-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathibmcloud_cos_image_uploader.py
executable file
·766 lines (695 loc) · 28.7 KB
/
ibmcloud_cos_image_uploader.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
#!/usr/bin/env python
# coding=utf-8
# pylint: disable=broad-except,unused-argument,line-too-long, unused-variable
# Copyright (c) 2016-2018, F5 Networks, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
"""
This module contains the logic to scan for patched TMOS disk images
and then upload to IBM Cloud Object Storage
"""
import os
import sys
import time
import datetime
import logging
import json
import ibm_boto3
import requests
import re
import concurrent.futures
import threading
from ibm_botocore.client import Config, ClientError
LOG_LEVELS = {
'debug': logging.DEBUG,
'info': logging.INFO,
'warning': logging.WARNING,
'error': logging.ERROR,
'critical': logging.CRITICAL
}
IMAGE_TYPES = ['.qcow2', '.vhd', '.vmdk']
IBM_COS_REGIONS = []
TMOS_IMAGE_DIR = None
COS_DIRECT_LINKS = None
COS_UPLOAD_THREADS = 1
COS_API_KEY = None
COS_RESOURCE_CRN = None
COS_IMAGE_LOCATION = None
COS_AUTH_ENDPOINT = None
COS_ENDPOINT = None
COS_BUCKET_PREFIX = 'f5'
IC_API_KEY = None
IC_RESOURCE_GROUP = 'default'
AUTH_ENDPOINT = 'https://iam.cloud.ibm.com/identity/token'
SESSION_TOKEN = None
SESSION_TIMESTAMP = 0
SESSION_SECONDS = 1800
IMAGE_STATUS_PAUSE_SECONDS = 5
VPC_QP = "version=2022-09-13&generation=2"
IMAGE_MATCH = '^[a-zA-Z]'
UPDATE_IMAGES = None
DELETE_ALL = None
PUBLIC_IMAGES = None
WAIT_FOR_AVAILABLE = None
INVENTORY = None
LOG = logging.getLogger('ibmcloud_cos_image_uploader')
LOG.setLevel(logging.DEBUG)
FORMATTER = logging.Formatter(
'%(asctime)s - %(name)s - %(levelname)s - %(message)s')
LOGSTREAM = logging.StreamHandler(sys.stdout)
LOGSTREAM.setFormatter(FORMATTER)
LOG.addHandler(LOGSTREAM)
def get_iam_token():
global SESSION_TOKEN, SESSION_TIMESTAMP
now = int(time.time())
if SESSION_TIMESTAMP > 0 and ((now - SESSION_TIMESTAMP) < SESSION_SECONDS):
return SESSION_TOKEN
headers = {
"Accept": "application/json",
"Content-Type": "application/x-www-form-urlencoded"
}
data = "apikey=%s&grant_type=urn:ibm:params:oauth:grant-type:apikey" % IC_API_KEY
response = requests.post(AUTH_ENDPOINT, headers=headers, data=data)
if response.status_code < 300:
SESSION_TIMESTAMP = int(time.time())
SESSION_TOKEN = response.json()['access_token']
return SESSION_TOKEN
else:
return None
def get_patched_images(tmos_image_dir):
"""get TMOS patched disk images"""
return_image_files = []
LOG.debug('searching for images in %s', tmos_image_dir)
for patched_dir in os.listdir(tmos_image_dir):
patched_dir_path = "%s/%s" % (tmos_image_dir, patched_dir)
if os.path.isdir(patched_dir_path):
for patched_image in os.listdir(patched_dir_path):
if os.path.splitext(patched_image)[-1] in IMAGE_TYPES:
image_filepath = "%s/%s" % (patched_dir_path,
patched_image)
return_image_files.append(image_filepath)
return return_image_files
def get_bucket_name(image_path, location):
"""Get bucket for this patched image"""
return "%s-%s-%s" % (
COS_BUCKET_PREFIX,
os.path.splitext(
os.path.dirname(image_path.replace(TMOS_IMAGE_DIR, '')).replace(
os.path.sep, ''))[0].replace('_', '-').lower(), location)
def get_object_name(image_path, location):
"""Get object name for this patched image"""
if 'DATASTOR' in image_path:
return "%s_DATASTOR" % os.path.dirname(
image_path.replace(TMOS_IMAGE_DIR, '')).replace(os.path.sep, '')
else:
return os.path.dirname(image_path.replace(TMOS_IMAGE_DIR, '')).replace(
os.path.sep, '')
def get_cos_client(location):
"""return IBM COS client object"""
cos_endpoint = "https://s3.%s.cloud-object-storage.appdomain.cloud" % location
if COS_DIRECT_LINKS:
cos_endpoint = "https://s3.direct.%s.cloud-object-storage.appdomain.cloud" % location
return ibm_boto3.client("s3",
ibm_api_key_id=COS_API_KEY,
ibm_service_instance_id=COS_RESOURCE_CRN,
ibm_auth_endpoint=COS_AUTH_ENDPOINT,
config=Config(signature_version="oauth"),
endpoint_url=cos_endpoint)
def get_cos_resource(location):
"""return IBM COS resource object"""
cos_endpoint = "https://s3.%s.cloud-object-storage.appdomain.cloud" % location
if COS_DIRECT_LINKS:
cos_endpoint = "https://s3.direct.%s.cloud-object-storage.appdomain.cloud" % location
return ibm_boto3.resource("s3",
ibm_api_key_id=COS_API_KEY,
ibm_service_instance_id=COS_RESOURCE_CRN,
ibm_auth_endpoint=COS_AUTH_ENDPOINT,
config=Config(signature_version="oauth"),
endpoint_url=cos_endpoint)
def assure_bucket(bucket_name, location):
"""Make sure bucket exists"""
cos_res = get_cos_resource(location)
try:
for bucket in cos_res.buckets.all():
if bucket.name == bucket_name:
LOG.debug('bucket: %s exists', bucket_name)
return True
LOG.debug('creating bucket %s', bucket_name)
cos_res.Bucket(bucket_name).create(ACL='public-read')
time.sleep(10)
return True
except ClientError as client_error:
# bucket was created, but didn't show up in the list fast
# enough for the next upload task to see it
if str(client_error).find('BucketAlreadyExists') > 0:
return True
else:
LOG.error('client error assuring bucket %s: %s', bucket_name,
client_error)
return False
except Exception as ex:
LOG.error('exception occurred assuring bucket %s: %s', bucket_name, ex)
return False
def assure_object(file_path, bucket_name, object_name, location):
"""check if patched image already exists"""
cos_res = get_cos_resource(location)
try:
for obj in cos_res.Bucket(bucket_name).objects.all():
if obj.key == object_name:
if UPDATE_IMAGES:
obj.delete()
else:
LOG.debug('object: %s/%s exists', bucket_name, object_name)
return True
LOG.debug('starting upload of image %s to %s/%s', file_path,
bucket_name, object_name)
part_size = 1024 * 1024 * 2
file_threshold = 1024 * 1024 * 1024 * 10
transfer_config = ibm_boto3.s3.transfer.TransferConfig(
multipart_threshold=file_threshold, multipart_chunksize=part_size)
cos_client = get_cos_client(location)
transfer_mgr = ibm_boto3.s3.transfer.TransferManager(
cos_client, config=transfer_config)
upload = transfer_mgr.upload(file_path,
bucket_name,
object_name,
extra_args={'ACL': 'public-read'})
upload.result()
LOG.debug('upload complete for %s/%s', bucket_name, object_name)
return True
except ClientError as ce:
LOG.error('client error assuring object %s/%s: %s', bucket_name,
object_name, ce)
return False
except Exception as ex:
LOG.error('exception occurred assuring object %s/%s: %s', bucket_name,
object_name, ex)
return False
def assure_cos_bucket(image_path, location):
"""assure patch image bucket"""
bucket_name = get_bucket_name(image_path, location)
object_name = get_object_name(image_path, location)
if re.search(IMAGE_MATCH, object_name):
return assure_bucket(bucket_name, location)
def assure_cos_object(image_path, location):
"""assure patch image object"""
bucket_name = get_bucket_name(image_path, location)
object_name = get_object_name(image_path, location)
if re.search(IMAGE_MATCH, object_name):
md5_path = "%s.md5" % image_path
if os.path.exists(md5_path):
md5_object_name = "%s.md5" % object_name
assure_object(md5_path, bucket_name, md5_object_name, location)
sig_path = "%s.384.sig" % image_path
if os.path.exists(sig_path):
sig_object_name = "%s.384.sig" % object_name
assure_object(sig_path, bucket_name, sig_object_name, location)
assure_object(image_path, bucket_name, object_name, location)
def delete_all():
"""delete all files and buckets from the COS resource"""
LOG.debug('deleting images in: %s', IBM_COS_REGIONS)
token = None
if not IC_API_KEY:
LOG.debug('will not remove VPC image because now API KEY was defined')
else:
