def regenerate_robot_token(robot_shortname, parent):
robot_username = format_robot_username(parent.username, robot_shortname)
robot, metadata = lookup_robot_and_metadata(robot_username)
password = random_string_generator(length=64)()
robot.email = str(uuid4())
robot.uuid = str(uuid4())
service = LoginService.get(name="quayrobot")
login = FederatedLogin.get(FederatedLogin.user == robot,
FederatedLogin.service == service)
login.service_ident = "robot:%s" % (robot.id)
try:
token_data = RobotAccountToken.get(robot_account=robot)
except RobotAccountToken.DoesNotExist:
token_data = RobotAccountToken.create(robot_account=robot)
token_data.token = password
with db_transaction():
token_data.save()
login.save()
robot.save()
return robot, password, metadata
def upgrade(tables, tester, progress_reporter):
op = ProgressWrapper(original_op, progress_reporter)
# ### commands auto generated by Alembic - please adjust! ###
op.drop_index("oauthaccesstoken_refresh_token", table_name="oauthaccesstoken")
op.drop_column(u"oauthaccesstoken", "refresh_token")
op.drop_column("accesstoken", "code")
op.drop_column("appspecificauthtoken", "token_code")
op.drop_column("oauthaccesstoken", "access_token")
op.drop_column("oauthapplication", "client_secret")
op.drop_column("oauthauthorizationcode", "code")
op.drop_column("repositorybuildtrigger", "private_key")
op.drop_column("repositorybuildtrigger", "auth_token")
# ### end Alembic commands ###
# Overwrite all plaintext robot credentials.
from app import app
if app.config.get("SETUP_COMPLETE", False) or tester.is_testing():
while True:
try:
robot_account_token = RobotAccountToken.get(fully_migrated=False)
logger.debug("Found robot account token %s migrate", robot_account_token.id)
robot_account = robot_account_token.robot_account
assert robot_account.robot
result = (
User.update(email=str(uuid.uuid4()))
.where(
User.id == robot_account.id,
User.robot == True,
User.uuid == robot_account.uuid,
)
.execute()
)
assert result == 1
try:
federated_login = FederatedLogin.get(user=robot_account)
assert federated_login.service.name == "quayrobot"
federated_login.service_ident = "robot:%s" % robot_account.id
federated_login.save()
except FederatedLogin.DoesNotExist:
pass
robot_account_token.fully_migrated = True
robot_account_token.save()
logger.debug("Finished migrating robot account token %s", robot_account_token.id)
except RobotAccountToken.DoesNotExist:
break
def upgrade(tables, tester, progress_reporter):
op = ProgressWrapper(original_op, progress_reporter)
# ### commands auto generated by Alembic - please adjust! ###
op.drop_index("oauthaccesstoken_refresh_token",
table_name="oauthaccesstoken")
op.drop_column(u"oauthaccesstoken", "refresh_token")
op.drop_column("accesstoken", "code")
op.drop_column("appspecificauthtoken", "token_code")
op.drop_column("oauthaccesstoken", "access_token")
op.drop_column("oauthapplication", "client_secret")
op.drop_column("oauthauthorizationcode", "code")
op.drop_column("repositorybuildtrigger", "private_key")
op.drop_column("repositorybuildtrigger", "auth_token")
# ### end Alembic commands ###
# Overwrite all plaintext robot credentials.
from app import app
if app.config.get("SETUP_COMPLETE", False) or tester.is_testing():
while True:
try:
robot_account_token = RobotAccountToken.get(
fully_migrated=False)
robot_account = robot_account_token.robot_account
robot_account.email = str(uuid.uuid4())
robot_account.save()
federated_login = FederatedLogin.get(user=robot_account)
federated_login.service_ident = "robot:%s" % robot_account.id
federated_login.save()
robot_account_token.fully_migrated = True
robot_account_token.save()
except RobotAccountToken.DoesNotExist:
break
def upgrade(tables, tester, progress_reporter):
op = ProgressWrapper(original_op, progress_reporter)
# ### commands auto generated by Alembic - please adjust! ###
op.drop_index('oauthaccesstoken_refresh_token',
table_name='oauthaccesstoken')
op.drop_column(u'oauthaccesstoken', 'refresh_token')
op.drop_column('accesstoken', 'code')
op.drop_column('appspecificauthtoken', 'token_code')
op.drop_column('oauthaccesstoken', 'access_token')
op.drop_column('oauthapplication', 'client_secret')
op.drop_column('oauthauthorizationcode', 'code')
op.drop_column('repositorybuildtrigger', 'private_key')
op.drop_column('repositorybuildtrigger', 'auth_token')
# ### end Alembic commands ###
# Overwrite all plaintext robot credentials.
while True:
try:
robot_account_token = RobotAccountToken.get(fully_migrated=False)
robot_account = robot_account_token.robot_account
robot_account.email = str(uuid.uuid4())
robot_account.save()
federated_login = FederatedLogin.get(user=robot_account)
federated_login.service_ident = 'robot:%s' % robot_account.id
federated_login.save()
robot_account_token.fully_migrated = True
robot_account_token.save()
except RobotAccountToken.DoesNotExist:
break
