smart_proxy_omaha 0.0.5 → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +10 -1
- data/lib/smart_proxy_omaha/configuration_loader.rb +10 -1
- data/lib/smart_proxy_omaha/distribution.rb +82 -0
- data/lib/smart_proxy_omaha/omaha_api.rb +9 -1
- data/lib/smart_proxy_omaha/omaha_plugin.rb +8 -1
- data/lib/smart_proxy_omaha/omaha_protocol/handler.rb +2 -1
- data/lib/smart_proxy_omaha/omaha_protocol/request.rb +4 -2
- data/lib/smart_proxy_omaha/omaha_protocol/updateresponse.rb +1 -1
- data/lib/smart_proxy_omaha/plugin_validators.rb +11 -0
- data/lib/smart_proxy_omaha/release.rb +22 -14
- data/lib/smart_proxy_omaha/release_provider.rb +7 -15
- data/lib/smart_proxy_omaha/release_repository.rb +12 -3
- data/lib/smart_proxy_omaha/syncer.rb +7 -1
- data/lib/smart_proxy_omaha/track.rb +1 -1
- data/lib/smart_proxy_omaha/version.rb +1 -1
- data/settings.d/omaha.yml.example +1 -0
- data/smart_proxy_omaha.gemspec +2 -2
- data/test/fixtures/ca.crt +3 -0
- data/test/fixtures/flatcar_releases-stable.json +1077 -0
- data/test/omaha/omaha_api_test.rb +19 -0
- data/test/omaha/omaha_protocol/request_test.rb +7 -3
- data/test/omaha/release_provider_test.rb +27 -7
- data/test/omaha/release_repository_test.rb +3 -5
- data/test/omaha/release_test.rb +6 -0
- metadata +9 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5d051d24703ccf8ca213ea5ef8f32eac0957800eab212ef3ed1359d6ac81e974
|
4
|
+
data.tar.gz: 390ac44a594df027120ac70e5d937aa62f149a5f08a80546ba7fbd237605e41c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7e5e1154726883c8c6ff199b44a83ff104ba9d418099c35bc08f60858a9e10f243f5756ac6dfabe483969d1839020e557397f5f486d36f9b983bff89f25f126b
|
7
|
+
data.tar.gz: bb2b1b8d15424edb89f55ad7e0e672e7efbb1b6588ff20742adc867ce64629421d136871cef291decd33118fcfe9510152084a082907e08201a442a7240e28f5
|
data/README.md
CHANGED
@@ -39,7 +39,8 @@ vim /etc/ssl/certs/customCA_root.pem
|
|
39
39
|
sudo /usr/sbin/update-ca-certificates
|
40
40
|
```
|
41
41
|
|
42
|
-
To configure CoreOS to connect to the Omaha smart-proxy for updates, edit `/etc/coreos/update.conf
|
42
|
+
To configure CoreOS to connect to the Omaha smart-proxy for updates, edit `/etc/coreos/update.conf`,
|
43
|
+
to configure Flatcar to connect to the Omaha smart-proxy for updates, edit `/etc/flatcar/update.conf`:
|
43
44
|
|
44
45
|
```
|
45
46
|
GROUP=stable
|
@@ -111,11 +112,19 @@ $ journalctl -u update-engine.service
|
|
111
112
|
In the settings file you can specify a http proxy that is used to download Omaha content.
|
112
113
|
You need to allow https access to these servers:
|
113
114
|
|
115
|
+
For CoreOS:
|
114
116
|
* alpha.release.core-os.net
|
115
117
|
* beta.release.core-os.net
|
116
118
|
* stable.release.core-os.net
|
117
119
|
* update.release.core-os.net
|
118
120
|
|
121
|
+
For Flatcar:
|
122
|
+
* www.flatcar-linux.org
|
123
|
+
* alpha.release.flatcar-linux.net
|
124
|
+
* beta.release.flatcar-linux.net
|
125
|
+
* stable.release.flatcar-linux.net
|
126
|
+
* update.release.flatcar-linux.net
|
127
|
+
|
119
128
|
## Make it High Available
|
120
129
|
|
121
130
|
In order to make the Omaha Smart Proxy high available or add additional capacity, just scale out and put a loadbalancer in front of the proxies.
|
@@ -4,11 +4,20 @@ module ::Proxy::Omaha
|
|
4
4
|
require 'smart_proxy_omaha/dependency_injection'
|
5
5
|
require 'smart_proxy_omaha/foreman_client'
|
6
6
|
require 'smart_proxy_omaha/omaha_api'
|
7
|
+
require 'smart_proxy_omaha/distribution'
|
7
8
|
end
|
8
9
|
|
9
10
|
def load_dependency_injection_wirings(container_instance, settings)
|
10
11
|
container_instance.singleton_dependency :foreman_client_impl, Proxy::Omaha::ForemanClient
|
11
|
-
container_instance.singleton_dependency :
|
12
|
+
container_instance.singleton_dependency :distribution_impl, (lambda do
|
13
|
+
Proxy::Omaha::Distribution.new(settings[:distribution])
|
14
|
+
end)
|
15
|
+
container_instance.singleton_dependency :release_repository_impl, (lambda do
|
16
|
+
Proxy::Omaha::ReleaseRepository.new(
|
17
|
+
:contentpath => settings[:contentpath],
|
18
|
+
:distribution => container_instance.get_dependency(:distribution_impl)
|
19
|
+
)
|
20
|
+
end)
|
12
21
|
container_instance.singleton_dependency :metadata_provider_impl, (lambda do
|
13
22
|
Proxy::Omaha::MetadataProvider.new(:contentpath => settings[:contentpath])
|
14
23
|
end)
|
@@ -0,0 +1,82 @@
|
|
1
|
+
require 'smart_proxy_omaha/http_request'
|
2
|
+
|
3
|
+
module Proxy
|
4
|
+
module Omaha
|
5
|
+
module Distribution
|
6
|
+
def self.new(distribution)
|
7
|
+
case distribution
|
8
|
+
when 'coreos'
|
9
|
+
Coreos.new
|
10
|
+
when 'flatcar'
|
11
|
+
Flatcar.new
|
12
|
+
else
|
13
|
+
raise "Unsupported distribution."
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
17
|
+
class Base
|
18
|
+
private
|
19
|
+
|
20
|
+
def http_request
|
21
|
+
@http_request ||= ::Proxy::Omaha::HttpRequest.new
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
class Coreos < Base
|
26
|
+
def identifier
|
27
|
+
:coreos
|
28
|
+
end
|
29
|
+
|
30
|
+
def prefix
|
31
|
+
'coreos'
|
32
|
+
end
|
33
|
+
|
34
|
+
def update_filename
|
35
|
+
'update.gz'
|
36
|
+
end
|
37
|
+
|
38
|
+
def upstream(track, architecture, version)
|
39
|
+
"https://#{track}.release.core-os.net/#{architecture}/#{version}"
|
40
|
+
end
|
41
|
+
|
42
|
+
def update_upstream(architecture, version)
|
43
|
+
"https://update.release.core-os.net/#{architecture}/#{version}"
|
44
|
+
end
|
45
|
+
|
46
|
+
def releases(track, architecture)
|
47
|
+
release_data = http_request.get("https://#{track}.release.core-os.net/#{architecture}/")
|
48
|
+
xml = Nokogiri::HTML(release_data)
|
49
|
+
(xml.xpath('//a/text()').map(&:to_s) - ['current'])
|
50
|
+
end
|
51
|
+
end
|
52
|
+
|
53
|
+
class Flatcar < Base
|
54
|
+
def identifier
|
55
|
+
:flatcar
|
56
|
+
end
|
57
|
+
|
58
|
+
def prefix
|
59
|
+
'flatcar'
|
60
|
+
end
|
61
|
+
|
62
|
+
def update_filename
|
63
|
+
'flatcar_production_update.gz'
|
64
|
+
end
|
65
|
+
|
66
|
+
def upstream(track, architecture, version)
|
67
|
+
"https://#{track}.release.flatcar-linux.net/#{architecture}/#{version}"
|
68
|
+
end
|
69
|
+
|
70
|
+
def update_upstream(architecture, version)
|
71
|
+
"https://update.release.flatcar-linux.net/#{architecture}/#{version}"
|
72
|
+
end
|
73
|
+
|
74
|
+
def releases(track, architecture)
|
75
|
+
feed_data = http_request.get("https://www.flatcar-linux.org/releases-json/releases-#{track}.json")
|
76
|
+
json_feed = JSON.parse(feed_data)
|
77
|
+
json_feed.select { |_, release| release['architectures'].include?(architecture.split('-').first) }.keys - ['current']
|
78
|
+
end
|
79
|
+
end
|
80
|
+
end
|
81
|
+
end
|
82
|
+
end
|
@@ -12,6 +12,7 @@ module Proxy::Omaha
|
|
12
12
|
inject_attr :foreman_client_impl, :foreman_client
|
13
13
|
inject_attr :release_repository_impl, :release_repository
|
14
14
|
inject_attr :metadata_provider_impl, :metadata_provider
|
15
|
+
inject_attr :distribution_impl, :distribution
|
15
16
|
|
16
17
|
post '/v1/update' do
|
17
18
|
request.body.rewind
|
@@ -19,7 +20,8 @@ module Proxy::Omaha
|
|
19
20
|
omaha_request = Proxy::Omaha::OmahaProtocol::Request.new(
|
20
21
|
request_body,
|
21
22
|
:ip => request.ip,
|
22
|
-
:base_url => request.base_url
|
23
|
+
:base_url => request.base_url,
|
24
|
+
:distribution => distribution.identifier
|
23
25
|
)
|
24
26
|
omaha_handler = Proxy::Omaha::OmahaProtocol::Handler.new(
|
25
27
|
:request => omaha_request,
|
@@ -50,5 +52,11 @@ module Proxy::Omaha
|
|
50
52
|
)
|
51
53
|
end.to_json
|
52
54
|
end
|
55
|
+
|
56
|
+
get '/ca' do
|
57
|
+
not_found if Proxy::SETTINGS.ssl_ca_file.nil? || Proxy::SETTINGS.ssl_ca_file.empty? || !File.exists?(Proxy::SETTINGS.ssl_ca_file)
|
58
|
+
content_type 'text/plain'
|
59
|
+
File.read(Proxy::SETTINGS.ssl_ca_file)
|
60
|
+
end
|
53
61
|
end
|
54
62
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
require 'smart_proxy_omaha/plugin_validators'
|
2
|
+
|
1
3
|
module Proxy::Omaha
|
2
4
|
class NotFound < RuntimeError; end
|
3
5
|
|
@@ -10,9 +12,14 @@ module Proxy::Omaha
|
|
10
12
|
load_classes ::Proxy::Omaha::ConfigurationLoader
|
11
13
|
load_dependency_injection_wirings ::Proxy::Omaha::ConfigurationLoader
|
12
14
|
|
15
|
+
load_validators :distribution_validator => ::Proxy::Omaha::PluginValidators::DistributionValidator
|
16
|
+
|
13
17
|
default_settings :sync_releases => 0,
|
14
|
-
:contentpath => '/var/lib/foreman-proxy/omaha/content'
|
18
|
+
:contentpath => '/var/lib/foreman-proxy/omaha/content',
|
19
|
+
:distribution => 'coreos'
|
15
20
|
|
16
21
|
validate_readable :contentpath
|
22
|
+
|
23
|
+
validate :distribution, :distribution_validator => true
|
17
24
|
end
|
18
25
|
end
|
@@ -102,7 +102,8 @@ module Proxy::Omaha::OmahaProtocol
|
|
102
102
|
:appid => request.appid,
|
103
103
|
:metadata => metadata_provider.get(request.track, latest_os, request.board),
|
104
104
|
:board => request.board,
|
105
|
-
:base_url => request.base_url
|
105
|
+
:base_url => request.base_url,
|
106
|
+
:name => latest_os.update_filename
|
106
107
|
)
|
107
108
|
else
|
108
109
|
logger.info "OmahaHandler: No update."
|
@@ -6,12 +6,13 @@ module Proxy::Omaha::OmahaProtocol
|
|
6
6
|
attr_reader :appid, :version, :track, :updatecheck, :eventtype, :eventresult, :board,
|
7
7
|
:alephversion, :oemversion, :oem, :machineid,
|
8
8
|
:platform, :osmajor, :osminor, :hostname, :ipaddress, :ipaddress6,
|
9
|
-
:body, :ip, :base_url, :ping
|
9
|
+
:body, :ip, :base_url, :ping, :distribution
|
10
10
|
|
11
11
|
def initialize(body, options)
|
12
12
|
@body = body
|
13
13
|
@ip = options.fetch(:ip)
|
14
14
|
@base_url = options.fetch(:base_url)
|
15
|
+
@distribution = options.fetch(:distribution)
|
15
16
|
parse_request
|
16
17
|
parse_ipaddress
|
17
18
|
raise "Could not determine request hostname." if hostname.nil?
|
@@ -111,7 +112,8 @@ module Proxy::Omaha::OmahaProtocol
|
|
111
112
|
:ipaddress => ipaddress,
|
112
113
|
:ipaddress6 => ipaddress6,
|
113
114
|
:hostname => hostname,
|
114
|
-
:machineid => machineid
|
115
|
+
:machineid => machineid,
|
116
|
+
:distribution => distribution
|
115
117
|
}
|
116
118
|
end
|
117
119
|
end
|
@@ -5,7 +5,7 @@ module Proxy::Omaha::OmahaProtocol
|
|
5
5
|
def initialize(options = {})
|
6
6
|
@metadata = options.fetch(:metadata)
|
7
7
|
@architecture = options.fetch(:board)
|
8
|
-
@name =
|
8
|
+
@name = options.fetch(:name)
|
9
9
|
@size = metadata.size
|
10
10
|
@sha1_b64 = metadata.sha1_b64
|
11
11
|
@sha256_b64 = metadata.sha256_b64
|
@@ -0,0 +1,11 @@
|
|
1
|
+
module Proxy
|
2
|
+
module Omaha
|
3
|
+
module PluginValidators
|
4
|
+
class DistributionValidator < ::Proxy::PluginValidators::Base
|
5
|
+
def validate!(settings)
|
6
|
+
raise ::Proxy::Error::ConfigurationError, "Setting '#{@setting_name}' must be a supported Omaha distribution ('coreos' or 'flatcar')" unless ['coreos', 'flatcar'].include?(settings[@setting_name])
|
7
|
+
end
|
8
|
+
end
|
9
|
+
end
|
10
|
+
end
|
11
|
+
end
|
@@ -2,15 +2,17 @@ require 'fileutils'
|
|
2
2
|
require 'digest/md5'
|
3
3
|
require 'smart_proxy_omaha/http_download'
|
4
4
|
require 'smart_proxy_omaha/metadata_provider'
|
5
|
+
require 'smart_proxy_omaha/distribution'
|
5
6
|
|
6
7
|
module Proxy::Omaha
|
7
8
|
class Release
|
8
9
|
include Proxy::Log
|
9
10
|
|
10
|
-
attr_accessor :track, :version, :architecture
|
11
|
+
attr_accessor :distribution, :track, :version, :architecture
|
11
12
|
attr_writer :digests
|
12
13
|
|
13
14
|
def initialize(options)
|
15
|
+
@distribution = options.fetch(:distribution)
|
14
16
|
@track = options.fetch(:track).to_s
|
15
17
|
@architecture = options.fetch(:architecture)
|
16
18
|
@version = Gem::Version.new(options.fetch(:version))
|
@@ -108,26 +110,32 @@ module Proxy::Omaha
|
|
108
110
|
false
|
109
111
|
end
|
110
112
|
|
113
|
+
def update_filename
|
114
|
+
distribution.update_filename
|
115
|
+
end
|
116
|
+
|
111
117
|
def updatefile
|
112
|
-
File.join(path,
|
118
|
+
File.join(path, update_filename)
|
113
119
|
end
|
114
120
|
|
115
121
|
def sources
|
116
|
-
upstream =
|
122
|
+
upstream = distribution.upstream(track, architecture, version)
|
123
|
+
update_upstream = distribution.update_upstream(architecture, version)
|
124
|
+
prefix = distribution.prefix
|
117
125
|
[
|
118
|
-
"#{upstream}
|
119
|
-
"#{upstream}
|
120
|
-
"#{upstream}
|
121
|
-
"#{upstream}
|
122
|
-
"#{upstream}
|
123
|
-
"#{upstream}
|
124
|
-
"#{upstream}
|
125
|
-
"#{upstream}
|
126
|
-
"#{upstream}
|
127
|
-
"#{upstream}
|
126
|
+
"#{upstream}/#{prefix}_production_pxe.vmlinuz",
|
127
|
+
"#{upstream}/#{prefix}_production_pxe.DIGESTS",
|
128
|
+
"#{upstream}/#{prefix}_production_image.bin.bz2",
|
129
|
+
"#{upstream}/#{prefix}_production_image.bin.bz2.sig",
|
130
|
+
"#{upstream}/#{prefix}_production_image.bin.bz2.DIGESTS",
|
131
|
+
"#{upstream}/#{prefix}_production_pxe_image.cpio.gz",
|
132
|
+
"#{upstream}/#{prefix}_production_pxe_image.cpio.gz.DIGESTS",
|
133
|
+
"#{upstream}/#{prefix}_production_vmware_raw_image.bin.bz2",
|
134
|
+
"#{upstream}/#{prefix}_production_vmware_raw_image.bin.bz2.sig",
|
135
|
+
"#{upstream}/#{prefix}_production_vmware_raw_image.bin.bz2.DIGESTS",
|
128
136
|
"#{upstream}/version.txt",
|
129
137
|
"#{upstream}/version.txt.DIGESTS",
|
130
|
-
"
|
138
|
+
"#{update_upstream}/#{update_filename}"
|
131
139
|
]
|
132
140
|
end
|
133
141
|
|
@@ -1,6 +1,5 @@
|
|
1
1
|
require 'nokogiri'
|
2
2
|
require 'fileutils'
|
3
|
-
require 'smart_proxy_omaha/http_request'
|
4
3
|
require 'smart_proxy_omaha/release'
|
5
4
|
|
6
5
|
module Proxy::Omaha
|
@@ -8,12 +7,12 @@ module Proxy::Omaha
|
|
8
7
|
include ::Proxy::Log
|
9
8
|
include HttpShared
|
10
9
|
|
11
|
-
|
12
|
-
attr_accessor :architecture
|
10
|
+
attr_reader :track, :architecture, :distribution
|
13
11
|
|
14
12
|
def initialize(options)
|
15
13
|
@track = options.fetch(:track)
|
16
14
|
@architecture = options.fetch(:architecture, 'amd64-usr')
|
15
|
+
@distribution = options.fetch(:distribution)
|
17
16
|
end
|
18
17
|
|
19
18
|
def releases
|
@@ -21,19 +20,12 @@ module Proxy::Omaha
|
|
21
20
|
end
|
22
21
|
|
23
22
|
def fetch_releases
|
24
|
-
releases =
|
25
|
-
|
26
|
-
|
27
|
-
Proxy::Omaha::Release.new(:version => v, :track => track, :architecture => architecture)
|
23
|
+
releases = distribution.releases(track, architecture)
|
24
|
+
release_objects = releases.map do |version|
|
25
|
+
Proxy::Omaha::Release.new(:distribution => distribution, :version => version, :track => track, :architecture => architecture)
|
28
26
|
end.sort
|
29
|
-
logger.debug "Fetched releases for #{architecture}/#{track}: #{
|
30
|
-
|
31
|
-
end
|
32
|
-
|
33
|
-
private
|
34
|
-
|
35
|
-
def http_request
|
36
|
-
@http_request ||= ::Proxy::Omaha::HttpRequest.new
|
27
|
+
logger.debug "Fetched releases for #{architecture}/#{track}: #{release_objects.map(&:to_s).join(', ')}"
|
28
|
+
release_objects
|
37
29
|
end
|
38
30
|
end
|
39
31
|
end
|
@@ -2,11 +2,20 @@ require 'smart_proxy_omaha/release'
|
|
2
2
|
|
3
3
|
module Proxy::Omaha
|
4
4
|
class ReleaseRepository
|
5
|
+
|
6
|
+
attr_reader :contentpath, :distribution
|
7
|
+
|
8
|
+
def initialize(options)
|
9
|
+
@contentpath = options.fetch(:contentpath)
|
10
|
+
@distribution = options.fetch(:distribution)
|
11
|
+
end
|
12
|
+
|
5
13
|
def releases(track, architecture)
|
6
|
-
Dir.glob(File.join(
|
14
|
+
Dir.glob(File.join(contentpath, track, architecture, '*')).select do |f|
|
7
15
|
File.directory?(f) && ! File.symlink?(f)
|
8
16
|
end.map do |f|
|
9
17
|
Proxy::Omaha::Release.new(
|
18
|
+
:distribution => distribution,
|
10
19
|
:track => track,
|
11
20
|
:architecture => architecture,
|
12
21
|
:version => File.basename(f)
|
@@ -15,11 +24,11 @@ module Proxy::Omaha
|
|
15
24
|
end
|
16
25
|
|
17
26
|
def tracks
|
18
|
-
Dir.glob(File.join(
|
27
|
+
Dir.glob(File.join(contentpath, '*')).select {|f| File.directory? f }.map { |f| File.basename(f) }
|
19
28
|
end
|
20
29
|
|
21
30
|
def architectures(track)
|
22
|
-
Dir.glob(File.join(
|
31
|
+
Dir.glob(File.join(contentpath, track, '*')).select {|f| File.directory? f }.map { |f| File.basename(f) }
|
23
32
|
end
|
24
33
|
|
25
34
|
def latest_os(track, architecture)
|
@@ -1,6 +1,7 @@
|
|
1
1
|
require 'smart_proxy_omaha/release'
|
2
2
|
require 'smart_proxy_omaha/track'
|
3
3
|
require 'smart_proxy_omaha/release_provider'
|
4
|
+
require 'smart_proxy_omaha/distribution'
|
4
5
|
|
5
6
|
module Proxy::Omaha
|
6
7
|
class Syncer
|
@@ -46,10 +47,15 @@ module Proxy::Omaha
|
|
46
47
|
Proxy::Omaha::Plugin.settings.sync_releases.to_i
|
47
48
|
end
|
48
49
|
|
50
|
+
def distribution
|
51
|
+
Proxy::Omaha::Plugin.settings.distribution
|
52
|
+
end
|
53
|
+
|
49
54
|
def release_provider(track)
|
50
55
|
@release_provider ||= {}
|
51
56
|
@release_provider[track] ||= ReleaseProvider.new(
|
52
|
-
:track => track
|
57
|
+
:track => track,
|
58
|
+
:distribution => ::Proxy::Omaha::Distribution.new(distribution)
|
53
59
|
)
|
54
60
|
end
|
55
61
|
end
|