PyPI - suite-py - Versions diffs - 1.41.10__py3-none-any.whl → 1.42.0__py3-none-any.whl - Mend

suite-py 1.41.10py3-none-any.whl → 1.42.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (26) hide show

suite_py/__version__.py +1 -1
suite_py/cli.py +6 -194
suite_py/commands/check.py +0 -18
suite_py/commands/merge_pr.py +1 -12
suite_py/commands/open_pr.py +1 -6
suite_py/commands/release.py +2 -248
suite_py/lib/config.py +0 -1
suite_py/lib/handler/captainhook_handler.py +0 -7
suite_py/lib/handler/okta_handler.py +8 -4
suite_py/lib/metrics.py +1 -1
suite_py/lib/oauth.py +7 -3
suite_py/lib/tokens.py +3 -7
{suite_py-1.41.10.dist-info → suite_py-1.42.0.dist-info}/METADATA +4 -4
{suite_py-1.41.10.dist-info → suite_py-1.42.0.dist-info}/RECORD +16 -26
suite_py/commands/aggregator.py +0 -159
suite_py/commands/batch_job.py +0 -215
suite_py/commands/deploy.py +0 -207
suite_py/commands/docker.py +0 -91
suite_py/commands/generator.py +0 -238
suite_py/commands/id.py +0 -60
suite_py/commands/ip.py +0 -68
suite_py/commands/secret.py +0 -204
suite_py/lib/handler/drone_handler.py +0 -252
suite_py/lib/handler/vault_handler.py +0 -28
{suite_py-1.41.10.dist-info → suite_py-1.42.0.dist-info}/WHEEL +0 -0
{suite_py-1.41.10.dist-info → suite_py-1.42.0.dist-info}/entry_points.txt +0 -0

suite_py/commands/secret.py DELETED Viewed

@@ -1,204 +0,0 @@
-# -*- coding: utf-8 -*-
-import json
-import os
-import sys
-import yaml
-from suite_py.lib import logger, metrics
-from suite_py.lib.handler import prompt_utils
-from suite_py.lib.handler.vault_handler import VaultHandler
-profiles_mapping = {
-    "common": {
-        "stack_name_pattern": "{service}-platform-cluster-{env}-serviceaccount-iamrole",
-        "logical_id": "ServiceAccountIamRole",
-        "developer_role": "arn:aws:iam::595659439703:role/aws-reserved/sso.amazonaws.com/eu-west-1/AWSReservedSSO_ItalyDeveloperPlatform_cb5de4d001016cc4",
-    },
-    "it": {
-        "stack_name_pattern": "ecs-roles-{service}-{env}",
-        "logical_id": "ECSTaskRole",
-        "developer_role": "arn:aws:iam::001575623345:role/AllowNonProductionBiscuitDecryption",
-    },
-    "uk": {
-        "stack_name_pattern": "{service}-main-{env}-serviceaccount-iamrole",
-        "logical_id": "ServiceAccountIamRole",
-        "developer_role": "arn:aws:iam::815911007681:role/aws-reserved/sso.amazonaws.com/eu-west-1/AWSReservedSSO_UnitedKingdomDeveloper_f578b0b2b98ea593",
-    },
-    "es": {
-        "stack_name_pattern": "{service}-main-{env}-serviceaccount-iamrole",
-        "logical_id": "ServiceAccountIamRole",
-        "developer_role": "arn:aws:iam::199959896441:role/aws-reserved/sso.amazonaws.com/eu-west-1/AWSReservedSSO_SpainDeveloper_acf53aa98cfc0ac4",
-    },
-}
-class Secret:
-    def __init__(self, project, config, action, base_profile, secret_file):
-        self._project = project
-        self._config = config
-        self._path = os.path.join(config.user["projects_home"], project)
-        self._vault = VaultHandler(project, config)
-        self._action = action
-        self._base_profile = base_profile
-        self._secret_file = secret_file
-    @metrics.command("secret")
-    def run(self):
-        if self._base_profile is not None:
-            self._config.vault["base_secret_profile"] = self._base_profile
-        if not self._secret_file:
-            self._secret_file = "config/secrets.yml"
-        if self._action == "create":
-            self._create_new_secret()
-            return
-        if self._action == "grant":
-            secrets = self._get_available_secrets()
-            secret = prompt_utils.ask_choices("Select secret: ", secrets)
-            self._set_grant_on_secret(secret)
-            return
-        logger.error(
-            "You have to specify what to do! See available flags with suite-py secret --help"
-        )
-    def _create_new_secret(self):
-        secret = prompt_utils.ask_questions_input("Enter secret name: ")
-        value = prompt_utils.ask_questions_input("Enter secret value: ")
-        e = self._vault.exec(
-            self._config.vault["base_secret_profile"],
-            f"biscuit put -f {self._secret_file} -- {secret} {value}",
-        )
-        if e.returncode != 0:
-            logger.error("An error occurred.")
-            sys.exit(1)
-        if prompt_utils.ask_confirm(f"Do you want to grant permissions for {secret}?"):
-            self._set_grant_on_secret(secret)
-    def _set_grant_on_secret(self, secret_name):
-        environment = self._ask_environment()
-        profiles = self._ask_profile()
-        for profile in profiles:
-            mapping = profiles_mapping[profile]
-            stack_name = (
-                mapping["stack_name_pattern"]
-                .replace("{service}", self._project)
-                .replace("{env}", environment)
-            )
-            # Get stack resource info
-            logger.info(
-                f"Obtaining ARN for {mapping['logical_id']} from stack {stack_name}..."
-            )
-            stack_resource = self._get_stack_resource(
-                profile, stack_name, mapping["logical_id"]
-            )
-            if stack_resource is None:
-                iam_role_arn = self._manual_iam_arn()
-            else:
-                iam_role_name = stack_resource["StackResourceDetail"][
-                    "PhysicalResourceId"
-                ]
-                # Get IAM Role ARN
-                iam_role = self._get_iam_role(profile, iam_role_name)
-                iam_role_arn = iam_role["Role"]["Arn"]
-                if iam_role_arn is None:
-                    iam_role_arn = self._manual_iam_arn()
-                logger.info(f"ARN found for profile {profile}: {iam_role_arn}")
-            if iam_role_arn is None:
-                continue
-            logger.debug(
-                f"---\nGranting permissions on {self._project}/{secret_name}\nEnvironment: {environment}\nUsing vault profile: {profile}\nIAM Role ARN: {iam_role_arn}\n---"
-            )
-            if not prompt_utils.ask_confirm("Do you want to continue?", default=True):
-                continue
-            # Grant decrypt permissions to task
-            logger.info("Granting permissions to task...")
-            e = self._vault.exec(
-                self._config.vault["base_secret_profile"],
-                f"biscuit kms grants create --grantee-principal {iam_role_arn} -f {self._secret_file} {secret_name}",
-            )
-            if e.returncode != 0:
-                logger.error("An error occurred.")
-                continue
-            # Grant decrypt permissions to developers group
-            if environment in ["staging", "qa"]:
-                logger.info("Granting permissions to devs...")
-                e = self._vault.exec(
-                    self._config.vault["base_secret_profile"],
-                    f"biscuit kms grants create --grantee-principal {mapping['developer_role']} -f {self._secret_file} {secret_name}",
-                )
-                if e.returncode != 0:
-                    logger.error("An error occurred.")
-                    continue
-        logger.info("Ta-da! Permissions granted.")
-    def _get_available_secrets(self):
-        try:
-            secrets = []
-            with open(f"{self._path}/{self._secret_file}", encoding="utf-8") as s:
-                yaml_secrets = yaml.load(s, Loader=yaml.FullLoader)
-                secrets = [
-                    key for key, values in yaml_secrets.items() if key != "_keys"
-                ]
-            return secrets
-        except FileNotFoundError:
-            logger.error(f"Can't load secrets from {self._secret_file}.")
-            sys.exit(1)
-    def _get_stack_resource(self, profile, stack_name, logical_id):
-        e = self._vault.exec(
-            profile,
-            f"aws cloudformation describe-stack-resource --stack-name {stack_name} --logical-resource-id {logical_id}",
-        )
-        command_result = e.stdout.read()
-        if e.returncode != 0:
-            logger.warning("An error occurred trying to obtain stack. Skipping...")
-            return None
-        stack_info = command_result.decode("utf8").replace("'", '"')
-        data = json.loads(stack_info)
-        return data
-    def _get_iam_role(self, profile, iam_role_name):
-        e = self._vault.exec(
-            profile,
-            f"aws iam get-role --role-name {iam_role_name}",
-            additional_args="--no-session",
-        )
-        command_result = e.stdout.read()
-        if e.returncode != 0:
-            logger.warning(
-                "An error occurred trying to obtain IAM Role details. Skipping..."
-            )
-            return None
-        stack_info = command_result.decode("utf8").replace("'", '"')
-        data = json.loads(stack_info)
-        return data
-    def _manual_iam_arn(self):
-        arn = prompt_utils.ask_questions_input(
-            "No associated IAM Role ARN found. Insert it manually or leave blank to skip",
-            default_text="",
-        )
-        if arn == "":
-            return None
-        return arn
-    def _ask_environment(self):
-        return prompt_utils.ask_choices(
-            "Select an environment:", ["production", "staging", "qa"]
-        )
-    def _ask_profile(self):
-        return prompt_utils.ask_multiple_choices(
-            "Select vault profile(s):", self._config.vault["profiles"]
-        )

suite_py/lib/handler/drone_handler.py DELETED Viewed

@@ -1,252 +0,0 @@
-# -*- encoding: utf-8 -*-
-import os
-import subprocess
-import sys
-import time
-from distutils.version import StrictVersion  # pylint: disable=W0402
-from subprocess import CalledProcessError
-import requests
-import yaml
-from halo import Halo
-from suite_py.lib import logger
-class DroneHandler:
-    def __init__(self, config, tokens, repo=None):
-        self._token = tokens.drone
-        self._config = config
-        os.environ["DRONE_TOKEN"] = self._token
-        self._baseurl = os.environ.get("DRONE_SERVER", "https://drone-1.prima.it")
-        self._repo = repo
-        if repo:
-            self._path = os.path.join(config.user["projects_home"], repo)
-    def get_last_build_url(self, prefix=None):
-        with Halo(text="Contacting drone...", spinner="dots", color="magenta"):
-            # necessario per far comparire la build che abbiamo appena pushato
-            time.sleep(2)
-            try:
-                # pylint: disable-next=missing-timeout
-                builds = requests.get(
-                    f"{self._baseurl}/api/repos/primait/{self._repo}/builds",
-                    headers={"Authorization": f"Bearer {self._token}"},
-                ).json()
-                if prefix:
-                    builds = [b for b in builds if b["target"].startswith(prefix)]
-                return f"{self._baseurl}/primait/{self._repo}/{builds[0]['number']}"
-            except Exception:
-                return ""
-    def get_pr_build_number(self, commit_sha):
-        with Halo(text="Contacting drone...", spinner="dots", color="magenta"):
-            tries = 10
-            while tries > 0:
-                tries -= 1
-                try:
-                    # pylint: disable-next=missing-timeout
-                    builds = requests.get(
-                        f"{self._baseurl}/api/repos/primait/{self._repo}/builds?per_page=100",
-                        headers={"Authorization": f"Bearer {self._token}"},
-                    ).json()
-                    builds = [b for b in builds if b["after"] == commit_sha]
-                    return builds[0]["number"]
-                except Exception:
-                    time.sleep(1)
-            return None
-    def get_user(self):
-        try:
-            # pylint: disable-next=missing-timeout
-            user = requests.get(
-                f"{self._baseurl}/api/user",
-                headers={"Authorization": f"Bearer {self._token}"},
-            ).json()
-            return user
-        except Exception:
-            return None
-    def get_repo_build(self, repo, build_number):
-        # pylint: disable-next=missing-timeout
-        build = requests.get(
-            f"{self._baseurl}/api/repos/primait/{repo}/builds/{build_number}",
-            headers={"Authorization": f"Bearer {self._token}"},
-        ).json()
-        return build
-    def get_build_url(self, build_number):
-        if build_number:
-            return f"{self._baseurl}/primait/{self._repo}/{build_number}"
-        return None
-    def get_repo_build_url(self, repo, build_number):
-        if build_number:
-            return f"{self._baseurl}/primait/{repo}/{build_number}"
-        return None
-    def get_build_and_pipeline_url(self, repo, build_number, pipeline_number):
-        if build_number:
-            return f"{self._baseurl}/primait/{repo}/{build_number}/{pipeline_number}"
-        return None
-    def get_tags_from_builds(self):
-        tags = []
-        # pylint: disable-next=missing-timeout
-        builds = requests.get(
-            f"{self._baseurl}/api/repos/primait/{self._repo}/builds?per_page=100",
-            headers={"Authorization": f"Bearer {self._token}"},
-        ).json()
-        for build in builds:
-            if build["event"] == "tag":
-                tags.append(build["ref"].replace("refs/tags/", ""))
-        tags = list(dict.fromkeys(tags))
-        tags.sort(key=StrictVersion, reverse=True)
-        return tags
-    def get_builds_from_tag(self, tag):
-        try:
-            # pylint: disable-next=missing-timeout
-            builds = requests.get(
-                f"{self._baseurl}/api/repos/primait/{self._repo}/builds?per_page=100&tag={tag}",
-                headers={"Authorization": f"Bearer {self._token}"},
-            ).json()
-        except Exception:
-            builds = []
-        if isinstance(builds, dict) and builds.get("message") == "Unauthorized":
-            raise Exception("Drone API Error: Unauthorized - run suite-py check")
