| Server IP : 209.38.156.173 / Your IP : 216.73.216.122 [ Web Server : Apache/2.4.52 (Ubuntu) System : Linux lakekumayuhotel 5.15.0-136-generic #147-Ubuntu SMP Sat Mar 15 15:53:30 UTC 2025 x86_64 User : root ( 0) PHP Version : 8.1.2-1ubuntu2.22 Disable Function : NONE Domains : 2 Domains MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /usr/lib/python3/dist-packages/cloudinit/sources/helpers/__pycache__/ |
Upload File : |
o
����x[h������������������������@���s���d�dl�Z�d�dlZd�dlZd�dlZd�dlZd�dlZd�dlZd�dlmZ�d�dl m Z m
Z
�d�dl
m
Z
m
Z
�d�dl
mZmZmZmZmZ�d�dlmZ�d�dlmZ�d�dlmZmZmZm
Z
m
Z
m
Z
�d�d l m Z �d�d
l!m"Z"�e�#e$�Z%d
Z&d
Z'd
Z(dZ)dZ*e j+dddd�Z,ed�Z-dede-f�dede-f�fdd�Z.e.dd���Z/e.d
d
���Z0dd
�d e1de j2fd d!�Z3d"d#��Z4e.d$d%���Z5ed&d'���Z6e.dd(d)d*�d+e1d,e7d-ee8�d.e9d/e9de
j:f
d0d1��Z;d2e1d3e1d4e1de8fd5d6�Z<G�d7d8��d8�Z=G�d9d:��d:e>�Z?G�d;d<��d<�Z@G�d=d>��d>�ZAG�d?d@��d@�ZBG�dAdB��dB�ZCe. dSdCe1dDejDdEeee1��dFee1�fdGdH��ZEe.dCe1dIdJfdKdL��ZFdMdN��ZGG�dOdP��dPe>�ZHG�dQdR��dR�ZIdS�)T�����N)�contextmanager)�datetime�timezone)�sleep�time)�Callable�List�Optional�TypeVar�Union)�
ElementTree)�escape)�distros�subp�
temp_utils�
url_helper�util�version)�events)�errorsz
168.63.129.16�boot-telemetryz
system-info�
diagnostic�
compressedzazure-dsz initialize reporter for azure dsT)�name�
description�reporting_enabled�T�func.�returnc��������������������s�����fdd�}|S�)Nc������������������ ���sF���t�j��j��jtd�����|�i�|��W��d�����S�1�s
w���Y��d�S�)N�r���r����parent)r����ReportEventStack�__name__�azure_ds_reporter)�args�kwargs�r
������A/usr/lib/python3/dist-packages/cloudinit/sources/helpers/azure.py�impl*���s����
$�z)azure_ds_telemetry_reporter.<locals>.implr'���)r
���r)���r'���r&���r(����azure_ds_telemetry_reporter)���s���
r*���c���������������
���C���s���t����std��t�d��z
tt���tt�����}�W�n�t y+�}�ztd�|�d}~ww�z*t
j
g�d�dd�\}}d}|rGd|v�rG|�
d�d �}|sMtd
��|�t|�d
��}W�n&�t
j
yj�}�ztd
|��|�d}~w�t y|�}�ztd
|��|�d}~ww�z*t
j
g�d�dd�\}}d}|r�d|v�r�|�
d�d �}|s�td��|�t|�d
��}W�n&�t
j
y��}�ztd|��|�d}~w�t y��}�ztd|��|�d}~ww�t
�tddt�|�tj����t�|tj����t�|tj����f�t
j�}t
�|��|S�)z[Report timestamps related to kernel initialization and systemd
activation of cloud-initz1distro not using systemd, skipping boot telemetryzCollecting boot telemetryz*Failed to determine kernel start timestampN)� systemctl�show�-p�UserspaceTimestampMonotonicT)�capture�=����z8Failed to parse UserspaceTimestampMonotonic from systemdi@B�z-Failed to get UserspaceTimestampMonotonic: %sz<Failed to parse UserspaceTimestampMonotonic from systemd: %s)r+���r,���zcloud-init-localr-����
InactiveExitTimestampMonotonicz;Failed to parse InactiveExitTimestampMonotonic from systemdz0Failed to get InactiveExitTimestampMonotonic: %sz?Failed to parse InactiveExitTimestampMonotonic from systemd: %sr���z5kernel_start=%s user_start=%s cloudinit_activation=%s)r����
uses_systemd�
RuntimeError�LOG�debug�floatr���r����uptime�
ValueErrorr����split�ProcessExecutionErrorr����ReportingEvent�BOOT_EVENT_TYPEr����
fromtimestampr����utc� isoformat�DEFAULT_EVENT_ORIGIN�
report_event)�
kernel_start�e�out�_�tsm�
user_start�cloudinit_activation�evtr'���r'���r(����get_boot_telemetry5���s����
��
�
��������
�
�������������
rK���c���������������
���C���sb���t����}�t�tddt���|�d�|�d�|�d�d�|�d�d�|�d�d�|�d �f�tj�}t�|��|S�)
z%Collect and report system informationzsystem informationztcloudinit_version=%s, kernel_version=%s, variant=%s, distro_name=%s, distro_version=%s, flavor=%s, python_version=%s�release�variant�distr���r1��������python) r����
system_infor���r<����SYSTEMINFO_EVENT_TYPEr����version_stringrA���rB���)�inforJ���r'���r'���r(����get_system_info����s$���
��
�
rU�����
logger_func�msgc����������������C���s6���t�|�r||���t�td|�tj�}tj|dhd��|S�)zReport a diagnostic eventzdiagnostic message�log��excluded_handler_types)�callabler���r<����DIAGNOSTIC_EVENT_TYPErA���rB���)rX���rW���rJ���r'���r'���r(����report_diagnostic_event����s����r^���c�����������������C���sN���t��t�|��}d|�d�d�}t�t|�t� |�tj
�}tj
|h�d�d��|S�)zReport a compressed eventzgz+b64�ascii)�encoding�data>���rY����print�webhookrZ���)
�base64�
encodebytes�zlib�compress�decoder���r<����COMPRESSED_EVENT_TYPE�json�dumpsrA���rB���)�
event_name�
event_content�compressed_data�
event_datarJ���r'���r'���r(����report_compressed_event����s
������rp���c���������������
���C���sn���t��d��ztjdgddd�\}�}td|���W�dS��ty6�}�ztdt|��t�jd��W�Y�d}~dS�d}~ww�) zReport dmesg to KVP.zDumping dmesg log to KVP�dmesgFT)rh���r/���z$Exception when dumping dmesg log: %srV���N)r5���r6���r���rp���� Exceptionr^����repr�warning)rE���rF����exr'���r'���r(����report_dmesg_to_kvp����s���
���rv���c�������������� ���c���s@�����t����}t��t�j�|����z
d�V��W�t��|��d�S�t��|��w��N)�os�getcwd�chdir�path�
expanduser)�newdir�prevdirr'���r'���r(����cd����s
����r�����������)ra����
retry_sleep�timeout_minutes�url�headersra���r����r����c���������� ���
���C���s����|d�t����}d}d}|sT|d7�}z
tj|�||dd�}W�n7�tjyM�}�z$td|�|||j|jf�tjd��t���|�|ksBd t |�v�rC��W�Y�d}~nd}~ww�t
|��|r
td
|�|f�tjd��|S�)
z�Readurl wrapper for querying wireserver.
:param retry_sleep: Time to sleep before retrying.
:param timeout_minutes: Retry up to specified number of minutes.
:raises UrlError: on error fetching data.
�<���r���Nr1���)r����r����)r����ra����timeoutzdFailed HTTP request with Azure endpoint %s during attempt %d with exception: %s (code=%r headers=%r)rV���zNetwork is unreachablez@Successful HTTP request with Azure endpoint %s after %d attempts)
r���r����readurl�UrlErrorr^����coder����r5���r6����strr���) r����r����ra���r����r����r�����attempt�responserD���r'���r'���r(����http_with_retries����s@������
����
��r�����username�hostname�
disableSshPwdc�����������������C���s$���t��d�}|j|�||d�}|�d�S�)Na.�� <ns0:Environment xmlns:ns0="http://schemas.dmtf.org/ovf/environment/1"
xmlns:ns1="http://schemas.microsoft.com/windowsazure"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<ns1:ProvisioningSection>
<ns1:Version>1.0</ns1:Version>
<ns1:LinuxProvisioningConfigurationSet>
<ns1:ConfigurationSetType>LinuxProvisioningConfiguration
</ns1:ConfigurationSetType>
<ns1:UserName>{username}</ns1:UserName>
<ns1:DisableSshPasswordAuthentication>{disableSshPwd}
</ns1:DisableSshPasswordAuthentication>
<ns1:HostName>{hostname}</ns1:HostName>
</ns1:LinuxProvisioningConfigurationSet>
</ns1:ProvisioningSection>
<ns1:PlatformSettingsSection>
<ns1:Version>1.0</ns1:Version>
<ns1:PlatformSettings>
<ns1:ProvisionGuestAgent>true</ns1:ProvisionGuestAgent>
</ns1:PlatformSettings>
</ns1:PlatformSettingsSection>
</ns0:Environment>
)r����r����r�����utf-8)�textwrap�dedent�format�encode)r����r����r�����OVF_ENV_TEMPLATE�retr'���r'���r(����build_minimal_ovf
��s�����
r����c�������������������@���sL���e�Zd�Zddd�Zdd��Zddejfdd �Z
dd
ee �dejfd
d
�Z
d
S�)�AzureEndpointHttpClient�
WALinuxAgentz
2012-11-30)zx-ms-agent-namez
x-ms-versionc�����������������C���s���d|d�|�_�d�S�)N�
DES_EDE3_CBC)zx-ms-cipher-namez!x-ms-guest-agent-public-x509-cert)�extra_secure_headers)�self�
certificater'���r'���r(����__init__D��s���
�z AzureEndpointHttpClient.__init__Fr
���c�����������������C���s,���|�j�}|r|�j����}|�|�j��t||d�S�)N)r����)r�����copy�updater����r����)r����r�����securer����r'���r'���r(����getJ��s
���
zAzureEndpointHttpClient.getNra���c�����������������C���s0���|�j�}|d�ur|�j����}|�|��t|||d�S�)N)ra���r����)r����r����r����r����)r����r����ra����
extra_headersr����r'���r'���r(����postQ��s
���
z
AzureEndpointHttpClient.post)F�NN)
r"����
__module__�
__qualname__r����r����r����
UrlResponser����r ����bytesr����r'���r'���r'���r(���r����>��s��������r����c�������������������@���s���e�Zd�ZdZdS�)�
InvalidGoalStateXMLExceptionz9Raised when GoalState XML is invalid or has missing data.N)r"���r����r�����__doc__r'���r'���r'���r(���r����[��s����r����c���������������� ���@���s:���e�Zd�Z d
deeef�dededdfdd�Zd d
��Z dS�)
� GoalStateT�
unparsed_xml�azure_endpoint_client�need_certificater
���Nc��������������
���C���s ��||�_�zt�|�|�_W�n�tjy"�}�z
td|�tjd����d}~ww�|��d�|�_ |��d�|�_
|��d�|�_
dD�]}t
|�|�du�rOd|�}t|tjd��t
|��q7d|�_|��d �}|dur�|r�tjd
d
td
��
�|�j�j|d
d�j|�_|�jdu�rzt
d��W�d����dS�1�s�w���Y��dS�dS�dS�)ah��Parses a GoalState XML string and returns a GoalState object.
@param unparsed_xml: string representing a GoalState XML.
@param azure_endpoint_client: instance of AzureEndpointHttpClient.
@param need_certificate: switch to know if certificates is needed.
@return: GoalState object representing the GoalState XML string.
z!Failed to parse GoalState XML: %srV���Nz./Container/ContainerIdz4./Container/RoleInstanceList/RoleInstance/InstanceIdz
./Incarnation)�
container_id�
instance_id�
incarnationzMissing %s in GoalState XMLzD./Container/RoleInstanceList/RoleInstance/Configuration/Certificateszget-certificates-xmlzget certificates xmlr ���T)r����z/Azure endpoint returned empty certificates xml.)r�����ET�
fromstring�root�
ParseErrorr^���r5���rt����_text_from_xpathr����r����r�����getattrr�����certificates_xmlr���r!���r#���r�����contents)r����r����r����r����rD����attrrX���r����r'���r'���r(���r����`��sX���
���
�
��
���
��"��zGoalState.__init__c�����������������C���s
���|�j��|�}|d�ur
|jS�d�S�rw���)r�����find�text)r�����xpath�elementr'���r'���r(���r�������s���
zGoalState._text_from_xpath)T)
r"���r����r����r
���r����r����r�����boolr����r����r'���r'���r'���r(���r����_��s�����
���
�
7r����c�������������������@���s����e�Zd�Zddd�Zdd��Zdd��Zedd ���Zejd
d ���Ze d
d
���Z
e
e d
d����Z
e dd���Z
e dd���Ze dd���Ze dd���ZdS�)�OpenSSLManagerzTransportPrivate.pemzTransportCert.pem)�
private_keyr����c�����������������C���s
���t����|�_d�|�_|�����d�S�rw���)r����mkdtemp�tmpdir�
_certificate�generate_certificate�r����r'���r'���r(���r�������s���
zOpenSSLManager.__init__c�����������������C���s���t��|�j��d�S�rw���)r����del_dirr����r����r'���r'���r(����clean_up���s���zOpenSSLManager.clean_upc�����������������C���s���|�j�S�rw����r����r����r'���r'���r(���r�������s���zOpenSSLManager.certificatec�����������������C���s
���||�_�d�S�rw���r����)r�����valuer'���r'���r(���r�������s���
c�����������������C���s����t��d��|�jd�urt��d��d�S�t|�j��=�t�ddddddd d
d
d
d
|�jd�d|�jd�g��d}t�|�jd��� ��D�]
}d|vrH||�
��7�}q<||�_W�d�����n1�sVw���Y��t��d��d�S�)Nz7Generating certificate for communication with fabric...z
Certificate already generated.�openssl�reqz-x509z-nodesz-subjz/CN=LinuxTransportz-days�32768z-newkeyzrsa:3072z-keyoutr����z-outr�������
CERTIFICATEzNew certificate generated.)
r5���r6���r����r���r����r����certificate_namesr����load_text_file�
splitlines�rstrip)r����r�����liner'���r'���r(���r�������sD���
����
�
�z#OpenSSLManager.generate_certificatec�����������������C���s"���ddd|�g}t�j�||d�\}}|S�)Nr�����x509z-noout�ra���)r���)�action�cert�cmd�resultrF���r'���r'���r(����_run_x509_action���s���
z OpenSSLManager._run_x509_actionc�����������������C���s*���|���d|�}g�d�}tj||d�\}}|S�)Nz-pubkey)z
ssh-keygenz-iz-m�PKCS8z-fz
/dev/stdinr����)r����r���)r����r�����pub_key�
keygen_cmd�ssh_keyrF���r'���r'���r(����_get_ssh_key_from_cert���s���
z%OpenSSLManager._get_ssh_key_from_certc�����������������C���s6���|���d|�}|�d�}||d�d���d�}d�|�S�)a��openssl x509 formats fingerprints as so:
'SHA1 Fingerprint=07:3E:19:D1:4D:1C:79:92:24:C6:A0:FD:8D:DA:\
B6:A8:BF:27:D4:73\n'
Azure control plane passes that fingerprint as so:
'073E19D14D1C799224C6A0FD8DDAB6A8BF27D473'
z
-fingerprintr0���r1�������:r����)r����r����r:����join)r����r�����raw_fp�eq�octetsr'���r'���r(����_get_fingerprint_from_cert���s���
z)OpenSSLManager._get_fingerprint_from_certc�����������������C���s����t��|��d�}|j}ddddd|�d�g}t|�j��
�tjdjd
i�|�j ��d d
�
|�d
�\}}W�d
����|S�1�s;w���Y��|S�)z�Decrypt the certificates XML document using the our private key;
return the list of certs and private keys contained in the doc.
z.//Datas���MIME-Version: 1.0s<���Content-Disposition: attachment; filename="Certificates.p7m"s?���Content-Type: application/x-pkcs7-mime; name="Certificates.p7m"s!���Content-Transfer-Encoding: base64�����r����zuopenssl cms -decrypt -in /dev/stdin -inkey {private_key} -recip {certificate} | openssl pkcs12 -nodes -password pass:T����
)�shellra���Nr'���)
r����r����r����r����r����r���r����r���r����r����r����)r����r�����tag�certificates_content�linesrE���rF���r'���r'���r(����_decrypt_certs_from_xml���s.����
��
�
��z&OpenSSLManager._decrypt_certs_from_xmlc����������� ������C���sv���|���|�}g�}i�}|���D�]+}|�|��t�d|�r
g�}q
t�d|�r8d�|�}|��|�}|��|�}|||<�g�}q
|S�)z�Given the Certificates XML document, return a dictionary of
fingerprints and associated SSH keys derived from the certs.z[-]+END .*?KEY[-]+$z[-]+END .*?CERTIFICATE[-]+$�
)r����r�����append�re�matchr����r����r����) r����r����rE����current�keysr����r����r�����
fingerprintr'���r'���r(����parse_certificates
��s
���
�z!OpenSSLManager.parse_certificatesN)r"���r����r����r����r����r�����propertyr�����setterr*���r�����
staticmethodr����r����r����r����r����r'���r'���r'���r(���r�������s.�����
!
r����c����������������
���@���s����e�Zd�Ze�d�Ze�d�ZdZdZdZ dZ
de
de
d e
d
d
fd
d
�Zed
dd��Zede
d
d
fdd��Z
d
de
de
de
de
d
ef
dd�Zeded
d
fdd��Zd
S�)
�GoalStateHealthReportera��� <?xml version="1.0" encoding="utf-8"?>
<Health xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<GoalStateIncarnation>{incarnation}</GoalStateIncarnation>
<Container>
<ContainerId>{container_id}</ContainerId>
<RoleInstanceList>
<Role>
<InstanceId>{instance_id}</InstanceId>
<Health>
<State>{health_status}</State>
{health_detail_subsection}
</Health>
</Role>
</RoleInstanceList>
</Container>
</Health>
z� <Details>
<SubStatus>{health_substatus}</SubStatus>
<Description>{health_description}</Description>
</Details>
�Ready�NotReady�ProvisioningFailedi����
goal_stater�����endpointr
���Nc�����������������C���s���||�_�||�_||�_dS�)a?��Creates instance that will report provisioning status to an endpoint
@param goal_state: An instance of class GoalState that contains
goal state info such as incarnation, container id, and instance id.
These 3 values are needed when reporting the provisioning status
to Azure
@param azure_endpoint_client: Instance of class AzureEndpointHttpClient
@param endpoint: Endpoint (string) where the provisioning status report
will be sent to
@return: Instance of class GoalStateHealthReporter
N)�
_goal_state�_azure_endpoint_client� _endpoint)r����r��r����r��r'���r'���r(���r����F��s���
z GoalStateHealthReporter.__init__c��������������
���C���sv���|�j�|�jj|�jj|�jj|�jd�}t�d��z|�j|d��W�n�t y3�}�z
t
d|�tj
d����d�}~ww�t�
d��d�S�)N)r����r����r�����statusz Reporting ready to Azure fabric.��documentz#exception while reporting ready: %srV���z Reported ready to Azure fabric.)
�
build_reportr��r����r����r�����PROVISIONING_SUCCESS_STATUSr5���r6����_post_health_reportrr���r^����errorrT���)r����r��rD���r'���r'���r(����send_ready_signal[��s$����
���z)GoalStateHealthReporter.send_ready_signalr���c��������������
���C���sv���|�j�|�jj|�jj|�jj|�j|�j|d�}z|�j|d��W�n�ty3�}�z
d|�}t |t
j
d����d�}~ww�t
�
d��d�S�)N)r����r����r����r��� substatusr���r��z%exception while reporting failure: %srV���z!Reported failure to Azure fabric.)
r ��r��r����r����r�����
PROVISIONING_NOT_READY_STATUS�
PROVISIONING_FAILURE_SUBSTATUSr
��rr���r^���r5���r
��rt���)r����r���r��rD���rX���r'���r'���r(����send_failure_signalo��s"������z+GoalStateHealthReporter.send_failure_signalr����r����r����r��c����������� ������C���sb���d}|d�ur|�j�jt|�t|d�|�j���d�}|�jjtt|��t|�t|�t|�|d�}|�d�S�)Nr����)�health_substatus�health_description)r����r����r�����
health_status�health_detail_subsectionr����)�%HEALTH_DETAIL_SUBSECTION_XML_TEMPLATEr����r
����"HEALTH_REPORT_DESCRIPTION_TRIM_LEN�HEALTH_REPORT_XML_TEMPLATEr����r����) r����r����r����r����r��r��r����
health_detail�
health_reportr'���r'���r(���r �����s ���
��
�
z$GoalStateHealthReporter.build_reportr��c�����������������C���sB���t�d��t�d��d�|�j�}|�jj||ddid��t�d��d�S�)Nr���z&Sending health report to Azure fabric.z
http://{}/machine?comp=healthz
Content-Typeztext/xml; charset=utf-8)ra���r����z/Successfully sent health report to Azure fabric)r���r5���r6���r����r��r��r����)r����r��r����r'���r'���r(���r
�����s���
�z+GoalStateHealthReporter._post_health_report)r
���Nr����)r"���r����r����r����r����r��r��r
��r��r��r��r����r����r����r����r*���r
��r��r����r ��r
��r'���r'���r'���r(���r���� ��sN������ ���
�
�����
�
r����c�������������������@���s����e�Zd�Zdefdd�Zdd��Zedejddfd d
��Z e d dejde
e
e��fd
d
��Z
ed
eddfdd��Z
ededefdd��Zedefdd��Zedeeef�dedefdd��Zedededefdd��Zed
ededefd
d
��ZdS�) �WALinuxAgentShimr��c�����������������C���s���||�_�d�|�_d�|�_d�S�rw���)r���openssl_managerr����)r����r��r'���r'���r(���r�������s���
zWALinuxAgentShim.__init__c�����������������C���s
���|�j�d�ur
|�j�����d�S�d�S�rw���)r
��r����r����r'���r'���r(���r�������s���
�zWALinuxAgentShim.clean_up�distror
���Nc��������������
���C���sT���t��d��z|�|��W�d�S��ty)�}�ztd|�t�jd��W�Y�d�}~d�S�d�}~ww�)Nz
Ejecting the provisioning isoz(Failed ejecting the provisioning iso: %srV���)r5���r6����
eject_mediarr���r^���r
��)r�����iso_devr
��rD���r'���r'���r(���� eject_iso���s���
���zWALinuxAgentShim.eject_isoc�����������������C���s����d}|�j�du�r|durt��|�_�|�j�j}|�jdu�r
t|�|�_|�j|dud�}d}|dur1|��||�}t||�j|�j�}|durD|�j ||d��|�
���|S�)a���Gets the VM's GoalState from Azure, uses the GoalState information
to report ready/send the ready signal/provisioning complete signal to
Azure, and then uses pubkey_info to filter and obtain the user's
pubkeys from the GoalState.
@param pubkey_info: List of pubkey values and fingerprints which are
used to filter and obtain the user's pubkey values from the
GoalState.
@return: The list of user's authorized pubkey values.
N�r����)r
��)
r
��r����r����r����r�����
_fetch_goal_state_from_azure�_get_user_pubkeysr����r��r ��r
��)r����r
���
pubkey_infor ���http_client_certificater���ssh_keys�health_reporterr'���r'���r(����"register_with_azure_and_fetch_data���s*���
��
�z3WALinuxAgentShim.register_with_azure_and_fetch_datar���c�����������������C���s@���|�j�du�r
td�|�_�|�jdd�}t||�j�|�j�}|j|d��dS�)z�Gets the VM's GoalState from Azure, uses the GoalState information
to report failure/send provisioning failure signal to Azure.
@param: user visible error description of provisioning failure.
NFr!���r���)r����r����r"��r����r��r��)r����r���r��r'��r'���r'���r(����®ister_with_azure_and_report_failure���s���
�z7WALinuxAgentShim.register_with_azure_and_report_failurer����c�����������������C���s���|�����}|��||�S�)a���Fetches the GoalState XML from the Azure endpoint, parses the XML,
and returns a GoalState object.
@param need_certificate: switch to know if certificates is needed.
@return: GoalState object representing the GoalState XML
)�"_get_raw_goal_state_xml_from_azure�_parse_raw_goal_state_xml)r����r�����unparsed_goal_state_xmlr'���r'���r(���r"����s���
�z-WALinuxAgentShim._fetch_goal_state_from_azurec��������������
���C���s����t��d��d�|�j�}z tjddtd���|�j�|�}W�d����n1�s%w���Y��W�n�t yA�}�z
t
d|�t�j
d����d}~ww�t��
d ��|j
S�)
z�Fetches the GoalState XML from the Azure endpoint and returns
the XML as a string.
@return: GoalState XML string
zRegistering with Azure...z!http://{}/machine/?comp=goalstatezgoalstate-retrievalzretrieve goalstater ���Nz9failed to register with Azure and fetch GoalState XML: %srV���z#Successfully fetched GoalState XML.)r5���rT���r����r��r���r!���r#���r����r����rr���r^���rt���r6���r����)r����r����r����rD���r'���r'���r(���r+����s.���
�
������
z3WALinuxAgentShim._get_raw_goal_state_xml_from_azurer-��c��������������
���C���st���z t�||�j|�}W�n�ty �}�z
td|�tjd����d}~ww�d�d|j�d|j�d|j �g�}t|tj
d��|S�)a��Parses a GoalState XML string and returns a GoalState object.
@param unparsed_goal_state_xml: GoalState XML string
@param need_certificate: switch to know if certificates is needed.
@return: GoalState object representing the GoalState XML
z"Error processing GoalState XML: %srV���Nz, z
GoalState XML container id: %sz
GoalState XML instance id: %sz
GoalState XML incarnation: %s)
r����r����rr���r^���r5���rt���r����r����r����r����r6���)r����r-��r����r��rD���rX���r'���r'���r(���r,��2��s,���
������z*WALinuxAgentShim._parse_raw_goal_state_xmlr��r$��c�����������������C���sH���g�}|j�dur"|dur"|�jdur"t�d��|�j�|j��}|��||�}|S�)a���Gets and filters the VM admin user's authorized pubkeys.
The admin user in this case is the username specified as "admin"
when deploying VMs on Azure.
See https://docs.microsoft.com/en-us/cli/azure/vm#az-vm-create.
cloud-init expects a straightforward array of keys to be dropped
into the admin user's authorized_keys file. Azure control plane exposes
multiple public keys to the VM via wireserver. Select just the
admin user's key(s) and return them, ignoring any other certs.
@param goal_state: GoalState object. The GoalState object contains
a certificate XML, which contains both the VM user's authorized
pubkeys and other non-user pubkeys, which are used for
MSI and protected extension handling.
@param pubkey_info: List of VM user pubkey dicts that were previously
obtained from provisioning data.
Each pubkey dict in this list can either have the format
pubkey['value'] or pubkey['fingerprint'].
Each pubkey['fingerprint'] in the list is used to filter
and obtain the actual pubkey value from the GoalState
certificates XML.
Each pubkey['value'] requires no further processing and is
immediately added to the return list.
@return: A list of the VM user's authorized pubkey values.
Nz/Certificate XML found; parsing out public keys.)r����r
��r5���r6���r�����_filter_pubkeys)r����r��r$��r&���keys_by_fingerprintr'���r'���r(���r#��T��s���
�
z"WALinuxAgentShim._get_user_pubkeysr/��c�����������������C���s|���g�}|D�]7}d|v�r|d�r|��|d���qd|v�r5|d�r5|d�}||�v�r.|��|�|���qt�d|��qt�d|��q|S�)a8��Filter and return only the user's actual pubkeys.
@param keys_by_fingerprint: pubkey fingerprint -> pubkey value dict
that was obtained from GoalState Certificates XML. May contain
non-user pubkeys.
@param pubkey_info: List of VM user pubkeys. Pubkey values are added
to the return list without further processing. Pubkey fingerprints
are used to filter and obtain the actual pubkey values from
keys_by_fingerprint.
@return: A list of the VM user's authorized pubkey values.
r����r����zIovf-env.xml specified PublicKey fingerprint %s not found in goalstate XMLzFovf-env.xml specified PublicKey with neither value nor fingerprint: %s)r����r5���rt���)r/��r$��r�����pubkeyr����r'���r'���r(���r.��~��s"���
��z WALinuxAgentShim._filter_pubkeysr����)r"���r����r����r����r����r����r*���r����Distror ��r ���r���r(��r*��r����r����r"��r����r+��r
���r,���listr#��r�����dictr.��r'���r'���r'���r(���r�����sP����
��
�%�
�
��
�!��
�)
r��r��r
��r$��r ��c�����������������C���s0���t�|�d�}z
|j|||d�W�|����S�|����w�)N�r��)r
��r$��r ��)r��r(��r����)r��r
��r$��r ���shimr'���r'���r(����get_metadata_from_fabric���s
���
�r6��r
��zerrors.ReportableErrorc�����������������C���s8���t�|�d�}|���}z
|j|d��W�|����d�S�|����w�)Nr4��r)��)r���as_encoded_reportr*��r����)r��r
��r5��r���r'���r'���r(����report_failure_to_fabric���s
���
r8��c�����������������C���s(���t�d|��tjd��t�d|�tjd��d�S�)Nzdhclient output stream: %srV���zdhclient error stream: %s)r^���r5���r6���)rE����errr'���r'���r(����
dhcp_log_cb���s
���
�
�r:��c�������������������@���s
���e�Zd�ZdS�)�NonAzureDataSourceN)r"���r����r����r'���r'���r'���r(���r;�����s����r;��c�������������������@���s����e�Zd�Zddd�Zdddddddddd� dee�dee�d ee�d
ee�d
ee�d
eee ��d
edee�deddfdd�Z
defdd�Z
e
dedd�fdd��Z
d(dededefd
d
�Z d)deded
ed efd d!�Zd"d#��Zd$d%��Zd&d'��ZdS�)*� OvfEnvXmlz)http://schemas.dmtf.org/ovf/environment/1z)http://schemas.microsoft.com/windowsazure)�ovf�waNF� r�����passwordr�����
custom_data�disable_ssh_password_auth�
public_keys�preprovisioned_vm�preprovisioned_vm_type�provision_guest_proxy_agentr����r@��r����rA��rB��rC��rD��rE��rF��r
���c������� ���
������C���s>���||�_�||�_||�_||�_||�_|pg�|�_||�_||�_| |�_d�S�rw���r?��)
r����r����r@��r����rA��rB��rC��rD��rE��rF��r'���r'���r(���r�������s���
zOvfEnvXml.__init__c�����������������C���s
���|�j�|j�kS�rw���)�__dict__)r�����otherr'���r'���r(����__eq__���s���
zOvfEnvXml.__eq__�
ovf_env_xmlc��������������
���C���sp���zt��|�}W�n�t�jy�}�ztj|d�|�d}~ww�|�d|�j�du�r)td��t��}|� |��|�
|��|S�)z�Parser for ovf-env.xml data.
:raises NonAzureDataSource: if XML is not in Azure's format.
:raises errors.ReportableErrorOvfParsingException: if XML is
unparsable or invalid.
)� exceptionNz./wa:ProvisioningSectionz=Ignoring non-Azure ovf-env.xml: ProvisioningSection not found)
r����r����r����r����"ReportableErrorOvfParsingExceptionr�����
NAMESPACESr;��r<���&_parse_linux_configuration_set_section� _parse_platform_settings_section)�clsrJ��r����rD����instancer'���r'���r(����
parse_text���s
������
zOvfEnvXml.parse_textr>��r����required� namespacec�����������������C���sh���|��d||f�tj�}|s d|�}t�|��|r
t�|��d�S�t|�dkr0t�d|t|�f���|d�S�)Nz./%s:%s�
missing configuration for %rr1����*multiple configuration matches for %r (%d)r���)�findallr<��rM��r5���r6���r����!ReportableErrorOvfInvalidMetadata�len)r�����noder���rS��rT���matchesrX���r'���r'���r(����_find��s ����
��zOvfEnvXml._find�
decode_base64�
parse_boolc�����������
������C���s����|��d|�tj�}|s
d|�}t�|��|rt�|��|S�t|�dkr.t�d|t|�f���|d�j} | d�u�r9|} |rI| d�urIt �
d�
| �
����} |rPt
�| �} | S�)Nz./wa:rU��r1���rV��r���r����)rW��r<��rM��r5���r6���r���rX��rY��r����rd���� b64decoder����r:���r����translate_bool)
r����rZ��r���rS��r]��r^���defaultr[��rX���r����r'���r'���r(����_parse_property��s*���
��
zOvfEnvXml._parse_propertyc�����������������C���s����|�j�|ddd�}|�j�|ddd�}|�j|dddd�|�_|�j|ddd�|�_|�j|d dd�|�_|�j|d
dd�|�_|�j|d
ddd
�|�_|��|��d�S�)
N�ProvisioningSectionT�rS���!LinuxProvisioningConfigurationSet�
CustomDataF)r]��rS���UserName�
UserPassword�HostName� DisableSshPasswordAuthentication)r^��rS��)r\��rb��rA��r����r@��r����rB���_parse_ssh_section)r����r�����provisioning_section�
config_setr'���r'���r(���rN��@��s<����������z0OvfEnvXml._parse_linux_configuration_set_sectionc�����������������C���sb���|�j�|ddd�}|�j�|ddd�}|�j|ddddd�|�_|�j|ddd�|�_|�j|d dddd�|�_d�S�)
N�PlatformSettingsSectionTrd���PlatformSettings�PreprovisionedVmF)r^��ra��rS���PreprovisionedVMType�ProvisionGuestProxyAgent)r\��rb��rD��rE��rF��)r����r�����platform_settings_section�platform_settingsr'���r'���r(���rO��b��s2�������
�z*OvfEnvXml._parse_platform_settings_sectionc����������� ������C���s����g�|�_�|�j|ddd�}|d�u�rd�S�|�j|ddd�}|d�u�r d�S�|�dtj�D�]'}|�j|ddd�}|�j|ddd�}|�j|dd dd
�}|||d
�}|�j��|��q&d�S�)
N�SSHFrd���
PublicKeysz./wa:PublicKey�
Fingerprint�Path�Valuer����)ra��rS��)r����r{���r����)rC��r\��rW��r<��rM��rb��r����) r����rm���
ssh_section�public_keys_section�
public_keyr����r{���r����r����r'���r'���r(���rk��~��s2���������z
OvfEnvXml._parse_ssh_section)r>��)FFN)r"���r����r����rM��r ���r����r����r����r���r3��r����rI���
classmethodrR��r\��rb��rN��rO��rk��r'���r'���r'���r(���r<�����sx�����������
� �
�
�
�
���
�
����
�%"
r<��r����)Jrd���rj����loggingrx���r����r����rf����
contextlibr���r���r���r���r����typingr���r���r ���r
���r
���� xml.etreer
���r�����xml.sax.saxutilsr
���� cloudinitr���r���r���r���r���r����cloudinit.reportingr����cloudinit.sources.azurer���� getLoggerr"���r5����DEFAULT_WIRESERVER_ENDPOINTr=���rR���r]���ri���r!���r#���r
���r*���rK���rU���r����r<���r^���rp���rv���r���r3��r�����intr����r����r����r����rr���r����r����r����r����r��r1��r6��r8��r:��r;��r<��r'���r'���r'���r(����<module>���s����
�"
U
��
�
������
�6���
�"
?�� �f���
�
