perf: 暂存修改

2022-09-19 09:52:09 +08:00 · 2022-09-19 09:52:09 +08:00 · b50d28ff9c
parent a86d5c1456
commit b50d28ff9c
32 changed files with 403 additions and 7 deletions
--- a/.gitignore
+++ b/.gitignore
@ -31,7 +31,6 @@ media
 celerybeat.pid
 django.db
 celerybeat-schedule.db
-data/static
 docs/_build/
 xpack
 xpack.bak
--- a/apps/assets/const.py
+++ b/apps/assets/const.py
@ -16,6 +16,7 @@ class PlatformMixin:
    def platform_constraints(cls):
        return {
            'domain_enabled': False,
+            'url_enabled': False,
            'su_enabled': False,
            'brand_enabled': False,
            'ping_enabled': False,
@ -88,7 +89,7 @@ class Category(PlatformMixin, ChoicesMixin, models.TextChoices):
                'change_password_enabled': False,
                'create_account_enabled': False,
                'gather_accounts_enabled': False,
-                '_protocols': ['http', 'https']
+                '_protocols': ['http']
            },
            cls.CLOUD: {
                'domain_enabled': False,
@ -168,12 +169,16 @@ class WebTypes(PlatformMixin, ChoicesMixin, models.TextChoices):

 class CloudTypes(PlatformMixin, ChoicesMixin, models.TextChoices):
    K8S = 'k8s', 'Kubernetes'
+    VSPHERE = 'vsphere', 'VMware vSphere'

    @classmethod
    def platform_constraints(cls):
        return {
            cls.K8S: {
                '_protocols': ['k8s']
+            },
+            cls.VSPHERE: {
+                '_protocols': ['vsphere']
            }
        }

--- a/apps/assets/models/utils.py
+++ b/apps/assets/models/utils.py
@ -59,14 +59,17 @@ def update_internal_platforms(platform_model):
        {'name': 'Redis', 'category': 'database', 'type': 'redis'},

        # 网络设备
-        {'name': 'Generic', 'category': 'networking', 'type': 'general', 'brand': 'other'},
-        {'name': 'Huawei', 'category': 'networking', 'type': 'general', 'brand': 'huawei'},
-        {'name': 'Cisco', 'category': 'networking', 'type': 'general', 'brand': 'cisco'},
-        {'name': 'H3C', 'category': 'networking', 'type': 'general', 'brand': 'h3c'},
+        {'name': 'Generic', 'category': 'device', 'type': 'general', 'brand': 'other'},
+        {'name': 'Huawei', 'category': 'device', 'type': 'general', 'brand': 'huawei'},
+        {'name': 'Cisco', 'category': 'device', 'type': 'general', 'brand': 'cisco'},
+        {'name': 'H3C', 'category': 'device', 'type': 'general', 'brand': 'h3c'},

        # Web
+        {'name': 'Website', 'category': 'web', 'type': 'general'},

        # Cloud
+        {'name': 'Kubernetes', 'category': 'cloud', 'type': 'k8s'},
+        {'name': 'VMware vSphere', 'category': 'cloud', 'type': 'vsphere'},
    ]

    platforms = platform_model.objects.all()
--- a/apps/assets/playbooks/base/init.py
+++ b/apps/assets/playbooks/base/init.py
--- a/apps/assets/playbooks/generate_playbook/base.py
+++ b/apps/assets/playbooks/generate_playbook/base.py
@ -4,10 +4,11 @@ import shutil
 from typing import List

 from django.conf import settings
+
 from assets.models import Asset


-class BaseGeneratePlaybook:
+class BaseRunner:
    src_filepath: str

    def __init__(self, assets: List[Asset], strategy):
--- a/apps/assets/playbooks/base/runner.py
+++ b/apps/assets/playbooks/base/runner.py
@ -0,0 +1,47 @@
+import os
+import tempfile
+import shutil
+from typing import List
+
+from django.conf import settings
+
+from assets.models import Asset
+
+
+class BasePlaybookGenerator:
+    def __init__(self, assets: list[Asset], strategy, ansible_connection='ssh'):
+        self.assets = assets
+        self.strategy = strategy
+        self.playbook_dir = self.temp_folder_path()
+
+    def generate(self):
+        self.prepare_playbook_dir()
+        self.generate_inventory()
+        self.generate_playbook()
+
+    def prepare_playbook_dir(self):
+        pass
+
+    def generate_inventory(self):
+        pass
+
+    def generate_playbook(self):
+        pass
+
+    @property
+    def base_dir(self):
+        tmp_dir = os.path.join(settings.PROJECT_DIR, 'tmp')
+        path = os.path.join(tmp_dir, self.strategy)
+        return path
+
+    def temp_folder_path(self):
+        return tempfile.mkdtemp(dir=self.base_dir)
+
+    def del_temp_folder(self):
+        shutil.rmtree(self.playbook_dir)
+
+    def generate_temp_playbook(self):
+        src = self.src_filepath
+        dst = os.path.join(self.temp_folder, self.strategy)
+        shutil.copytree(src, dst)
+        return dst
--- a/apps/assets/playbooks/change_password/init.py
+++ b/apps/assets/playbooks/change_password/init.py
--- a/apps/assets/playbooks/change_password/database/change_password_mysql/main.yml
+++ b/apps/assets/playbooks/change_password/database/change_password_mysql/main.yml
@ -0,0 +1,10 @@
+{% for account in accounts %}
+- hosts: {{ account.asset.name }}
+  vars:
+    account:
+      username: {{ account.username }}
+      password: {{ account.password }}
+      public_key: {{ account.public_key }}
+  roles:
+    - change_password
+{% endfor %}
--- a/apps/assets/playbooks/change_password/database/change_password_mysql/manifest.yml
+++ b/apps/assets/playbooks/change_password/database/change_password_mysql/manifest.yml
@ -0,0 +1,6 @@
+id: change_password_mysql
+name: Change password for MySQL
+category: database
+type:
+  - mysql
+method: change_password
--- a/apps/assets/playbooks/change_password/database/change_password_mysql/roles/change_password/tasks/main.yml
+++ b/apps/assets/playbooks/change_password/database/change_password_mysql/roles/change_password/tasks/main.yml
@ -0,0 +1,27 @@
+- name: ping
+  ping:
+
+#- name: print variables
+#  debug:
+#    msg: "Username: {{ account.username }}, Password: {{ account.password }}"
+
+- name: Change password
+  user:
+    name: "{{ account.username }}"
+    password: "{{ account.password | password_hash('des') }}"
+    update_password: always
+  when: account.password
+
+- name: Change public key
+  authorized_key:
+    user: "{{ account.username }}"
+    key: "{{ account.public_key }}"
+    state: present
+  when: account.public_key
+
+- name: Verify password
+  ping:
+  vars:
+    ansible_user: "{{ account.username }}"
+    ansible_pass: "{{ account.password }}"
+    ansible_ssh_connection: paramiko
--- a/apps/assets/playbooks/change_password/database/change_password_oracle/main.yml
+++ b/apps/assets/playbooks/change_password/database/change_password_oracle/main.yml
@ -0,0 +1,10 @@
+{% for account in accounts %}
+- hosts: {{ account.asset.name }}
+  vars:
+    account:
+      username: {{ account.username }}
+      password: {{ account.password }}
+      public_key: {{ account.public_key }}
+  roles:
+    - change_password
+{% endfor %}
--- a/apps/assets/playbooks/change_password/database/change_password_oracle/manifest.yml
+++ b/apps/assets/playbooks/change_password/database/change_password_oracle/manifest.yml
@ -0,0 +1,6 @@
+id: change_password_oracle
+name: Change password for Oracle
+method: change_password
+category: database
+type:
+  - oracle
--- a/apps/assets/playbooks/change_password/database/change_password_oracle/roles/change_password/tasks/main.yml
+++ b/apps/assets/playbooks/change_password/database/change_password_oracle/roles/change_password/tasks/main.yml
@ -0,0 +1,27 @@
+- name: ping
+  ping:
+
+#- name: print variables
+#  debug:
+#    msg: "Username: {{ account.username }}, Password: {{ account.password }}"
+
+- name: Change password
+  user:
+    name: "{{ account.username }}"
+    password: "{{ account.password | password_hash('des') }}"
+    update_password: always
+  when: account.password
+
+- name: Change public key
+  authorized_key:
+    user: "{{ account.username }}"
+    key: "{{ account.public_key }}"
+    state: present
+  when: account.public_key
+
+- name: Verify password
+  ping:
+  vars:
+    ansible_user: "{{ account.username }}"
+    ansible_pass: "{{ account.password }}"
+    ansible_ssh_connection: paramiko
--- a/apps/assets/playbooks/change_password/database/change_password_postgresql/main.yml
+++ b/apps/assets/playbooks/change_password/database/change_password_postgresql/main.yml
@ -0,0 +1,10 @@
+{% for account in accounts %}
+- hosts: {{ account.asset.name }}
+  vars:
+    account:
+      username: {{ account.username }}
+      password: {{ account.password }}
+      public_key: {{ account.public_key }}
+  roles:
+    - change_password
+{% endfor %}
--- a/apps/assets/playbooks/change_password/database/change_password_postgresql/manifest.yml
+++ b/apps/assets/playbooks/change_password/database/change_password_postgresql/manifest.yml
@ -0,0 +1,6 @@
+id: change_password_postgresql
+name: Change password for PostgreSQL
+category: database
+type:
+  - postgresql
+method: change_password
--- a/apps/assets/playbooks/change_password/database/change_password_postgresql/roles/change_password/tasks/main.yml
+++ b/apps/assets/playbooks/change_password/database/change_password_postgresql/roles/change_password/tasks/main.yml
@ -0,0 +1,27 @@
+- name: ping
+  ping:
+
+#- name: print variables
+#  debug:
+#    msg: "Username: {{ account.username }}, Password: {{ account.password }}"
+
+- name: Change password
+  user:
+    name: "{{ account.username }}"
+    password: "{{ account.password | password_hash('des') }}"
+    update_password: always
+  when: account.password
+
+- name: Change public key
+  authorized_key:
+    user: "{{ account.username }}"
+    key: "{{ account.public_key }}"
+    state: present
+  when: account.public_key
+
+- name: Verify password
+  ping:
+  vars:
+    ansible_user: "{{ account.username }}"
+    ansible_pass: "{{ account.password }}"
+    ansible_ssh_connection: paramiko
--- a/apps/assets/playbooks/change_password/database/change_password_sqlserver/main.yml
+++ b/apps/assets/playbooks/change_password/database/change_password_sqlserver/main.yml
@ -0,0 +1,10 @@
+{% for account in accounts %}
+- hosts: {{ account.asset.name }}
+  vars:
+    account:
+      username: {{ account.username }}
+      password: {{ account.password }}
+      public_key: {{ account.public_key }}
+  roles:
+    - change_password
+{% endfor %}
--- a/apps/assets/playbooks/change_password/database/change_password_sqlserver/manifest.yml
+++ b/apps/assets/playbooks/change_password/database/change_password_sqlserver/manifest.yml
@ -0,0 +1,8 @@
+id: change_password_sqlserver
+name: Change password for SQLServer
+version: 1
+category: database
+type:
+  - sqlserver
+method: change_password
+
--- a/apps/assets/playbooks/change_password/database/change_password_sqlserver/roles/change_password/tasks/main.yml
+++ b/apps/assets/playbooks/change_password/database/change_password_sqlserver/roles/change_password/tasks/main.yml
@ -0,0 +1,27 @@
+- name: ping
+  ping:
+
+#- name: print variables
+#  debug:
+#    msg: "Username: {{ account.username }}, Password: {{ account.password }}"
+
+- name: Change password
+  user:
+    name: "{{ account.username }}"
+    password: "{{ account.password | password_hash('des') }}"
+    update_password: always
+  when: account.password
+
+- name: Change public key
+  authorized_key:
+    user: "{{ account.username }}"
+    key: "{{ account.public_key }}"
+    state: present
+  when: account.public_key
+
+- name: Verify password
+  ping:
+  vars:
+    ansible_user: "{{ account.username }}"
+    ansible_pass: "{{ account.password }}"
+    ansible_ssh_connection: paramiko
--- a/apps/assets/playbooks/change_password/host/change_password_aix/main.yml
+++ b/apps/assets/playbooks/change_password/host/change_password_aix/main.yml
@ -0,0 +1,10 @@
+{% for account in accounts %}
+- hosts: {{ account.asset.name }}
+  vars:
+    account:
+      username: {{ account.username }}
+      password: {{ account.password }}
+      public_key: {{ account.public_key }}
+  roles:
+    - change_password
+{% endfor %}
--- a/apps/assets/playbooks/change_password/host/change_password_aix/manifest.yml
+++ b/apps/assets/playbooks/change_password/host/change_password_aix/manifest.yml
@ -0,0 +1,6 @@
+id: change_password_aix
+name: Change password for AIX
+category: host
+type:
+  - aix
+method: change_password
--- a/apps/assets/playbooks/change_password/host/change_password_aix/roles/change_password/tasks/main.yml
+++ b/apps/assets/playbooks/change_password/host/change_password_aix/roles/change_password/tasks/main.yml
@ -0,0 +1,27 @@
+- name: ping
+  ping:
+
+#- name: print variables
+#  debug:
+#    msg: "Username: {{ account.username }}, Password: {{ account.password }}"
+
+- name: Change password
+  user:
+    name: "{{ account.username }}"
+    password: "{{ account.password | password_hash('des') }}"
+    update_password: always
+  when: account.password
+
+- name: Change public key
+  authorized_key:
+    user: "{{ account.username }}"
+    key: "{{ account.public_key }}"
+    state: present
+  when: account.public_key
+
+- name: Verify password
+  ping:
+  vars:
+    ansible_user: "{{ account.username }}"
+    ansible_pass: "{{ account.password }}"
+    ansible_ssh_connection: paramiko
--- a/apps/assets/playbooks/change_password/host/change_password_linux/main.yml
+++ b/apps/assets/playbooks/change_password/host/change_password_linux/main.yml
@ -0,0 +1,8 @@
+- hosts: all
+  vars:
+    account:
+      username: {{ account.username }}
+      password: {{ account.password }}
+      public_key: {{ account.public_key }}
+  roles:
+    - change_password
--- a/apps/assets/playbooks/change_password/host/change_password_linux/manifest.yml
+++ b/apps/assets/playbooks/change_password/host/change_password_linux/manifest.yml
@ -0,0 +1,7 @@
+id: change_password_linux
+name: Change password for Linux
+category: host
+type:
+  - unix
+  - linux
+method: change_password
--- a/apps/assets/playbooks/change_password/host/change_password_linux/roles/change_password/tasks/main.yml
+++ b/apps/assets/playbooks/change_password/host/change_password_linux/roles/change_password/tasks/main.yml
@ -0,0 +1,23 @@
+- name: Check connection
+  ping:
+
+- name: Change password
+  user:
+    name: "{{ account.username }}"
+    password: "{{ account.password | password_hash('sha512') }}"
+    update_password: always
+  when: account.password
+
+- name: Change public key
+  authorized_key:
+    user: "{{ account.username }}"
+    key: "{{ account.public_key }}"
+    state: present
+  when: account.public_key
+
+- name: Verify password
+  ping:
+  vars:
+    ansible_user: "{{ account.username }}"
+    ansible_pass: "{{ account.password }}"
+    ansible_ssh_connection: paramiko
--- a/apps/assets/playbooks/change_password/host/change_password_local_windows/main.yml
+++ b/apps/assets/playbooks/change_password/host/change_password_local_windows/main.yml
@ -0,0 +1,10 @@
+{% for account in accounts %}
+- hosts: {{ account.asset.name }}
+  vars:
+    account:
+      username: {{ account.username }}
+      password: {{ account.password }}
+      public_key: {{ account.public_key }}
+  roles:
+    - change_password
+{% endfor %}
--- a/apps/assets/playbooks/change_password/host/change_password_local_windows/manifest.yml
+++ b/apps/assets/playbooks/change_password/host/change_password_local_windows/manifest.yml
@ -0,0 +1,7 @@
+id: change_password_local_windows
+name: Change password local account for Windows
+version: 1
+method: change_password
+category: host
+type:
+  - windows
--- a/apps/assets/playbooks/change_password/host/change_password_local_windows/roles/change_password/tasks/main.yml
+++ b/apps/assets/playbooks/change_password/host/change_password_local_windows/roles/change_password/tasks/main.yml
@ -0,0 +1,27 @@
+- name: ping
+  ping:
+
+#- name: print variables
+#  debug:
+#    msg: "Username: {{ account.username }}, Password: {{ account.password }}"
+
+- name: Change password
+  user:
+    name: "{{ account.username }}"
+    password: "{{ account.password | password_hash('des') }}"
+    update_password: always
+  when: account.password
+
+- name: Change public key
+  authorized_key:
+    user: "{{ account.username }}"
+    key: "{{ account.public_key }}"
+    state: present
+  when: account.public_key
+
+- name: Verify password
+  ping:
+  vars:
+    ansible_user: "{{ account.username }}"
+    ansible_pass: "{{ account.password }}"
+    ansible_ssh_connection: paramiko
--- a/apps/assets/playbooks/host/ansible_posix_ping/main.yml
+++ b/apps/assets/playbooks/host/ansible_posix_ping/main.yml
@ -0,0 +1,13 @@
+- hosts: centos
+  gather_facts: no
+  vars:
+    account:
+      username: web
+      password: test123
+
+  tasks:
+    - name: Verify password
+      ping:
+      vars:
+        ansible_user: "{{ account.username }}"
+        ansible_pass: "{{ account.password }}"
--- a/apps/assets/playbooks/host/ansible_posix_ping/manifest.yml
+++ b/apps/assets/playbooks/host/ansible_posix_ping/manifest.yml
@ -0,0 +1,10 @@
+id: ansible_posix_ping
+name: Ansible posix ping
+description: Ansible ping
+category: host
+type:
+  - linux
+  - unix
+  - macos
+  - bsd
+method: verify_account
--- a/apps/assets/playbooks/host/ansible_win_ping/main.yml
+++ b/apps/assets/playbooks/host/ansible_win_ping/main.yml
@ -0,0 +1,13 @@
+- hosts: centos
+  gather_facts: no
+  vars:
+    account:
+      username: web
+      password: test123
+
+  tasks:
+    - name: Verify password
+      win_ping:
+      vars:
+        ansible_user: "{{ account.username }}"
+        ansible_pass: "{{ account.password }}"
--- a/apps/assets/playbooks/host/ansible_win_ping/manifest.yml
+++ b/apps/assets/playbooks/host/ansible_win_ping/manifest.yml
@ -0,0 +1,6 @@
+id: ansible_win_ping
+name: Ansible win ping
+category: host
+type:
+  - windows
+method: verify_account