arvados-login-sync 2.1.0 → 2.1.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/arvados-login-sync +20 -8
- metadata +6 -12
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5de21d43c3661e15027212f918ee6d0155a749e52b024a7006333c7221dfee10
|
4
|
+
data.tar.gz: 7fdc8ad2574bea2232b0d45b362e7529db3dd7572fe641fbb7fda3d7a39f24ea
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c8bc2b506596c6b525b1c80dc4a8b66f8f93d6ec2c3ccadf6b2af6a2c21e9afedbe3c1ec1daeb624df058400eaf2dda8bfb0407341ea6cacc65807c965c41d50
|
7
|
+
data.tar.gz: aea2f1384aaa89d948be82d7a1017d1c4d97cd18302acbdc1f2cd781170454c8b8285e6ae08b4bbc8397c18000526458afda4b117cdd9c0e7849b07737d6ee59
|
data/bin/arvados-login-sync
CHANGED
@@ -9,6 +9,7 @@ require 'arvados'
|
|
9
9
|
require 'etc'
|
10
10
|
require 'fileutils'
|
11
11
|
require 'yaml'
|
12
|
+
require 'optparse'
|
12
13
|
|
13
14
|
req_envs = %w(ARVADOS_API_HOST ARVADOS_API_TOKEN ARVADOS_VIRTUAL_MACHINE_UUID)
|
14
15
|
req_envs.each do |k|
|
@@ -17,20 +18,27 @@ req_envs.each do |k|
|
|
17
18
|
end
|
18
19
|
end
|
19
20
|
|
20
|
-
|
21
|
+
options = {}
|
22
|
+
OptionParser.new do |parser|
|
23
|
+
parser.on('--exclusive', 'Manage SSH keys file exclusively.')
|
24
|
+
parser.on('--rotate-tokens', 'Always create new user tokens. Usually needed with --token-lifetime.')
|
25
|
+
parser.on('--skip-missing-users', "Don't try to create any local accounts.")
|
26
|
+
parser.on('--token-lifetime SECONDS', 'Create user tokens that expire after SECONDS.', Integer)
|
27
|
+
end.parse!(into: options)
|
28
|
+
|
21
29
|
exclusive_banner = "#######################################################################################
|
22
30
|
# THIS FILE IS MANAGED BY #{$0} -- CHANGES WILL BE OVERWRITTEN #
|
23
31
|
#######################################################################################\n\n"
|
24
32
|
start_banner = "### BEGIN Arvados-managed keys -- changes between markers will be overwritten\n"
|
25
33
|
end_banner = "### END Arvados-managed keys -- changes between markers will be overwritten\n"
|
26
34
|
|
27
|
-
# Don't try to create any local accounts
|
28
|
-
skip_missing_users = ARGV.index("--skip-missing-users")
|
29
|
-
|
30
35
|
keys = ''
|
31
36
|
|
32
37
|
begin
|
33
38
|
arv = Arvados.new({ :suppress_ssl_warnings => false })
|
39
|
+
logincluster_arv = Arvados.new({ :api_host => (ENV['LOGINCLUSTER_ARVADOS_API_HOST'] || ENV['ARVADOS_API_HOST']),
|
40
|
+
:api_token => (ENV['LOGINCLUSTER_ARVADOS_API_TOKEN'] || ENV['ARVADOS_API_TOKEN']),
|
41
|
+
:suppress_ssl_warnings => false })
|
34
42
|
|
35
43
|
vm_uuid = ENV['ARVADOS_VIRTUAL_MACHINE_UUID']
|
36
44
|
|
@@ -61,7 +69,7 @@ begin
|
|
61
69
|
begin
|
62
70
|
pwnam[l[:username]] = Etc.getpwnam(l[:username])
|
63
71
|
rescue
|
64
|
-
if
|
72
|
+
if options[:"skip-missing-users"]
|
65
73
|
STDERR.puts "Account #{l[:username]} not found. Skipping"
|
66
74
|
true
|
67
75
|
end
|
@@ -162,7 +170,7 @@ begin
|
|
162
170
|
oldkeys = ""
|
163
171
|
end
|
164
172
|
|
165
|
-
if
|
173
|
+
if options[:exclusive]
|
166
174
|
newkeys = exclusive_banner + newkeys
|
167
175
|
elsif oldkeys.start_with?(exclusive_banner)
|
168
176
|
newkeys = start_banner + newkeys + end_banner
|
@@ -189,8 +197,12 @@ begin
|
|
189
197
|
tokenfile = File.join(configarvados, "settings.conf")
|
190
198
|
|
191
199
|
begin
|
192
|
-
if !File.exist?(tokenfile)
|
193
|
-
|
200
|
+
if !File.exist?(tokenfile) || options[:"rotate-tokens"]
|
201
|
+
aca_params = {owner_uuid: l[:user_uuid], api_client_id: 0}
|
202
|
+
if options[:"token-lifetime"] && options[:"token-lifetime"] > 0
|
203
|
+
aca_params.merge!(expires_at: (Time.now + options[:"token-lifetime"]))
|
204
|
+
end
|
205
|
+
user_token = logincluster_arv.api_client_authorization.create(api_client_authorization: aca_params)
|
194
206
|
f = File.new(tokenfile, 'w')
|
195
207
|
f.write("ARVADOS_API_HOST=#{ENV['ARVADOS_API_HOST']}\n")
|
196
208
|
f.write("ARVADOS_API_TOKEN=v2/#{user_token[:uuid]}/#{user_token[:api_token]}\n")
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: arvados-login-sync
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.1.
|
4
|
+
version: 2.1.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Arvados Authors
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-04-27 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: arvados
|
@@ -16,20 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 1.3.
|
20
|
-
- - "~>"
|
21
|
-
- !ruby/object:Gem::Version
|
22
|
-
version: 1.3.0
|
19
|
+
version: 1.3.3.20190320201707
|
23
20
|
type: :runtime
|
24
21
|
prerelease: false
|
25
22
|
version_requirements: !ruby/object:Gem::Requirement
|
26
23
|
requirements:
|
27
24
|
- - ">="
|
28
25
|
- !ruby/object:Gem::Version
|
29
|
-
version: 1.3.
|
30
|
-
- - "~>"
|
31
|
-
- !ruby/object:Gem::Version
|
32
|
-
version: 1.3.0
|
26
|
+
version: 1.3.3.20190320201707
|
33
27
|
- !ruby/object:Gem::Dependency
|
34
28
|
name: launchy
|
35
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -73,8 +67,8 @@ dependencies:
|
|
73
67
|
- !ruby/object:Gem::Version
|
74
68
|
version: '0.12'
|
75
69
|
description: Creates and updates local login accounts for Arvados users. Built from
|
76
|
-
git commit
|
77
|
-
email:
|
70
|
+
git commit 24b0875964b3eff98c12d1c135d8797efcfabfb2
|
71
|
+
email: packaging@arvados.org
|
78
72
|
executables:
|
79
73
|
- arvados-login-sync
|
80
74
|
extensions: []
|