monitor_config_write: CORS apache conf should be rendered from a slapos...

monitor_config_write: CORS apache conf should be rendered from a slapos template instead of being hardcoded

monitor_config_write: CORS apache conf should be rendered from a slapos...
monitor_config_write: CORS apache conf should be rendered from a slapos template instead of being hardcoded
d8008cde · Nicolas Wavrant · 86e40b39 · d8008cde · d8008cde
Commit d8008cde authored Dec 02, 2016 by Nicolas Wavrant
Showing with 21 additions and 12 deletions

slapos/monitor/monitor_config_write.py slapos/monitor/monitor_config_write.py +11 -8

slapos/test/monitor/test_config_document.py slapos/test/monitor/test_config_document.py +10 -4

No files found.
--- a/slapos/monitor/monitor_config_write.py
+++ b/slapos/monitor/monitor_config_write.py
@@ -3,6 +3,7 @@
 import sys
 import os
 import re
+import jinja2
 import json
 import argparse
 import subprocess
@@ -21,15 +22,18 @@ def parseArguments():
                      help='Path apache htpasswd binary. Needed to write htpasswd file.')
  parser.add_argument('--output_cfg_file',
                      help='Ouput parameters in cfg file.')
+  parser.add_argument('--monitor_https_cors',
+                      help='Path to the CORS httpd template.')

  return parser.parse_args()

 class MonitorConfigWrite(object):

-  def __init__(self, config_json_file, htpasswd_bin, output_cfg_file=""):
+  def __init__(self, config_json_file, htpasswd_bin, output_cfg_file="", monitor_https_cors=""):
    self.config_json_file = config_json_file
    self.output_cfg_file = output_cfg_file
    self.htpasswd_bin = htpasswd_bin
+    self.monitor_https_cors = monitor_https_cors

  def _fileWrite(self, file_path, content):
    if os.path.exists(file_path):
@@ -76,14 +80,12 @@ class MonitorConfigWrite(object):
              return True
      except OSError, e:
        print "Failed to open file at %s. \n%s" % (old_httpd_cors_file, str(e))
-    for domain in cors_domain_list:
-      if cors_string:
-        cors_string += '|'
-      cors_string += re.escape(domain)
    try:
+      with open(self.monitor_https_cors, 'r') as cors_template:
+        template = jinja2.Template(cors_template.read())
+        rendered_string = template.render(domain=cors_domain)
      with open(httpd_cors_file, 'w') as file:
-        file.write('SetEnvIf Origin "^http(s)?://(.+\.)?(%s)$" origin_is=$0\n' % cors_string)
-        file.write('Header always set Access-Control-Allow-Origin %{origin_is}e env=origin_is')
+        file.write(rendered_string)
    except OSError, e:
      print "ERROR while writing CORS changes to %s.\n %s" % (httpd_cors_file, str(e))
      return False
@@ -176,7 +178,8 @@ def main():
  instance = MonitorConfigWrite(
    parameter_tmp_file,
    parser.htpasswd_bin,
-    parser.output_cfg_file)
+    parser.output_cfg_file,
+    parser.monitor_https_cors)

  while True:
    result_dict = instance.applyConfigChanges()

--- a/slapos/test/monitor/test_config_document.py
+++ b/slapos/test/monitor/test_config_document.py
@@ -21,6 +21,7 @@ class MonitorConfigDocument(unittest.TestCase):
    self.httpd_passwd_script = """#!/bin/sh
 echo "htpasswd $@" > %s/monitor-htpasswd
 """ % self.base_dir
+    self.monitor_https_cors = os.path.join(self.base_dir, 'httpd-cors-template.cfg.in')
    self.parameter_dict = {
      "cors-domain": 
        {
@@ -74,6 +75,9 @@ echo "htpasswd $@" > %s/monitor-htpasswd
    self.writeContent("%s/content" % self.base_dir, self.file_content)
    self.writeContent("%s/.httpd_pwd_real" % self.base_dir, self.httpd_passwd)
    self.writeContent(self.httpd_passwd_bin, self.httpd_passwd_script)
+    self.writeContent(self.monitor_https_cors, '{% set allow_domain = "|".join(domain.replace(".", "\.").split()) -%}\n'
+                                               'SetEnvIf Origin "^http(s)?://(.+\.)?({{ allow_domain }})$" ORIGIN_DOMAIN=$0\n'
+                                               'Header always set Access-Control-Allow-Origin "%{ORIGIN_DOMAIN}e" env=ORIGIN_DOMAIN')
    os.chmod(self.httpd_passwd_bin, 0755)

  def tearDown(self):
@@ -91,8 +95,8 @@ echo "htpasswd $@" > %s/monitor-htpasswd
        cors_string += '|'
      cors_string += re.escape(domain)

-    cors_string = 'SetEnvIf Origin "^http(s)?://(.+\.)?(%s)$" origin_is=$0\n' % cors_string
-    cors_string += 'Header always set Access-Control-Allow-Origin %{origin_is}e env=origin_is'
+    cors_string = 'SetEnvIf Origin "^http(s)?://(.+\.)?(%s)$" ORIGIN_DOMAIN=$0\n' % cors_string
+    cors_string += 'Header always set Access-Control-Allow-Origin "%{ORIGIN_DOMAIN}e" env=ORIGIN_DOMAIN'
    return cors_string

  def check_config(self):
@@ -140,7 +144,8 @@ echo "htpasswd $@" > %s/monitor-htpasswd
    instance = MonitorConfigWrite(
      self.config_path,
      self.httpd_passwd_bin,
-      cfg_output)
+      cfg_output,
+      self.monitor_https_cors)

    result = instance.applyConfigChanges()
    self.assertTrue(os.path.exists(cfg_output))
@@ -179,7 +184,8 @@ echo "htpasswd $@" > %s/monitor-htpasswd
    instance = MonitorConfigWrite(
      self.config_path,
      self.httpd_passwd_bin,
-      cfg_output)
+      cfg_output,
+      self.monitor_https_cors)

    result = instance.applyConfigChanges()
    self.assertTrue(os.path.exists(cfg_output))