-
-
Save mcansky/853ceb25a4ebd329607f to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{'ec2_autoscale_launch': {'runner.cloud.create': [{'minion': {'startup_states': 'highstate'}}, | |
{'instances': 'i-67ef119e'}, | |
{'instance_id': 'i-67ef119e'}, | |
{'reactor': True}, | |
{'grains': {'consul': {'ip': 'node01.example.com', | |
'service_name': 'web'}, | |
'env': 'prod', | |
'env_prefix': 'qa', | |
'roles': ['app-host']}}]}} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!py | |
import pprint | |
import os | |
import time | |
import json | |
import requests | |
import binascii | |
import M2Crypto | |
import salt.utils.smtp as smtp | |
import salt.config as config | |
def run(): | |
''' | |
Run the reactor | |
''' | |
sns = data['post'] | |
file_log = open('/tmp/bad_log.log', 'a') | |
file_log.write('SNS raw\r\n{0}'.format(pprint.pformat(sns))) | |
file_log.write('\n\n') | |
if 'SubscribeURL' in sns: | |
file_log.write('subscription url !') | |
file_log.close() | |
return {} | |
url_check = sns['SigningCertURL'].replace('https://', '') | |
url_comps = url_check.split('/') | |
if not url_comps[0].endswith('.amazonaws.com'): | |
file_log.write('bad url\r\n{0}'.format(pprint.pformat(sns))) | |
file_log.write('\n\n') | |
file_log.close() | |
msg_kwargs = { | |
'smtp.subject': 'EC2 Autoscale SigningCertURL Error (via Salt Reactor)', | |
'smtp.content': ( | |
'There was an error with the EC2 SigningCertURL. ' | |
'\r\n{1} \r\n{2} \r\n' | |
'Content received was:\r\n\r\n{0}\r\n').format( | |
pprint.pformat(sns), url_check, url_comps[0] | |
), | |
} | |
smtp.send(msg_kwargs, __opts__) | |
return {} | |
if 'Subject' not in sns: | |
sns['Subject'] = '' | |
pem_request = requests.request('GET', sns['SigningCertURL']) | |
pem = pem_request.text | |
str_to_sign = ( | |
'Message\n{Message}\n' | |
'MessageId\n{MessageId}\n' | |
'Subject\n{Subject}\n' | |
'Timestamp\n{Timestamp}\n' | |
'TopicArn\n{TopicArn}\n' | |
'Type\n{Type}\n' | |
).format(**sns) | |
cert = M2Crypto.X509.load_cert_string(str(pem)) | |
pubkey = cert.get_pubkey() | |
pubkey.reset_context(md='sha1') | |
pubkey.verify_init() | |
pubkey.verify_update(str_to_sign.encode()) | |
decoded = binascii.a2b_base64(sns['Signature']) | |
result = pubkey.verify_final(decoded) | |
if result != 1: | |
file_log.write('bad signature\r\n{0}'.format(pprint.pformat(sns))) | |
file_log.write('\n\n') | |
file_log.close() | |
msg_kwargs = { | |
'smtp.subject': 'EC2 Autoscale Signature Error (via Salt Reactor)', | |
'smtp.content': ( | |
'There was an error with the EC2 Signature. ' | |
'Content received was:\r\n\r\n{0}\r\n').format( | |
pprint.pformat(sns) | |
), | |
} | |
smtp.send(msg_kwargs, __opts__) | |
return {} | |
message = json.loads(sns['Message']) | |
instance_id = str(message['EC2InstanceId']) | |
ret = {} | |
if 'launch' in sns['Subject'].lower(): | |
file_log.write('autoscale data\r\n{0}'.format(pprint.pformat(__opts__.get('ec2.autoscale', {})))) | |
file_log.write('\n\n') | |
file_log.write('TAG raw\r\n{0}'.format(pprint.pformat(tag))) | |
file_log.write('\n\n') | |
file_log.write('TAG data\r\n{0}'.format(pprint.pformat(tag.split('/')))) | |
file_log.write('\n\n') | |
file_log.write('TAG splitted\r\n{0}'.format(pprint.pformat(tag.split('/')[-2]))) | |
file_log.write('\n\n') | |
file_log.write('autoscale data raw\r\n{0}'.format(pprint.pformat(__opts__.get('ec2.autoscale', {})))) | |
file_log.write('\n\n') | |
file_log.write('autoscale data selected\r\n{0}'.format(pprint.pformat(__opts__.get('ec2.autoscale', {}).get(str(tag.split('/')[-2]))))) | |
file_log.write('\n\n') | |
vm_ = __opts__.get('ec2.autoscale', {}).get(str(tag.split('/')[-2])) | |
vm_['reactor'] = True | |
vm_['instances'] = instance_id | |
vm_['instance_id'] = instance_id | |
file_log.write('prepared data') | |
file_log.write('\n\n') | |
vm_list = [] | |
for key, value in vm_.iteritems(): | |
if not key.startswith('__'): | |
vm_list.append({key: value}) | |
ret = { | |
'ec2_autoscale_launch': { | |
'runner.cloud.create': vm_list | |
} | |
} | |
file_log.write('added event') | |
file_log.write('\n\n') | |
elif 'termination' in sns['Subject'].lower(): | |
file_log.write('autoscale data on termination\r\n{0}'.format(pprint.pformat(__opts__.get('ec2.autoscale', {})))) | |
file_log.write('\n\n') | |
ret = { | |
'ec2_autoscale_termination': { | |
'wheel.key.delete': [ | |
{'match': instance_id}, | |
] | |
} | |
} | |
file_log.write('firing event') | |
file_log.write('\n\n') | |
file_log.close() | |
return ret |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment