Merge pull request #245 from oracle/release_2020-04-14

Releasing version 2.12.4

Author: bhagwatvyas

CHANGELOG.rst

@@ -3,6 +3,17 @@ Change Log
 All notable changes to this project will be documented in this file.
 
 The format is based on `Keep a Changelog <http://keepachangelog.com/>`_.
+====================
+2.12.4 - 2020-04-14
+====================
+
+Added
+-----
+* Support for access types on instances in the Content and Experience service
+* Support for identity contexts in the Search service
+* Support for Client Side Encryption: https://docs.cloud.oracle.com/en-us/iaas/Content/API/Concepts/clientsideencryption.htm
+* Support for retries on Python built-in `ConnectionError <https://docs.python.org/3/library/exceptions.html#ConnectionError>`__
+
 ====================
 2.12.3 - 2020-04-07
 ====================

THIRD_PARTY_LICENSES.txt

@@ -0,0 +1,69 @@
+# coding: utf-8
+# Copyright (c) 2016, 2020, Oracle and/or its affiliates. All rights reserved.
+
+# Instructions:
+# As a pre-requisite for this example you must have a vault created in KMS with at least one master key.
+# OCI KMS has APIs that allow creating master keys or importing a previously generated key, either will work.
+# You can refer to the example at examples/kms_example.py for an example of how to create a master key.
+# Update the values for VAULT_ID and MASTER_KEY_ID below with the values for your vault and key and then run
+# the example.
+# Also update BUCKET_NAME to a bucket in your tenancy that can be used for the upload / download encrypted object
+# portion of the sample.
+
+import oci
+
+# TODO: populate variables below
+VAULT_ID = ""
+MASTER_KEY_ID = ""
+BUCKET_NAME = ""
+
+# load default configuration from ~/.oci/config
+config = oci.config.from_file()
+
+kms_master_key = oci.encryption.KMSMasterKey(
+    config=config, master_key_id=MASTER_KEY_ID, vault_id=VAULT_ID
+)
+
+kms_master_key_provider = oci.encryption.KMSMasterKeyProvider(
+    config=config,
+    kms_master_keys=[kms_master_key]
+)
+
+###############################################
+# Object Storage examples
+###############################################
+input_payload_file = 'encryption_payload_sample.txt'
+object_name = input_payload_file + '.enc'
+
+object_storage_client = oci.object_storage.ObjectStorageClient(config)
+upload_manager = oci.object_storage.UploadManager(object_storage_client)
+namespace_name = object_storage_client.get_namespace().data
+
+# encrypt and upload file to object storage
+with open(input_payload_file, 'rb') as input_file:
+    with oci.encryption.create_encryption_stream(
+        master_key_provider=kms_master_key_provider,
+        stream_to_encrypt=input_file,
+    ) as encryption_stream:
+        upload_manager.upload_stream(
+            namespace_name=namespace_name,
+            bucket_name=BUCKET_NAME,
+            object_name=object_name,
+            stream_ref=encryption_stream,
+        )
+
+print('encrypted object uploaded. namespace: {}, bucket: {}, object: {}'.format(namespace_name, BUCKET_NAME, object_name))
+
+get_obj_response = object_storage_client.get_object(namespace_name=namespace_name, bucket_name=BUCKET_NAME, object_name=object_name)
+
+# download content from object storage and decrypt
+with oci.encryption.create_decryption_stream(
+    master_key_provider=kms_master_key_provider,
+    stream_to_decrypt=get_obj_response.data.raw
+) as decryption_stream:
+    decrypted_content = decryption_stream.read()
+
+print('decrypted object downloaded. namespace: {}, bucket: {}, object: {}'.format(namespace_name, BUCKET_NAME, object_name))
+
+with open(input_payload_file, 'rb') as input_file:
+    assert input_file.read() == decrypted_content

