[hack] begin to add ldap authentication
This commit is contained in:
parent
f99d0a0b64
commit
55a2de72c8
1 changed files with 46 additions and 2 deletions
|
@ -1,6 +1,8 @@
|
||||||
import argparse
|
import argparse
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
|
import ldap3
|
||||||
|
|
||||||
from uncloud.hack.vm import VM
|
from uncloud.hack.vm import VM
|
||||||
from uncloud.hack.config import Config
|
from uncloud.hack.config import Config
|
||||||
from uncloud.hack.mac import MAC
|
from uncloud.hack.mac import MAC
|
||||||
|
@ -27,22 +29,64 @@ arg_parser.add_argument('--destroy-vm', action='store_true')
|
||||||
arg_parser.add_argument('--get-vm-status', action='store_true')
|
arg_parser.add_argument('--get-vm-status', action='store_true')
|
||||||
arg_parser.add_argument('--get-vm-vnc', action='store_true')
|
arg_parser.add_argument('--get-vm-vnc', action='store_true')
|
||||||
arg_parser.add_argument('--list-vms', action='store_true')
|
arg_parser.add_argument('--list-vms', action='store_true')
|
||||||
arg_parser.add_argument('--memory', help="Size of memory (GB)", type=int)
|
arg_parser.add_argument('--memory', help="Size of memory (GB)", type=int, default=2)
|
||||||
arg_parser.add_argument('--cores', help="Amount of CPU cores", type=int)
|
arg_parser.add_argument('--cores', help="Amount of CPU cores", type=int, default=1)
|
||||||
arg_parser.add_argument('--image', help="Path (under hackprefix) to OS image")
|
arg_parser.add_argument('--image', help="Path (under hackprefix) to OS image")
|
||||||
|
|
||||||
arg_parser.add_argument('--image-format', help="Image format: qcow2 or raw", choices=['raw', 'qcow2'])
|
arg_parser.add_argument('--image-format', help="Image format: qcow2 or raw", choices=['raw', 'qcow2'])
|
||||||
arg_parser.add_argument('--uuid', help="VM UUID")
|
arg_parser.add_argument('--uuid', help="VM UUID")
|
||||||
|
|
||||||
arg_parser.add_argument('--no-db', help="Disable connection to etcd. For local testing only!", action='store_true')
|
arg_parser.add_argument('--no-db', help="Disable connection to etcd. For local testing only!", action='store_true')
|
||||||
arg_parser.add_argument('--hackprefix', help="hackprefix, if you need it you know it (it's where the iso is located and ifup/down.sh")
|
arg_parser.add_argument('--hackprefix', help="hackprefix, if you need it you know it (it's where the iso is located and ifup/down.sh")
|
||||||
|
|
||||||
|
# order based commands => later to be shifted below "order"
|
||||||
|
arg_parser.add_argument('--order', action='store_true')
|
||||||
|
arg_parser.add_argument('--product', choices=["dualstack-vm"])
|
||||||
|
arg_parser.add_argument('--os-image-name', help="Name of OS image (successor to --image)")
|
||||||
|
arg_parser.add_argument('--os-image-size', help="Size of OS image in GB", type=int, default=10)
|
||||||
|
|
||||||
|
arg_parser.add_argument('--username')
|
||||||
|
arg_parser.add_argument('--password')
|
||||||
|
|
||||||
|
|
||||||
log = logging.getLogger(__name__)
|
log = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
def authenticate(username, password, totp_token=None):
|
||||||
|
server = ldap3.Server("ldaps://ldap1.ungleich.ch")
|
||||||
|
dn = "uid={},ou=customer,dc=ungleich,dc=ch".format(username)
|
||||||
|
|
||||||
|
try:
|
||||||
|
conn = ldap3.Connection(server, dn, password, auto_bind=True)
|
||||||
|
except ldap3.core.exceptions.LDAPBindError as e:
|
||||||
|
raise UncloudException("Credentials not verified by LDAP server: {}".format(e))
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
def order(config):
|
||||||
|
for required_arg in [ 'product', 'username', 'password' ]:
|
||||||
|
if not config.arguments[required_arg]:
|
||||||
|
raise UncloudException("Missing required argument: {}".format(required_arg))
|
||||||
|
|
||||||
|
if config.arguments['product'] == 'dualstack-vm':
|
||||||
|
for required_arg in [ 'cores', 'memory', 'os_image_name', 'os_image_size' ]:
|
||||||
|
if not config.arguments[required_arg]:
|
||||||
|
raise UncloudException("Missing required argument: {}".format(required_arg))
|
||||||
|
|
||||||
|
print(config.arguments)
|
||||||
|
authenticate(config.arguments['username'], config.arguments['password'])
|
||||||
|
|
||||||
|
# create DB entry for VM
|
||||||
|
vm = VM(config)
|
||||||
|
vm.schedule()
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
def main(arguments):
|
def main(arguments):
|
||||||
config = Config(arguments)
|
config = Config(arguments)
|
||||||
|
|
||||||
|
if arguments['order']:
|
||||||
|
order(config)
|
||||||
|
|
||||||
if arguments['create_vm']:
|
if arguments['create_vm']:
|
||||||
vm = VM(config)
|
vm = VM(config)
|
||||||
vm.create()
|
vm.create()
|
||||||
|
|
Loading…
Reference in a new issue