smart_proxy_dynflow_core 0.2.1 → 0.2.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: '08a1626af21a13a55a6cd092d7aa9f8d65e21db8'
-  data.tar.gz: 8ca74216c0cb587d61b7c0049454b9a1204fa8c0
+SHA256:
+  metadata.gz: 84ea792e8e6d9f6ddcd145428485d5faadf92da27acd184fa42956fa4873e7fd
+  data.tar.gz: 07adc8b3c623462086d0797455afaf822e27212bcdcda345a950df7e49296814
 SHA512:
-  metadata.gz: 72a360aa24771a1bc0fc6d01a6aac0aa92e526c127487b7ff33d0afc80d53b72d1a83f3f585e0fe507ba846a9c50d58840369d464b5e9913b709591c6651154f
-  data.tar.gz: f67485e909fedc9b7651c46cf5a9d16ae521cc6cadb78688a4a38a570b0f6889d336d254030d065fdff6ee126514b760b9677da9f1eb6f317993e567ad70856c
+  metadata.gz: 989f9619b041039a3897de03cac1edc5ce1415a19792b3a5b2e907b174b97472b3a56f19cd5cab9977c26e5d5c83c38636afe8c49186dbd2bfce1c7e3dbfcc84
+  data.tar.gz: 7caa3ee4ddce3560970bd8f7a7b8e2b99dd96f1fae456e78475673ec98478e0c608e5feb29442b7046e4eed07e61f0d9a009dade6646e534f6ef6f033192f572

data/Gemfile

@@ -7,16 +7,15 @@ group :development do
 end
 
 group :test do
-  gem 'smart_proxy_dynflow', :path => '.'
   gem 'smart_proxy', :git => "https://github.com/theforeman/smart-proxy", :branch => "develop"
+  gem 'smart_proxy_dynflow', :path => '.'
 
   if RUBY_VERSION < '2.1'
     gem 'public_suffix', '< 3'
-    gem 'rubocop', '< 0.51.0'
     gem 'rainbow', '< 3'
   else
-    gem 'rubocop', '~> 0.52.1'
     gem 'public_suffix'
+    gem 'rubocop', '~> 0.52.1'
   end
 
   if RUBY_VERSION < '2.2'
@@ -27,11 +26,11 @@ group :test do
 end
 
 if RUBY_VERSION < '2.2'
-  gem 'sinatra', '< 2'
   gem 'rack', '>= 1.1', '< 2.0.0'
+  gem 'sinatra', '< 2'
 else
-  gem 'sinatra'
   gem 'rack', '>= 1.1'
+  gem 'sinatra'
 end
 
 # load bundler.d

data/deploy/smart_proxy_dynflow_core.service

@@ -4,10 +4,9 @@ Documentation=https://github.com/theforeman/smart_proxy_dynflow
 After=network.target remote-fs.target nss-lookup.target
 
 [Service]
-Type=forking
+Type=notify
 User=foreman-proxy
-PIDFile=/var/run/foreman-proxy/smart_proxy_dynflow_core.pid
-ExecStart=/usr/bin/smart_proxy_dynflow_core -d -p /var/run/foreman-proxy/smart_proxy_dynflow_core.pid
+ExecStart=/usr/bin/smart_proxy_dynflow_core --no-daemonize
 EnvironmentFile=-/etc/sysconfig/smart_proxy_dynflow_core
 
 [Install]

data/lib/smart_proxy_dynflow_core.rb

@@ -1,4 +1,7 @@
+raise LoadError, 'Ruby >= 2.1 is required' unless RUBY_VERSION >= '2.1'
+
 require 'dynflow'
+require 'smart_proxy_dynflow_core/task_launcher_registry'
 require 'foreman_tasks_core'
 require 'smart_proxy_dynflow_core/log'
 require 'smart_proxy_dynflow_core/settings'
@@ -7,7 +10,9 @@ require 'smart_proxy_dynflow_core/helpers'
 require 'smart_proxy_dynflow_core/callback'
 require 'smart_proxy_dynflow_core/api'
 
