Add support for pull credentials on builds and build triggers

2014-03-27 18:33:13 -04:00 · 2014-03-27 18:33:13 -04:00 · 2006917e03
commit 2006917e03
parent 1fc3c922a9
17 changed files with 355 additions and 37 deletions
--- a/data/model/legacy.py
+++ b/data/model/legacy.py
@ -154,6 +154,16 @@ def create_robot(robot_shortname, parent):
    raise DataModelException(ex.message)


+def lookup_robot(robot_username):
+  joined = User.select().join(FederatedLogin).join(LoginService)
+  found = list(joined.where(LoginService.name == 'quayrobot',
+                            User.username == robot_username))
+  if not found or len(found) < 1 or not found[0].robot:
+    return None
+
+  return found[0]
+
+
 def verify_robot(robot_username, password):
  joined = User.select().join(FederatedLogin).join(LoginService)
  found = list(joined.where(FederatedLogin.service_ident == password,
@ -1449,6 +1459,20 @@ def create_repository_build(repo, access_token, job_config_obj, dockerfile_id,
                                display_name=display_name, trigger=trigger,
                                resource_key=dockerfile_id)

+def get_pull_credentials(trigger):
+  if not trigger.pull_user:
+    return None
+  
+  try:
+    login_info = FederatedLogin.get(user=trigger.pull_user)
+  except FederatedLogin.DoesNotExist:
+    return None
+
+  return {
+    'username': trigger.pull_user.username,
+    'password': login_info.service_ident,
+    'registry': 'quay.io' # TODO: Is there a better way to do this?
+  }

 def create_webhook(repo, params_obj):
  return Webhook.create(repository=repo, parameters=json.dumps(params_obj))
@ -1506,11 +1530,12 @@ def log_action(kind_name, user_or_organization_name, performer=None,
                  metadata_json=json.dumps(metadata), datetime=timestamp)


-def create_build_trigger(repo, service_name, auth_token, user):
+def create_build_trigger(repo, service_name, auth_token, user, pull_user=None):
  service = BuildTriggerService.get(name=service_name)
  trigger = RepositoryBuildTrigger.create(repository=repo, service=service,
                                          auth_token=auth_token,
-                                          connected_user=user)
+                                          connected_user=user,
+                                          pull_user=None)
  return trigger