From ea3361886b0b7669852de5894c35eb1f84a4ed36 Mon Sep 17 00:00:00 2001 From: Stefan Reimer Date: Mon, 4 Oct 2021 17:51:16 +0200 Subject: [PATCH] fix: Various Pulumi fixes --- .drone.yml | 30 ------------------------------ cloudbender/__init__.py | 2 +- cloudbender/pulumi.py | 10 ++++++++-- cloudbender/stack.py | 15 +++++++++------ 4 files changed, 18 insertions(+), 39 deletions(-) delete mode 100644 .drone.yml diff --git a/.drone.yml b/.drone.yml deleted file mode 100644 index 0ae33af..0000000 --- a/.drone.yml +++ /dev/null @@ -1,30 +0,0 @@ -kind: pipeline -name: default - -steps: -- name: test - image: python:3.7-alpine - commands: - - pip install -r dev-requirements.txt - - which make || apk add make - - make test -- name: build - image: python:3.7-alpine - commands: - - which make || apk add make - - pip install -r dev-requirements.txt - - make build -- name: upload - image: python:3.7-alpine - environment: - TWINE_USERNAME: - from_secret: TWINE_USERNAME - TWINE_PASSWORD: - from_secret: TWINE_PASSWORD - commands: - - which make || apk add make - - pip install -r dev-requirements.txt - - make upload - when: - event: - - tag diff --git a/cloudbender/__init__.py b/cloudbender/__init__.py index 246d479..3160676 100644 --- a/cloudbender/__init__.py +++ b/cloudbender/__init__.py @@ -2,7 +2,7 @@ import logging __author__ = "Stefan Reimer" __email__ = "stefan@zero-downtimet.net" -__version__ = "0.10.0" +__version__ = "0.10.1" # Set up logging to ``/dev/null`` like a library is supposed to. diff --git a/cloudbender/pulumi.py b/cloudbender/pulumi.py index d1d8d6d..3d30e99 100644 --- a/cloudbender/pulumi.py +++ b/cloudbender/pulumi.py @@ -45,7 +45,11 @@ def pulumi_init(stack): # Remove stacknameprefix if equals Conglomerate as Pulumi implicitly prefixes project_name pulumi_stackname = re.sub(r'^' + project_name + '-?', '', stack.stackname) - pulumi_backend = '{}/{}/{}'.format(stack.pulumi['backend'], project_name, stack.region) + try: + pulumi_backend = '{}/{}/{}'.format(stack.pulumi['backend'], project_name, stack.region) + + except KeyError: + raise KeyError('Missing pulumi.backend setting !') account_id = stack.connection_manager.call('sts', 'get_caller_identity', profile=stack.profile, region=stack.region)['Account'] # Ugly hack as Pulumi currently doesnt support MFA_TOKENs during role assumptions @@ -55,6 +59,7 @@ def pulumi_init(stack): os.environ['AWS_ACCESS_KEY_ID'] = stack.connection_manager._sessions[(stack.profile, stack.region)].get_credentials().access_key os.environ['AWS_SECRET_ACCESS_KEY'] = stack.connection_manager._sessions[(stack.profile, stack.region)].get_credentials().secret_key + os.environ['AWS_DEFAULT_REGION'] = stack.region # Secrets provider try: @@ -63,7 +68,8 @@ def pulumi_init(stack): raise ValueError('Missing PULUMI_CONFIG_PASSPHRASE environment variable!') except KeyError: - raise KeyError('Missing Pulumi securityProvider setting !') + logger.warning('Missing pulumi.secretsProvider setting, secrets disabled !') + secrets_provider = None # Set tag for stack file name and version _tags = stack.tags diff --git a/cloudbender/stack.py b/cloudbender/stack.py index 94bf095..5bdce66 100644 --- a/cloudbender/stack.py +++ b/cloudbender/stack.py @@ -676,13 +676,13 @@ class Stack(object): with open(self.path, "r") as file: settings = yaml.safe_load(file) - try: - if 'pulumi' not in settings: - settings['pulumi'] = {} + if 'pulumi' not in settings: + settings['pulumi'] = {} + + if 'encryptionsalt' in pulumi_settings: settings['pulumi']['encryptionsalt'] = pulumi_settings['encryptionsalt'] + if 'encryptedkey' in pulumi_settings: settings['pulumi']['encryptedkey'] = pulumi_settings['encryptedkey'] - except KeyError: - pass if 'parameters' not in settings: settings['parameters'] = {} @@ -877,4 +877,7 @@ class Stack(object): return kwargs def _log_pulumi(self, text): - logger.info(" ".join([self.region, self.stackname, text])) + # Remove some duplicated noise + text = re.sub('pulumi:pulumi:Stack {}-{}( running)?'.format(self.parameters['Conglomerate'], self.stackname), '', text) + if text: + logger.info(" ".join([self.region, self.stackname, text]))