token = get_iam_token()
for location in IBM_COS_REGIONS:
LOG.debug("deleting images in %s region" % location)
cos_res = get_cos_resource(location)
try:
for bucket in cos_res.buckets.all():
if location in bucket.name:
if bucket.name.startswith(COS_BUCKET_PREFIX):
delete_bucket = False
for obj in cos_res.Bucket(bucket.name).objects.all():
if re.search(IMAGE_MATCH, obj.key):
LOG.debug('deleting object: %s', obj.key)
image_name = bucket.name.replace(
"%s-" % COS_BUCKET_PREFIX, '').replace('.', '-')
cos_url = "cos://%s/%s/%s" % (
location, bucket.name, obj.key)
LOG.debug('removing public image %s in %s from url %s' % (
image_name, location, cos_url))
obj.delete()
delete_bucket = True
else:
LOG.debug(
'leaving object: %s because it did not match %s',
obj.key, IMAGE_MATCH)
if delete_bucket:
LOG.debug('deleting bucket: %s', bucket.name)
bucket.delete()
for image in get_images(token, location):
image_name_match = IMAGE_MATCH.lower()
if re.search(image_name_match, image['name']):
LOG.debug('deleting vpc image: %s', image['name'])
delete_public_image(token, location, image['name'])
except ClientError as client_error:
LOG.error('client error deleting all resources: %s', client_error)
except Exception as ex:
LOG.error('exception occurred deleting all resources: %s', ex)
def upload_patched_images():
"""check for images and assure upload to IBM COS"""
LOG.debug('uploading images to %s', IBM_COS_REGIONS)
# Just do an interation to serially create buckets
image_paths = get_patched_images(TMOS_IMAGE_DIR)
number_of_uploades = len(image_paths) * len(IBM_COS_REGIONS)
current_image = 1
for image_path in image_paths:
for location in IBM_COS_REGIONS:
LOG.debug('Processing image %d of %d', current_image,
number_of_uploades)
if assure_cos_bucket(image_path, location):
assure_cos_object(image_path, location)
current_image += 1
def get_resource_group_id(token=None, resource_group_name=IC_RESOURCE_GROUP):
if not token:
token = get_iam_token()
rg_url = "https://resource-controller.cloud.ibm.com/v2/resource_groups"
headers = {
"Accept": "application/json",
"Content-Type": "application/json",
"Authorization": "Bearer %s" % token
}
response = requests.get(rg_url, headers=headers)
if response.status_code < 300:
rgs = response.json()['resources']
for rg in rgs:
if rg['name'] == resource_group_name:
return rg['id']
return None
else:
return None
def get_images(token, region):
page_url = "https://%s.iaas.cloud.ibm.com/v1/images?limit=100&%s" % (region,VPC_QP)
headers = {
"Accept": "application/json",
"Content-Type": "application/json",
"Authorization": "Bearer %s" % token
}
images = []
page = 1
LOG.debug('getting cloud images page %d: %s' % (page, page_url))
response = requests.get(page_url, headers=headers)
if response.status_code < 300:
data = response.json()
images = images + data['images']
while 'next' in data and not data['next']['href'] == page_url:
page += 1
page_url = "%s&%s" % (data['next']['href'], VPC_QP)
LOG.debug('getting cloud images page %d: %s' % (page, page_url))
response = requests.get(page_url, headers=headers)
if response.status_code < 300:
data = response.json()
images = images + data['images']
else:
LOG.error('error retrieving images status code: %d - Cloudflare.. hmm..' % response.status_code)
return images
else:
LOG.error('error retrieving images status code: %d - Cloudflare.. hmm..' % response.status_code)
return images
LOG.debug('%d images retrieved from IBM cloud in %s' % (len(images), region))
return images
def get_image_id(token, region, image_name):
if not token:
token = get_iam_token()
image_url = "https://%s.iaas.cloud.ibm.com/v1/images?name=%s&%s" % (
region, image_name, VPC_QP)
headers = {
"Accept": "application/json",
"Content-Type": "application/json",
"Authorization": "Bearer %s" % token
}
response = requests.get(image_url, headers=headers)
if response.status_code < 300:
images = response.json()
for image in images['images']:
if image['name'] == image_name:
LOG.debug('found VPC image id for name %s: %s' %
(image_name, image['id']))
return image['id']
return None
else:
return None
def get_image_visibility(token, region, image_id):
if not token:
token = get_iam_token()
image_url = "https://%s.iaas.cloud.ibm.com/v1/images/%s?%s" % (
region, image_id, VPC_QP)
headers = {
"Accept": "application/json",
"Content-Type": "application/json",
"Authorization": "Bearer %s" % token
}
response = requests.get(image_url, headers=headers)
if response.status_code < 300:
image = response.json()
if image['id'] == image_id:
return image['visibility']
return None
else:
return None
def get_image_status(token, region, image_id):
if not token:
token = get_iam_token()
image_url = "https://%s.iaas.cloud.ibm.com/v1/images/%s?%s" % (
region, image_id, VPC_QP)
headers = {
"Accept": "application/json",
"Content-Type": "application/json",
"Authorization": "Bearer %s" % token
}
response = requests.get(image_url, headers=headers)
if response.status_code < 300:
image = response.json()
return image['status']
else:
return None
def make_image_public(token, region, image_id):
if not token:
token = get_iam_token()
image_visibility = get_image_visibility(token, region, image_id)
if not image_visibility == 'public':
LOG.debug('setting image %s visibility to public' % image_id)
image_url = "https://%s.iaas.cloud.ibm.com/v1/images/%s?%s" % (
region, image_id, VPC_QP)
headers = {
"Accept": "application/json",
"Content-Type": "application/json",
"Authorization": "Bearer %s" % token
}
data = {
"visibility": "public"
}
response = requests.patch(
image_url, headers=headers, data=json.dumps(data))
if response.status_code < 300:
return True
else:
return False
else:
return True
def make_image_private(token, region, image_id):
if not token:
token = get_iam_token()
image_visibility = get_image_visibility(token, region, image_id)
if not image_visibility == 'private':
LOG.debug('setting image %s visibility to private' % image_id)
image_url = "https://%s.iaas.cloud.ibm.com/v1/images/%s?%s" % (
region, image_id, VPC_QP)
headers = {
"Accept": "application/json",
"Content-Type": "application/json",
"Authorization": "Bearer %s" % token
}
data = {
"visibility": "private"
}
response = requests.patch(
image_url, headers=headers, data=json.dumps(data))
if response.status_code < 300:
return True
else:
return False
else:
return True
def delete_image(token, region, image_id):
if not token:
token = get_iam_token()
image_url = "https://%s.iaas.cloud.ibm.com/v1/images/%s?%s" % (
region, image_id, VPC_QP)
headers = {
"Accept": "application/json",
"Content-Type": "application/json",
"Authorization": "Bearer %s" % token
}
LOG.debug('deleting VPC image %s' % image_id)
response = requests.delete(image_url, headers=headers)
if response.status_code < 400:
return True
else:
LOG.error('error deleting image %d:%s',
response.status_code, response.content)
return False
def delete_public_image(token, region, image_name):
if not token:
token = get_iam_token()
image_id = get_image_id(token, region, image_name)
if image_id:
if make_image_private(token, region, image_id):
time.sleep(IMAGE_STATUS_PAUSE_SECONDS)
delete_image(token, region, image_id)
else:
LOG.error('could not make image private before deleting')
else:
LOG.debug('not VPC image found to remove for name %s' % image_name)
def create_public_image(token, region, image_name, cos_url):
if not token:
token = get_iam_token()
image_id = get_image_id(token, region, image_name)
if UPDATE_IMAGES:
if image_id:
delete_image(token, region, )
if not image_id:
LOG.debug('creating %s in %s' % (image_name, region))
