Last active
January 18, 2017 23:42
-
-
Save maur1th/05c34af9a97fffaebcb7e89dc6a03e2a to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import json | |
import os | |
import os.path | |
import sys | |
import urllib.request | |
from subprocess import run, PIPE | |
import shutil | |
SRC = 'https://s3-eu-west-1.amazonaws.com/maurin-d2si/formation-devops/credentials.tgz' | |
KEY = os.path.join(os.environ['HOME'], '.ssh', 'crashcourse') | |
TARGET_PATH = os.path.join(os.environ['HOME'], '.aws') | |
TARGET_NAME = 'credentials.test' | |
def is_key_pair(private, public): | |
print('Checking SSH key...') | |
pub_key = run(['ssh-keygen', '-y', '-f', private], stdout=PIPE) | |
pub_key = pub_key.stdout.strip().decode('utf-8') | |
with open(KEY + '.pub') as f: | |
return f.readline().strip() == pub_key | |
def read_input(): | |
text = [] | |
while True: | |
line = input() | |
if not line: | |
break | |
text.append(line) | |
return '\n'.join(text) | |
def set_ssh_key(): | |
if os.path.exists(KEY) and is_key_pair(KEY, KEY + '.pub'): | |
print('Matching key pair 👍') | |
return | |
print('Please copy paste here the SSH key you were provided with.') | |
ssh_key = read_input() | |
with open(KEY, 'w') as f: | |
print('Writing key...') | |
f.write(ssh_key) | |
run(['chmod', '600', KEY]) | |
if is_key_pair(KEY, KEY + '.pub'): | |
print('Matching key pair 👍') | |
else: | |
print('Invalid key, please try again.') | |
sys.exit(-1) | |
def load_all_credentials(): | |
if not os.path.exists('tmp'): | |
os.makedirs('tmp') | |
path = 'tmp/credentials.json' | |
with open(path + '.tgz', 'b+w') as f: | |
f.write(urllib.request.urlopen(SRC).read()) | |
run(['tar', '-xzf', path + '.tgz', '--directory', 'tmp']) | |
# Decrypt key | |
run(['openssl', 'rsautl', '-decrypt', '-ssl', '-inkey', KEY, '-in', | |
'tmp/key.enc', '-out', 'tmp/key']) | |
# Decrypt file with key | |
run(['openssl', 'aes-256-cbc', '-d', '-in', path + '.enc', '-out', path, | |
'-pass', 'file:tmp/key']) | |
with open(path) as f: | |
all_credentials = json.load(f) | |
shutil.rmtree('tmp') | |
return all_credentials | |
def get_credentials(): | |
all_credentials = load_all_credentials() | |
try: | |
id = int(input('What is your group number? ')) - 1 | |
print('============') | |
except ValueError: | |
print('Error: Please enter a number') | |
sys.exit(-1) | |
if id not in range(len(all_credentials)): | |
print('Error: No credentials for this group number.') | |
sys.exit(-1) | |
return all_credentials[id] | |
def write_conf(credentials, path, name): | |
if not os.path.exists(path): | |
os.makedirs(path) | |
with open(os.path.join(path, name), 'w') as f: | |
f.write('[default]\n' | |
f'aws_access_key_id={credentials["access_key"]}\n' | |
f'aws_secret_access_key={credentials["secret"]}\n') | |
print(f'Wrote AWS conf file in {os.path.join(path, name)}') | |
print('============') | |
if __name__ == '__main__': | |
set_ssh_key() | |
print('============') | |
credentials = get_credentials() | |
write_conf(credentials, TARGET_PATH, TARGET_NAME) | |
print('Connect to AWS using:\n' | |
f'URL: {credentials["url"]}\n' | |
f'Username: {credentials["username"]}\n' | |
f'Password: {credentials["password"]}') |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment