initial commit

tsahiduek · tsahiduek · commit 8fa04247e567 · 2020-03-30T12:23:25.000+03:00
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,9 @@
+.vscode*
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+*.egg-info/
+.installed.cfg
+*.egg
+.private*
diff --git a/cloudctl/cli.py b/cloudctl/cli.py
@@ -0,0 +1,12 @@
+import click
+
+
+@click.group()
+@click.option('--debug/--no-debug', default=False)
+def cli(debug):
+    click.echo('Debug mode is %s' % ('on' if debug else 'off'))
+
+
+@cli.command()  # @cli, not @click!
+def sync():
+    click.echo('Syncing')
diff --git a/cloudctl/cloudctl.py b/cloudctl/cloudctl.py
@@ -0,0 +1,144 @@
+import click
+import logging
+import functools
+from tabulate import tabulate
+from .functions import *
+
+logging.basicConfig(format=(
+    '%(asctime)s %(name)-12s %(funcName)-8s %(message)s'))
+logger = logging.getLogger(__name__)
+logger.setLevel(logging.INFO)
+
+
+def common_options(f):
+    options = [
+        click.option('-d', '--debug', envvar="CLOUDCTL_DEBUG", show_default=True,
+                     is_flag=True, help='Enable debug mode'),
+
+        click.option('--dry-run', envvar="CLOUDCTL_DRY_RUN", show_default=True,
+                     is_flag=True, help='Dry Run mode'),
+
+        click.option('-a', '--auto-approve', envvar="CLOUDCTL_AUTO_APPROVE", show_default=True,
+                     is_flag=True, help='Auto Approve operation'),
+
+        click.option('-c', '--cloud', type=click.Choice(['aws', 'gcp', 'azure'], case_sensitive=False),
+                     envvar="CLOUDCTL_CLOUD", default='aws', show_default=True, help='Cloud provider to query'),
+
+        click.option('-t', '--tags', multiple=True,
+                     type=click.Tuple([str, str]), help='Query resources by tags'),
+
+        click.option('-r', '--role', multiple=False,
+                     type=str, help='Query resource by role Tag'),
+    ]
+    return functools.reduce(lambda x, opt: opt(x), options, f)
+
+
+@click.group()
+@common_options
+@click.pass_context
+def cloudctl(ctx, **kwargs):
+    """ Cloud Manager cli """
+    if kwargs["debug"]:
+        logger.setLevel(logging.DEBUG)
+    ctx.obj['logger'] = logger
+
+
+@cloudctl.group()
+@click.pass_context
+def get(ctx):
+    """get action"""
+
+
+@cloudctl.group()
+@click.pass_context
+def stop(ctx):
+    """stop action"""
+
+
+@common_options
+@get.command('instances')
+@click.pass_context
+def get_instances_cmd(ctx, **kwargs):
+    if kwargs["debug"]:
+        logger.setLevel(logging.DEBUG)
+    ctx.obj['cloud'] = kwargs['cloud']
+
+    # create tags dict for query
+    tags = create_tags_dict(kwargs['tags'], kwargs['role'])
+    logger.debug("tags=" + str(tags))
+
+    print_instances(instances=list_instances(
+        logger=ctx.obj['logger'], tags=tags))
+
+
+@common_options
+@get.command('instances-api')
+@click.pass_context
+def get_instances_api(ctx, **kwargs):
+    if kwargs["debug"]:
+        logger.setLevel(logging.DEBUG)
+    ctx.obj['cloud'] = kwargs['cloud']
+
+    # create tags dict for query
+    tags = create_tags_dict(kwargs['tags'], kwargs['role'])
+    logger.debug("tags=" + str(tags))
+
+    print_instances(instances=list_instances_api(
+        logger=ctx.obj['logger'], tags=tags))
+
+
+@common_options
+@stop.command('instances')
+@click.pass_context
+def stop_instance_cmd(ctx, **kwargs):
+    if kwargs["debug"]:
+        logger.setLevel(logging.DEBUG)
+    logger.debug(kwargs.keys())
+    # create tags dict for query
+    tags = create_tags_dict(kwargs['tags'], kwargs['role'])
+    logger.debug("tags=" + str(tags))
+
+    instances = list_instances(logger=ctx.obj['logger'], tags=tags)
+    print_instances(instances)
+    auto_approve = kwargs['auto_approve']
+    logger.debug("auto approve=" + str(auto_approve))
+
+    if not auto_approve:
+        if click.confirm('Are you sure you want to stop instance/s above?', default=False):
+            pass
+        else:
+            click.echo('Operation aborted')
+            exit
+    ids = [ins['Id'] for ins in instances if 'Id' in ins]
+    logger.debug(ids)
+    stop_instances(ids=ids)
+
+
+def print_instances(instances):