-SmartProxyDynflowCore::Core.after_initialize do |dynflow_core|
-  ForemanTasksCore.dynflow_setup(dynflow_core.world)
+module SmartProxyDynflowCore
+  Core.after_initialize do |dynflow_core|
+    ForemanTasksCore.dynflow_setup(dynflow_core.world)
+  end
+  Core.register_silencer_matchers ForemanTasksCore.silent_dead_letter_matchers
 end
-SmartProxyDynflowCore::Core.register_silencer_matchers ForemanTasksCore.silent_dead_letter_matchers

data/lib/smart_proxy_dynflow_core/api.rb

@@ -3,11 +3,17 @@ require 'multi_json'
 
 module SmartProxyDynflowCore
   class Api < ::Sinatra::Base
+    TASK_UPDATE_REGEXP_PATH = %r{/tasks/(\S+)/(update|done)}
     helpers Helpers
 
     before do
-      logger = Log.instance
-      authorize_with_token || authorize_with_ssl_client
+      if match = request.path_info.match(TASK_UPDATE_REGEXP_PATH)
+        task_id = match[1]
+        action = match[2]
+        authorize_with_token(task_id: task_id, clear: action == 'done')
+      else
+        authorize_with_ssl_client
+      end
       content_type :json
     end
 
@@ -21,6 +27,13 @@ module SmartProxyDynflowCore
       MultiJson.dump(result)
     end
 
+    post "/tasks/launch/?" do
+      params = MultiJson.load(request.body.read)
+      launcher = launcher_class(params).new(world, callback_host(params, request), params.fetch('options', {}))
+      launcher.launch!(params['input'])
+      launcher.results.to_json
+    end
+
     post "/tasks/?" do
       params = MultiJson.load(request.body.read)
       trigger_task(::Dynflow::Utils.constantize(params['action_name']),
@@ -39,15 +52,30 @@ module SmartProxyDynflowCore
       tasks_count(params['state']).to_json
     end
 
-    post "/tasks/:task_id/done" do |task_id|
+    # capturing post "/tasks/:task_id/(update|done)"
+    post TASK_UPDATE_REGEXP_PATH do |task_id, _action|
       data = MultiJson.load(request.body.read)
-      complete_task(task_id, data)
+      dispatch_external_event(task_id, data)
+    end
+
+    get "/tasks/operations" do
+      TaskLauncherRegistry.operations.to_json
     end
 
     private
 
     def callback_host(params, request)
-      params.fetch('action_input', {})['proxy_url'] || request.env.values_at('HTTP_X_FORWARDED_FOR', 'HTTP_HOST').compact.first
+      params.fetch('action_input', {})['proxy_url'] ||
+        request.env.values_at('HTTP_X_FORWARDED_FOR', 'HTTP_HOST').compact.first
+    end
+
+    def launcher_class(params)
+      operation = params.fetch('operation')
+      if TaskLauncherRegistry.key?(operation)
+        TaskLauncherRegistry.fetch(operation)
+      else
+        halt 404, MultiJson.dump(:error => "Unknown operation '#{operation}' requested.")
+      end
     end
   end
 end

data/lib/smart_proxy_dynflow_core/bundler_helper.rb

@@ -1,5 +1,6 @@
 module SmartProxyDynflowCore
   class BundlerHelper
+    # rubocop:disable Metrics/PerceivedComplexity
     def self.require_groups(*groups)
       if File.exist?(File.expand_path('../../../Gemfile.in', __FILE__))
         # If there is a Gemfile.in file, we will not use Bundler but BundlerExt
@@ -25,5 +26,6 @@ module SmartProxyDynflowCore
         Bundler.require(*groups)
       end
     end
+    # rubocop:enable Metrics/PerceivedComplexity
   end
 end

data/lib/smart_proxy_dynflow_core/callback.rb

@@ -1,23 +1,52 @@
 require 'rest-client'
 
+# rubocop:disable Lint/HandleExceptions
 begin
   require 'smart_proxy_dynflow/callback'
 rescue LoadError
 end
+# rubocop:enable Lint/HandleExceptions
 
 module SmartProxyDynflowCore
   module Callback
-    class Action < Dynflow::Action
-      def plan(callback, data)
-        plan_self(:callback => callback, :data => data)
-      end
+    class Request
+      class << self
+        def send_to_foreman_tasks(callback_info, data)
+          self.new.callback(prepare_payload(callback_info, data))
+        end
 
