majuna/app/cli/automate.py

import argparse
import datetime
import json
import logging
from traceback import TracebackException
from typing import Type, TYPE_CHECKING, Any

from app import app
from app.extensions import db
from app.models.activity import Activity
from app.models.automation import Automation, AutomationState, AutomationLogs
from app.terraform import BaseAutomation
from app.terraform.block_bridge_github import BlockBridgeGitHubAutomation
from app.terraform.block_external import BlockExternalAutomation
from app.terraform.block_ooni import BlockOONIAutomation
from app.terraform.block_roskomsvoboda import BlockRoskomsvobodaAutomation
from app.terraform.eotk.aws import EotkAWSAutomation
from app.terraform.alarms.proxy_azure_cdn import AlarmProxyAzureCdnAutomation
from app.terraform.alarms.proxy_cloudfront import AlarmProxyCloudfrontAutomation
from app.terraform.alarms.proxy_http_status import AlarmProxyHTTPStatusAutomation
from app.terraform.bridge.aws import BridgeAWSAutomation
from app.terraform.bridge.gandi import BridgeGandiAutomation
from app.terraform.bridge.hcloud import BridgeHcloudAutomation
from app.terraform.bridge.ovh import BridgeOvhAutomation
from app.terraform.list.github import ListGithubAutomation
from app.terraform.list.gitlab import ListGitlabAutomation
from app.terraform.list.s3 import ListS3Automation
from app.terraform.proxy.azure_cdn import ProxyAzureCdnAutomation
from app.terraform.proxy.cloudfront import ProxyCloudfrontAutomation


if TYPE_CHECKING:
    _SubparserType = argparse._SubParsersAction[argparse.ArgumentParser]
else:
    _SubparserType = Any

jobs = {
    x.short_name: x
    for x in [
        AlarmProxyAzureCdnAutomation,
        AlarmProxyCloudfrontAutomation,
        AlarmProxyHTTPStatusAutomation,
        BlockBridgeGitHubAutomation,
        BlockExternalAutomation,
        BlockOONIAutomation,
        BlockRoskomsvobodaAutomation,
        BridgeAWSAutomation,
        BridgeGandiAutomation,
        BridgeHcloudAutomation,
        BridgeOvhAutomation,
        EotkAWSAutomation,
        ListGithubAutomation,
        ListGitlabAutomation,
        ListS3Automation,
        ProxyAzureCdnAutomation,
        ProxyCloudfrontAutomation
    ]
}


def run_all(**kwargs: bool) -> None:
    for job in jobs.values():
        run_job(job, **kwargs)  # type: ignore


def run_job(job_cls: Type[BaseAutomation], *,
            force: bool = False, ignore_schedule: bool = False) -> None:
    automation = Automation.query.filter(Automation.short_name == job_cls.short_name).first()
    if automation is None:
        automation = Automation()
        automation.short_name = job_cls.short_name
        automation.description = job_cls.description
        automation.enabled = False
        automation.next_is_full = False
        automation.added = datetime.datetime.utcnow()
        automation.updated = automation.added
        db.session.add(automation)
        db.session.commit()
    else:
        if automation.state == AutomationState.RUNNING and not force:
            logging.warning("Not running an already running automation")
            return
        if not ignore_schedule and not force:
            if automation.next_run is not None and automation.next_run > datetime.datetime.utcnow():
                logging.warning("Not time to run this job yet")
                return
    if not automation.enabled and not force:
        logging.warning("job %s is disabled and --force not specified", job_cls.short_name)
        return
    automation.state = AutomationState.RUNNING
    db.session.commit()
    job: BaseAutomation = job_cls()
    try:
        success, logs = job.automate()
        # We want to catch any and all exceptions that would cause problems here, because
        # the error handling process isn't really handling the error, but rather causing it
        # to be logged for investigation. Catching more specific exceptions would just mean that
        # others go unrecorded and are difficult to debug.
    except Exception as e:  # pylint: disable=broad-except
        tb = TracebackException.from_exception(e)
        success = False
        logs = "".join(tb.format())
    if success:
        automation.state = AutomationState.IDLE
        automation.next_run = datetime.datetime.utcnow() + datetime.timedelta(
            minutes=getattr(job, "frequency", 7))
    else:
        automation.state = AutomationState.ERROR
        automation.enabled = False
        automation.next_run = None
        log = AutomationLogs()
        log.automation_id = automation.id
        log.added = datetime.datetime.utcnow()
        log.updated = datetime.datetime.utcnow()
        log.logs = json.dumps(logs)
        db.session.add(log)
        activity = Activity(
            activity_type="automation",
            text=f"FLASH! Automation Failure: {automation.short_name}. See logs for details."
        )
        db.session.add(activity)
        activity.notify()  # Notify before commit because the failure occurred even if we can't commit.
    automation.last_run = datetime.datetime.utcnow()
    db.session.commit()


class AutomateCliHandler:
    @classmethod
    def add_subparser_to(cls, subparsers: _SubparserType) -> None:
        parser = subparsers.add_parser("automate", help="automation operations")
        parser.add_argument("-a", "--all", dest="all", help="run all automation jobs", action="store_true")
        parser.add_argument("-j", "--job", dest="job", choices=sorted(jobs.keys()),
                            help="run a specific automation job")
        parser.add_argument("--force", help="run job even if disabled and it's not time yet", action="store_true")
        parser.add_argument("--ignore-schedule", help="run job even if it's not time yet", action="store_true")
        parser.set_defaults(cls=cls)

    def __init__(self, args: argparse.Namespace) -> None:
        self.args = args

    def run(self) -> None:
        with app.app_context():
            if self.args.job:
                run_job(jobs[self.args.job],  # type: ignore
                        force=self.args.force,
                        ignore_schedule=self.args.ignore_schedule)
            elif self.args.all:
                run_all(force=self.args.force, ignore_schedule=self.args.ignore_schedule)
            else:
                logging.error("No action requested")
automation: establish an automation framework 2022-05-08 17:20:04 +01:00			`import argparse`
			`import datetime`
			`import json`
			`import logging`
automation: add full stack trace for exceptions to logs 2022-05-12 09:57:42 +01:00			`from traceback import TracebackException`
cli/automate: fix up errors found with mypy 2022-05-16 09:24:37 +01:00			`from typing import Type, TYPE_CHECKING, Any`
automation: establish an automation framework 2022-05-08 17:20:04 +01:00
			`from app import app`
			`from app.extensions import db`
activity: basic webhook alerts for automation failures 2022-05-14 10:18:00 +01:00			`from app.models.activity import Activity`
automation: establish an automation framework 2022-05-08 17:20:04 +01:00			`from app.models.automation import Automation, AutomationState, AutomationLogs`
			`from app.terraform import BaseAutomation`
automation: herd blocking automations into framework see #1 2022-05-09 08:09:57 +01:00			`from app.terraform.block_bridge_github import BlockBridgeGitHubAutomation`
			`from app.terraform.block_external import BlockExternalAutomation`
			`from app.terraform.block_ooni import BlockOONIAutomation`
block: import blocklist from roskomsvoboda 2022-05-09 14:11:05 +01:00			`from app.terraform.block_roskomsvoboda import BlockRoskomsvobodaAutomation`
eotk: import instance information from terraform 2022-05-13 15:40:59 +01:00			`from app.terraform.eotk.aws import EotkAWSAutomation`
automation: establish an automation framework 2022-05-08 17:20:04 +01:00			`from app.terraform.alarms.proxy_azure_cdn import AlarmProxyAzureCdnAutomation`
			`from app.terraform.alarms.proxy_cloudfront import AlarmProxyCloudfrontAutomation`
			`from app.terraform.alarms.proxy_http_status import AlarmProxyHTTPStatusAutomation`
			`from app.terraform.bridge.aws import BridgeAWSAutomation`
			`from app.terraform.bridge.gandi import BridgeGandiAutomation`
			`from app.terraform.bridge.hcloud import BridgeHcloudAutomation`
			`from app.terraform.bridge.ovh import BridgeOvhAutomation`
			`from app.terraform.list.github import ListGithubAutomation`
			`from app.terraform.list.gitlab import ListGitlabAutomation`
			`from app.terraform.list.s3 import ListS3Automation`
			`from app.terraform.proxy.azure_cdn import ProxyAzureCdnAutomation`
			`from app.terraform.proxy.cloudfront import ProxyCloudfrontAutomation`


cli/automate: fix up errors found with mypy 2022-05-16 09:24:37 +01:00			`if TYPE_CHECKING:`
			`_SubparserType = argparse._SubParsersAction[argparse.ArgumentParser]`
			`else:`
			`_SubparserType = Any`

automation: establish an automation framework 2022-05-08 17:20:04 +01:00			`jobs = {`
			`x.short_name: x`
			`for x in [`
			`AlarmProxyAzureCdnAutomation,`
			`AlarmProxyCloudfrontAutomation,`
			`AlarmProxyHTTPStatusAutomation,`
automation: herd blocking automations into framework see #1 2022-05-09 08:09:57 +01:00			`BlockBridgeGitHubAutomation,`
			`BlockExternalAutomation,`
			`BlockOONIAutomation,`
block: import blocklist from roskomsvoboda 2022-05-09 14:11:05 +01:00			`BlockRoskomsvobodaAutomation,`
automation: establish an automation framework 2022-05-08 17:20:04 +01:00			`BridgeAWSAutomation,`
			`BridgeGandiAutomation,`
			`BridgeHcloudAutomation,`
			`BridgeOvhAutomation,`
eotk: import instance information from terraform 2022-05-13 15:40:59 +01:00			`EotkAWSAutomation,`
automation: establish an automation framework 2022-05-08 17:20:04 +01:00			`ListGithubAutomation,`
			`ListGitlabAutomation,`
			`ListS3Automation,`
			`ProxyAzureCdnAutomation,`
			`ProxyCloudfrontAutomation`
			`]`
			`}`


cli/automate: fix up errors found with mypy 2022-05-16 09:24:37 +01:00			`def run_all(**kwargs: bool) -> None:`
automation: establish an automation framework 2022-05-08 17:20:04 +01:00			`for job in jobs.values():`
auto/terraform: typing hints for base terraform module 2022-05-16 10:08:18 +01:00			`run_job(job, **kwargs) # type: ignore`
automation: establish an automation framework 2022-05-08 17:20:04 +01:00

