httpd_configmap_generator 0.2.2 → 0.3.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 7404d7526e62a24e10b417fa31d73b4023b1eb71
4
- data.tar.gz: 3a3587bac420ca0c2349d838a6c248b24d3cbade
2
+ SHA256:
3
+ metadata.gz: aff6b3f7af181564f46a046634efe1965f4ed7936db37d143afa8d5ad0e59890
4
+ data.tar.gz: ebd0cfa723b123acd3cc8beac4b30e8349991c0563a93289cacd71440798a644
5
5
  SHA512:
6
- metadata.gz: cf984ea9aa2d30ff1d36de0b0b20aad9f2e70a5a7f89e63d9c0cf3db0cf4cc951319c9687874f016a9699c44e6dc44ad729727ca23943e065bb77056ef2b6e68
7
- data.tar.gz: 8fd7d31aba466446da43b81a13d34bd44b724d55f3cd0bc24f8fb00185a58f86dc047f8a0b7ba5f875907fb72765d8f4d19c2036669f4b83c8c44a3beab255cd
6
+ metadata.gz: 430913f53ac70692b10393aaaad7c94619a6a7b674871e84286a88020f86ee1bdd2fbfe8e87fa74a031402a07e7d5c6ca6dffe18de51c4465039ebc35ddde2ac
7
+ data.tar.gz: 149a5aa5978a38e573d112a0138f7574a09b1427b225aaf79d528b039e9ea7a11a5a0a6e392917e9d4c4baa01f5a5603e81d71ae08eba95950426e70d7d71ba7
@@ -1,7 +1,8 @@
1
+ ---
1
2
  language: ruby
2
3
  rvm:
3
- - 2.3.6
4
- - 2.4.2
4
+ - 2.5.7
5
+ - 2.6.5
5
6
  sudo: false
6
7
  cache: bundler
7
8
  after_script: bundle exec codeclimate-test-reporter
@@ -0,0 +1,11 @@
1
+ ---
2
+ ignore: |
3
+ /vendor/**
4
+
5
+ extends: relaxed
6
+
7
+ rules:
8
+ indentation:
9
+ indent-sequences: false
10
+ line-length:
11
+ max: 120
data/Dockerfile CHANGED
@@ -1,4 +1,4 @@
1
- FROM manageiq/httpd:latest
1
+ FROM manageiq/httpd-init:latest
2
2
  MAINTAINER ManageIQ https://github.com/ManageIQ
3
3
 
4
4
  LABEL name="httpd-configmap-generator" \
@@ -11,6 +11,7 @@ ENV HTTPD_AUTH_TYPE=internal \
11
11
  HTTPD_AUTH_KERBEROS_REALMS=undefined \
12
12
  TERM=xterm
13
13
 
14
- RUN yum -y install openldap-clients pamtester
14
+ RUN dnf -y --disableplugin=subscription-manager install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm && \
15
+ dnf -y --disableplugin=subscription-manager install openldap-clients pamtester
15
16
 
16
17
  RUN gem install --no-ri --no-rdoc --no-document httpd_configmap_generator
@@ -0,0 +1,39 @@
1
+ # Httpd Configmap Generator - OpenID-Connect (OIDC)
2
+
3
+ This documents how to run the httpd\_configmap\_generator tool to configure the container against an OpenID-Connect (OIDC) identity provider.
4
+
5
+ ## Usage for the `oidc` auth-type:
6
+
7
+ ```
8
+ $ httpd_configmap_generator oidc --help
9
+ Options:
10
+ -o, --output=<s> Configuration map file to create
11
+ -u, --oidc-url=<s> OpenID-Connect Provider URL
12
+ -i, --oidc-client-id=<s> OpenID-Connect Provider Client ID
13
+ -s, --oidc-client-secret=<s> OpenID-Connect Provider Client Secret
14
+ -f, --force Force configuration if configured already
15
+ -d, --debug Enable debugging
16
+ -h, --help Show this message
17
+
18
+ ```
19
+
20
+ ### Examples:
21
+
22
+ Creates the extra data for the container:
23
+
24
+ ```
25
+ $ httpd_configmap_generator oidc \
26
+ --force \
27
+ --oidc-url=http://my-keycloak:8080/auth/realms/miq/.well-known/openid-configuration \
28
+ --oidc-client-id=my-keycloak-oidc-client \
29
+ --oidc-client-secret=99999999-9999-9999-a999-99999a999999 \
30
+ --debug \
31
+ -o /tmp/external-oidc.yaml
32
+ ```
33
+
34
+ The auth configmap file for oidc does not include any files. It only includes the following extra data:
35
+
36
+ * auth-oidc-provider-metadata-url
37
+ * auth-oidc-client-id
38
+ * auth-oidc-client-secret
39
+
data/README.md CHANGED
@@ -1,7 +1,7 @@
1
1
  # Httpd Configmap Generator
2
2
 
3
3
  [![Gem Version](https://badge.fury.io/rb/httpd_configmap_generator.svg)](http://badge.fury.io/rb/httpd_configmap_generator)
4
- [![Build Status](https://travis-ci.org/ManageIQ/httpd_configmap_generator.svg)](https://travis-ci.org/ManageIQ/httpd_configmap_generator)
4
+ [![Build Status](https://travis-ci.org/ManageIQ/httpd_configmap_generator.svg?branch=master)](https://travis-ci.org/ManageIQ/httpd_configmap_generator)
5
5
  [![Code Climate](https://codeclimate.com/github/ManageIQ/httpd_configmap_generator.svg)](https://codeclimate.com/github/ManageIQ/httpd_configmap_generator)
6
6
  [![Test Coverage](https://codeclimate.com/github/ManageIQ/httpd_configmap_generator/badges/coverage.svg)](https://codeclimate.com/github/ManageIQ/httpd_configmap_generator/coverage)
7
7
  [![Dependency Status](https://gemnasium.com/ManageIQ/httpd_configmap_generator.svg)](https://gemnasium.com/ManageIQ/httpd_configmap_generator)
@@ -28,7 +28,7 @@ httpd_configmap_generator 0.1.1 - External Authentication Configuration script
28
28
 
29
29
  Usage: httpd_configmap_generator auth_type | update | export [--help | options]
30
30
 
31
- supported auth_type: active-directory, ipa, ldap, saml
31
+ supported auth_type: active-directory, ipa, ldap, saml, oidc
32
32
 
33
33
  httpd_configmap_generator options are:
34
34
  -V, --version Version of the httpd_configmap_generator command
@@ -43,12 +43,13 @@ $ httpd_configmap_generator ipa --help
43
43
 
44
44
  ## Supported Authentication Types
45
45
 
46
- |auth-type | Identity Provider/Environment | for usage: |
47
- |------------------|--------------------------------------------------|-------------------------------------------------------|
48
- | active-directory | Active Directory domain realm join | [README-active-directory](README-active-directory.md) |
49
- | ipa | IPA, IPA 2-factor authentication, IPA/AD Trust | [README-ipa](README-ipa.md) |
50
- | ldap | Ldap directories | [README-ldap](README-ldap.md) |
51
- | saml | Keycloak, etc. | [README-saml](README-saml.md) |
46
+ |auth-type | Identity Provider/Environment | for usage: |
47
+ |-----------------------------------|--------------------------------------------------|-------------------------------------------------------|
48
+ | active-directory | Active Directory domain realm join | [README-active-directory](README-active-directory.md) |
49
+ | ipa | IPA, IPA 2-factor authentication, IPA/AD Trust | [README-ipa](README-ipa.md) |
50
+ | ldap | Ldap directories | [README-ldap](README-ldap.md) |
51
+ | saml | Keycloak, etc. | [README-saml](README-saml.md) |
52
+ | OpenID-Connect (oidc) | Keycloak, etc. | [README-oidc](README-oidc.md) |
52
53
 
53
54
  ___
54
55
 
@@ -8,7 +8,7 @@
8
8
  #
9
9
 
10
10
  Dir.chdir(__dir__) { require "bundler/setup" }
11
- require "trollop"
11
+ require "optimist"
12
12
  require "httpd_configmap_generator"
13
13
 
14
14
  CMD = File.basename($PROGRAM_NAME)
@@ -23,14 +23,14 @@ module HttpdConfigmapGenerator
23
23
  SUB_COMMANDS = [HttpdConfigmapGenerator.supported_auth_types] | %w(update export)
24
24
 
