def regenerate_robot_token(robot_shortname, parent): robot_username = format_robot_username(parent.username, robot_shortname) robot, metadata = lookup_robot_and_metadata(robot_username) password = random_string_generator(length=64)() robot.email = str(uuid4()) robot.uuid = str(uuid4()) service = LoginService.get(name="quayrobot") login = FederatedLogin.get(FederatedLogin.user == robot, FederatedLogin.service == service) login.service_ident = "robot:%s" % (robot.id) try: token_data = RobotAccountToken.get(robot_account=robot) except RobotAccountToken.DoesNotExist: token_data = RobotAccountToken.create(robot_account=robot) token_data.token = password with db_transaction(): token_data.save() login.save() robot.save() return robot, password, metadata
def create_robot(robot_shortname, parent, description="", unstructured_metadata=None): (username_valid, username_issue) = validate_username(robot_shortname) if not username_valid: raise InvalidRobotException( "The name for the robot '%s' is invalid: %s" % (robot_shortname, username_issue) ) username = format_robot_username(parent.username, robot_shortname) try: User.get(User.username == username) msg = "Existing robot with name: %s" % username logger.info(msg) raise InvalidRobotException(msg) except User.DoesNotExist: pass service = LoginService.get(name="quayrobot") try: with db_transaction(): created = User.create(username=username, email=str(uuid.uuid4()), robot=True) token = random_string_generator(length=64)() RobotAccountToken.create(robot_account=created, token=token, fully_migrated=True) FederatedLogin.create( user=created, service=service, service_ident="robot:%s" % created.id ) RobotAccountMetadata.create( robot_account=created, description=description[0:255], unstructured_json=unstructured_metadata or {}, ) return created, token except Exception as ex: raise DataModelException(ex.message)
def process(resources): response = [] changed = True for resource in resources: p_state = resource["state"] p_name = resource["name"] try: login_service = LoginService.get(name=p_name) except LoginService.DoesNotExist: login_service = None if p_state == "absent": if login_service is not None: changed = True login_service.delete_instance() response.append("Login Service '%s' deleted" % p_name) changed = True else: response.append("Login Service '%s' does not exist" % p_name) else: if login_service is None: changed = True login_service = LoginService.create(name=p_name) response.append("Login Service '%s' created" % p_name) else: response.append("Login Service '%s' exists" % p_name) return {"failed": False, "changed": changed, "meta": response}, 200
def set_team_syncing(team, login_service_name, config): """ Sets the given team to sync to the given service using the given config. """ login_service = LoginService.get(name=login_service_name) return TeamSync.create(team=team, transaction_id="", service=login_service, config=json.dumps(config))
def detach_external_login(user, service_name): try: service = LoginService.get(name=service_name) except LoginService.DoesNotExist: return FederatedLogin.delete().where(FederatedLogin.user == user, FederatedLogin.service == service).execute()
def get_federated_team_member_mapping(team, login_service_name): """ Returns a dict of all federated IDs for all team members in the team whose users are bound to the login service within the given name. The dictionary is from federated service identifier (username) to their Quay User table ID. """ login_service = LoginService.get(name=login_service_name) query = (FederatedLogin.select( FederatedLogin.service_ident, User.id).join(User).join(TeamMember).join(Team).where( Team.id == team, User.robot == False, FederatedLogin.service == login_service)) return dict(query.tuples())
def _get_login_service(service_id): try: return LoginService.get(LoginService.name == service_id) except LoginService.DoesNotExist: return LoginService.create(name=service_id)