[hack] begin to add ldap authentication

This commit is contained in:
Nico Schottelius 2020-02-09 08:51:35 +01:00
parent f99d0a0b64
commit 55a2de72c8

View file

@ -1,6 +1,8 @@
import argparse import argparse
import logging import logging
import ldap3
from uncloud.hack.vm import VM from uncloud.hack.vm import VM
from uncloud.hack.config import Config from uncloud.hack.config import Config
from uncloud.hack.mac import MAC from uncloud.hack.mac import MAC
@ -27,22 +29,64 @@ arg_parser.add_argument('--destroy-vm', action='store_true')
arg_parser.add_argument('--get-vm-status', action='store_true') arg_parser.add_argument('--get-vm-status', action='store_true')
arg_parser.add_argument('--get-vm-vnc', action='store_true') arg_parser.add_argument('--get-vm-vnc', action='store_true')
arg_parser.add_argument('--list-vms', action='store_true') arg_parser.add_argument('--list-vms', action='store_true')
arg_parser.add_argument('--memory', help="Size of memory (GB)", type=int) arg_parser.add_argument('--memory', help="Size of memory (GB)", type=int, default=2)
arg_parser.add_argument('--cores', help="Amount of CPU cores", type=int) arg_parser.add_argument('--cores', help="Amount of CPU cores", type=int, default=1)
arg_parser.add_argument('--image', help="Path (under hackprefix) to OS image") arg_parser.add_argument('--image', help="Path (under hackprefix) to OS image")
arg_parser.add_argument('--image-format', help="Image format: qcow2 or raw", choices=['raw', 'qcow2']) arg_parser.add_argument('--image-format', help="Image format: qcow2 or raw", choices=['raw', 'qcow2'])
arg_parser.add_argument('--uuid', help="VM UUID") arg_parser.add_argument('--uuid', help="VM UUID")
arg_parser.add_argument('--no-db', help="Disable connection to etcd. For local testing only!", action='store_true') arg_parser.add_argument('--no-db', help="Disable connection to etcd. For local testing only!", action='store_true')
arg_parser.add_argument('--hackprefix', help="hackprefix, if you need it you know it (it's where the iso is located and ifup/down.sh") arg_parser.add_argument('--hackprefix', help="hackprefix, if you need it you know it (it's where the iso is located and ifup/down.sh")
# order based commands => later to be shifted below "order"
arg_parser.add_argument('--order', action='store_true')
arg_parser.add_argument('--product', choices=["dualstack-vm"])
arg_parser.add_argument('--os-image-name', help="Name of OS image (successor to --image)")
arg_parser.add_argument('--os-image-size', help="Size of OS image in GB", type=int, default=10)
arg_parser.add_argument('--username')
arg_parser.add_argument('--password')
log = logging.getLogger(__name__) log = logging.getLogger(__name__)
def authenticate(username, password, totp_token=None):
server = ldap3.Server("ldaps://ldap1.ungleich.ch")
dn = "uid={},ou=customer,dc=ungleich,dc=ch".format(username)
try:
conn = ldap3.Connection(server, dn, password, auto_bind=True)
except ldap3.core.exceptions.LDAPBindError as e:
raise UncloudException("Credentials not verified by LDAP server: {}".format(e))
def order(config):
for required_arg in [ 'product', 'username', 'password' ]:
if not config.arguments[required_arg]:
raise UncloudException("Missing required argument: {}".format(required_arg))
if config.arguments['product'] == 'dualstack-vm':
for required_arg in [ 'cores', 'memory', 'os_image_name', 'os_image_size' ]:
if not config.arguments[required_arg]:
raise UncloudException("Missing required argument: {}".format(required_arg))
print(config.arguments)
authenticate(config.arguments['username'], config.arguments['password'])
# create DB entry for VM
vm = VM(config)
vm.schedule()
def main(arguments): def main(arguments):
config = Config(arguments) config = Config(arguments)
if arguments['order']:
order(config)
if arguments['create_vm']: if arguments['create_vm']:
vm = VM(config) vm = VM(config)
vm.create() vm.create()