mozilla
/
mig
зеркало из https://github.com/mozilla/mig.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

[medium] API support for action create via POST values

This commit is contained in:
Julien Vehent 2014-02-18 07:36:47 -08:00
Родитель 5644dbe48f
Коммит 259845a4d3
2 изменённых файлов: 49 добавлений и 7 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

37
doc/configuration.rst
Просмотреть файл

@ -296,3 +296,40 @@ iptables to redirect the port on the rabbitmq server.
.. code:: bash .. code:: bash
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 5671 -m comment --comment "Serve RabbitMQ on HTTPS port" iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 5671 -m comment --comment "Serve RabbitMQ on HTTPS port"
API configuration
-----------------
The REST API exposes functions to create, delete and query actions remotely. It
is the primary interface to the Scheduler.
GnuPG pubring
~~~~~~~~~~~~~
The API uses a gnupg pubring to validate incoming actions. The pubring can be
created as a single file, without other gnupg files, and provided to the API in
the configuration file.
To create a pubring, use the following command:
.. code:: bash
$ mkdir /tmp/api-gpg
# export the public keys into a file
$ gpg --export -a bob@example.net john@example.com > /tmp/api-gpg/pubkeys.pem
# import the public keys into a new pubring
$ gpg --homedir /tmp/api-gpg/ --import /tmp/api-gpg/pubkeys.pem
gpg: key AF67CB21: public key "Bob Kelso <bob@example.net>" imported
gpg: key DEF98214: public key "John Smith <john@example.com>" imported
gpg: Total number processed: 2
gpg: imported: 2 (RSA: 2)
The file in /tmp/api-gpg/pubring.gpg can be passed to the API
::
[openpgp]
pubring = "/tmp/api-gpg/pubring.gpg"

19
src/mig/api/api.go
Просмотреть файл

@ -251,6 +251,7 @@ func describeCreateAction(respWriter http.ResponseWriter, request *http.Request)
// createAction receives a signed action in a POST request, validates it, // createAction receives a signed action in a POST request, validates it,
// and write it into the scheduler spool // and write it into the scheduler spool
func createAction(respWriter http.ResponseWriter, request *http.Request) { func createAction(respWriter http.ResponseWriter, request *http.Request) {
var err error
opid := mig.GenID() opid := mig.GenID()
var action mig.Action var action mig.Action
resource := cljs.New(request.URL.Path) resource := cljs.New(request.URL.Path)
@ -264,16 +265,13 @@ func createAction(respWriter http.ResponseWriter, request *http.Request) {
}() }()
// parse the POST body into a mig action // parse the POST body into a mig action
data, err := ioutil.ReadAll(request.Body) request.ParseForm()
postAction := request.FormValue("action")
err = json.Unmarshal([]byte(postAction), &action)
if err != nil { if err != nil {
panic(err) panic(err)
} }
ctx.Channels.Log <- mig.Log{OpID: opid, Desc: fmt.Sprintf("Received action for creation '%s'", action)}.Debug()
err = json.Unmarshal([]byte(data), &action)
if err != nil {
panic(err)
}
ctx.Channels.Log <- mig.Log{OpID: opid, Desc: "Received action for creation"}.Debug()
// load keyring and validate action // load keyring and validate action
keyring, err := os.Open(ctx.OpenPGP.PubRing) keyring, err := os.Open(ctx.OpenPGP.PubRing)
@ -301,6 +299,13 @@ func createAction(respWriter http.ResponseWriter, request *http.Request) {
} }
ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: "Action committed to spool"} ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: "Action committed to spool"}
err = resource.AddItem(cljs.Item{
Href: "/api/action?actionid=" + fmt.Sprintf("%d", action.ID),
Data: []cljs.Data{{Name: "action ID " + fmt.Sprintf("%d", action.ID), Value: action}},
})
if err != nil {
panic(err)
}
respond(201, resource, respWriter, request, opid) respond(201, resource, respWriter, request, opid)
} }