pechkin 1.0.3 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b1676e5e77d5898b67a9614012f5d982cb2c75c97847ba8fe22bfaf409988f78
-  data.tar.gz: bd7a612a913ce4433ec8a4d78687f5eddb75b1cf28ca6675f33833b0ebc76955
+  metadata.gz: 59912e94ce5225522475cb9f77b3bbb83c398a5dada6b1f937c02c0a886e2e8f
+  data.tar.gz: dcf67693f3ecaa7de96ef00ee3e4bfc0347d6ee45f546a3c8e7ae9e5d39b34b0
 SHA512:
-  metadata.gz: 806a857ddaf52ead16bbeec58bd1b9b4d3af8690011297fa35014058d3f0b1510ffa6694e4a651f33eab71814cae677b12d169df2c1a2fbd26eb57fd0f017169
-  data.tar.gz: c699ddf5ad93cc7e5c9996fa398d734a5029fef470311c488cfc0d3df4d7124e8bb7b02498e7e69e27ce64d8109f5bab27f264642feefba5dc5a7ab6947877d1
+  metadata.gz: d071d69449005cf0dfae928a148391ea1247876bcc06cd52c588ca84d5210e37a66a0838e10511ed0a6554b1ecf6904961467e6d1fef916676a4296f34687367
+  data.tar.gz: d59c5fcbf1c97be064075bf012ca0d760d65edd911bd4cd551efcc64468292ed213423fcfb893823aa57191b38433bb803a09158cd3da2da18558f8a7bd5d795

data/lib/pechkin.rb

@@ -3,6 +3,8 @@ require 'rack'
 require 'logger'
 require 'prometheus/middleware/collector'
 require 'prometheus/middleware/exporter'
+require 'htauth'
+require 'base64'
 
 require_relative 'pechkin/cli'
 require_relative 'pechkin/exceptions'
@@ -14,6 +16,8 @@ require_relative 'pechkin/connector_telegram'
 require_relative 'pechkin/channel'
 require_relative 'pechkin/configuration'
 require_relative 'pechkin/substitute'
+require_relative 'pechkin/prometheus_utils'
+require_relative 'pechkin/auth'
 require_relative 'pechkin/app'
 
 module Pechkin # :nodoc:
@@ -33,20 +37,24 @@ module Pechkin # :nodoc:
 
     def initialize(options)
       @options = options
-      @configuration = Configuration.load_from_directory(options.config_file)
-      @handler = Handler.new(@configuration.channels)
     end
 
     def run
+      if options.add_auth
+        add_auth
+        exit 0
+      end
+
+      @configuration = Configuration.load_from_directory(options.config_file)
+      @handler = Handler.new(@configuration.channels)
       configuration.list if options.list?
-      exit 0 if options.check?
+      return if options.check?
 
       if options.send_data
         send_data
-        exit 0
+      else
+        run_server
       end
-
-      run_server
     end
 
     def run_server
@@ -79,5 +87,11 @@ module Pechkin # :nodoc:
         [m[1], m[2]]
       end
     end
+
+    def add_auth
+      user, password = options.add_auth.split(':')
+      Pechkin::Auth::Manager.new(options.htpasswd).add(user, password)
+      puts IO.read(options.htpasswd)
+    end
   end
 end

data/lib/pechkin/app.rb

@@ -5,14 +5,19 @@ module Pechkin
     def build(handler, options)
       app = App.new
       app.handler = handler
-
+      prometheus = Pechkin::PrometheusUtils.registry
       logger = create_logger(options.log_dir)
 
       Rack::Builder.app do
         use Rack::CommonLogger, logger
         use Rack::Deflater
-        use Prometheus::Middleware::Collector
-        use Prometheus::Middleware::Exporter
+        use Prometheus::Middleware::Collector, registry: prometheus
+        # Add Auth check if found htpasswd file or it was excplicitly provided
+        # See CLI class for configuration details
+        if options.htpasswd
+          use Pechkin::Auth::Middleware, auth_file: options.htpasswd
+        end
+        use Prometheus::Middleware::Exporter, registry: prometheus
 
         run app
       end

data/lib/pechkin/auth.rb

@@ -0,0 +1,57 @@
+module Pechkin
+  module Auth
+    # Utility class for altering htpasswd files
+    class Manager
+      attr_reader :htpasswd
+      def initialize(htpasswd)
+        @htpasswd = htpasswd
+      end
+
+      def add(user, password)
+        m = File.exist?(htpasswd) ? HTAuth::File::ALTER : HTAuth::File::CREATE
+        HTAuth::PasswdFile.open(htpasswd, m) do |f|
+          f.add_or_update(user, password, 'md5')
+        end
+      end
+    end
+
+    # Auth middleware to check if provided auth can be found in .htpasswd file
+    class Middleware
+      attr_reader :htpasswd
+
+      def initialize(app, auth_file:)
+        @htpasswd = HTAuth::PasswdFile.open(auth_file) if File.exist?(auth_file)
+        @app = app
+      end
+
+      def call(env)
+        if authorized?(env)
+          @app.call(env)
+        else
+          body = { status: 'error', reason: 'unathorized' }.to_json
+          ['401', { 'Content-Type' => 'application/json' }, [body]]
+        end
+      rescue StandardError => e
+        puts e.backtrace.reverse.join('\n\t')
+        body = { status: 'error', reason: e.message }.to_json
+        ['503', { 'Content-Type' => 'application/json' }, [body]]
+      end
+
+      private
+
+      def authorized?(env)
+        return true unless htpasswd
+
+        auth = env['HTTP_AUTHORIZATION'] || ''
+        auth.match(/^Basic (.+)$/) do |m|
+          check_auth(*Base64.decode64(m[1]).split(':'))
+        end
+      end
+
+      def check_auth(user, password)
+        e = htpasswd.fetch(user)
+        e && e.authenticated?(password)
+      end
+    end
+  end
+end

data/lib/pechkin/cli.rb

@@ -43,7 +43,7 @@ module Pechkin
         exit 2
       else
         parser.parse(args)
-        values
+        new.post_init(values)
       end
     end
 
@@ -89,6 +89,9 @@ module Pechkin
 
   # Command Line Parser Builder
   class CLI
+    # Default file name for htpasswd file with auth credentials
+    PECHKIN_HTPASSWD_FILE = 'pechkin.htpasswd'.freeze
+
     extend CLIHelper
 
     separator 'Run options'
@@ -104,28 +107,49 @@ module Pechkin
 
     opt :log_dir, names: ['--log-dir [DIR]'],
                   desc: 'Path to log directory. Output will be writen to'  \
-                        'pechkin.log file. If not specified will write to' \
+                        'pechkin.log file. If not specified will write to ' \
                         'STDOUT'
+    opt :htpasswd, names: ['--auth-file FILE'],
+                   desc: 'Path to .htpasswd file. By default ' \
+                         '`pechkin.htpasswd` file will be looked up in ' \
+                         'configuration directory and if found then ' \
+                         'authorization will be enabled implicitly. ' \
+                         'Providing this option enables htpasswd based ' \
+                         'authorization explicitly. When making requests use ' \
+                         'Basic auth to authorize.'
 
     separator 'Utils for configuration maintenance'
-
     opt :list?, names: ['-l', '--[no-]list'],
                 desc: 'List all endpoints'
 
     opt :check?, names: ['-k', '--[no-]check'],
                  desc: 'Load configuration and exit'
     opt :send_data, names: ['-s', '--send ENDPOINT'],
-                    desc: 'Send data to specified ENDPOINT and exit. Requires' \
-                          '--data to be set.'
+                    desc: 'Send data to specified ENDPOINT and exit. ' \
+                          'Requires --data to be set.'
     opt :preview,   names: ['--preview'],
                     desc: 'Print rendering result to STDOUT and exit. ' \
-                          'Use with send'
+                          'Use with --send'
     opt :data, names: ['--data DATA'],
                desc: 'Data to send with --send flag. Json string or @filename.'
 
-    separator 'Debug options'
+    separator 'Auth utils'
+    opt :add_auth, names: ['--add-auth USER:PASSWORD'],
+                   desc: 'Add auth entry to .htpasswd file. By default ' \
+                         'pechkin.htpasswd from configuration directory ' \
+                         'will be used. Use --auth-file to specify other ' \
+                         'file to update. If file does not exist it will be ' \
+                         'created.'
 
+    separator 'Debug options'
     opt :debug?, names: ['--[no-]debug'],
                  desc: 'Print debug information and stack trace on errors'
+
+    def post_init(values)
+      default_htpasswd = File.join(values.config_file, PECHKIN_HTPASSWD_FILE)
+      values.htpasswd ||= default_htpasswd
+
+      values
+    end
   end
 end

data/lib/pechkin/message_template.rb

@@ -8,31 +8,14 @@ module Pechkin
 
   # Message template to render final message.
   class MessageTemplate
-    class << self
-      def ruby_v260_or_later?(ruby_version = RUBY_VERSION)
-        # Need to compare two versions, one is 2.6.0 - which supports keyword
-        # arguments in ERB#initialize. Everything below that should use legacy
-        # arguments
-        rb_v260 = [2, 6, 0]
-        rb_current = ruby_version.split('.').map(&:to_i)
-
-        rb_v260.zip(rb_current).each do |x, y|
-          x ||= 0
-          y ||= 0
-          return false if y < x
-        end
-
-        true
-      end
-    end
-
-    RUBY_V260 = MessageTemplate.ruby_v260_or_later?
+    ERB_INITIALIZE_KEYWORD_ARGUMENTS = ERB.instance_method(:initialize)
+                                          .parameters.assoc(:key)
 
     def initialize(erb)
       # ERB#initialize has different signature starting from Ruby 2.6.*
       # See link:
       # https://github.com/ruby/ruby/blob/2311087/NEWS#stdlib-updates-outstanding-ones-only
-      if MessageTemplate::RUBY_V260
+      if MessageTemplate::ERB_INITIALIZE_KEYWORD_ARGUMENTS # Ruby 2.6+
         @erb_template = ERB.new(erb, trim_mode: '-')
       else
         safe_level = nil

data/lib/pechkin/prometheus_utils.rb

@@ -0,0 +1,12 @@
+module Pechkin
+  module PrometheusUtils # :nodoc:
+    class << self
+      def registry
+        registry = ::Prometheus::Client.registry
+        registry.gauge(:pechkin_start_time_seconds,
+                       docstring: 'Startup timestamp').set(Time.now.to_i)
+        registry
+      end
+    end
+  end
+end

data/lib/pechkin/version.rb

@@ -1,7 +1,7 @@
 module Pechkin
   # Keeps actual version
   module Version
-    VERSION = [1, 0, 3].freeze
+    VERSION = [1, 1, 0].freeze
     class << self
       def version_string
         VERSION.join('.')

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pechkin
 version: !ruby/object:Gem::Version
-  version: 1.0.3
+  version: 1.1.0
 platform: ruby
 authors:
 - Ilya Arkhanhelsky
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-12-11 00:00:00.000000000 Z
+date: 2019-12-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: grape
@@ -24,6 +24,20 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 1.1.0
+- !ruby/object:Gem::Dependency
+  name: htauth
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 2.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 2.0.0
 - !ruby/object:Gem::Dependency
   name: prometheus-client
   requirement: !ruby/object:Gem::Requirement
@@ -44,14 +58,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.0.6
+        version: 2.0.8
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.0.6
+        version: 2.0.8
 description: 
 email: ilya.arkhanhelsky at gmail.com
 executables:
@@ -62,6 +76,7 @@ files:
 - bin/pechkin
 - lib/pechkin.rb
 - lib/pechkin/app.rb
+- lib/pechkin/auth.rb
 - lib/pechkin/channel.rb
 - lib/pechkin/cli.rb
 - lib/pechkin/configuration.rb
@@ -76,6 +91,7 @@ files:
 - lib/pechkin/exceptions.rb
 - lib/pechkin/handler.rb
 - lib/pechkin/message_template.rb
+- lib/pechkin/prometheus_utils.rb
 - lib/pechkin/substitute.rb
 - lib/pechkin/version.rb
 homepage: https://github.com/iarkhanhelsky/pechkin