Commit f95b871e authored by Roque's avatar Roque

Monitoring CORS

See merge request nexedi/slapos!1631
parents dbac8bb4 4430866a
......@@ -18,7 +18,7 @@ md5sum = b4baf7f21f450fa522c2a69f5a4aedf7
[root-common]
filename = root-common.cfg.in
md5sum = 102a7f1c1bc46a9b3fa5bd9b9a628e1d
md5sum = eefc3358852b7509bfe1b18da19abca0
[instance-neo-admin]
filename = instance-neo-admin.cfg.in
......
......@@ -32,6 +32,7 @@ sla-computer_guid = ${slap-connection:computer-id}
{% macro common_section() -%}
[request-common-base]
<= monitor-parameters-propagation
recipe = slapos.cookbook:request.serialised
software-url = ${slap-connection:software-release-url}
server-url = ${slap-connection:server-url}
......
......@@ -19,7 +19,7 @@ md5sum = b4e87cff99a8521e6d0b911e3ef35b30
[instance]
_update_hash_filename_ = instance.cfg.in
md5sum = 837eb2786f185ddb5a28d29e271652f7
md5sum = 4f752dd5444a6f9e7c617ec7ccfe62d6
[instance-import]
_update_hash_filename_ = instance-import.cfg.jinja.in
......@@ -31,7 +31,7 @@ md5sum = b982e83fa42103b7391d97eb36591174
[instance-resilient]
_update_hash_filename_ = instance-resilient.cfg.jinja
md5sum = ad9499e7355ded4975ad313442cecb7a
md5sum = f0202548a2b5fa27d909faa701c6589b
[slapos-standalone-script]
_update_hash_filename_ = slapos_standalone_script.py.jinja
......
......@@ -18,11 +18,12 @@ parts +=
{#- Prepare monitoring information to transmit to and request from the main theia, the clones and the PBS #}
{%- set monitor_cors_domains = slapparameter_dict.pop('monitor-cors-domains', 'monitor.app.officejs.com') %}
{%- set monitor_interface_url = slapparameter_dict.pop('monitor-interface-url', 'monitor.app.officejs.com/#page=ojsm_landing') %}
{%- set monitor_cors_domains = urllib_parse.urlparse(monitor_interface_url).hostname %}
{%- set monitor_username = slapparameter_dict.get('monitor-username', '${monitor-instance-parameter:username}') %}
{%- set monitor_password = slapparameter_dict.get('monitor-password', '${monitor-htpasswd:passwd}') %}
{%- set monitor_return = ['monitor-base-url'] %}
{%- set monitor_parameter = {'monitor-cors-domains': monitor_cors_domains, 'monitor-username' : monitor_username, 'monitor-password': monitor_password} %}
{%- set monitor_parameter = {'monitor-cors-domains': monitor_cors_domains, 'monitor-interface-url': monitor_interface_url, 'monitor-username' : monitor_username, 'monitor-password': monitor_password} %}
{%- set monitor_dict = {'parameter': monitor_parameter, 'return': monitor_return} %}
......
......@@ -92,6 +92,7 @@ context =
key eggs_directory buildout:eggs-directory
key slapparameter_dict slap-configuration:configuration
raw monitor_template ${monitor-template:output}
import urllib_parse six.moves.urllib.parse
template-parts-destination = ${template-parts:target}
template-replicated-destination = ${template-replicated:target}
import-list = file parts :template-parts-destination
......
......@@ -626,6 +626,25 @@ class ResilientTheiaMixin(object):
class TestTheiaResilientInterface(ResilientTheiaMixin, TestTheia):
def test_monitoring_default_interface(self):
monitor_setup_url_list = [
u for u in [
p.getConnectionParameterDict().get('monitor-setup-url')
for p in self.slap.computer.getComputerPartitionList()
] if u is not None
]
for url in monitor_setup_url_list:
self.assertIn('monitor.app.officejs.com', url)
monitor_url_list = [
u for u in [
p.getConnectionParameterDict().get('monitor-base-url')
for p in self.slap.computer.getComputerPartitionList()
] if u is not None
]
for url in monitor_url_list:
self.assertNotEqual(url, '')
def test_all_monitor_url_use_same_password(self):
monitor_setup_params = dict(
parse_qsl(
......@@ -666,3 +685,45 @@ class TestTheiaResilientInterface(ResilientTheiaMixin, TestTheia):
class TestTheiaResilientWithEmbeddedInstance(ResilientTheiaMixin, TestTheiaWithEmbeddedInstance):
pass
class TestTheiaResilientMonitoring(ResilientTheiaMixin, TheiaTestCase):
MONITOR_CORS_DOMAIN = 'monitor.couscous.interface'
MONITOR_INTERFACE_URL = 'https://' + MONITOR_CORS_DOMAIN + '/#param1=a1'
@classmethod
def getInstanceParameterDict(cls):
return {
'monitor-interface-url': TestTheiaResilientMonitoring.MONITOR_INTERFACE_URL
}
def test_monitoring_propagation(self):
monitor_setup_url_list = [
u for u in [
p.getConnectionParameterDict().get('monitor-setup-url')
for p in self.slap.computer.getComputerPartitionList()
] if u is not None
]
self.assertEqual(len(monitor_setup_url_list), 4)
for url in monitor_setup_url_list:
self.assertIn(TestTheiaResilientMonitoring.MONITOR_INTERFACE_URL, url)
monitor_cors_url_list = [
u for u in [
p.getInstanceParameterDict().get('monitor-cors-domains')
for p in self.slap.computer.getComputerPartitionList()
] if u is not None
]
for url in monitor_cors_url_list:
self.assertIn(TestTheiaResilientMonitoring.MONITOR_CORS_DOMAIN, url) # TODO: assert equal
monitor_interface_url_list = [
u for u in [
p.getInstanceParameterDict().get('monitor-interface-url')
for p in self.slap.computer.getComputerPartitionList()
] if u is not None
]
self.assertEqual(len(monitor_interface_url_list), 4)
for url in monitor_interface_url_list:
self.assertIn(TestTheiaResilientMonitoring.MONITOR_INTERFACE_URL, url)
......@@ -14,7 +14,7 @@
# not need these here).
[monitor2-template]
filename = instance-monitor.cfg.jinja2.in
md5sum = 24c7f5527d994e231b4c2bf9fecb68a6
md5sum = 3d6f2d3b30b722bb1dd7eca0a0d91382
[monitor-httpd-conf]
_update_hash_filename_ = templates/monitor-httpd.conf.in
......
......@@ -9,6 +9,7 @@ cert = ${slap-connection:cert-file}
# XXX Default values if doesn't exists
root-instance-title = UNKNOWN H-S
instance-title = UNKNOWN Instance
configuration.monitor-interface-url = https://monitor.app.officejs.com/#page=ojsm_landing
[directory]
recipe = slapos.cookbook:mkdirectory
......@@ -158,6 +159,9 @@ recipe = plone.recipe.command
stop-on-error = true
password-file = ${monitor-directory:etc}/.monitor-password
htpasswd-path = ${monitor-directory:etc}/monitor-htpasswd
location =
${:password-file}
${:htpasswd-path}
command =
echo "${monitor-instance-parameter:password}" >${:password-file}
{{ apache_location }}/bin/htpasswd -cib ${:htpasswd-path} "${monitor-instance-parameter:username}" "${monitor-instance-parameter:password}"
......@@ -324,6 +328,16 @@ monitor-url = ${:monitor-base-url}/public/feeds
monitor-user = ${monitor-instance-parameter:username}
monitor-password = ${monitor-instance-parameter:password}
[monitor-parameters-propagation]
config-monitor-interface-url = ${slap-configuration:configuration.monitor-interface-url}
[monitor-interface-configuration]
recipe = slapos.recipe.build
url = ${monitor-parameters-propagation:config-monitor-interface-url}
init =
from six.moves.urllib.parse import urlparse
options['cors-domain'] = urlparse(options['url']).hostname
[monitor-instance-parameter]
monitor-title = ${slap-configuration:instance-title}
monitor-httpd-ipv6 = ${slap-configuration:ipv6-random}
......@@ -333,17 +347,15 @@ monitor-base-url = ${monitor-frontend:connection-secure_access}
#monitor-base-url = ${monitor-httpd-conf-parameter:url}
root-instance-title = ${slap-configuration:root-instance-title}
monitor-url-list =
cors-domains = monitor.app.officejs.com
cors-domains = ${monitor-interface-configuration:cors-domain}
# XXX Hard coded parameter
collector-db = /srv/slapgrid/var/data-log/collector.db
# Credentials
password = ${monitor-htpasswd:passwd}
username = admin
instance-configuration =
configuration-file-path = ${monitor-directory:etc}/monitor_knowledge0.cfg
interface-url = https://monitor.app.officejs.com
interface-url = ${monitor-interface-configuration:url}
[monitor-frontend]
<= slap-connection
......@@ -425,10 +437,32 @@ depends =
${logrotate-entry-monitor-data:name}
${logrotate-entry-monitor-promise-history:name}
[expand-monitor-uri-template]
recipe = slapos.recipe.build
template = ${monitor-instance-parameter:interface-url}{&url,username,password}
url = ${monitor-publish-parameters:monitor-url}
username = ${monitor-publish-parameters:monitor-user}
password = ${monitor-publish-parameters:monitor-password}
init =
import zc.buildout
import pkg_resources
from six.moves.urllib.parse import unquote
buildout_options = self.buildout["buildout"]
zc.buildout.easy_install.install(
["uritemplate"],
dest=None,
working_set=pkg_resources.working_set,
path=[
buildout_options["develop-eggs-directory"],
buildout_options["eggs-directory"]])
import uritemplate
options['uri'] = unquote(uritemplate.URITemplate(options['template']).expand(options))
[monitor-publish]
monitor-base-url = ${monitor-publish-parameters:monitor-base-url}
monitor-setup-url = ${monitor-instance-parameter:interface-url}/#page=settings_configurator&url=${monitor-publish-parameters:monitor-url}&username=${monitor-publish-parameters:monitor-user}&password=${monitor-publish-parameters:monitor-password}
monitor-setup-url = ${expand-monitor-uri-template:uri}
[buildout]
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment