1) 数据库和相关应用的用户名, 密码等敏感信息加密之后集中存放在某一文件
2) Production Service 只需一键执行脚本即可把用户名和密码更新到指定路径下相应的配置文件(支持迭代).
#!/usr/bin/env python
import os
import sys
import re
# To read from credential file and put key/value pairs into a map
def getCredentialMap(credentialFile):
credentialsMap={}
f = open(credentialFile, 'r')
for line in f.readlines():
if not line.startswith('#'):
tokens = line.split('=')
credentialsMap['${' + tokens[0].strip() + '}'] = tokens[1].strip()
return credentialsMap
# To scan recursively from a specific top folder where there are configuration files need to update their credentials
def scan(path, map, extensions, log):
for i in os.walk(path):
dirpath=i[0]
dirnames=i[1]
filenames=i[2]
for j in filenames:
processFile(os.path.join(dirpath, j), map, extensions, log)
for k in dirnames:
scan(os.path.join(dirpath, k), map, extensions, log)
# To process a specific file
def processFile(pathfile, map, extensions, log):
extension = os.path.splitext(pathfile)[1]
if extension not in extensions:
return
else:
fh = open(pathfile, 'r+')
newFile = ''
updated = False
lineNo = 0
for line in fh.readlines():
lineNo += 1
replaced, text = processLine(line, map)
if replaced:
updated = True
log.write(pathfile + os.linesep)
log.write('Line %3d: %s' % (lineNo, line.rstrip()) + os.linesep)
log.write('========> %s' % (text.rstrip()) + os.linesep)
newFile = newFile + text
fh.close()
if updated:
fh = open(pathfile, 'r+')
fh.truncate()
fh.write(newFile)
fh.close()
# To process a specific line
def processLine(line, map):
text = line
pattern = r'\${.+?}'
replaced = False
for match in re.finditer(pattern, line):
s = match.start()
e = match.end()
key = line[s:e]
value = map[key]
if value:
text = line.replace(key, value)
replaced = True
return (replaced, text)
# The entry of this program
def main():
sampleFile='''
#-----Follows are the content of a sample configuration file-----
#path to the credentials file
ssts.credentials.path=./credentials.properties
#path(s) to the target top foder(s). Please separate with ";" when there is more than one target top folder
ssts.target.path=./config;./build
#the extentions of configuration files
file.extention.filter=.xml;.properties
#---------------------------------------------------------------
'''
configFile = os.path.splitext(sys.argv[0])[0] + '.properties'
logFile = os.path.splitext(sys.argv[0])[0] + '.log'
log = open(logFile, 'w')
log.truncate()
map = {}
targetPath = []
try:
fh = open(configFile, 'r')
for line in fh.readlines():
if line.startswith('ssts.credentials.path'):
credentialFile=line.split('=')[1].strip()
if line.startswith('ssts.target.path'):
targetPath=line.split('=')[1].strip().split(';')
if line.startswith('file.extension.filter'):
extensions=line.split('=')[1].strip().split(';')
map = getCredentialMap(credentialFile)
except IOError, e:
print 'Please prepare ' + configFile + ' with this script ' + sys.argv[0],
print sampleFile
print e
except Exception, e:
print e
for path in targetPath:
scan(path, map, extensions, log)
log.close()
if __name__ == '__main__':
main()
Groovy version:
#!/usr/bin/env groovy // To read from credential file and put key/value pairs into a map def getCredentialMap(String credentialFile){ credentialsMap=[:] def f = new File(credentialFile) f.eachLine{ if(!it.startsWith('#')){ def tokens = it.split('=') credentialsMap.put('${'+tokens[0].trim()+'}', tokens[1].trim()) } } return credentialsMap } // To scan recursively from a specific top folder where there are configuration files need to update their credentials def scan(path, map, extensions, log){ new File(path).eachFileRecurse { if(it.isFile()){ processFile(it, map, extensions, log) } } } // To process a specific file def processFile(file, map, extensions, log){ def extension = '.' + file.getName().split(/\./)[1] if(extension in extensions){ def newFile = new StringBuilder() def updated = false def lineNo = 0 file.eachLine{ lineNo += 1 def result = processLine(it, map) def replaced = result[0] def text = result[1] if(replaced){ updated = true log.append(file.getCanonicalFile().toString() + System.getProperty('line.separator')) log.append(String.format('Line %3d: %s', lineNo, it.trim()) + System.getProperty('line.separator')) log.append(String.format('========> %s', text.trim()) + System.getProperty('line.separator')) } newFile.append(text) } if(updated){ file.write('') file.write(newFile.toString()) } } } // To process a specific line def processLine(line, map){ def text = line def pattern = ~/\$\{.+?\}/ def replaced = false def matcher = pattern.matcher(line) def count = matcher.getCount() for(i in 0..<count){ def key = matcher[i] def value = map.get(key) if( value != null){ text = line.replace(key, value) replaced = true } } text = text + System.getProperty('line.separator') return [replaced, text] } def void MAIN(){ def sampleFile=''' #-----Follows are the content of a sample configuration file----- #path to the credentials file. (Don't input any space in between) suez.credentials.path=./ssts-credentials.properties #path(s) to the target top foder(s). Please separate with ";" when there is more than one target top folder. (Don't input any space in between) suez.target.path=./config;./build #the extentions of configuration files. (Don't input any space in between) file.extention.filter=.xml;.properties;.cfg #---------------------------------------------------------------- ''' def configFile = this.class.name + '.properties' def logFile = this.class.name + '.log' def log = new File(logFile) log.write('') def map = [:] def credentialFile def targetPath = [] def extensions = [] try{ new File(configFile).eachLine{ if(it.startsWith('suez.credentials.path')) credentialFile=it.split('=')[1].trim() if(it.startsWith('suez.target.path')) targetPath=it.split('=')[1].trim().split(';') if(it.startsWith('file.extension.filter')) extensions=it.split('=')[1].trim().split(';') } map = getCredentialMap(credentialFile) }catch(IOException e){ println 'Please prepare ' + configFile + ' for this script ' + this.class.name + '.groovy' println sampleFile println e }catch(Exception e){ println e } for(path in targetPath){ scan(path, map, extensions, log) } } MAIN()