Skip to content

Commit

Permalink
Added SSH Public key to CodeCommit user.
Browse files Browse the repository at this point in the history
  • Loading branch information
@gitwater
gitwater committed Aug 7, 2019
1 parent e27cf35 commit 91271cb
Showing 1 changed file with 81 additions and 4 deletions.
85 changes: 81 additions & 4 deletions src/aim/stack_group/grp_codecommit.py
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
from aim.stack_group import StackEnum, StackOrder, Stack, StackGroup
from aim.stack_group import StackEnum, StackOrder, Stack, StackGroup, StackHooks
import aim.cftemplates
from aim.core.exception import StackException
from aim.core.exception import AimErrorCode

from aim.utils import md5sum

class CodeCommitStackGroup(StackGroup):
def __init__(self,
Expand Down Expand Up @@ -37,18 +37,95 @@ def init(self):
self.aws_region,
self.config,
self.repo_list)

stack_hooks = StackHooks(self.aim_ctx)
for hook_action in ['create', 'update']:
stack_hooks.add(
name='CodeCommitSSHPublicKey',
stack_action=hook_action,
stack_timing='post',
hook_method=self.codecommit_post_stack_hook,
cache_method=self.codecommit_post_stack_hook_cache_id,
hook_arg=self.config
)

codecommit_stack = Stack(aim_ctx=self.aim_ctx,
account_ctx=self.account_ctx,
grp_ctx=self,
stack_config=self.config,
template=codecommit_template,
aws_region=self.aws_region)

aws_region=self.aws_region,
hooks=stack_hooks)
codecommit_stack.set_termination_protection(True)

self.stack_list.append(codecommit_stack)

self.add_stack_order(codecommit_stack)

def manage_ssh_key(self, iam_client, user_config):

ssh_keys = iam_client.list_ssh_public_keys(
UserName=user_config.username
)

KeyExists = False
for ssh_key_config in ssh_keys['SSHPublicKeys']:
iam_ssh_key = iam_client.get_ssh_public_key(
UserName=user_config.username,
SSHPublicKeyId=ssh_key_config['SSHPublicKeyId'],
Encoding='SSH'
)['SSHPublicKey']
if user_config.public_ssh_key.startswith(iam_ssh_key['SSHPublicKeyBody']):
# Key already exists, do nothing for this key
KeyExists = True
print("%s: KeyId: SSHPublicKeyId: %s: %s" % (
self.account_ctx.get_name(),
user_config.username,
ssh_key_config['SSHPublicKeyId'] ))
else:
# Delete Keys that do not match
# TODO: Support multiple keys
print("%s: Delete: SSHPublicKeyId: %s: %s" % (
self.account_ctx.get_name(),
user_config.username,
ssh_key_config['SSHPublicKeyId'] ))

iam_client.delete_ssh_public_key(
UserName=user_config.username,
SSHPublicKeyId=ssh_key_config['SSHPublicKeyId']
)

# If we make it here, this key does not exist
if KeyExists == False:
new_key_config = iam_client.upload_ssh_public_key(
UserName=user_config.username,
SSHPublicKeyBody=user_config.public_ssh_key
)

print("%s: Upload: SSHPublicKeyId: %s: %s" % (
self.account_ctx.get_name(),
user_config.username,
new_key_config['SSHPublicKey']['SSHPublicKeyId'] ))

def codecommit_post_stack_hook_cache_id(self, hook, config):
cache_data = ""
for repo_group in config.repository_groups.values():
for repo_config in repo_group.values():
for user_config in repo_config.users.values():
if user_config.public_ssh_key != None:
cache_data += user_config.public_ssh_key

cache_id = md5sum(str_data=cache_data)
return cache_id

def codecommit_post_stack_hook(self, hook, config):
iam_client = self.account_ctx.get_aws_client('iam')
for repo_group in config.repository_groups.values():
for repo_config in repo_group.values():
for user_config in repo_config.users.values():
if user_config.public_ssh_key != None:
self.manage_ssh_key(iam_client, user_config)

def validate(self):
super().validate()

Expand Down

0 comments on commit 91271cb

Please sign in to comment.