Skip to main content

No project description provided

Project description

First, install pop-create-idem this is an extension of pop-create that is designed to easily create boilerplate code for idem-cloud projects.

pip3 install pop-create-idem

You now have access to the pop-create command with the idem-cloud subcommand.

To create a new idem-cloud project, run:

pop-create idem-cloud --directory /path/to/new/project --project-name=idem-{my_cloud} --simple-cloud-name={my_cloud}

A new project will have been created with all the boilerplate code needed to get started with idem-cloud: The directory tree should now look something like this:

.
├── build.conf
├── cicd
│   └── upload-code-coverage.sh
├── {project_name}
│   ├── acct
│   │   ├── contracts
│   │   └── {simple_service_name}
│   │       └── basic_auth.py
│   ├── conf.py
│   ├── exec
│   │   ├── contracts
│   │   └── {simple_service_name}
│   │       └── init.py
│   ├── states
│   │   ├── contracts
│   │   └── {simple_service_name}
│   │       └── init.py
│   ├── tool
│   │   └── contracts
│   └── version.py
├── LICENSE
├── noxfile.py
├── README.rst
├── requirements
│   ├── base.txt
│   └── tests.in
├── setup.py
└── tests
    ├── __init__.py
    ├── integration
    │   ├── acct
    │   ├── conftest.py
    │   ├── exec
    │   ├── __init__.py
    │   ├── states
    │   └── tool
    └── unit
        ├── acct
        ├── conftest.py
        ├── exec
        ├── __init__.py
        ├── states
        └── tool

Installation

Install your new project with pip, it needs to be added to the python environment.

pip install -e {project_root}

After installation the new Idem Cloud Provider execution and state modules will be accessible to the pop hub.

You can verify with pop-tree. Pop-tree shows you what is on the hub. Exec –add -sub idem is saying I want shows the exec sub, and add idem to the hub before I show exec modules; because pop-tree needs to be aware of what’s on the hub before it can show you anything.

pip install pop-tree

# Show the exec modules that properly app-merged onto the hub
pop-tree exec --add-sub idem

output:

exec:
----------
{simple_service_name}:
    ----------
    init:
        |_
        |_
test:
    |_
      - ctx
      - ping
    |_

Authenticating with idem-cloud

No matter what you use for your authentication method, in the end they all need to be interchangeable when we are calling exec modules. For example, let’s say I want all my plugins to authenticate with aiohttp, but I want one plugin to handle username and password authentication, and I want to make another plugin that handles authentication with an api token. Under the hood they’re both creating an aiohttp session, but they’re using credentials in different ways.

Or maybe we want to have an account plugin that authenticates with a cookie, and that’s a completely different way of using an aiohttp session, but on the back end it’s the same, and it will be the same to exec modules, that are calling the api methods. You could use a plain request library or httpx, or something else. Account plugins is where you can handle all those differences, and have different ways of authenticating.

That’s the reason you’d want different account plugins; for different ways of authenticating to the same service.

In idem aws we’re using different account plugins, because you can authenticate with gsuite, iamroles, raw botocore; you can get your credentials from the command line awscli. You can get aws credentials so many different ways, but under the hood, all the account plugins for idem-aws end up creating a boto core session.

Keep that in mind with whatever your cloud is. You can make as many plugins to authenticate as you need; and on the backend they need to create the same interface for exec modules to interact with.

Edit the file at {project_name}/acct/{simple_cloud_name}/basic_auth.py This is where you can customize authentication to your cloud. You can create other plugins in this directory that authenticate in different ways to the same cloud.

After installing idem with pip; acct, exec, and state modules will be accessible to the pop hub. In order to use them we need to set up our credentials.

Create a new file called credentials.yaml, appropriately named, as you populate it with credentials. The “default” profile will be used automatically by idem unless you specify one with –acct-profile=profile_name on the idem cli.

There are many ways providers/profiles can be stored. See acct backends for more information.

This is an example of what is looks like; This is the file name:

credentials.yaml

And these are the contents of the file:

{simple_service_name}.basic_auth:
  default:
    username: my_user
    password: my_pass

Now encrypt the credentials file and add the encryption key and encrypted file path to the ENVIRONMENT.

The acct command should be available as it is a requisite of idem.

This is an example of how to encrypt the credential file.

acct encrypt credentials.yaml

output:

-A9ZkiCSOjWYG_lbGmmkVh4jKLFDyOFH4e4S1HNtNwI=

This is how you add these to your environment; Use a variable assigned to the value of the output, and second variable assigned to value of the path to the encrypted fernet file.

export ACCT_KEY="-A9ZkiCSOjWYG_lbGmmkVh4jKLFDyOFH4e4S1HNtNwI="
export ACCT_FILE=$PWD/credentials.yaml.fernet

Idem will now be able to read these credentials for authentication to your cloud!

Exec modules

functions placed in {project_name}/exec/{simple_service_name}/ will appear on the hub under. hub.exec.{simple_service_name}.*. The directory structure under exec is arbitrary to idem, so use it to keep your functions organized. Do NOT put all your functions in one giant file. That is not very pop.

The directory structure affects where functions are placed on the hub, and how they are referenced on the CLI.

If you create a function called get in {project_name}/exec/{simple_service_name}/instance, it can be called from the hub within code like so:

hub.exec.simple_service_name.instance.get("instance_name")

It could be called from the idem cli like this:

idem exec {simple_service_name}.instance.get instance_name

The profile you want to use from your encrypted credentials file can be specified on the command line when calling an exec module directly. The default is to use the profile named “default”.

idem exec --acct-profile my-staging-env {simple_service_name}.instance.list

States

A profile can be specified for use with a specific state. If no profile is specified, the profile called “default”, if one exists, will be used:

ensure_user_exists:
  {simple_service_name}.user.present:
    - acct_profile: my-staging-env
    - name: a_user_name
    - kwarg1: val1

It can also be specified from the command line when executing states.

idem state --acct-profile my-staging-env my_state.sls

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pop-create-idem-3.4.0.tar.gz (43.1 kB view details)

Uploaded Source

Built Distribution

pop_create_idem-3.4.0-py3-none-any.whl (66.7 kB view details)

Uploaded Python 3

File details

Details for the file pop-create-idem-3.4.0.tar.gz.

File metadata

  • Download URL: pop-create-idem-3.4.0.tar.gz
  • Upload date:
  • Size: 43.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.8.0 pkginfo/1.9.6 readme-renderer/37.3 requests/2.30.0 requests-toolbelt/1.0.0 urllib3/2.0.2 tqdm/4.65.0 importlib-metadata/6.6.0 keyring/23.13.1 rfc3986/2.0.0 colorama/0.4.6 CPython/3.9.16

File hashes

Hashes for pop-create-idem-3.4.0.tar.gz
Algorithm Hash digest
SHA256 38392e44358c9fe5599f50325e0bd803fb370c7051b2a89779cf08fd2361de4e
MD5 7e995481f13470da9d654982c309f612
BLAKE2b-256 96c520a30afba47f58c6060003af3191d689135c4bd9976d1e5571690e3f5f59

See more details on using hashes here.

File details

Details for the file pop_create_idem-3.4.0-py3-none-any.whl.

File metadata

  • Download URL: pop_create_idem-3.4.0-py3-none-any.whl
  • Upload date:
  • Size: 66.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.8.0 pkginfo/1.9.6 readme-renderer/37.3 requests/2.30.0 requests-toolbelt/1.0.0 urllib3/2.0.2 tqdm/4.65.0 importlib-metadata/6.6.0 keyring/23.13.1 rfc3986/2.0.0 colorama/0.4.6 CPython/3.9.16

File hashes

Hashes for pop_create_idem-3.4.0-py3-none-any.whl
Algorithm Hash digest
SHA256 c1d0e0a72a008811f0d34f9e285c82be1a8ccfc04bd34fb22862e57c9c4a79d6
MD5 4d6d649edb5f34500e8d194e197eccc6
BLAKE2b-256 237504d86ccc5e9fff5c0317523f8b461e565c0dc0669c800725600297c88e54

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page