Skip to content

Commit 69037cd

Browse files
committed
Automation Toolkit Release v2024.2.2
1 parent 61292d6 commit 69037cd

File tree

7 files changed

+97
-78
lines changed

7 files changed

+97
-78
lines changed

cd3_automation_toolkit/ManagementServices/EventsAndNotifications/export_events_notifications_nonGreenField.py

Lines changed: 10 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -118,15 +118,16 @@ def print_events(values_for_column_events, region, ntk_compartment_name, event,
118118
data = str(condition["data"])
119119
else:
120120
data = "{}"
121-
for val in condition["eventType"]:
122-
if "oraclecloud" in val:
123-
service = val.split("com.oraclecloud.")[1]
124-
elif "oracle" in val:
125-
service = val.split("com.oracle.")[1]
126-
event_prod = service.split('.', 1)[0]
127-
event_res = service.split('.', 1)[1]
128-
if ( action_name != "" ):
129-
events_rows(values_for_column_events, region, ntk_compartment_name, event_name, event_desc, action_type, action_is_enabled, action_description, event_prod, event_res,data, event_is_enabled, action_name, event, event_info)
121+
if "eventType" in condition:
122+
for val in condition["eventType"]:
123+
if "oraclecloud" in val:
124+
service = val.split("com.oraclecloud.")[1]
125+
elif "oracle" in val:
126+
service = val.split("com.oracle.")[1]
127+
event_prod = service.split('.', 1)[0]
128+
event_res = service.split('.', 1)[1]
129+
if ( action_name != "" ):
130+
events_rows(values_for_column_events, region, ntk_compartment_name, event_name, event_desc, action_type, action_is_enabled, action_description, event_prod, event_res,data, event_is_enabled, action_name, event, event_info)
130131
if ( i > 0 and action_name != ""):
131132
events_rows(values_for_column_events, region, ntk_compartment_name, event_name, event_desc, action_type, action_is_enabled, action_description, event_prod, event_res,data, event_is_enabled, action_name, event, event_info)
132133
i = i + 1

cd3_automation_toolkit/ManagementServices/Monitoring/create_terraform_alarms.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -161,7 +161,7 @@ def create_terraform_alarms(inputfile, outdir, service_dir, prefix, ct):
161161

162162

163163
# Write all info to TF string
164-
tfStr[region]=tfStr[region][:-1] +alarms_template.render(tempStr)
164+
tfStr[region]=tfStr[region][:-2] +alarms_template.render(tempStr)
165165

166166
# Write to output
167167
for reg in ct.all_regions:

cd3_automation_toolkit/ManagementServices/Monitoring/templates/alarms-template

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,13 @@ alarms = {
2222
query = "{{ query }}"
2323
severity = "{{ severity }}"
2424
{% if body and body != "" %}
25+
{% if '\n' not in body %}
2526
body = "{{ body }}"
27+
{% else %}
28+
body = <<-EOF
29+
{{ body }}
30+
EOF
31+
{% endif %}
2632
{% endif %}
2733

2834
{% if message_format and message_format != "" %}

cd3_automation_toolkit/cd3Validator.py

Lines changed: 63 additions & 56 deletions
Original file line numberDiff line numberDiff line change
@@ -1397,9 +1397,10 @@ def validate_buckets(filename, comp_ids):
13971397
log(f'ROW {i + 3} : Value of "Auto Tiering" can be only either "Enabled" or "Disabled".')
13981398
buckets_invalid_check = True
13991399

1400+
# Check for the Object Versioning column
14001401
if columnname == 'Object Versioning':
1401-
if columnvalue.lower() not in ['enabled','disabled']:
1402-
log(f'ROW {i + 3} : Value of "Object Versioning" can be only either "Enabled" or "Disabled".')
1402+
if columnvalue.lower() not in ['enabled', 'disabled']:
1403+
log(f'ROW {i + 3} : Value of "Object Versioning" can only be "Enabled" or "Disabled".')
14031404
buckets_invalid_check = True
14041405

14051406
if columnname == 'Emit Object Events':
@@ -1438,69 +1439,74 @@ def validate_buckets(filename, comp_ids):
14381439
#Check for the retention policy details
14391440
if columnname == 'Retention Rules':
14401441
rule_values = columnvalue.split("\n")
1441-
retention_rules = []
1442-
for rule in rule_values:
1443-
rule_components = rule.split("::")
1444-
if len(rule_components) >= 1:
1445-
retention_rule_display_name = rule_components[0]
1446-
time_unit = None
1447-
time_amount = None
1448-
time_rule_locked = None
1449-
1450-
if len(rule_components) >= 2:
1451-
if rule_components[1].lower() == 'indefinite':
1452-
time_amount = None
1453-
else:
1454-
time_amount = rule_components[1]
1455-
if not time_amount.isdigit():
1456-
log(f'ROW {i + 3} : "time_amount" of retention rule is not in valid format. It should be an "integer" or "indefinite".')
1457-
buckets_invalid_check = True
1458-
continue
1442+
if rule_values and str(dfbuckets.loc[i, 'Object Versioning']).strip().lower() == 'enabled':
1443+
log(f'ROW {i + 3} : Retention policy cannot be created when Object Versioning is enabled.')
1444+
buckets_invalid_check = True
1445+
1446+
elif rule_values and str(dfbuckets.loc[i, 'Object Versioning']).strip().lower() == 'disabled':
1447+
retention_rules = []
1448+
for rule in rule_values:
1449+
rule_components = rule.split("::")
1450+
if len(rule_components) >= 1:
1451+
retention_rule_display_name = rule_components[0]
1452+
time_unit = None
1453+
time_amount = None
1454+
time_rule_locked = None
1455+
1456+
if len(rule_components) >= 2:
1457+
if rule_components[1].lower() == 'indefinite':
1458+
time_amount = None
14591459
else:
1460-
time_amount = int(time_amount)
1460+
time_amount = rule_components[1]
1461+
if not time_amount.isdigit():
1462+
log(f'ROW {i + 3} : "time_amount" of retention rule is not in valid format. It should be an "integer" or "indefinite".')
1463+
buckets_invalid_check = True
1464+
continue
1465+
else:
1466+
time_amount = int(time_amount)
14611467

1462-
if len(rule_components) >= 3:
1463-
time_unit = rule_components[2].upper()
1464-
if time_unit not in ('DAYS', 'YEARS'):
1465-
log(f'ROW {i + 3} : "time_unit" of retention rule is not in valid format. It should be either DAYS or YEARS.')
1466-
buckets_invalid_check = True
1467-
else:
1468-
# If time_unit is valid, set the flag to True for processing time_rule_locked
1469-
process_time_rule_locked = True
1470-
1471-
if len(rule_components) == 4 and process_time_rule_locked:
1472-
time_rule_locked = rule_components[3]
1473-
if time_rule_locked.endswith(".000Z"):
1474-
time_rule_locked = time_rule_locked[:-5] + "Z"
1475-
elif not re.match(r"\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}Z|\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\.\d{3}Z",time_rule_locked):
1476-
# Convert from "dd-mm-yyyy" to "YYYY-MM-DDThh:mm:ssZ" format
1477-
if re.match(r"\d{2}-\d{2}-\d{4}", time_rule_locked):
1478-
try:
1479-
datetime_obj = datetime.datetime.strptime(time_rule_locked, "%d-%m-%Y")
1480-
time_rule_locked = datetime_obj.strftime("%Y-%m-%dT%H:%M:%SZ")
1481-
except ValueError:
1468+
if len(rule_components) >= 3:
1469+
time_unit = rule_components[2].upper()
1470+
if time_unit not in ('DAYS', 'YEARS'):
1471+
log(f'ROW {i + 3} : "time_unit" of retention rule is not in valid format. It should be either DAYS or YEARS.')
1472+
buckets_invalid_check = True
1473+
else:
1474+
# If time_unit is valid, set the flag to True for processing time_rule_locked
1475+
process_time_rule_locked = True
1476+
1477+
if len(rule_components) == 4 and process_time_rule_locked:
1478+
time_rule_locked = rule_components[3]
1479+
if time_rule_locked.endswith(".000Z"):
1480+
time_rule_locked = time_rule_locked[:-5] + "Z"
1481+
elif not re.match(r"\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}Z|\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\.\d{3}Z",time_rule_locked):
1482+
# Convert from "dd-mm-yyyy" to "YYYY-MM-DDThh:mm:ssZ" format
1483+
if re.match(r"\d{2}-\d{2}-\d{4}", time_rule_locked):
1484+
try:
1485+
datetime_obj = datetime.datetime.strptime(time_rule_locked, "%d-%m-%Y")
1486+
time_rule_locked = datetime_obj.strftime("%Y-%m-%dT%H:%M:%SZ")
1487+
except ValueError:
1488+
log(f'ROW {i + 3} : "time_rule_locked" of retention rule is not in valid format. It should be in the format "dd-mm-yyyy".')
1489+
buckets_invalid_check = True
1490+
continue
1491+
else:
14821492
log(f'ROW {i + 3} : "time_rule_locked" of retention rule is not in valid format. It should be in the format "dd-mm-yyyy".')
14831493
buckets_invalid_check = True
14841494
continue
1485-
else:
1486-
log(f'ROW {i + 3} : "time_rule_locked" of retention rule is not in valid format. It should be in the format "dd-mm-yyyy".')
1495+
# Parse the time_rule_locked into a datetime object
1496+
try:
1497+
time_rule_locked_datetime = datetime.datetime.strptime(time_rule_locked, "%Y-%m-%dT%H:%M:%SZ")
1498+
except ValueError:
1499+
log(f'ROW {i + 3} : "time_rule_locked" of retention rule is not in valid format. It should be in the format "YYYY-MM-DDThh:mm:ssZ".')
14871500
buckets_invalid_check = True
14881501
continue
1489-
# Parse the time_rule_locked into a datetime object
1490-
try:
1491-
time_rule_locked_datetime = datetime.datetime.strptime(time_rule_locked, "%Y-%m-%dT%H:%M:%SZ")
1492-
except ValueError:
1493-
log(f'ROW {i + 3} : "time_rule_locked" of retention rule is not in valid format. It should be in the format "YYYY-MM-DDThh:mm:ssZ".')
1494-
buckets_invalid_check = True
1495-
continue
14961502

