Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Hardik Juneja
slapos
Commits
ee2aec8d
Commit
ee2aec8d
authored
11 years ago
by
Cédric de Saint Martin
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Resilient recipe: remove hashing of urls/names.
hashing with SHA512 is only intellectual masturbation.
parent
74f4be8b
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
13 additions
and
18 deletions
+13
-18
slapos/recipe/notifier.py
slapos/recipe/notifier.py
+3
-0
slapos/recipe/pbs.py
slapos/recipe/pbs.py
+6
-14
stack/resilient/buildout.cfg
stack/resilient/buildout.cfg
+1
-1
stack/resilient/template-replicated.cfg.in
stack/resilient/template-replicated.cfg.in
+3
-3
No files found.
slapos/recipe/notifier.py
View file @
ee2aec8d
...
...
@@ -50,6 +50,9 @@ class Recipe(GenericBaseRecipe):
class
Callback
(
GenericBaseRecipe
):
def
createCallback
(
self
,
notification_id
,
callback
):
# XXX: hashing the name here and in
# slapos.toolbox/slapos/pubsub/__init__.py is completely messed up and
# prevent any debug.
callback_id
=
sha512
(
notification_id
).
hexdigest
()
filepath
=
os
.
path
.
join
(
self
.
options
[
'callbacks'
],
callback_id
)
...
...
This diff is collapsed.
Click to expand it.
slapos/recipe/pbs.py
View file @
ee2aec8d
...
...
@@ -25,7 +25,6 @@
#
##############################################################################
import
hashlib
import
json
import
os
import
signal
...
...
@@ -88,12 +87,10 @@ class Recipe(GenericSlapRecipe, Notify, Callback):
if
not
url
:
raise
ValueError
(
'Missing URL parameter for PBS recipe'
)
# We assume that thanks to sha512 there's no collisions
url_hash
=
hashlib
.
sha512
(
url
).
hexdigest
()
name_hash
=
hashlib
.
sha512
(
entry
[
'name'
]).
hexdigest
()
slave_id
=
entry
[
'notification-id'
]
promise_path
=
os
.
path
.
join
(
self
.
options
[
'promises-directory'
],
url_hash
)
slave_id
)
parsed_url
=
urlparse
.
urlparse
(
url
)
promise_dict
=
self
.
promise_base_dict
.
copy
()
promise_dict
.
update
(
user
=
parsed_url
.
username
,
...
...
@@ -104,13 +101,11 @@ class Recipe(GenericSlapRecipe, Notify, Callback):
promise_dict
)
path_list
.
append
(
promise
)
host
=
parsed_url
.
hostname
known_hosts_file
[
host
]
=
entry
[
'server-key'
]
# XXX use -y because the host might not yet be in the
# trusted hosts file until the next time slapgrid is run.
remote_schema
=
'%(ssh)s -y -p %%s %(user)s@%(host)s'
%
\
{
'ssh'
:
self
.
options
[
'sshclient-binary'
],
...
...
@@ -123,8 +118,7 @@ class Recipe(GenericSlapRecipe, Notify, Callback):
remote_directory
=
'%(port)s::%(path)s'
%
{
'port'
:
parsed_url
.
port
,
'path'
:
parsed_url
.
path
}
local_directory
=
self
.
createDirectory
(
self
.
options
[
'directory'
],
name_hash
)
local_directory
=
self
.
createDirectory
(
self
.
options
[
'directory'
],
entry
[
'name'
])
if
entry
[
'type'
]
==
'push'
:
parameters
.
extend
([
'--restore-as-of'
,
'now'
])
...
...
@@ -136,7 +130,7 @@ class Recipe(GenericSlapRecipe, Notify, Callback):
comments
=
[
''
,
'Pull data from a PBS *-export instance.'
,
''
]
wrapper_basepath
=
os
.
path
.
join
(
self
.
options
[
'wrappers-directory'
],
url_hash
)
slave_id
)
if
'notify'
in
entry
:
wrapper_path
=
wrapper_basepath
+
'_raw'
...
...
@@ -156,18 +150,17 @@ class Recipe(GenericSlapRecipe, Notify, Callback):
wrapper
=
wrapper_basepath
,
executable
=
wrapper_path
,
log
=
os
.
path
.
join
(
self
.
options
[
'feeds'
],
entry
[
'notification-id'
]),
title
=
entry
.
get
(
'title'
,
'Untitled'
),
title
=
entry
.
get
(
'title'
,
slave_id
),
notification_url
=
entry
[
'notify'
],
feed_url
=
feed_url
,
)
path_list
.
append
(
wrapper
)
#self.setConnectionDict(dict(feed_url=feed_url), entry['slave_reference'])
if
'on-notification'
in
entry
:
path_list
.
append
(
self
.
createCallback
(
str
(
entry
[
'on-notification'
]),
wrapper
))
else
:
cron_entry
=
os
.
path
.
join
(
self
.
options
[
'cron-entries'
],
url_hash
)
cron_entry
=
os
.
path
.
join
(
self
.
options
[
'cron-entries'
],
slave_id
)
with
open
(
cron_entry
,
'w'
)
as
cron_entry_file
:
cron_entry_file
.
write
(
'%s %s'
%
(
entry
[
'frequency'
],
wrapper
))
path_list
.
append
(
cron_entry
)
...
...
@@ -194,7 +187,6 @@ class Recipe(GenericSlapRecipe, Notify, Callback):
slaves
=
json
.
loads
(
self
.
options
[
'slave-instance-list'
])
known_hosts
=
KnownHostsFile
(
self
.
options
[
'known-hosts'
])
with
known_hosts
:
# XXX this API could be cleaner
for
slave
in
slaves
:
path_list
.
extend
(
self
.
add_slave
(
slave
,
known_hosts
))
else
:
...
...
This diff is collapsed.
Click to expand it.
stack/resilient/buildout.cfg
View file @
ee2aec8d
...
...
@@ -61,7 +61,7 @@ mode = 0644
[template-replicated]
recipe = slapos.recipe.download
url = ${:_profile_base_location_}/template-replicated.cfg.in
md5sum = e
4557a360edbe23653d57ef4a8fcb85a
md5sum = e
1ea317ad93c1bfaf0b82f5b0b4670c2
mode = 0644
destination = ${buildout:directory}/template-replicated.cfg.in
...
...
This diff is collapsed.
Click to expand it.
stack/resilient/template-replicated.cfg.in
View file @
ee2aec8d
...
...
@@ -79,7 +79,7 @@ software-url = ${slap-connection:software-release-url}
software-type = {{typeimport}}
return = ssh-public-key ssh-url notification-url ip
pbs-notification-id = ${slap-connection:computer-id}-${slap-connection:partition-id}-{{namebase}}-push
pbs-notification-id = ${slap-connection:computer-id}-${slap-connection:partition-id}-{{namebase}}-
{{id}}-
push
config = number authorized-key on-notification ip-list namebase
config-number = {{id}}
...
...
@@ -173,12 +173,12 @@ sla-{{ key }} = {{ value }}
name = PBS {{id}} pulling from ${request-{{namebase}}:name}
config = url name type server-key on-notification notify notification-id title
config-url = ${request-{{namebase}}:connection-ssh-url}
config-name = ${slap-connection:computer-id}-${slap-connection:partition-id}-{{namebase}}-{{id}}
config-type = pull
config-server-key = ${request-{{namebase}}:connection-ssh-public-key}
config-on-notification = ${request-{{namebase}}:connection-notification-id}
config-notify = ${request-pbs-{{namebase}}-{{id}}:connection-notification-url}
config-notification-id = ${slap-connection:computer-id}-${slap-connection:partition-id}-{{namebase}}-{{id}}-pull
config-name = ${slap-connection:computer-id}-${slap-connection:partition-id}-{{namebase}}-{{id}}
config-title = Pulling from {{namebase}}
slave = true
sla = instance_guid
...
...
@@ -189,12 +189,12 @@ sla-instance_guid = ${request-pbs-{{namebase}}-{{id}}:instance_guid}
name = PBS pushing on ${request-{{namebase}}-pseudo-replicating-{{id}}:name}
config = url name type server-key on-notification notify notification-id title
config-url = ${request-{{namebase}}-pseudo-replicating-{{id}}:connection-ssh-url}
config-name = ${request-pull-backup-server-{{namebase}}-{{id}}:config-name}
config-type = push
config-server-key = ${request-{{namebase}}-pseudo-replicating-{{id}}:connection-ssh-public-key}
config-on-notification = ${request-pbs-{{namebase}}-{{id}}:connection-feeds-url}${request-pull-backup-server-{{namebase}}-{{id}}:config-notification-id}
config-notify = ${request-{{namebase}}-pseudo-replicating-{{id}}:connection-notification-url}
config-notification-id = ${request-{{namebase}}-pseudo-replicating-{{id}}:pbs-notification-id}
config-name = ${slap-connection:computer-id}-${slap-connection:partition-id}-{{namebase}}-{{id}}
config-title = Pushing to {{namebase}} backup {{id}}
slave = true
sla = instance_guid
...
...
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment