Class: Katello::Resources::CDN::CdnResource

Inherits:
Object
  • Object
show all
Defined in:
app/lib/katello/resources/cdn.rb

Constant Summary collapse

CDN_DOCKER_CONTAINER_LISTING = 
"CONTAINER_REGISTRY_LISTING"

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(url, options = {}) ⇒ CdnResource

Returns a new instance of CdnResource.



28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
 
# File 'app/lib/katello/resources/cdn.rb', line 28

def initialize(url, options = {})
  options.reverse_merge!(:verify_ssl => 9)
  options.assert_valid_keys(:ssl_client_key, :ssl_client_cert, :ssl_ca_file, :verify_ssl,
                            :product)
  if options[:ssl_client_cert]
    options.reverse_merge!(:ssl_ca_file => CdnResource.ca_file)
  end
  load_proxy_settings
  @product = options[:product]

  @url = url
  @uri = URI.parse(url)
  @net = net_http_class.new(@uri.host, @uri.port)
  @net.use_ssl = @uri.is_a?(URI::HTTPS)

  @net.cert = options[:ssl_client_cert]
  @net.key = options[:ssl_client_key]
  @net.ca_file = options[:ssl_ca_file]

  # NOTE: This was added because some proxies dont support SSLv23 and do not handle TLS 1.2
  # Valid values in ruby 1.9.3 are 'SSLv23' or 'TLSV1'
  # Run the following command in rails console to figure out other
  # valid constants in other ruby versions
  # "OpenSSL::SSL::SSLContext::METHODS"
  @net.ssl_version = SETTINGS[:katello][:cdn_ssl_version] if SETTINGS[:katello].key?(:cdn_ssl_version)

  if (options[:verify_ssl] == false) || (options[:verify_ssl] == OpenSSL::SSL::VERIFY_NONE)
    @net.verify_mode = OpenSSL::SSL::VERIFY_NONE
  elsif options[:verify_ssl].is_a? Integer
    @net.verify_mode = options[:verify_ssl]
    @net.verify_callback = lambda do |preverify_ok, ssl_context|
      if (!preverify_ok) || ssl_context.error != 0
        err_msg = "SSL Verification failed -- Preverify: #{preverify_ok}, Error: #{ssl_context.error_string} (#{ssl_context.error})"
        fail RestClient::SSLCertificateNotVerified, err_msg
      end
      true
    end
  end
end

Instance Attribute Details

#productObject (readonly)

Returns the value of attribute product.



20
21
22
 
# File 'app/lib/katello/resources/cdn.rb', line 20

def product
  @product
end

#proxy_hostObject

Returns the value of attribute proxy_host.



21
22
23
 
# File 'app/lib/katello/resources/cdn.rb', line 21

def proxy_host
  @proxy_host
end

#proxy_passwordObject

Returns the value of attribute proxy_password.



21
22
23
 
# File 'app/lib/katello/resources/cdn.rb', line 21

def proxy_password
  @proxy_password
end

#proxy_portObject

Returns the value of attribute proxy_port.



21
22
23
 
# File 'app/lib/katello/resources/cdn.rb', line 21

def proxy_port
  @proxy_port
end

#proxy_userObject

Returns the value of attribute proxy_user.



21
22
23
 
# File 'app/lib/katello/resources/cdn.rb', line 21

def proxy_user
  @proxy_user
end

#urlObject (readonly)

Returns the value of attribute url.



20
21
22
 
# File 'app/lib/katello/resources/cdn.rb', line 20

def url
  @url
end

Class Method Details

.ca_fileObject 



103
104
105
 
# File 'app/lib/katello/resources/cdn.rb', line 103

def self.ca_file
  "#{Katello::Engine.root}/ca/redhat-uep.pem"
end

.ca_file_contentsObject 



107
108
109
 
# File 'app/lib/katello/resources/cdn.rb', line 107

def self.ca_file_contents
  File.read(ca_file)
end

Instance Method Details

#get(path, _headers = {}) ⇒ Object 



68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
 
# File 'app/lib/katello/resources/cdn.rb', line 68

def get(path, _headers = {})
  path = File.join(@uri.request_uri, path)
  used_url = File.join("#{@uri.scheme}://#{@uri.host}:#{@uri.port}", path)
  Rails.logger.debug "CDN: Requesting path #{used_url}"
  req = Net::HTTP::Get.new(path)
  begin
    @net.start do |http|
      res = http.request(req, nil) { |http_response| http_response.read_body }
      code = res.code.to_i
      if code == 200
        return res.body
      else
        # we don't really use RestClient here (it doesn't allow to safely
        # set the proxy only for a set of requests and we don't want the
        # backend engines communication to go through the same proxy like
        # accessing CDN - its another use case)
        # But RestClient exceptions are really nice and can be handled in
        # the same way
        exception_class = RestClient::Exceptions::EXCEPTIONS_MAP[code] || RestClient::RequestFailed
        fail exception_class.new(nil, code)
      end
    end
  rescue EOFError
    raise RestClient::ServerBrokeConnection
  rescue Timeout::Error
    raise RestClient::RequestTimeout
  rescue RestClient::ResourceNotFound
    raise Errors::NotFound, _("CDN loading error: %s not found") % used_url
  rescue RestClient::Unauthorized
    raise Errors::SecurityViolation, _("CDN loading error: access denied to %s") % used_url
  rescue RestClient::Forbidden
    raise Errors::SecurityViolation, _("CDN loading error: access forbidden to %s") % used_url
  end
end

#get_container_listings(content_path) ⇒ Object 



136
137
138
 
# File 'app/lib/katello/resources/cdn.rb', line 136

def get_container_listings(content_path)
  JSON.parse(get(File.join(content_path, CdnResource::CDN_DOCKER_CONTAINER_LISTING)))
end

#get_docker_registries(content_path) ⇒ Object

eg content url listing file -> /content/dist/rhel/server/7/7Server/x86_64/containers/CONTAINER_REGISTRY_LISTING format

{
"header": {
    "version": "1.0"
},
"payload": {
    "registries": [
        { "name": "rhel",
          "url": "<docker pull url>",
          },
        { "name": "rhel7",
          "url": "test.com:5000/rhel"
          "aliases": [ "redhat/rhel7" ]
          }
    ]
}

}



159
160
161
162
163
164
165
166
167
168
 
# File 'app/lib/katello/resources/cdn.rb', line 159

def get_docker_registries(content_path)
  docker_listing = get_container_listings(content_path)
  docker_listing.try(:[], "payload").try(:[], "registries") || []
rescue ::Katello::Errors::NotFound => e # some of listing file points to not existing content
  # If the container listing file was not found
  # there is probably no content to be had.
  Rails.logger.warn("Could not get to #{content_path}.")
  Rails.logger.warn e.to_s
  []
end

#load_proxy_settingsObject 



119
120
121
122
123
124
125
126
127
128
129
 
# File 'app/lib/katello/resources/cdn.rb', line 119

def load_proxy_settings
  if SETTINGS[:katello][:cdn_proxy] && SETTINGS[:katello][:cdn_proxy][:host]
    self.proxy_host = parse_host(SETTINGS[:katello][:cdn_proxy][:host])
    self.proxy_port = SETTINGS[:katello][:cdn_proxy][:port]
    self.proxy_user = SETTINGS[:katello][:cdn_proxy][:user]
    self.proxy_password = SETTINGS[:katello][:cdn_proxy][:password]
  end
rescue URI::Error => e
  Rails.logger.error "Could not parse cdn_proxy:"
  Rails.logger.error e.to_s
end

#log(level, *args) ⇒ Object 



170
171
172
 
# File 'app/lib/katello/resources/cdn.rb', line 170

def log(level, *args)
  [Rails.logger, @logger].compact.each { |logger| logger.send(level, *args) }
end

#net_http_classObject 



111
112
113
114
115
116
117
 
# File 'app/lib/katello/resources/cdn.rb', line 111

def net_http_class
  if proxy_host
    Net::HTTP::Proxy(proxy_host, proxy_port, proxy_user, proxy_password)
  else
    Net::HTTP
  end
end

#parse_host(host_or_url) ⇒ Object 



131
132
133
134
 
# File 'app/lib/katello/resources/cdn.rb', line 131

def parse_host(host_or_url)
  uri = URI.parse(host_or_url)
  return uri.host || uri.path
end

#substitutor(logger = nil) ⇒ Object 



23
24
25
26
 
# File 'app/lib/katello/resources/cdn.rb', line 23

def substitutor(logger = nil)
  @logger = logger
  Util::CdnVarSubstitutor.new(self)
end