konsthol/SecDep
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

this is my quickfix branch and i will use to do my quickfixes

Browse Source
This commit is contained in:
konsthol
2023-03-15 22:52:17 +02:00
parent d2e4121ca7
commit 141b8ad902
1 changed files with 74 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

93
secdep.py
View File

@@ -62,15 +62,15 @@ parser.add_argument('-x', '--start', help='Start an instance', action='store_tru
parser.add_argument('-z', '--stop', help='Stop an instance', action='store_true')
parser.add_argument('-r', '--reboot', help='Reboot an instance', action='store_true')
parser.add_argument('-f', '--file', help='File to run on an instance', type=str, default=None, required=False)
parser.add_argument('-p', '--listimages', help='List images', action='store_true')
parser.add_argument('-q', '--listsizes', help='List sizes', action='store_true')
parser.add_argument('-I', '--listimages', help='List images', action='store_true')
parser.add_argument('-S', '--listsizes', help='List sizes', action='store_true')
parser.add_argument('-G', '--listlocations', help='List locations', action='store_true')
parser.add_argument('-i', '--image', help='Image to use')
parser.add_argument('-s', '--size', help='Size of instance')
parser.add_argument('-n', '--name', help='Name of instance')
parser.add_argument('-g', '--region', help='Region to use')
parser.add_argument('-y', '--yes', help='Do not ask for confirmation', action='store_true')
parser.add_argument('-k', '--print', help='Also print image, location or size', action='store_true')
parser.add_argument('-p', '--print', help='Also print image, location or size', action='store_true')
args = parser.parse_args()
if not os.path.exists(SECDEP_SSH_PUBLIC_KEY) or not os.path.exists(SECDEP_SSH_PRIVATE_KEY):
@@ -106,9 +106,8 @@ if not os.path.exists(ENV_FILE):
# 7) SECDEP_AZURE_PASSWORD
# 8) SECDEP_AZURE_RESOURCE_GROUP
# 9) SECDEP_AZURE_VIRTUAL_NETWORK
# 10 SECDEP_AZURE_STORAGE_ACCOUNT
# 11) SECDEP_AWS_ACCESS_KEY
# 12) SECDEP_AWS_SECRET_KEY
# 10) SECDEP_AWS_ACCESS_KEY
# 11) SECDEP_AWS_SECRET_KEY
# For GCE we need to create a service account (with Owner Role from the IAM section) and download the json file (from
# the Service Account's manage keys section) in the same directory as the script
@@ -159,10 +158,6 @@ with open(ENV_FILE, 'r') as f:
SECDEP_AZURE_VIRTUAL_NETWORK = input("Enter your AZURE_VIRTUAL_NETWORK: ")
with open(ENV_FILE, 'a') as f:
f.write('SECDEP_AZURE_VIRTUAL_NETWORK={}\n'.format(SECDEP_AZURE_VIRTUAL_NETWORK))
if 'SECDEP_AZURE_STORAGE_ACCOUNT' not in env_file_content:
SECDEP_AZURE_STORAGE_ACCOUNT = input("Enter your AZURE_STORAGE_ACCOUNT: ")
with open(ENV_FILE, 'a') as f:
f.write('SECDEP_AZURE_STORAGE_ACCOUNT={}\n'.format(SECDEP_AZURE_STORAGE_ACCOUNT))
if 'SECDEP_AWS_ACCESS_KEY' not in env_file_content:
SECDEP_AWS_ACCESS_KEY = input("Enter your AWS_ACCESS_KEY: ")
with open(ENV_FILE, 'a') as f:
@@ -196,7 +191,6 @@ def get_env_vars():
global SECDEP_AZURE_PASSWORD
global SECDEP_AZURE_RESOURCE_GROUP
global SECDEP_AZURE_VIRTUAL_NETWORK
global SECDEP_AZURE_STORAGE_ACCOUNT
global SECDEP_AWS_ACCESS_KEY
global SECDEP_AWS_SECRET_KEY
# GCE
@@ -214,7 +208,6 @@ def get_env_vars():
SECDEP_AZURE_PASSWORD = os.getenv('SECDEP_AZURE_PASSWORD')
SECDEP_AZURE_RESOURCE_GROUP = os.getenv('SECDEP_AZURE_RESOURCE_GROUP')
SECDEP_AZURE_VIRTUAL_NETWORK = os.getenv('SECDEP_AZURE_VIRTUAL_NETWORK')
SECDEP_AZURE_STORAGE_ACCOUNT = os.getenv('SECDEP_AZURE_STORAGE_ACCOUNT')
# AWS
SECDEP_AWS_ACCESS_KEY = os.getenv('SECDEP_AWS_ACCESS_KEY')
SECDEP_AWS_SECRET_KEY = os.getenv('SECDEP_AWS_SECRET_KEY')
@@ -970,6 +963,17 @@ def create_node(provider, name=None, location=None, size=None, image=None, confi
if provider == "gce":
node = driver.create_node(name=name, image=image, size=size, location=location, ex_service_accounts=sa_scopes, ex_metadata=metadata)
elif provider == "azure":
# sec_groups = driver.ex_list_network_security_groups(SECDEP_AZURE_RESOURCE_GROUP)
# for sec_group in sec_groups:
# if sec_group.name == name+"-sec_group":
# print("A security group with that name already exists, please try a different virtual machine name to differentiate the security group name")
# exit(0)
# ips = driver.ex_list_public_ips(SECDEP_AZURE_RESOURCE_GROUP)
# for ip in ips:
# if ip.name == name+"-ip":
# print("An ip with that name already exists, please try a different virtual machine name to differentiate the ip name")
# exit(0)
# driver.ex_create_network_security_group(name=name+"-sec_group", resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location)
networks = driver.ex_list_networks()
for network in networks:
if network.name == SECDEP_AZURE_VIRTUAL_NETWORK:
@@ -983,8 +987,10 @@ def create_node(provider, name=None, location=None, size=None, image=None, confi
print('Current virtual network\'s location: %s' % (ex_network.location))
exit(0)
subnet = driver.ex_list_subnets(network=ex_network)[0]
network_interface = driver.ex_create_network_interface(name=name, subnet=subnet, resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location)
node = driver.create_node(name=name, size=size, image=image, location=location, auth=auth, ex_user_name="secdep", ex_resource_group=SECDEP_AZURE_RESOURCE_GROUP, ex_storage_account=SECDEP_AZURE_STORAGE_ACCOUNT, ex_nic=network_interface, ex_os_disk_delete=True)
# public_ip = driver.ex_create_public_ip(name=name+"-ip", resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location, public_ip_allocation_method="Static")
print(public_ip = driver.ex_list_public_ips(SECDEP_AZURE_RESOURCE_GROUP))
network_interface = driver.ex_create_network_interface(name=name+"-nic", subnet=subnet, resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location, public_ip=public_ip)
node = driver.create_node(name=name, size=size, image=image, location=location, auth=auth, ex_user_name="secdep", ex_resource_group=SECDEP_AZURE_RESOURCE_GROUP, ex_use_managed_disks=True, ex_nic=network_interface, ex_os_disk_delete=True)
else:
keys = driver.list_key_pairs()
for key in keys:
@@ -1018,6 +1024,17 @@ def create_node(provider, name=None, location=None, size=None, image=None, confi
if provider == "gce":
node = driver.create_node(name=name, image=image, size=size, location=location, ex_service_accounts=sa_scopes, ex_metadata=metadata)
elif provider == "azure":
# sec_groups = driver.ex_list_network_security_groups(SECDEP_AZURE_RESOURCE_GROUP)
# for sec_group in sec_groups:
# if sec_group.name == name+"-sec_group":
# print("A security group with that name already exists, please try a different virtual machine name to differentiate the security group name")
# exit(0)
# ips = driver.ex_list_public_ips(SECDEP_AZURE_RESOURCE_GROUP)
# for ip in ips:
# if ip.name == name+"-ip":
# print("An ip with that name already exists, please try a different virtual machine name to differentiate the ip name")
# exit(0)
# driver.ex_create_network_security_group(name=name+"-sec_group", resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location)
networks = driver.ex_list_networks()
for network in networks:
if network.name == SECDEP_AZURE_VIRTUAL_NETWORK:
@@ -1031,8 +1048,10 @@ def create_node(provider, name=None, location=None, size=None, image=None, confi
print('Current virtual network\'s location: %s' % (ex_network.location))
exit(0)
subnet = driver.ex_list_subnets(network=ex_network)[0]
network_interface = driver.ex_create_network_interface(name=name, subnet=subnet, resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location)
node = driver.create_node(name=name, size=size, image=image, location=location, auth=auth, ex_user_name="secdep", ex_resource_group=SECDEP_AZURE_RESOURCE_GROUP, ex_storage_account=SECDEP_AZURE_STORAGE_ACCOUNT, ex_nic=network_interface, ex_os_disk_delete=True)
# public_ip = driver.ex_create_public_ip(name=name+"-ip", resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location, public_ip_allocation_method="Static")
public_ip = driver.ex_list_public_ips(SECDEP_AZURE_RESOURCE_GROUP)[0]
network_interface = driver.ex_create_network_interface(name=name+"-nic", subnet=subnet, resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location, public_ip=public_ip)
node = driver.create_node(name=name, size=size, image=image, location=location, auth=auth, ex_user_name="secdep", ex_resource_group=SECDEP_AZURE_RESOURCE_GROUP, ex_use_managed_disks=True, ex_nic=network_interface, ex_os_disk_delete=True)
else:
keys = driver.list_key_pairs()
for key in keys:
@@ -1073,18 +1092,21 @@ def list_all_nodes(filterOut=None):
print("Getting all nodes...")
