smart_proxy_dynflow_core 0.3.3 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8c8d92f97c019f9624f042ba66a48f3121b341b1c5f9cfdb3fe5a35a4f83f074
-  data.tar.gz: 9707da718ef1d2d042dd4bade34e2b6d869236058bd9bf0bfcea07011862cf16
+  metadata.gz: 3226e9b143ecf53b28e97a765c2e760d42dc030ea3809736f5e7733b2db96cfe
+  data.tar.gz: eb70345b228d35506d36faa0a3fe59e09c8b1787d438f73d6554699736a70d3a
 SHA512:
-  metadata.gz: 45ced7ab76fefbdbea72fceee20b9b7c77c9394464045d7bff56cccb2882a9fa89f2d01a858e9b2aecd6a29c09f20388b3775873b8bcd65bfdb836a540b0a848
-  data.tar.gz: 4a08ac7bf67111e7644071d2627d341d741496282b13ae134014a8b74956ac1310f397124ea49a9468fc00bf051fd524cba244feae7fc17b050b91cfa14e3048
+  metadata.gz: cf3292bd295765e51968781f4a0a3678a5825977da06b56ddf86e073a232665f92f90cd5df25e0a6332304b4c3c15784404f2aae8d25f050cc77405d7520e57f
+  data.tar.gz: 1bdaaebb6e5b59fcf25250c4ba7695dadda3313854c8db343199bb8ec61529ed21deff5e948ac0545f6fde0eab6cde7bde73067b96943061e5bd013a22faa9db

data/lib/smart_proxy_dynflow_core.rb

@@ -1,19 +1,13 @@
-require 'dynflow'
-require 'smart_proxy_dynflow_core/request_id_middleware'
-require 'smart_proxy_dynflow_core/logger_middleware'
-require 'smart_proxy_dynflow_core/middleware/keep_current_request_id'
+# Whatever is here is just a compatibility layer
+# Once all the _core have been migrated, this can be dropped.
+
+require 'smart_proxy_dynflow'
+
+# REX core explicitly requires this file, otherwise we could use the trick we
+# use with callback
 require 'smart_proxy_dynflow_core/task_launcher_registry'
-require 'foreman_tasks_core'
-require 'smart_proxy_dynflow_core/log'
-require 'smart_proxy_dynflow_core/settings'
-require 'smart_proxy_dynflow_core/core'
-require 'smart_proxy_dynflow_core/helpers'
-require 'smart_proxy_dynflow_core/callback'
-require 'smart_proxy_dynflow_core/api'
 
 module SmartProxyDynflowCore
-  Core.after_initialize do |dynflow_core|
-    ForemanTasksCore.dynflow_setup(dynflow_core.world)
-  end
-  Core.register_silencer_matchers ForemanTasksCore.silent_dead_letter_matchers
+  Callback = Proxy::Dynflow::Callback
+  Log = Proxy::Dynflow::Log
 end

data/lib/smart_proxy_dynflow_core/task_launcher_registry.rb

@@ -1,31 +1,3 @@
 module SmartProxyDynflowCore
-  class TaskLauncherRegistry
-    class << self
-      def register(name, launcher)
-        registry[name] = launcher
-      end
-
-      def fetch(name, default = nil)
-        if default.nil?
-          registry.fetch(name)
-        else
-          registry.fetch(name, default)
-        end
-      end
-
-      def key?(name)
-        registry.key?(name)
-      end
-
-      def operations
-        registry.keys
-      end
-
-      private
-
-      def registry
-        @registry ||= {}
-      end
-    end
-  end
+  TaskLauncherRegistry = Proxy::Dynflow::TaskLauncherRegistry
 end

data/lib/smart_proxy_dynflow_core/version.rb

@@ -1,3 +1,3 @@
 module SmartProxyDynflowCore
-  VERSION = '0.3.3'.freeze
+  VERSION = '0.4.0'.freeze
 end

data/smart_proxy_dynflow_core.gemspec

@@ -13,10 +13,8 @@ Gem::Specification.new do |gem|
     Use the Dynflow inside Foreman smart proxy
   EOS
 
-  gem.executables   = ['smart_proxy_dynflow_core']
-  gem.files         = Dir['lib/smart_proxy_dynflow_core.rb', 'config/settings.yml.example',
-                          'lib/smart_proxy_dynflow_core/**/*', 'LICENSE', 'Gemfile',
-                          'bin/smart_proxy_dynflow_core', 'deploy/*', 'smart_proxy_dynflow_core.gemspec']
+  gem.files         = Dir['lib/smart_proxy_dynflow_core.rb', 'lib/smart_proxy_dynflow_core/**/*',
+                          'LICENSE', 'Gemfile', 'smart_proxy_dynflow_core.gemspec']
   gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
   gem.require_paths = ["lib"]
   gem.license = 'GPL-3.0'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: smart_proxy_dynflow_core
 version: !ruby/object:Gem::Version
-  version: 0.3.3
+  version: 0.4.0
 platform: ruby
 authors:
 - Ivan Nečas
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-05-05 00:00:00.000000000 Z
+date: 2021-06-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -223,31 +223,14 @@ dependencies:
 description: "    Use the Dynflow inside Foreman smart proxy\n"
 email:
 - inecas@redhat.com
-executables:
-- smart_proxy_dynflow_core
+executables: []
 extensions: []
 extra_rdoc_files: []
 files:
 - Gemfile
 - LICENSE
-- bin/smart_proxy_dynflow_core
-- config/settings.yml.example
-- deploy/smart_proxy_dynflow_core.init
-- deploy/smart_proxy_dynflow_core.service
 - lib/smart_proxy_dynflow_core.rb
-- lib/smart_proxy_dynflow_core/api.rb
-- lib/smart_proxy_dynflow_core/bundler_helper.rb
-- lib/smart_proxy_dynflow_core/callback.rb
-- lib/smart_proxy_dynflow_core/core.rb
-- lib/smart_proxy_dynflow_core/helpers.rb
-- lib/smart_proxy_dynflow_core/launcher.rb
-- lib/smart_proxy_dynflow_core/log.rb
-- lib/smart_proxy_dynflow_core/logger_middleware.rb
-- lib/smart_proxy_dynflow_core/middleware/keep_current_request_id.rb
-- lib/smart_proxy_dynflow_core/request_id_middleware.rb
-- lib/smart_proxy_dynflow_core/settings.rb
 - lib/smart_proxy_dynflow_core/task_launcher_registry.rb
-- lib/smart_proxy_dynflow_core/testing.rb
 - lib/smart_proxy_dynflow_core/version.rb
 - smart_proxy_dynflow_core.gemspec
 homepage: https://github.com/theforeman/smart_proxy_dynflow

data/bin/smart_proxy_dynflow_core

@@ -1,32 +0,0 @@
-#!/usr/bin/env ruby
-require 'dynflow'
-require 'rack'
-require 'smart_proxy_dynflow_core/launcher'
-require 'yaml'
-require 'optparse'
-
-options = {}
-OptionParser.new do |opts|
-  opts.on('-c', '--config-dir CONFIG_DIR', String, 'Directory to load settings from') do |value|
-    options[:config_dir] = value
-  end
-
-  opts.on('-1', '--one-config', 'Do not load more than 1 config') do |value|
-    options[:one_config] = true
-  end
-
-  opts.on('-d', '--[no-]daemonize', 'Fork to background after start') do |value|
-    options[:daemonize] = value
-  end
-
-  opts.on('-p', '--pid-file PID_FILE', String, 'Write pid to this file') do |value|
-    options[:pid_file] = value
-  end
-
-  opts.on_tail('-h', '--help', 'Show usage help') do
-    puts opts
-    exit
-  end
-end.parse!
-
-SmartProxyDynflowCore::Launcher.launch! options

data/config/settings.yml.example

@@ -1,66 +0,0 @@
----
-# Path to dynflow database, leave blank for in-memory non-persistent database
-:database:
-
-# URL of the foreman, used for reporting back
-:foreman_url: 'http://localhost:3000'
-
-# SSL settings for client authentication against Foreman
-# :foreman_ssl_ca: ssl/foreman_ca.pem
-# :foreman_ssl_key: ssl/foreman_key.pem
-# :foreman_ssl_cert: ssl/foreman_cert.pem
-
-:console_auth: false
-
-# Set to true to make the core fork to background after start
-# :daemonize: false
-# :pid_file: /var/run/foreman-proxy/smart_proxy_dynflow_core.pid
-
-# Listen on address
-:listen: 127.0.0.1
-
-# Listen on port
-:port: 8008
-
-# SSL settings for running core as https service
-# :use_https: false
-# :ssl_ca_file: ssl/ca.pem
-# :ssl_private_key: ssl/localhost.pem
-# :ssl_certificate: ssl/certs/localhost.pem
-
-# Use this option only if you need to disable certain cipher suites.
-# Note: we use the OpenSSL suite name, take a look at:
-# https://www.openssl.org/docs/manmaster/apps/ciphers.html#CIPHER-SUITE-NAMES
-# for more information.
-#:ssl_disabled_ciphers: [CIPHER-SUITE-1, CIPHER-SUITE-2]
-
-# Use this option only if you need to strictly specify TLS versions to be
-# disabled. SSLv3 and TLS v1.0 are always disabled and cannot be configured.
-# Specify versions like: '1.1', or '1.2'
-#:tls_disabled_versions: []
-
-# File to log to, leave empty for stdout or use STDOUT, STDERR, SYSLOG or JOURNAL
-#:log_file: /var/log/foreman-proxy/smart_proxy_dynflow_core.log
-
-# Log level, one of UNKNOWN, FATAL, ERROR, WARN, INFO, DEBUG
-#:log_level: ERROR
-
-# The maximum size of a log file before it's rolled (in MiB) or zero to disable file rolling
-# and rely on logrotate or similar tool
-#:file_rolling_size: 0
-
-# The maximum age of a log file before it's rolled (in seconds). Also accepts 'daily', 'weekly', or 'monthly'.
-#:file_rolling_age: weekly
-
-# Number of log files to keep
-#:file_rolling_keep: 6
-
-# Logging pattern for file-based loging
-#:file_logging_pattern: '%d %.8X{request} [%.1l] %m'
-
-# Logging pattern for syslog or journal loging
-#:system_logging_pattern: '%.8X{request} [%.1l] %m'
-
-# Maximum age of execution plans to keep before having them cleaned
-# by the execution plan cleaner (in seconds), defaults to 24 hours
-# :execution_plan_cleaner_age: 86400

data/deploy/smart_proxy_dynflow_core.init

@@ -1,92 +0,0 @@
-#!/bin/bash
-#
-# Init script for foreman smart proxy dynflow core service
-#
-# chkconfig: - 85 15
-# description: Init script for foreman proxy dynflow core service
-
-# Source function library.
-. /etc/rc.d/init.d/functions
-
-prog=smart_proxy_dynflow_core
-RETVAL=0
-SMART_PROXY_DYNFLOW_CORE_PID=/var/run/foreman-proxy/$prog.pid
-SMART_PROXY_DYNFLOW_CORE_USER=${SMART_PROXY_DYNFLOW_CORE_USER:-foreman-proxy}
-
-start() {
-    echo -n $"Starting $prog: "
-    ulimit -n 65536
-    daemon --user ${SMART_PROXY_DYNFLOW_CORE_USER} /usr/bin/smart_proxy_dynflow_core -d -p $SMART_PROXY_DYNFLOW_CORE_PID > /dev/null
-    RETVAL=$?
-    if [ $RETVAL = 0 ]
-    then
-        echo_success
-    else
-        echo_failure
-    fi
-
-    echo
-    return $RETVAL
-}
-
-stop() {
-    echo -n $"Stopping $prog: "
-    if [ -f ${SMART_PROXY_DYNFLOW_CORE_PID} ]; then
-        killproc -p ${SMART_PROXY_DYNFLOW_CORE_PID}
-        RETVAL=$?
-    else
-        echo -n $"$prog was not running.";
-        failure $"$prog was not running.";
-        echo
-        return 1
-    fi
-    echo
-    [ $RETVAL -eq 0 ] && rm -f ${SMART_PROXY_DYNFLOW_CORE_PID}
-    return $RETVAL
-}
-
-logrotate() {
-    echo -n $"Rotating logs for $prog: "
-    if [ -f ${SMART_PROXY_DYNFLOW_CORE_PID} ]; then
-        killproc -p ${SMART_PROXY_DYNFLOW_CORE_PID} $prog -USR1
-        RETVAL=$?
-        echo
-    else
-        echo -n $"$prog was not running.";
-        failure $"$prog was not running.";
-        echo
-        return 1
-    fi
-    return $RETVAL
-}
-
-# See how we were called.
-case "$1" in
-    start)
-        start
-    ;;
-    stop)
-        stop
-    ;;
-    status)
-        echo -n "$prog"
-        status -p $SMART_PROXY_DYNFLOW_CORE_PID
-        RETVAL=$?
-    ;;
-    restart)
-        stop
-        start
-    ;;
-    condrestart)
-        stop
-        [ $? -eq 0 ] && start
-    ;;
-    logrotate)
-        logrotate
-    ;;
-    *)
-        echo $"Usage: $prog {start|stop|restart|condrestart|logrotate}"
-        exit 1
-esac
-
-exit $RETVAL

data/deploy/smart_proxy_dynflow_core.service

@@ -1,13 +0,0 @@
-[Unit]
-Description=Foreman smart proxy dynflow core service
-Documentation=https://github.com/theforeman/smart_proxy_dynflow
-After=network.target remote-fs.target nss-lookup.target
-
-[Service]
-Type=notify
-User=foreman-proxy
-ExecStart=/usr/bin/smart_proxy_dynflow_core --no-daemonize
-EnvironmentFile=-/etc/sysconfig/smart_proxy_dynflow_core
-
-[Install]
-WantedBy=multi-user.target

data/lib/smart_proxy_dynflow_core/api.rb

@@ -1,102 +0,0 @@
-require 'sinatra/base'
-require 'multi_json'
-
-# rubocop:disable Lint/HandleExceptions
-begin
-  require 'proxy/log'
-  require 'proxy/helpers'
-  require 'sinatra/authorization'
-rescue LoadError
-end
-# rubocop:enable Lint/HandleExceptions
-
-module SmartProxyDynflowCore
-  class Api < ::Sinatra::Base
-    TASK_UPDATE_REGEXP_PATH = %r{/tasks/(\S+)/(update|done)}
-    helpers Helpers
-
-    include ::Sinatra::Authorization::Helpers if defined?(::Sinatra::Authorization::Helpers)
-
-    configure do
-      if Settings.instance.standalone
-        ::Sinatra::Base.set :logging, false
-        ::Sinatra::Base.use ::SmartProxyDynflowCore::RequestIdMiddleware
-        ::Sinatra::Base.use ::SmartProxyDynflowCore::LoggerMiddleware
-      end
-    end
-
-    before do
-      if match = request.path_info.match(TASK_UPDATE_REGEXP_PATH)
-        task_id = match[1]
-        action = match[2]
-        authorize_with_token(task_id: task_id, clear: action == 'done')
-      elsif Settings.instance.standalone
-        authorize_with_ssl_client
-      else
-        do_authorize_any
-      end
-      content_type :json
-    end
-
-    post "/tasks/status" do
-      params = MultiJson.load(request.body.read)
-      ids = params.fetch('task_ids', [])
-      result = world.persistence
-                    .find_execution_plans(:filters => { :uuid => ids }).reduce({}) do |acc, plan|
-        acc.update(plan.id => { 'state' => plan.state, 'result' => plan.result })
-      end
-      MultiJson.dump(result)
-    end
-
-    post "/tasks/launch/?" do
-      params = MultiJson.load(request.body.read)
-      launcher = launcher_class(params).new(world, callback_host(params, request), params.fetch('options', {}))
-      launcher.launch!(params['input'])
-      launcher.results.to_json
-    end
-
-    post "/tasks/?" do
-      params = MultiJson.load(request.body.read)
-      trigger_task(::Dynflow::Utils.constantize(params['action_name']),
-                   params['action_input'].merge(:callback_host => callback_host(params, request))).to_json
-    end
-
-    post "/tasks/:task_id/cancel" do |task_id|
-      cancel_task(task_id).to_json
-    end
-
-    get "/tasks/:task_id/status" do |task_id|
-      task_status(task_id).to_json
-    end
-
-    get "/tasks/count" do
-      tasks_count(params['state']).to_json
-    end
-
-    # capturing post "/tasks/:task_id/(update|done)"
-    post TASK_UPDATE_REGEXP_PATH do |task_id, _action|
-      data = MultiJson.load(request.body.read)
-      dispatch_external_event(task_id, data)
-    end
-
-    get "/tasks/operations" do
-      TaskLauncherRegistry.operations.to_json
-    end
-
-    private
-
-    def callback_host(params, request)
-      params.fetch('action_input', {})['proxy_url'] ||
-        request.env.values_at('HTTP_X_FORWARDED_FOR', 'HTTP_HOST').compact.first
-    end
-
-    def launcher_class(params)
-      operation = params.fetch('operation')
-      if TaskLauncherRegistry.key?(operation)
-        TaskLauncherRegistry.fetch(operation)
-      else
-        halt 404, MultiJson.dump(:error => "Unknown operation '#{operation}' requested.")
-      end
-    end
-  end
-end

data/lib/smart_proxy_dynflow_core/bundler_helper.rb

@@ -1,30 +0,0 @@
-module SmartProxyDynflowCore
-  class BundlerHelper
-    def self.require_groups(*groups)
-      if File.exist?(File.expand_path('../../../Gemfile.in', __FILE__))
-        # If there is a Gemfile.in file, we will not use Bundler but BundlerExt
-        # gem which parses this file and loads all dependencies from the system
-        # rathern then trying to download them from rubygems.org. It always
-        # loads all gemfile groups.
-        begin
-          require 'bundler_ext' unless defined?(BundlerExt)
-        rescue LoadError
-          # Debian packaging guidelines state to avoid needing rubygems, so
-          # we only try to load it if the first require fails (for RPMs)
-          begin
-            require 'rubygems' rescue nil
-            require 'bundler_ext'
-          rescue LoadError
-            puts "`bundler_ext` gem is required to run smart_proxy"
-            exit 1
-          end
-        end
-        BundlerExt.system_require(File.expand_path('../../../Gemfile.in', __FILE__), *groups)
-      else
-        require 'bundler' unless defined?(Bundler)
-        Bundler.require(*groups)
-      end
-    end
-    # rubocop:enable Metrics/PerceivedComplexity
-  end
-end

data/lib/smart_proxy_dynflow_core/callback.rb

@@ -1,85 +0,0 @@
-require 'rest-client'
-
-# rubocop:disable Lint/HandleExceptions
-begin
-  require 'smart_proxy_dynflow/callback'
-rescue LoadError
-end
-# rubocop:enable Lint/HandleExceptions
-
-module SmartProxyDynflowCore
-  module Callback
-    class Request
-      class << self
-        def send_to_foreman_tasks(callback_info, data)
-          self.new.callback(prepare_payload(callback_info, data))
-        end
-
-        def ssl_options
-          return @ssl_options if defined? @ssl_options
-          @ssl_options = {}
-          settings = Settings.instance
-          return @ssl_options unless URI.parse(settings.foreman_url).scheme == 'https'
-
-          @ssl_options[:verify_ssl] = OpenSSL::SSL::VERIFY_PEER
-
-          private_key_file = settings.foreman_ssl_key || settings.ssl_private_key
-          if private_key_file
-            private_key = File.read(private_key_file)
-            @ssl_options[:ssl_client_key] = OpenSSL::PKey::RSA.new(private_key)
-          end
-          certificate_file = settings.foreman_ssl_cert || settings.ssl_certificate
-          if certificate_file
-            certificate = File.read(certificate_file)
-            @ssl_options[:ssl_client_cert] = OpenSSL::X509::Certificate.new(certificate)
-          end
-          ca_file = settings.foreman_ssl_ca || settings.ssl_ca_file
-          @ssl_options[:ssl_ca_file] = ca_file if ca_file
-          @ssl_options
-        end
-        # rubocop:enable Metrics/PerceivedComplexity
-
-        private
-
-        def prepare_payload(callback, data)
-          { :callback => callback, :data => data }.to_json
-        end
-      end
-
-      def callback(payload)
-        response = callback_resource.post(payload, :content_type => :json)
-        if response.code.to_s != "200"
-          raise "Failed performing callback to Foreman server: #{response.code} #{response.body}"
-        end
-        response
-      end
-
-      private
-
-      def callback_resource
-        @resource ||= RestClient::Resource.new(Settings.instance.foreman_url + '/foreman_tasks/api/tasks/callback',
-                                               self.class.ssl_options)
-      end
-    end
-
-    class Action < ::Dynflow::Action
-      def plan(callback, data)
-        plan_self(:callback => callback, :data => data)
-      end
-
-      def run
-        Callback::Request.send_to_foreman_tasks(input[:callback], input[:data])
-      end
-    end
-
-    module PlanHelper
-      def plan_with_callback(input)
-        input = input.dup
-        callback = input.delete('callback')
-
-        planned_action = plan_self(input)
-        plan_action(Callback::Action, callback, planned_action.output) if callback
-      end
-    end
-  end
-end

data/lib/smart_proxy_dynflow_core/core.rb

@@ -1,124 +0,0 @@
-module SmartProxyDynflowCore
-  class Core
-    attr_accessor :world, :accepted_cert_serial
-
-    def initialize
-      @world = create_world
-      cert_file = Settings.instance.foreman_ssl_cert || Settings.instance.ssl_certificate
-      if cert_file
-        client_cert = File.read(cert_file)
-        # we trust only requests using the same certificate as we are
-        # (in other words the local proxy only)
-        @accepted_cert_serial = OpenSSL::X509::Certificate.new(client_cert).serial
-      end
-    end
-
-    def create_world(&block)
-      config = default_world_config(&block)
-      world = ::Dynflow::World.new(config)
-      world.middleware.use ::Actions::Middleware::KeepCurrentRequestID
-      world
-    end
-
-    def persistence_conn_string
-      return ENV['DYNFLOW_DB_CONN_STRING'] if ENV.key? 'DYNFLOW_DB_CONN_STRING'
-      db_conn_string = 'sqlite:/'
-
-      db_file = Settings.instance.database
-      if db_file.nil? || db_file.empty?
-        Log.instance.warn "Could not open DB for dynflow at '#{db_file}', " \
-                          "will keep data in memory. Restart will drop all dynflow data."
-      else
-        db_conn_string += "/#{db_file}"
-      end
-
-      db_conn_string
-    end
-
-    def persistence_adapter
-      ::Dynflow::PersistenceAdapters::Sequel.new persistence_conn_string
-    end
-
-    def default_world_config
-      ::Dynflow::Config.new.tap do |config|
-        config.auto_rescue = true
-        config.logger_adapter = logger_adapter
-        config.persistence_adapter = persistence_adapter
-        config.execution_plan_cleaner = execution_plan_cleaner
-        # TODO: There has to be a better way
-        matchers = config.silent_dead_letter_matchers.call.concat(self.class.silencer_matchers)
-        config.silent_dead_letter_matchers = matchers
-        yield config if block_given?
-      end
-    end
-
-    def logger_adapter
-      if Settings.instance.standalone
-        Log::ProxyAdapter.new(Log.instance, Log.instance.level)
-      else
-        Log::ProxyAdapter.new(Proxy::LogBuffer::Decorator.instance, Log.instance.level)
-      end
-    end
-
-    def execution_plan_cleaner
-      proc do |world|
-        age = Settings.instance.execution_plan_cleaner_age
-        options = { :poll_interval => age, :max_age => age }
-        ::Dynflow::Actors::ExecutionPlanCleaner.new(world, options)
-      end
-    end
-
-    class << self
-      attr_reader :instance
-
-      def ensure_initialized
-        return @instance if @instance
-        @instance = Core.new
-        after_initialize_blocks.each { |block| block.call(@instance) }
-        @instance
-      end
-
-      def silencer_matchers
-        @matchers ||= []
-      end
-
-      def register_silencer_matchers(matchers)
-        silencer_matchers.concat matchers
-      end
-
-      def web_console
-        require 'dynflow/web'
-        dynflow_console = ::Dynflow::Web.setup do
-          # we can't use the proxy's after_activation hook, as
-          # it happens before the Daemon forks the process (including
-          # closing opened file descriptors)
-          # TODO: extend smart proxy to enable hooks that happen after
-          # the forking
-          helpers Helpers
-
-          before do
-            authorize_with_ssl_client if Settings.instance.console_auth
-          end
-
-          Core.ensure_initialized
-          set :world, Core.world
-        end
-        dynflow_console
-      end
-
-      def world
-        instance.world
-      end
-
-      def after_initialize(&block)
-        after_initialize_blocks << block
-      end
-
-      private
-
-      def after_initialize_blocks
-        @after_initialize_blocks ||= []
-      end
-    end
-  end
-end

data/lib/smart_proxy_dynflow_core/helpers.rb

@@ -1,73 +0,0 @@
-module SmartProxyDynflowCore
-  module Helpers
-    def world
-      SmartProxyDynflowCore::Core.world
-    end
-
-    def authorize_with_token(task_id:, clear: true)
-      if request.env.key? 'HTTP_AUTHORIZATION'
-        if defined?(::ForemanTasksCore)
-          auth = request.env['HTTP_AUTHORIZATION']
-          basic_prefix = /\ABasic /
-          if !auth.to_s.empty? && auth =~ basic_prefix &&
-             ForemanTasksCore::OtpManager.authenticate(auth.gsub(basic_prefix, ''),
-                                                       expected_user: task_id, clear: clear)
-            Log.instance.debug('authorized with token')
-            return true
-          end
-        end
-        halt 403, MultiJson.dump(:error => 'Invalid username or password supplied')
-      end
-      false
-    end
-
-    def authorize_with_ssl_client
-      if %w[yes on 1].include? request.env['HTTPS'].to_s
-        if request.env['SSL_CLIENT_CERT'].to_s.empty?
-          Log.instance.error "No client SSL certificate supplied"
-          halt 403, MultiJson.dump(:error => "No client SSL certificate supplied")
-        else
-          client_cert = OpenSSL::X509::Certificate.new(request.env['SSL_CLIENT_CERT'])
-          unless SmartProxyDynflowCore::Core.instance.accepted_cert_serial == client_cert.serial
-            Log.instance.error "SSL certificate with unexpected serial supplied"
-            halt 403, MultiJson.dump(:error => "SSL certificate with unexpected serial supplied")
-          end
-        end
-      else
-        Log.instance.debug 'require_ssl_client_verification: skipping, non-HTTPS request'
-      end
-    end
-
-    def trigger_task(*args)
-      triggered = world.trigger(*args)
-      { :task_id => triggered.id }
-    end
-
-    def cancel_task(task_id)
-      execution_plan = world.persistence.load_execution_plan(task_id)
-      cancel_events = execution_plan.cancel
-      { :task_id => task_id, :canceled_steps_count => cancel_events.size }
-    end
-
-    def task_status(task_id)
-      ep = world.persistence.load_execution_plan(task_id)
-      ep.to_hash.merge(:actions => ep.actions.map(&:to_hash))
-    rescue KeyError => _e
-      status 404
-      {}
-    end
-
-    def tasks_count(state)
-      state ||= 'all'
-      filter = state != 'all' ? { :filters => { :state => [state] } } : {}
-      tasks = world.persistence.find_execution_plans(filter)
-      { :count => tasks.count, :state => state }
-    end
-
-    def dispatch_external_event(task_id, params)
-      world.event(task_id,
-                  params['step_id'].to_i,
-                  ::ForemanTasksCore::Runner::ExternalEvent.new(params))
-    end
-  end
-end

data/lib/smart_proxy_dynflow_core/launcher.rb

@@ -1,166 +0,0 @@
-require 'webrick/https'
-require 'smart_proxy_dynflow_core/bundler_helper'
-require 'smart_proxy_dynflow_core/settings'
-require 'sd_notify'
-
-module SmartProxyDynflowCore
-  class Launcher
-    CIPHERS = ['ECDHE-RSA-AES128-GCM-SHA256', 'ECDHE-RSA-AES256-GCM-SHA384',
-               'AES128-GCM-SHA256', 'AES256-GCM-SHA384', 'AES128-SHA256',
-               'AES256-SHA256', 'AES128-SHA', 'AES256-SHA'].freeze
-
-    def self.launch!(options)
-      self.new.start options
-    end
-
-    def start(options)
-      Settings.instance.standalone = true
-      load_settings!(options)
-      install_usr1_trap
-      Rack::Server.new(rack_settings).start do |_server|
-        SmartProxyDynflowCore::Core.ensure_initialized
-        ::SdNotify.ready
-      end
-      Log.instance.info "Finished shutting down"
-      Logging.shutdown
-    end
-
-    def load_settings!(options = {})
-      config_dir, one_config = options.values_at(:config_dir, :one_config)
-      possible_config_dirs = [
-        '/etc/smart_proxy_dynflow_core',
-        File.expand_path('~/.config/smart_proxy_dynflow_core'),
-        File.join(File.dirname(__FILE__), '..', '..', 'config'),
-      ]
-      possible_config_dirs << config_dir if config_dir
-      BundlerHelper.require_groups(:default)
-      possible_config_dirs.reverse! if one_config
-      possible_config_dirs.select { |config_dir| File.directory? config_dir }.each do |config_dir|
-        break if load_config_dir(config_dir) && one_config
-      end
-      Settings.instance.daemonize = options[:daemonize] if options.key?(:daemonize)
-      Settings.instance.pid_file = options[:pid_file] if options.key?(:pid_file)
-      Settings.loaded!
-    end
-
-    def self.route_mapping(rack_builder)
-      rack_builder.map '/console' do
-        run Core.web_console
-      end
-
-      rack_builder.map '/' do
-        run Api
-      end
-    end
-
-    def install_usr1_trap
-      trap(:USR1) do
-        Log.reopen
-      end
-    end
-
-    private
-
-    def rack_settings
-      settings = if https_enabled?
-                   Log.instance.debug "Using HTTPS"
-                   https_app
-                 else
-                   Log.instance.debug "Using HTTP"
-                   {}
-                 end
-      settings.merge(base_settings)
-    end
-
-    def app
-      Rack::Builder.new do
-        SmartProxyDynflowCore::Launcher.route_mapping(self)
-      end
-    end
-
-    def base_settings
-      {
-        :app => app,
-        :Host => Settings.instance.listen,
-        :Port => Settings.instance.port,
-        :AccessLog => [],
-        :Logger => Log.instance,
-        :daemonize => Settings.instance.daemonize,
-        :pid => Settings.instance.daemonize && Settings.instance.pid_file,
-        :server => :webrick
-      }
-    end
-
-    def https_app
-      ssl_options  = OpenSSL::SSL::SSLContext::DEFAULT_PARAMS[:options]
-      ssl_options |= OpenSSL::SSL::OP_CIPHER_SERVER_PREFERENCE if defined?(OpenSSL::SSL::OP_CIPHER_SERVER_PREFERENCE)
-      # This is required to disable SSLv3 on Ruby 1.8.7
-      ssl_options |= OpenSSL::SSL::OP_NO_SSLv2 if defined?(OpenSSL::SSL::OP_NO_SSLv2)
-      ssl_options |= OpenSSL::SSL::OP_NO_SSLv3 if defined?(OpenSSL::SSL::OP_NO_SSLv3)
-      ssl_options |= OpenSSL::SSL::OP_NO_TLSv1 if defined?(OpenSSL::SSL::OP_NO_TLSv1)
-      ssl_options |= OpenSSL::SSL::OP_NO_TLSv1_1 if defined?(OpenSSL::SSL::OP_NO_TLSv1_1)
-
-      Settings.instance.tls_disabled_versions&.each do |version|
-        constant = OpenSSL::SSL.const_get("OP_NO_TLSv#{version.to_s.tr('.', '_')}") rescue nil
-
-        if constant
-          Log.instance.info "TLSv#{version} will be disabled."
-          ssl_options |= constant
-        else
-          Log.instance.warn "TLSv#{version} was not found."
-        end
-      end
-
-      {
-        :SSLEnable => true,
-        :SSLVerifyClient => OpenSSL::SSL::VERIFY_PEER,
-        :SSLPrivateKey => ssl_private_key,
-        :SSLCertificate => ssl_certificate,
-        :SSLCACertificateFile => Settings.instance.ssl_ca_file,
-        :SSLCiphers => CIPHERS - SmartProxyDynflowCore::Settings.instance.ssl_disabled_ciphers,
-        :SSLOptions => ssl_options
-      }
-    end
-    # rubocop:enable Metrics/PerceivedComplexity
-
-    def https_enabled?
-      Settings.instance.use_https
-    end
-
-    def ssl_private_key
-      OpenSSL::PKey::RSA.new(File.read(Settings.instance.ssl_private_key))
-    rescue Exception => e
-      Log.instance.fatal "Unable to load private SSL key. Are the values "\
-                         "correct in settings.yml and do permissions allow reading?: #{e}"
-      raise e
-    end
-
-    def ssl_certificate
-      OpenSSL::X509::Certificate.new(File.read(Settings.instance.ssl_certificate))
-    rescue Exception => e
-      Log.instance.fatal "Unable to load SSL certificate. Are the values " \
-                         "correct in settings.yml and do permissions allow reading?: #{e}"
-      raise e
-    end
-
-    def load_config_dir(dir)
-      settings_yml = File.join(dir, 'settings.yml')
-      if File.exist? settings_yml
-        Log.instance.debug "Loading settings from #{dir}"
-        Settings.load_global_settings settings_yml
-        Dir[File.join(dir, 'settings.d', '*.yml')].each { |path| Settings.load_plugin_settings(path) }
-        true
-      end
-      ForemanTasksCore::SettingsLoader.settings_registry.each_key do |settings_keys|
-        settings = settings_keys.inject({}) do |h, settings_key|
-          if SETTINGS.plugins.key?(settings_key.to_s)
-            h.merge(SETTINGS.plugins[settings_key.to_s].to_h)
-          else
-            h
-          end
-        end
-        ForemanTasksCore::SettingsLoader.setup_settings(settings_keys.first, settings)
-      end
-    end
-  end
-end

data/lib/smart_proxy_dynflow_core/log.rb

@@ -1,146 +0,0 @@
-require 'logging'
-
-module SmartProxyDynflowCore
-  class ReopenAppender < ::Logging::Appender
-    def initialize(name, logger, opts = {})
-      @reopen = false
-      @logger = logger
-      super(name, opts)
-    end
-
-    def set(status = true)
-      @reopen = status
-    end
-
-    def append(_event)
-      if @reopen
-        Logging.reopen
-        @reopen = false
-      end
-    end
-  end
-
-  class Log
-    BASE_LOG_SIZE = 1024 * 1024 # 1 MiB
-    LOGGER_NAME = 'dynflow-core'.freeze
-
-    begin
-      require 'syslog/logger'
-      @syslog_available = true
-    rescue LoadError
-      @syslog_available = false
-    end
-
-    class << self
-      def reload!
-        Logging.logger[LOGGER_NAME].appenders.each(&:close)
-        Logging.logger[LOGGER_NAME].clear_appenders
-        @logger = nil
-        instance
-      end
-
-      def reopen
-        return if @logger.nil? || @reopen.nil?
-        if Settings.instance.log_file !~ /^(STDOUT|SYSLOG|JOURNALD?)$/i
-          @reopen.set
-        end
-      end
-
-      def instance
-        return ::Proxy::LogBuffer::Decorator.instance unless Settings.instance.standalone
-        return @logger if @logger
-        layout = Logging::Layouts.pattern(pattern: Settings.instance.file_logging_pattern + "\n")
-        notime_layout = Logging::Layouts.pattern(pattern: Settings.instance.system_logging_pattern + "\n")
-        log_file = Settings.instance.log_file || ''
-        @logger = Logging.logger[LOGGER_NAME]
-        @reopen = ReopenAppender.new("Reopen dummy appender", @logger)
-        @logger.add_appenders(@reopen)
-        if !Settings.instance.loaded || log_file.casecmp('STDOUT').zero?
-          @logger.add_appenders(Logging.appenders.stdout(LOGGER_NAME, layout: layout))
-        elsif log_file.casecmp('SYSLOG').zero?
-          unless @syslog_available
-            puts "Syslog is not supported on this platform, use STDOUT or a file"
-            exit(1)
-          end
-          @logger.add_appenders(Logging.appenders.syslog(LOGGER_NAME, layout: notime_layout, facility: ::Syslog::Constants::LOG_LOCAL5))
-        elsif log_file.casecmp('JOURNAL').zero? || log_file.casecmp('JOURNALD').zero?
-          begin
-            @logger.add_appenders(Logging.appenders.journald(LOGGER_NAME, LOGGER_NAME: :proxy_logger, layout: notime_layout, facility: ::Syslog::Constants::LOG_LOCAL5))
-          rescue NoMethodError
-            @logger.add_appenders(Logging.appenders.stdout(LOGGER_NAME, layout: layout))
-            @logger.warn "Journald is not available on this platform. Falling back to STDOUT."
-          end
-        else
-          begin
-            keep = Settings.instance.file_rolling_keep
-            size = BASE_LOG_SIZE * Settings.instance.file_rolling_size
-            age = Settings.instance.file_rolling_age
-            if size.positive?
-              @logger.add_appenders(Logging.appenders.rolling_file(LOGGER_NAME, layout: layout, filename: log_file, keep: keep, size: size, age: age, roll_by: 'number'))
-            else
-              @logger.add_appenders(Logging.appenders.file(LOGGER_NAME, layout: layout, filename: log_file))
-            end
-          rescue ArgumentError => ae
-            @logger.add_appenders(Logging.appenders.stdout(LOGGER_NAME, layout: layout))
-            @logger.warn "Log file #{log_file} cannot be opened. Falling back to STDOUT: #{ae}"
-          end
-        end
-        @logger.level = ::Logging.level_num(Settings.instance.log_level)
-        @logger
-      end
-
-      def with_fields(fields = {})
-        ::Logging.ndc.push(fields) do
-          yield
-        end
-      end
-
-      # Standard way for logging exceptions to get the most data in the log. By default
-      # it logs via warn level, this can be changed via options[:level]
-      def exception(context_message, exception, options = {})
-        level = options[:level] || :warn
-        unless ::Logging::LEVELS.keys.include?(level.to_s)
-          raise "Unexpected log level #{level}, expected one of #{::Logging::LEVELS.keys}"
-        end
-        # send class, message and stack as structured fields in addition to message string
-        backtrace = exception.backtrace ? exception.backtrace : []
-        extra_fields = {
-          exception_class: exception.class.name,
-          exception_message: exception.message,
-          exception_backtrace: backtrace
-        }
-        extra_fields[:foreman_code] = exception.code if exception.respond_to?(:code)
-        with_fields(extra_fields) do
-          @logger.public_send(level) do
-            ([context_message, "#{exception.class}: #{exception.message}"] + backtrace).join("\n")
-          end
-        end
-      end
-    end
-
-    class ProxyStructuredFormater < ::Dynflow::LoggerAdapters::Formatters::Abstract
-      def format(message)
-        if message.is_a?(Exception)
-          subject = "#{message.message} (#{message.class})"
-          if @base.respond_to?(:exception)
-            @base.exception("Error details", message)
-            subject
-          else
-            "#{subject}\n#{message.backtrace.join("\n")}"
-          end
-        else
-          @original_formatter.call(severity, datetime, prog_name, message)
-        end
-      end
-    end
-
-    class ProxyAdapter < ::Dynflow::LoggerAdapters::Simple
-      def initialize(logger, level = Logger::DEBUG, _formatters = [])
-        @logger           = logger
-        @logger.level     = level
-        @action_logger    = apply_formatters(ProgNameWrapper.new(@logger, ' action'), [])
-        @dynflow_logger   = apply_formatters(ProgNameWrapper.new(@logger, 'dynflow'), [])
-      end
-    end
-  end
-end

data/lib/smart_proxy_dynflow_core/logger_middleware.rb

@@ -1,31 +0,0 @@
-module SmartProxyDynflowCore
-  class LoggerMiddleware
-    def initialize(app)
-      @logger = SmartProxyDynflowCore::Log.instance
-      @app = app
-    end
-
-    def call(env)
-      before = Time.now.to_f
-      status = 500
-      env['rack.logger'] = @logger
-      @logger.info { "Started #{env['REQUEST_METHOD']} #{env['PATH_INFO']} #{env['QUERY_STRING']}" }
-      @logger.debug { 'Headers: ' + env.select { |k, v| k.start_with? 'HTTP_' }.inspect }
-      if @logger.debug? && env['rack.input']
-        body = env['rack.input'].read
-        @logger.debug('Body: ' + body) unless body.empty?
-        env['rack.input'].rewind
-      end
-      status, = @app.call(env)
-    rescue Exception => e
-      Log.exception "Error processing request '#{::Logging.mdc['request']}", e
-      raise e
-    ensure
-      @logger.info do
-        after = Time.now.to_f
-        duration = (after - before) * 1000
-        "Finished #{env['REQUEST_METHOD']} #{env['PATH_INFO']} with #{status} (#{duration.round(2)} ms)"
-      end
-    end
-  end
-end

data/lib/smart_proxy_dynflow_core/middleware/keep_current_request_id.rb

@@ -1,59 +0,0 @@
-module Actions
-  module Middleware
-    class KeepCurrentRequestID < Dynflow::Middleware
-      def delay(*args)
-        pass(*args).tap { store_current_request_id }
-      end
-
-      def plan(*args)
-        with_current_request_id do
-          pass(*args).tap { store_current_request_id }
-        end
-      end
-
-      def run(*args)
-        restore_current_request_id { pass(*args) }
-      end
-
-      def finalize
-        restore_current_request_id { pass }
-      end
-
-      # Run all execution plan lifecycle hooks as the original request_id
-      def hook(*args)
-        restore_current_request_id { pass(*args) }
-      end
-
-      private
-
-      def with_current_request_id
-        if action.input[:current_request_id].nil?
-          yield
-        else
-          restore_current_request_id { yield }
-        end
-      end
-
-      def store_current_request_id
-        action.input[:current_request_id] = ::Logging.mdc['request']
-      end
-
-      def restore_current_request_id
-        unless (restored_id = action.input[:current_request_id]).nil?
-          old_id = ::Logging.mdc['request']
-          if !old_id.nil? && old_id != restored_id
-            action.action_logger.warn('Changing request id %{request_id} to saved id %{saved_id}' % { :saved_id => restored_id, :request_id => old_id })
-          end
-          ::Logging.mdc['request'] = restored_id
-        end
-        yield
-      ensure
-        # Reset to original request id only when not nil
-        # Otherwise, keep the id until it's cleaned in  Dynflow's run_user_code block
-        # so that it will stay valid for the rest of the processing of the current step
-        # (even outside of the middleware lifecycle)
-        ::Logging.mdc['request'] = old_id unless old_id.nil?
-      end
-    end
-  end
-end

data/lib/smart_proxy_dynflow_core/request_id_middleware.rb

@@ -1,18 +0,0 @@
-module SmartProxyDynflowCore
-  class RequestIdMiddleware
-    def initialize(app)
-      @app = app
-    end
-
-    def call(env)
-      ::Logging.mdc['remote_ip'] = env['REMOTE_ADDR']
-      if env.has_key?('HTTP_X_REQUEST_ID')
-        ::Logging.mdc['request'] = env['HTTP_X_REQUEST_ID']
-      else
-        ::Logging.mdc['request'] = SecureRandom.uuid
-      end
-      status, header, body = @app.call(env)
-      [status, header, ::Rack::BodyProxy.new(body) { ::Logging.mdc.clear }]
-    end
-  end
-end

data/lib/smart_proxy_dynflow_core/settings.rb

@@ -1,86 +0,0 @@
-require 'ostruct'
-
-module SmartProxyDynflowCore
-  class Settings < OpenStruct
-    DEFAULT_SETTINGS = {
-      :database => '/var/lib/foreman-proxy/dynflow/dynflow.sqlite',
-      :foreman_url => 'https://127.0.0.1:3000',
-      :console_auth => true,
-      :listen => '127.0.0.1',
-      :port => '8008',
-      :use_https => false,
-      :ssl_ca_file => nil,
-      :ssl_private_key => nil,
-      :ssl_certificate => nil,
-      :ssl_disabled_ciphers => [],
-      :tls_disabled_versions => [],
-      :foreman_ssl_ca => nil,
-      :foreman_ssl_key => nil,
-      :foreman_ssl_cert => nil,
-      :standalone => false,
-      :log_file => '/var/log/foreman-proxy/smart_proxy_dynflow_core.log',
-      :log_level => :ERROR,
-      :plugins => {},
-      :pid_file => '/var/run/foreman-proxy/smart_proxy_dynflow_core.pid',
-      :daemonize => false,
-      :execution_plan_cleaner_age => 60 * 60 * 24,
-      :loaded => false,
-      :file_logging_pattern => '%d %.8X{request} [%.1l] %m',
-      :system_logging_pattern => '%.8X{request} [%.1l] %m',
-      :file_rolling_keep => 6,
-      :file_rolling_size => 0,
-      :file_rolling_age => 'weekly'
-    }.freeze
-
-    PROXY_SETTINGS = %i[ssl_ca_file ssl_certificate ssl_private_key foreman_url
-                        foreman_ssl_ca foreman_ssl_cert foreman_ssl_key
-                        log_file log_level ssl_disabled_ciphers].freeze
-    PLUGIN_SETTINGS = %i[database core_url console_auth
-                         execution_plan_cleaner_age].freeze
-
-    def initialize(settings = {})
-      super(DEFAULT_SETTINGS.merge(settings))
-    end
-
-    def self.instance
-      SmartProxyDynflowCore::SETTINGS
-    end
-
-    def self.load_global_settings(path)
-      if File.exist? File.join(path)
-        YAML.load_file(path).each do |key, value|
-          SETTINGS[key] = value
-        end
-      end
-    end
-
-    def self.loaded!
-      Settings.instance.loaded = true
-      Log.instance.info 'Settings loaded, reloading logger'
-      Log.reload!
-    end
-
-    def self.load_from_proxy(plugin)
-      settings = plugin.settings.to_h
-      PROXY_SETTINGS.each do |key|
-        SETTINGS[key] = Proxy::SETTINGS[key]
-      end
-      PLUGIN_SETTINGS.each do |key|
-        SETTINGS[key] = settings[key] if settings.key?(key)
-      end
-      SETTINGS.plugins.values.each(&:load_settings_from_proxy)
-      Settings.loaded!
-    end
-
-    def self.load_plugin_settings(path)
-      settings = YAML.load_file(path)
-      name = File.basename(path).gsub(/\.yml$/, '')
-      if SETTINGS.plugins.key? name
-        settings = SETTINGS.plugins[name].to_h.merge(settings || {})
-      end
-      SETTINGS.plugins[name] = OpenStruct.new settings
-    end
-  end
-end
-
-SmartProxyDynflowCore::SETTINGS = SmartProxyDynflowCore::Settings.new

data/lib/smart_proxy_dynflow_core/testing.rb

@@ -1,28 +0,0 @@
-require 'dynflow/testing'
-
-unless defined? DYNFLOW_TESTING_LOG_LEVEL
-  DYNFLOW_TESTING_LOG_LEVEL = 4
-end
-
-module SmartProxyDynflowCore
-  class Dynflow
-    # Helper for usage in other dependent plugins that need Dynflow
-    # related things, such as testing instance of world etc.
-    module Testing
-      class << self
-        def create_world(&block)
-          Core.ensure_initialized
-          Core.instance.create_world do |config|
-            config.exit_on_terminate = false
-            config.auto_terminate    = false
-            config.logger_adapter    = ::Dynflow::LoggerAdapters::Simple.new $stderr, DYNFLOW_TESTING_LOG_LEVEL
-            config.execution_plan_cleaner = nil
-            yield(config) if block
-          end
-        end
-      end
-    end
-  end
-end
-
-Concurrent.disable_at_exit_handlers!