def regenerate_robot_token(robot_shortname, parent): robot_username = format_robot_username(parent.username, robot_shortname) robot, metadata = lookup_robot_and_metadata(robot_username) password = random_string_generator(length=64)() robot.email = str(uuid4()) robot.uuid = str(uuid4()) service = LoginService.get(name="quayrobot") login = FederatedLogin.get(FederatedLogin.user == robot, FederatedLogin.service == service) login.service_ident = "robot:%s" % (robot.id) try: token_data = RobotAccountToken.get(robot_account=robot) except RobotAccountToken.DoesNotExist: token_data = RobotAccountToken.create(robot_account=robot) token_data.token = password with db_transaction(): token_data.save() login.save() robot.save() return robot, password, metadata
def upgrade(tables, tester, progress_reporter): op = ProgressWrapper(original_op, progress_reporter) # ### commands auto generated by Alembic - please adjust! ### op.drop_index("oauthaccesstoken_refresh_token", table_name="oauthaccesstoken") op.drop_column(u"oauthaccesstoken", "refresh_token") op.drop_column("accesstoken", "code") op.drop_column("appspecificauthtoken", "token_code") op.drop_column("oauthaccesstoken", "access_token") op.drop_column("oauthapplication", "client_secret") op.drop_column("oauthauthorizationcode", "code") op.drop_column("repositorybuildtrigger", "private_key") op.drop_column("repositorybuildtrigger", "auth_token") # ### end Alembic commands ### # Overwrite all plaintext robot credentials. from app import app if app.config.get("SETUP_COMPLETE", False) or tester.is_testing(): while True: try: robot_account_token = RobotAccountToken.get(fully_migrated=False) logger.debug("Found robot account token %s migrate", robot_account_token.id) robot_account = robot_account_token.robot_account assert robot_account.robot result = ( User.update(email=str(uuid.uuid4())) .where( User.id == robot_account.id, User.robot == True, User.uuid == robot_account.uuid, ) .execute() ) assert result == 1 try: federated_login = FederatedLogin.get(user=robot_account) assert federated_login.service.name == "quayrobot" federated_login.service_ident = "robot:%s" % robot_account.id federated_login.save() except FederatedLogin.DoesNotExist: pass robot_account_token.fully_migrated = True robot_account_token.save() logger.debug("Finished migrating robot account token %s", robot_account_token.id) except RobotAccountToken.DoesNotExist: break
def upgrade(tables, tester, progress_reporter): op = ProgressWrapper(original_op, progress_reporter) # ### commands auto generated by Alembic - please adjust! ### op.drop_index("oauthaccesstoken_refresh_token", table_name="oauthaccesstoken") op.drop_column(u"oauthaccesstoken", "refresh_token") op.drop_column("accesstoken", "code") op.drop_column("appspecificauthtoken", "token_code") op.drop_column("oauthaccesstoken", "access_token") op.drop_column("oauthapplication", "client_secret") op.drop_column("oauthauthorizationcode", "code") op.drop_column("repositorybuildtrigger", "private_key") op.drop_column("repositorybuildtrigger", "auth_token") # ### end Alembic commands ### # Overwrite all plaintext robot credentials. from app import app if app.config.get("SETUP_COMPLETE", False) or tester.is_testing(): while True: try: robot_account_token = RobotAccountToken.get( fully_migrated=False) robot_account = robot_account_token.robot_account robot_account.email = str(uuid.uuid4()) robot_account.save() federated_login = FederatedLogin.get(user=robot_account) federated_login.service_ident = "robot:%s" % robot_account.id federated_login.save() robot_account_token.fully_migrated = True robot_account_token.save() except RobotAccountToken.DoesNotExist: break
def upgrade(tables, tester, progress_reporter): op = ProgressWrapper(original_op, progress_reporter) # ### commands auto generated by Alembic - please adjust! ### op.drop_index('oauthaccesstoken_refresh_token', table_name='oauthaccesstoken') op.drop_column(u'oauthaccesstoken', 'refresh_token') op.drop_column('accesstoken', 'code') op.drop_column('appspecificauthtoken', 'token_code') op.drop_column('oauthaccesstoken', 'access_token') op.drop_column('oauthapplication', 'client_secret') op.drop_column('oauthauthorizationcode', 'code') op.drop_column('repositorybuildtrigger', 'private_key') op.drop_column('repositorybuildtrigger', 'auth_token') # ### end Alembic commands ### # Overwrite all plaintext robot credentials. while True: try: robot_account_token = RobotAccountToken.get(fully_migrated=False) robot_account = robot_account_token.robot_account robot_account.email = str(uuid.uuid4()) robot_account.save() federated_login = FederatedLogin.get(user=robot_account) federated_login.service_ident = 'robot:%s' % robot_account.id federated_login.save() robot_account_token.fully_migrated = True robot_account_token.save() except RobotAccountToken.DoesNotExist: break