Use the instance service key for registry JWT signing

2016-05-31 16:48:19 -04:00 · 2016-05-31 16:48:19 -04:00 · 8887f09ba8
commit 8887f09ba8
parent a4aa5cc02a
26 changed files with 457 additions and 278 deletions
--- a/initdb.py
+++ b/initdb.py
@ -673,6 +673,20 @@ def populate_database(minimal=False, with_storage=False):
  __generate_service_key('kid7', 'somewayexpiredkey', new_user_1, week_ago,
                         ServiceKeyApprovalType.SUPERUSER, today - timedelta(days=30))

+  # Add the test pull key as pre-approved for local and unittest registry testing.
+  # Note: this must match the private key found in the local/test config.
+  _TEST_JWK = {
+    'e': 'AQAB',
+    'kty': 'RSA',
+    'n': 'yqdQgnelhAPMSeyH0kr3UGePK9oFOmNfwD0Ymnh7YYXr21VHWwyM2eVW3cnLd9KXywDFtGSe9oFDbnOuMCdUowdkBcaHju-isbv5KEbNSoy_T2Rip-6L0cY63YzcMJzv1nEYztYXS8wz76pSK81BKBCLapqOCmcPeCvV9yaoFZYvZEsXCl5jjXN3iujSzSF5Z6PpNFlJWTErMT2Z4QfbDKX2Nw6vJN6JnGpTNHZvgvcyNX8vkSgVpQ8DFnFkBEx54PvRV5KpHAq6AsJxKONMo11idQS2PfCNpa2hvz9O6UZe-eIX8jPo5NW8TuGZJumbdPT_nxTDLfCqfiZboeI0Pw'
+  }
+
+  key = model.service_keys.create_service_key('test_service_key', 'test_service_key', 'quay',
+                                              _TEST_JWK, {}, None)
+
+  model.service_keys.approve_service_key(key.kid, new_user_1, ServiceKeyApprovalType.SUPERUSER,
+                                         notes='Test service key for local/test registry testing')
+
  model.log.log_action('org_create_team', org.username, performer=new_user_1,
                       timestamp=week_ago, metadata={'team': 'readers'})