--- /dev/null
+import asyncio
+import logging
+
+from . import tag
+from . import utils
+from .client import client
+from .client import connection
+from .model import Model
+
+log = logging.getLogger(__name__)
+
+
+class Controller(object):
+ def __init__(self, loop=None,
+ max_frame_size=connection.Connection.DEFAULT_FRAME_SIZE):
+ """Instantiate a new Controller.
+
+ One of the connect_* methods will need to be called before this
+ object can be used for anything interesting.
+
+ :param loop: an asyncio event loop
+
+ """
+ self.loop = loop or asyncio.get_event_loop()
+ self.max_frame_size = None
+ self.connection = None
+ self.controller_name = None
+
+ async def connect(
+ self, endpoint, username, password, cacert=None, macaroons=None):
+ """Connect to an arbitrary Juju controller.
+
+ """
+ self.connection = await connection.Connection.connect(
+ endpoint, None, username, password, cacert, macaroons,
+ max_frame_size=self.max_frame_size)
+
+ async def connect_current(self):
+ """Connect to the current Juju controller.
+
+ """
+ self.connection = (
+ await connection.Connection.connect_current_controller(
+ max_frame_size=self.max_frame_size))
+
+ async def connect_controller(self, controller_name):
+ """Connect to a Juju controller by name.
+
+ """
+ self.connection = (
+ await connection.Connection.connect_controller(
+ controller_name, max_frame_size=self.max_frame_size))
+ self.controller_name = controller_name
+
+ async def disconnect(self):
+ """Shut down the watcher task and close websockets.
+
+ """
+ if self.connection and self.connection.is_open:
+ log.debug('Closing controller connection')
+ await self.connection.close()
+ self.connection = None
+
+ async def add_model(
+ self, model_name, cloud_name=None, credential_name=None,
+ owner=None, config=None, region=None):
+ """Add a model to this controller.
+
+ :param str model_name: Name to give the new model.
+ :param str cloud_name: Name of the cloud in which to create the
+ model, e.g. 'aws'. Defaults to same cloud as controller.
+ :param str credential_name: Name of the credential to use when
+ creating the model. Defaults to current credential. If you
+ pass a credential_name, you must also pass a cloud_name,
+ even if it's the default cloud.
+ :param str owner: Username that will own the model. Defaults to
+ the current user.
+ :param dict config: Model configuration.
+ :param str region: Region in which to create the model.
+
+ """
+ model_facade = client.ModelManagerFacade.from_connection(
+ self.connection)
+
+ owner = owner or self.connection.info['user-info']['identity']
+ cloud_name = cloud_name or await self.get_cloud()
+
+ if credential_name:
+ credential = tag.credential(
+ cloud_name,
+ tag.untag('user-', owner),
+ credential_name
+ )
+ else:
+ credential = None
+
+ log.debug('Creating model %s', model_name)
+
+ model_info = await model_facade.CreateModel(
+ tag.cloud(cloud_name),
+ config,
+ credential,
+ model_name,
+ owner,
+ region
+ )
+
+ # Add our ssh key to the model, to work around
+ # https://bugs.launchpad.net/juju/+bug/1643076
+ try:
+ ssh_key = await utils.read_ssh_key(loop=self.loop)
+
+ if self.controller_name:
+ model_name = "{}:{}".format(self.controller_name, model_name)
+
+ cmd = ['juju', 'add-ssh-key', '-m', model_name, ssh_key]
+
+ await utils.execute_process(*cmd, log=log, loop=self.loop)
+ except Exception:
+ log.exception(
+ "Could not add ssh key to model. You will not be able "
+ "to ssh into machines in this model. "
+ "Manually running `juju add-ssh-key <key>` in the cli "
+ "may fix this problem.")
+
+ model = Model()
+ await model.connect(
+ self.connection.endpoint,
+ model_info.uuid,
+ self.connection.username,
+ self.connection.password,
+ self.connection.cacert,
+ self.connection.macaroons,
+ loop=self.loop,
+ )
+
+ return model
+
+ async def destroy_models(self, *uuids):
+ """Destroy one or more models.
+
+ :param str \*uuids: UUIDs of models to destroy
+
+ """
+ model_facade = client.ModelManagerFacade.from_connection(
+ self.connection)
+
+ log.debug(
+ 'Destroying model%s %s',
+ '' if len(uuids) == 1 else 's',
+ ', '.join(uuids)
+ )
+
+ await model_facade.DestroyModels([
+ client.Entity(tag.model(uuid))
+ for uuid in uuids
+ ])
+ destroy_model = destroy_models
+
+ async def add_user(self, username, password=None, display_name=None):
+ """Add a user to this controller.
+
+ :param str username: Username
+ :param str display_name: Display name
+ :param str acl: Access control, e.g. 'read'
+ :param list models: Models to which the user is granted access
+
+ """
+ if not display_name:
+ display_name = username
+ user_facade = client.UserManagerFacade.from_connection(self.connection)
+ users = [{'display_name': display_name,
+ 'password': password,
+ 'username': username}]
+ return await user_facade.AddUser(users)
+
+ async def change_user_password(self, username, password):
+ """Change the password for a user in this controller.
+
+ :param str username: Username
+ :param str password: New password
+
+ """
+ user_facade = client.UserManagerFacade.from_connection(self.connection)
+ entity = client.EntityPassword(password, tag.user(username))
+ return await user_facade.SetPassword([entity])
+
+ async def destroy(self, destroy_all_models=False):
+ """Destroy this controller.
+
+ :param bool destroy_all_models: Destroy all hosted models in the
+ controller.
+
+ """
+ controller_facade = client.ControllerFacade.from_connection(
+ self.connection)
+ return await controller_facade.DestroyController(destroy_all_models)
+
+ async def disable_user(self, username):
+ """Disable a user.
+
+ :param str username: Username
+
+ """
+ user_facade = client.UserManagerFacade.from_connection(self.connection)
+ entity = client.Entity(tag.user(username))
+ return await user_facade.DisableUser([entity])
+
+ async def enable_user(self, username):
+ """Re-enable a previously disabled user.
+
+ """
+ user_facade = client.UserManagerFacade.from_connection(self.connection)
+ entity = client.Entity(tag.user(username))
+ return await user_facade.EnableUser([entity])
+
+ def kill(self):
+ """Forcibly terminate all machines and other associated resources for
+ this controller.
+
+ """
+ raise NotImplementedError()
+
+ async def get_cloud(self):
+ """
+ Get the name of the cloud that this controller lives on.
+ """
+ cloud_facade = client.CloudFacade.from_connection(self.connection)
+
+ result = await cloud_facade.Clouds()
+ cloud = list(result.clouds.keys())[0] # only lives on one cloud
+ return tag.untag('cloud-', cloud)
+
+ async def get_models(self, all_=False, username=None):
+ """Return list of available models on this controller.
+
+ :param bool all_: List all models, regardless of user accessibilty
+ (admin use only)
+ :param str username: User for which to list models (admin use only)
+
+ """
+ controller_facade = client.ControllerFacade.from_connection(
+ self.connection)
+ return await controller_facade.AllModels()
+
+ def get_payloads(self, *patterns):
+ """Return list of known payloads.
+
+ :param str \*patterns: Patterns to match against
+
+ Each pattern will be checked against the following info in Juju::
+
+ - unit name
+ - machine id
+ - payload type
+ - payload class
+ - payload id
+ - payload tag
+ - payload status
+
+ """
+ raise NotImplementedError()
+
+ def get_users(self, all_=False):
+ """Return list of users that can connect to this controller.
+
+ :param bool all_: Include disabled users
+
+ """
+ raise NotImplementedError()
+
+ def login(self):
+ """Log in to this controller.
+
+ """
+ raise NotImplementedError()
+
+ def logout(self, force=False):
+ """Log out of this controller.
+
+ :param bool force: Don't fail even if user not previously logged in
+ with a password
+
+ """
+ raise NotImplementedError()
+
+ def get_model(self, name):
+ """Get a model by name.
+
+ :param str name: Model name
+
+ """
+ raise NotImplementedError()
+
+ async def get_user(self, username, include_disabled=False):
+ """Get a user by name.
+
+ :param str username: Username
+
+ """
+ client_facade = client.UserManagerFacade.from_connection(
+ self.connection)
+ user = tag.user(username)
+ return await client_facade.UserInfo([client.Entity(user)],
+ include_disabled)
+
+ async def grant(self, username, acl='login'):
+ """Set access level of the given user on the controller
+
+ :param str username: Username
+ :param str acl: Access control ('login', 'add-model' or 'superuser')
+
+ """
+ controller_facade = client.ControllerFacade.from_connection(
+ self.connection)
+ user = tag.user(username)
+ await self.revoke(username)
+ changes = client.ModifyControllerAccess(acl, 'grant', user)
+ return await controller_facade.ModifyControllerAccess([changes])
+
+ async def revoke(self, username):
+ """Removes all access from a controller
+
+ :param str username: username
+
+ """
+ controller_facade = client.ControllerFacade.from_connection(
+ self.connection)
+ user = tag.user(username)
+ changes = client.ModifyControllerAccess('login', 'revoke', user)
+ return await controller_facade.ModifyControllerAccess([changes])