mods.append('spacewalk_register') | |
| idx_choices = [] | |
| for mod in find_mods: | |
| try: | |
| idx_choices.append(actions.index(mod)) | |
| except (IndexError, ValueError): | |
| pass | |
| if len(idx_choices): | |
| actions.insert(min(idx_choices), 'pbis_auth') | |
| else: | |
| actions.append('pbis_auth') | |
| log.info("Godaddy module %s will run the" | |
| " following subactions (in order): %s", mod_name, actions) | |
| needs_secrets = False | |
| for action in actions: | |
| handler_func, _freq = actions_to_func_freq[action] | |
| if getattr(handler_func, 'needs_secrets', False): | |
| needs_secrets = True | |
| if needs_secrets: | |
| secrets_blob = gd_cfg['secrets'] | |
| secrets = read_secrets( | |
| util.load_file(gd_cfg.get('secrets_key', key_path)), | |
| secrets_blob) | |
| else: | |
| secrets = {} | |
| # TODO(harlowja): it'd be nice to have sub-modules in cloud-init at | |
| # some point so that we don't have to do this ourselves here... | |
| runner = helpers.Runners(cloud.paths) | |
| for action in actions: | |
| handler_func, freq = actions_to_func_freq[action] | |
| action_name = "%s%s.%s" % (sem_prefix, mod_name, action) | |
| runner.run( | |
| action_name, handler_func, | |
| [mod_name, action, gd_cfg, cloud, log, secrets], freq=freq) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment