diff --git a/docker_compose/manage_logs.py b/docker_compose/manage_logs.py index c5d4ca8be..a7c28f675 100644 --- a/docker_compose/manage_logs.py +++ b/docker_compose/manage_logs.py @@ -6,6 +6,7 @@ import ruamel.yaml DEPENDENCIES = ["snmp-mibserver", "redis", "mongo"] +DOCKER_COMPOSE_DEPENDENCIES = "docker-compose-dependencies.yaml" def human_bool(flag: Union[str, bool], default: bool = False) -> bool: @@ -99,7 +100,7 @@ def create_logs(environment, path_to_compose_files): try: yaml2 = ruamel.yaml.YAML() with open( - os.path.join(path_to_compose_files, "docker-compose-dependencies.yaml") + os.path.join(path_to_compose_files, DOCKER_COMPOSE_DEPENDENCIES) ) as file: yaml_file = yaml2.load(file) @@ -108,7 +109,7 @@ def create_logs(environment, path_to_compose_files): yaml_file["services"][service_name].update(template_yaml) with open( - os.path.join(path_to_compose_files, "docker-compose-dependencies.yaml"), "w" + os.path.join(path_to_compose_files, DOCKER_COMPOSE_DEPENDENCIES), "w" ) as file: yaml2.dump(yaml_file, file) except Exception as e: @@ -142,7 +143,7 @@ def delete_logs(path_to_compose_files): try: with open( - os.path.join(path_to_compose_files, "docker-compose-dependencies.yaml") + os.path.join(path_to_compose_files, DOCKER_COMPOSE_DEPENDENCIES) ) as file: yaml2 = ruamel.yaml.YAML() yaml_file = yaml2.load(file) @@ -152,7 +153,7 @@ def delete_logs(path_to_compose_files): yaml_file["services"][service_name]["logging"].pop("options") with open( - os.path.join(path_to_compose_files, "docker-compose-dependencies.yaml"), "w" + os.path.join(path_to_compose_files, DOCKER_COMPOSE_DEPENDENCIES), "w" ) as file: yaml2.dump(yaml_file, file) except Exception as e: diff --git a/docker_compose/manage_secrets.py b/docker_compose/manage_secrets.py index 321052ed4..89d1e274a 100644 --- a/docker_compose/manage_secrets.py +++ b/docker_compose/manage_secrets.py @@ -75,25 +75,7 @@ def create_secrets( raise ValueError(f"Value {k} is not set") # list for storing secrets configuration which should be added to docker-compose-secrets.yaml - new_secrets = [] - # list for storing secrets configuration which should be added to docker-compose-worker-poller.yaml and - # docker-compose-traps.yaml services - new_secrets_in_workers = [] - - for k, v in variables.items(): - if v: - new_secrets.append( - { - "secret_name": f"{secret_name}_{k}", - "secret_config": {"environment": f"{secret_name}_{k}"}, - } - ) - new_secrets_in_workers.append( - { - "source": f"{secret_name}_{k}", - "target": f"/app/secrets/snmpv3/{secret_name}/{k}", - } - ) + new_secrets, new_secrets_in_workers = store_secrets(secret_name, variables) try: # Load docker-compose-secrets.yaml to a dictionary and update "secrets" section. If the same secret @@ -115,70 +97,130 @@ def create_secrets( secrets_file_ready = False if make_change_in_worker_poller: - # If the secret should be added to worker poller, load docker-compose-worker-poller.yaml to a dictionary and - # update "secrets" section. - try: - with open( - os.path.join(path_to_compose_files, DOCKER_COMPOSE_WORKER_POLLER) - ) as file: - worker_poller_file = yaml.load(file, Loader=yaml.FullLoader) - if "secrets" not in worker_poller_file["services"]["worker-poller"]: - worker_poller_file["services"]["worker-poller"]["secrets"] = [] - worker_poller_file["services"]["worker-poller"]["secrets"].extend( - new_secrets_in_workers - ) - worker_poller_file_ready = True - except Exception: - print( - "Problem with editing docker-compose-worker-poller.yaml. Secret not added." - ) - worker_poller_file_ready = False + worker_poller_file, worker_poller_file_ready = load_compose_worker_poller( + new_secrets_in_workers, path_to_compose_files + ) else: + worker_poller_file = {} worker_poller_file_ready = True if make_change_in_traps: - # If the secret should be added to traps, load docker-compose-traps.yaml to a dictionary and - # update "secrets" section. - try: - with open( - os.path.join(path_to_compose_files, DOCKER_COMPOSE_TRAPS) - ) as file: - traps_file = yaml.load(file, Loader=yaml.FullLoader) - if "secrets" not in traps_file["services"]["traps"]: - traps_file["services"]["traps"]["secrets"] = [] - traps_file["services"]["traps"]["secrets"].extend(new_secrets_in_workers) - traps_file_ready = True - except Exception: - print("Problem with editing docker-compose-traps.yaml. Secret not added.") - traps_file_ready = False + traps_file, traps_file_ready = load_compose_traps( + new_secrets_in_workers, path_to_compose_files + ) else: + traps_file = {} traps_file_ready = True + save_to_compose_files( + make_change_in_traps, + make_change_in_worker_poller, + path_to_compose_files, + secret_name, + secrets_file, + secrets_file_ready, + traps_file, + traps_file_ready, + variables, + worker_poller_file, + worker_poller_file_ready, + ) + + +def save_to_compose_files( + make_change_in_traps, + make_change_in_worker_poller, + path_to_compose_files, + secret_name, + secrets_file, + secrets_file_ready, + traps_file, + traps_file_ready, + variables, + worker_poller_file, + worker_poller_file_ready, +): if secrets_file_ready and worker_poller_file_ready and traps_file_ready: # If all three files were loaded into dictionary and updated successfully, # save the latest configuration to files. - with open( - os.path.join(path_to_compose_files, DOCKER_COMPOSE_SECRETS), "w" - ) as file: - yaml.dump(secrets_file, file, default_flow_style=False) - + save_to_yaml_file(path_to_compose_files, DOCKER_COMPOSE_SECRETS, secrets_file) with open(os.path.join(path_to_compose_files, ".env"), "a") as file: for k, v in variables.items(): if v: file.write(f"\n{secret_name}_{k}={v}") - if make_change_in_worker_poller: - with open( - os.path.join(path_to_compose_files, DOCKER_COMPOSE_WORKER_POLLER), - "w", - ) as file: - yaml.dump(worker_poller_file, file, default_flow_style=False) - + save_to_yaml_file( + path_to_compose_files, DOCKER_COMPOSE_WORKER_POLLER, worker_poller_file + ) if make_change_in_traps: - with open( - os.path.join(path_to_compose_files, DOCKER_COMPOSE_TRAPS), "w" - ) as file: - yaml.dump(traps_file, file, default_flow_style=False) + save_to_yaml_file(path_to_compose_files, DOCKER_COMPOSE_TRAPS, traps_file) + + +def save_to_yaml_file(file_path, file_name, file_content): + with open(os.path.join(file_path, file_name), "w") as file: + yaml.dump(file_content, file, default_flow_style=False) + + +def load_compose_traps(new_secrets_in_workers, path_to_compose_files): + # If the secret should be added to traps, load docker-compose-traps.yaml to a dictionary and + # update "secrets" section. + try: + with open(os.path.join(path_to_compose_files, DOCKER_COMPOSE_TRAPS)) as file: + traps_file = yaml.load(file, Loader=yaml.FullLoader) + if "secrets" not in traps_file["services"]["traps"]: + traps_file["services"]["traps"]["secrets"] = [] + traps_file["services"]["traps"]["secrets"].extend(new_secrets_in_workers) + traps_file_ready = True + except Exception: + print("Problem with editing docker-compose-traps.yaml. Secret not added.") + traps_file = {} + traps_file_ready = False + return traps_file, traps_file_ready + + +def load_compose_worker_poller(new_secrets_in_workers, path_to_compose_files): + # If the secret should be added to worker poller, load docker-compose-worker-poller.yaml to a dictionary and + # update "secrets" section. + try: + with open( + os.path.join(path_to_compose_files, DOCKER_COMPOSE_WORKER_POLLER) + ) as file: + worker_poller_file = yaml.load(file, Loader=yaml.FullLoader) + if "secrets" not in worker_poller_file["services"]["worker-poller"]: + worker_poller_file["services"]["worker-poller"]["secrets"] = [] + worker_poller_file["services"]["worker-poller"]["secrets"].extend( + new_secrets_in_workers + ) + worker_poller_file_ready = True + except Exception: + print( + "Problem with editing docker-compose-worker-poller.yaml. Secret not added." + ) + worker_poller_file = {} + worker_poller_file_ready = False + return worker_poller_file, worker_poller_file_ready + + +def store_secrets(secret_name, variables): + new_secrets = [] + # list for storing secrets configuration which should be added to docker-compose-worker-poller.yaml and + # docker-compose-traps.yaml services + new_secrets_in_workers = [] + for k, v in variables.items(): + if v: + new_secrets.append( + { + "secret_name": f"{secret_name}_{k}", + "secret_config": {"environment": f"{secret_name}_{k}"}, + } + ) + new_secrets_in_workers.append( + { + "source": f"{secret_name}_{k}", + "target": f"/app/secrets/snmpv3/{secret_name}/{k}", + } + ) + return new_secrets, new_secrets_in_workers def delete_secrets( @@ -200,39 +242,13 @@ def delete_secrets( for key in variables.keys(): secrets.append(f"{secret_name}_{key}") - # Load docker-compose-secrets.yaml file to a dictionary and delete desired secrets - with open(os.path.join(path_to_compose_files, DOCKER_COMPOSE_SECRETS)) as file: - secrets_file = yaml.load(file, Loader=yaml.FullLoader) - for secret in secrets: - if secret in secrets_file["secrets"]: - del secrets_file["secrets"][secret] + secrets_file = load_compose_secrets(path_to_compose_files, secrets) # Save the updated docker-compose-secrets.yaml configuration - with open(os.path.join(path_to_compose_files, DOCKER_COMPOSE_SECRETS), "w") as file: - yaml.dump(secrets_file, file, default_flow_style=False) + save_to_yaml_file(path_to_compose_files, DOCKER_COMPOSE_SECRETS, secrets_file) # Delete secrets from .env - try: - # Read lines from .env - with open(os.path.join(path_to_compose_files, ".env")) as env_file: - lines = env_file.readlines() - - with open(os.path.join(path_to_compose_files, ".env"), "w") as env_file: - lines_to_write = [] - # If the environmental variable is NOT one of the secrets destined for deletion, add them to lines_to_write - for line in lines: - key = line.split("=")[0].strip() - if key not in secrets: - lines_to_write.append(line.strip()) - - # Save each line to .env. The last line should be saved without a new line symbol - for i, line in enumerate(lines_to_write): - if i < len(lines_to_write) - 1: - env_file.write(f"{line}\n") - else: - env_file.write(line) - except Exception as e: - print(f"Error: {e}") + delete_secrets_from_env(path_to_compose_files, secrets) if make_change_in_worker_poller: # Load docker-compose-worker-poller.yaml to dictionary and filter out secrets destined for deletion @@ -248,11 +264,9 @@ def delete_secrets( ) # Save updated docker-compose-worker-poller.yaml configuration - with open( - os.path.join(path_to_compose_files, DOCKER_COMPOSE_WORKER_POLLER), - "w", - ) as file: - yaml.dump(worker_poller_file, file, default_flow_style=False) + save_to_yaml_file( + path_to_compose_files, DOCKER_COMPOSE_WORKER_POLLER, worker_poller_file + ) if make_change_in_traps: # Load docker-compose-traps.yaml to dictionary and filter out secrets destined for deletion @@ -266,10 +280,41 @@ def delete_secrets( ) # Save updated docker-compose-traps.yaml configuration - with open( - os.path.join(path_to_compose_files, DOCKER_COMPOSE_TRAPS), "w" - ) as file: - yaml.dump(traps_file, file, default_flow_style=False) + save_to_yaml_file(path_to_compose_files, DOCKER_COMPOSE_TRAPS, traps_file) + + +def delete_secrets_from_env(path_to_compose_files, secrets): + try: + # Read lines from .env + with open(os.path.join(path_to_compose_files, ".env")) as env_file: + lines = env_file.readlines() + + with open(os.path.join(path_to_compose_files, ".env"), "w") as env_file: + lines_to_write = [] + # If the environmental variable is NOT one of the secrets destined for deletion, add them to lines_to_write + for line in lines: + key = line.split("=")[0].strip() + if key not in secrets: + lines_to_write.append(line.strip()) + + # Save each line to .env. The last line should be saved without a new line symbol + for i, line in enumerate(lines_to_write): + if i < len(lines_to_write) - 1: + env_file.write(f"{line}\n") + else: + env_file.write(line) + except Exception as e: + print(f"Error: {e}") + + +def load_compose_secrets(path_to_compose_files, secrets): + # Load docker-compose-secrets.yaml file to a dictionary and delete desired secrets + with open(os.path.join(path_to_compose_files, DOCKER_COMPOSE_SECRETS)) as file: + secrets_file = yaml.load(file, Loader=yaml.FullLoader) + for secret in secrets: + if secret in secrets_file["secrets"]: + del secrets_file["secrets"][secret] + return secrets_file def main():