smart_proxy_dynflow_core 0.3.0 → 0.4.1

data/lib/smart_proxy_dynflow_core/launcher.rb

@@ -1,166 +0,0 @@
-require 'webrick/https'
-require 'smart_proxy_dynflow_core/bundler_helper'
-require 'smart_proxy_dynflow_core/settings'
-require 'sd_notify'
-
-module SmartProxyDynflowCore
-  class Launcher
-    CIPHERS = ['ECDHE-RSA-AES128-GCM-SHA256', 'ECDHE-RSA-AES256-GCM-SHA384',
-               'AES128-GCM-SHA256', 'AES256-GCM-SHA384', 'AES128-SHA256',
-               'AES256-SHA256', 'AES128-SHA', 'AES256-SHA'].freeze
-
-    def self.launch!(options)
-      self.new.start options
-    end
-
-    def start(options)
-      Settings.instance.standalone = true
-      load_settings!(options)
-      install_usr1_trap
-      Rack::Server.new(rack_settings).start do |_server|
-        SmartProxyDynflowCore::Core.ensure_initialized
-        ::SdNotify.ready
-      end
-      Log.instance.info "Finished shutting down"
-      Logging.shutdown
-    end
-
-    def load_settings!(options = {})
-      config_dir, one_config = options.values_at(:config_dir, :one_config)
-      possible_config_dirs = [
-        '/etc/smart_proxy_dynflow_core',
-        File.expand_path('~/.config/smart_proxy_dynflow_core'),
-        File.join(File.dirname(__FILE__), '..', '..', 'config'),
-      ]
-      possible_config_dirs << config_dir if config_dir
-      BundlerHelper.require_groups(:default)
-      possible_config_dirs.reverse! if one_config
-      possible_config_dirs.select { |config_dir| File.directory? config_dir }.each do |config_dir|
-        break if load_config_dir(config_dir) && one_config
-      end
-      Settings.instance.daemonize = options[:daemonize] if options.key?(:daemonize)
-      Settings.instance.pid_file = options[:pid_file] if options.key?(:pid_file)
-      Settings.loaded!
-    end
-
-    def self.route_mapping(rack_builder)
-      rack_builder.map '/console' do
-        run Core.web_console
-      end
-
-      rack_builder.map '/' do
-        run Api
-      end
-    end
-
-    def install_usr1_trap
-      trap(:USR1) do
-        Log.reopen
-      end
-    end
-
-    private
-
-    def rack_settings
-      settings = if https_enabled?
-                   Log.instance.debug "Using HTTPS"
-                   https_app
-                 else
-                   Log.instance.debug "Using HTTP"
-                   {}
-                 end
-      settings.merge(base_settings)
-    end
-
-    def app
-      Rack::Builder.new do
-        SmartProxyDynflowCore::Launcher.route_mapping(self)
-      end
-    end
-
-    def base_settings
-      {
-        :app => app,
-        :Host => Settings.instance.listen,
-        :Port => Settings.instance.port,
-        :AccessLog => [],
-        :Logger => Log.instance,
-        :daemonize => Settings.instance.daemonize,
-        :pid => Settings.instance.daemonize && Settings.instance.pid_file,
-        :server => :webrick
-      }
-    end
-
-    def https_app
-      ssl_options  = OpenSSL::SSL::SSLContext::DEFAULT_PARAMS[:options]
-      ssl_options |= OpenSSL::SSL::OP_CIPHER_SERVER_PREFERENCE if defined?(OpenSSL::SSL::OP_CIPHER_SERVER_PREFERENCE)
-      # This is required to disable SSLv3 on Ruby 1.8.7
-      ssl_options |= OpenSSL::SSL::OP_NO_SSLv2 if defined?(OpenSSL::SSL::OP_NO_SSLv2)
-      ssl_options |= OpenSSL::SSL::OP_NO_SSLv3 if defined?(OpenSSL::SSL::OP_NO_SSLv3)
-      ssl_options |= OpenSSL::SSL::OP_NO_TLSv1 if defined?(OpenSSL::SSL::OP_NO_TLSv1)
-      ssl_options |= OpenSSL::SSL::OP_NO_TLSv1_1 if defined?(OpenSSL::SSL::OP_NO_TLSv1_1)
-
-      Settings.instance.tls_disabled_versions&.each do |version|
-        constant = OpenSSL::SSL.const_get("OP_NO_TLSv#{version.to_s.tr('.', '_')}") rescue nil
-
-        if constant
-          Log.instance.info "TLSv#{version} will be disabled."
-          ssl_options |= constant
-        else
-          Log.instance.warn "TLSv#{version} was not found."
-        end
-      end
-
-      {
-        :SSLEnable => true,
-        :SSLVerifyClient => OpenSSL::SSL::VERIFY_PEER,
-        :SSLPrivateKey => ssl_private_key,
-        :SSLCertificate => ssl_certificate,
-        :SSLCACertificateFile => Settings.instance.ssl_ca_file,
-        :SSLCiphers => CIPHERS - SmartProxyDynflowCore::Settings.instance.ssl_disabled_ciphers,
-        :SSLOptions => ssl_options
-      }
-    end
-    # rubocop:enable Metrics/PerceivedComplexity
-
-    def https_enabled?
-      Settings.instance.use_https
-    end
-
-    def ssl_private_key
-      OpenSSL::PKey::RSA.new(File.read(Settings.instance.ssl_private_key))
-    rescue Exception => e
-      Log.instance.fatal "Unable to load private SSL key. Are the values "\
-                         "correct in settings.yml and do permissions allow reading?: #{e}"
-      raise e
-    end
-
-    def ssl_certificate
-      OpenSSL::X509::Certificate.new(File.read(Settings.instance.ssl_certificate))
-    rescue Exception => e
-      Log.instance.fatal "Unable to load SSL certificate. Are the values " \
-                         "correct in settings.yml and do permissions allow reading?: #{e}"
-      raise e
-    end
-
-    def load_config_dir(dir)
-      settings_yml = File.join(dir, 'settings.yml')
-      if File.exist? settings_yml
-        Log.instance.debug "Loading settings from #{dir}"
-        Settings.load_global_settings settings_yml
-        Dir[File.join(dir, 'settings.d', '*.yml')].each { |path| Settings.load_plugin_settings(path) }
-        true
-      end
-      ForemanTasksCore::SettingsLoader.settings_registry.each_key do |settings_keys|
-        settings = settings_keys.inject({}) do |h, settings_key|
-          if SETTINGS.plugins.key?(settings_key.to_s)
-            h.merge(SETTINGS.plugins[settings_key.to_s].to_h)
-          else
-            h
-          end
-        end
-        ForemanTasksCore::SettingsLoader.setup_settings(settings_keys.first, settings)
-      end
-    end
-  end
-end

data/lib/smart_proxy_dynflow_core/log.rb

@@ -1,146 +0,0 @@
-require 'logging'
-
-module SmartProxyDynflowCore
-  class ReopenAppender < ::Logging::Appender
-    def initialize(name, logger, opts = {})
-      @reopen = false
-      @logger = logger
-      super(name, opts)
-    end
-
-    def set(status = true)
-      @reopen = status
-    end
-
-    def append(_event)
-      if @reopen
-        Logging.reopen
-        @reopen = false
-      end
-    end
-  end
-
-  class Log
-    BASE_LOG_SIZE = 1024 * 1024 # 1 MiB
-    LOGGER_NAME = 'dynflow-core'.freeze
-
-    begin
-      require 'syslog/logger'
-      @syslog_available = true
-    rescue LoadError
-      @syslog_available = false
-    end
-
-    class << self
-      def reload!
-        Logging.logger[LOGGER_NAME].appenders.each(&:close)
-        Logging.logger[LOGGER_NAME].clear_appenders
-        @logger = nil
-        instance
-      end
-
-      def reopen
-        return if @logger.nil? || @reopen.nil?
-        if Settings.instance.log_file !~ /^(STDOUT|SYSLOG|JOURNALD?)$/i
-          @reopen.set
-        end
-      end
-
-      def instance
-        return ::Proxy::LogBuffer::Decorator.instance unless Settings.instance.standalone
-        return @logger if @logger
-        layout = Logging::Layouts.pattern(pattern: Settings.instance.file_logging_pattern + "\n")
-        notime_layout = Logging::Layouts.pattern(pattern: Settings.instance.system_logging_pattern + "\n")
-        log_file = Settings.instance.log_file || ''
-        @logger = Logging.logger[LOGGER_NAME]
-        @reopen = ReopenAppender.new("Reopen dummy appender", @logger)
-        @logger.add_appenders(@reopen)
-        if !Settings.instance.loaded || log_file.casecmp('STDOUT').zero?
-          @logger.add_appenders(Logging.appenders.stdout(LOGGER_NAME, layout: layout))
-        elsif log_file.casecmp('SYSLOG').zero?
-          unless @syslog_available
-            puts "Syslog is not supported on this platform, use STDOUT or a file"
-            exit(1)
-          end
-          @logger.add_appenders(Logging.appenders.syslog(LOGGER_NAME, layout: notime_layout, facility: ::Syslog::Constants::LOG_LOCAL5))
-        elsif log_file.casecmp('JOURNAL').zero? || log_file.casecmp('JOURNALD').zero?
-          begin
-            @logger.add_appenders(Logging.appenders.journald(LOGGER_NAME, LOGGER_NAME: :proxy_logger, layout: notime_layout, facility: ::Syslog::Constants::LOG_LOCAL5))
-          rescue NoMethodError
-            @logger.add_appenders(Logging.appenders.stdout(LOGGER_NAME, layout: layout))
-            @logger.warn "Journald is not available on this platform. Falling back to STDOUT."
-          end
-        else
-          begin
-            keep = Settings.instance.file_rolling_keep
-            size = BASE_LOG_SIZE * Settings.instance.file_rolling_size
-            age = Settings.instance.file_rolling_age
-            if size.positive?
-              @logger.add_appenders(Logging.appenders.rolling_file(LOGGER_NAME, layout: layout, filename: log_file, keep: keep, size: size, age: age, roll_by: 'number'))
-            else
-              @logger.add_appenders(Logging.appenders.file(LOGGER_NAME, layout: layout, filename: log_file))
-            end
-          rescue ArgumentError => ae
-            @logger.add_appenders(Logging.appenders.stdout(LOGGER_NAME, layout: layout))
-            @logger.warn "Log file #{log_file} cannot be opened. Falling back to STDOUT: #{ae}"
-          end
-        end
-        @logger.level = ::Logging.level_num(Settings.instance.log_level)
-        @logger
-      end
-
-      def with_fields(fields = {})
-        ::Logging.ndc.push(fields) do
-          yield
-        end
-      end
-
-      # Standard way for logging exceptions to get the most data in the log. By default
-      # it logs via warn level, this can be changed via options[:level]
-      def exception(context_message, exception, options = {})
-        level = options[:level] || :warn
-        unless ::Logging::LEVELS.keys.include?(level.to_s)
-          raise "Unexpected log level #{level}, expected one of #{::Logging::LEVELS.keys}"
-        end
-        # send class, message and stack as structured fields in addition to message string
-        backtrace = exception.backtrace ? exception.backtrace : []
-        extra_fields = {
-          exception_class: exception.class.name,
-          exception_message: exception.message,
-          exception_backtrace: backtrace
-        }
-        extra_fields[:foreman_code] = exception.code if exception.respond_to?(:code)
-        with_fields(extra_fields) do
-          @logger.public_send(level) do
-            ([context_message, "#{exception.class}: #{exception.message}"] + backtrace).join("\n")
-          end
-        end
-      end
-    end
-
-    class ProxyStructuredFormater < ::Dynflow::LoggerAdapters::Formatters::Abstract
-      def format(message)
-        if message.is_a?(Exception)
-          subject = "#{message.message} (#{message.class})"
-          if @base.respond_to?(:exception)
-            @base.exception("Error details", message)
-            subject
-          else
-            "#{subject}\n#{message.backtrace.join("\n")}"
-          end
-        else
-          @original_formatter.call(severity, datetime, prog_name, message)
-        end
-      end
-    end
-
-    class ProxyAdapter < ::Dynflow::LoggerAdapters::Simple
-      def initialize(logger, level = Logger::DEBUG, _formatters = [])
-        @logger           = logger
-        @logger.level     = level
-        @action_logger    = apply_formatters(ProgNameWrapper.new(@logger, ' action'), [])
-        @dynflow_logger   = apply_formatters(ProgNameWrapper.new(@logger, 'dynflow'), [])
-      end
-    end
-  end
-end

data/lib/smart_proxy_dynflow_core/logger_middleware.rb

@@ -1,31 +0,0 @@
-module SmartProxyDynflowCore
-  class LoggerMiddleware
-    def initialize(app)
-      @logger = SmartProxyDynflowCore::Log.instance
-      @app = app
-    end
-
-    def call(env)
-      before = Time.now.to_f
-      status = 500
-      env['rack.logger'] = @logger
-      @logger.info { "Started #{env['REQUEST_METHOD']} #{env['PATH_INFO']} #{env['QUERY_STRING']}" }
-      @logger.debug { 'Headers: ' + env.select { |k, v| k.start_with? 'HTTP_' }.inspect }
-      if @logger.debug? && env['rack.input']
-        body = env['rack.input'].read
-        @logger.debug('Body: ' + body) unless body.empty?
-        env['rack.input'].rewind
-      end
-      status, = @app.call(env)
-    rescue Exception => e
-      Log.exception "Error processing request '#{::Logging.mdc['request']}", e
-      raise e
-    ensure
-      @logger.info do
-        after = Time.now.to_f
-        duration = (after - before) * 1000
-        "Finished #{env['REQUEST_METHOD']} #{env['PATH_INFO']} with #{status} (#{duration.round(2)} ms)"
-      end
-    end
-  end
-end

data/lib/smart_proxy_dynflow_core/request_id_middleware.rb

@@ -1,18 +0,0 @@
-module SmartProxyDynflowCore
-  class RequestIdMiddleware
-    def initialize(app)
-      @app = app
-    end
-
-    def call(env)
-      ::Logging.mdc['remote_ip'] = env['REMOTE_ADDR']
-      if env.has_key?('HTTP_X_REQUEST_ID')
-        ::Logging.mdc['request'] = env['HTTP_X_REQUEST_ID']
-      else
-        ::Logging.mdc['request'] = SecureRandom.uuid
-      end
-      status, header, body = @app.call(env)
-      [status, header, ::Rack::BodyProxy.new(body) { ::Logging.mdc.clear }]
-    end
-  end
-end

data/lib/smart_proxy_dynflow_core/settings.rb

@@ -1,86 +0,0 @@
-require 'ostruct'
-
-module SmartProxyDynflowCore
-  class Settings < OpenStruct
-    DEFAULT_SETTINGS = {
-      :database => '/var/lib/foreman-proxy/dynflow/dynflow.sqlite',
-      :foreman_url => 'https://127.0.0.1:3000',
-      :console_auth => true,
-      :listen => '127.0.0.1',
-      :port => '8008',
-      :use_https => false,
-      :ssl_ca_file => nil,
-      :ssl_private_key => nil,
-      :ssl_certificate => nil,
-      :ssl_disabled_ciphers => [],
-      :tls_disabled_versions => [],
-      :foreman_ssl_ca => nil,
-      :foreman_ssl_key => nil,
-      :foreman_ssl_cert => nil,
-      :standalone => false,
-      :log_file => '/var/log/foreman-proxy/smart_proxy_dynflow_core.log',
-      :log_level => :ERROR,
-      :plugins => {},
-      :pid_file => '/var/run/foreman-proxy/smart_proxy_dynflow_core.pid',
-      :daemonize => false,
-      :execution_plan_cleaner_age => 60 * 60 * 24,
-      :loaded => false,
-      :file_logging_pattern => '%d %.8X{request} [%.1l] %m',
-      :system_logging_pattern => '%.8X{request} [%.1l] %m',
-      :file_rolling_keep => 6,
-      :file_rolling_size => 0,
-      :file_rolling_age => 'weekly'
-    }.freeze
-
-    PROXY_SETTINGS = %i[ssl_ca_file ssl_certificate ssl_private_key foreman_url
-                        foreman_ssl_ca foreman_ssl_cert foreman_ssl_key
-                        log_file log_level ssl_disabled_ciphers].freeze
-    PLUGIN_SETTINGS = %i[database core_url console_auth
-                         execution_plan_cleaner_age].freeze
-
-    def initialize(settings = {})
-      super(DEFAULT_SETTINGS.merge(settings))
-    end
-
-    def self.instance
-      SmartProxyDynflowCore::SETTINGS
-    end
-
-    def self.load_global_settings(path)
-      if File.exist? File.join(path)
-        YAML.load_file(path).each do |key, value|
-          SETTINGS[key] = value
-        end
-      end
-    end
-
-    def self.loaded!
-      Settings.instance.loaded = true
-      Log.instance.info 'Settings loaded, reloading logger'
-      Log.reload!
-    end
-
-    def self.load_from_proxy(plugin)
-      settings = plugin.settings.to_h
-      PROXY_SETTINGS.each do |key|
-        SETTINGS[key] = Proxy::SETTINGS[key]
-      end
-      PLUGIN_SETTINGS.each do |key|
-        SETTINGS[key] = settings[key] if settings.key?(key)
-      end
-      SETTINGS.plugins.values.each(&:load_settings_from_proxy)
-      Settings.loaded!
-    end
-
-    def self.load_plugin_settings(path)
-      settings = YAML.load_file(path)
-      name = File.basename(path).gsub(/\.yml$/, '')
-      if SETTINGS.plugins.key? name
-        settings = SETTINGS.plugins[name].to_h.merge(settings)
-      end
-      SETTINGS.plugins[name] = OpenStruct.new settings
-    end
-  end
-end
-
-SmartProxyDynflowCore::SETTINGS = SmartProxyDynflowCore::Settings.new