-      def run
-        Request.send_to_foreman_tasks(input[:callback], input[:data])
+        # rubocop:disable Metrics/PerceivedComplexity
+        def ssl_options
+          return @ssl_options if defined? @ssl_options
+          @ssl_options = {}
+          settings = Settings.instance
+          return @ssl_options unless URI.parse(settings.foreman_url).scheme == 'https'
+
+          @ssl_options[:verify_ssl] = OpenSSL::SSL::VERIFY_PEER
+
+          private_key_file = settings.foreman_ssl_key || settings.ssl_private_key
+          if private_key_file
+            private_key = File.read(private_key_file)
+            @ssl_options[:ssl_client_key] = OpenSSL::PKey::RSA.new(private_key)
+          end
+          certificate_file = settings.foreman_ssl_cert || settings.ssl_certificate
+          if certificate_file
+            certificate = File.read(certificate_file)
+            @ssl_options[:ssl_client_cert] = OpenSSL::X509::Certificate.new(certificate)
+          end
+          ca_file = settings.foreman_ssl_ca || settings.ssl_ca_file
+          @ssl_options[:ssl_ca_file] = ca_file if ca_file
+          @ssl_options
+        end
+        # rubocop:enable Metrics/PerceivedComplexity
+
+        private
+
+        def prepare_payload(callback, data)
+          { :callback => callback, :data => data }.to_json
+        end
       end
-    end
 
-    class Request
       def callback(payload)
         response = callback_resource.post(payload, :content_type => :json)
         if response.code.to_s != "200"
@@ -26,43 +55,12 @@ module SmartProxyDynflowCore
         response
       end
 
-      def self.send_to_foreman_tasks(callback_info, data)
-        self.new.callback(self.prepare_payload(callback_info, data))
-      end
-
       private
 
-      def self.prepare_payload(callback, data)
-        { :callback => callback, :data => data }.to_json
-      end
-
       def callback_resource
         @resource ||= RestClient::Resource.new(Settings.instance.foreman_url + '/foreman_tasks/api/tasks/callback',
                                                self.class.ssl_options)
       end
-
-      def self.ssl_options
-        return @ssl_options if defined? @ssl_options
-        @ssl_options = {}
-        settings = Settings.instance
-        return @ssl_options unless URI.parse(settings.foreman_url).scheme == 'https'
-
-        @ssl_options[:verify_ssl] = OpenSSL::SSL::VERIFY_PEER
-
-        private_key_file = settings.foreman_ssl_key || settings.ssl_private_key
-        if private_key_file
-          private_key = File.read(private_key_file)
-          @ssl_options[:ssl_client_key] = OpenSSL::PKey::RSA.new(private_key)
-        end
-        certificate_file = settings.foreman_ssl_cert || settings.ssl_certificate
-        if certificate_file
-          certificate = File.read(certificate_file)
-          @ssl_options[:ssl_client_cert] = OpenSSL::X509::Certificate.new(certificate)
-        end
-        ca_file = settings.foreman_ssl_ca || settings.ssl_ca_file
-        @ssl_options[:ssl_ca_file] = ca_file if ca_file
-        @ssl_options
-      end
     end
 
     class Action < ::Dynflow::Action

data/lib/smart_proxy_dynflow_core/core.rb

@@ -1,6 +1,5 @@
 module SmartProxyDynflowCore
   class Core
-
     attr_accessor :world, :accepted_cert_serial
 
     def initialize
@@ -25,7 +24,8 @@ module SmartProxyDynflowCore
 
       db_file = Settings.instance.database
       if db_file.nil? || db_file.empty?
-        Log.instance.warn "Could not open DB for dynflow at '#{db_file}', will keep data in memory. Restart will drop all dynflow data."
+        Log.instance.warn "Could not open DB for dynflow at '#{db_file}', " \
+                          "will keep data in memory. Restart will drop all dynflow data."
       else
         db_conn_string += "/#{db_file}"
       end
@@ -44,7 +44,7 @@ module SmartProxyDynflowCore
         config.persistence_adapter = persistence_adapter
         config.execution_plan_cleaner = execution_plan_cleaner
         # TODO: There has to be a better way
-        matchers = config.silent_dead_letter_matchers.call().concat(self.class.silencer_matchers)
+        matchers = config.silent_dead_letter_matchers.call.concat(self.class.silencer_matchers)
         config.silent_dead_letter_matchers = matchers
         yield config if block_given?
       end

data/lib/smart_proxy_dynflow_core/helpers.rb

@@ -4,13 +4,14 @@ module SmartProxyDynflowCore
       SmartProxyDynflowCore::Core.world
     end
 
