0001-passerelle-use-shared_secret-for-ApiUser.key-fixes-8.patch
| hobo/agent/passerelle/management/commands/hobo_deploy.py | ||
|---|---|---|
| 2 | 2 | |
| 3 | 3 |
from tenant_schemas.utils import tenant_context |
| 4 | 4 |
from hobo.agent.common.management.commands import hobo_deploy |
| 5 |
from hobo.multitenant.settings_loaders import KnownServices |
|
| 5 | 6 | |
| 6 | 7 |
from passerelle.base.models import ApiUser |
| 7 | 8 | |
| ... | ... | |
| 12 | 13 |
def deploy_specifics(self, hobo_environment, tenant): |
| 13 | 14 |
super(Command, self).deploy_specifics(hobo_environment, tenant) |
| 14 | 15 |
with tenant_context(tenant): |
| 15 |
for service in hobo_environment.get('services'):
|
|
| 16 |
services = hobo_environment.get('services')
|
|
| 17 |
for service in services: |
|
| 18 |
if service.get('this'):
|
|
| 19 |
this = service |
|
| 20 |
break |
|
| 21 |
else: |
|
| 22 |
raise RuntimeError('unable to find this service')
|
|
| 23 |
our_key = this['secret_key'] |
|
| 24 |
for service in services: |
|
| 16 | 25 |
if service.get('this') or not service.get('secret_key'):
|
| 17 | 26 |
continue |
| 18 | 27 |
domain = urlparse.urlparse(service.get('base_url')).netloc.split(':')[0]
|
| 19 | 28 |
obj, created = ApiUser.objects.get_or_create(username=domain, |
| 20 | 29 |
keytype='SIGN') |
| 21 | 30 |
obj.fullname = service.get('title')
|
| 22 |
obj.key = service.get('secret_key')
|
|
| 31 |
their_key = service.get('secret_key')
|
|
| 32 |
obj.key = KnownServices.shared_secret(our_key, their_key) |
|
| 23 | 33 |
obj.save() |
| jenkins.sh | ||
|---|---|---|
| 10 | 10 | |
| 11 | 11 |
tox |
| 12 | 12 | |
| 13 |
./merge-junit-results.py hobo_server_test_results.xml multitenant_test_results.xml authentic2_agent_test_results.xml >test_results.xml |
|
| 13 |
./merge-junit-results.py hobo_server_test_results.xml multitenant_test_results.xml authentic2_agent_test_results.xml passerelle_agent_test_results.xml >test_results.xml
|
|
| 14 | 14 |
./merge-coverage.py -o coverage.xml *_coverage.xml |
| 15 | 15 | |
| 16 | 16 | |
| tests_passerelle/conftest.py | ||
|---|---|---|
| 1 |
import os |
|
| 2 |
import tempfile |
|
| 3 |
import shutil |
|
| 4 |
import json |
|
| 5 | ||
| 6 |
import pytest |
|
| 7 | ||
| 8 |
@pytest.fixture |
|
| 9 |
def tenant_base(request, settings): |
|
| 10 |
base = tempfile.mkdtemp('passerelle-tenant-base')
|
|
| 11 |
settings.TENANT_BASE = base |
|
| 12 |
def fin(): |
|
| 13 |
shutil.rmtree(base) |
|
| 14 |
request.addfinalizer(fin) |
|
| 15 |
return tenant_base |
|
| tests_passerelle/settings.py | ||
|---|---|---|
| 1 |
import os.path |
|
| 2 |
import __builtin__ as builtin |
|
| 3 |
from mock import mock_open, patch |
|
| 4 |
import os |
|
| 5 | ||
| 6 |
# Debian defaults |
|
| 7 |
DEBUG = False |
|
| 8 | ||
| 9 |
PROJECT_NAME = 'passerelle' |
|
| 10 | ||
| 11 |
# |
|
| 12 |
# hobotization (multitenant) |
|
| 13 |
# |
|
| 14 |
with patch.object(builtin, 'file', mock_open(read_data='xxx')): |
|
| 15 |
execfile(os.environ['DEBIAN_CONFIG_COMMON']) |
|
| 16 | ||
| 17 |
# suds logs are buggy |
|
| 18 |
LOGGING['loggers']['suds'] = {
|
|
| 19 |
'level': 'ERROR', |
|
| 20 |
'handlers': ['mail_admins', 'sentry'], |
|
| 21 |
'propagate': True, |
|
| 22 |
} |
|
| 23 | ||
| 24 |
# Add passerelle hobo agent |
|
| 25 |
INSTALLED_APPS = ('hobo.agent.passerelle',) + INSTALLED_APPS
|
|
| tests_passerelle/test_deploy.py | ||
|---|---|---|
| 1 |
import json |
|
| 2 |
import sys |
|
| 3 |
import time |
|
| 4 | ||
| 5 |
from tenant_schemas.utils import tenant_context |
|
| 6 |
from hobo.multitenant.middleware import TenantMiddleware |
|
| 7 |
from django.core.management import call_command |
|
| 8 |
import StringIO |
|
| 9 | ||
| 10 | ||
| 11 |
def test_deploy_specifics(db, tenant_base): |
|
| 12 |
from django.conf import settings |
|
| 13 |
from passerelle.base.models import ApiUser |
|
| 14 | ||
| 15 |
hobo_json = {
|
|
| 16 |
'variables': {
|
|
| 17 |
'hobo_test_variable': True, |
|
| 18 |
'other_variable': 'foo', |
|
| 19 |
}, |
|
| 20 |
'services': [ |
|
| 21 |
{
|
|
| 22 |
'slug': 'test', |
|
| 23 |
'title': 'Test', |
|
| 24 |
'service-id': 'welco', |
|
| 25 |
'this': True, |
|
| 26 |
'secret_key': '12345', |
|
| 27 |
'base_url': 'http://passerelle.example.net', |
|
| 28 |
'saml-sp-metadata-url': 'http://passerelle.example.net/saml/metadata', |
|
| 29 |
'variables': {
|
|
| 30 |
'other_variable': 'bar', |
|
| 31 |
} |
|
| 32 |
}, |
|
| 33 |
{
|
|
| 34 |
'slug': 'other', |
|
| 35 |
'title': 'Other', |
|
| 36 |
'secret_key': 'abcde', |
|
| 37 |
'service-id': 'wcs', |
|
| 38 |
'base_url': 'http://wcs.example.net' |
|
| 39 |
}, |
|
| 40 |
] |
|
| 41 |
} |
|
| 42 |
old_stdin = sys.stdin |
|
| 43 |
sys.stdin = StringIO.StringIO(json.dumps(hobo_json)) |
|
| 44 |
try: |
|
| 45 |
call_command('hobo_deploy', 'http://passerelle.example.net', '-')
|
|
| 46 |
finally: |
|
| 47 |
sys.stdin = old_stdin |
|
| 48 | ||
| 49 |
assert len(list(TenantMiddleware.get_tenants())) == 1 |
|
| 50 |
tenant = next(TenantMiddleware.get_tenants()) |
|
| 51 |
with tenant_context(tenant): |
|
| 52 |
# There is a 3 seconds cache now, hobo.json could be outdated |
|
| 53 |
settings.clear_tenants_settings() |
|
| 54 |
other = settings.KNOWN_SERVICES['wcs']['other'] |
|
| 55 |
secret = other['secret'] |
|
| 56 |
assert ApiUser.objects.filter(username=other['verif_orig'], keytype='SIGN', |
|
| 57 |
key=secret).count() == 1 |
|
| tox.ini | ||
|---|---|---|
| 79 | 79 |
pylint==1.4.0 |
| 80 | 80 |
astroid==1.3.2 |
| 81 | 81 |
WebTest |
| 82 | ||
| 83 | ||
| 84 |
[testenv:hobo-agent-passerelle] |
|
| 85 |
# django.contrib.auth is not tested it does not work with our templates |
|
| 86 |
whitelist_externals = |
|
| 87 |
/bin/mv |
|
| 88 |
pip |
|
| 89 |
setenv = |
|
| 90 |
DEBIAN_CONFIG_COMMON=debian/debian_config_common.py |
|
| 91 |
DJANGO_SETTINGS_MODULE=passerelle.settings |
|
| 92 |
PASSERELLE_SETTINGS_FILE=tests_passerelle/settings.py |
|
| 93 |
commands = |
|
| 94 |
./getlasso.sh |
|
| 95 |
pip install http://git.entrouvert.org/passerelle.git/snapshot/passerelle-master.tar.gz |
|
| 96 | ||
| 97 |
py.test --junitxml=passerelle_agent_test_results.xml --cov-report xml --cov=hobo/ --cov-config .coveragerc --nomigration tests_passerelle/ |
|
| 98 |
mv coverage.xml passerelle_agent_coverage.xml |
|
| 99 |
usedevelop = True |
|
| 100 |
deps = django>1.7,<1.8 |
|
| 101 |
coverage |
|
| 102 |
pytest |
|
| 103 |
pytest-cov |
|
| 104 |
pytest-django |
|
| 105 |
pytest-mock |
|
| 106 |
mock |
|
| 107 |
raven |
|
| 108 |
cssselect |
|
| 109 |
pylint==1.4.0 |
|
| 110 |
astroid==1.3.2 |
|
| 111 |
WebTest |
|
| 82 |
- |
|