From d0fa9766595855915198438527bad8ec2b3ed7b9 Mon Sep 17 00:00:00 2001 From: konsthol Date: Mon, 20 Mar 2023 19:06:45 +0200 Subject: [PATCH] Actual final build before release --- secdep.py | 60 +++++++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 50 insertions(+), 10 deletions(-) diff --git a/secdep.py b/secdep.py index a746da2..945e624 100755 --- a/secdep.py +++ b/secdep.py @@ -929,7 +929,14 @@ def create_node(provider, name=None, location=None, size=None, image=None, confi if gceNode.name == name: print("A node with that name already exists under this project, please choose another one") exit(0) - node = driver.create_node(name=name, image=image, size=size, location=location, ex_service_accounts=sa_scopes, ex_metadata=metadata) + if args.deploy: + actualDeployScript = ScriptFileDeployment(script_file=SECDEP_DEPLOY_SCRIPT, args=args.deploy, name="harden", delete=True) + node = driver.deploy_node(name=name, image=image, size=size, location=location, ex_service_accounts=sa_scopes, ex_metadata=metadata, deploy=actualDeployScript, ssh_key=SECDEP_SSH_PRIVATE_KEY, ssh_username="secdep") + print('harden stdout: %s' % (actualDeployScript.stdout)) + print('harden stderr: %s' % (actualDeployScript.stderr)) + print('harden exit_code: %s' % (actualDeployScript.exit_status)) + else: + node = driver.create_node(name=name, image=image, size=size, location=location, ex_service_accounts=sa_scopes, ex_metadata=metadata) elif provider == "azure": print("Keep in mind azure node creation may take a while because we need to create all the needed resources first") res_groups = driver.ex_list_resource_groups() @@ -977,7 +984,14 @@ def create_node(provider, name=None, location=None, size=None, image=None, confi network_client.security_rules.begin_create_or_update(res_group.name, sec_group.name,"allowAllInbound", SecurityRule(protocol='*', source_address_prefix='*', destination_address_prefix='*', access='Allow', direction='Inbound', description='Allow all', source_port_range='*', destination_port_range='*', priority=4096, name="allowAll")) network_client.security_rules.begin_create_or_update(res_group.name, sec_group.name,"allowAllOutbound", SecurityRule(protocol='*', source_address_prefix='*', destination_address_prefix='*', access='Allow', direction='Outbound', description='Allow all', source_port_range='*', destination_port_range='*', priority=4096, name="allowAll")) # Create the node - node = driver.create_node(name=name, size=size, image=image, location=location, auth=auth, ex_user_name="secdep", ex_resource_group=res_group.name, ex_use_managed_disks=True, ex_nic=newnic, ex_os_disk_delete=True) + if args.deploy: + actualDeployScript = ScriptFileDeployment(script_file=SECDEP_DEPLOY_SCRIPT, args=args.deploy, name="harden", delete=True) + node = driver.deploy_node(name=name, size=size, image=image, location=location, auth=auth, ex_user_name="secdep", ex_resource_group=res_group.name, ex_use_managed_disks=True, ex_nic=newnic, ex_os_disk_delete=True, deploy=actualDeployScript, ssh_key=SECDEP_SSH_PRIVATE_KEY, ssh_username="secdep") + print('harden stdout: %s' % (actualDeployScript.stdout)) + print('harden stderr: %s' % (actualDeployScript.stderr)) + print('harden exit_code: %s' % (actualDeployScript.exit_status)) + else: + node = driver.create_node(name=name, size=size, image=image, location=location, auth=auth, ex_user_name="secdep", ex_resource_group=res_group.name, ex_use_managed_disks=True, ex_nic=newnic, ex_os_disk_delete=True) else: # If provider was aws # Delete all keys since we are just going to upload the same one for the creation @@ -1009,11 +1023,17 @@ def create_node(provider, name=None, location=None, size=None, image=None, confi actualDeployScript = ScriptFileDeployment(script_file=SECDEP_DEPLOY_SCRIPT, args=args.deploy, name="harden", delete=True) msd = MultiStepDeployment([deploy, actualDeployScript]) node = driver.deploy_node(name=name, image=image, size=size, ex_keyname=keyname, deploy=msd, ssh_key=SECDEP_SSH_PRIVATE_KEY, ssh_alternate_usernames=["admin", "ec2-user", "centos", "fedora", "ubuntu"]) + print('deploy stdout: %s' % (deploy.stdout)) + print('deploy stderr: %s' % (deploy.stderr)) + print('deploy exit_code: %s' % (deploy.exit_status)) + print('harden stdout: %s' % (actualDeployScript.stdout)) + print('harden stderr: %s' % (actualDeployScript.stderr)) + print('harden exit_code: %s' % (actualDeployScript.exit_status)) else: node = driver.deploy_node(name=name, image=image, size=size, ex_keyname=keyname, deploy=deploy, ssh_key=SECDEP_SSH_PRIVATE_KEY, ssh_alternate_usernames=["admin", "ec2-user", "centos", "fedora", "ubuntu"]) - print('stdout: %s' % (deploy.stdout)) - print('stderr: %s' % (deploy.stderr)) - print('exit_code: %s' % (deploy.exit_status)) + print('deploy stdout: %s' % (deploy.stdout)) + print('deploy