smart_proxy_container_gateway 1.0.8 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/smart_proxy_container_gateway/container_gateway.rb +2 -1
- data/lib/smart_proxy_container_gateway/container_gateway_api.rb +32 -6
- data/lib/smart_proxy_container_gateway/container_gateway_main.rb +2 -1
- data/lib/smart_proxy_container_gateway/version.rb +1 -1
- data/settings.d/container_gateway.yml.example +2 -0
- metadata +17 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3097422461fc20a387c9a5e31056e18655a6682549b5092266aa22df9e0a3b9d
|
4
|
+
data.tar.gz: be74c6e1bb3afa76b20353c695bcc92288c7e9a55e8e1c751151b000d135e10e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b2f693ef460c40d1ec59bd546e26745070eed87a0c95736971283b8199d1376940381ce90c48b998b585a50699c2e25053b01d261220fbdd4a22e16e2f9dd2fe
|
7
|
+
data.tar.gz: 9bf944ba3f5e48148e38a07366c18c62b716b5d59a5582c2b8f78307ea15a770bdc9e939b55a6abe9950c1d985cb59db7068bab73f8fce07c6ae9a18f06ee761
|
@@ -7,7 +7,8 @@ module Proxy
|
|
7
7
|
|
8
8
|
default_settings :pulp_endpoint => "https://#{`hostname`.strip}",
|
9
9
|
:katello_registry_path => '/v2/',
|
10
|
-
:sqlite_db_path => '/var/lib/foreman-proxy/smart_proxy_container_gateway.db'
|
10
|
+
:sqlite_db_path => '/var/lib/foreman-proxy/smart_proxy_container_gateway.db',
|
11
|
+
:sqlite_timeout => 30_000
|
11
12
|
|
12
13
|
# Load defaults that copy values from SETTINGS. This is done as
|
13
14
|
# programmable settings since SETTINGS isn't initialized during plugin
|
@@ -1,3 +1,7 @@
|
|
1
|
+
require 'active_support'
|
2
|
+
require 'active_support/core_ext/integer'
|
3
|
+
require 'active_support/core_ext/string'
|
4
|
+
require 'active_support/time_with_zone'
|
1
5
|
require 'sinatra'
|
2
6
|
require 'smart_proxy_container_gateway/container_gateway'
|
3
7
|
require 'smart_proxy_container_gateway/container_gateway_main'
|
@@ -100,18 +104,38 @@ module Proxy
|
|
100
104
|
response.headers['Docker-Distribution-API-Version'] = 'registry/2.0'
|
101
105
|
|
102
106
|
unless auth_header.present? && auth_header.basic_auth?
|
103
|
-
|
104
|
-
|
105
|
-
expires_at: (Time.now + one_year).iso8601 }.to_json
|
107
|
+
return { token: AuthorizationHeader::UNAUTHORIZED_TOKEN, issued_at: Time.now.rfc3339,
|
108
|
+
expires_in: 1.year.seconds.to_i }.to_json
|
106
109
|
end
|
107
110
|
|
108
111
|
token_response = ForemanApi.new.fetch_token(auth_header.raw_header, request.params)
|
109
112
|
if token_response.code.to_i != 200
|
110
113
|
halt token_response.code.to_i, token_response.body
|
111
114
|
else
|
115
|
+
# This returned token should follow OAuth2 spec. We need some minor conversion
|
116
|
+
# to store the token with the expires_at time (using rfc3339).
|
112
117
|
token_response_body = JSON.parse(token_response.body)
|
113
|
-
|
114
|
-
|
118
|
+
|
119
|
+
if token_response_body['token'].nil?
|
120
|
+
halt 502, "Recieved malformed token response"
|
121
|
+
end
|
122
|
+
|
123
|
+
# "issued_at" is an optional field. Per OAuth2 we assume time of token response as
|
124
|
+
# the issue time if the field is ommitted.
|
125
|
+
token_issue_time = (token_response_body["issued_at"] || token_response["Date"])&.to_time
|
126
|
+
if token_issue_time.nil?
|
127
|
+
halt 502, "Recieved malformed token response"
|
128
|
+
end
|
129
|
+
|
130
|
+
# 'expires_in' is an optional field. If not provided, assume 60 seconds per OAuth2 spec
|
131
|
+
expires_in = token_response_body.fetch("expires_in", 60)
|
132
|
+
expires_at = token_issue_time + expires_in.seconds
|
133
|
+
|
134
|
+
ContainerGateway.insert_token(
|
135
|
+
request.params['account'],
|
136
|
+
token_response_body['token'],
|
137
|
+
expires_at.rfc3339
|
138
|
+
)
|
115
139
|
|
116
140
|
repo_response = ForemanApi.new.fetch_user_repositories(auth_header.raw_header, request.params)
|
117
141
|
if repo_response.code.to_i != 200
|
@@ -120,7 +144,9 @@ module Proxy
|
|
120
144
|
ContainerGateway.update_user_repositories(request.params['account'],
|
121
145
|
JSON.parse(repo_response.body)['repositories'])
|
122
146
|
end
|
123
|
-
|
147
|
+
|
148
|
+
# Return the original token response from Katello
|
149
|
+
return token_response.body
|
124
150
|
end
|
125
151
|
end
|
126
152
|
|
@@ -174,7 +174,8 @@ module Proxy
|
|
174
174
|
|
175
175
|
def initialize_db
|
176
176
|
file_path = Proxy::ContainerGateway::Plugin.settings.sqlite_db_path
|
177
|
-
|
177
|
+
sqlite_timeout = Proxy::ContainerGateway::Plugin.settings.sqlite_timeout
|
178
|
+
conn = Sequel.connect("sqlite://#{file_path}", timeout: sqlite_timeout)
|
178
179
|
container_gateway_path = $LOAD_PATH.detect { |path| path.include? 'smart_proxy_container_gateway' }
|
179
180
|
begin
|
180
181
|
Sequel::Migrator.check_current(conn, "#{container_gateway_path}/smart_proxy_container_gateway/sequel_migrations")
|
@@ -6,3 +6,5 @@
|
|
6
6
|
:pulp_client_ssl_key: 'RSA private key for the Pulp certificate'
|
7
7
|
:katello_registry_path: 'Katello container registry suffix, e.g., /v2/'
|
8
8
|
:sqlite_db_path: '/var/lib/foreman-proxy/smart_proxy_container_gateway.db'
|
9
|
+
# Database busy timeout in milliseconds
|
10
|
+
:sqlite_timeout: 30000
|
metadata
CHANGED
@@ -1,15 +1,29 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: smart_proxy_container_gateway
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0
|
4
|
+
version: 1.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Ian Ballou
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-
|
11
|
+
date: 2023-11-06 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: activesupport
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ">="
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
13
27
|
- !ruby/object:Gem::Dependency
|
14
28
|
name: sequel
|
15
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -72,7 +86,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
72
86
|
requirements:
|
73
87
|
- - "~>"
|
74
88
|
- !ruby/object:Gem::Version
|
75
|
-
version: '2.
|
89
|
+
version: '2.7'
|
76
90
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
77
91
|
requirements:
|
78
92
|
- - ">="
|