genvid.toolbox.BastionTool

class genvid.toolbox.BastionTool(services_dir='bastion-services', **kwargs)

Bases: AllInOneTool

A tool for seting up and managing a local Bastion.

New in version 1.20.0.

Changed in version 1.30.0: Remove :py:attr:SETUP_LOGS. A copy exists under ClusterTool but it is no longer used.

Changed in version 1.45.0: Added configuration of traefik. Forced usage of non-proxied URL for the Bastion API.

BACKUP_STRATEGIES = (<genvid.toolbox.backup.VersionBackup object>, <genvid.toolbox.backup.ConsulBackup object>, <genvid.toolbox.backup.VaultBackup object>, <genvid.toolbox.backup.TerraformBackup object>)

SETUP_JOBS = ('bastion-api',): Jobs run on setup.

GENVID_SERVICES_DATADIR: Path where the local services (Consul, Nomad, and Vault) are installed.

See also

GENVID_SERVICES_DATADIR

GENVID_BASTION_BINDING_PORT: The port which the bastion-api will bind.

See also

GENVID_BASTION_BINDING_PORT

Deprecated since version 1.45.0: Replaced with Traefik Configuration instead.

services: A client of the bastion API.

setup_bastion(bastionid: Optional[str] = None, force_rename=False)

Set up a local Bastion service.

This will start all jobs marked to be started at ‘setup’ and ensure a proper Bastion ID is set.

Parameters:

bastionid – The Bastion ID to set if non empty.
force_rename – Replace the Bastion ID if it is already set.

Warning

If a Bastion ID is already present, it must be the same as the one provided (unless force_rename is True). If no ID is provided, the Bastion ID of the service must already be set.

Changed in version 1.39.0: From this version, all setup jobs must be strict HCLv2 compliant.

load_bastion_config(excluded_services: Optional[Iterable[str]] = None, reset: bool = False): Load the bastion configuration to the bastion-api.

Changed in version 1.34.0: Added the reset parameter.

start_bastion_jobs(*jobs: str, force: bool = False)

Start a registered job on the bastion.

Parameters:

jobs – Names of the jobs to start.
force – Force the task count to be updated.

Note

If the jobs parameter is left empty, this method will start all the jobs marked to be ‘autostarted’.

stop_bastion_jobs(*jobs: str, purge: bool = False)

Stop registered jobs on the bastion.

Parameters:

jobs – A list of jobs to stop.
purge – If true, purge the job(s) immediately.

Changed in version 1.45.0: Add the purge parameter.

update_terraform_repositories()

Update the Terraform repositories.

This method adds any missing modules to the repositories and updates the rest.

New in version 1.20.0.

initialize_backends()

Initialize the Bastion’s backends.

Currently, this method adds a single backend (named ‘default’) unless there is a backend already defined.

If there is already one or more backends defined then this method does nothing.

New in version 1.20.0.

update_global_tfvars()

Update the global Terraform variable configuration.

More specifically, this method will:

Query the current configuration from the Bastion.

Update the ‘trusted_cidr’ with the current IP address.

Update the ‘toolbox_location’ with the current environment.

Send the resulting configuration back to the Bastion.

New in version 1.20.0.

set_default_terraform_providers(*, providers_file: str, **kwargs)

Update the default Terraform providers using the content of a file.

The file content should match the expected JSON format of BastionAPI.terraform_put_default_providers.

Parameters:: providers_file – File containing the new providers.

get_default_terraform_providers(**kwargs)

Display the default Terraform providers configuration.

The displayed JSON will match the format of BastionAPI.terraform_get_default_providers.

delete_default_terraform_providers(**kwargs): Delete the default Terraform providers configuration.

has_default_terraform_providers(**kwargs): Check whether there are default terraform providers or not and return a boolean

check_modules()

If the Genvid Default Repository is not present, add it back. In all cases, update it.

Changed in version 1.13.0: No longer update all repositories. Use genvid-clusters repository-update-all instead.

Changed in version 1.14.0: Add the updateall parameter.

Changed in version 1.20.0:

Moved the implementation to BastionTool.update_terraform_repositories().
Removed the updateall parameter which was not used.

check_backends(): Initialize Bastion’s backends.

See also

BastionTool.initialize_backends()

Changed in version 1.20.0: Moved the implementation to BastionTool.initialize_backends().

class bastion.BastionTool: Implementation of genvid.toolbox.BastionTool