front_end_builds 0.1.3 → 0.2.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 7431929971f672c83131ef9866bf74ce4914ba7e
4
- data.tar.gz: 54ac0a455e9486e5cad4cdfe494ad4cdc74d9f86
3
+ metadata.gz: 1542985a803ac72002fd437fc975726ee7dac9cc
4
+ data.tar.gz: 2caa84a2a6c32e72ec08ff5273738778c809eaa1
5
5
  SHA512:
6
- metadata.gz: 83a8212047feba2f913ab5f3ff00b193c5e2505c55b2f7f567392e6b1c5e95e73d37ec1f220c7c7fe146415ab2ea37b9488c3f1306ddaf9fe8a81ecb404b2a0d
7
- data.tar.gz: 231abd8794f4beff3b4ac82fb3077c713e43894ed47f52d6f19dc0ebd1edebb0ead1f9bd13013890ac957c89a5db4e4cbbadbf817926cec9bd2f613f6060d978
6
+ metadata.gz: 1af52583c3a5ff0874f0033ca30bc1cfedce894a2d9eaeb9719bc766476c22aa4d47fab82f17c0d30844b9db872c7e28ec4087c49a4619af3748bbf226e4ab15
7
+ data.tar.gz: 9b3bc4d6543bfa161d35d1f130fcfb56fef52918a92f82b4d558ee5b4f866d84ee93b3a686acd21ef93cee77c46754a86129ba5b5f7ed167d8fd5bc3f833ce63
@@ -59,6 +59,7 @@ module FrontEndBuilds
59
59
  :sha,
60
60
  :job,
61
61
  :endpoint,
62
+ :html,
62
63
  :signature
63
64
  ]
64
65
  end
@@ -6,6 +6,7 @@ module FrontEndBuilds
6
6
  attr_accessible :branch,
7
7
  :sha,
8
8
  :endpoint,
9
+ :html,
9
10
  :signature
10
11
  end
11
12
 
@@ -15,7 +16,6 @@ module FrontEndBuilds
15
16
  validates :app, presence: true
16
17
  validates :sha, presence: true
17
18
  validates :branch, presence: true
18
- validates :endpoint, presence: true
19
19
  validates :signature, presence: true
20
20
 
21
21
  scope :recent, -> { limit(10).order('created_at desc') }
@@ -23,9 +23,7 @@ module FrontEndBuilds
23
23
  def self.find_best(params = {})
24
24
  scope = self
25
25
 
26
- query = {
27
- fetched: true
28
- }
26
+ query = { fetched: true }
29
27
 
30
28
  if params[:app]
31
29
  query[:app_id] = params[:app].id
@@ -81,7 +79,14 @@ module FrontEndBuilds
81
79
  end
82
80
 
83
81
  def setup!
84
- fetch!
82
+ # Fetching no longer makes senses since ember-cli-deploy will
83
+ # directly give the HTML to front end builds. However, in order
84
+ # to support old versions we're going to keep this around for
85
+ # a while.
86
+ fetch! if html.blank?
87
+
88
+ self.fetched = true
89
+ save
85
90
 
86
91
  if automatic_activation? && master?
87
92
  activate!
@@ -97,12 +102,11 @@ module FrontEndBuilds
97
102
  end
98
103
 
99
104
  def fetch!
100
- return if fetched?
105
+ return if fetched? || endpoint.blank?
101
106
 
102
107
  html = URI.parse(endpoint).read
103
108
 
104
109
  self.html = html
105
- self.fetched = true
106
110
  save
107
111
  end
108
112
 
@@ -50,9 +50,34 @@ module FrontEndBuilds
50
50
  pkey = to_rsa_pkey
51
51
  signature = Base64.decode64(build.signature)
52
52
  digest = OpenSSL::Digest::SHA256.new
53
- expected = "#{build.app.name}-#{build.endpoint}"
54
53
 
55
- pkey.verify(digest, signature, expected)
54
+ # If the user submits html were going to expect the
55
+ # signature to match the html they are submitting.
56
+ # However, if the user gives a url where we can download
57
+ # the html, we're going to expect the signature to match
58
+ # the app name and the url.
59
+ if build.endpoint.present?
60
+ expected = "#{build.app.name}-#{build.endpoint}"
61
+ else
62
+ expected = build.html
63
+ end
64
+
65
+ match = expected &&
66
+ signature &&
67
+ pkey.verify(digest, signature, expected)
68
+ # Bug in ruby's OpenSSL implementation.
69
+ # SSL connection with PostgreSQL can fail, after a call to
70
+ # OpenSSL::X509::Certificate#verify with result 'false'. Root cause is
71
+ # the thread local error queue of OpenSSL, that is used to transmit
72
+ # textual error messages to the application after a failed crypto
73
+ # operation. A failure in Certificate#verify leaves some messages on the
74
+ # error queue, which can lead to errors in a SSL communication of other
75
+ # parts of the application. The only solution at the moment is running:
76
+ # OpenSSL.errors.clear after certificate verifying. This clears OpenSSL
77
+ # errors array and keeps database connection alive.
78
+ # From https://bugs.ruby-lang.org/issues/7215
79
+ OpenSSL.errors.clear
80
+ match # return true/false
56
81
  end
57
82
 
58
83
  def last_build
@@ -4,88 +4,90 @@
4
4
  # https://github.com/mytestbed/omf/blob/master/omf_common/lib/omf_common/auth/ssh_pub_key_convert.rb
5
5
  #
6
6
 
7
- module FrontEndBuilds::Utils
8
- # Copyright (c) 2012 National ICT Australia Limited (NICTA).
9
- # This software may be used and distributed solely under the terms of the MIT license (License).
10
- # You should find a copy of the License in LICENSE.TXT or at http://opensource.org/licenses/MIT.
11
- # By downloading or using this software you accept the terms and the liability disclaimer in the License.
7
+ module FrontEndBuilds
8
+ module Utils
9
+ # Copyright (c) 2012 National ICT Australia Limited (NICTA).
10
+ # This software may be used and distributed solely under the terms of the MIT license (License).
11
+ # You should find a copy of the License in LICENSE.TXT or at http://opensource.org/licenses/MIT.
12
+ # By downloading or using this software you accept the terms and the liability disclaimer in the License.
12
13
 
13
- require 'base64'
14
- require 'openssl'
14
+ require 'base64'
15
+ require 'openssl'
15
16
 
16
- # This file provides a converter that accepts an SSH public key string
17
- # and converts it to an OpenSSL::PKey::RSA object for use in verifying
18
- # received messages. (DSA support pending).
19
- #
20
- class SSHPubKeyConvert
21
- # Unpack a 4-byte unsigned integer from the +bytes+ array.
17
+ # This file provides a converter that accepts an SSH public key string
18
+ # and converts it to an OpenSSL::PKey::RSA object for use in verifying
19
+ # received messages. (DSA support pending).
22
20
  #
23
- # Returns a pair (+u32+, +bytes+), where +u32+ is the extracted
24
- # unsigned integer, and +bytes+ is the remainder of the original
25
- # +bytes+ array that follows +u32+.
26
- #
27
- def self.unpack_u32(bytes)
28
- return bytes.unpack("N")[0], bytes[4..-1]
29
- end
21
+ class SSHPubKeyConvert
22
+ # Unpack a 4-byte unsigned integer from the +bytes+ array.
23
+ #
24
+ # Returns a pair (+u32+, +bytes+), where +u32+ is the extracted
25
+ # unsigned integer, and +bytes+ is the remainder of the original
26
+ # +bytes+ array that follows +u32+.
27
+ #
28
+ def self.unpack_u32(bytes)
29
+ return bytes.unpack("N")[0], bytes[4..-1]
30
+ end
30
31
 