examples/client_side_encryption/encrypt_in_object_storage.py

@@ -0,0 +1,89 @@
+# coding: utf-8
+# Copyright (c) 2016, 2020, Oracle and/or its affiliates. All rights reserved.
+
+# Instructions:
+# As a pre-requisite for this example you must have a vault created in KMS with at least one master key.
+# OCI KMS has APIs that allow creating master keys or importing a previously generated key, either will work.
+# You can refer to the example at examples/kms_example.py for an example of how to create a master key.
+# Update the values for VAULT_ID and MASTER_KEY_ID below with the values for your vault and key and then run
+# the example.
+
+import shutil
+import filecmp
+
+import oci
+
+# TODO: populate variables below
+VAULT_ID = ""
+MASTER_KEY_ID = ""
+
+# load default configuration from ~/.oci/config
+config = oci.config.from_file()
+
+# if you want to target a region other than the one specified
+# in your config, you must override 'region' in the config
+# before initializing the MasterKey and MasterKeyProvider
+config['region'] = 'us-phoenix-1'
+
+kms_master_key = oci.encryption.KMSMasterKey(
+    config=config, master_key_id=MASTER_KEY_ID, vault_id=VAULT_ID
+)
+
+kms_master_key_provider = oci.encryption.KMSMasterKeyProvider(
+    config=config,
+    kms_master_keys=[kms_master_key]
+)
+
+###############################################
+# stream encryption / decryption
+###############################################
+input_payload_file = 'encryption_payload_sample.txt'
+encrypted_file = 'encrypted_payload.enc'
+decrypted_file = 'decrypted_payload.txt'
+
+# encrypt stream and write to file
+encryption_context = {"some_additional_authenticated": "data"}
+with open(input_payload_file, 'rb') as input_file, open(encrypted_file, 'wb') as output_file:
+    with oci.encryption.create_encryption_stream(
+        master_key_provider=kms_master_key_provider,
+        stream_to_encrypt=input_file,
+        encryption_context=encryption_context,
+    ) as encryption_stream:
+        # copy bytes from encryption stream to output file incrementally
+        shutil.copyfileobj(encryption_stream, output_file)
+
+        # copy bytes from encryption stream to output file all at once
+        # output_file.write(encryption_stream.read())
+
+# decrypt stream and write to file
+with open(encrypted_file, 'rb') as input_file, open(decrypted_file, 'wb') as decrypted_output_file:
+    with oci.encryption.create_decryption_stream(
+        master_key_provider=kms_master_key_provider,
+        stream_to_decrypt=input_file
+    ) as decryption_stream:
+        # copy bytes from decryption stream to output file incrementally
+        shutil.copyfileobj(decryption_stream, decrypted_output_file)
+
+        # copy bytes from decryption stream to output file all at once
+        # decrypted_output_file.write(decryption_stream.read())
+
+        # validate encryption context contains all keys passed in initial encryption context
+        # do not check exact equality as the SDK may add additional keys to the returned context
+        encryption_context_keys = list(encryption_context)
+        for key in encryption_context_keys:
+            assert encryption_context[key] == decryption_stream.get_encryption_context()[key]
+
+# validate that decrypted data matches initial payload
+assert filecmp.cmp(input_payload_file, decrypted_file)
+
+# decrypt file reading into memory
+with open(encrypted_file, 'rb') as input_file:
+    with oci.encryption.create_decryption_stream(
+        master_key_provider=kms_master_key_provider,
+        stream_to_decrypt=input_file
+    ) as decryption_stream:
+        # copy bytes from decryption stream into memory all at once
+        decrypted_content = decryption_stream.read()
+
+with open(input_payload_file, 'rb') as input_file:
+    assert input_file.read() == decrypted_content

examples/client_side_encryption/encrypt_stream.py

@@ -0,0 +1,58 @@
+# coding: utf-8
+# Copyright (c) 2016, 2020, Oracle and/or its affiliates. All rights reserved.
+
+# Instructions:
+# As a pre-requisite for this example you must have a vault created in KMS with at least one master key.
+# OCI KMS has APIs that allow creating master keys or importing a previously generated key, either will work.
+# You can refer to the example at examples/kms_example.py for an example of how to create a master key.
+# Update the values for VAULT_ID and MASTER_KEY_ID below with the values for your vault and key and then run
+# the example.
+
+import oci
+
+# TODO: populate variables below
+VAULT_ID = ""
+MASTER_KEY_ID = ""
+
+# load default configuration from ~/.oci/config
+config = oci.config.from_file()
+
+kms_master_key = oci.encryption.KMSMasterKey(
+    config=config, master_key_id=MASTER_KEY_ID, vault_id=VAULT_ID
+)
+
+kms_master_key_provider = oci.encryption.KMSMasterKeyProvider(
+    config=config,
+    kms_master_keys=[kms_master_key]
+)
+
+# basic encrypt bytes or string data
+data_to_encrypt = b"Sample data to encrypt"
+encryption_context = {"some_additional_authenticated": "data"}
+crypto_result_encrypt = oci.encryption.encrypt(master_key_provider=kms_master_key_provider, data=data_to_encrypt, encryption_context=encryption_context)
+ciphertext = crypto_result_encrypt.get_data()
+
+# basic decrypt bytes or str data
+crypto_result_decrypt = oci.encryption.decrypt(master_key_provider=kms_master_key_provider, data=ciphertext)
+decrypted_data = crypto_result_decrypt.get_data()
+
+# crypto result includes the encryption context used to decrypt the data
+result_encryption_context = crypto_result_decrypt.get_encryption_context()
+
+# validate that decrypted data matches initial payload
+assert data_to_encrypt == decrypted_data
+
+# validate encryption context contains all keys passed in initial encryption context
+# do not check exact equality as the SDK may add additional keys to the returned context
+encryption_context_keys = list(encryption_context)
+for key in encryption_context_keys:
+    assert encryption_context[key] == crypto_result_decrypt.get_encryption_context()[key]
+
+
+# You can also decrypt without specifying a specific KMSMasterKey ahead of time
+decryption_only_master_key_provider = oci.encryption.KMSMasterKeyProvider(
+    config=config
+)
+
+crypto_result_decrypt_2 = oci.encryption.decrypt(master_key_provider=decryption_only_master_key_provider, data=ciphertext)
+assert data_to_encrypt == crypto_result_decrypt_2.get_data()

examples/client_side_encryption/encrypt_string_or_bytes.py

@@ -0,0 +1 @@
+This is some sample data to be encrypted with the OCI Python SDK

examples/client_side_encryption/encryption_payload_sample.txt

@@ -4,6 +4,16 @@ All notable changes to this project will be documented in this file.
 
 The format is based on `Keep a Changelog <http://keepachangelog.com/>`_.
 
+=====================
+20.04.13 - 2020-04-13
+=====================
+* Added python version check
+* Removed VCN check for compartment in order to extract other components
+* Added Summary Total for Region
+* Fixed Summary Total to include stopped VMs OCPUs in different category
+* Added WAAS Policies to the -edge flag
+* Added network security groups to the csv output
+
 =====================
 20.04.06 - 2020-04-06
 =====================

examples/showoci/CHANGELOG.rst

@@ -46,6 +46,7 @@ Output can be printer friendly, CSV files or JSON file.
 - oci.nosql.NosqlClient
 - oci.dns.DnsClient
 - oci.events.EventsClient
+- oci.waas.WaasClient
 
 ** DISCLAIMER – This is not an official Oracle application
 
@@ -163,7 +164,7 @@ optional arguments:
   -cn                  Print Containers
   -d                   Print Database
   -e                   Print EMail
-  -edge                Print Edge and DNS Services
+  -edge                Print Edge, DNS Services and WAAS policies
   -f                   Print File Storage
   -fun                 Print Functions
   -i                   Print Identity

examples/showoci/README.md

@@ -60,9 +60,9 @@
 # - oci.dns.DnsClient
 # - oci.events.EventsClient
 # - oci.bds.BdsClient
+# - oci.waas.WaasClient
 #
 # Modules Not Yet Covered:
-# - oci.waas.WaasClient
 # - oci.secrets.SecretsClient
 # - oci.vault.VaultsClient
 # - oci.work_requests.WorkRequestClient
@@ -71,18 +71,29 @@
 from showoci_data import ShowOCIData
 from showoci_output import ShowOCIOutput, ShowOCISummary, ShowOCICSV
 from showoci_service import ShowOCIFlags
+
 import json
 import sys
 import argparse
 import datetime
 
