Change validators to use the validator_context
Change InstanceKeys to take a namedtuple for context
This commit is contained in:
Sam Chow
parent
e967fde3ae
commit
554d4f47a8
31 changed files with 172 additions and 69 deletions
|
|
@ -16,7 +16,7 @@ from util import get_app_url, slash_join
|
|||
from util.abchelpers import nooper
|
||||
from util.failover import failover, FailoverException
|
||||
from util.secscan.validator import SecurityConfigValidator
|
||||
from util.security.instancekeys import InstanceKeys
|
||||
from util.security.instancekeys import InstanceKeys, instance_keys_context_from_app_config
|
||||
from util.security.registry_jwt import generate_bearer_token, build_context_and_subject
|
||||
|
||||
from _init import CONF_DIR
|
||||
|
|
@ -150,10 +150,10 @@ class NoopSecurityScannerAPI(SecurityScannerAPIInterface):
|
|||
|
||||
class ImplementedSecurityScannerAPI(SecurityScannerAPIInterface):
|
||||
""" Helper class for talking to the Security Scan service (Clair). """
|
||||
def __init__(self, app, config, storage, client=None):
|
||||
self._app = app
|
||||
def __init__(self, app_config, config, storage, client=None):
|
||||
self._app_config = app_config
|
||||
self._config = config
|
||||
self._instance_keys = InstanceKeys(app)
|
||||
self._instance_keys = InstanceKeys(instance_keys_context_from_app_config(app_config))
|
||||
self._client = client or config['HTTPCLIENT']
|
||||
self._storage = storage
|
||||
self._default_storage_locations = config['DISTRIBUTED_STORAGE_PREFERENCE']
|
||||
|
|
@ -183,7 +183,7 @@ class ImplementedSecurityScannerAPI(SecurityScannerAPIInterface):
|
|||
repository_and_namespace = '/'.join([namespace_name, repo_name])
|
||||
|
||||
# Generate the JWT which will authorize this
|
||||
audience = self._app.config['SERVER_HOSTNAME']
|
||||
audience = self._app_config['SERVER_HOSTNAME']
|
||||
context, subject = build_context_and_subject()
|
||||
access = [{
|
||||
'type': 'repository',
|
||||
|
|
|
|||
Reference in a new issue