nodes = []
if SECDEP_GCE_CLIENT_ID != "":
print("Getting GCE nodes...")
driver = get_corresponding_driver("gce")
gceNodes = driver.list_nodes()
if len(gceNodes) > 0:
for node in gceNodes:
nodes.append(node)
if SECDEP_AZURE_APP_ID != "":
print("Getting AZURE nodes...")
driver2 = get_corresponding_driver("azure")
azureNodes = driver2.list_nodes()
if len(azureNodes) > 0:
for node in azureNodes:
nodes.append(node)
if SECDEP_AWS_ACCESS_KEY != "":
print("Getting AWS nodes...")
awsLocations = ["ap-northeast-1", "ap-northeast-2", "ap-northeast-3", "ap-south-1", "ap-southeast-1", "ap-southeast-2", "ca-central-1", "eu-central-1", "eu-north-1", "eu-west-1", "eu-west-2", "eu-west-3", "sa-east-1", "us-east-1", "us-east-2", "us-west-1", "us-west-2"]
for region in awsLocations:
driver3 = get_driver(Provider.EC2)(SECDEP_AWS_ACCESS_KEY, SECDEP_AWS_SECRET_KEY,region=region)
@@ -1127,6 +1149,23 @@ def delete_node():
print("%s node deleted successfully" % (providerName.upper()))
else:
print("%s node could not be deleted" % (providerName.upper()))
# if providerName == "azure":
# driver = get_corresponding_driver("azure")
# node_location = node.extra['location']
# locations = driver.list_locations()
# for loc in locations:
# if loc.id == node_location:
# location = loc
# break
# sec_groups = driver.ex_list_network_security_groups(SECDEP_AZURE_RESOURCE_GROUP)
# for sec_group in sec_groups:
# if sec_group.name == node.name+"-sec_group":
# driver.ex_delete_network_security_group(name=sec_group.name, resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location)
# ips = driver.ex_list_public_ips(SECDEP_AZURE_RESOURCE_GROUP)
# for ip in ips:
# if ip.name == node.name+"-ip":
# driver.ex_delete_public_ip(ip)
def delete_all_nodes():
nodes = list_all_nodes("terminated")
@@ -1145,23 +1184,39 @@ def delete_all_nodes():
print("%s node deleted successfully" % (node.name))
else:
print("%s node could not be deleted" % (node.name))
# if providerName == "azure":
# driver = get_corresponding_driver("azure")
# node_location = node.extra['location']
# locations = driver.list_locations()
# for loc in locations:
# if loc.id == node_location:
# location = loc
# break
# sec_groups = driver.ex_list_network_security_groups(SECDEP_AZURE_RESOURCE_GROUP)
# for sec_group in sec_groups:
# if sec_group.name == node.name+"-sec_group":
# driver.ex_delete_network_security_group(name=sec_group.name, resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location)
# ips = driver.ex_list_public_ips(SECDEP_AZURE_RESOURCE_GROUP)
# for ip in ips:
# if ip.name == node.name+"-ip":
# driver.ex_delete_public_ip(ip)
# If -p -q or -G is passed, provider must be passed as well
# If -I -S or -G is passed, provider must be passed as well
if args.listimages or args.listsizes or args.listlocations:
assert args.provider is not None, "Provider must be passed if listing images, sizes or locations"
# If -v or --values is passed, call the update_env_file function
if args.values:
update_env_file()
if args.listimages and args.provider:
# If -p or --listimages is passed, call the list_provider_images function
# If -I or --listimages is passed, call the list_provider_images function
if args.print:
print(get_provider_image(args.provider))
else:
list_provider_images(args.provider)
exit(0)
if args.listsizes and args.provider:
# If -q or --listsizes is passed, call the list_provider_sizes function
# If -S or --listsizes is passed, call the list_provider_sizes function
if args.print:
print(get_provider_size(args.provider))
else: