RubyGems - arvados-login-sync - Versions diffs - 2.1.1 → 2.2.0 - Mend

arvados-login-sync 2.1.1 → 2.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d62966a42aec769855347fa3a88f00951729531a6c208b05f1785505e1989947
-  data.tar.gz: 2d6287af163d20d13c67c3d5b84eeb56a49aa37f128052317d7bc367cbbc55f1
+  metadata.gz: 7d50af746801f2f07fc576d162a91d0421dec43ff35051d39ffb278f9160143e
+  data.tar.gz: db6e4a6c3f378fbf2245ca6933537a2108512b93656b095130ea2009b30db47d
 SHA512:
-  metadata.gz: 52c1d7609cbc9f06a602a7a78ec78123117cf500cc0476695e5afc49173fad6499b1d8567e5127526e6ee2c24fea3215828175aa14f93abe8e500d6a60c83a79
-  data.tar.gz: 7deffe423ebe0a5a56e327376ebba6e21a856af1bfb01ffbc0376e42b3642e2ae7451202f8c812b3e163d663baa620bf553a31b43c25c6d0f6b007d15419b981
+  metadata.gz: c7388b4d3497b0344aec024a87f0fd17e073dfaf14c94ed9344d47e2da6dbe71a209aef873f0ea859f9749f4731f70c277e7cd27725c420d64edeb7e9da06d18
+  data.tar.gz: f2158d7092b06c52ecaa974700e2f798f4e5cbb0c84ecd1b1dd2eb9c08091f0323fcb9ad078b76c447e03b485a2b1b3495663baec87d016bcdfcdca5bd2b1bac

data/bin/arvados-login-sync CHANGED Viewed

@@ -9,6 +9,7 @@ require 'arvados'
 require 'etc'
 require 'fileutils'
 require 'yaml'
+require 'optparse'
 req_envs = %w(ARVADOS_API_HOST ARVADOS_API_TOKEN ARVADOS_VIRTUAL_MACHINE_UUID)
 req_envs.each do |k|
@@ -17,20 +18,27 @@ req_envs.each do |k|
   end
 end
-exclusive_mode = ARGV.index("--exclusive")
+options = {}
+OptionParser.new do |parser|
+  parser.on('--exclusive', 'Manage SSH keys file exclusively.')
+  parser.on('--rotate-tokens', 'Always create new user tokens. Usually needed with --token-lifetime.')
+  parser.on('--skip-missing-users', "Don't try to create any local accounts.")
+  parser.on('--token-lifetime SECONDS', 'Create user tokens that expire after SECONDS.', Integer)
+end.parse!(into: options)
 exclusive_banner = "#######################################################################################
 #  THIS FILE IS MANAGED BY #{$0} -- CHANGES WILL BE OVERWRITTEN  #
 #######################################################################################\n\n"
 start_banner = "### BEGIN Arvados-managed keys -- changes between markers will be overwritten\n"
 end_banner = "### END Arvados-managed keys -- changes between markers will be overwritten\n"
-# Don't try to create any local accounts
-skip_missing_users = ARGV.index("--skip-missing-users")
 keys = ''
 begin
   arv = Arvados.new({ :suppress_ssl_warnings => false })
+  logincluster_arv = Arvados.new({ :api_host => (ENV['LOGINCLUSTER_ARVADOS_API_HOST'] || ENV['ARVADOS_API_HOST']),
+                                   :api_token => (ENV['LOGINCLUSTER_ARVADOS_API_TOKEN'] || ENV['ARVADOS_API_TOKEN']),
+                      :suppress_ssl_warnings => false })
   vm_uuid = ENV['ARVADOS_VIRTUAL_MACHINE_UUID']
@@ -61,7 +69,7 @@ begin
       begin
         pwnam[l[:username]] = Etc.getpwnam(l[:username])
       rescue
-        if skip_missing_users
+        if options[:"skip-missing-users"]
           STDERR.puts "Account #{l[:username]} not found. Skipping"
           true
         end
@@ -162,7 +170,7 @@ begin
       oldkeys = ""
     end
-    if exclusive_mode
+    if options[:exclusive]
       newkeys = exclusive_banner + newkeys
     elsif oldkeys.start_with?(exclusive_banner)
       newkeys = start_banner + newkeys + end_banner
@@ -189,8 +197,12 @@ begin
     tokenfile = File.join(configarvados, "settings.conf")
     begin
-      if !File.exist?(tokenfile)
-        user_token = arv.api_client_authorization.create(api_client_authorization: {owner_uuid: l[:user_uuid], api_client_id: 0})
+      if !File.exist?(tokenfile) || options[:"rotate-tokens"]
+        aca_params = {owner_uuid: l[:user_uuid], api_client_id: 0}
+        if options[:"token-lifetime"] && options[:"token-lifetime"] > 0
+          aca_params.merge!(expires_at: (Time.now + options[:"token-lifetime"]))
+        end
+        user_token = logincluster_arv.api_client_authorization.create(api_client_authorization: aca_params)
         f = File.new(tokenfile, 'w')
         f.write("ARVADOS_API_HOST=#{ENV['ARVADOS_API_HOST']}\n")
         f.write("ARVADOS_API_TOKEN=v2/#{user_token[:uuid]}/#{user_token[:api_token]}\n")

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: arvados-login-sync
 version: !ruby/object:Gem::Version
-  version: 2.1.1
+  version: 2.2.0
 platform: ruby
 authors:
 - Arvados Authors
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-09-04 00:00:00.000000000 Z
+date: 2021-04-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: arvados
@@ -16,20 +16,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.3.0
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 1.3.0
+        version: 1.3.3.20190320201707
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.3.0
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 1.3.0
+        version: 1.3.3.20190320201707
 - !ruby/object:Gem::Dependency
   name: launchy
   requirement: !ruby/object:Gem::Requirement
@@ -73,8 +67,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0.12'
 description: Creates and updates local login accounts for Arvados users. Built from
-  git commit 1771152da97200b038378666457d18679f4c8cd7
-email: gem-dev@curoverse.com
+  git commit 24b0875964b3eff98c12d1c135d8797efcfabfb2
+email: packaging@arvados.org
 executables:
 - arvados-login-sync
 extensions: []