cli/automate: fix up errors found with mypy 2022-05-16 09:24:37 +01:00			`def run_job(job_cls: Type[BaseAutomation], *,`
			`force: bool = False, ignore_schedule: bool = False) -> None:`
			`automation = Automation.query.filter(Automation.short_name == job_cls.short_name).first()`
automation: establish an automation framework 2022-05-08 17:20:04 +01:00			`if automation is None:`
			`automation = Automation()`
cli/automate: fix up errors found with mypy 2022-05-16 09:24:37 +01:00			`automation.short_name = job_cls.short_name`
			`automation.description = job_cls.description`
automation: default state for unknown automation is disabled 2022-05-14 10:18:47 +01:00			`automation.enabled = False`
automation: establish an automation framework 2022-05-08 17:20:04 +01:00			`automation.next_is_full = False`
			`automation.added = datetime.datetime.utcnow()`
			`automation.updated = automation.added`
			`db.session.add(automation)`
automate: don't run automation on first sight 2022-05-14 12:05:06 +01:00			`db.session.commit()`
automation: establish an automation framework 2022-05-08 17:20:04 +01:00			`else:`
			`if automation.state == AutomationState.RUNNING and not force:`
			`logging.warning("Not running an already running automation")`
			`return`
			`if not ignore_schedule and not force:`
			`if automation.next_run is not None and automation.next_run > datetime.datetime.utcnow():`
			`logging.warning("Not time to run this job yet")`
			`return`
			`if not automation.enabled and not force:`
lint: excuse catching broad exceptions 2022-05-17 09:03:43 +01:00			`logging.warning("job %s is disabled and --force not specified", job_cls.short_name)`
automation: establish an automation framework 2022-05-08 17:20:04 +01:00			`return`
			`automation.state = AutomationState.RUNNING`
			`db.session.commit()`
cli/automate: fix up errors found with mypy 2022-05-16 09:24:37 +01:00			`job: BaseAutomation = job_cls()`
automation: establish an automation framework 2022-05-08 17:20:04 +01:00			`try:`
			`success, logs = job.automate()`
lint: excuse catching broad exceptions 2022-05-17 09:03:43 +01:00			`# We want to catch any and all exceptions that would cause problems here, because`
			`# the error handling process isn't really handling the error, but rather causing it`
			`# to be logged for investigation. Catching more specific exceptions would just mean that`
			`# others go unrecorded and are difficult to debug.`
			`except Exception as e: # pylint: disable=broad-except`
automation: add full stack trace for exceptions to logs 2022-05-12 09:57:42 +01:00			`tb = TracebackException.from_exception(e)`
automation: establish an automation framework 2022-05-08 17:20:04 +01:00			`success = False`
automation: add full stack trace for exceptions to logs 2022-05-12 09:57:42 +01:00			`logs = "".join(tb.format())`
automation: establish an automation framework 2022-05-08 17:20:04 +01:00			`if success:`
			`automation.state = AutomationState.IDLE`
block: import blocklist from roskomsvoboda 2022-05-09 14:11:05 +01:00			`automation.next_run = datetime.datetime.utcnow() + datetime.timedelta(`
			`minutes=getattr(job, "frequency", 7))`
automation: establish an automation framework 2022-05-08 17:20:04 +01:00			`else:`
			`automation.state = AutomationState.ERROR`
			`automation.enabled = False`
			`automation.next_run = None`
			`log = AutomationLogs()`
			`log.automation_id = automation.id`
			`log.added = datetime.datetime.utcnow()`
			`log.updated = datetime.datetime.utcnow()`
			`log.logs = json.dumps(logs)`
			`db.session.add(log)`
activity: basic webhook alerts for automation failures 2022-05-14 10:18:00 +01:00			`activity = Activity(`
			`activity_type="automation",`
			`text=f"FLASH! Automation Failure: {automation.short_name}. See logs for details."`
			`)`
automate: add flash activity to db session 2022-05-16 14:06:07 +01:00			`db.session.add(activity)`
activity: basic webhook alerts for automation failures 2022-05-14 10:18:00 +01:00			`activity.notify() # Notify before commit because the failure occurred even if we can't commit.`
automation: establish an automation framework 2022-05-08 17:20:04 +01:00			`automation.last_run = datetime.datetime.utcnow()`
			`db.session.commit()`


			`class AutomateCliHandler:`
			`@classmethod`
cli/automate: fix up errors found with mypy 2022-05-16 09:24:37 +01:00			`def add_subparser_to(cls, subparsers: _SubparserType) -> None:`
automation: establish an automation framework 2022-05-08 17:20:04 +01:00			`parser = subparsers.add_parser("automate", help="automation operations")`
			`parser.add_argument("-a", "--all", dest="all", help="run all automation jobs", action="store_true")`
			`parser.add_argument("-j", "--job", dest="job", choices=sorted(jobs.keys()),`
			`help="run a specific automation job")`
			`parser.add_argument("--force", help="run job even if disabled and it's not time yet", action="store_true")`
			`parser.add_argument("--ignore-schedule", help="run job even if it's not time yet", action="store_true")`
			`parser.set_defaults(cls=cls)`

cli/automate: fix up errors found with mypy 2022-05-16 09:24:37 +01:00			`def __init__(self, args: argparse.Namespace) -> None:`
automation: establish an automation framework 2022-05-08 17:20:04 +01:00			`self.args = args`

cli/automate: fix up errors found with mypy 2022-05-16 09:24:37 +01:00			`def run(self) -> None:`
automation: establish an automation framework 2022-05-08 17:20:04 +01:00			`with app.app_context():`
			`if self.args.job:`
auto/terraform: typing hints for base terraform module 2022-05-16 10:08:18 +01:00			`run_job(jobs[self.args.job], # type: ignore`
			`force=self.args.force,`
			`ignore_schedule=self.args.ignore_schedule)`
automation: establish an automation framework 2022-05-08 17:20:04 +01:00			`elif self.args.all:`
			`run_all(force=self.args.force, ignore_schedule=self.args.ignore_schedule)`
			`else:`
			`logging.error("No action requested")`