+    if len(instances) == 0:
+        click.echo('No instances found by criteria')
+
+    else:
+        headers = instances[0].keys()
+        table_values = [x.values() for x in instances]
+        click.echo(tabulate(table_values, headers))
+
+
+def create_tags_dict(tags_tuple, role):
+    tags = dict((k, v) for k, v in tags_tuple)
+    if role:
+        tags['role'] = role
+
+    return tags
+
+
+def start():
+
+    try:
+        cloudctl(obj={})
+    except Exception as e:
+        print(e)
+
+
+if __name__ == '__main__':
+    start()
diff --git a/cloudctl/functions.py b/cloudctl/functions.py
@@ -0,0 +1,192 @@
+import boto3
+import os
+from os import path
+from configparser import ConfigParser
+from botocore.exceptions import *
+import sys
+import os
+import base64
+import datetime
+import hashlib
+import hmac
+import requests
+import urllib
+
+
+def list_instances(logger, tags, ** kwargs):
+    ec2 = boto3.resource('ec2')
+
+    ec2_filters = []
+    for tag_key in tags.keys():
+        ec2_filters.append(
+            {'Name': 'tag:' + tag_key, 'Values': [tags[tag_key]]})
+    instances = ec2.instances.filter(Filters=ec2_filters)
+    logger.debug(instances)
+    ec2_instances = []
+    for instance in instances:
+        # logger.debug(instance)
+        instance_struct = {}
+        instance_struct['Id'] = instance.id
+        instance_struct['Name'] = ''
+        instance_struct['State'] = instance.state['Name']
+        logger.debug(instance.tags)
+        if instance.tags != None:
+            for tag in instance.tags:
+                if tag['Key'] == 'Name':
+                    instance_struct['name'] = tag['Value']
+
+        ec2_instances.append(instance_struct)
+    logger.debug(ec2_instances)
+    return ec2_instances
+
+
+def stop_instances(ids):
+
+    ec2 = boto3.resource('ec2')
+    ec2.instances.filter(InstanceIds=ids).stop()
+
+
+# Key derivation functions. See:
+# http://docs.aws.amazon.com/general/latest/gr/signature-v4-examples.html#signature-v4-examples-python
+def sign(key, msg):
+    return hmac.new(key, msg.encode('utf-8'), hashlib.sha256).digest()
+
+
+def getSignatureKey(key, dateStamp, regionName, serviceName):
+    kDate = sign(('AWS4' + key).encode('utf-8'), dateStamp)
+    kRegion = sign(kDate, regionName)
+    kService = sign(kRegion, serviceName)
+    kSigning = sign(kService, 'aws4_request')
+    return kSigning
+
+
+def list_instances_api(logger, tags, ** kwargs):
+
+    # Read AWS access key from env. variables or configuration file. Best practice is NOT
+    # to embed credentials in code.
+    access_key = os.environ.get('AWS_ACCESS_KEY_ID')
+    secret_key = os.environ.get('AWS_SECRET_ACCESS_KEY')
+    if access_key is None or secret_key is None:
+        config = ConfigParser()
+        config.read([path.join(path.expanduser("~"), '.aws/credentials')])
+        try:
+            access_key = config.get('default', 'aws_access_key_id')
+            secret_key = config.get(
+                'default', 'aws_secret_access_key')
+        except:
+            raise Exception("No access and secret key is available.")
+    logger.debug(access_key)
+    logger.debug(secret_key)
+
+    method = 'GET'
+    service = 'ec2'
+    host = 'ec2.amazonaws.com'
+    # region = 'us-east-1'
+    region = 'us-west-2'
+    endpoint = 'https://ec2.amazonaws.com'
+    # request_parameters = 'Action=DescribeRegions&Version=2013-10-15'
+    request_parameters = 'Action=DescribeInstances&Version=2013-10-15'
+
+    ec2_filters = []
+    for tag_key in tags.keys():
+        ec2_filters.append(
+            {'Name': 'tag:' + tag_key, 'Values': [tags[tag_key]]})
+
+    # Create a date for headers and the credential string
+    t = datetime.datetime.utcnow()
+    amzdate = t.strftime('%Y%m%dT%H%M%SZ')
+    logger.debug('amzdate=' + amzdate + '|')
+    datestamp = t.strftime('%Y%m%d')  # Date w/o time, used in credential scope
+
+    # ************* TASK 1: CREATE A CANONICAL REQUEST *************
+    # http://docs.aws.amazon.com/general/latest/gr/sigv4-create-canonical-request.html
+
+    # Step 1 is to define the verb (GET, POST, etc.)--already done.
+
+    # Step 2: Create canonical URI--the part of the URI from domain to query
+    # string (use '/' if no path)
+    canonical_uri = '/'
+
+    # Step 3: Create the canonical query string. In this example (a GET request),
+    # request parameters are in the query string. Query string values must
+    # be URL-encoded (space=%20). The parameters must be sorted by name.
+    # For this example, the query string is pre-formatted in the request_parameters variable.
+    canonical_querystring = request_parameters
+
+    # Step 4: Create the canonical headers and signed headers. Header names
+    # must be trimmed and lowercase, and sorted in code point order from
+    # low to high. Note that there is a trailing \n.
+    canonical_headers = 'host:' + host + '\n' + 'x-amz-date:' + amzdate + '\n'
+
+    # Step 5: Create the list of signed headers. This lists the headers
+    # in the canonical_headers list, delimited with ";" and in alpha order.
+    # Note: The request can include any headers; canonical_headers and
+    # signed_headers lists those that you want to be included in the
+    # hash of the request. "Host" and "x-amz-date" are always required.
+    signed_headers = 'host;x-amz-date'
+
+    # Step 6: Create payload hash (hash of the request body content). For GET
+    # requests, the payload is an empty string ("").
+    payload_hash = hashlib.sha256(('').encode('utf-8')).hexdigest()
+
+    # Step 7: Combine elements to create canonical request
+    canonical_request = method + '\n' + canonical_uri + '\n' + canonical_querystring + \
+        '\n' + canonical_headers + '\n' + signed_headers + '\n' + payload_hash
+
+    # ************* TASK 2: CREATE THE STRING TO SIGN*************
+    # Match the algorithm to the hashing algorithm you use, either SHA-1 or
+    # SHA-256 (recommended)
+    algorithm = 'AWS4-HMAC-SHA256'
+    credential_scope = datestamp + '/' + region + \
+        '/' + service + '/' + 'aws4_request'
+    string_to_sign = algorithm + '\n' + amzdate + '\n' + credential_scope + \
+        '\n' + hashlib.sha256(canonical_request.encode('utf-8')).hexdigest()
+
+    # ************* TASK 3: CALCULATE THE SIGNATURE *************
+    # Create the signing key using the function defined above.
+    signing_key = getSignatureKey(secret_key, datestamp, region, service)
+
+    # Sign the string_to_sign using the signing_key
+    signature = hmac.new(signing_key, (string_to_sign).encode(
+        'utf-8'), hashlib.sha256).hexdigest()
+
+    # ************* TASK 4: ADD SIGNING INFORMATION TO THE REQUEST *************
+    # The signing information can be either in a query string value or in
+    # a header named Authorization. This code shows how to use a header.
+    # Create authorization header and add to request headers
+    authorization_header = algorithm + ' ' + 'Credential=' + access_key + '/' + \
+        credential_scope + ', ' + 'SignedHeaders=' + \
+        signed_headers + ', ' + 'Signature=' + signature
+
+    # The request can include any headers, but MUST include "host", "x-amz-date",
+    # and (for this scenario) "Authorization". "host" and "x-amz-date" must
+    # be included in the canonical_headers and signed_headers, as noted
+    # earlier. Order here is not significant.
+    # Python note: The 'host' header is added automatically by the Python 'requests' library.
+    headers = {'x-amz-date': amzdate, 'Authorization': authorization_header}
+    logger.debug(headers)
+    # ************* SEND THE REQUEST *************
+    request_url = endpoint + '?' + canonical_querystring
+
+    print('\nBEGIN REQUEST++++++++++++++++++++++++++++++++++++')
+    print('Request URL = ' + request_url)
+    r = requests.get(request_url, headers=headers)
+
+    print('\nRESPONSE++++++++++++++++++++++++++++++++++++')
+    print('Response code: %d\n' % r.status_code)
+    print(r.text)
+
+    ec2_instances = []
+    for instance in instances:
+
+        instance_struct = {}
+        instance_struct['Id'] = instance.id
+        instance_struct['Name'] = ''
+        instance_struct['State'] = instance.state['Name']
+        for tag in instance.tags:
+            if tag['Key'] == 'Name':
+                instance_struct['name'] = tag['Value']
+
+        ec2_instances.append(instance_struct)
+
+    return ec2_instances
diff --git a/setup.py b/setup.py
@@ -0,0 +1,16 @@
+from setuptools import setup, find_packages
+
+setup(
+    # mandatory
+    name='cloudctl',
+    # mandatory
+    version='0.1',
+    # mandatory
+    author_email='tsahiduek@gmail.com',
+    packages=['cloudctl'],
+    package_data={},
+    install_requires=['pylint', 'boto3', 'click', 'tabulate'],
+    entry_points={
+        'console_scripts': ['cloudctl = cloudctl.cloudctl:start']
+    }
+)
