Add support for SSL if the certificate is found in the config directory

2014-11-25 16:36:21 -05:00 · 2014-11-25 16:36:21 -05:00 · 04fc6d82a5
commit 04fc6d82a5
parent 660a640de6
2 changed files with 17 additions and 6 deletions
--- a/buildman/builder.py
+++ b/buildman/builder.py
@ -1,10 +1,13 @@
 import logging
+import os

 from app import app, userfiles as user_files, build_logs, dockerfile_build_queue

 from buildman.manager.enterprise import EnterpriseManager
 from buildman.server import BuilderServer

+from trollius import SSLContext
+
 LOGGER = logging.getLogger(__name__)

 BUILD_MANAGERS = {
@ -16,13 +19,21 @@ def run_build_manager():
  if build_manager_config is None:
    return

+  LOGGER.debug('Asking to start build manager with lifecycle "%s"', build_manager_config[0])
  manager_klass = BUILD_MANAGERS.get(build_manager_config[0])
  if manager_klass is None:
    return

+  LOGGER.debug('Starting build manager with lifecycle "%s"', build_manager_config[0])
+  ssl_context = None
+  if os.path.exists('conf/stack/ssl.cert'):
+    LOGGER.debug('Loading SSL cert and key')
+    ssl_context = SSLContext()
+    ssl_context.load_cert_chain('conf/stack/ssl.cert', 'conf/stack/ssl.key')
+
  server = BuilderServer(app.config['SERVER_HOSTNAME'], dockerfile_build_queue, build_logs,
                         user_files, manager_klass)
-  server.run('0.0.0.0')
+  server.run('0.0.0.0', ssl=ssl_context)

 if __name__ == '__main__':
  logging.basicConfig(level=logging.DEBUG)
--- a/buildman/server.py
+++ b/buildman/server.py
@ -67,13 +67,13 @@ class BuilderServer(object):

    self._controller_app = controller_app

-  def run(self, host):
+  def run(self, host, ssl=None):
    LOGGER.debug('Initializing the lifecycle manager')
    self._lifecycle_manager.initialize()

    LOGGER.debug('Initializing all members of the event loop')
    loop = trollius.get_event_loop()
-    trollius.Task(self._initialize(loop, host))
+    trollius.Task(self._initialize(loop, host, ssl))

    LOGGER.debug('Starting server on port 8080, with controller on port 8181')
    try:
@ -161,7 +161,7 @@ class BuilderServer(object):


  @trollius.coroutine
-  def _initialize(self, loop, host):
+  def _initialize(self, loop, host, ssl=None):
    self._loop = loop

    # Create the WAMP server.
@ -169,8 +169,8 @@ class BuilderServer(object):
    transport_factory.setProtocolOptions(failByDrop=True)

    # Initialize the controller server and the WAMP server
-    create_wsgi_server(self._controller_app, loop=loop, host=host, port=CONTROLLER_PORT)
-    yield From(loop.create_server(transport_factory, host, WEBSOCKET_PORT))
+    create_wsgi_server(self._controller_app, loop=loop, host=host, port=CONTROLLER_PORT, ssl=ssl)
+    yield From(loop.create_server(transport_factory, host, WEBSOCKET_PORT, ssl=ssl))

    # Initialize the work queue checker.
    yield From(self._work_checker())