2017-02-10 01:28:39 +00:00
|
|
|
import time
|
|
|
|
|
2018-06-04 18:14:19 +00:00
|
|
|
# from boot import setup_jwt_proxy
|
2017-02-10 01:28:39 +00:00
|
|
|
from util.secscan.api import SecurityScannerAPI
|
|
|
|
from util.config.validators import BaseValidator, ConfigValidationException
|
|
|
|
|
|
|
|
class SecurityScannerValidator(BaseValidator):
|
|
|
|
name = "security-scanner"
|
|
|
|
|
|
|
|
@classmethod
|
2018-05-25 19:42:27 +00:00
|
|
|
def validate(cls, validator_context):
|
2017-02-10 01:28:39 +00:00
|
|
|
""" Validates the configuration for talking to a Quay Security Scanner. """
|
2018-05-25 19:42:27 +00:00
|
|
|
config = validator_context.config
|
|
|
|
client = validator_context.http_client
|
2018-05-29 17:50:51 +00:00
|
|
|
feature_sec_scanner = validator_context.feature_sec_scanner
|
|
|
|
is_testing = validator_context.is_testing
|
2018-05-25 19:42:27 +00:00
|
|
|
|
2018-05-29 17:50:51 +00:00
|
|
|
server_hostname = validator_context.url_scheme_and_hostname.hostname
|
|
|
|
uri_creator = validator_context.uri_creator
|
|
|
|
|
|
|
|
if not feature_sec_scanner:
|
2017-02-10 01:28:39 +00:00
|
|
|
return
|
|
|
|
|
2018-05-29 17:50:51 +00:00
|
|
|
api = SecurityScannerAPI(config, None, server_hostname, client=client, skip_validation=True, uri_creator=uri_creator)
|
2017-02-10 01:28:39 +00:00
|
|
|
|
2018-06-04 18:14:19 +00:00
|
|
|
# if not is_testing:
|
2017-02-10 01:28:39 +00:00
|
|
|
# Generate a temporary Quay key to use for signing the outgoing requests.
|
2018-06-04 18:14:19 +00:00
|
|
|
# setup_jwt_proxy()
|
2017-02-10 01:28:39 +00:00
|
|
|
|
|
|
|
# We have to wait for JWT proxy to restart with the newly generated key.
|
|
|
|
max_tries = 5
|
|
|
|
response = None
|
2017-03-29 20:19:46 +00:00
|
|
|
last_exception = None
|
|
|
|
|
2017-02-10 01:28:39 +00:00
|
|
|
while max_tries > 0:
|
2017-03-29 20:19:46 +00:00
|
|
|
try:
|
|
|
|
response = api.ping()
|
|
|
|
last_exception = None
|
|
|
|
if response.status_code == 200:
|
|
|
|
return
|
|
|
|
except Exception as ex:
|
|
|
|
last_exception = ex
|
2017-02-10 01:28:39 +00:00
|
|
|
|
|
|
|
time.sleep(1)
|
|
|
|
max_tries = max_tries - 1
|
|
|
|
|
2017-03-29 20:19:46 +00:00
|
|
|
if last_exception is not None:
|
|
|
|
message = str(last_exception)
|
|
|
|
raise ConfigValidationException('Could not ping security scanner: %s' % message)
|
|
|
|
else:
|
|
|
|
message = 'Expected 200 status code, got %s: %s' % (response.status_code, response.text)
|
|
|
|
raise ConfigValidationException('Could not ping security scanner: %s' % message)
|