httpd_configmap_generator 0.1.1 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/.gitignore +1 -0
- data/.travis.yml +3 -2
- data/.yamllint +11 -0
- data/Dockerfile +3 -2
- data/Gemfile +4 -0
- data/README-active-directory.md +11 -15
- data/README-ipa.md +7 -12
- data/README-ldap.md +62 -0
- data/README-oidc.md +39 -0
- data/README-saml.md +9 -14
- data/README.md +37 -49
- data/bin/httpd_configmap_generator +36 -50
- data/httpd_configmap_generator.gemspec +5 -3
- data/lib/httpd_configmap_generator.rb +2 -0
- data/lib/httpd_configmap_generator/active_directory.rb +2 -2
- data/lib/httpd_configmap_generator/base.rb +10 -6
- data/lib/httpd_configmap_generator/base/command.rb +19 -17
- data/lib/httpd_configmap_generator/base/config_helper.rb +15 -0
- data/lib/httpd_configmap_generator/base/config_map.rb +43 -26
- data/lib/httpd_configmap_generator/base/file_helper.rb +67 -0
- data/lib/httpd_configmap_generator/base/kerberos.rb +10 -8
- data/lib/httpd_configmap_generator/base/network.rb +27 -25
- data/lib/httpd_configmap_generator/base/pam.rb +6 -4
- data/lib/httpd_configmap_generator/base/sssd.rb +1 -1
- data/lib/httpd_configmap_generator/ipa.rb +12 -1
- data/lib/httpd_configmap_generator/ldap.rb +186 -0
- data/lib/httpd_configmap_generator/oidc.rb +48 -0
- data/lib/httpd_configmap_generator/saml.rb +16 -14
- data/lib/httpd_configmap_generator/version.rb +1 -1
- data/templates/httpd-scc-sysadmin.yaml +38 -0
- metadata +18 -14
- data/lib/httpd_configmap_generator/base/config.rb +0 -13
- data/lib/httpd_configmap_generator/base/file.rb +0 -65
- data/lib/httpd_configmap_generator/options.rb +0 -13
@@ -0,0 +1,38 @@
|
|
1
|
+
allowHostDirVolumePlugin: false
|
2
|
+
allowHostIPC: false
|
3
|
+
allowHostNetwork: false
|
4
|
+
allowHostPID: false
|
5
|
+
allowHostPorts: false
|
6
|
+
allowPrivilegedContainer: false
|
7
|
+
allowedCapabilities:
|
8
|
+
apiVersion: v1
|
9
|
+
defaultAddCapabilities:
|
10
|
+
- SYS_ADMIN
|
11
|
+
fsGroup:
|
12
|
+
type: RunAsAny
|
13
|
+
groups:
|
14
|
+
- system:cluster-admins
|
15
|
+
kind: SecurityContextConstraints
|
16
|
+
metadata:
|
17
|
+
annotations:
|
18
|
+
kubernetes.io/description: httpd-scc-sysadmin provides all features of the anyuid SCC but allows users to have SYS_ADMIN capabilities. This is the required scc for Pods requiring to run with systemd and the message bus.
|
19
|
+
creationTimestamp:
|
20
|
+
name: httpd-scc-sysadmin
|
21
|
+
priority: 10
|
22
|
+
readOnlyRootFilesystem: false
|
23
|
+
requiredDropCapabilities:
|
24
|
+
- MKNOD
|
25
|
+
- SYS_CHROOT
|
26
|
+
runAsUser:
|
27
|
+
type: RunAsAny
|
28
|
+
seLinuxContext:
|
29
|
+
type: MustRunAs
|
30
|
+
supplementalGroups:
|
31
|
+
type: RunAsAny
|
32
|
+
users:
|
33
|
+
volumes:
|
34
|
+
- configMap
|
35
|
+
- downwardAPI
|
36
|
+
- emptyDir
|
37
|
+
- persistentVolumeClaim
|
38
|
+
- secret
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: httpd_configmap_generator
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Httpd Auth Config Developers
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2020-07-29 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: codeclimate-test-reporter
|
@@ -123,21 +123,21 @@ dependencies:
|
|
123
123
|
- !ruby/object:Gem::Version
|
124
124
|
version: '3.4'
|
125
125
|
- !ruby/object:Gem::Dependency
|
126
|
-
name:
|
126
|
+
name: optimist
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
128
128
|
requirements:
|
129
129
|
- - "~>"
|
130
130
|
- !ruby/object:Gem::Version
|
131
|
-
version: '
|
131
|
+
version: '3.0'
|
132
132
|
type: :runtime
|
133
133
|
prerelease: false
|
134
134
|
version_requirements: !ruby/object:Gem::Requirement
|
135
135
|
requirements:
|
136
136
|
- - "~>"
|
137
137
|
- !ruby/object:Gem::Version
|
138
|
-
version: '
|
138
|
+
version: '3.0'
|
139
139
|
description: The Httpd Configmap Generator
|
140
|
-
email:
|
140
|
+
email:
|
141
141
|
executables:
|
142
142
|
- httpd_configmap_generator
|
143
143
|
extensions: []
|
@@ -146,11 +146,14 @@ files:
|
|
146
146
|
- ".gitignore"
|
147
147
|
- ".rspec"
|
148
148
|
- ".travis.yml"
|
149
|
+
- ".yamllint"
|
149
150
|
- Dockerfile
|
150
151
|
- Gemfile
|
151
152
|
- LICENSE
|
152
153
|
- README-active-directory.md
|
153
154
|
- README-ipa.md
|
155
|
+
- README-ldap.md
|
156
|
+
- README-oidc.md
|
154
157
|
- README-saml.md
|
155
158
|
- README.md
|
156
159
|
- Rakefile
|
@@ -162,9 +165,9 @@ files:
|
|
162
165
|
- lib/httpd_configmap_generator/active_directory.rb
|
163
166
|
- lib/httpd_configmap_generator/base.rb
|
164
167
|
- lib/httpd_configmap_generator/base/command.rb
|
165
|
-
- lib/httpd_configmap_generator/base/
|
168
|
+
- lib/httpd_configmap_generator/base/config_helper.rb
|
166
169
|
- lib/httpd_configmap_generator/base/config_map.rb
|
167
|
-
- lib/httpd_configmap_generator/base/
|
170
|
+
- lib/httpd_configmap_generator/base/file_helper.rb
|
168
171
|
- lib/httpd_configmap_generator/base/kerberos.rb
|
169
172
|
- lib/httpd_configmap_generator/base/network.rb
|
170
173
|
- lib/httpd_configmap_generator/base/pam.rb
|
@@ -172,17 +175,19 @@ files:
|
|
172
175
|
- lib/httpd_configmap_generator/base/sssd.rb
|
173
176
|
- lib/httpd_configmap_generator/export.rb
|
174
177
|
- lib/httpd_configmap_generator/ipa.rb
|
175
|
-
- lib/httpd_configmap_generator/
|
178
|
+
- lib/httpd_configmap_generator/ldap.rb
|
179
|
+
- lib/httpd_configmap_generator/oidc.rb
|
176
180
|
- lib/httpd_configmap_generator/saml.rb
|
177
181
|
- lib/httpd_configmap_generator/update.rb
|
178
182
|
- lib/httpd_configmap_generator/version.rb
|
179
183
|
- templates/etc/pam.d/httpd-auth
|
180
184
|
- templates/httpd-configmap-generator-template.yaml
|
185
|
+
- templates/httpd-scc-sysadmin.yaml
|
181
186
|
homepage: https://github.com/ManageIQ/httpd_configmap_generator
|
182
187
|
licenses:
|
183
188
|
- Apache-2.0
|
184
189
|
metadata: {}
|
185
|
-
post_install_message:
|
190
|
+
post_install_message:
|
186
191
|
rdoc_options: []
|
187
192
|
require_paths:
|
188
193
|
- lib
|
@@ -197,9 +202,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
197
202
|
- !ruby/object:Gem::Version
|
198
203
|
version: '0'
|
199
204
|
requirements: []
|
200
|
-
|
201
|
-
|
202
|
-
signing_key:
|
205
|
+
rubygems_version: 3.0.3
|
206
|
+
signing_key:
|
203
207
|
specification_version: 4
|
204
208
|
summary: The Httpd Configmap Generator
|
205
209
|
test_files: []
|
@@ -1,13 +0,0 @@
|
|
1
|
-
require "active_support"
|
2
|
-
require "active_support/core_ext" # for Time.current
|
3
|
-
|
4
|
-
module HttpdConfigmapGenerator
|
5
|
-
class Base
|
6
|
-
def config_file_backup(path)
|
7
|
-
if File.exist?(path)
|
8
|
-
timestamp = Time.current.strftime(TIMESTAMP_FORMAT)
|
9
|
-
FileUtils.copy(path, "#{path}.#{timestamp}")
|
10
|
-
end
|
11
|
-
end
|
12
|
-
end
|
13
|
-
end
|
@@ -1,65 +0,0 @@
|
|
1
|
-
require "pathname"
|
2
|
-
|
3
|
-
module HttpdConfigmapGenerator
|
4
|
-
class Base
|
5
|
-
def template_directory
|
6
|
-
@template_directory ||=
|
7
|
-
Pathname.new(Gem::Specification.find_by_name("httpd_configmap_generator").full_gem_path).join("templates")
|
8
|
-
end
|
9
|
-
|
10
|
-
def cp_template(file, src_dir, dest_dir = "/")
|
11
|
-
src_path = path_join(src_dir, file)
|
12
|
-
dest_path = path_join(dest_dir, file.gsub(".erb", ""))
|
13
|
-
if src_path.to_s.include?(".erb")
|
14
|
-
File.write(dest_path, ERB.new(File.read(src_path), nil, '-').result(binding))
|
15
|
-
else
|
16
|
-
FileUtils.cp(src_path, dest_path)
|
17
|
-
end
|
18
|
-
end
|
19
|
-
|
20
|
-
def delete_target_file(file_path)
|
21
|
-
if File.exist?(file_path)
|
22
|
-
if opts[:force]
|
23
|
-
info_msg("File #{file_path} exists, forcing a delete")
|
24
|
-
File.delete(file_path)
|
25
|
-
else
|
26
|
-
raise "File #{file_path} already exist"
|
27
|
-
end
|
28
|
-
end
|
29
|
-
end
|
30
|
-
|
31
|
-
def create_target_directory(file_path)
|
32
|
-
dirname = File.dirname(file_path)
|
33
|
-
return if File.exist?(dirname)
|
34
|
-
debug_msg("Creating directory #{dirname} ...")
|
35
|
-
FileUtils.mkdir_p(dirname)
|
36
|
-
end
|
37
|
-
|
38
|
-
def rm_file(file, dir = "/")
|
39
|
-
path = path_join(dir, file)
|
40
|
-
File.delete(path) if File.exist?(path)
|
41
|
-
end
|
42
|
-
|
43
|
-
def path_join(*args)
|
44
|
-
path = Pathname.new(args.shift)
|
45
|
-
args.each { |path_seg| path = path.join("./#{path_seg}") }
|
46
|
-
path
|
47
|
-
end
|
48
|
-
|
49
|
-
def file_binary?(file)
|
50
|
-
data = File.read(file)
|
51
|
-
ascii = control = binary = total = 0
|
52
|
-
data[0..512].each_byte do |c|
|
53
|
-
total += 1
|
54
|
-
if c < 32
|
55
|
-
control += 1
|
56
|
-
elsif c >= 32 && c <= 128
|
57
|
-
ascii += 1
|
58
|
-
else
|
59
|
-
binary += 1
|
60
|
-
end
|
61
|
-
end
|
62
|
-
control.to_f / ascii > 0.1 || binary.to_f / ascii > 0.05
|
63
|
-
end
|
64
|
-
end
|
65
|
-
end
|
@@ -1,13 +0,0 @@
|
|
1
|
-
module HttpdConfigmapGenerator
|
2
|
-
def self.required_options
|
3
|
-
{
|
4
|
-
:host => { :description => "Application Domain" }
|
5
|
-
}
|
6
|
-
end
|
7
|
-
|
8
|
-
def self.optional_options
|
9
|
-
{
|
10
|
-
:force => { :description => "Force configuration if configured already", :default => false }
|
11
|
-
}
|
12
|
-
end
|
13
|
-
end
|