forked from pool/cloud-init
37 lines
853 B
Plaintext
37 lines
853 B
Plaintext
|
#!/usr/bin/python3
|
||
|
|
||
|
import json
|
||
|
import os
|
||
|
import sys
|
||
|
|
||
|
from pathlib import Path
|
||
|
|
||
|
from cloudinit.atomic_helper import write_json
|
||
|
from cloudinit.sources import (
|
||
|
DataSource,
|
||
|
process_instance_metadata,
|
||
|
redact_sensitive_keys,
|
||
|
)
|
||
|
|
||
|
from cloudinit.stages import Init
|
||
|
|
||
|
init = Init()
|
||
|
log_file = init.cfg["def_log_file"]
|
||
|
if os.path.exists(log_file):
|
||
|
os.chmod(log_file, 0o640)
|
||
|
|
||
|
rundir = init.paths.run_dir
|
||
|
instance_data_path = Path(rundir, "instance-data.json")
|
||
|
if not os.path.exists(str(instance_data_path)):
|
||
|
sys.exit(0)
|
||
|
instance_json = json.load(instance_data_path.open(encoding="utf-8"))
|
||
|
|
||
|
sensitive_keys = DataSource.sensitive_metadata_keys
|
||
|
|
||
|
processed_json = process_instance_metadata(
|
||
|
instance_json, sensitive_keys=sensitive_keys
|
||
|
)
|
||
|
redacted_json = redact_sensitive_keys(processed_json)
|
||
|
|
||
|
write_json(str(instance_data_path), redacted_json)
|