25
25
  def run
26
- Trollop.options do
26
+ Optimist.options do
27
27
  version("#{CMD} #{HttpdConfigmapGenerator::VERSION} - External Authentication Configuration script")
28
28
  banner <<-EOS
29
29
  #{version}
30
30
 
31
31
  Usage: #{CMD} auth_type | update | export [--help | options]
32
32
 
33
- supported auth_type: #{HttpdConfigmapGenerator.supported_auth_types.join(', ')}
33
+ supported auth_type: #{HttpdConfigmapGenerator.supported_auth_types.sort.join(', ')}
34
34
 
35
35
  #{CMD} options are:
36
36
  EOS
@@ -40,7 +40,7 @@ supported auth_type: #{HttpdConfigmapGenerator.supported_auth_types.join(', ')}
40
40
  end
41
41
 
42
42
  auth_type = ARGV.shift
43
- Trollop.die "Must specify an authentication type" if auth_type.nil?
43
+ Optimist.die "Must specify an authentication type" if auth_type.nil?
44
44
 
45
45
  begin
46
46
  auth_config =
@@ -53,7 +53,7 @@ supported auth_type: #{HttpdConfigmapGenerator.supported_auth_types.join(', ')}
53
53
  error_msg(err.to_s)
54
54
  end
55
55
 
56
- params = Trollop.options do
56
+ params = Optimist.options do
57
57
  auth_config.required_options.each do |key, key_options|
58
58
  opt key, key_options[:description], HttpdConfigmapGenerator::Cli.options_for(key_options, true)
59
59
  end
@@ -32,5 +32,5 @@ Gem::Specification.new do |s|
32
32
  s.add_dependency "awesome_spawn", "~> 1.4"
33
33
  s.add_dependency "iniparse", "~> 1.4"
34
34
  s.add_dependency "more_core_extensions", "~> 3.4"
35
- s.add_dependency "trollop", "~> 2.1"
35
+ s.add_dependency "optimist", "~> 3.0"
36
36
  end
@@ -4,6 +4,7 @@ require "httpd_configmap_generator/active_directory"
4
4
  require "httpd_configmap_generator/ipa"
5
5
  require "httpd_configmap_generator/ldap"
6
6
  require "httpd_configmap_generator/saml"
7
+ require "httpd_configmap_generator/oidc"
7
8
  require "httpd_configmap_generator/update"
8
9
  require "httpd_configmap_generator/export"
9
10
  require "more_core_extensions/core_ext/hash"
@@ -9,6 +9,8 @@ module HttpdConfigmapGenerator
9
9
 
10
10
  def required_options
11
11
  super.merge(
12
+ :host => { :description => "Application Domain",
13
+ :short => "-h" },
12
14
  :ad_domain => { :description => "Active Directory Domain" },
13
15
  :ad_user => { :description => "Active Directory User" },
14
16
  :ad_password => { :description => "Active Directory Password" }
@@ -54,10 +54,7 @@ module HttpdConfigmapGenerator
54
54
 
55
55
  def required_options
56
56
  {
57
- :host => { :description => "Application Domain",
58
- :short => "-h" },
59
- :output => { :description => "Configuration map file to create",
60
- :short => "-o" }
57
+ :output => { :description => "Configuration map file to create", :short => "-o" }
61
58
  }
62
59
  end
63
60
 
@@ -16,11 +16,11 @@ module HttpdConfigmapGenerator
16
16
  @config_map = template
17
17
  end
18
18
 
19
- def generate(auth_type, realm, file_list)
19
+ def generate(auth_type, realm = "undefined", file_list = nil, metadata = {})
20
20
  info_msg("Generating Auth Config-Map for #{auth_type}")
21
21
  @config_map = template(auth_type, realm)
22
22
  file_specs = gen_filespecs(file_list)
23
- define_configuration(file_specs)
23
+ define_configuration(file_specs, metadata)
24
24
  include_files(file_specs)
25
25
  end
26
26
 
