moby-derp 0.6.0 → 0.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/moby_derp/container.rb +2 -0
- data/lib/moby_derp/container_config.rb +1 -1
- data/lib/moby_derp/freedom_patches/docker/credential.rb +91 -0
- data/lib/{freedom_patches → moby_derp/freedom_patches}/docker/image.rb +0 -0
- data/lib/moby_derp/pod.rb +14 -0
- data/lib/moby_derp/pod_config.rb +5 -0
- metadata +3 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 0c2890cb17a2175bed1a51fce4f28ac8e898555b62c28f626ff7d87bd26b21ec
|
4
|
+
data.tar.gz: c49fe1673ac2380e964c7b37b5605c18a52b6f0ec095e6ffba8c345afcf179c6
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c2d2cae1b30c7c75a021adfb5c40b5cf1a658828383236e0852fec61c79e5ddf4ff50bdecff8fa1319b3afc35624c03d79410a2505385ffc9ebaefb4121f25ea
|
7
|
+
data.tar.gz: f51fce566d449b97f8a938722f58484668d1e3b220e95f53aee4788ef9f72d2f2f54073cbb55770546e92304e42d36006e1ce67b524da36f81cea6cde9482aa6
|
data/lib/moby_derp/container.rb
CHANGED
@@ -0,0 +1,91 @@
|
|
1
|
+
require "json"
|
2
|
+
require "open3"
|
3
|
+
require "pathname"
|
4
|
+
require "uri"
|
5
|
+
|
6
|
+
module Docker
|
7
|
+
module Credential
|
8
|
+
#:nocov:
|
9
|
+
def self.for(ref)
|
10
|
+
image_cred(ref)
|
11
|
+
end
|
12
|
+
|
13
|
+
private
|
14
|
+
|
15
|
+
def self.image_cred(ref)
|
16
|
+
cred_helper = hunt_for_image_domain_cred(ref, docker_config.fetch("credHelpers", {}))
|
17
|
+
|
18
|
+
if cred_helper
|
19
|
+
out, rv = Open3.capture2e("docker-credential-#{cred_helper}", "get", stdin_data: image_domain(ref))
|
20
|
+
|
21
|
+
if rv.exitstatus == 0
|
22
|
+
cred_data = JSON.parse(out)
|
23
|
+
|
24
|
+
{ username: cred_data["Username"], password: cred_data["Secret"], serveraddress: image_domain(ref) }
|
25
|
+
else
|
26
|
+
raise RuntimeError, "Credential helper docker-credential-#{cred_helper} exited with #{rv.exitstatus}: #{out}"
|
27
|
+
end
|
28
|
+
else
|
29
|
+
cred = hunt_for_image_domain_cred(ref, docker_config.fetch("auths", {}))
|
30
|
+
|
31
|
+
if cred
|
32
|
+
user, pass = JSON.parse(cred.fetch("auth", "null"))&.unpack("m")&.first&.split(":", 2)
|
33
|
+
|
34
|
+
if user && pass
|
35
|
+
{ username: user, password: pass, serveraddress: image_domain(ref) }
|
36
|
+
else
|
37
|
+
{}
|
38
|
+
end
|
39
|
+
else
|
40
|
+
{}
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
45
|
+
def self.hunt_for_image_domain_cred(ref, section)
|
46
|
+
section.find do |k, v|
|
47
|
+
if k =~ /:\/\//
|
48
|
+
# Doin' it URL style
|
49
|
+
URI(k).host == image_domain(ref)
|
50
|
+
else
|
51
|
+
k == image_domain(ref)
|
52
|
+
end
|
53
|
+
end&.last
|
54
|
+
end
|
55
|
+
|
56
|
+
def self.image_domain(ref)
|
57
|
+
if match_data = ref.match(Docker::Image::IMAGE_REFERENCE)
|
58
|
+
if match_data[1] =~ /[.:]/
|
59
|
+
match_data[1].gsub(/\/\z/, '')
|
60
|
+
else
|
61
|
+
"index.docker.io"
|
62
|
+
end
|
63
|
+
else
|
64
|
+
raise ArgumentError, "Could not parse image ref #{ref.inspect}"
|
65
|
+
end
|
66
|
+
end
|
67
|
+
|
68
|
+
def self.docker_config
|
69
|
+
if (f = Pathname.new(ENV.fetch("DOCKER_CONFIG", "~/.docker")).expand_path.join("config.json")).exist?
|
70
|
+
JSON.parse(f.read)
|
71
|
+
else
|
72
|
+
{}
|
73
|
+
end
|
74
|
+
end
|
75
|
+
|
76
|
+
module ImageClassMixin
|
77
|
+
def create(opts = {}, creds = nil, conn = Docker.connection, &block)
|
78
|
+
if creds.nil?
|
79
|
+
image = opts["fromImage"] || opts[:fromImage]
|
80
|
+
|
81
|
+
creds = Docker::Credential.for(image)
|
82
|
+
end
|
83
|
+
|
84
|
+
super(opts, creds, conn, &block)
|
85
|
+
end
|
86
|
+
end
|
87
|
+
#:nocov:
|
88
|
+
end
|
89
|
+
end
|
90
|
+
|
91
|
+
Docker::Image.singleton_class.prepend(Docker::Credential::ImageClassMixin)
|
File without changes
|
data/lib/moby_derp/pod.rb
CHANGED
@@ -18,6 +18,20 @@ module MobyDerp
|
|
18
18
|
|
19
19
|
@logger.debug(logloc) { "Root container ID is #{@root_container_id}" }
|
20
20
|
|
21
|
+
desired_container_names = @config.containers.map(&:name)
|
22
|
+
|
23
|
+
Docker::Container.all(all: true).each do |c|
|
24
|
+
c_name = c.info["Names"].first.sub(/^\//, '')
|
25
|
+
|
26
|
+
if c.info["Labels"]["org.hezmatt.moby-derp.pod-name"] == name &&
|
27
|
+
!c.info["Labels"]["org.hezmatt.moby-derp.root-container-id"].nil? &&
|
28
|
+
!desired_container_names.include?(c_name.split(".", 2).last)
|
29
|
+
@logger.info(logloc) { "Removing stale container #{c_name}" }
|
30
|
+
c.stop
|
31
|
+
c.delete
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
21
35
|
@config.containers.each do |cfg|
|
22
36
|
@logger.info(logloc) { "Checking container #{cfg.name}" }
|
23
37
|
|
data/lib/moby_derp/pod_config.rb
CHANGED
@@ -115,6 +115,11 @@ module MobyDerp
|
|
115
115
|
raise ConfigurationError,
|
116
116
|
"container name #{name.inspect} is invalid (must contain only alphanumerics, underscores, and hyphens)"
|
117
117
|
end
|
118
|
+
|
119
|
+
unless data.is_a?(Hash)
|
120
|
+
raise ConfigurationError,
|
121
|
+
"container data must be a hash"
|
122
|
+
end
|
118
123
|
end
|
119
124
|
|
120
125
|
begin
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: moby-derp
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.7.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Matt Palmer
|
@@ -194,11 +194,12 @@ files:
|
|
194
194
|
- README.md
|
195
195
|
- bin/moby-derp
|
196
196
|
- example.yml
|
197
|
-
- lib/freedom_patches/docker/image.rb
|
198
197
|
- lib/moby_derp/config_file.rb
|
199
198
|
- lib/moby_derp/container.rb
|
200
199
|
- lib/moby_derp/container_config.rb
|
201
200
|
- lib/moby_derp/error.rb
|
201
|
+
- lib/moby_derp/freedom_patches/docker/credential.rb
|
202
|
+
- lib/moby_derp/freedom_patches/docker/image.rb
|
202
203
|
- lib/moby_derp/logging_helpers.rb
|
203
204
|
- lib/moby_derp/mount.rb
|
204
205
|
- lib/moby_derp/pod.rb
|