arvados-login-sync 2.1.0 → 2.1.5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/bin/arvados-login-sync +20 -8
  3. metadata +6 -12
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c1a0c7f1fcb3c928fdbb862b70f72687d7c4a0be16d2fab5cdb6654a0b186637
4
- data.tar.gz: bb169f64011ed76c08a2fd0f7593fa23f62825faba26ee1bc2a09037f1d8355f
3
+ metadata.gz: 5de21d43c3661e15027212f918ee6d0155a749e52b024a7006333c7221dfee10
4
+ data.tar.gz: 7fdc8ad2574bea2232b0d45b362e7529db3dd7572fe641fbb7fda3d7a39f24ea
5
5
  SHA512:
6
- metadata.gz: f90f358925db86b5a4b7783ec1228bcae0ac8a6220ef7c54f9bdecc8fc08c7c4b134cf0bd288a3fa62bfc063c43433655b4d6f882b1c2e33ab8cafbc211ba4ee
7
- data.tar.gz: 144925d7685c565fd224bd0c96cd509c988ef364765cbc556cfdf41f504124e39d07e6434a898e142054ee0ac6993f14ce88604ff0fb09ac7a1091f76d612281
6
+ metadata.gz: c8bc2b506596c6b525b1c80dc4a8b66f8f93d6ec2c3ccadf6b2af6a2c21e9afedbe3c1ec1daeb624df058400eaf2dda8bfb0407341ea6cacc65807c965c41d50
7
+ data.tar.gz: aea2f1384aaa89d948be82d7a1017d1c4d97cd18302acbdc1f2cd781170454c8b8285e6ae08b4bbc8397c18000526458afda4b117cdd9c0e7849b07737d6ee59
data/bin/arvados-login-sync CHANGED
@@ -9,6 +9,7 @@ require 'arvados'
9
9
  require 'etc'
10
10
  require 'fileutils'
11
11
  require 'yaml'
12
+ require 'optparse'
12
13
 
13
14
  req_envs = %w(ARVADOS_API_HOST ARVADOS_API_TOKEN ARVADOS_VIRTUAL_MACHINE_UUID)
14
15
  req_envs.each do |k|
@@ -17,20 +18,27 @@ req_envs.each do |k|
17
18
  end
18
19
  end
19
20
 
20
- exclusive_mode = ARGV.index("--exclusive")
21
+ options = {}
22
+ OptionParser.new do |parser|
23
+ parser.on('--exclusive', 'Manage SSH keys file exclusively.')
24
+ parser.on('--rotate-tokens', 'Always create new user tokens. Usually needed with --token-lifetime.')
25
+ parser.on('--skip-missing-users', "Don't try to create any local accounts.")
26
+ parser.on('--token-lifetime SECONDS', 'Create user tokens that expire after SECONDS.', Integer)
27
+ end.parse!(into: options)
28
+
21
29
  exclusive_banner = "#######################################################################################
22
30
  # THIS FILE IS MANAGED BY #{$0} -- CHANGES WILL BE OVERWRITTEN #
23
31
  #######################################################################################\n\n"
24
32
  start_banner = "### BEGIN Arvados-managed keys -- changes between markers will be overwritten\n"
25
33
  end_banner = "### END Arvados-managed keys -- changes between markers will be overwritten\n"
26
34
 
27
- # Don't try to create any local accounts
28
- skip_missing_users = ARGV.index("--skip-missing-users")
29
-
30
35
  keys = ''
31
36
 
32
37
  begin
33
38
  arv = Arvados.new({ :suppress_ssl_warnings => false })
39
+ logincluster_arv = Arvados.new({ :api_host => (ENV['LOGINCLUSTER_ARVADOS_API_HOST'] || ENV['ARVADOS_API_HOST']),
40
+ :api_token => (ENV['LOGINCLUSTER_ARVADOS_API_TOKEN'] || ENV['ARVADOS_API_TOKEN']),
41
+ :suppress_ssl_warnings => false })
34
42
 
35
43
  vm_uuid = ENV['ARVADOS_VIRTUAL_MACHINE_UUID']
36
44
 
@@ -61,7 +69,7 @@ begin
61
69
  begin
62
70
  pwnam[l[:username]] = Etc.getpwnam(l[:username])
63
71
  rescue
64
- if skip_missing_users
72
+ if options[:"skip-missing-users"]
65
73
  STDERR.puts "Account #{l[:username]} not found. Skipping"
66
74
  true
67
75
  end
@@ -162,7 +170,7 @@ begin
162
170
  oldkeys = ""
163
171
  end
164
172
 
165
- if exclusive_mode
173
+ if options[:exclusive]
166
174
  newkeys = exclusive_banner + newkeys
167
175
  elsif oldkeys.start_with?(exclusive_banner)
168
176
  newkeys = start_banner + newkeys + end_banner
@@ -189,8 +197,12 @@ begin
189
197
  tokenfile = File.join(configarvados, "settings.conf")
190
198
 
191
199
  begin
192
- if !File.exist?(tokenfile)
193
- user_token = arv.api_client_authorization.create(api_client_authorization: {owner_uuid: l[:user_uuid], api_client_id: 0})
200
+ if !File.exist?(tokenfile) || options[:"rotate-tokens"]
201
+ aca_params = {owner_uuid: l[:user_uuid], api_client_id: 0}
202
+ if options[:"token-lifetime"] && options[:"token-lifetime"] > 0
203
+ aca_params.merge!(expires_at: (Time.now + options[:"token-lifetime"]))
204
+ end
205
+ user_token = logincluster_arv.api_client_authorization.create(api_client_authorization: aca_params)
194
206
  f = File.new(tokenfile, 'w')
195
207
  f.write("ARVADOS_API_HOST=#{ENV['ARVADOS_API_HOST']}\n")
196
208
  f.write("ARVADOS_API_TOKEN=v2/#{user_token[:uuid]}/#{user_token[:api_token]}\n")
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: arvados-login-sync
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.0
4
+ version: 2.1.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Arvados Authors
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-09-04 00:00:00.000000000 Z
11
+ date: 2021-04-27 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: arvados
@@ -16,20 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - ">="
18
18
  - !ruby/object:Gem::Version
19
- version: 1.3.0
20
- - - "~>"
21
- - !ruby/object:Gem::Version
22
- version: 1.3.0
19
+ version: 1.3.3.20190320201707
23
20
  type: :runtime
24
21
  prerelease: false
25
22
  version_requirements: !ruby/object:Gem::Requirement
26
23
  requirements:
27
24
  - - ">="
28
25
  - !ruby/object:Gem::Version
29
- version: 1.3.0
30
- - - "~>"
31
- - !ruby/object:Gem::Version
32
- version: 1.3.0
26
+ version: 1.3.3.20190320201707
33
27
  - !ruby/object:Gem::Dependency
34
28
  name: launchy
35
29
  requirement: !ruby/object:Gem::Requirement
@@ -73,8 +67,8 @@ dependencies:
73
67
  - !ruby/object:Gem::Version
74
68
  version: '0.12'
75
69
  description: Creates and updates local login accounts for Arvados users. Built from
76
- git commit 1771152da97200b038378666457d18679f4c8cd7
77
- email: gem-dev@curoverse.com
70
+ git commit 24b0875964b3eff98c12d1c135d8797efcfabfb2
71
+ email: packaging@arvados.org
78
72
  executables:
79
73
  - arvados-login-sync
80
74
  extensions: []