Skip to content
GitLab
Explore
Sign in
Register
Primary navigation
Search or go to…
Project
R
rabbitmq_agents
Manage
Activity
Members
Labels
Plan
Issues
14
Issue boards
Milestones
Wiki
Code
Merge requests
8
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Package Registry
Container Registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
rc
rabbitmq_agents
Commits
e63517fb
Commit
e63517fb
authored
3 years ago
by
Eesaan Atluri
Browse files
Options
Downloads
Patches
Plain Diff
Add an rmq agent to expire an account in order to block access.
parent
68126bdd
No related branches found
No related tags found
2 merge requests
!147
Merge previous default branch feat-cod-rmq into main
,
!119
Feat account management
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
prod_rmq_agents/expire_account.py
+74
-0
74 additions, 0 deletions
prod_rmq_agents/expire_account.py
with
74 additions
and
0 deletions
prod_rmq_agents/expire_account.py
0 → 100644
+
74
−
0
View file @
e63517fb
#!/usr/bin/env python
import
os
import
json
import
pika
import
rc_util
from
os
import
popen
from
pathlib
import
Path
from
rc_rmq
import
RCRMQ
import
rabbit_config
as
rcfg
from
datetime
import
date
,
timedelta
task
=
"
expire_account
"
args
=
rc_util
.
get_args
()
logger
=
rc_util
.
get_logger
(
args
)
# Instantiate rabbitmq object
rc_rmq
=
RCRMQ
({
"
exchange
"
:
rcfg
.
Exchange
,
"
exchange_type
"
:
"
topic
"
})
def
expire_account
(
ch
,
method
,
properties
,
body
):
msg
=
json
.
loads
(
body
)
username
=
msg
[
"
username
"
]
action
=
msg
[
"
action
"
]
msg
[
"
success
"
]
=
{}
msg
[
"
success
"
][
task
]
=
False
yesterday
=
date
.
today
()
-
timedelta
(
days
=
1
)
corr_id
=
properties
.
correlation_id
reply_to
=
properties
.
reply_to
try
:
expire_account_cmd
=
f
'
/cm/local/apps/cmd/bin/cmsh -n -c
"
user;use
{
username
}
; set expirationdate
{
yesterday
}
; commit;
"'
unexpire_account_cmd
=
f
'
/cm/local/apps/cmd/bin/cmsh -n -c
"
user;use
{
username
}
; set expirationdate 2037/12/31; commit;
"'
if
action
==
'
lock
'
:
block_ssh
=
popen
(
expire_account_cmd
).
read
().
rstrip
()
elif
action
==
'
unlock
'
:
unblock_ssh
=
popen
(
unexpire_account_cmd
).
read
().
rstrip
()
msg
[
"
success
"
][
task
]
=
True
logger
.
info
(
f
"
ssh expiration set to yesterday for user
{
username
}
"
)
except
Exception
:
msg
[
"
success
"
][
task
]
=
False
msg
[
"
errmsg
"
]
=
"
Exception raised, while expiring user
'
s ssh access, check the logs for stack trace
"
logger
.
error
(
""
,
exc_info
=
True
)
# send response to callback queue with it's correlation ID
if
reply_to
:
rc_rmq
.
publish_msg
(
{
"
routing_key
"
:
reply_to
,
"
props
"
:
pika
.
BasicProperties
(
correlation_id
=
corr_id
,
),
"
msg
"
:
msg
}
)
logger
.
debug
(
f
"
User
{
username
}
confirmation sent for
{
action
}
ing
{
task
}
"
)
ch
.
basic_ack
(
delivery_tag
=
method
.
delivery_tag
)
logger
.
info
(
f
"
Start listening to queue:
{
task
}
"
)
rc_rmq
.
bind_queue
(
queue
=
task
,
routing_key
=
'
lock.*
'
,
durable
=
True
)
rc_rmq
.
bind_queue
(
queue
=
task
,
routing_key
=
'
unlock.*
'
,
durable
=
True
)
rc_rmq
.
bind_queue
(
queue
=
task
,
routing_key
=
'
expiration.*
'
,
durable
=
True
)
rc_rmq
.
start_consume
(
{
"
queue
"
:
task
,
"
cb
"
:
expire_account
}
)
logger
.
info
(
"
Disconnected
"
)
rc_rmq
.
disconnect
()
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