-        return builds
-    def get_builds_from_branch(self, branch):
-        try:
-            # pylint: disable-next=missing-timeout
-            builds = requests.get(
-                f"{self._baseurl}/api/repos/primait/{self._repo}/builds?branch={branch}&per_page=100",
-                headers={"Authorization": f"Bearer {self._token}"},
-            ).json()
-            return [b for b in builds if b["event"] == "push"]
-        except Exception:
-            return []
-    def get_build_number_from_tag(self, tag):
-        attempts = 0
-        while attempts < 3:
-            try:
-                # pylint: disable-next=missing-timeout
-                builds = requests.get(
-                    f"{self._baseurl}/api/repos/primait/{self._repo}/builds?per_page=100&tag={tag}",
-                    headers={"Authorization": f"Bearer {self._token}"},
-                ).json()
-                for build in builds:
-                    if build["event"] == "tag":
-                        return build["number"]
-            except Exception:
-                pass
-            time.sleep(2)
-            attempts += 1
-        return None
-    def promote(self, build, target, querystring):
-        try:
-            # pylint: disable-next=missing-timeout
-            return requests.post(
-                f"{self._baseurl}/api/repos/primait/{self._repo}/builds/{build}/promote?target={target}&{querystring}",
-                headers={"Authorization": f"Bearer {self._token}"},
-            ).json()
-        except Exception as e:
-            logger.error(f"Unable to trigger drone build, exiting with error: {e}")
-            sys.exit(-1)
-    def promote_staging(self, build, target, querystring):
-        return self.promote(build, target, querystring)
-    def promote_production(self, tag, target, querystring):
-        build = self.get_build_number_from_tag(tag)
-        if build:
-            return self.promote(build, target, querystring)
-        logger.error(
-            f"Unable to retrieve drone build for repo {self._repo} with tag {tag}"
-        )
-        sys.exit(-1)
-    def launch_build(self, build):
-        # pylint: disable-next=missing-timeout
-        return requests.post(
-            f"{self._baseurl}/api/repos/primait/{self._repo}/builds/{build}",
-            headers={"Authorization": f"Bearer {self._token}"},
-        ).json()
-    def prestart_success(self, build_number):
-        with Halo(text="Contacting drone...", spinner="dots", color="magenta"):
-            tries = 10
-            while build_number and tries > 0:
-                tries -= 1
-                # pylint: disable-next=missing-timeout
-                build_status = requests.get(
-                    f"{self._baseurl}/api/repos/primait/{self._repo}/builds/{build_number}",
-                    headers={"Authorization": f"Bearer {self._token}"},
-                ).json()
-                steps = build_status["stages"][0]["steps"]
-                for step in steps:
-                    if step["name"] == "pre-start":
-                        if step["status"] == "success":
-                            return True
-                        break
-                time.sleep(3)
-            return False
-    def fmt(self):
-        try:
-            subprocess.run(
-                ["drone", "fmt", "--save", ".drone.yml"], cwd=self._path, check=True
-            )
-        except CalledProcessError as e:
-            logger.error(f"{self._repo}: unable to format the .drone.yml {e}")
-            sys.exit(-1)
-    def validate(self):
-        try:
-            subprocess.run(
-                ["drone", "lint", "--trusted", ".drone.yml"], cwd=self._path, check=True
-            )
-        except CalledProcessError as e:
-            logger.error(f"{self._path}: the .drone.yml is not valid {e}")
-            sys.exit(-1)
-    def sign(self):
-        try:
-            subprocess.run(
-                ["drone", "sign", f"primait/{self._repo}", "--save"],
-                cwd=self._path,
-                check=True,
-            )
-        except CalledProcessError as e:
-            logger.error(f"{self._repo}: unable to sign the .drone.yml {e}")
-            sys.exit(-1)
-    def parse_yaml(self):
-        repo_path = os.path.join(self._config.user["projects_home"], self._repo)
-        yaml_path = os.path.join(repo_path, ".drone.yml")
-        try:
-            return yaml.load_all(
-                open(yaml_path, "r", encoding="utf-8"), Loader=yaml.FullLoader
-            )
-        except FileNotFoundError:
-            return None

suite_py/lib/handler/vault_handler.py DELETED Viewed

@@ -1,28 +0,0 @@
-# -*- encoding: utf-8 -*-
-import os
-import subprocess
-import sys
-from subprocess import CalledProcessError
-from suite_py.lib import logger
-class VaultHandler:
-    def __init__(self, repo, config):
-        self._repo = repo
-        self._projects_home = config.user["projects_home"]
-        self._path = os.path.join(self._projects_home, repo)
-    def exec(self, profile, command, additional_args=""):
-        try:
-            c = subprocess.Popen(  # pylint: disable=consider-using-with
-                f"aws-vault exec {profile} {additional_args} -- {command}",
-                stdout=subprocess.PIPE,
-                shell=True,
-                cwd=self._path,
-            )  # .stdout.read()
-            c.wait()
-            return c
-        except CalledProcessError as e:
-            logger.error(f"Error during command execution: {e}")
-            sys.exit(-1)

{suite_py-1.41.10.dist-info → suite_py-1.42.0.dist-info}/WHEEL RENAMED Viewed

File without changes

{suite_py-1.41.10.dist-info → suite_py-1.42.0.dist-info}/entry_points.txt RENAMED Viewed

File without changes

suite-py 1.41.10__py3-none-any.whl → 1.42.0__py3-none-any.whl

suite-py 1.41.10py3-none-any.whl → 1.42.0py3-none-any.whl