From 3586955669ebd9327e20c08a58b3aba75837ea34 Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Tue, 20 Mar 2018 17:03:35 -0400 Subject: [PATCH] Remove license code in Quay No longer needed under Red Hat rules \o/ Fixes https://jira.coreos.com/browse/QUAY-883 --- app.py | 4 - endpoints/api/suconfig.py | 52 -- endpoints/api/superuser.py | 74 +-- endpoints/common.py | 4 +- endpoints/v1/__init__.py | 3 +- endpoints/v2/__init__.py | 3 +- endpoints/verbs/__init__.py | 3 +- static/css/pages/setup.css | 49 -- .../config/config-license-field.html | 75 --- .../directives/config/config-setup-tool.html | 10 - static/js/pages/setup.js | 8 +- static/partials/setup.html | 41 +- templates/base.html | 13 - test/test_api_security.py | 33 +- test/test_api_usage.py | 11 +- test/test_license.py | 570 ------------------ test/test_suconfig_api.py | 2 +- util/config/provider/baseprovider.py | 33 - util/config/provider/testprovider.py | 17 +- util/config/validator.py | 2 - .../validators/test/test_validate_license.py | 48 -- util/config/validators/validate_license.py | 19 - util/license.py | 416 ------------- 23 files changed, 19 insertions(+), 1471 deletions(-) delete mode 100644 static/css/pages/setup.css delete mode 100644 static/directives/config/config-license-field.html delete mode 100644 test/test_license.py delete mode 100644 util/config/validators/test/test_validate_license.py delete mode 100644 util/config/validators/validate_license.py delete mode 100644 util/license.py diff --git a/app.py b/app.py index ca1ea2d92..90f5771b6 100644 --- a/app.py +++ b/app.py @@ -44,7 +44,6 @@ from util.config.configutil import generate_secret_key from util.config.provider import get_config_provider from util.config.superusermanager import SuperUserManager from util.label_validator import LabelValidator -from util.license import LicenseValidator from util.metrics.metricqueue import MetricQueue from util.metrics.prometheus import PrometheusPlugin from util.saas.cloudwatch import start_cloudwatch_sender @@ -203,9 +202,6 @@ instance_keys = InstanceKeys(app) label_validator = LabelValidator(app) build_canceller = BuildCanceller(app) -license_validator = LicenseValidator(config_provider) -license_validator.start() - start_cloudwatch_sender(metric_queue, app) github_trigger = GithubOAuthService(app.config, 'GITHUB_TRIGGER_CONFIG') diff --git a/endpoints/api/suconfig.py b/endpoints/api/suconfig.py index 66f241670..316c14169 100644 --- a/endpoints/api/suconfig.py +++ b/endpoints/api/suconfig.py @@ -21,7 +21,6 @@ from endpoints.common import common_login from util.config.configutil import add_enterprise_config_defaults from util.config.database import sync_database_with_config from util.config.validator import validate_service_for_config, is_valid_config_upload_filename -from util.license import decode_license, LicenseDecodeError import features @@ -68,12 +67,6 @@ class SuperUserRegistryStatus(ApiResource): 'status': 'missing-config-dir' } - # If there is no license file, we need to ask the user to upload it. - if not config_provider.has_license_file(): - return { - 'status': 'upload-license' - } - # If there is no config file, we need to setup the database. if not config_provider.config_exists(): return { @@ -265,51 +258,6 @@ class SuperUserConfig(ApiResource): abort(403) -@resource('/v1/superuser/config/license') -@internal_only -@show_if(features.SUPER_USERS) -class SuperUserSetAndValidateLicense(ApiResource): - """ Resource for setting and validating a license. """ - schemas = { - 'ValidateLicense': { - 'type': 'object', - 'description': 'Validates and sets a license', - 'required': [ - 'license', - ], - 'properties': { - 'license': { - 'type': 'string' - }, - }, - }, - } - - @nickname('suSetAndValidateLicense') - @verify_not_prod - @validate_json_request('ValidateLicense') - def post(self): - """ Validates the given license contents and then saves it to the config volume. """ - if config_provider.has_license_file(): - abort(403) - - license_contents = request.get_json()['license'] - try: - decoded_license = decode_license(license_contents) - except LicenseDecodeError as le: - raise InvalidRequest(le.message) - - statuses = decoded_license.validate({}) - all_met = all(status.is_met() for status in statuses) - if all_met: - config_provider.save_license(license_contents) - - return { - 'status': [status.as_dict(for_private=True) for status in statuses], - 'success': all_met, - } - - @resource('/v1/superuser/config/file/') @internal_only @show_if(features.SUPER_USERS) diff --git a/endpoints/api/superuser.py b/endpoints/api/superuser.py index 1e3cc35a0..dd96e0849 100644 --- a/endpoints/api/superuser.py +++ b/endpoints/api/superuser.py @@ -13,7 +13,7 @@ from flask import request, make_response, jsonify import features -from app import app, avatar, superusers, authentication, config_provider, license_validator +from app import app, avatar, superusers, authentication, config_provider from auth import scopes from auth.auth_context import get_authenticated_user from auth.permissions import SuperUserPermission @@ -28,7 +28,6 @@ from endpoints.api.superuser_models_pre_oci import (pre_oci_model, ServiceKeyDoe ServiceKeyAlreadyApproved, InvalidRepositoryBuildException) from util.useremails import send_confirmation_email, send_recovery_email -from util.license import decode_license, LicenseDecodeError from util.security.ssl import load_certificate, CertInvalidException from util.config.validator import EXTRA_CA_DIRECTORY from _init import ROOT_DIR @@ -968,77 +967,6 @@ class SuperUserCustomCertificate(ApiResource): raise Unauthorized() -@resource('/v1/superuser/license') -@internal_only -@show_if(features.SUPER_USERS) -class SuperUserLicense(ApiResource): - """ Resource for getting and setting a license. """ - schemas = { - 'UpdateLicense': { - 'type': 'object', - 'description': 'Updates a license', - 'required': [ - 'license', - ], - 'properties': { - 'license': { - 'type': 'string' - }, - }, - }, - } - - @nickname('getLicense') - @require_fresh_login - @require_scope(scopes.SUPERUSER) - @verify_not_prod - def get(self): - """ Returns the current decoded license. """ - if SuperUserPermission().can(): - try: - decoded_license = config_provider.get_license() - except LicenseDecodeError as le: - raise InvalidRequest(le.message) - - statuses = decoded_license.validate(app.config) - all_met = all(status.is_met() for status in statuses) - - return { - 'status': [status.as_dict(for_private=True) for status in statuses], - 'success': all_met, - } - - raise Unauthorized() - - @nickname('updateLicense') - @require_fresh_login - @require_scope(scopes.SUPERUSER) - @verify_not_prod - @validate_json_request('UpdateLicense') - def put(self): - """ Validates the given license contents and then saves it to the config volume. """ - if SuperUserPermission().can(): - license_contents = request.get_json()['license'] - try: - decoded_license = decode_license(license_contents) - except LicenseDecodeError as le: - raise InvalidRequest(le.message) - - statuses = decoded_license.validate(app.config) - all_met = all(status.is_met() for status in statuses) - if all_met: - # Save the license and update the license check thread. - config_provider.save_license(license_contents) - license_validator.compute_license_sufficiency() - - return { - 'status': [status.as_dict(for_private=True) for status in statuses], - 'success': all_met, - } - - raise Unauthorized() - - @resource('/v1/superuser//logs') @path_param('build_uuid', 'The UUID of the build') @show_if(features.SUPER_USERS) diff --git a/endpoints/common.py b/endpoints/common.py index 355817dce..82040bb06 100644 --- a/endpoints/common.py +++ b/endpoints/common.py @@ -9,7 +9,7 @@ from flask_principal import identity_changed import endpoints.decorated # Register the various exceptions via decorators. import features -from app import app, oauth_apps, oauth_login, LoginWrappedDBUser, user_analytics, license_validator +from app import app, oauth_apps, oauth_login, LoginWrappedDBUser, user_analytics from auth import scopes from auth.permissions import QuayDeferredPermissionUser from config import frontend_visible_config @@ -143,8 +143,6 @@ def render_page_template(name, route_data=None, **kwargs): hostname=app.config['SERVER_HOSTNAME'], preferred_scheme=app.config['PREFERRED_URL_SCHEME'], version_number=version_number, - license_insufficient=license_validator.insufficient, - license_expiring=license_validator.expiring_soon, current_year=datetime.datetime.now().year, **kwargs) diff --git a/endpoints/v1/__init__.py b/endpoints/v1/__init__.py index 472f0686b..f3ea259ff 100644 --- a/endpoints/v1/__init__.py +++ b/endpoints/v1/__init__.py @@ -1,11 +1,10 @@ from flask import Blueprint, make_response -from app import metric_queue, license_validator +from app import metric_queue from endpoints.decorators import anon_protect, anon_allowed from util.metrics.metricqueue import time_blueprint v1_bp = Blueprint('v1', __name__) -license_validator.enforce_license_before_request(v1_bp) time_blueprint(v1_bp, metric_queue) diff --git a/endpoints/v2/__init__.py b/endpoints/v2/__init__.py index 2acfd5a42..88a429aea 100644 --- a/endpoints/v2/__init__.py +++ b/endpoints/v2/__init__.py @@ -10,7 +10,7 @@ from semantic_version import Spec import features -from app import app, metric_queue, get_app_url, license_validator +from app import app, metric_queue, get_app_url from auth.auth_context import get_authenticated_context from auth.permissions import ( ReadRepositoryPermission, ModifyRepositoryPermission, AdministerRepositoryPermission) @@ -26,7 +26,6 @@ from util.pagination import encrypt_page_token, decrypt_page_token logger = logging.getLogger(__name__) v2_bp = Blueprint('v2', __name__) -license_validator.enforce_license_before_request(v2_bp) time_blueprint(v2_bp, metric_queue) diff --git a/endpoints/verbs/__init__.py b/endpoints/verbs/__init__.py index bd7798569..7542fd599 100644 --- a/endpoints/verbs/__init__.py +++ b/endpoints/verbs/__init__.py @@ -5,7 +5,7 @@ from flask import redirect, Blueprint, abort, send_file, make_response, request import features -from app import app, signer, storage, metric_queue, license_validator, config_provider, ip_resolver +from app import app, signer, storage, metric_queue, config_provider, ip_resolver from auth.auth_context import get_authenticated_user from auth.decorators import process_auth from auth.permissions import ReadRepositoryPermission @@ -27,7 +27,6 @@ from util.registry.torrent import ( logger = logging.getLogger(__name__) verbs = Blueprint('verbs', __name__) -license_validator.enforce_license_before_request(verbs) LAYER_MIMETYPE = 'binary/octet-stream' diff --git a/static/css/pages/setup.css b/static/css/pages/setup.css deleted file mode 100644 index 2cdeb027b..000000000 --- a/static/css/pages/setup.css +++ /dev/null @@ -1,49 +0,0 @@ -.initial-setup-modal .upload-license textarea { - border: 1px solid #eee !important; - transition: all ease-in-out 200ms; - resize: none; -} - -.initial-setup-modal .upload-license textarea { - padding: 10px; - margin-top: 20px; - margin-bottom: 10px; -} - -.initial-setup-modal .upload-license .validate-message { - display: inline-block; - margin-left: 10px; - margin-top: 10px; -} - -.initial-setup-modal .upload-license .license-invalid h5 { - font-size: 18px; - color: red; -} - -.initial-setup-modal .upload-license .license-invalid h6 { - margin-bottom: 10px; - font-size: 16px; -} - -.initial-setup-modal .upload-license .license-invalid .fa { - margin-right: 6px; -} - -.initial-setup-modal .license-valid h5 { - color: #2FC98E; - font-size: 16px; - margin-bottom: 16px; -} - -.initial-setup-modal .config-license-field { - margin-top: 30px; -} - -.initial-setup-modal .license-valid .fa { - margin-right: 6px; -} - -.initial-setup-modal .license-valid table { - margin-top: 40px; -} diff --git a/static/directives/config/config-license-field.html b/static/directives/config/config-license-field.html deleted file mode 100644 index 73ddc29fb..000000000 --- a/static/directives/config/config-license-field.html +++ /dev/null @@ -1,75 +0,0 @@ -
- - - -
- -
-

