Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Romain Courteaud
slapos
Commits
ee2aec8d
Commit
ee2aec8d
authored
Sep 18, 2013
by
Cédric de Saint Martin
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Resilient recipe: remove hashing of urls/names.
hashing with SHA512 is only intellectual masturbation.
parent
74f4be8b
Changes
4
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
13 additions
and
18 deletions
+13
-18
slapos/recipe/notifier.py
slapos/recipe/notifier.py
+3
-0
slapos/recipe/pbs.py
slapos/recipe/pbs.py
+6
-14
stack/resilient/buildout.cfg
stack/resilient/buildout.cfg
+1
-1
stack/resilient/template-replicated.cfg.in
stack/resilient/template-replicated.cfg.in
+3
-3
No files found.
slapos/recipe/notifier.py
View file @
ee2aec8d
...
@@ -50,6 +50,9 @@ class Recipe(GenericBaseRecipe):
...
@@ -50,6 +50,9 @@ class Recipe(GenericBaseRecipe):
class
Callback
(
GenericBaseRecipe
):
class
Callback
(
GenericBaseRecipe
):
def
createCallback
(
self
,
notification_id
,
callback
):
def
createCallback
(
self
,
notification_id
,
callback
):
# XXX: hashing the name here and in
# slapos.toolbox/slapos/pubsub/__init__.py is completely messed up and
# prevent any debug.
callback_id
=
sha512
(
notification_id
).
hexdigest
()
callback_id
=
sha512
(
notification_id
).
hexdigest
()
filepath
=
os
.
path
.
join
(
self
.
options
[
'callbacks'
],
callback_id
)
filepath
=
os
.
path
.
join
(
self
.
options
[
'callbacks'
],
callback_id
)
...
...
slapos/recipe/pbs.py
View file @
ee2aec8d
...
@@ -25,7 +25,6 @@
...
@@ -25,7 +25,6 @@
#
#
##############################################################################
##############################################################################
import
hashlib
import
json
import
json
import
os
import
os
import
signal
import
signal
...
@@ -88,12 +87,10 @@ class Recipe(GenericSlapRecipe, Notify, Callback):
...
@@ -88,12 +87,10 @@ class Recipe(GenericSlapRecipe, Notify, Callback):
if
not
url
:
if
not
url
:
raise
ValueError
(
'Missing URL parameter for PBS recipe'
)
raise
ValueError
(
'Missing URL parameter for PBS recipe'
)
# We assume that thanks to sha512 there's no collisions
slave_id
=
entry
[
'notification-id'
]
url_hash
=
hashlib
.
sha512
(
url
).
hexdigest
()
name_hash
=
hashlib
.
sha512
(
entry
[
'name'
]).
hexdigest
()
promise_path
=
os
.
path
.
join
(
self
.
options
[
'promises-directory'
],
promise_path
=
os
.
path
.
join
(
self
.
options
[
'promises-directory'
],
url_hash
)
slave_id
)
parsed_url
=
urlparse
.
urlparse
(
url
)
parsed_url
=
urlparse
.
urlparse
(
url
)
promise_dict
=
self
.
promise_base_dict
.
copy
()
promise_dict
=
self
.
promise_base_dict
.
copy
()
promise_dict
.
update
(
user
=
parsed_url
.
username
,
promise_dict
.
update
(
user
=
parsed_url
.
username
,
...
@@ -104,13 +101,11 @@ class Recipe(GenericSlapRecipe, Notify, Callback):
...
@@ -104,13 +101,11 @@ class Recipe(GenericSlapRecipe, Notify, Callback):
promise_dict
)
promise_dict
)
path_list
.
append
(
promise
)
path_list
.
append
(
promise
)
host
=
parsed_url
.
hostname
host
=
parsed_url
.
hostname
known_hosts_file
[
host
]
=
entry
[
'server-key'
]
known_hosts_file
[
host
]
=
entry
[
'server-key'
]
# XXX use -y because the host might not yet be in the
# XXX use -y because the host might not yet be in the
# trusted hosts file until the next time slapgrid is run.
# trusted hosts file until the next time slapgrid is run.
remote_schema
=
'%(ssh)s -y -p %%s %(user)s@%(host)s'
%
\
remote_schema
=
'%(ssh)s -y -p %%s %(user)s@%(host)s'
%
\
{
{
'ssh'
:
self
.
options
[
'sshclient-binary'
],
'ssh'
:
self
.
options
[
'sshclient-binary'
],
...
@@ -123,8 +118,7 @@ class Recipe(GenericSlapRecipe, Notify, Callback):
...
@@ -123,8 +118,7 @@ class Recipe(GenericSlapRecipe, Notify, Callback):
remote_directory
=
'%(port)s::%(path)s'
%
{
'port'
:
parsed_url
.
port
,
remote_directory
=
'%(port)s::%(path)s'
%
{
'port'
:
parsed_url
.
port
,
'path'
:
parsed_url
.
path
}
'path'
:
parsed_url
.
path
}
local_directory
=
self
.
createDirectory
(
self
.
options
[
'directory'
],
local_directory
=
self
.
createDirectory
(
self
.
options
[
'directory'
],
entry
[
'name'
])
name_hash
)
if
entry
[
'type'
]
==
'push'
:
if
entry
[
'type'
]
==
'push'
:
parameters
.
extend
([
'--restore-as-of'
,
'now'
])
parameters
.
extend
([
'--restore-as-of'
,
'now'
])
...
@@ -136,7 +130,7 @@ class Recipe(GenericSlapRecipe, Notify, Callback):
...
@@ -136,7 +130,7 @@ class Recipe(GenericSlapRecipe, Notify, Callback):
comments
=
[
''
,
'Pull data from a PBS *-export instance.'
,
''
]
comments
=
[
''
,
'Pull data from a PBS *-export instance.'
,
''
]
wrapper_basepath
=
os
.
path
.
join
(
self
.
options
[
'wrappers-directory'
],
wrapper_basepath
=
os
.
path
.
join
(
self
.
options
[
'wrappers-directory'
],
url_hash
)
slave_id
)
if
'notify'
in
entry
:
if
'notify'
in
entry
:
wrapper_path
=
wrapper_basepath
+
'_raw'
wrapper_path
=
wrapper_basepath
+
'_raw'
...
@@ -156,18 +150,17 @@ class Recipe(GenericSlapRecipe, Notify, Callback):
...
@@ -156,18 +150,17 @@ class Recipe(GenericSlapRecipe, Notify, Callback):
wrapper
=
wrapper_basepath
,
wrapper
=
wrapper_basepath
,
executable
=
wrapper_path
,
executable
=
wrapper_path
,
log
=
os
.
path
.
join
(
self
.
options
[
'feeds'
],
entry
[
'notification-id'
]),
log
=
os
.
path
.
join
(
self
.
options
[
'feeds'
],
entry
[
'notification-id'
]),
title
=
entry
.
get
(
'title'
,
'Untitled'
),
title
=
entry
.
get
(
'title'
,
slave_id
),
notification_url
=
entry
[
'notify'
],
notification_url
=
entry
[
'notify'
],
feed_url
=
feed_url
,
feed_url
=
feed_url
,
)
)
path_list
.
append
(
wrapper
)
path_list
.
append
(
wrapper
)
#self.setConnectionDict(dict(feed_url=feed_url), entry['slave_reference'])
if
'on-notification'
in
entry
:
if
'on-notification'
in
entry
:
path_list
.
append
(
self
.
createCallback
(
str
(
entry
[
'on-notification'
]),
path_list
.
append
(
self
.
createCallback
(
str
(
entry
[
'on-notification'
]),
wrapper
))
wrapper
))
else
:
else
:
cron_entry
=
os
.
path
.
join
(
self
.
options
[
'cron-entries'
],
url_hash
)
cron_entry
=
os
.
path
.
join
(
self
.
options
[
'cron-entries'
],
slave_id
)
with
open
(
cron_entry
,
'w'
)
as
cron_entry_file
:
with
open
(
cron_entry
,
'w'
)
as
cron_entry_file
:
cron_entry_file
.
write
(
'%s %s'
%
(
entry
[
'frequency'
],
wrapper
))
cron_entry_file
.
write
(
'%s %s'
%
(
entry
[
'frequency'
],
wrapper
))
path_list
.
append
(
cron_entry
)
path_list
.
append
(
cron_entry
)
...
@@ -194,7 +187,6 @@ class Recipe(GenericSlapRecipe, Notify, Callback):
...
@@ -194,7 +187,6 @@ class Recipe(GenericSlapRecipe, Notify, Callback):
slaves
=
json
.
loads
(
self
.
options
[
'slave-instance-list'
])
slaves
=
json
.
loads
(
self
.
options
[
'slave-instance-list'
])
known_hosts
=
KnownHostsFile
(
self
.
options
[
'known-hosts'
])
known_hosts
=
KnownHostsFile
(
self
.
options
[
'known-hosts'
])
with
known_hosts
:
with
known_hosts
:
# XXX this API could be cleaner
for
slave
in
slaves
:
for
slave
in
slaves
:
path_list
.
extend
(
self
.
add_slave
(
slave
,
known_hosts
))
path_list
.
extend
(
self
.
add_slave
(
slave
,
known_hosts
))
else
:
else
:
...
...
stack/resilient/buildout.cfg
View file @
ee2aec8d
...
@@ -61,7 +61,7 @@ mode = 0644
...
@@ -61,7 +61,7 @@ mode = 0644
[template-replicated]
[template-replicated]
recipe = slapos.recipe.download
recipe = slapos.recipe.download
url = ${:_profile_base_location_}/template-replicated.cfg.in
url = ${:_profile_base_location_}/template-replicated.cfg.in
md5sum = e
4557a360edbe23653d57ef4a8fcb85a
md5sum = e
1ea317ad93c1bfaf0b82f5b0b4670c2
mode = 0644
mode = 0644
destination = ${buildout:directory}/template-replicated.cfg.in
destination = ${buildout:directory}/template-replicated.cfg.in
...
...
stack/resilient/template-replicated.cfg.in
View file @
ee2aec8d
...
@@ -79,7 +79,7 @@ software-url = ${slap-connection:software-release-url}
...
@@ -79,7 +79,7 @@ software-url = ${slap-connection:software-release-url}
software-type = {{typeimport}}
software-type = {{typeimport}}
return = ssh-public-key ssh-url notification-url ip
return = ssh-public-key ssh-url notification-url ip
pbs-notification-id = ${slap-connection:computer-id}-${slap-connection:partition-id}-{{namebase}}-push
pbs-notification-id = ${slap-connection:computer-id}-${slap-connection:partition-id}-{{namebase}}-
{{id}}-
push
config = number authorized-key on-notification ip-list namebase
config = number authorized-key on-notification ip-list namebase
config-number = {{id}}
config-number = {{id}}
...
@@ -173,12 +173,12 @@ sla-{{ key }} = {{ value }}
...
@@ -173,12 +173,12 @@ sla-{{ key }} = {{ value }}
name = PBS {{id}} pulling from ${request-{{namebase}}:name}
name = PBS {{id}} pulling from ${request-{{namebase}}:name}
config = url name type server-key on-notification notify notification-id title
config = url name type server-key on-notification notify notification-id title
config-url = ${request-{{namebase}}:connection-ssh-url}
config-url = ${request-{{namebase}}:connection-ssh-url}
config-name = ${slap-connection:computer-id}-${slap-connection:partition-id}-{{namebase}}-{{id}}
config-type = pull
config-type = pull
config-server-key = ${request-{{namebase}}:connection-ssh-public-key}
config-server-key = ${request-{{namebase}}:connection-ssh-public-key}
config-on-notification = ${request-{{namebase}}:connection-notification-id}
config-on-notification = ${request-{{namebase}}:connection-notification-id}
config-notify = ${request-pbs-{{namebase}}-{{id}}:connection-notification-url}
config-notify = ${request-pbs-{{namebase}}-{{id}}:connection-notification-url}
config-notification-id = ${slap-connection:computer-id}-${slap-connection:partition-id}-{{namebase}}-{{id}}-pull
config-notification-id = ${slap-connection:computer-id}-${slap-connection:partition-id}-{{namebase}}-{{id}}-pull
config-name = ${slap-connection:computer-id}-${slap-connection:partition-id}-{{namebase}}-{{id}}
config-title = Pulling from {{namebase}}
config-title = Pulling from {{namebase}}
slave = true
slave = true
sla = instance_guid
sla = instance_guid
...
@@ -189,12 +189,12 @@ sla-instance_guid = ${request-pbs-{{namebase}}-{{id}}:instance_guid}
...
@@ -189,12 +189,12 @@ sla-instance_guid = ${request-pbs-{{namebase}}-{{id}}:instance_guid}
name = PBS pushing on ${request-{{namebase}}-pseudo-replicating-{{id}}:name}
name = PBS pushing on ${request-{{namebase}}-pseudo-replicating-{{id}}:name}
config = url name type server-key on-notification notify notification-id title
config = url name type server-key on-notification notify notification-id title
config-url = ${request-{{namebase}}-pseudo-replicating-{{id}}:connection-ssh-url}
config-url = ${request-{{namebase}}-pseudo-replicating-{{id}}:connection-ssh-url}
config-name = ${request-pull-backup-server-{{namebase}}-{{id}}:config-name}
config-type = push
config-type = push
config-server-key = ${request-{{namebase}}-pseudo-replicating-{{id}}:connection-ssh-public-key}
config-server-key = ${request-{{namebase}}-pseudo-replicating-{{id}}:connection-ssh-public-key}
config-on-notification = ${request-pbs-{{namebase}}-{{id}}:connection-feeds-url}${request-pull-backup-server-{{namebase}}-{{id}}:config-notification-id}
config-on-notification = ${request-pbs-{{namebase}}-{{id}}:connection-feeds-url}${request-pull-backup-server-{{namebase}}-{{id}}:config-notification-id}
config-notify = ${request-{{namebase}}-pseudo-replicating-{{id}}:connection-notification-url}
config-notify = ${request-{{namebase}}-pseudo-replicating-{{id}}:connection-notification-url}
config-notification-id = ${request-{{namebase}}-pseudo-replicating-{{id}}:pbs-notification-id}
config-notification-id = ${request-{{namebase}}-pseudo-replicating-{{id}}:pbs-notification-id}
config-name = ${slap-connection:computer-id}-${slap-connection:partition-id}-{{namebase}}-{{id}}
config-title = Pushing to {{namebase}} backup {{id}}
config-title = Pushing to {{namebase}} backup {{id}}
slave = true
slave = true
sla = instance_guid
sla = instance_guid
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment