def _validate_checksum_type(checksum_type, error_messages): if checksum_type is None or util.is_valid_checksum_type(checksum_type): return msg = _('Configuration value for [checksum_type] is not supported: %(c)s') error_messages.append(msg % {'c': str(checksum_type)})
def set_repo_checksum_type(repo, sync_conduit, config): """ At this point we have downloaded the source metadata from a remote or local feed lets lookup the checksum type for primary xml in repomd.xml and use that for createrepo @param repo: metadata describing the repository @type repo: L{pulp.server.content.plugins.data.Repository} @param sync_conduit @type sync_conduit pulp.server.content.conduits.repo_sync.RepoSyncConduit @param config: plugin configuration @type config: L{pulp.server.content.plugins.config.PluginCallConfiguration} """ _LOG.debug('Determining checksum type for repo %s' % repo.id) checksum_type = config.get('checksum_type') if checksum_type: if not util.is_valid_checksum_type(checksum_type): _LOG.error("Invalid checksum type [%s]" % checksum_type) raise else: repo_metadata = os.path.join(repo.working_dir, repo.id, "repodata/repomd.xml") if os.path.exists(repo_metadata): checksum_type = util.get_repomd_filetype_dump(repo_metadata)['primary']['checksum'][0] _LOG.debug("got checksum type from repo %s " % checksum_type) else: # default to sha256 if nothing is found checksum_type = "sha256" _LOG.debug("got checksum type default %s " % checksum_type) # set repo checksum type on the scratchpad for distributor to lookup sync_conduit.set_repo_scratchpad(dict(checksum_type=checksum_type)) _LOG.info("checksum type info [%s] set to repo scratchpad" % sync_conduit.get_repo_scratchpad())
purge_orphaned = config.get('purge_orphaned') if purge_orphaned is not None and not isinstance(purge_orphaned, bool) : msg = _("purge_orphaned should be a boolean; got %s instead" % purge_orphaned) _LOG.error(msg) return False, msg if key == 'skip': skip = config.get('skip') if skip is not None and not isinstance(skip, list): msg = _("skip should be a list; got %s instead" % skip) _LOG.error(msg) return False, msg if key == 'checksum_type': checksum_type = config.get('checksum_type') if checksum_type is not None and not util.is_valid_checksum_type(checksum_type): msg = _("%s is not a valid checksum type" % checksum_type) _LOG.error(msg) return False, msg return True, None def importer_added(self, repo, config): _LOG.info("importer_added invoked") def importer_removed(self, repo, config): _LOG.info("importer_removed invoked") def import_units(self, source_repo, dest_repo, import_conduit, config, units=None): """ @param source_repo: metadata describing the repository containing the units to import
def validate_config(self, repo, config, config_conduit): """ Validate the distributor config. A tuple of status, msg will be returned. Status indicates success or failure with True/False values, and in the event of failure, msg will contain an error message. :param repo: The repo that the config is for :type repo: pulp.server.db.model.repository.Repo :param config: The configuration to be validated :type config: pulp.server.content.plugins.config.PluginCallConfiguration :param config_conduit: Configuration Conduit; :type config_conduit: pulp.plugins.conduits.repo_validate.RepoConfigConduit :return: tuple of status, message :rtype: tuple """ auth_cert_bundle = {} for key in REQUIRED_CONFIG_KEYS: value = config.get(key) if value is None: msg = _("Missing required configuration key: %(key)s" % {"key":key}) _LOG.error(msg) return False, msg if key == 'relative_url': relative_path = config.get('relative_url') if relative_path is not None: if not isinstance(relative_path, basestring): msg = _("relative_url should be a basestring; got %s instead" % relative_path) _LOG.error(msg) return False, msg if re.match('[^a-zA-Z0-9/_-]+', relative_path): msg = _('relative_url must contain only alphanumerics, underscores, and dashes.') _LOG.error(msg) return False, msg if key == 'http': config_http = config.get('http') if config_http is not None and not isinstance(config_http, bool): msg = _("http should be a boolean; got %s instead" % config_http) _LOG.error(msg) return False, msg if key == 'https': config_https = config.get('https') if config_https is not None and not isinstance(config_https, bool): msg = _("https should be a boolean; got %s instead" % config_https) _LOG.error(msg) return False, msg for key in config.keys(): if key not in REQUIRED_CONFIG_KEYS and key not in OPTIONAL_CONFIG_KEYS: msg = _("Configuration key '%(key)s' is not supported" % {"key":key}) _LOG.error(msg) return False, msg if key == 'protected': protected = config.get('protected') if not isinstance(protected, bool): msg = _("protected should be a boolean; got %s instead" % protected) _LOG.error(msg) return False, msg if key == 'use_createrepo': use_createrepo = config.get('use_createrepo') if not isinstance(use_createrepo, bool): msg = _("use_createrepo should be a boolean; got %s instead" % use_createrepo) _LOG.error(msg) return False, msg if key == 'checksum_type': checksum_type = config.get('checksum_type') if checksum_type is not None and not util.is_valid_checksum_type(checksum_type): msg = _("%s is not a valid checksum type" % checksum_type) _LOG.error(msg) return False, msg if key == 'skip': metadata_types = config.get('skip') if not isinstance(metadata_types, list): msg = _("skip should be a dictionary; got %s instead" % metadata_types) _LOG.error(msg) return False, msg if key == 'auth_cert': auth_pem = config.get('auth_cert').encode('utf-8') if auth_pem is not None and not util.validate_cert(auth_pem): msg = _("auth_cert is not a valid certificate") _LOG.error(msg) return False, msg auth_cert_bundle['cert'] = auth_pem if key == 'auth_ca': auth_ca = config.get('auth_ca').encode('utf-8') if auth_ca is not None and not util.validate_cert(auth_ca): msg = _("auth_ca is not a valid certificate") _LOG.error(msg) return False, msg auth_cert_bundle['ca'] = auth_ca # process auth certs repo_relative_path = self.get_repo_relative_path(repo, config) if repo_relative_path.startswith("/"): repo_relative_path = repo_relative_path[1:] self.process_repo_auth_certificate_bundle(repo.id, repo_relative_path, auth_cert_bundle) # If overriding https publish dir, be sure it exists and we can write to it publish_dir = config.get("https_publish_dir") if publish_dir: if not os.path.exists(publish_dir) or not os.path.isdir(publish_dir): msg = _("Value for 'https_publish_dir' is not an existing directory: %(publish_dir)s" % {"publish_dir":publish_dir}) return False, msg if not os.access(publish_dir, os.R_OK) or not os.access(publish_dir, os.W_OK): msg = _("Unable to read & write to specified 'https_publish_dir': %(publish_dir)s" % {"publish_dir":publish_dir}) return False, msg publish_dir = config.get("http_publish_dir") if publish_dir: if not os.path.exists(publish_dir) or not os.path.isdir(publish_dir): msg = _("Value for 'http_publish_dir' is not an existing directory: %(publish_dir)s" % {"publish_dir":publish_dir}) return False, msg if not os.access(publish_dir, os.R_OK) or not os.access(publish_dir, os.W_OK): msg = _("Unable to read & write to specified 'http_publish_dir': %(publish_dir)s" % {"publish_dir":publish_dir}) return False, msg conflict_items = config_conduit.get_repo_distributors_by_relative_url(repo_relative_path, repo.id) if conflict_items.count() > 0: item = next(conflict_items) conflicting_url = item["repo_id"] if item['config']["relative_url"] is not None: conflicting_url = item['config']["relative_url"] conflict_msg = _("Relative url '%(rel_url)s' conflicts with existing relative_url of '%(conflict_rel_url)s' from repo '%(conflict_repo_id)s'" \ % {"rel_url": repo_relative_path, "conflict_rel_url": conflicting_url, "conflict_repo_id": item["repo_id"]}) _LOG.info(conflict_msg) return False, conflict_msg return True, None
def validate_config(self, repo, config, related_repos): _LOG.info("validate_config invoked, config values are: %s" % (config.repo_plugin_config)) auth_cert_bundle = {} for key in REQUIRED_CONFIG_KEYS: value = config.get(key) if value is None: msg = _("Missing required configuration key: %(key)s" % {"key":key}) _LOG.error(msg) return False, msg if key == 'relative_url': relative_path = config.get('relative_url') if relative_path is not None and not isinstance(relative_path, basestring): msg = _("relative_url should be a basestring; got %s instead" % relative_path) _LOG.error(msg) return False, msg if key == 'http': config_http = config.get('http') if config_http is not None and not isinstance(config_http, bool): msg = _("http should be a boolean; got %s instead" % config_http) _LOG.error(msg) return False, msg if key == 'https': config_https = config.get('https') if config_https is not None and not isinstance(config_https, bool): msg = _("https should be a boolean; got %s instead" % config_https) _LOG.error(msg) return False, msg for key in config.keys(): if key not in REQUIRED_CONFIG_KEYS and key not in OPTIONAL_CONFIG_KEYS: msg = _("Configuration key '%(key)s' is not supported" % {"key":key}) _LOG.error(msg) return False, msg if key == 'protected': protected = config.get('protected') if protected is not None and not isinstance(protected, bool): msg = _("protected should be a boolean; got %s instead" % protected) _LOG.error(msg) return False, msg if key == 'generate_metadata': generate_metadata = config.get('generate_metadata') if generate_metadata is not None and not isinstance(generate_metadata, bool): msg = _("generate_metadata should be a boolean; got %s instead" % generate_metadata) _LOG.error(msg) return False, msg if key == 'checksum_type': checksum_type = config.get('checksum_type') if checksum_type is not None and not util.is_valid_checksum_type(checksum_type): msg = _("%s is not a valid checksum type" % checksum_type) _LOG.error(msg) return False, msg if key == 'skip': metadata_types = config.get('skip') if metadata_types is not None and not isinstance(metadata_types, list): msg = _("skip should be a dictionary; got %s instead" % metadata_types) _LOG.error(msg) return False, msg if key == 'auth_cert': auth_pem = config.get('auth_cert').encode('utf-8') if auth_pem is not None and not util.validate_cert(auth_pem): msg = _("auth_cert is not a valid certificate") _LOG.error(msg) return False, msg auth_cert_bundle['cert'] = auth_pem if key == 'auth_ca': auth_ca = config.get('auth_ca').encode('utf-8') if auth_ca is not None and not util.validate_cert(auth_ca): msg = _("auth_ca is not a valid certificate") _LOG.error(msg) return False, msg auth_cert_bundle['ca'] = auth_ca # process auth certs repo_relative_path = self.get_repo_relative_path(repo, config) if repo_relative_path.startswith("/"): repo_relative_path = repo_relative_path[1:] self.process_repo_auth_certificate_bundle(repo.id, repo_relative_path, auth_cert_bundle) # If overriding https publish dir, be sure it exists and we can write to it publish_dir = config.get("https_publish_dir") if publish_dir: if not os.path.exists(publish_dir) or not os.path.isdir(publish_dir): msg = _("Value for 'https_publish_dir' is not an existing directory: %(publish_dir)s" % {"publish_dir":publish_dir}) return False, msg if not os.access(publish_dir, os.R_OK) or not os.access(publish_dir, os.W_OK): msg = _("Unable to read & write to specified 'https_publish_dir': %(publish_dir)s" % {"publish_dir":publish_dir}) return False, msg publish_dir = config.get("http_publish_dir") if publish_dir: if not os.path.exists(publish_dir) or not os.path.isdir(publish_dir): msg = _("Value for 'http_publish_dir' is not an existing directory: %(publish_dir)s" % {"publish_dir":publish_dir}) return False, msg if not os.access(publish_dir, os.R_OK) or not os.access(publish_dir, os.W_OK): msg = _("Unable to read & write to specified 'http_publish_dir': %(publish_dir)s" % {"publish_dir":publish_dir}) return False, msg rel_url = config.get("relative_url") if rel_url: conflict_status, conflict_msg = self.does_rel_url_conflict(rel_url, related_repos) if conflict_status: _LOG.info(conflict_msg) return False, conflict_msg return True, None
def validate_config(self, repo, config, related_repos): """ Validate the distributor config. A tuple of status, msg will be returned. Status indicates success or failure with True/False values, and in the event of failure, msg will contain an error message. :param repo: The repo that the config is for :type repo: pulp.server.db.model.repository.Repo :param config: The configuration to be validated :type config: pulp.server.content.plugins.config.PluginCallConfiguration :param related_repos: Repositories that are related to repo :type related_repos: list :return: tuple of status, message :rtype: tuple """ auth_cert_bundle = {} for key in REQUIRED_CONFIG_KEYS: value = config.get(key) if value is None: msg = _("Missing required configuration key: %(key)s" % {"key": key}) _LOG.error(msg) return False, msg if key == "relative_url": relative_path = config.get("relative_url") if relative_path is not None: if not isinstance(relative_path, basestring): msg = _("relative_url should be a basestring; got %s instead" % relative_path) _LOG.error(msg) return False, msg if re.match("[^a-zA-Z0-9/_-]+", relative_path): msg = _("relative_url must contain only alphanumerics, underscores, and dashes.") _LOG.error(msg) return False, msg if key == "http": config_http = config.get("http") if config_http is not None and not isinstance(config_http, bool): msg = _("http should be a boolean; got %s instead" % config_http) _LOG.error(msg) return False, msg if key == "https": config_https = config.get("https") if config_https is not None and not isinstance(config_https, bool): msg = _("https should be a boolean; got %s instead" % config_https) _LOG.error(msg) return False, msg for key in config.keys(): if key not in REQUIRED_CONFIG_KEYS and key not in OPTIONAL_CONFIG_KEYS: msg = _("Configuration key '%(key)s' is not supported" % {"key": key}) _LOG.error(msg) return False, msg if key == "protected": protected = config.get("protected") if not isinstance(protected, bool): msg = _("protected should be a boolean; got %s instead" % protected) _LOG.error(msg) return False, msg if key == "use_createrepo": use_createrepo = config.get("use_createrepo") if not isinstance(use_createrepo, bool): msg = _("use_createrepo should be a boolean; got %s instead" % use_createrepo) _LOG.error(msg) return False, msg if key == "checksum_type": checksum_type = config.get("checksum_type") if checksum_type is not None and not util.is_valid_checksum_type(checksum_type): msg = _("%s is not a valid checksum type" % checksum_type) _LOG.error(msg) return False, msg if key == "skip": metadata_types = config.get("skip") if not isinstance(metadata_types, list): msg = _("skip should be a dictionary; got %s instead" % metadata_types) _LOG.error(msg) return False, msg if key == "auth_cert": auth_pem = config.get("auth_cert").encode("utf-8") if auth_pem is not None and not util.validate_cert(auth_pem): msg = _("auth_cert is not a valid certificate") _LOG.error(msg) return False, msg auth_cert_bundle["cert"] = auth_pem if key == "auth_ca": auth_ca = config.get("auth_ca").encode("utf-8") if auth_ca is not None and not util.validate_cert(auth_ca): msg = _("auth_ca is not a valid certificate") _LOG.error(msg) return False, msg auth_cert_bundle["ca"] = auth_ca # process auth certs repo_relative_path = self.get_repo_relative_path(repo, config) if repo_relative_path.startswith("/"): repo_relative_path = repo_relative_path[1:] self.process_repo_auth_certificate_bundle(repo.id, repo_relative_path, auth_cert_bundle) # If overriding https publish dir, be sure it exists and we can write to it publish_dir = config.get("https_publish_dir") if publish_dir: if not os.path.exists(publish_dir) or not os.path.isdir(publish_dir): msg = _( "Value for 'https_publish_dir' is not an existing directory: %(publish_dir)s" % {"publish_dir": publish_dir} ) return False, msg if not os.access(publish_dir, os.R_OK) or not os.access(publish_dir, os.W_OK): msg = _( "Unable to read & write to specified 'https_publish_dir': %(publish_dir)s" % {"publish_dir": publish_dir} ) return False, msg publish_dir = config.get("http_publish_dir") if publish_dir: if not os.path.exists(publish_dir) or not os.path.isdir(publish_dir): msg = _( "Value for 'http_publish_dir' is not an existing directory: %(publish_dir)s" % {"publish_dir": publish_dir} ) return False, msg if not os.access(publish_dir, os.R_OK) or not os.access(publish_dir, os.W_OK): msg = _( "Unable to read & write to specified 'http_publish_dir': %(publish_dir)s" % {"publish_dir": publish_dir} ) return False, msg rel_url = config.get("relative_url") if rel_url: conflict_status, conflict_msg = self.does_rel_url_conflict(rel_url, related_repos) if conflict_status: _LOG.info(conflict_msg) return False, conflict_msg return True, None