31
- # Unpack a string from the +bytes+ array. Exactly +len+ bytes will
32
- # be extracted.
33
- #
34
- # Returns a pair (+string+, +bytes+), where +string+ is the
35
- # extracted string (of length +len+), and +bytes+ is the remainder
36
- # of the original +bytes+ array that follows +string+.
37
- #
38
- def self.unpack_string(bytes, len)
39
- return bytes.unpack("A#{len}")[0], bytes[len..-1]
40
- end
32
+ # Unpack a string from the +bytes+ array. Exactly +len+ bytes will
33
+ # be extracted.
34
+ #
35
+ # Returns a pair (+string+, +bytes+), where +string+ is the
36
+ # extracted string (of length +len+), and +bytes+ is the remainder
37
+ # of the original +bytes+ array that follows +string+.
38
+ #
39
+ def self.unpack_string(bytes, len)
40
+ return bytes.unpack("A#{len}")[0], bytes[len..-1]
41
+ end
41
42
 
42
- # Convert a string in SSH public key format to a key object
43
- # suitable for use with OpenSSL. If the key is an RSA key then an
44
- # OpenSSL::PKey::RSA object is returned. If the key is a DSA key
45
- # then an OpenSSL::PKey::DSA object is returned. In either case,
46
- # the object returned is suitable for encrypting data or verifying
47
- # signatures, but cannot be used for decrypting or signing.
48
- #
49
- # The +keystring+ should be a single line, as per an SSH public key
50
- # file as generated by +ssh-keygen+, or a line from an SSH
51
- # +authorized_keys+ file.
52
- #
53
- def self.convert(keystring)
54
- (_, b64, _) = keystring.split(' ')
55
- raise ArgumentError, "Invalid SSH public key '#{keystring}'" if b64.nil?
43
+ # Convert a string in SSH public key format to a key object
44
+ # suitable for use with OpenSSL. If the key is an RSA key then an
45
+ # OpenSSL::PKey::RSA object is returned. If the key is a DSA key
46
+ # then an OpenSSL::PKey::DSA object is returned. In either case,
47
+ # the object returned is suitable for encrypting data or verifying
48
+ # signatures, but cannot be used for decrypting or signing.
49
+ #
50
+ # The +keystring+ should be a single line, as per an SSH public key
51
+ # file as generated by +ssh-keygen+, or a line from an SSH
52
+ # +authorized_keys+ file.
53
+ #
54
+ def self.convert(keystring)
55
+ (_, b64, _) = keystring.split(' ')
56
+ raise ArgumentError, "Invalid SSH public key '#{keystring}'" if b64.nil?
56
57
 
57
- decoded_key = Base64.decode64(b64)
58
- (n, bytes) = unpack_u32(decoded_key)
59
- (keytype, bytes) = unpack_string(bytes, n)
58
+ decoded_key = Base64.decode64(b64)
59
+ (n, bytes) = unpack_u32(decoded_key)
60
+ (keytype, bytes) = unpack_string(bytes, n)
60
61
 
61
- if keytype == "ssh-rsa"
62
- (n, bytes) = unpack_u32(bytes)
63
- (estr, bytes) = unpack_string(bytes, n)
64
- (n, bytes) = unpack_u32(bytes)
65
- (nstr, bytes) = unpack_string(bytes, n)
62
+ if keytype == "ssh-rsa"
63
+ (n, bytes) = unpack_u32(bytes)
64
+ (estr, bytes) = unpack_string(bytes, n)
65
+ (n, bytes) = unpack_u32(bytes)
66
+ (nstr, bytes) = unpack_string(bytes, n)
66
67
 