@@ -71,7 +71,7 @@ module HttpdConfigmapGenerator
71
71
  file_specs = []
72
72
  file_list.each do |file|
73
73
  file_specs << file_entry_spec(file.strip)
74
- end
74
+ end unless file_list.nil?
75
75
  file_specs.sort_by { |file_spec| file_spec[:basename] }
76
76
  end
77
77
 
@@ -135,7 +135,7 @@ module HttpdConfigmapGenerator
135
135
  }
136
136
  end
137
137
 
138
- def update_configuration(file_specs)
138
+ def update_configuration(file_specs, metadata={})
139
139
  auth_configuration = fetch_auth_configuration
140
140
  return define_configuration(file_specs) unless auth_configuration
141
141
  # first, remove any file_specs references in the file list, we don't want duplication here.
@@ -146,7 +146,7 @@ module HttpdConfigmapGenerator
146
146
  end
147
147
  auth_configuration = auth_configuration.join("\n") + "\n"
148
148
  # now, append any of the new file_specs at the end of the list.
149
- append_configuration(auth_configuration, file_specs)
149
+ append_configuration(auth_configuration, file_specs, metadata)
150
150
  end
151
151
 
152
152
  def search_file_entry(target_file)
@@ -157,9 +157,9 @@ module HttpdConfigmapGenerator
157
157
  entry ? entry.first.split('=')[1].strip.split(' ') : nil
158
158
  end
159
159
 
160
- def define_configuration(file_specs)
160
+ def define_configuration(file_specs, metadata={})
161
161
  auth_configuration = "# External Authentication Configuration File\n#\n"
162
- append_configuration(auth_configuration, file_specs)
162
+ append_configuration(auth_configuration, file_specs, metadata)
163
163
  end
164
164
 
165
165
  def include_files(file_specs)
@@ -175,12 +175,17 @@ module HttpdConfigmapGenerator
175
175
  file_spec[:binary] ? "#{file_spec[:basename]}.base64" : file_spec[:basename]
176
176
  end
177
177
 
178
- def append_configuration(auth_configuration, file_specs)
178
+ def append_configuration(auth_configuration, file_specs, metadata)
179
179
  file_specs.each do |file_spec|
180
180
  debug_msg("Adding file #{file_spec[:target]} ...")
181
181
  auth_configuration += "file = #{file_basename(file_spec)} #{file_spec[:target]} #{file_spec[:mode]}\n"
182
182
  end
183
183
  config_map[DATA_SECTION] ||= {}
184
+
185
+ metadata.each do |key, value|
186
+ config_map[DATA_SECTION].merge!(key => value)
187
+ end
188
+
184
189
  config_map[DATA_SECTION].merge!(AUTH_CONFIGURATION => auth_configuration)
185
190
  end
186
191
 
@@ -11,6 +11,8 @@ module HttpdConfigmapGenerator
11
11
 
12
12
  def required_options
13
13
  super.merge(
14
+ :host => { :description => "Application Domain",
15
+ :short => "-h" },
14
16
  :ipa_server => { :description => "IPA Server FQDN" },
15
17
  :ipa_password => { :description => "IPA Server Password" }
16
18
  )
@@ -10,6 +10,8 @@ module HttpdConfigmapGenerator
10
10
 
11
11
  def required_options
12
12
  super.merge(
13
+ :host => { :description => "Application Domain",
14
+ :short => "-h" },
13
15
  :cert_file => { :description => "Cert File" },
14
16
  :ldap_host => { :description => "LDAP Directory Host FQDN" },
15
17
  :ldap_mode => { :description => "ldap | ldaps" },
@@ -0,0 +1,48 @@
1
+ module HttpdConfigmapGenerator
2
+ class Oidc < Base
3
+
4
+ AUTH = {
5
+ :type => "openid-connect",
6
+ :subtype => "oidc"
7
+ }.freeze
8
+
9
+ def required_options
10
+ super.merge(
11
+ :oidc_url => { :description => "OpenID-Connect Provider URL",
12
+ :short => "-u" },
13
+ :oidc_client_id => { :description => "OpenID-Connect Provider Client ID",
14
+ :short => "-i" },
15
+ :oidc_client_secret => { :description => "OpenID-Connect Provider Client Secret",
16
+ :short => "-s" },
17
+ )
18
+ end
19
+
20
+ def configure(opts)
21
+ auth_oidc_data = {}
22
+ auth_oidc_data["auth-oidc-provider-metadata-url"] = opts[:oidc_url]
23
+ auth_oidc_data["auth-oidc-client-id"] = opts[:oidc_client_id]
24
+ auth_oidc_data["auth-oidc-client-secret"] = opts[:oidc_client_secret]
25
+
26
+ config_map = ConfigMap.new(opts)
27
+ config_map.generate(AUTH[:type], nil, nil, auth_oidc_data )
28
+ config_map.save(opts[:output])
29
+ rescue => err
30
+ log_command_error(err)
31
+ raise err
32
+ end
33
+
34
+ def validate_options(opts)
35
+ super(opts)
36
+ end
37
+
38
+ def configured?
39
+ false
40
+ end
41
+
42
+ def unconfigure
43
+ return unless configured?
44
+ end
45
+
46
+ end
47
+ end
48
+
@@ -10,7 +10,9 @@ module HttpdConfigmapGenerator
10
10
  }.freeze
11
11
 
12
12
  def required_options
13
- super
13
+ super.merge(
14
+ :host => { :description => "Application Domain", :short => "-h" },
15
+ )
14
16
  end
15
17
 
16
18
  def optional_options
@@ -1,3 +1,3 @@
1
1
  module HttpdConfigmapGenerator
2
- VERSION = "0.2.2".freeze
2
+ VERSION = "0.3.0".freeze
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: httpd_configmap_generator
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.2
4
+ version: 0.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Httpd Auth Config Developers
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-05-22 00:00:00.000000000 Z
11
+ date: 2020-07-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: codeclimate-test-reporter
@@ -123,21 +123,21 @@ dependencies:
123
123
  - !ruby/object:Gem::Version
124
124
  version: '3.4'
125
125
  - !ruby/object:Gem::Dependency
126
- name: trollop
126
+ name: optimist
127
127
  requirement: !ruby/object:Gem::Requirement
128
128
  requirements:
129
129
  - - "~>"
130
130
  - !ruby/object:Gem::Version
131
- version: '2.1'
131
+ version: '3.0'
132
132
  type: :runtime
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
136
  - - "~>"
137
137
  - !ruby/object:Gem::Version
138
- version: '2.1'
138
+ version: '3.0'
139
139
  description: The Httpd Configmap Generator
140
- email:
140
+ email:
141
141
  executables:
142
142
  - httpd_configmap_generator
143
143
  extensions: []
@@ -146,12 +146,14 @@ files:
146
146
  - ".gitignore"
147
147
  - ".rspec"
148
148
  - ".travis.yml"
149
+ - ".yamllint"
149
150
  - Dockerfile
150
151
  - Gemfile
151
152
  - LICENSE
152
153
  - README-active-directory.md
153
154
  - README-ipa.md
154
155
  - README-ldap.md
156
+ - README-oidc.md
155
157
  - README-saml.md
156
158
  - README.md
157
159
  - Rakefile
@@ -174,6 +176,7 @@ files:
174
176
  - lib/httpd_configmap_generator/export.rb
175
177
  - lib/httpd_configmap_generator/ipa.rb
176
178
  - lib/httpd_configmap_generator/ldap.rb
179
+ - lib/httpd_configmap_generator/oidc.rb
177
180
  - lib/httpd_configmap_generator/saml.rb
178
181
  - lib/httpd_configmap_generator/update.rb
179
182
  - lib/httpd_configmap_generator/version.rb
@@ -184,7 +187,7 @@ homepage: https://github.com/ManageIQ/httpd_configmap_generator
184
187
  licenses:
185
188
  - Apache-2.0
186
189
  metadata: {}
187
- post_install_message:
190
+ post_install_message:
188
191
  rdoc_options: []
189
192
  require_paths:
190
193
  - lib
@@ -199,9 +202,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
199
202
  - !ruby/object:Gem::Version
200
203
  version: '0'
201
204
  requirements: []
202
- rubyforge_project:
203
- rubygems_version: 2.6.13
204
- signing_key:
205
+ rubygems_version: 3.0.3
206
+ signing_key:
205
207
  specification_version: 4
206
208
  summary: The Httpd Configmap Generator
207
209
  test_files: []