Split secscan endpoints into a new process

This commit is contained in:
Jake Moshenko 2016-05-02 11:38:00 -04:00
parent fdf81860a1
commit cc8e58e7f4
7 changed files with 38 additions and 5 deletions

View file

@ -8,6 +8,7 @@ from app import app as application
import web
import verbs
import registry
import secscan
if __name__ == '__main__':

13
conf/gunicorn_secscan.py Normal file
View file

@ -0,0 +1,13 @@
from Crypto import Random
bind = 'unix:/tmp/gunicorn_secscan.sock'
workers = 2
worker_class = 'gevent'
logconfig = 'conf/logging.conf'
pythonpath = '.'
preload_app = True
def post_fork(server, worker):
# Reset the Random library to ensure it won't raise the "PID check failed." error after
# gunicorn forks.
Random.atfork()

View file

@ -0,0 +1,2 @@
#!/bin/sh
exec logger -i -t gunicorn_web

View file

@ -0,0 +1,8 @@
#! /bin/bash
echo 'Starting gunicon'
cd /
venv/bin/gunicorn -c conf/gunicorn_secscan.py secscan:application
echo 'Gunicorn exited'

View file

@ -13,15 +13,15 @@ jwtproxy:
type: preshared
options:
key_id: {{ key_id }}
private_key_path: /conf/quay.pem
private_key_path: /conf/quay.pem
verifier_proxies:
- enabled: true
listen_addr: unix:/tmp/jwtproxy_secscan.sock
verifier:
upstream: unix:/tmp/gunicorn_web.sock
upstream: unix:/tmp/gunicorn_secscan.sock
audience: {{ audience }}
key_server:
type: keyregistry
options:
issuer: clair
registry: {{ registry }}
registry: {{ registry }}

11
secscan.py Normal file
View file

@ -0,0 +1,11 @@
import os
import logging.config
from app import app as application
from endpoints.secscan import secscan
if os.environ.get('DEBUGLOG') == 'true':
logging.config.fileConfig('conf/logging_debug.conf', disable_existing_loggers=False)
application.register_blueprint(secscan, url_prefix='/secscan')

2
web.py
View file

@ -10,7 +10,6 @@ from endpoints.gitlabtrigger import gitlabtrigger
from endpoints.key_server import key_server
from endpoints.oauthlogin import oauthlogin
from endpoints.realtime import realtime
from endpoints.secscan import secscan
from endpoints.web import web
from endpoints.webhooks import webhooks
@ -25,5 +24,4 @@ application.register_blueprint(bitbuckettrigger, url_prefix='/oauth1')
application.register_blueprint(api_bp, url_prefix='/api')
application.register_blueprint(webhooks, url_prefix='/webhooks')
application.register_blueprint(realtime, url_prefix='/realtime')
application.register_blueprint(secscan, url_prefix='/secscan')
application.register_blueprint(key_server, url_prefix='/keys')