67
- key = OpenSSL::PKey::RSA.new
68
- key.n = OpenSSL::BN.new(nstr, 2)
69
- key.e = OpenSSL::BN.new(estr, 2)
70
- key
71
- elsif keytype == 'ssh-dss'
72
- (n, bytes) = unpack_u32(bytes)
73
- (pstr, bytes) = unpack_string(bytes, n)
74
- (n, bytes) = unpack_u32(bytes)
75
- (qstr, bytes) = unpack_string(bytes, n)
76
- (n, bytes) = unpack_u32(bytes)
77
- (gstr, bytes) = unpack_string(bytes, n)
78
- (n, bytes) = unpack_u32(bytes)
79
- (pkstr, bytes) = unpack_string(bytes, n)
68
+ key = OpenSSL::PKey::RSA.new
69
+ key.n = OpenSSL::BN.new(nstr, 2)
70
+ key.e = OpenSSL::BN.new(estr, 2)
71
+ key
72
+ elsif keytype == 'ssh-dss'
73
+ (n, bytes) = unpack_u32(bytes)
74
+ (pstr, bytes) = unpack_string(bytes, n)
75
+ (n, bytes) = unpack_u32(bytes)
76
+ (qstr, bytes) = unpack_string(bytes, n)
77
+ (n, bytes) = unpack_u32(bytes)
78
+ (gstr, bytes) = unpack_string(bytes, n)
79
+ (n, bytes) = unpack_u32(bytes)
80
+ (pkstr, bytes) = unpack_string(bytes, n)
80
81
 
81
- key = OpenSSL::PKey::DSA.new
82
- key.p = OpenSSL::BN.new(pstr, 2)
83
- key.q = OpenSSL::BN.new(qstr, 2)
84
- key.g = OpenSSL::BN.new(gstr, 2)
85
- key.pub_key = OpenSSL::BN.new(pkstr, 2)
86
- key
87
- else
88
- nil
82
+ key = OpenSSL::PKey::DSA.new
83
+ key.p = OpenSSL::BN.new(pstr, 2)
84
+ key.q = OpenSSL::BN.new(qstr, 2)
85
+ key.g = OpenSSL::BN.new(gstr, 2)
86
+ key.pub_key = OpenSSL::BN.new(pkstr, 2)
87
+ key
88
+ else
89
+ nil
90
+ end
89
91
  end
90
92
  end
91
93
  end
@@ -1,3 +1,3 @@
1
1
  module FrontEndBuilds
2
- VERSION = "0.1.3"
2
+ VERSION = "0.2.0"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: front_end_builds
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.3
4
+ version: 0.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ryan Toronto
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2015-03-24 00:00:00.000000000 Z
12
+ date: 2015-11-13 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: sqlite3
@@ -29,16 +29,16 @@ dependencies:
29
29
  name: rspec-rails
30
30
  requirement: !ruby/object:Gem::Requirement
31
31
  requirements:
32
- - - ">="
32
+ - - '='
33
33
  - !ruby/object:Gem::Version
34
- version: '0'
34
+ version: 3.1.0
35
35
  type: :development
36
36
  prerelease: false
37
37
  version_requirements: !ruby/object:Gem::Requirement
38
38
  requirements:
39
- - - ">="
39
+ - - '='
40
40
  - !ruby/object:Gem::Version
41
- version: '0'
41
+ version: 3.1.0
42
42
  - !ruby/object:Gem::Dependency
43
43
  name: rspec-its
44
44
  requirement: !ruby/object:Gem::Requirement
@@ -99,16 +99,16 @@ dependencies:
99
99
  name: shoulda-matchers
100
100
  requirement: !ruby/object:Gem::Requirement
101
101
  requirements:
102
- - - ">="
102
+ - - '='
103
103
  - !ruby/object:Gem::Version
104
- version: '0'
104
+ version: 2.7.0
105
105
  type: :development
106
106
  prerelease: false
107
107
  version_requirements: !ruby/object:Gem::Requirement
108
108
  requirements:
109
- - - ">="
109
+ - - '='
110
110
  - !ruby/object:Gem::Version
111
- version: '0'
111
+ version: 2.7.0
112
112
  - !ruby/object:Gem::Dependency
113
113
  name: webmock
114
114
  requirement: !ruby/object:Gem::Requirement