1497-
# Calculate the difference between current time and time_rule_locked
1498-
time_difference = time_rule_locked_datetime - current_time
1503+
# Calculate the difference between current time and time_rule_locked
1504+
time_difference = time_rule_locked_datetime - current_time
14991505

1500-
# Check if the difference is less than 14 days
1501-
if time_difference.days < 14:
1502-
log(f'ROW {i + 3} : "time_rule_locked" of retention rule must be more than 14 days from the current time.')
1503-
buckets_invalid_check = True
1506+
# Check if the difference is less than 14 days
1507+
if time_difference.days < 14:
1508+
log(f'ROW {i + 3} : "time_rule_locked" of retention rule must be more than 14 days from the current time.')
1509+
buckets_invalid_check = True
15041510

15051511
# Check for the Lifecycle Policy Details
15061512
if lifecycle_input == True:
@@ -1545,6 +1551,7 @@ def validate_buckets(filename, comp_ids):
15451551
if time_unit not in ['days','years']:
15461552
log(f'ROW {i + 3} : Invalid time amount. "Lifecycle Rule Period" must be "DAYS" or "YEARS".')
15471553
buckets_invalid_check = True
1554+
15481555
else:
15491556
log(f'ROW {i + 3} : Invalid format for "Lifecycle Rule Period" ')
15501557
buckets_invalid_check = True

cd3_automation_toolkit/setUpOCI.py

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1300,7 +1300,6 @@ def start_cis_scan(outdir, prefix, config_file):
13001300
if user_input!='':
13011301
cmd = "{}".format(user_input)
13021302
split = str.split(cmd)
1303-
13041303
dirname = prefix + "_cis_report"
13051304
resource = "cis_report"
13061305
out_rep = outdir + '/'+ dirname

cd3_automation_toolkit/user-scripts/createTenancyConfig.py

Lines changed: 13 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -148,10 +148,10 @@ def create_devops_resources(config,signer):
148148
def update_devops_config(prefix,git_config_file, repo_ssh_url,files_in_repo,dir_values,devops_user,devops_user_key,devops_dir,ct):
149149
# create git config file
150150
file = open(git_config_file, "w")
151-
file.write("Host devops.scmservice.*.oci.oraclecloud.com\n "
152-
"StrictHostKeyChecking no\n "
153-
"User "+str(devops_user)+"\n "
154-
"IdentityFile "+str(devops_user_key)+"\n")
151+
file.write("Host devops.scmservice.*.oci"+cloud_domain+"\n "
152+
"StrictHostKeyChecking no\n "
153+
"User " + str(devops_user) + "\n "
154+
"IdentityFile " + str(devops_user_key) + "\n")
155155