-    def authorize_with_token
+    def authorize_with_token(task_id:, clear: true)
       if request.env.key? 'HTTP_AUTHORIZATION'
         if defined?(::ForemanTasksCore)
           auth = request.env['HTTP_AUTHORIZATION']
           basic_prefix = /\ABasic /
           if !auth.to_s.empty? && auth =~ basic_prefix &&
-              ForemanTasksCore::OtpManager.authenticate(auth.gsub(basic_prefix, ''))
+             ForemanTasksCore::OtpManager.authenticate(auth.gsub(basic_prefix, ''),
+                                                       expected_user: task_id, clear: clear)
             Log.instance.debug('authorized with token')
             return true
           end
@@ -21,7 +22,7 @@ module SmartProxyDynflowCore
     end
 
     def authorize_with_ssl_client
-      if %w(yes on 1).include? request.env['HTTPS'].to_s
+      if %w[yes on 1].include? request.env['HTTPS'].to_s
         if request.env['SSL_CLIENT_CERT'].to_s.empty?
           Log.instance.error "No client SSL certificate supplied"
           halt 403, MultiJson.dump(:error => "No client SSL certificate supplied")
@@ -63,7 +64,7 @@ module SmartProxyDynflowCore
       { :count => tasks.count, :state => state }
     end
 
-    def complete_task(task_id, params)
+    def dispatch_external_event(task_id, params)
       world.event(task_id,
                   params['step_id'].to_i,
                   ::ForemanTasksCore::Runner::ExternalEvent.new(params))

data/lib/smart_proxy_dynflow_core/launcher.rb

@@ -1,9 +1,13 @@
 require 'webrick/https'
 require 'smart_proxy_dynflow_core/bundler_helper'
 require 'smart_proxy_dynflow_core/settings'
-require 'smart_proxy_dynflow_core/webrick-patch'
+require 'smart_proxy_dynflow_core/sd_notify'
+
 module SmartProxyDynflowCore
   class Launcher
+    CIPHERS = ['ECDHE-RSA-AES128-GCM-SHA256', 'ECDHE-RSA-AES256-GCM-SHA384',
+               'AES128-GCM-SHA256', 'AES256-GCM-SHA384', 'AES128-SHA256',
+               'AES256-SHA256', 'AES128-SHA', 'AES256-SHA'].freeze
 
     def self.launch!(options)
       self.new.start options
@@ -15,6 +19,7 @@ module SmartProxyDynflowCore
       install_usr1_trap
       Rack::Server.new(rack_settings).start do |_server|
         SmartProxyDynflowCore::Core.ensure_initialized
+        SmartProxyDynflowCore::SdNotify.new.tap { |sd| sd.ready if sd.active? }
       end
     end
 
@@ -79,11 +84,12 @@ module SmartProxyDynflowCore
         :AccessLog => [[Log.instance, WEBrick::AccessLog::COMMON_LOG_FORMAT]],
         :Logger => Log.instance,
         :daemonize => Settings.instance.daemonize,
-        :pid => Settings.instance.pid_file,
+        :pid => Settings.instance.daemonize && Settings.instance.pid_file,
         :server => :webrick
       }
     end
 
+    # rubocop:disable Metrics/PerceivedComplexity
     def https_app
       ssl_options  = OpenSSL::SSL::SSLContext::DEFAULT_PARAMS[:options]
       ssl_options |= OpenSSL::SSL::OP_CIPHER_SERVER_PREFERENCE if defined?(OpenSSL::SSL::OP_CIPHER_SERVER_PREFERENCE)
@@ -91,10 +97,11 @@ module SmartProxyDynflowCore
       ssl_options |= OpenSSL::SSL::OP_NO_SSLv2 if defined?(OpenSSL::SSL::OP_NO_SSLv2)
       ssl_options |= OpenSSL::SSL::OP_NO_SSLv3 if defined?(OpenSSL::SSL::OP_NO_SSLv3)
       ssl_options |= OpenSSL::SSL::OP_NO_TLSv1 if defined?(OpenSSL::SSL::OP_NO_TLSv1)
+      ssl_options |= OpenSSL::SSL::OP_NO_TLSv1_1 if defined?(OpenSSL::SSL::OP_NO_TLSv1_1)
 
       if Settings.instance.tls_disabled_versions
         Settings.instance.tls_disabled_versions.each do |version|
-          constant = OpenSSL::SSL.const_get("OP_NO_TLSv#{version.to_s.gsub(/\./, '_')}") rescue nil
+          constant = OpenSSL::SSL.const_get("OP_NO_TLSv#{version.to_s.tr('.', '_')}") rescue nil
 
           if constant
             Log.instance.info "TLSv#{version} will be disabled."
@@ -111,9 +118,11 @@ module SmartProxyDynflowCore
         :SSLPrivateKey => ssl_private_key,
         :SSLCertificate => ssl_certificate,
         :SSLCACertificateFile => Settings.instance.ssl_ca_file,
+        :SSLCiphers => CIPHERS - SmartProxyDynflowCore::Settings.instance.ssl_disabled_ciphers,
         :SSLOptions => ssl_options
       }
     end
+    # rubocop:enable Metrics/PerceivedComplexity
 
     def https_enabled?
       Settings.instance.use_https
@@ -122,14 +131,16 @@ module SmartProxyDynflowCore
     def ssl_private_key
       OpenSSL::PKey::RSA.new(File.read(Settings.instance.ssl_private_key))
     rescue Exception => e
-      Log.instance.fatal "Unable to load private SSL key. Are the values correct in settings.yml and do permissions allow reading?: #{e}"
+      Log.instance.fatal "Unable to load private SSL key. Are the values "\
+                         "correct in settings.yml and do permissions allow reading?: #{e}"
       raise e
     end
 
     def ssl_certificate
       OpenSSL::X509::Certificate.new(File.read(Settings.instance.ssl_certificate))
     rescue Exception => e
-      Log.instance.fatal "Unable to load SSL certificate. Are the values correct in settings.yml and do permissions allow reading?: #{e}"
+      Log.instance.fatal "Unable to load SSL certificate. Are the values " \
+                         "correct in settings.yml and do permissions allow reading?: #{e}"
       raise e
     end
 
@@ -141,7 +152,7 @@ module SmartProxyDynflowCore
         Dir[File.join(dir, 'settings.d', '*.yml')].each { |path| Settings.load_plugin_settings(path) }
         true
       end
-      ForemanTasksCore::SettingsLoader.settings_registry.keys.each do |settings_keys|
+      ForemanTasksCore::SettingsLoader.settings_registry.each_key do |settings_keys|
         settings = settings_keys.inject({}) do |h, settings_key|
           if SETTINGS.plugins.key?(settings_key.to_s)
             h.merge(SETTINGS.plugins[settings_key.to_s].to_h)

data/lib/smart_proxy_dynflow_core/log.rb

@@ -2,7 +2,6 @@ require 'logger'
 
 module SmartProxyDynflowCore
   class Log < ::Logger
-
     alias_method :write, :debug
 
     class << self
@@ -42,25 +41,45 @@ module SmartProxyDynflowCore
 
     def initialize(file, *rest)
       @file = file
-      @fd = @file.kind_of?(IO) ? @file : File.open(@file, 'a')
+      @fd = @file.is_a?(IO) ? @file : File.open(@file, 'a')
       @fd.sync = true
       super(@fd, rest)
     end
 
     def roll_log
-      unless @file.kind_of? IO
+      unless @file.is_a? IO
         @fd.reopen @file, 'a'
         @fd.sync = true
       end
     end
 
+    class ProxyStructuredFormater < ::Dynflow::LoggerAdapters::Formatters::Abstract
+      def call(_severity, _datetime, _prog_name, message)
+        if message.is_a?(::Exception)
+          subject = "#{message.message} (#{message.class})"
+          if @base.respond_to?(:exception)
+            @base.exception("Error details", message)
+            subject
+          else
+            "#{subject}\n#{message.backtrace.join("\n")}"
+          end
+        else
+          message
+        end
+      end
+
+      def format(message)
+        call(nil, nil, nil, message)
+      end
+    end
+
     class ProxyAdapter < ::Dynflow::LoggerAdapters::Simple
-      def initialize(logger, level = Logger::DEBUG, formatters = [::Dynflow::LoggerAdapters::Formatters::Exception])
+      def initialize(logger, level = Logger::DEBUG, _formatters = [])
         @logger           = logger
         @logger.level     = level
-        @logger.formatter = method(:formatter).to_proc
-        @action_logger    = apply_formatters ProgNameWrapper.new(@logger, ' action'), formatters
-        @dynflow_logger   = apply_formatters ProgNameWrapper.new(@logger, 'dynflow'), formatters
+        @logger.formatter = ProxyStructuredFormater.new(@logger)
+        @action_logger    = apply_formatters(ProgNameWrapper.new(@logger, ' action'), [ProxyStructuredFormater])
+        @dynflow_logger   = apply_formatters(ProgNameWrapper.new(@logger, 'dynflow'), [ProxyStructuredFormater])
       end
     end
   end

data/lib/smart_proxy_dynflow_core/sd_notify.rb

@@ -0,0 +1,33 @@
+# Shamelessly taken from theforeman/smart-proxy @ 99e9e5b
+# kudos to domcleal
+
+require 'socket'
+
+# Implementation of libsystemd's sd_notify API, sends current state via socket
+module SmartProxyDynflowCore
+  class SdNotify
+    def active?
+      !ENV['NOTIFY_SOCKET'].nil?
+    end
+
+    def notify(message)
+      create_socket.tap do |socket|
+        socket.sendmsg(message.chomp + "\n") # ensure trailing \n
+        socket.close
+      end
+    end
+
+    def ready(state = 1)
+      notify("READY=#{state}")
+    end
+
+    private
+
+    def create_socket
+      raise 'Missing NOTIFY_SOCKET environment variable, is this process running under systemd?' unless active?
+      Socket.new(Socket::AF_UNIX, Socket::SOCK_DGRAM, 0).tap do |socket|
+        socket.connect(Socket.pack_sockaddr_un(ENV['NOTIFY_SOCKET']))
+      end
+    end
+  end
+end

data/lib/smart_proxy_dynflow_core/settings.rb

@@ -19,37 +19,36 @@ end
 
 module SmartProxyDynflowCore
   class Settings < OpenStruct
-
     DEFAULT_SETTINGS = {
-        :database => '/var/lib/foreman-proxy/dynflow/dynflow.sqlite',
-        :foreman_url => 'https://127.0.0.1:3000',
-        :console_auth => true,
-        :listen => '127.0.0.1',
-        :port => '8008',
-        :use_https => false,
-        :ssl_ca_file => nil,
-        :ssl_private_key => nil,
-        :ssl_certificate => nil,
-        :ssl_disabled_ciphers => [],
-        :tls_disabled_versions => [],
-        :foreman_ssl_ca => nil,
-        :foreman_ssl_key => nil,
-        :foreman_ssl_cert => nil,
-        :standalone => false,
-        :log_file => '/var/log/foreman-proxy/smart_proxy_dynflow_core.log',
-        :log_level => :ERROR,
-        :plugins => {},
-        :pid_file => '/var/run/foreman-proxy/smart_proxy_dynflow_core.pid',
-        :daemonize => false,
-        :execution_plan_cleaner_age => 60 * 60 * 24,
-        :loaded => false
-    }
+      :database => '/var/lib/foreman-proxy/dynflow/dynflow.sqlite',
+      :foreman_url => 'https://127.0.0.1:3000',
+      :console_auth => true,
+      :listen => '127.0.0.1',
+      :port => '8008',
+      :use_https => false,
+      :ssl_ca_file => nil,
+      :ssl_private_key => nil,
+      :ssl_certificate => nil,
+      :ssl_disabled_ciphers => [],
+      :tls_disabled_versions => [],
+      :foreman_ssl_ca => nil,
+      :foreman_ssl_key => nil,
+      :foreman_ssl_cert => nil,
+      :standalone => false,
+      :log_file => '/var/log/foreman-proxy/smart_proxy_dynflow_core.log',
+      :log_level => :ERROR,
+      :plugins => {},
+      :pid_file => '/var/run/foreman-proxy/smart_proxy_dynflow_core.pid',
+      :daemonize => false,
+      :execution_plan_cleaner_age => 60 * 60 * 24,
+      :loaded => false
+    }.freeze
 
-    PROXY_SETTINGS = [:ssl_ca_file, :ssl_certificate, :ssl_private_key, :foreman_url,
-                      :foreman_ssl_ca, :foreman_ssl_cert, :foreman_ssl_key,
-                      :log_file, :log_level, :ssl_disabled_ciphers]
-    PLUGIN_SETTINGS = [:database, :core_url, :console_auth,
-                       :execution_plan_cleaner_age]
+    PROXY_SETTINGS = %i[ssl_ca_file ssl_certificate ssl_private_key foreman_url
+                        foreman_ssl_ca foreman_ssl_cert foreman_ssl_key
+                        log_file log_level ssl_disabled_ciphers].freeze
+    PLUGIN_SETTINGS = %i[database core_url console_auth
+                         execution_plan_cleaner_age].freeze
 
     def initialize(settings = {})
       super(DEFAULT_SETTINGS.merge(settings))
@@ -60,7 +59,7 @@ module SmartProxyDynflowCore
     end
 
     def self.load_global_settings(path)
-      if File.exists? File.join(path)
+      if File.exist? File.join(path)
         YAML.load_file(path).each do |key, value|
           SETTINGS[key] = value
         end
@@ -87,7 +86,7 @@ module SmartProxyDynflowCore
       PLUGIN_SETTINGS.each do |key|
         SETTINGS[key] = settings[key] if settings.key?(key)
       end
-      SETTINGS.plugins.values.each { |plugin| plugin.load_settings_from_proxy }
+      SETTINGS.plugins.values.each(&:load_settings_from_proxy)
       Settings.loaded!
     end
 

data/lib/smart_proxy_dynflow_core/task_launcher_registry.rb

@@ -0,0 +1,31 @@
+module SmartProxyDynflowCore
+  class TaskLauncherRegistry
+    class << self
+      def register(name, launcher)
+        registry[name] = launcher
+      end
+
+      def fetch(name, default = nil)
+        if default.nil?
+          registry.fetch(name)
+        else
+          registry.fetch(name, default)
+        end
+      end
+
+      def key?(name)
+        registry.key?(name)
+      end
+
+      def operations
+        registry.keys
+      end
+
+      private
+
+      def registry
+        @registry ||= {}
+      end
+    end
+  end
+end

data/lib/smart_proxy_dynflow_core/testing.rb

@@ -17,7 +17,7 @@ module SmartProxyDynflowCore
             config.auto_terminate    = false
             config.logger_adapter    = ::Dynflow::LoggerAdapters::Simple.new $stderr, DYNFLOW_TESTING_LOG_LEVEL
             config.execution_plan_cleaner = nil
-            block.call(config) if block
+            yield(config) if block
           end
         end
       end

data/lib/smart_proxy_dynflow_core/version.rb

@@ -1,3 +1,3 @@
 module SmartProxyDynflowCore
-  VERSION = '0.2.1'
+  VERSION = '0.2.6'.freeze
 end

data/smart_proxy_dynflow_core.gemspec

@@ -1,8 +1,8 @@
-# -*- encoding: utf-8 -*-
 lib = File.expand_path('../lib', __FILE__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'smart_proxy_dynflow_core/version'
 
+# rubocop:disable Metrics/BlockLength
 Gem::Specification.new do |gem|
   gem.name          = "smart_proxy_dynflow_core"
   gem.version       = SmartProxyDynflowCore::VERSION
@@ -22,19 +22,19 @@ Gem::Specification.new do |gem|
   gem.require_paths = ["lib"]
   gem.license = 'GPL-3.0'
 
-  gem.add_development_dependency "bundler", "~> 1.7"
-  gem.add_development_dependency "rake", "~> 10.0"
+  gem.add_development_dependency "bundler", ">= 1.7"
   gem.add_development_dependency('minitest')
   gem.add_development_dependency('mocha', '~> 1')
-  gem.add_development_dependency('webmock', '~> 1')
   gem.add_development_dependency('rack-test', '~> 0')
-  gem.add_development_dependency('rubocop', '~> 0.52.1')
+  gem.add_development_dependency "rake", "~> 10.0"
+  gem.add_development_dependency('webmock', '~> 1')
 
-  gem.add_runtime_dependency('dynflow', "~> 1.0")
-  gem.add_runtime_dependency('foreman-tasks-core', '>= 0.1.7')
-  gem.add_runtime_dependency('sequel')
-  gem.add_runtime_dependency('sqlite3')
-  gem.add_runtime_dependency('sinatra')
+  gem.add_runtime_dependency('dynflow', "~> 1.1")
+  gem.add_runtime_dependency('foreman-tasks-core', '>= 0.3.3')
   gem.add_runtime_dependency('rack')
   gem.add_runtime_dependency('rest-client')
+  gem.add_runtime_dependency('sequel')
+  gem.add_runtime_dependency('sinatra')
+  gem.add_runtime_dependency('sqlite3')
 end
+# rubocop:enable Metrics/BlockLength

metadata

@@ -1,43 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: smart_proxy_dynflow_core
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.2.6
 platform: ruby
 authors:
 - Ivan Nečas
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-09-20 00:00:00.000000000 Z
+date: 2020-06-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.7'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.7'
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '10.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '10.0'
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
@@ -67,77 +53,77 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '1'
 - !ruby/object:Gem::Dependency
-  name: webmock
+  name: rack-test
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rack-test
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '10.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '10.0'
 - !ruby/object:Gem::Dependency
-  name: rubocop
+  name: webmock
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.52.1
+        version: '1'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.52.1
+        version: '1'
 - !ruby/object:Gem::Dependency
   name: dynflow
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '1.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '1.1'
 - !ruby/object:Gem::Dependency
   name: foreman-tasks-core
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.1.7
+        version: 0.3.3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.1.7
+        version: 0.3.3
 - !ruby/object:Gem::Dependency
-  name: sequel
+  name: rack
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -151,7 +137,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: sqlite3
+  name: rest-client
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -165,7 +151,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: sinatra
+  name: sequel
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -179,7 +165,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rack
+  name: sinatra
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -193,7 +179,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rest-client
+  name: sqlite3
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -228,10 +214,11 @@ files:
 - lib/smart_proxy_dynflow_core/helpers.rb
 - lib/smart_proxy_dynflow_core/launcher.rb
 - lib/smart_proxy_dynflow_core/log.rb
+- lib/smart_proxy_dynflow_core/sd_notify.rb
 - lib/smart_proxy_dynflow_core/settings.rb
+- lib/smart_proxy_dynflow_core/task_launcher_registry.rb
 - lib/smart_proxy_dynflow_core/testing.rb
 - lib/smart_proxy_dynflow_core/version.rb
-- lib/smart_proxy_dynflow_core/webrick-patch.rb
 - smart_proxy_dynflow_core.gemspec
 homepage: https://github.com/theforeman/smart_proxy_dynflow
 licenses:
@@ -252,8 +239,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.12
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: Dynflow runtime for Foreman smart proxy

data/lib/smart_proxy_dynflow_core/webrick-patch.rb

@@ -1,37 +0,0 @@
-require 'webrick/https'
-
-CIPHERS = ['ECDHE-RSA-AES128-GCM-SHA256','ECDHE-RSA-AES256-GCM-SHA384',
-           'ECDHE-RSA-AES128-CBC-SHA','ECDHE-RSA-AES256-CBC-SHA',
-           'AES128-GCM-SHA256','AES256-GCM-SHA384','AES128-SHA256',
-           'AES256-SHA256','AES128-SHA','AES256-SHA']
-
-module WEBrick
-  class GenericServer
-    def setup_ssl_context(config) # :nodoc:
-      unless config[:SSLCertificate]
-        cn = config[:SSLCertName]
-        comment = config[:SSLCertComment]
-        cert, key = Utils::create_self_signed_cert(1024, cn, comment)
-        config[:SSLCertificate] = cert
-        config[:SSLPrivateKey] = key
-      end
-      ctx = OpenSSL::SSL::SSLContext.new
-      ctx.set_params
-      ctx.ciphers = (CIPHERS - SmartProxyDynflowCore::Settings.instance.ssl_disabled_ciphers).join(':')
-      ctx.key = config[:SSLPrivateKey]
-      ctx.cert = config[:SSLCertificate]
-      ctx.client_ca = config[:SSLClientCA]
-      ctx.extra_chain_cert = config[:SSLExtraChainCert]
-      ctx.ca_file = config[:SSLCACertificateFile]
-      ctx.ca_path = config[:SSLCACertificatePath]
-      ctx.cert_store = config[:SSLCertificateStore]
-      ctx.tmp_dh_callback = config[:SSLTmpDhCallback]
-      ctx.verify_mode = config[:SSLVerifyClient]
-      ctx.verify_depth = config[:SSLVerifyDepth]
-      ctx.verify_callback = config[:SSLVerifyCallback]
-      ctx.timeout = config[:SSLTimeout]
-      ctx.options |= config[:SSLOptions] unless config[:SSLOptions].nil?
-      ctx
-    end
-  end
-end