CloudShell-Terraform-Shell/package/cloudshell/iac/terraform/services/clp_envvar_handler.py at 3b912a7b5c9cfedc6d938a8c125c057fcf1979c5 · QualiSystemsLab/CloudShell-Terraform-Shell · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
import os
from abc import ABCMeta

from cloudshell.iac.terraform.models.shell_helper import ShellHelperObject


class BaseCloudProviderEnvVarHandler(metaclass=ABCMeta):
    def __init__(self):
        pass

    def set_env_vars_based_on_clp(self):
        raise NotImplementedError()

    @staticmethod
    def does_attribute_match(clp_res_model, clp_attribute, attr_name_to_check) -> bool:
        if f"{clp_res_model}.{attr_name_to_check}" == clp_attribute.Name or attr_name_to_check == clp_attribute.Name:
            return True
        return False


class AWSCloudProviderEnvVarHandler(BaseCloudProviderEnvVarHandler):
    def __init__(self, clp_res_model: str, clp_resource_attributes: list,
                 shell_helper: ShellHelperObject):
        BaseCloudProviderEnvVarHandler.__init__(self)
        self._clp_res_model = clp_res_model
        self._clp_resource_attributes = clp_resource_attributes
        self._shell_helper = shell_helper

    def set_env_vars_based_on_clp(self):
        dec_access_key = ""
        dec_secret_key = ""
        region_flag = False

        for attr in self._clp_resource_attributes:
            if self.does_attribute_match(self._clp_res_model, attr, "AWS Access Key ID"):
                dec_access_key = self._shell_helper.api.DecryptPassword(attr.Value).Value
            if self.does_attribute_match(self._clp_res_model, attr, "AWS Secret Access Key"):
                dec_secret_key = self._shell_helper.api.DecryptPassword(attr.Value).Value
            if self.does_attribute_match(self._clp_res_model, attr, "Region"):
                os.environ["AWS_DEFAULT_REGION"] = attr.Value
                region_flag = True
        if not region_flag:
            raise ValueError("Region was not found on AWS Cloud Provider")

        # We must check both keys exist...if not then the EC2 Execution Server profile would be used (Role)
        if dec_access_key and dec_secret_key:
            os.environ["AWS_ACCESS_KEY_ID"] = dec_access_key
            os.environ["AWS_SECRET_ACCESS_KEY"] = dec_secret_key


class AzureCloudProviderEnvVarHandler(BaseCloudProviderEnvVarHandler):
    def __init__(self, clp_res_model, clp_resource_attributes, shell_helper):
        BaseCloudProviderEnvVarHandler.__init__(self)
        self._clp_res_model = clp_res_model
        self._clp_resource_attributes = clp_resource_attributes
        self._shell_helper = shell_helper

    def set_env_vars_based_on_clp(self):
        for attr in self._clp_resource_attributes:
            if self.does_attribute_match(self._clp_res_model, attr, "Azure Subscription ID"):
                os.environ["ARM_SUBSCRIPTION_ID"] = attr.Value
            if self.does_attribute_match(self._clp_res_model, attr, "Azure Tenant ID"):
                os.environ["ARM_TENANT_ID"] = attr.Value
            if self.does_attribute_match(self._clp_res_model, attr, "Azure Application ID"):
                os.environ["ARM_CLIENT_ID"] = attr.Value
            if self.does_attribute_match(self._clp_res_model, attr, "Azure Application Key"):
                os.environ["ARM_CLIENT_SECRET"] = self._shell_helper.api.DecryptPassword(attr.Value).Value