xCAT/confluent
2
0
Fork 0
mirror of https://github.com/xcat2/confluent.git synced 2024-11-22 17:43:14 +00:00
Code Issues Projects Releases Wiki Activity
849 Commits 39 Branches 63 Tags 18 MiB
ecc6bcf96c
Commit Graph

849 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jarrod Johnson
ecc6bcf96c Add the util to the setup.py 
Previously packaging was missing the new utility
 2017-02-15 10:46:27 -05:00
Jarrod Johnson
6ad383c6ad Assure deterministic enumeration of areas 
nodegroup must be restored first.
 2017-02-15 10:46:27 -05:00
Jarrod Johnson
446d2270c9 Give a friendlier message on restore of redact DB 
A redacted dump will not have a keys.json file, which
is natural.  Replace 'file not found' with a message
indicating the possibility of a redacted dump.
 2017-02-15 10:46:27 -05:00
Jarrod Johnson
5395f97a21 Do not write out keys when redacting 
It's silly to store keys when redact is requested
 2017-02-15 10:46:27 -05:00
Jarrod Johnson
04781e0ece Actually hook up the redact feature 2017-02-15 10:46:27 -05:00
Jarrod Johnson
9bd0b7af9d Make confluentdbutil executable 2017-02-15 10:46:27 -05:00
Jarrod Johnson
ae806e55b0 Add a utility to frontend DB dump/restore 
This exposes the library functions as a utility
 2017-02-15 10:46:26 -05:00
Jarrod Johnson
393ea41696 Implement restore from db 
This provides at least restore for the primary tenant (the only tenant currently used by anyone)
 2017-02-15 10:46:26 -05:00
Jarrod Johnson
b87cb87c2a Flesh out the restoration of the master keys 
With this commit, the key portion of import should be complete.
 2017-02-15 10:46:26 -05:00
Jarrod Johnson
a91d7047b2 Start work on a db restore 
Start by parsing the previously dumped key data, since the key data requires special handling.
 2017-02-15 10:46:26 -05:00
Jarrod Johnson
638842beec Fix no password backup 
If password=None was supplied, it would fail.  Now accomodate unprotected keys.
 2017-02-15 10:46:26 -05:00
Jarrod Johnson
15c84e8a9b Modify setup.py.tmpl to be adaptive 
This should prevent forgetting to add content to
setup.py moving forward.
 2017-01-27 15:23:16 -05:00
Jarrod Johnson
1028f1cb60 Have nodeboot be executable 2017-01-27 14:48:09 -05:00
Jarrod Johnson
f245680732 Rename nodeboot.py to nodeboot 
No point in having '.py' extensions
 2017-01-27 14:29:55 -05:00
Jarrod Johnson
6007a923a9 Merge pull request #63 from aduffy19/master 
update power menu
 2017-01-27 14:28:45 -05:00
Amanda Duffy
36bc81448e Fix missing ] and add entries to printed menu 2017-01-27 14:25:42 -05:00
Jarrod Johnson
612350ca65 Provide for a terminal session to process normal commands 
If it is not one of the 'special' terminal ones, assume it's a normal one.  Recurse into
the process request to handle it as a separate request.
 2017-01-27 14:18:22 -05:00
Amanda Duffy
8599485d56 Merge remote-tracking branch 'origin/master' 2017-01-27 13:44:37 -05:00
Amanda Duffy
fdf74dbf11 Add power options for console commands 2017-01-27 13:44:12 -05:00
Jarrod Johnson
bc5efa8a7e Try restarting confluent if running on update 
This mitigates chance of confluent being stale.
 2017-01-20 15:50:12 -05:00
Jarrod Johnson
486c322233 Have binding network sockets occur in a retry loop 
There seems to be scenarios where a previously used socket won't open up immediately.  Retry when
this is detected.
 2017-01-17 13:59:22 -05:00
Jarrod Johnson
548e4404ce Fix confluent startup error if dead 
Clean up stale dbg.sock if present rather than fail to start.  Also, if the pid indicated in pid file doesn't exist, ignore
the pidfile contents.
 2017-01-06 13:43:02 -05:00
Jarrod Johnson
99e97fe5c4 Add the noderun command to the manifest 
The noderun command was not being packaged.  Correct the
oversight so that it will be in packages.
 2017-01-06 13:29:25 -05:00
Jarrod Johnson
8c13e738c0 Make usage/help more consistent across the commands 
Have every client command run argparse to get a chance at '-h'.  When
lacking arguments, always use print_help() to provide detail rather than usage.
 2017-01-06 13:28:28 -05:00
Jarrod Johnson
5ffc2c298b Correct mixup of parentheses and brackets 2017-01-04 09:56:31 -05:00
Jarrod Johnson
7bf8242aba Assign self.ipmicmd in case we are reusing an existing object that is already logged. 2017-01-04 09:45:19 -05:00
Jarrod Johnson
b3c28ad33e Defer assigning of self.ipmicmd until login 
Wait until logged in to assign.  This way we have confirmation that ipmicmd is viable before trying to use it.
 2017-01-04 09:17:07 -05:00
Jarrod Johnson
e7bdb5ee7d Defer TLS key handler registration 
Wait until the object is logged in before trying to set
the key handler.  It carries some prerequisite on talking
to the BMC, so it is better handled in the logged handler.
 2017-01-03 16:00:27 -05:00
Amanda Duffy
bdde7e719d Provide a command, nodeboot, to combine setboot and power commands. 2016-12-02 15:06:33 -05:00
Jarrod Johnson
8eef064b9f Provide more useful error on socket error 
If a socket error occurred that wasn't -2, the client would get an error
about KeyError, which wouldn't be helpful.  raise the unhandled exception
to provide more informative data in case of an issue.
 2016-12-02 10:35:24 -05:00
Jarrod Johnson
cb8cd29022 Add two more man page sources 2016-12-01 16:37:50 -05:00
Jarrod Johnson
c016c55340 Add HTTP/1.0 cache suppression 
There is not a single client that will ever talk
to this service that would not support HTTP/1.1.
However, do this to satisfy a scanner.
 2016-11-30 11:42:50 -05:00
Jarrod Johnson
d2156f3d67 Move the anti-referrer login to only logout 
This has no functional difference, just a cosmetic
difference that does not give the erroneous impression
a logout actually occurred.  This does mean that if a browser
disables cookies and uses the api explorer, there would
be an opportunity for a CSRF.
 2016-11-30 10:15:44 -05:00
Jarrod Johnson
bf8dff90f3 Provide CSRF protection to logout resource 
Though more annoying than harmful, guard against CSRF succeeding
against the logout resource.
 2016-11-30 10:04:25 -05:00
Jarrod Johnson
004d40e7ca Implement more CSRF countermeasures 
At some expense of convenience, make it difficult
for CSRF to succeed even against the API explorer
for most people.  User/Password will now only be
accepted on hitting enter in the address bar rather
than following any link.
 2016-11-30 09:57:58 -05:00
Jarrod Johnson
ac084b212e Merge branch 'nodeexec' 2016-11-29 10:50:32 -05:00
Jarrod Johnson
7557136d5d Add a number of security headers 
There are a number of headers security scanners expect.
Explicitly declare how strict browser should be with
responses.
 2016-11-29 10:49:02 -05:00
Amanda Duffy
aeb0b5bb24 Provide a command, nodeboot, to combine setboot and power commands. 2016-11-08 15:15:14 -05:00
Jarrod Johnson
70762d3f6c Undo accidental change to nodesetboot 2016-11-08 14:51:57 -05:00
Jarrod Johnson
eeb668bdfa Correct formatting page in nodesensors man page 2016-11-08 14:50:10 -05:00
Jarrod Johnson
61bd415ec4 Make confluent depend on python-dns 
Fedora and family naming convention removes
'python' from the 'dnspython' name.  Work
within that standard to improve compatibility
with epel and such.
 2016-11-07 14:07:12 -05:00
Jarrod Johnson
107337fdba Merge branch 'master' of github.com:jjohnson42/confluent 2016-11-07 10:19:41 -05:00
Jarrod Johnson
eb02247a58 Fix consistency of sessionid 
Regardless of whether the client uses it as a session id
or not, the fact remains a sessionid is assigned.
Pass the session id in the auth data even if the client
did not send it.
 2016-11-07 10:18:32 -05:00
Jarrod Johnson
53904a2a5a Revert "Remove 'path' condition for session cookie" 
This reverts commit 0ad4ae90c9.
 2016-11-01 13:45:33 -04:00
Jarrod Johnson
5881ad8b68 Support sub-second interval 
If a user requests an interval that is not a whole
number, begin honoring it and adjust the timestamp
precision to indicate milliseconds.  Do not bother
with milliseconds on whole number intervals.
 2016-10-25 14:38:31 -04:00
Jarrod Johnson
e0211fd8d8 Merge branch 'avoidrecursereplay' 2016-10-25 14:38:04 -04:00
Jarrod Johnson
0ad4ae90c9 Remove 'path' condition for session cookie 
The cookie had an unnecessary limitation.  path need not be specified,
and it is possible for a client to request in a way that fails the criteria.
 2016-10-21 09:56:14 -04:00
Jarrod Johnson
6f9bdf4a7c Create multiple files on roll conflict 
Rather than removing the previous file, append a digit
to denote extra log files sharing the same roll date.
 2016-10-18 11:28:47 -04:00
Jarrod Johnson
4eaab9db37 Avoid inifinite replay loop on bad previouslogfile 
If circumstances result in a log file after rollover
pointing at itself, break out rather than looping trying
to get the same data from itself.
 2016-10-18 11:18:57 -04:00
Jarrod Johnson
92fa2bf4d9 Add a number of security headers 
There are a number of headers security scanners expect.
Explicitly declare how strict browser should be with
responses.
 2016-10-13 11:08:05 -04:00