image_url = "https://%s.iaas.cloud.ibm.com/v1/images?%s" % (region, VPC_QP)
headers = {
"Accept": "application/json",
"Content-Type": "application/json",
"Authorization": "Bearer %s" % token
}
data = {
"name": image_name,
"file": {
"href": cos_url
},
"operating_system": {
"name": "centos-7-amd64"
},
"resource_group": {
"id": get_resource_group_id(token)
}
}
response = requests.post(
image_url, headers=headers, data=json.dumps(data))
if response.status_code < 400:
image = response.json()
available_states = ['available', 'pending']
if WAIT_FOR_AVAILABLE:
available_states = ['available']
is_available = False
while not is_available:
state_of_image = get_image_status(token, region, image['id'])
if state_of_image in available_states:
is_available = True
else:
LOG.debug('image %s is %s from %s....' %
(image_name, state_of_image, cos_url))
time.sleep(IMAGE_STATUS_PAUSE_SECONDS)
not_public = True
make_public_tries = 0
while not_public and make_public_tries < 10:
if make_image_public(token, region, image['id']):
not_public = False
else:
make_public_tries = make_public_tries + 1
LOG.error(
'image %s could not be made public, try: %d/10',
image['id'],
make_public_tries)
time.sleep(IMAGE_STATUS_PAUSE_SECONDS)
return image['id']
else:
LOG.error('error creating image %s from cos_url: %s - %d:%s',
image_name, cos_url, response.status_code, response.content)
return None
else:
if not make_image_public(token, region, image_id):
LOG.error('image %s could not be made public, permissions?', image_id)
return None
return image_id
def assure_public_images():
"""got through published COS images and assure public VPC images"""
if not IC_API_KEY:
LOG.info(
'no env variable found IC_API_KEY, so no public images will be assured')
return
LOG.debug('assuring public images to %s', IBM_COS_REGIONS)
token = get_iam_token()
for location in IBM_COS_REGIONS:
cos_res = get_cos_resource(location)
try:
for bucket in cos_res.buckets.all():
if location in bucket.name:
for obj in cos_res.Bucket(bucket.name).objects.all():
if os.path.splitext(obj.key)[-1] in IMAGE_TYPES:
image_name = bucket.name.replace(
"%s-" % COS_BUCKET_PREFIX, '').replace('.', '-')
cos_url = "cos://%s/%s/%s" % (location,
bucket.name, obj.key)
LOG.debug('assuring public image %s in %s from url %s' % (
image_name, location, cos_url))
create_public_image(
token, location, image_name, cos_url)
except ClientError as client_error:
LOG.error('client error creating COS resources client: %s',
client_error)
except Exception as ex:
LOG.error('exception assuring public images: %s', str(ex))
def inventory():
"""create inventory JSON"""
global UPDATE_IMAGES
inventory_file = "%s/ibmcos_images.json" % (TMOS_IMAGE_DIR)
if os.path.exists(inventory_file):
os.unlink(inventory_file)
inventory = {}
for location in IBM_COS_REGIONS:
inventory[location] = []
cos_res = get_cos_resource(location)
try:
token = get_iam_token()
for bucket in cos_res.buckets.all():
if location in bucket.name:
for obj in cos_res.Bucket(bucket.name).objects.all():
LOG.debug('inventory add %s/%s', bucket.name, obj.key)
if os.path.splitext(obj.key)[-1] in IMAGE_TYPES:
image_name = bucket.name.replace(
"%s-" % COS_BUCKET_PREFIX, '').replace('.', '-')
cos_url = "cos://%s/%s/%s" % (location,
bucket.name, obj.key)
cos_md5_url = "cos://%s/%s/%s.md5" % (
location, bucket.name, obj.key)
image_id = get_image_id(
token, location, image_name)
inv_obj = {
'image_name': image_name,
'image_sql_url': cos_url,
'md5_sql_url': cos_md5_url,
'image_id': image_id
}
inventory[location].append(inv_obj)
except ClientError as client_error:
LOG.error('client error creating inventory of resources: %s',
client_error)
except Exception as ex:
LOG.error('exception creating inventory of resources: %s', ex)
# write it locally
with open(inventory_file, 'w') as ivf:
ivf.write(json.dumps(inventory))
# store in each location
old_update_images = UPDATE_IMAGES
UPDATE_IMAGES = True
for location in IBM_COS_REGIONS:
bucket_name = "%s-%s" % (COS_BUCKET_PREFIX, location)
public_url = "https://%s.s3.%s.cloud-object-storage.appdomain.cloud/f5-image-catalog.json" % (
bucket_name, location)
if COS_DIRECT_LINKS:
public_url = "https://%s.s3.direct.%s.cloud-object-storage.appdomain.cloud/f5-image-catalog.json" % (
bucket_name, location)
LOG.debug('writing image catalog to: %s', public_url)
assure_bucket(bucket_name, location)
assure_object(inventory_file, bucket_name, "f5-image-catalog.json",
location)
UPDATE_IMAGES = old_update_images
def initialize():
"""initialize configuration from environment variables"""
global TMOS_IMAGE_DIR, IBM_COS_REGIONS, COS_UPLOAD_THREADS, \
COS_DIRECT_LINKS, COS_API_KEY, COS_RESOURCE_CRN, COS_IMAGE_LOCATION, \
COS_AUTH_ENDPOINT, UPDATE_IMAGES, DELETE_ALL, \
COS_BUCKET_PREFIX, IC_API_KEY, IC_RESOURCE_GROUP, \
IMAGE_MATCH, PUBLIC_IMAGES, WAIT_FOR_AVAILABLE, INVENTORY
TMOS_IMAGE_DIR = os.getenv('TMOS_IMAGE_DIR', None)
COS_DIRECT_LINKS = os.getenv('COS_DIRECT_LINKS', 'false')
if COS_DIRECT_LINKS.lower() == 'true':
COS_DIRECT_LINKS = True
else:
COS_DIRECT_LINKS = False
COS_UPLOAD_THREADS = os.getenv('COS_UPLOAD_THREADS', 1)
COS_API_KEY = os.getenv('COS_API_KEY', None)
COS_RESOURCE_CRN = os.getenv('COS_RESOURCE_CRN', None)
COS_IMAGE_LOCATION = os.getenv('COS_IMAGE_LOCATION', 'us-south')
COS_BUCKET_PREFIX = os.getenv('COS_BUCKET_PREFIX', 'f5-image-catalog')
IMAGE_MATCH = os.getenv('IMAGE_MATCH', '^[a-zA-Z]')
IBM_COS_REGIONS = [x.strip() for x in COS_IMAGE_LOCATION.split(',')]
COS_AUTH_ENDPOINT = os.getenv('COS_AUTH_ENDPOINT',
'https://iam.cloud.ibm.com/identity/token')
# KEY TO MAKE PUBIC IMAGES
IC_API_KEY = os.getenv('IC_API_KEY', None)
IC_RESOURCE_GROUP = os.getenv('IC_RESOURCE_GROUP', 'default')
UPDATE_IMAGES = os.getenv('UPDATE_IMAGES', 'false')
if UPDATE_IMAGES.lower() == 'true':
UPDATE_IMAGES = True
else:
UPDATE_IMAGES = False
DELETE_ALL = os.getenv('DELETE_ALL', 'false')
if DELETE_ALL.lower() == 'true':
DELETE_ALL = True
else:
DELETE_ALL = False
PUBLIC_IMAGES = os.getenv('PUBLIC_IMAGES', 'true')
if PUBLIC_IMAGES.lower() == 'true':
PUBLIC_IMAGES = True
else:
PUBLIC_IMAGES = False
WAIT_FOR_AVAILABLE = os.getenv('WAIT_FOR_AVAILABLE', 'true')
if WAIT_FOR_AVAILABLE.lower == 'true':
WAIT_FOR_AVAILABLE = True
else:
WAIT_FOR_AVAILABLE = False
INVENTORY = os.getenv('INVENTORY', 'true')
if INVENTORY.lower() == 'true':
INVENTORY = True
else:
INVENTORY = False
log_level = os.getenv('LOG_LEVEL', 'info')
if log_level.lower() in LOG_LEVELS:
LOG.setLevel(LOG_LEVELS[log_level.lower()])
if __name__ == "__main__":
START_TIME = time.time()
initialize()
LOG.debug(
'process start time: %s',
datetime.datetime.fromtimestamp(START_TIME).strftime(
"%A, %B %d, %Y %I:%M:%S"))
ERROR_MESSAGE = ''
ERROR = False
if not COS_API_KEY:
ERROR = True
ERROR_MESSAGE += "please set env COS_API_KEY for your IBM COS resource\n"
if not COS_RESOURCE_CRN:
ERROR = True
ERROR_MESSAGE += "please set env COS_RESOURCE_CRN for your IBM COS resource\n"
if not TMOS_IMAGE_DIR and not DELETE_ALL:
ERROR = True
ERROR_MESSAGE += "please set env TMOS_IMAGE_DIR to scan for patched TMOS images\n"
if ERROR:
LOG.error('\n\n%s\n', ERROR_MESSAGE)
sys.exit(1)
LOG.info('uploading images into %s with COS_BUCKET_PREFIX %s',
COS_RESOURCE_CRN, COS_BUCKET_PREFIX)
if DELETE_ALL:
delete_all()
else:
upload_patched_images()
if PUBLIC_IMAGES:
assure_public_images()
if INVENTORY:
inventory()
STOP_TIME = time.time()
DURATION = STOP_TIME - START_TIME
DURATION = str(datetime.timedelta(seconds=DURATION))
LOG.debug(
'process end time: %s - ran %s',
datetime.datetime.fromtimestamp(STOP_TIME).strftime(
"%A, %B %d, %Y %I:%M:%S"), DURATION)