moby-derp 0.6.0 → 0.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 513a47c0b56a264731bf12050cbc651c7799c4ec60955c06e8cff46377328825
4
- data.tar.gz: 01d2f26f2fa6300cdddf599b9f544616d1781c4a53879ec009bec1d4dd340b9d
3
+ metadata.gz: 0c2890cb17a2175bed1a51fce4f28ac8e898555b62c28f626ff7d87bd26b21ec
4
+ data.tar.gz: c49fe1673ac2380e964c7b37b5605c18a52b6f0ec095e6ffba8c345afcf179c6
5
5
  SHA512:
6
- metadata.gz: 307556e56b26e97437df00b9db1277f254554ba88af5a22d9b786de2daba8a30d91f5c932c3b28f4cebb972175958c7c1be81d3cd8ad718a23638d8f696aaa12
7
- data.tar.gz: eb0c7f7f7514dbb93911cc65037a129aadfc1888454529071f2811e606dd3291dc57e5f2ced377df3896bbaccbac22c163bd5fad4e90cc0435304bb32b65ef6a
6
+ metadata.gz: c2d2cae1b30c7c75a021adfb5c40b5cf1a658828383236e0852fec61c79e5ddf4ff50bdecff8fa1319b3afc35624c03d79410a2505385ffc9ebaefb4121f25ea
7
+ data.tar.gz: f51fce566d449b97f8a938722f58484668d1e3b220e95f53aee4788ef9f72d2f2f54073cbb55770546e92304e42d36006e1ce67b524da36f81cea6cde9482aa6
@@ -5,6 +5,8 @@ require "docker-api"
5
5
  require "ipaddr"
6
6
  require "json/canonicalization"
7
7
 
8
+ require_relative "./freedom_patches/docker/credential"
9
+
8
10
  module MobyDerp
9
11
  class Container
10
12
  include LoggingHelpers
@@ -1,4 +1,4 @@
1
- require_relative "../freedom_patches/docker/image"
1
+ require_relative "./freedom_patches/docker/image"
2
2
  require_relative "./error"
3
3
  require_relative "./mount"
4
4
 
@@ -0,0 +1,91 @@
1
+ require "json"
2
+ require "open3"
3
+ require "pathname"
4
+ require "uri"
5
+
6
+ module Docker
7
+ module Credential
8
+ #:nocov:
9
+ def self.for(ref)
10
+ image_cred(ref)
11
+ end
12
+
13
+ private
14
+
15
+ def self.image_cred(ref)
16
+ cred_helper = hunt_for_image_domain_cred(ref, docker_config.fetch("credHelpers", {}))
17
+
18
+ if cred_helper
19
+ out, rv = Open3.capture2e("docker-credential-#{cred_helper}", "get", stdin_data: image_domain(ref))
20
+
21
+ if rv.exitstatus == 0
22
+ cred_data = JSON.parse(out)
23
+
24
+ { username: cred_data["Username"], password: cred_data["Secret"], serveraddress: image_domain(ref) }
25
+ else
26
+ raise RuntimeError, "Credential helper docker-credential-#{cred_helper} exited with #{rv.exitstatus}: #{out}"
27
+ end
28
+ else
29
+ cred = hunt_for_image_domain_cred(ref, docker_config.fetch("auths", {}))
30
+
31
+ if cred
32
+ user, pass = JSON.parse(cred.fetch("auth", "null"))&.unpack("m")&.first&.split(":", 2)
33
+
34
+ if user && pass
35
+ { username: user, password: pass, serveraddress: image_domain(ref) }
36
+ else
37
+ {}
38
+ end
39
+ else
40
+ {}
41
+ end
42
+ end
43
+ end
44
+
45
+ def self.hunt_for_image_domain_cred(ref, section)
46
+ section.find do |k, v|
47
+ if k =~ /:\/\//
48
+ # Doin' it URL style
49
+ URI(k).host == image_domain(ref)
50
+ else
51
+ k == image_domain(ref)
52
+ end
53
+ end&.last
54
+ end
55
+
56
+ def self.image_domain(ref)
57
+ if match_data = ref.match(Docker::Image::IMAGE_REFERENCE)
58
+ if match_data[1] =~ /[.:]/
59
+ match_data[1].gsub(/\/\z/, '')
60
+ else
61
+ "index.docker.io"
62
+ end
63
+ else
64
+ raise ArgumentError, "Could not parse image ref #{ref.inspect}"
65
+ end
66
+ end
67
+
68
+ def self.docker_config
69
+ if (f = Pathname.new(ENV.fetch("DOCKER_CONFIG", "~/.docker")).expand_path.join("config.json")).exist?
70
+ JSON.parse(f.read)
71
+ else
72
+ {}
73
+ end
74
+ end
75
+
76
+ module ImageClassMixin
77
+ def create(opts = {}, creds = nil, conn = Docker.connection, &block)
78
+ if creds.nil?
79
+ image = opts["fromImage"] || opts[:fromImage]
80
+
81
+ creds = Docker::Credential.for(image)
82
+ end
83
+
84
+ super(opts, creds, conn, &block)
85
+ end
86
+ end
87
+ #:nocov:
88
+ end
89
+ end
90
+
91
+ Docker::Image.singleton_class.prepend(Docker::Credential::ImageClassMixin)
@@ -18,6 +18,20 @@ module MobyDerp
18
18
 
19
19
  @logger.debug(logloc) { "Root container ID is #{@root_container_id}" }
20
20
 
21
+ desired_container_names = @config.containers.map(&:name)
22
+
23
+ Docker::Container.all(all: true).each do |c|
24
+ c_name = c.info["Names"].first.sub(/^\//, '')
25
+
26
+ if c.info["Labels"]["org.hezmatt.moby-derp.pod-name"] == name &&
27
+ !c.info["Labels"]["org.hezmatt.moby-derp.root-container-id"].nil? &&
28
+ !desired_container_names.include?(c_name.split(".", 2).last)
29
+ @logger.info(logloc) { "Removing stale container #{c_name}" }
30
+ c.stop
31
+ c.delete
32
+ end
33
+ end
34
+
21
35
  @config.containers.each do |cfg|
22
36
  @logger.info(logloc) { "Checking container #{cfg.name}" }
23
37
 
@@ -115,6 +115,11 @@ module MobyDerp
115
115
  raise ConfigurationError,
116
116
  "container name #{name.inspect} is invalid (must contain only alphanumerics, underscores, and hyphens)"
117
117
  end
118
+
119
+ unless data.is_a?(Hash)
120
+ raise ConfigurationError,
121
+ "container data must be a hash"
122
+ end
118
123
  end
119
124
 
120
125
  begin
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: moby-derp
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.6.0
4
+ version: 0.7.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Matt Palmer
@@ -194,11 +194,12 @@ files:
194
194
  - README.md
195
195
  - bin/moby-derp
196
196
  - example.yml
197
- - lib/freedom_patches/docker/image.rb
198
197
  - lib/moby_derp/config_file.rb
199
198
  - lib/moby_derp/container.rb
200
199
  - lib/moby_derp/container_config.rb
201
200
  - lib/moby_derp/error.rb
201
+ - lib/moby_derp/freedom_patches/docker/credential.rb
202
+ - lib/moby_derp/freedom_patches/docker/image.rb
202
203
  - lib/moby_derp/logging_helpers.rb
203
204
  - lib/moby_derp/mount.rb
204
205
  - lib/moby_derp/pod.rb