License Valid

- - - - - - - - - - - - - - - -
RequirementRequired CountSubscriptionSubscription CountExpiration Date
{{ requirementTitles[status.requirement.name] }}{{ status.requirement.count }}{{ status.entitlement.product_name }}{{ status.entitlement.count }}
-
- -
-

Validation Failed

-
{{ licenseError }}
-
-

The following errors were found:

-
    -
  • -
    - -
    - {{ requirementTitles[status.requirement.name] }}: {{ status.requirement.count }} areis required: License provides {{ status.entitlement.count }} -
    - - -
    - {{ requirementTitles[status.requirement.name] }}: License is missing requirement -
    - - -
    - {{ requirementTitles[status.requirement.name] }}: Requirement expired on {{ status.entitlement.expiration.expiration_date }} -
    -
    -
    • -
-
-
- - - -
-

- Your license can be found under the "Raw Format" tab of your Quay Enterprise - subscription in the Tectonic Account. -

- - - - - -
- Validating License -
-
-
\ No newline at end of file diff --git a/static/directives/config/config-setup-tool.html b/static/directives/config/config-setup-tool.html index c29809b02..629e3b45f 100644 --- a/static/directives/config/config-setup-tool.html +++ b/static/directives/config/config-setup-tool.html @@ -3,16 +3,6 @@
- -
-
- License -
-
-
-
-
-
diff --git a/static/js/pages/setup.js b/static/js/pages/setup.js index df56c9e2c..a647bb0c7 100644 --- a/static/js/pages/setup.js +++ b/static/js/pages/setup.js @@ -39,9 +39,6 @@ import * as URI from 'urijs'; // The config.yaml exists but it is invalid. 'INVALID_CONFIG': 'config-invalid', - // License is being uploaded. - 'UPLOAD_LICENSE': 'upload-license', - // DB is being configured. 'CONFIG_DB': 'config-db', @@ -100,8 +97,7 @@ import * as URI from 'urijs'; $scope.currentConfig = null; $scope.currentState = { - 'hasDatabaseSSLCert': false, - 'licenseValid': false + 'hasDatabaseSSLCert': false }; $scope.$watch('currentStep', function(currentStep) { @@ -127,7 +123,6 @@ import * as URI from 'urijs'; case $scope.States.CREATE_SUPERUSER: case $scope.States.DB_RESTARTING: case $scope.States.CONFIG_DB: - case $scope.States.UPLOAD_LICENSE: case $scope.States.VALID_CONFIG: case $scope.States.READY: $('#setupModal').modal({ @@ -173,7 +168,6 @@ import * as URI from 'urijs'; var States = $scope.States; return [ - isStepFamily(step, States.UPLOAD_LICENSE), isStepFamily(step, States.CONFIG_DB), isStepFamily(step, States.DB_SETUP), isStep(step, States.DB_RESTARTING), diff --git a/static/partials/setup.html b/static/partials/setup.html index 6133a17e5..b89647fd2 100644 --- a/static/partials/setup.html +++ b/static/partials/setup.html @@ -9,13 +9,12 @@
- - + - - - + + + @@ -37,13 +36,12 @@
- - + - - - + + + @@ -130,20 +128,6 @@ The container must be restarted to apply the configuration changes.
- -
-

- Quay Enterprise License -

-
- Please provide your Quay Enterprise License. It can be - found by clicking "copy and paste" link under "CoreOS License" tab - of your Account in the Tectonic Account. -
-
-
-
@@ -242,15 +226,6 @@ Database Validation Issue: {{ errors.DatabaseValidationError }}
- -
- -
-
diff --git a/templates/base.html b/templates/base.html index f7bc76abe..abe1dd807 100644 --- a/templates/base.html +++ b/templates/base.html @@ -128,19 +128,6 @@ mixpanel.init("{{ mixpanel_key }}", { track_pageview : false, debug: {{ is_debug