/
client.py
394 lines (316 loc) · 15.9 KB
/
client.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
import logging
from attrs import define
from functools import lru_cache
from typing import List, Any, Optional, Union, TypeVar, Callable, Mapping
import boto3
import requests
from botocore.exceptions import EndpointConnectionError, HTTPClientError
from retrying import retry as retry_decorator
from urllib.parse import urljoin, urlencode
from datetime import datetime
from resoto_plugin_digitalocean.utils import RetryableHttpError
from resoto_plugin_digitalocean.utils import retry_on_error
from resotolib.config import Config
from resotolib.core.actions import CoreFeedback
from resotolib.types import Json
F = TypeVar("F", bound=Callable[..., Any])
def retry(func: F) -> F:
return retry_decorator( # type: ignore
stop_max_attempt_number=10,
wait_exponential_multiplier=3000,
wait_exponential_max=300000,
retry_on_exception=retry_on_error,
)(func)
log = logging.getLogger("resoto." + __name__)
Failure = str
# todo: make it async
# todo: stream the response
class StreamingWrapper:
def __init__(
self,
token: str,
spaces_access_key: Optional[str],
spaces_secret_key: Optional[str],
core_feedback: Optional[CoreFeedback] = None,
) -> None:
self.token = token
self.spaces_access_key = spaces_access_key
self.spaces_secret_key = spaces_secret_key
self.core_feedback = core_feedback
self.do_api_endpoint = "https://api.digitalocean.com/v2"
self.headers = {
"Authorization": f"Bearer {token}",
"Content-Type": "application/json",
}
if spaces_access_key and spaces_secret_key:
self.session = boto3.session.Session()
else:
self.session = None
def with_feedback(self, core_feedback: CoreFeedback) -> "StreamingWrapper":
return StreamingWrapper(self.token, self.spaces_access_key, self.spaces_secret_key, core_feedback)
def check_status_code(self, response: requests.Response) -> bool:
status_code = response.status_code
url = response.request.url
method = response.request.method
if status_code == 429:
raise RetryableHttpError(f"Too many requests: {method} {url} {response.reason} {response.text}")
if status_code // 100 == 5:
msg = f"Server error: {method} {url} {response.reason} {response.text}"
if self.core_feedback:
self.core_feedback.error(msg, log)
raise RetryableHttpError(msg)
if status_code // 100 == 4:
msg = f"Client error: {method} {url} {response.reason} {response.text}"
if self.core_feedback:
self.core_feedback.error(msg, log)
return False
if status_code // 100 == 2:
log.debug(f"Success: {method} {url}")
return True
log.warning(f"unknown status code {status_code}: {method} {url} {response.reason} {response.text}")
return False
@retry
def _fetch(self, path: str, payload_object_name: str, query: Optional[Mapping[str, str]] = None) -> List[Json]:
result: List[Json] = []
url = f"{self.do_api_endpoint}{path}"
params = {"page": "1", "per_page": "200"}
params.update(query or {})
url = f"{url}?{urlencode(params)}"
log.debug(f"fetching {url}")
def validate_status(response: requests.Response) -> requests.Response:
if response.status_code == 429:
raise RetryableHttpError(f"Too many requests: {response.reason} {response.text}")
if response.status_code / 100 == 5:
msg = f"Server error: {response.reason} {response.text}"
if self.core_feedback:
self.core_feedback.error(msg, log)
raise RetryableHttpError(msg)
return response
json_response = validate_status(requests.get(url, headers=self.headers, allow_redirects=True)).json()
payload = json_response.get(payload_object_name, [])
result.extend(payload if isinstance(payload, list) else [payload])
while json_response.get("links", {}).get("pages", {}).get("last", "") != url:
url = json_response.get("links", {}).get("pages", {}).get("next", "")
if url == "":
break
url = urljoin(self.do_api_endpoint, url)
log.debug(f"fetching {url}")
json_response = validate_status(requests.get(url, headers=self.headers, allow_redirects=True)).json()
payload = json_response.get(payload_object_name, [])
result.extend(payload if isinstance(payload, list) else [payload])
log.debug(f"DO request {path} returned {len(result)} items")
result = [item for item in result if item is not None]
return result
@retry
def delete(self, path: str, resource_id: Optional[str]) -> bool:
resource_id_path = f"/{resource_id}" if resource_id else ""
url = f"{self.do_api_endpoint}{path}{resource_id_path}"
log.debug(f"deleting {url}")
response = requests.delete(url, headers=self.headers, allow_redirects=True)
status_code = response.status_code
if status_code == 429:
raise RetryableHttpError(f"Too many requests: {url} {response.reason} {response.text}")
if status_code // 100 == 5:
raise RetryableHttpError(f"Server error: {url} {response.reason} {response.text}")
if status_code == 422 and path == "/floating_ips":
is_being_unassighed = "The floating IP already has a pending event."
if response.json().get("message") == is_being_unassighed:
raise RetryableHttpError(f"floating_ip: {url} {response.reason} {response.text}")
if status_code // 100 == 4:
log.warning(f"Client error: DELETE {url} {response.reason} {response.text}")
return False
if status_code // 100 == 2:
log.debug(f"deleted: {url}")
return True
log.warning(f"unknown status code {status_code}: {url} {response.reason} {response.text}")
return False
def get_team_id(self) -> str:
return str(self._fetch("/projects", "projects")[0]["owner_id"])
def list_projects(self) -> List[Json]:
return self._fetch("/projects", "projects")
def list_project_resources(self, project_id: str) -> List[Json]:
return self._fetch(f"/projects/{project_id}/resources", "resources")
def list_droplets(self) -> List[Json]:
return self._fetch("/droplets", "droplets")
def list_droplets_neighbors_ids(self) -> List[List[str]]:
json_obj = self._fetch("/reports/droplet_neighbors_ids", "neighbor_ids")
result = [[str(id) for id in droplet_ids] for droplet_ids in json_obj if isinstance(droplet_ids, list)]
return result
def list_regions(self) -> List[Json]:
return self._fetch("/regions", "regions")
def list_volumes(self) -> List[Json]:
return self._fetch("/volumes", "volumes")
def list_databases(self) -> List[Json]:
return self._fetch("/databases", "databases")
def list_vpcs(self) -> List[Json]:
return self._fetch("/vpcs", "vpcs")
def list_kubernetes_clusters(self) -> List[Json]:
return self._fetch("/kubernetes/clusters", "kubernetes_clusters")
def list_snapshots(self) -> List[Json]:
return self._fetch("/snapshots", "snapshots")
def list_load_balancers(self) -> List[Json]:
return self._fetch("/load_balancers", "load_balancers")
def list_floating_ips(self) -> List[Json]:
return self._fetch("/floating_ips", "floating_ips")
@retry
def unassign_floating_ip(self, floating_ip_id: str) -> bool:
payload = '{"type":"unassign"}'
url = f"{self.do_api_endpoint}/floating_ips/{floating_ip_id}/actions"
response = requests.post(
url,
headers=self.headers,
data=payload,
allow_redirects=True,
)
return self.check_status_code(response)
@retry
def list_spaces(self, region_slug: str) -> List[Json]:
if self.session is not None:
try:
resource = self.session.resource(
"s3",
endpoint_url=f"https://{region_slug}.digitaloceanspaces.com",
region_name=region_slug,
aws_access_key_id=self.spaces_access_key,
aws_secret_access_key=self.spaces_secret_key,
)
buckets: List[Json] = resource.meta.client.list_buckets().get("Buckets", [])
return buckets
except HTTPClientError:
raise RetryableHttpError("DO Spaces: Too many requests")
except EndpointConnectionError:
return []
except Exception as e:
log.warning(f"Unknown exception when listing spaces, skipping. Exception: {e}")
return []
else:
return []
@retry
def delete_space(self, region_slug: str, bucket_name: str) -> bool:
if self.session is not None:
try:
s3 = self.session.resource(
"s3",
endpoint_url=f"https://{region_slug}.digitaloceanspaces.com",
region_name=region_slug,
aws_access_key_id=self.spaces_access_key,
aws_secret_access_key=self.spaces_secret_key,
)
def handle_response_code(result: Any) -> bool:
if not isinstance(result, list):
result = [result]
for message in result:
status_code = message.get("ResponseMetadata", {}).get("HTTPStatusCode")
if status_code // 100 == 5:
raise RetryableHttpError(
f"Server error: region: {region_slug}, bucket: {bucket_name}, msg: {message}"
)
if status_code == 429:
raise RetryableHttpError(
f"Too many requests: {region_slug}, bucket: {bucket_name}, msg: {message}"
)
if status_code // 100 == 4:
log.warning(f"Client error: region: {region_slug}, bucket: {bucket_name}, msg: {message}")
return False
return True
s3_bucket = s3.Bucket(bucket_name)
bucket_versioning = s3.BucketVersioning(bucket_name)
object_deletion_result = None
if bucket_versioning.status == "Enabled":
object_deletion_result = s3_bucket.object_versions.delete()
else:
object_deletion_result = s3_bucket.objects.delete()
handle_response_code(object_deletion_result)
bucket_deletion_result = s3_bucket.delete()
return handle_response_code(bucket_deletion_result)
except RetryableHttpError as e:
raise e
except Exception as e:
log.warning(f"Unknown exception when deleting space, skipping. Exception: {e}")
return False
else:
return False
def list_apps(self) -> List[Json]:
return self._fetch("/apps", "apps")
def list_cdn_endpoints(self) -> List[Json]:
return self._fetch("/cdn/endpoints", "endpoints")
def list_certificates(self) -> List[Json]:
return self._fetch("/certificates", "certificates")
def get_registry_info(self) -> List[Json]:
return self._fetch("/registry", "registry")
def list_registry_repositories(self, registry_id: str) -> List[Json]:
return self._fetch(f"/registry/{registry_id}/repositoriesV2", "repositories")
def list_registry_repository_tags(self, registry_id: str, repository_name: str) -> List[Json]:
return self._fetch(f"/registry/{registry_id}/repositories/{repository_name}/tags", "tags")
def list_ssh_keys(self) -> List[Json]:
return self._fetch("/account/keys", "ssh_keys")
def list_tags(self) -> List[Json]:
return self._fetch("/tags", "tags")
@retry
def get_tag_count(self, tag_name: str) -> Union[Failure, None, int]:
url = f"{self.do_api_endpoint}/tags/{tag_name}"
response = requests.get(url, headers=self.headers, allow_redirects=True)
if response.status_code == 404:
return None
if self.check_status_code(response):
count: int = response.json().get("tag", {}).get("tag", {}).get("resources", {}).get("count", 0)
return count
return (
f"get_tag_count call failed: status {response.status_code}, "
f"reason: {response.reason}, payload: {response.text}"
)
@retry
def create_tag(self, tag_name: str) -> bool:
url = f"{self.do_api_endpoint}/tags"
response = requests.post(url, headers=self.headers, json={"name": tag_name})
return self.check_status_code(response)
@retry
def tag_resource(self, tag_name: str, resource_type: str, resource_id: str) -> bool:
url = f"{self.do_api_endpoint}/tags/{tag_name}/resources"
payload = {"resources": [{"resource_id": resource_id, "resource_type": resource_type}]}
response = requests.post(url, headers=self.headers, json=payload, allow_redirects=True)
return self.check_status_code(response)
@retry
def untag_resource(self, tag_name: str, resource_type: str, resource_id: str) -> bool:
url = f"{self.do_api_endpoint}/tags/{tag_name}/resources"
payload = {"resources": [{"resource_id": resource_id, "resource_type": resource_type}]}
response = requests.delete(url, headers=self.headers, json=payload, allow_redirects=True)
if response.status_code == 404:
raise RuntimeError(f"Tag {tag_name} or {resource_type} {resource_id} not found.")
return self.check_status_code(response)
def list_domains(self) -> List[Json]:
return self._fetch("/domains", "domains")
def list_domain_records(self, domain_name: str) -> List[Json]:
return self._fetch(f"/domains/{domain_name}/records", "domain_records")
def list_firewalls(self) -> List[Json]:
return self._fetch("/firewalls", "firewalls")
def list_alert_policies(self) -> List[Json]:
return self._fetch("/monitoring/alerts", "policies")
def get_droplet_cpu_usage(self, droplet_id: str, start: datetime, end: datetime) -> List[Json]:
query_params = {"host_id": droplet_id, "start": str(start.timestamp()), "end": str(end.timestamp())}
return self._fetch("/monitoring/metrics/droplet/cpu", "data", query_params)
def get_droplet_memory_available(self, droplet_id: str, start: datetime, end: datetime) -> List[Json]:
query_params = {"host_id": droplet_id, "start": str(start.timestamp()), "end": str(end.timestamp())}
return self._fetch("/monitoring/metrics/droplet/memory_available", "data", query_params)
TeamId = str
@define()
class TeamCredentials:
team_id: TeamId
api_token: str
spaces_access_key: str
spaces_secret_key: str
@lru_cache(maxsize=256)
def get_team_credentials(team_id: TeamId, cache_invalidation_key: int) -> Optional[TeamCredentials]:
# todo: do not use the global config
tokens = Config.digitalocean.api_tokens
spaces_keys = Config.digitalocean.spaces_access_keys
spaces_keys = spaces_keys[: len(tokens)]
spaces_keys.extend([":"] * (len(tokens) - len(spaces_keys)))
for token, space_keys in zip(tokens, spaces_keys):
splitted = space_keys.split(":")
spaces_access_key, spaces_secret_key = splitted[0], splitted[1]
client = StreamingWrapper(token, spaces_access_key, spaces_secret_key)
token_team_id = client.get_team_id()
if token_team_id == team_id:
return TeamCredentials(token_team_id, token, spaces_access_key, spaces_secret_key)
return None