vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Pull out signing validation into validator class

Browse source
This commit is contained in:
Joseph Schorr 2017-02-15 11:56:19 -05:00
parent 8844ecbb7c
commit 2944a4e13d
3 changed files with 39 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

17
util/config/validator.py
View file

@ -1,6 +1,5 @@
import logging
from StringIO import StringIO
from hashlib import sha1
import peewee
@ -16,7 +15,6 @@ from oauth.services.github import GithubOAuthService
from oauth.services.google import GoogleOAuthService
from oauth.services.gitlab import GitLabOAuthService
from util.registry.torrent import torrent_jwt
from util.security.signing import SIGNING_ENGINES
from util.security.ssl import load_certificate, CertInvalidException, KeyInvalidException
from util.config.validators.validate_database import DatabaseValidator
@ -27,6 +25,7 @@ from util.config.validators.validate_ldap import LDAPValidator
from util.config.validators.validate_keystone import KeystoneValidator
from util.config.validators.validate_jwt import JWTAuthValidator
from util.config.validators.validate_secscan import SecurityScannerValidator
from util.config.validators.validate_signer import SignerValidator
logger = logging.getLogger(__name__)
@ -234,18 +233,6 @@ def _validate_ssl(config, user_obj, _):
raise ConfigValidationException('SSL private key failed to validate: %s' % kie.message)
def _validate_signer(config, user_obj, _):
""" Validates the GPG public+private key pair used for signing converted ACIs. """
if config.get('SIGNING_ENGINE') is None:
return
if config['SIGNING_ENGINE'] not in SIGNING_ENGINES:
raise ConfigValidationException('Unknown signing engine: %s' % config['SIGNING_ENGINE'])
engine = SIGNING_ENGINES[config['SIGNING_ENGINE']](config, config_provider)
engine.detached_sign(StringIO('test string'))
def _validate_bittorrent(config, user_obj, _):
""" Validates the configuration for using BitTorrent for downloads. """
announce_url = config.get('BITTORRENT_ANNOUNCE_URL')
@ -301,7 +288,7 @@ VALIDATORS = {
LDAPValidator.name: LDAPValidator.validate,
JWTAuthValidator.name: JWTAuthValidator.validate,
KeystoneValidator.name: KeystoneValidator.validate,
'signer': _validate_signer,
SignerValidator.name: SignerValidator.validate,
SecurityScannerValidator.name: SecurityScannerValidator.validate,
'bittorrent': _validate_bittorrent,
}