-version = "20.04.07"
+version = "20.04.13"
 
 ##########################################################################
-# execute_extract
+# check OCI version
 ##########################################################################
+if sys.version_info.major < 3:
+    python_version = str(sys.version_info.major) + "." + str(sys.version_info.minor)
+    print("******************************************************")
+    print("***    Showoci only supports Python 3 or Above     ***")
+    print("***             Current Version = " + python_version.ljust(16) + " ***")
+    print("******************************************************")
+    sys.exit()
 
 
+##########################################################################
+# execute_extract
+##########################################################################
 def execute_extract():
 
     # get parset cmd
@@ -239,7 +250,7 @@ def set_parser_arguments():
     parser.add_argument('-cn', action='store_true', default=False, dest='container', help='Print Containers')
     parser.add_argument('-d', action='store_true', default=False, dest='database', help='Print Database')
     parser.add_argument('-e', action='store_true', default=False, dest='email', help='Print EMail')
-    parser.add_argument('-edge', action='store_true', default=False, dest='edge', help='Print Edge and DNS Services')
+    parser.add_argument('-edge', action='store_true', default=False, dest='edge', help='Print Edge, DNS Services and WAAS policies')
     parser.add_argument('-f', action='store_true', default=False, dest='file', help='Print File Storage')
     parser.add_argument('-fun', action='store_true', default=False, dest='function', help='Print Functions')
     parser.add_argument('-i', action='store_true', default=False, dest='identity', help='Print Identity')

examples/showoci/showoci.py

@@ -121,6 +121,8 @@ def get_showoci_config(self, cmdline, start_time):
             'version': self.service.flags.showoci_version,
             'override_tenant_id': self.service.flags.filter_by_tenancy_id,
             'datetime': start_time,
+            'machine': self.service.flags.machine,
+            'python': self.service.flags.python,
             'cmdline': cmdline,
             'oci_sdk_version': self.service.get_oci_version()
         }
@@ -1907,6 +1909,8 @@ def __get_database_autonomous_databases(self, region_name, compartment):
                          'time_created': str(dbs['time_created'])[0:16],
                          'connection_strings': str(dbs['connection_strings']),
                          'sum_info': "Autonomous Database " + str(dbs['db_workload']) + " (OCPUs) - " + dbs['license_model'],
+                         'sum_info_stopped': "Stopped Autonomous Database " + str(dbs['db_workload']) + " (Count) - " + dbs['license_model'],
+                         'sum_info_count': "Autonomous Database " + str(dbs['db_workload']) + " (Count) - " + dbs['license_model'],
                          'sum_count': str(dbs['sum_count']),
                          'sum_info_storage': "Autonomous Database (TB)",
                          'sum_size_tb': str(dbs['data_storage_size_in_tbs']), 'backups': self.__get_database_autonomous_backups(dbs['backups']),
@@ -2565,6 +2569,7 @@ def __get_load_edge_main(self, region_name, compartment):
             healthcheck_ping = self.service.search_multi_items(self.service.C_EDGE, self.service.C_EDGE_HEALTHCHECK_PING, 'region_name', region_name, 'compartment_id', compartment['id'])
             dns_zone = self.service.search_multi_items(self.service.C_EDGE, self.service.C_EDGE_DNS_ZONE, 'region_name', region_name, 'compartment_id', compartment['id'])
             dns_steering = self.service.search_multi_items(self.service.C_EDGE, self.service.C_EDGE_DNS_STEERING, 'region_name', region_name, 'compartment_id', compartment['id'])
+            waas_policies = self.service.search_multi_items(self.service.C_EDGE, self.service.C_EDGE_WAAS_POLICIES, 'region_name', region_name, 'compartment_id', compartment['id'])
 
             data = {}
             if len(healthcheck_http) > 0 or len(healthcheck_ping) > 0:
@@ -2576,6 +2581,9 @@ def __get_load_edge_main(self, region_name, compartment):
             if dns_steering:
                 data['dns_steering'] = dns_steering
 
+            if waas_policies:
+                data['waas_policies'] = waas_policies
+
             return data
 
         except Exception as e: