smart_proxy_container_gateway 1.0.8 → 1.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/lib/smart_proxy_container_gateway/container_gateway.rb +2 -1
  3. data/lib/smart_proxy_container_gateway/container_gateway_api.rb +32 -6
  4. data/lib/smart_proxy_container_gateway/container_gateway_main.rb +2 -1
  5. data/lib/smart_proxy_container_gateway/version.rb +1 -1
  6. data/settings.d/container_gateway.yml.example +2 -0
  7. metadata +17 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 95ed3584f3ef8379b2abbaef70031e5add4d0f0a364acbc8d938284329c45aff
4
- data.tar.gz: bd7eb01e1ad8d4cb58ffd0c9a356cef25d5004db93c66f14f58bc8fb0051cb90
3
+ metadata.gz: 3097422461fc20a387c9a5e31056e18655a6682549b5092266aa22df9e0a3b9d
4
+ data.tar.gz: be74c6e1bb3afa76b20353c695bcc92288c7e9a55e8e1c751151b000d135e10e
5
5
  SHA512:
6
- metadata.gz: 512516a03a9eaaa34f39dc9e8fdf0260efbcbbc2077971c4f0dfc8872e32310bcf14bf180d73be481c6ebcb6ad94fba753f6cc4d206e528c27a463bbb28c8899
7
- data.tar.gz: 774fa2b2bc4ea74808a0d50668675f88a3d962b343ffd056c4f66fb597bdbb124e019e5bff7e26d52f12f2015eaa170683aebc0b30cb4f6647e6f3156cc21611
6
+ metadata.gz: b2f693ef460c40d1ec59bd546e26745070eed87a0c95736971283b8199d1376940381ce90c48b998b585a50699c2e25053b01d261220fbdd4a22e16e2f9dd2fe
7
+ data.tar.gz: 9bf944ba3f5e48148e38a07366c18c62b716b5d59a5582c2b8f78307ea15a770bdc9e939b55a6abe9950c1d985cb59db7068bab73f8fce07c6ae9a18f06ee761
data/lib/smart_proxy_container_gateway/container_gateway.rb CHANGED
@@ -7,7 +7,8 @@ module Proxy
7
7
 
8
8
  default_settings :pulp_endpoint => "https://#{`hostname`.strip}",
9
9
  :katello_registry_path => '/v2/',
10
- :sqlite_db_path => '/var/lib/foreman-proxy/smart_proxy_container_gateway.db'
10
+ :sqlite_db_path => '/var/lib/foreman-proxy/smart_proxy_container_gateway.db',
11
+ :sqlite_timeout => 30_000
11
12
 
12
13
  # Load defaults that copy values from SETTINGS. This is done as
13
14
  # programmable settings since SETTINGS isn't initialized during plugin
data/lib/smart_proxy_container_gateway/container_gateway_api.rb CHANGED
@@ -1,3 +1,7 @@
1
+ require 'active_support'
2
+ require 'active_support/core_ext/integer'
3
+ require 'active_support/core_ext/string'
4
+ require 'active_support/time_with_zone'
1
5
  require 'sinatra'
2
6
  require 'smart_proxy_container_gateway/container_gateway'
3
7
  require 'smart_proxy_container_gateway/container_gateway_main'
@@ -100,18 +104,38 @@ module Proxy
100
104
  response.headers['Docker-Distribution-API-Version'] = 'registry/2.0'
101
105
 
102
106
  unless auth_header.present? && auth_header.basic_auth?
103
- one_year = (60 * 60 * 24 * 365)
104
- return { token: AuthorizationHeader::UNAUTHORIZED_TOKEN, issued_at: Time.now.iso8601,
105
- expires_at: (Time.now + one_year).iso8601 }.to_json
107
+ return { token: AuthorizationHeader::UNAUTHORIZED_TOKEN, issued_at: Time.now.rfc3339,
108
+ expires_in: 1.year.seconds.to_i }.to_json
106
109
  end
107
110
 
108
111
  token_response = ForemanApi.new.fetch_token(auth_header.raw_header, request.params)
109
112
  if token_response.code.to_i != 200
110
113
  halt token_response.code.to_i, token_response.body
111
114
  else
115
+ # This returned token should follow OAuth2 spec. We need some minor conversion
116
+ # to store the token with the expires_at time (using rfc3339).
112
117
  token_response_body = JSON.parse(token_response.body)
113
- ContainerGateway.insert_token(request.params['account'], token_response_body['token'],
114
- token_response_body['expires_at'])
118
+
119
+ if token_response_body['token'].nil?
120
+ halt 502, "Recieved malformed token response"
121
+ end
122
+
123
+ # "issued_at" is an optional field. Per OAuth2 we assume time of token response as
124
+ # the issue time if the field is ommitted.
125
+ token_issue_time = (token_response_body["issued_at"] || token_response["Date"])&.to_time
126
+ if token_issue_time.nil?
127
+ halt 502, "Recieved malformed token response"
128
+ end
129
+
130
+ # 'expires_in' is an optional field. If not provided, assume 60 seconds per OAuth2 spec
131
+ expires_in = token_response_body.fetch("expires_in", 60)
132
+ expires_at = token_issue_time + expires_in.seconds
133
+
134
+ ContainerGateway.insert_token(
135
+ request.params['account'],
136
+ token_response_body['token'],
137
+ expires_at.rfc3339
138
+ )
115
139
 
116
140
  repo_response = ForemanApi.new.fetch_user_repositories(auth_header.raw_header, request.params)
117
141
  if repo_response.code.to_i != 200
@@ -120,7 +144,9 @@ module Proxy
120
144
  ContainerGateway.update_user_repositories(request.params['account'],
121
145
  JSON.parse(repo_response.body)['repositories'])
122
146
  end
123
- return token_response_body.to_json
147
+
148
+ # Return the original token response from Katello
149
+ return token_response.body
124
150
  end
125
151
  end
126
152
 
data/lib/smart_proxy_container_gateway/container_gateway_main.rb CHANGED
@@ -174,7 +174,8 @@ module Proxy
174
174
 
175
175
  def initialize_db
176
176
  file_path = Proxy::ContainerGateway::Plugin.settings.sqlite_db_path
177
- conn = Sequel.connect("sqlite://#{file_path}")
177
+ sqlite_timeout = Proxy::ContainerGateway::Plugin.settings.sqlite_timeout
178
+ conn = Sequel.connect("sqlite://#{file_path}", timeout: sqlite_timeout)
178
179
  container_gateway_path = $LOAD_PATH.detect { |path| path.include? 'smart_proxy_container_gateway' }
179
180
  begin
180
181
  Sequel::Migrator.check_current(conn, "#{container_gateway_path}/smart_proxy_container_gateway/sequel_migrations")
data/lib/smart_proxy_container_gateway/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Proxy
2
2
  module ContainerGateway
3
- VERSION = '1.0.8'.freeze
3
+ VERSION = '1.1.0'.freeze
4
4
  end
5
5
  end
data/settings.d/container_gateway.yml.example CHANGED
@@ -6,3 +6,5 @@
6
6
  :pulp_client_ssl_key: 'RSA private key for the Pulp certificate'
7
7
  :katello_registry_path: 'Katello container registry suffix, e.g., /v2/'
8
8
  :sqlite_db_path: '/var/lib/foreman-proxy/smart_proxy_container_gateway.db'
9
+ # Database busy timeout in milliseconds
10
+ :sqlite_timeout: 30000
metadata CHANGED
@@ -1,15 +1,29 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: smart_proxy_container_gateway
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.8
4
+ version: 1.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ian Ballou
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-08-02 00:00:00.000000000 Z
11
+ date: 2023-11-06 00:00:00.000000000 Z
12
12
  dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: activesupport
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
13
27
  - !ruby/object:Gem::Dependency
14
28
  name: sequel
15
29
  requirement: !ruby/object:Gem::Requirement
@@ -72,7 +86,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
72
86
  requirements:
73
87
  - - "~>"
74
88
  - !ruby/object:Gem::Version
75
- version: '2.5'
89
+ version: '2.7'
76
90
  required_rubygems_version: !ruby/object:Gem::Requirement
77
91
  requirements:
78
92
  - - ">="