From 57be1e3726821905d4558b203c2374591df506b3 Mon Sep 17 00:00:00 2001 From: "Eric D. Helms" Date: Thu, 9 Jan 2025 15:43:58 -0500 Subject: [PATCH] Fixes #38304 - Add loadbalancer support Signed-off-by: Eric D. Helms --- .../container_gateway.rb | 3 +- .../container_gateway_api.rb | 10 +++--- .../container_gateway_main.rb | 7 ++-- test/container_gateway_api_test.rb | 34 +++++++++++++++++++ 4 files changed, 47 insertions(+), 7 deletions(-) diff --git a/lib/smart_proxy_container_gateway/container_gateway.rb b/lib/smart_proxy_container_gateway/container_gateway.rb index c362256..49ab1d1 100644 --- a/lib/smart_proxy_container_gateway/container_gateway.rb +++ b/lib/smart_proxy_container_gateway/container_gateway.rb @@ -41,7 +41,8 @@ class Plugin < ::Proxy::Plugin container_instance.singleton_dependency :container_gateway_main_impl, (lambda do Proxy::ContainerGateway::ContainerGatewayMain.new( database: container_instance.get_dependency(:database_impl), - **settings.slice(:pulp_endpoint, :pulp_client_ssl_ca, :pulp_client_ssl_cert, :pulp_client_ssl_key) + **settings.slice(:pulp_endpoint, :pulp_client_ssl_ca, :pulp_client_ssl_cert, + :pulp_client_ssl_key, :client_endpoint) ) end) end diff --git a/lib/smart_proxy_container_gateway/container_gateway_api.rb b/lib/smart_proxy_container_gateway/container_gateway_api.rb index a314cda..e19f1aa 100644 --- a/lib/smart_proxy_container_gateway/container_gateway_api.rb +++ b/lib/smart_proxy_container_gateway/container_gateway_api.rb @@ -46,8 +46,9 @@ class Api < ::Sinatra::Base status pulp_response.code.to_i body pulp_response.body else - redirection_location = pulp_response['location'] - redirect to(redirection_location) + redirection_uri = URI(pulp_response['location']) + redirection_uri.host = URI(container_gateway_main.client_endpoint).host + redirect(redirection_uri.to_s) end end @@ -236,8 +237,9 @@ def head_or_get_blobs status pulp_response.code.to_i body pulp_response.body else - redirection_location = pulp_response['location'] - redirect to(redirection_location) + redirection_uri = URI(pulp_response['location']) + redirection_uri.host = URI(container_gateway_main.client_endpoint).host + redirect(redirection_uri.to_s) end end diff --git a/lib/smart_proxy_container_gateway/container_gateway_main.rb b/lib/smart_proxy_container_gateway/container_gateway_main.rb index 0e10165..2b498dd 100644 --- a/lib/smart_proxy_container_gateway/container_gateway_main.rb +++ b/lib/smart_proxy_container_gateway/container_gateway_main.rb @@ -9,17 +9,20 @@ module ContainerGateway extend ::Proxy::Log class ContainerGatewayMain - attr_reader :database + attr_reader :database, :client_endpoint - def initialize(database:, pulp_endpoint:, pulp_client_ssl_ca:, pulp_client_ssl_cert:, pulp_client_ssl_key:) + # rubocop:disable Metrics/ParameterLists, Layout/LineLength + def initialize(database:, pulp_endpoint:, pulp_client_ssl_ca:, pulp_client_ssl_cert:, pulp_client_ssl_key:, client_endpoint: nil) @database = database @pulp_endpoint = pulp_endpoint + @client_endpoint = client_endpoint || pulp_endpoint @pulp_client_ssl_ca = pulp_client_ssl_ca @pulp_client_ssl_cert = OpenSSL::X509::Certificate.new(File.read(pulp_client_ssl_cert)) @pulp_client_ssl_key = OpenSSL::PKey::RSA.new( File.read(pulp_client_ssl_key) ) end + # rubocop:enable Metrics/ParameterLists, Layout/LineLength def pulp_registry_request(uri, headers) http_client = Net::HTTP.new(uri.host, uri.port) diff --git a/test/container_gateway_api_test.rb b/test/container_gateway_api_test.rb index a6e121c..a80af2b 100644 --- a/test/container_gateway_api_test.rb +++ b/test/container_gateway_api_test.rb @@ -120,6 +120,24 @@ def test_redirects_manifest_request assert_equal('', last_response.body) end + def test_redirects_manifest_request_with_client_endpoint + ::Proxy::ContainerGateway::Api.any_instance.expects(:handle_repo_auth).returns({}) + @container_gateway_main.stubs(:client_endpoint).returns("https://loadbalancer.example.com") + + redirect_headers = { + 'location' => "#{::Proxy::ContainerGateway::Plugin.settings.pulp_endpoint}" \ + "/pulp/container/library/test_repo/manifests/test_tag?validate_token=test_token" + } + stub_request(:get, "#{::Proxy::ContainerGateway::Plugin.settings.pulp_endpoint}" \ + "/pulpcore_registry/v2/library/test_repo/manifests/test_tag"). + to_return(:status => 302, :body => '', :headers => redirect_headers) + + get '/v2/library/test_repo/manifests/test_tag' + assert last_response.redirect?, "Last response was not a redirect: #{last_response.body}" + assert_equal('', last_response.body) + assert last_response.headers['Location'].include?("https://loadbalancer.example.com") + end + def test_redirects_blob_request ::Proxy::ContainerGateway::Api.any_instance.expects(:handle_repo_auth).returns({}) redirect_headers = { 'location' => "#{::Proxy::ContainerGateway::Plugin.settings.pulp_endpoint}" \ @@ -133,6 +151,22 @@ def test_redirects_blob_request assert_equal('', last_response.body) end + def test_redirects_blob_request_with_client_endpoint + ::Proxy::ContainerGateway::Api.any_instance.expects(:handle_repo_auth).returns({}) + @container_gateway_main.stubs(:client_endpoint).returns("https://loadbalancer.example.com") + + redirect_headers = { 'location' => "#{::Proxy::ContainerGateway::Plugin.settings.pulp_endpoint}" \ + "/pulp/container/library/test_repo/blobs/test_digest?validate_token=test_token" } + stub_request(:get, "#{::Proxy::ContainerGateway::Plugin.settings.pulp_endpoint}" \ + "/pulpcore_registry/v2/library/test_repo/blobs/test_digest"). + to_return(:status => 302, :body => '', :headers => redirect_headers) + + get '/v2/library/test_repo/blobs/test_digest' + assert last_response.redirect?, "Last response was not a redirect: #{last_response.body}" + assert_equal('', last_response.body) + assert last_response.headers['Location'].include?("https://loadbalancer.example.com") + end + def test_redirects_blob_head_request ::Proxy::ContainerGateway::Api.any_instance.expects(:handle_repo_auth).returns({}) redirect_headers = { 'location' => "#{::Proxy::ContainerGateway::Plugin.settings.pulp_endpoint}" \