skull_island 2.0.0 → 2.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +45 -2
- data/.travis.yml +1 -0
- data/Gemfile.lock +78 -62
- data/README.md +2 -2
- data/lib/core_extensions/hash/pruning.rb +27 -0
- data/lib/skull_island.rb +2 -0
- data/lib/skull_island/cli.rb +10 -6
- data/lib/skull_island/helpers/cli_erb.rb +2 -2
- data/lib/skull_island/helpers/meta.rb +1 -1
- data/lib/skull_island/helpers/resource.rb +29 -20
- data/lib/skull_island/resource.rb +7 -4
- data/lib/skull_island/resource_collection.rb +4 -3
- data/lib/skull_island/resources/ca_certificate.rb +31 -3
- data/lib/skull_island/resources/certificate.rb +31 -5
- data/lib/skull_island/resources/consumer.rb +8 -3
- data/lib/skull_island/resources/jwt_credential.rb +4 -1
- data/lib/skull_island/resources/plugin.rb +23 -13
- data/lib/skull_island/resources/route.rb +17 -2
- data/lib/skull_island/resources/service.rb +80 -6
- data/lib/skull_island/resources/upstream.rb +8 -1
- data/lib/skull_island/resources/upstream_target.rb +6 -3
- data/lib/skull_island/validations/api_client.rb +1 -1
- data/lib/skull_island/validations/resource.rb +1 -1
- data/lib/skull_island/version.rb +1 -1
- data/skull_island.gemspec +1 -1
- metadata +6 -6
@@ -10,14 +10,16 @@ module SkullIsland
|
|
10
10
|
include Helpers::Meta
|
11
11
|
|
12
12
|
property :name
|
13
|
-
property :retries
|
13
|
+
property :retries, validate: true
|
14
14
|
property :protocol, validate: true, required: true
|
15
15
|
property :host, validate: true, required: true
|
16
16
|
property :port, validate: true, required: true
|
17
|
+
property :tls_verify, type: :boolean
|
17
18
|
property :path
|
18
19
|
property :connect_timeout, validate: true
|
19
20
|
property :write_timeout, validate: true
|
20
21
|
property :read_timeout, validate: true
|
22
|
+
property :ca_certificates, validate: true, preprocess: true, postprocess: true
|
21
23
|
property :client_certificate, validate: true, preprocess: true, postprocess: true
|
22
24
|
property :created_at, read_only: true, postprocess: true
|
23
25
|
property :updated_at, read_only: true, postprocess: true
|
@@ -42,23 +44,32 @@ module SkullIsland
|
|
42
44
|
resource.connect_timeout = rdata['connect_timeout'] if rdata['connect_timeout']
|
43
45
|
resource.write_timeout = rdata['write_timeout'] if rdata['write_timeout']
|
44
46
|
resource.read_timeout = rdata['read_timeout'] if rdata['read_timeout']
|
47
|
+
resource.tls_verify = rdata['tls_verify'] if rdata['tls_verify']
|
45
48
|
resource.delayed_set(:client_certificate, rdata) if rdata['client_certificate']
|
49
|
+
resource.delayed_set(:ca_certificates, rdata) if rdata['ca_certificates']
|
46
50
|
resource.tags = rdata['tags'] if rdata['tags']
|
47
51
|
resource.project = project if project
|
48
52
|
resource.import_time = (time || Time.now.utc.to_i) if project
|
49
53
|
resource.import_update_or_skip(index: index, verbose: verbose, test: test)
|
50
54
|
known_ids << resource.id
|
51
55
|
|
52
|
-
|
56
|
+
previous_routes = resource.routes.dup
|
57
|
+
|
58
|
+
added_routes = Route.batch_import(
|
53
59
|
(rdata['routes'] || []).map { |r| r.merge('service' => { 'id' => resource.id }) },
|
54
60
|
verbose: verbose,
|
55
61
|
test: test,
|
56
62
|
project: project,
|
57
|
-
time: time
|
63
|
+
time: time,
|
64
|
+
cleanup: false
|
58
65
|
)
|
66
|
+
|
67
|
+
Route.cleanup_except(project, added_routes, previous_routes)
|
59
68
|
end
|
60
69
|
|
61
70
|
cleanup_except(project, known_ids) if project
|
71
|
+
|
72
|
+
known_ids
|
62
73
|
end
|
63
74
|
# rubocop:enable Metrics/CyclomaticComplexity
|
64
75
|
# rubocop:enable Metrics/PerceivedComplexity
|
@@ -87,6 +98,8 @@ module SkullIsland
|
|
87
98
|
Plugin.where(:service, self, api_client: api_client)
|
88
99
|
end
|
89
100
|
|
101
|
+
# rubocop:disable Metrics/CyclomaticComplexity
|
102
|
+
# rubocop:disable Metrics/PerceivedComplexity
|
90
103
|
# rubocop:disable Metrics/AbcSize
|
91
104
|
def export(options = {})
|
92
105
|
hash = {
|
@@ -102,7 +115,15 @@ module SkullIsland
|
|
102
115
|
}
|
103
116
|
hash['routes'] = routes.collect { |route| route.export(exclude: 'service') }
|
104
117
|
hash['tags'] = tags unless tags.empty?
|
105
|
-
|
118
|
+
if client_certificate&.name
|
119
|
+
hash['client_certificate'] = "<%= lookup :certificate, '#{client_certificate.name}' %>"
|
120
|
+
elsif client_certificate
|
121
|
+
hash['client_certificate'] = { 'id' => client_certificate.id }
|
122
|
+
end
|
123
|
+
if ca_certificates && !ca_certificates.empty?
|
124
|
+
hash['ca_certificates'] = export_ca_certificates
|
125
|
+
end
|
126
|
+
hash['tls_verify'] = tls_verify if [true, false].include?(tls_verify)
|
106
127
|
[*options[:exclude]].each do |exclude|
|
107
128
|
hash.delete(exclude.to_s)
|
108
129
|
end
|
@@ -111,12 +132,14 @@ module SkullIsland
|
|
111
132
|
end
|
112
133
|
hash.reject { |_, value| value.nil? }
|
113
134
|
end
|
135
|
+
# rubocop:enable Metrics/CyclomaticComplexity
|
136
|
+
# rubocop:enable Metrics/PerceivedComplexity
|
114
137
|
# rubocop:enable Metrics/AbcSize
|
115
138
|
|
116
139
|
def modified_existing?
|
117
140
|
return false unless new?
|
118
141
|
|
119
|
-
# Find
|
142
|
+
# Find services of the same name
|
120
143
|
same_name = self.class.where(:name, name)
|
121
144
|
|
122
145
|
existing = same_name.size == 1 ? same_name.first : nil
|
@@ -146,6 +169,33 @@ module SkullIsland
|
|
146
169
|
|
147
170
|
private
|
148
171
|
|
172
|
+
def export_ca_certificates
|
173
|
+
ca_certificates.map do |cacert|
|
174
|
+
cacert.name ? "<%= lookup :ca_certificate, '#{cacert.name}', raw: true %>" : cacert.id
|
175
|
+
end
|
176
|
+
end
|
177
|
+
|
178
|
+
def postprocess_ca_certificates(value)
|
179
|
+
if value.respond_to?(:to_a)
|
180
|
+
value.to_a.map do |cacert|
|
181
|
+
CACertificate.new(
|
182
|
+
entity: { 'id' => cacert },
|
183
|
+
lazy: true,
|
184
|
+
tainted: false,
|
185
|
+
api_client: api_client
|
186
|
+
)
|
187
|
+
end
|
188
|
+
else
|
189
|
+
value
|
190
|
+
end
|
191
|
+
end
|
192
|
+
|
193
|
+
def preprocess_ca_certificates(input)
|
194
|
+
input.to_a.map do |cacert|
|
195
|
+
cacert.is_a?(String) ? cacert : cacert.id
|
196
|
+
end
|
197
|
+
end
|
198
|
+
|
149
199
|
def postprocess_client_certificate(value)
|
150
200
|
if value.is_a?(Hash)
|
151
201
|
Certificate.new(
|
@@ -160,13 +210,31 @@ module SkullIsland
|
|
160
210
|
end
|
161
211
|
|
162
212
|
def preprocess_client_certificate(input)
|
163
|
-
|
213
|
+
case input
|
214
|
+
when Hash
|
164
215
|
input
|
216
|
+
when String
|
217
|
+
{ 'id' => input }
|
165
218
|
else
|
166
219
|
{ 'id' => input.id }
|
167
220
|
end
|
168
221
|
end
|
169
222
|
|
223
|
+
# Validates {#ca_certificates} on set
|
224
|
+
def validate_ca_certificates(value)
|
225
|
+
# only Arrays (or Enumarables) are supported
|
226
|
+
return false unless value.is_a?(Array) || value.respond_to?(:to_a)
|
227
|
+
|
228
|
+
# Can only contain a array of Strings or CACertificates
|
229
|
+
value.to_a.reject { |v| v.is_a?(String) || v.is_a?(CACertificate) }.empty?
|
230
|
+
end
|
231
|
+
|
232
|
+
# Used to validate {#client_certificate} on set
|
233
|
+
def validate_client_certificate(value)
|
234
|
+
# only Strings, Hashes, or Certificates are allowed
|
235
|
+
value.is_a?(String) || value.is_a?(Hash) || value.is_a?(Certificate)
|
236
|
+
end
|
237
|
+
|
170
238
|
# Used to validate {#protocol} on set
|
171
239
|
def validate_protocol(value)
|
172
240
|
# only HTTP and HTTPS are allowed
|
@@ -185,6 +253,12 @@ module SkullIsland
|
|
185
253
|
value.is_a?(Integer) && value.positive? && (1...65_535).cover?(value)
|
186
254
|
end
|
187
255
|
|
256
|
+
# Used to validate {#retries} on set
|
257
|
+
def validate_retries(value)
|
258
|
+
# only positive Integers of the right value are allowed
|
259
|
+
value.is_a?(Integer) && value.positive? && (1...65_535).cover?(value)
|
260
|
+
end
|
261
|
+
|
188
262
|
# Used to validate {#connect_timeout} on set
|
189
263
|
def validate_connect_timeout(value)
|
190
264
|
# only positive Integers are allowed
|
@@ -18,7 +18,7 @@ module SkullIsland
|
|
18
18
|
property :hash_fallback_header, validate: true
|
19
19
|
property :hash_on_cookie, validate: true
|
20
20
|
property :hash_on_cookie_path, validate: true
|
21
|
-
property :healthchecks, validate: true
|
21
|
+
property :healthchecks, validate: true, postprocess: true
|
22
22
|
property :host_header, validate: true
|
23
23
|
property :created_at, read_only: true, postprocess: true
|
24
24
|
property :tags, validate: true, preprocess: true, postprocess: true
|
@@ -65,6 +65,8 @@ module SkullIsland
|
|
65
65
|
end
|
66
66
|
|
67
67
|
cleanup_except(project, known_ids) if project
|
68
|
+
|
69
|
+
known_ids
|
68
70
|
end
|
69
71
|
# rubocop:enable Metrics/CyclomaticComplexity
|
70
72
|
# rubocop:enable Metrics/PerceivedComplexity
|
@@ -160,6 +162,11 @@ module SkullIsland
|
|
160
162
|
|
161
163
|
private
|
162
164
|
|
165
|
+
# Prunes empty values from the healthchecks Hash
|
166
|
+
def postprocess_healthchecks(value)
|
167
|
+
value.is_a?(Hash) ? value.prune : value
|
168
|
+
end
|
169
|
+
|
163
170
|
# Validates the upstream balancing {#algorithm}
|
164
171
|
def validate_algorithm(value)
|
165
172
|
%w[round-robin consistent-hashing least-connections].include?(value)
|
@@ -38,6 +38,8 @@ module SkullIsland
|
|
38
38
|
end
|
39
39
|
|
40
40
|
cleanup_except(project, known_ids) if project
|
41
|
+
|
42
|
+
known_ids
|
41
43
|
end
|
42
44
|
# rubocop:enable Metrics/CyclomaticComplexity
|
43
45
|
# rubocop:enable Metrics/PerceivedComplexity
|
@@ -49,7 +51,7 @@ module SkullIsland
|
|
49
51
|
end
|
50
52
|
|
51
53
|
def self.get(id, options = {})
|
52
|
-
if options[:upstream]
|
54
|
+
if options[:upstream].is_a?(Upstream)
|
53
55
|
options[:upstream].target(id)
|
54
56
|
elsif options[:upstream]
|
55
57
|
upstream_opts = options.merge(lazy: true)
|
@@ -106,9 +108,10 @@ module SkullIsland
|
|
106
108
|
end
|
107
109
|
|
108
110
|
def preprocess_upstream(input)
|
109
|
-
|
111
|
+
case input
|
112
|
+
when Hash
|
110
113
|
input
|
111
|
-
|
114
|
+
when String
|
112
115
|
{ 'id' => input }
|
113
116
|
else
|
114
117
|
{ 'id' => input.id }
|
@@ -34,7 +34,7 @@ module SkullIsland
|
|
34
34
|
valid = name.is_a? String
|
35
35
|
begin
|
36
36
|
u = URI.parse(name)
|
37
|
-
valid = false unless u.
|
37
|
+
valid = false unless u.is_a?(URI::HTTP) || u.is_a?(URI::HTTPS)
|
38
38
|
rescue URI::InvalidURIError
|
39
39
|
valid = false
|
40
40
|
end
|
@@ -24,7 +24,7 @@ module SkullIsland
|
|
24
24
|
def validate_tags(value)
|
25
25
|
# allow only valid hostnames
|
26
26
|
value.each do |tag|
|
27
|
-
return false unless tag.is_a?(String) && tag.match?(/^[\w_
|
27
|
+
return false unless tag.is_a?(String) && tag.match?(/^[\w_\-.~]+$/)
|
28
28
|
end
|
29
29
|
true
|
30
30
|
end
|
data/lib/skull_island/version.rb
CHANGED
data/skull_island.gemspec
CHANGED
@@ -36,7 +36,7 @@ Gem::Specification.new do |spec|
|
|
36
36
|
|
37
37
|
spec.add_development_dependency 'bundler', '~> 2.0'
|
38
38
|
spec.add_development_dependency 'coveralls', '~> 0.7'
|
39
|
-
spec.add_development_dependency 'rake', '~>
|
39
|
+
spec.add_development_dependency 'rake', '~> 13.0'
|
40
40
|
spec.add_development_dependency 'rspec', '~> 3.0'
|
41
41
|
spec.add_development_dependency 'rubocop', '~> 0.50'
|
42
42
|
spec.add_development_dependency 'simplecov', '~> 0.17'
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: skull_island
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.
|
4
|
+
version: 2.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Jonathan Gnagy
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-12-19 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: deepsort
|
@@ -142,14 +142,14 @@ dependencies:
|
|
142
142
|
requirements:
|
143
143
|
- - "~>"
|
144
144
|
- !ruby/object:Gem::Version
|
145
|
-
version: '
|
145
|
+
version: '13.0'
|
146
146
|
type: :development
|
147
147
|
prerelease: false
|
148
148
|
version_requirements: !ruby/object:Gem::Requirement
|
149
149
|
requirements:
|
150
150
|
- - "~>"
|
151
151
|
- !ruby/object:Gem::Version
|
152
|
-
version: '
|
152
|
+
version: '13.0'
|
153
153
|
- !ruby/object:Gem::Dependency
|
154
154
|
name: rspec
|
155
155
|
requirement: !ruby/object:Gem::Requirement
|
@@ -241,6 +241,7 @@ files:
|
|
241
241
|
- bin/console
|
242
242
|
- bin/setup
|
243
243
|
- exe/skull_island
|
244
|
+
- lib/core_extensions/hash/pruning.rb
|
244
245
|
- lib/core_extensions/string/transformations.rb
|
245
246
|
- lib/skull_island.rb
|
246
247
|
- lib/skull_island/api_client.rb
|
@@ -305,8 +306,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
305
306
|
- !ruby/object:Gem::Version
|
306
307
|
version: '0'
|
307
308
|
requirements: []
|
308
|
-
|
309
|
-
rubygems_version: 2.7.7
|
309
|
+
rubygems_version: 3.0.8
|
310
310
|
signing_key:
|
311
311
|
specification_version: 4
|
312
312
|
summary: Ruby SDK for Kong
|