156156
file.close()
157157

@@ -205,6 +205,8 @@ def update_devops_config(prefix,git_config_file, repo_ssh_url,files_in_repo,dir_
205205
cfg = yaml.dump(cfg, stream=yaml_file, default_flow_style=False, sort_keys=False)
206206
# Clean repo config if exists and initiate git repo
207207
subprocess.run(['git', 'init'], cwd=devops_dir,stdout=DEVNULL)
208+
subprocess.run(['git', 'config', '--global', 'init.defaultBranch', "main"], cwd=devops_dir)
209+
subprocess.run(['git', 'config', '--global', 'safe.directory', devops_dir], cwd=devops_dir)
208210
f = open(devops_dir + ".gitignore", "w")
209211
git_ignore_file_data = ".DS_Store\n*tfstate*\n*terraform*\ntfplan.out\ntfplan.json\n*backup*\ntf_import_commands*\n*cis_report*\n*showoci_report*\n*.safe\n*stacks.zip\n*cd3Validator*"
210212
f.write(git_ignore_file_data)
@@ -255,7 +257,6 @@ def update_devops_config(prefix,git_config_file, repo_ssh_url,files_in_repo,dir_
255257

256258
subprocess.run(['git', 'config','--global','user.email',devops_user], cwd=devops_dir)
257259
subprocess.run(['git', 'config', '--global', 'user.name', devops_user], cwd=devops_dir)
258-
subprocess.run(['git', 'config', '--global', 'init.defaultBranch', "main"], cwd=devops_dir)
259260
commit_id='None'
260261
try:
261262
subprocess.run(['git', 'commit', '-m','Initial commit from createTenancyConfig.py'], cwd=devops_dir,stdout=DEVNULL)
@@ -349,11 +350,17 @@ def create_bucket(config, signer):
349350
user=''
350351
_key_path=''
351352
fingerprint=''
353+
cloud_domain=''
352354

353355
tenancy = config.get('Default', 'tenancy_ocid').strip()
354356
if tenancy == "" or tenancy == "\n":
355357
print("Tenancy ID cannot be left empty...Exiting !!")
356358
exit(1)
359+
if ("ocid1.tenancy.oc1" in tenancy):
360+
cloud_domain=".oraclecloud.com"
361+
else:
362+
cloud_domain=".oraclegovcloud.com"
363+
357364

358365
auth_mechanism = config.get('Default', 'auth_mechanism').strip().lower()
359366
if auth_mechanism == "" or auth_mechanism == "\n" or (auth_mechanism!='api_key' and auth_mechanism!='session_token' and auth_mechanism!='instance_principal'):
@@ -673,7 +680,7 @@ def create_bucket(config, signer):
673680
elif line.__contains__("region = "):
674681
global_backend_file_data += " region = \"" + bucket_region + "\"\n"
675682
elif line.__contains__("endpoint = "):
676-
global_backend_file_data += " endpoint = \"https://" + namespace + ".compat.objectstorage." + bucket_region + ".oraclecloud.com\"\n"
683+
global_backend_file_data += " endpoint = \"https://" + namespace + ".compat.objectstorage." + bucket_region + cloud_domain + "\"\n"
677684
elif line.__contains__("shared_credentials_file = "):
678685
global_backend_file_data += " shared_credentials_file = \"" + s3_credential_file_path + "\"\n"
679686
else:

cd3_automation_toolkit/user-scripts/tenancyconfig.properties

Lines changed: 4 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -74,15 +74,14 @@ use_oci_devops_git=no
7474
# in ${region}.
7575
oci_devops_git_repo_name=
7676

77-
# User Details to perform GIT operations in OCI Devops GIT Repo; Mandatory when using $(auth_mechanism) as instance_principal
77+
# User Details to perform GIT operations in OCI Devops GIT Repo and Remote Terraform State Management; Mandatory when using $(auth_mechanism) as instance_principal
7878
# or session_token
79-
# Format: <domainName>/<userName>@<tenancyName> eg oracleidentitycloudservice/[email protected]@ocitenant
79+
# Customer Secret Key will be created for this user for S3 credentials of the bucket.
8080
# When left empty, it will be fetched from $(user_ocid) for $(auth_mechanism) as api_key.
81-
# Customer Secret Key will also be configured for this user for S3 credentials of the bucket when $(auth_mechanism) is
82-
# instance_principal or session_token
81+
# Format: <domainName>/<userName>@<tenancyName> eg oracleidentitycloudservice/[email protected]@ocitenant
8382
oci_devops_git_user=
83+
8484
# When left empty, same key file from $(key_path) used for $(auth_mechanism) as api_key will be copied to
8585
# /cd3user/tenancies/<customer_name>/ and used for GIT Operations.
86-
# Make sure the api key file permissions are rw(600) for cd3user
8786
oci_devops_git_key=
8887

0 commit comments

Comments
 (0)