stderr: %s' % (deploy.stderr)) + print('deploy exit_code: %s' % (deploy.exit_status)) else: # When the -y or --yes parameter is passed we go straight to the node creation if provider == "gce": @@ -1022,7 +1042,14 @@ def create_node(provider, name=None, location=None, size=None, image=None, confi if gceNode.name == name: print("A node with that name already exists under this project, please choose another one") exit(0) - node = driver.create_node(name=name, image=image, size=size, location=location, ex_service_accounts=sa_scopes, ex_metadata=metadata) + if args.deploy: + actualDeployScript = ScriptFileDeployment(script_file=SECDEP_DEPLOY_SCRIPT, args=args.deploy, name="harden", delete=True) + node = driver.deploy_node(name=name, image=image, size=size, location=location, ex_service_accounts=sa_scopes, ex_metadata=metadata, deploy=actualDeployScript, ssh_key=SECDEP_SSH_PRIVATE_KEY, ssh_username="secdep") + print('harden stdout: %s' % (actualDeployScript.stdout)) + print('harden stderr: %s' % (actualDeployScript.stderr)) + print('harden exit_code: %s' % (actualDeployScript.exit_status)) + else: + node = driver.create_node(name=name, image=image, size=size, location=location, ex_service_accounts=sa_scopes, ex_metadata=metadata) elif provider == "azure": print("Keep in mind azure node creation may take a while because we need to create all the needed resources first") res_groups = driver.ex_list_resource_groups() @@ -1070,7 +1097,14 @@ def create_node(provider, name=None, location=None, size=None, image=None, confi network_client.security_rules.begin_create_or_update(res_group.name, sec_group.name,"allowAllInbound", SecurityRule(protocol='*', source_address_prefix='*', destination_address_prefix='*', access='Allow', direction='Inbound', description='Allow all', source_port_range='*', destination_port_range='*', priority=4096, name="allowAll")) network_client.security_rules.begin_create_or_update(res_group.name, sec_group.name,"allowAllOutbound", SecurityRule(protocol='*', source_address_prefix='*', destination_address_prefix='*', access='Allow', direction='Outbound', description='Allow all', source_port_range='*', destination_port_range='*', priority=4096, name="allowAll")) # Create the node - node = driver.create_node(name=name, size=size, image=image, location=location, auth=auth, ex_user_name="secdep", ex_resource_group=res_group.name, ex_use_managed_disks=True, ex_nic=newnic, ex_os_disk_delete=True) + if args.deploy: + actualDeployScript = ScriptFileDeployment(script_file=SECDEP_DEPLOY_SCRIPT, args=args.deploy, name="harden", delete=True) + node = driver.deploy_node(name=name, size=size, image=image, location=location, auth=auth, ex_user_name="secdep", ex_resource_group=res_group.name, ex_use_managed_disks=True, ex_nic=newnic, ex_os_disk_delete=True, deploy=actualDeployScript, ssh_key=SECDEP_SSH_PRIVATE_KEY, ssh_username="secdep") + print('harden stdout: %s' % (actualDeployScript.stdout)) + print('harden stderr: %s' % (actualDeployScript.stderr)) + print('harden exit_code: %s' % (actualDeployScript.exit_status)) + else: + node = driver.create_node(name=name, size=size, image=image, location=location, auth=auth, ex_user_name="secdep", ex_resource_group=res_group.name, ex_use_managed_disks=True, ex_nic=newnic, ex_os_disk_delete=True) else: # If provider was aws # Delete all keys since we are just going to upload the same one for the creation @@ -1102,11 +1136,17 @@ def create_node(provider, name=None, location=None, size=None, image=None, confi actualDeployScript = ScriptFileDeployment(script_file=SECDEP_DEPLOY_SCRIPT, args=args.deploy, name="harden", delete=True) msd = MultiStepDeployment([deploy, actualDeployScript]) node = driver.deploy_node(name=name, image=image, size=size, ex_keyname=keyname, deploy=msd, ssh_key=SECDEP_SSH_PRIVATE_KEY, ssh_alternate_usernames=["admin", "ec2-user", "centos", "fedora", "ubuntu"]) + print('deploy stdout: %s' % (deploy.stdout)) + print('deploy stderr: %s' % (deploy.stderr)) + print('deploy exit_code: %s' % (deploy.exit_status)) + print('harden stdout: %s' % (actualDeployScript.stdout)) + print('harden stderr: %s' % (actualDeployScript.stderr)) + print('harden exit_code: %s' % (actualDeployScript.exit_status)) else: node = driver.deploy_node(name=name, image=image, size=size, ex_keyname=keyname, deploy=deploy, ssh_key=SECDEP_SSH_PRIVATE_KEY, ssh_alternate_usernames=["admin", "ec2-user", "centos", "fedora", "ubuntu"]) - print('stdout: %s' % (deploy.stdout)) - print('stderr: %s' % (deploy.stderr)) - print('exit_code: %s' % (deploy.exit_status)) + print('deploy stdout: %s' % (deploy.stdout)) + print('deploy stderr: %s' % (deploy.stderr)) + print('deploy exit_code: %s' % (deploy.exit_status)) print(node.name + " created successfully") print("Node is initializing") print("ip to connect to")