smart_proxy_shellhooks 0.9.1 → 0.9.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8fb140ee88a525e810ef2e989aaf54bed73747cdf3d4da434f23d3f82b5a9571
-  data.tar.gz: 489d0ee9b913e06470ad6c0e05d148fa9321ed27be115608756cca81f08d6678
+  metadata.gz: 1e061eb911543192bd2bbe883ec1cd187c6fa4959caad88fed0b262e9eff07fb
+  data.tar.gz: f8ceeacfd512558776ae6b8f5599e8e3142e4484970dfafef67ce788ddf3fac8
 SHA512:
-  metadata.gz: f6c37f82b64fece7c8f576bdc17a16bdec36b08c28327abb7c42cff40c158d834acf6f97a5b800f8c7ac22f15ff3a33abbced4a3132652aa163d73e8b74f1dab
-  data.tar.gz: 7eb778176299851eaad9b27d06131317390c3107e4395e092a4cd3d87d482bd9d20f351af0992413316d4537d58806bc96038ed7bb910317eff9c93e4dac9b9d
+  metadata.gz: 79088ea74e01d619f1841345f0da3e0decddcd570a2b2458902be94a6a03c520c2868240908bf7a38d6284a0598a1ba62e7e3ff3b8574628204af3511be04a6c
+  data.tar.gz: 800ebeef19985c96fd2101328a2f1953090baedf9397d74922ba65fc3239ef069a6971949c547147cfe87b878121e94ad4dcfea002f8e3d7ec408dabd2a3aa9c

data/README.md

@@ -1,16 +1,16 @@
 # Smart Proxy Shell Hooks
 
-Provides an endpoint for foreman_webhooks plugin executing binaries (shell scripts, python scripts, anything). Remember CGI? :-)
+Provides an endpoint for foreman_webhooks plugin executing binaries (shell scripts, python scripts, anything).
 
 ## Installation
 
-Install the plugin using the foreman-installer. Never enable this service via HTTP endpoint, only HTTPS with authentication using client certificate should be used.
+Install the plugin using the foreman-installer. Never enable this service via HTTP endpoint, only HTTPS with authentication using client certificate and with trusted hosts should be used.
 
-Open up `/var/lib/foreman/shellhooks` to see some examples, these are harmless stubs that does nothing.
+Open up `/var/lib/foreman-proxy/shellhooks` to see some examples, these are harmless stubs that do nothing as a starting point.
 
 ## Writing scripts
 
-Script must be placed in `/var/lib/foreman/shellhooks` having a name consisting of alphanums, dash or underscore. The file must be executable. To see list of availble and valid scripts matching the requirements, perform:
+Script must be placed in `/var/lib/foreman-proxy/shellhooks` having a name consisting of alphanums, dash or underscore. The file must be executable. To see list of availble and valid scripts matching the requirements, perform:
 
     $ curl -s https://localhost:9090/shellhook/ | jq
     {
@@ -34,7 +34,7 @@ To execute an example script which prints input back to output (smart-proxy log)
 
 To find out if the script was executed, open up smart-proxy log:
 
-    2020-08-27T12:23:37 eabe1a74 [I] Started POST /shellhook/print_body 
+    2020-08-27T12:23:37 eabe1a74 [I] Started POST /shellhook/print_body
     2020-08-27T12:23:37 eabe1a74 [D] Headers: {"HTTP_HOST"=>"localhost:9090", "HTTP_USER_AGENT"=>"curl/7.69.1", "HTTP_ACCEPT"=>"*/*", "HTTP_VERSION"=>"HTTP/1.1"}
     2020-08-27T12:23:37 eabe1a74 [D] Body: This is a test
     2020-08-27T12:23:37 eabe1a74 [I] Finished POST /shellhook/print_body with 200 (0.68 ms)
@@ -66,5 +66,5 @@ This can be useful for passing database ID or other simple fields so standard JS
 * The return (exit) value is only logged into the smart-proxy logger.
 * Optionally HTTP headers X-Shellhook-Arg-1 to N are passed as arguments.
 * HTTP return code is 200 when script was executed (not output) or non-200 when the plugin failed (not script).
-* Keep in mind all the input is usafe, clean every individual data element or argument to prevent security vulnerability.
+* Keep in mind all the input is unsafe, clean every individual data element or argument to prevent security vulnerability.
 * Example templates are shipped with foreman_webhooks plugin and few scripts with this plugin.

data/examples/print_args

@@ -1,5 +1,5 @@
 #!/bin/sh
 #
-# Prints all arguments
+# Prints all arguments to stderr
 #
-echo "$@"
+echo "$@" >&2

data/lib/smart_proxy_shellhooks/shellhooks.rb

@@ -6,7 +6,6 @@ module Proxy::ShellHooks
 
     default_settings :directory => '/var/lib/foreman/shellhooks'
 
-    http_rackup_path File.expand_path('shellhooks_http_config.ru', File.expand_path('../', __FILE__))
-    https_rackup_path File.expand_path('shellhooks_http_config.ru', File.expand_path('../', __FILE__))
+    rackup_path File.expand_path('shellhooks_http_config.ru', __dir__)
   end
 end

data/lib/smart_proxy_shellhooks/shellhooks_api.rb

@@ -8,6 +8,9 @@ module Proxy::ShellHooks
     include ::Proxy::Log
     helpers ::Proxy::Helpers
 
+    authorize_with_ssl_client
+    authorize_with_trusted_hosts
+
     get '/' do
       executable = []
       other = []

data/lib/smart_proxy_shellhooks/version.rb

@@ -1,5 +1,5 @@
 module Proxy
   module ShellHooks
-    VERSION = '0.9.1'
+    VERSION = '0.9.3'
   end
 end

data/settings.d/shellhooks.yml.example

@@ -1,6 +1,6 @@
 ---
-# always enable HTTPS only
-#:enabled: https
+# Use https for production deployments. http and true only make sense in development
 :enabled: false
-# directory with executables
+
+# Directory with executables.
 :directory: /var/lib/foreman-proxy/shellhooks

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: smart_proxy_shellhooks
 version: !ruby/object:Gem::Version
-  version: 0.9.1
+  version: 0.9.3
 platform: ruby
 authors:
 - Lukas Zapletal
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-01-05 00:00:00.000000000 Z
+date: 2024-05-15 00:00:00.000000000 Z
 dependencies: []
 description: Provides easy integration with 3rd parties for Foreman
 email: lzap+spam@redhat.com
@@ -50,7 +50,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.5.9
 signing_key:
 specification_version: 4
 summary: Run shell scripts via Foreman webhooks