arvados-login-sync 2.1.1 → 2.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/arvados-login-sync +20 -8
- metadata +6 -12
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7d50af746801f2f07fc576d162a91d0421dec43ff35051d39ffb278f9160143e
|
4
|
+
data.tar.gz: db6e4a6c3f378fbf2245ca6933537a2108512b93656b095130ea2009b30db47d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c7388b4d3497b0344aec024a87f0fd17e073dfaf14c94ed9344d47e2da6dbe71a209aef873f0ea859f9749f4731f70c277e7cd27725c420d64edeb7e9da06d18
|
7
|
+
data.tar.gz: f2158d7092b06c52ecaa974700e2f798f4e5cbb0c84ecd1b1dd2eb9c08091f0323fcb9ad078b76c447e03b485a2b1b3495663baec87d016bcdfcdca5bd2b1bac
|
data/bin/arvados-login-sync
CHANGED
@@ -9,6 +9,7 @@ require 'arvados'
|
|
9
9
|
require 'etc'
|
10
10
|
require 'fileutils'
|
11
11
|
require 'yaml'
|
12
|
+
require 'optparse'
|
12
13
|
|
13
14
|
req_envs = %w(ARVADOS_API_HOST ARVADOS_API_TOKEN ARVADOS_VIRTUAL_MACHINE_UUID)
|
14
15
|
req_envs.each do |k|
|
@@ -17,20 +18,27 @@ req_envs.each do |k|
|
|
17
18
|
end
|
18
19
|
end
|
19
20
|
|
20
|
-
|
21
|
+
options = {}
|
22
|
+
OptionParser.new do |parser|
|
23
|
+
parser.on('--exclusive', 'Manage SSH keys file exclusively.')
|
24
|
+
parser.on('--rotate-tokens', 'Always create new user tokens. Usually needed with --token-lifetime.')
|
25
|
+
parser.on('--skip-missing-users', "Don't try to create any local accounts.")
|
26
|
+
parser.on('--token-lifetime SECONDS', 'Create user tokens that expire after SECONDS.', Integer)
|
27
|
+
end.parse!(into: options)
|
28
|
+
|
21
29
|
exclusive_banner = "#######################################################################################
|
22
30
|
# THIS FILE IS MANAGED BY #{$0} -- CHANGES WILL BE OVERWRITTEN #
|
23
31
|
#######################################################################################\n\n"
|
24
32
|
start_banner = "### BEGIN Arvados-managed keys -- changes between markers will be overwritten\n"
|
25
33
|
end_banner = "### END Arvados-managed keys -- changes between markers will be overwritten\n"
|
26
34
|
|
27
|
-
# Don't try to create any local accounts
|
28
|
-
skip_missing_users = ARGV.index("--skip-missing-users")
|
29
|
-
|
30
35
|
keys = ''
|
31
36
|
|
32
37
|
begin
|
33
38
|
arv = Arvados.new({ :suppress_ssl_warnings => false })
|
39
|
+
logincluster_arv = Arvados.new({ :api_host => (ENV['LOGINCLUSTER_ARVADOS_API_HOST'] || ENV['ARVADOS_API_HOST']),
|
40
|
+
:api_token => (ENV['LOGINCLUSTER_ARVADOS_API_TOKEN'] || ENV['ARVADOS_API_TOKEN']),
|
41
|
+
:suppress_ssl_warnings => false })
|
34
42
|
|
35
43
|
vm_uuid = ENV['ARVADOS_VIRTUAL_MACHINE_UUID']
|
36
44
|
|
@@ -61,7 +69,7 @@ begin
|
|
61
69
|
begin
|
62
70
|
pwnam[l[:username]] = Etc.getpwnam(l[:username])
|
63
71
|
rescue
|
64
|
-
if
|
72
|
+
if options[:"skip-missing-users"]
|
65
73
|
STDERR.puts "Account #{l[:username]} not found. Skipping"
|
66
74
|
true
|
67
75
|
end
|
@@ -162,7 +170,7 @@ begin
|
|
162
170
|
oldkeys = ""
|
163
171
|
end
|
164
172
|
|
165
|
-
if
|
173
|
+
if options[:exclusive]
|
166
174
|
newkeys = exclusive_banner + newkeys
|
167
175
|
elsif oldkeys.start_with?(exclusive_banner)
|
168
176
|
newkeys = start_banner + newkeys + end_banner
|
@@ -189,8 +197,12 @@ begin
|
|
189
197
|
tokenfile = File.join(configarvados, "settings.conf")
|
190
198
|
|
191
199
|
begin
|
192
|
-
if !File.exist?(tokenfile)
|
193
|
-
|
200
|
+
if !File.exist?(tokenfile) || options[:"rotate-tokens"]
|
201
|
+
aca_params = {owner_uuid: l[:user_uuid], api_client_id: 0}
|
202
|
+
if options[:"token-lifetime"] && options[:"token-lifetime"] > 0
|
203
|
+
aca_params.merge!(expires_at: (Time.now + options[:"token-lifetime"]))
|
204
|
+
end
|
205
|
+
user_token = logincluster_arv.api_client_authorization.create(api_client_authorization: aca_params)
|
194
206
|
f = File.new(tokenfile, 'w')
|
195
207
|
f.write("ARVADOS_API_HOST=#{ENV['ARVADOS_API_HOST']}\n")
|
196
208
|
f.write("ARVADOS_API_TOKEN=v2/#{user_token[:uuid]}/#{user_token[:api_token]}\n")
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: arvados-login-sync
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.
|
4
|
+
version: 2.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Arvados Authors
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-04-27 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: arvados
|
@@ -16,20 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 1.3.
|
20
|
-
- - "~>"
|
21
|
-
- !ruby/object:Gem::Version
|
22
|
-
version: 1.3.0
|
19
|
+
version: 1.3.3.20190320201707
|
23
20
|
type: :runtime
|
24
21
|
prerelease: false
|
25
22
|
version_requirements: !ruby/object:Gem::Requirement
|
26
23
|
requirements:
|
27
24
|
- - ">="
|
28
25
|
- !ruby/object:Gem::Version
|
29
|
-
version: 1.3.
|
30
|
-
- - "~>"
|
31
|
-
- !ruby/object:Gem::Version
|
32
|
-
version: 1.3.0
|
26
|
+
version: 1.3.3.20190320201707
|
33
27
|
- !ruby/object:Gem::Dependency
|
34
28
|
name: launchy
|
35
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -73,8 +67,8 @@ dependencies:
|
|
73
67
|
- !ruby/object:Gem::Version
|
74
68
|
version: '0.12'
|
75
69
|
description: Creates and updates local login accounts for Arvados users. Built from
|
76
|
-
git commit
|
77
|
-
email:
|
70
|
+
git commit 24b0875964b3eff98c12d1c135d8797efcfabfb2
|
71
|
+
email: packaging@arvados.org
|
78
72
|
executables:
|
79
73
|
- arvados-login-sync
|
80
74
|
extensions: []
|