From 9f222725d1a52f7fe2dde202466293bcf083a921 Mon Sep 17 00:00:00 2001 From: Ryan Cavicchioni Date: Wed, 4 Sep 2024 15:23:53 -0500 Subject: [PATCH 1/5] Add json() helper --- app.rb | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/app.rb b/app.rb index c0fb7b0..3935d80 100644 --- a/app.rb +++ b/app.rb @@ -209,6 +209,16 @@ before do request.session_options[:skip] = !request.path_info.start_with?("/session") end +helpers do + def json(obj, opts: nil, pretty: false) + if pretty + JSON.pretty_generate obj, opts: + else + JSON.generate(obj, opts:) + end + end +end + get "/" do "hello there!\n" end From 6f4b7335f8fc68165386eb0551ae5f34df0d68a4 Mon Sep 17 00:00:00 2001 From: Ryan Cavicchioni Date: Wed, 4 Sep 2024 15:24:12 -0500 Subject: [PATCH 2/5] Add HTTP basic authentication endpoint --- app.rb | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/app.rb b/app.rb index 3935d80..cfe5f33 100644 --- a/app.rb +++ b/app.rb @@ -217,6 +217,25 @@ helpers do JSON.generate(obj, opts:) end end + + def protected! hidden = false + return if authorized? + + if hidden + halt 404, "Not Found" + else + headers["WWW-Authenticate"] = 'Basic realm="Restricted Area"' + halt 401, "Unauthorized" + end + end + + def authorized? + @auth ||= Rack::Auth::Basic::Request.new(request.env) + @auth.provided? and + @auth.basic? and + @auth.credentials and + @auth.credentials == ["qwer", "asdf"] + end end get "/" do @@ -382,3 +401,15 @@ get "/chunked/:delay" do out << "Hello, world!\n" end end + +route :delete, :get, :patch, :post, :put, "/auth/basic", provides: "json" do + pretty = params.key? :pretty + + if params.key? :hidden + protected! hidden: true + else + protected! + end + + json({authenticated: true, user: @auth.username}, pretty:) +end From 059ed648051ea1b0a90e7c253c500fb59223a04f Mon Sep 17 00:00:00 2001 From: Ryan Cavicchioni Date: Wed, 4 Sep 2024 17:07:52 -0500 Subject: [PATCH 3/5] Use the new json() helper --- app.rb | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/app.rb b/app.rb index cfe5f33..8f06463 100644 --- a/app.rb +++ b/app.rb @@ -1,6 +1,5 @@ require "bundler/setup" require "sinatra" -require "sinatra/json" require "sinatra/cookies" require "sinatra/multi_route" require "time" @@ -243,18 +242,16 @@ get "/" do end get "/env", provides: "json" do - content_type :json + pretty = params.key? :pretty - return JSON.pretty_generate ENV.sort.to_h if params.key? "pretty" - - JSON.generate ENV.sort.to_h + json ENV.sort.to_h, pretty: end get "/headers", provides: "json" do + pretty = params.key? :pretty h = req_headers - return JSON.pretty_generate h if params.key? "pretty" - JSON.generate h + json h, pretty: end get "/livez" do @@ -268,6 +265,7 @@ end get "/livez/uptime" do tt = TickTock.new x = {started_at: tt.started_at, seconds: tt.uptime.to_i, human: human_time(tt.uptime.to_i)} + json x end @@ -330,7 +328,9 @@ post "/halt" do end get "/pid" do - JSON.generate({puma: master_pid, pid: Process.pid}) + pretty = params.key? :pretty + + json({puma: master_pid, pid: Process.pid}, pretty:) end get "/token" do @@ -339,23 +339,27 @@ get "/token" do expires_at = Time.at(exp).to_datetime token = JWT.encode payload, JWT_SECRET, "HS256" x = {token: token, expires_at: expires_at} + json x end get "/token/validate" do token = req_headers["authorization"].split[1] payload = JWT.decode token, JWT_SECRET, true, algorithm: "HS256" + json payload end post "/session" do session.merge! params + json session.to_hash end get "/session" do j = session.to_hash j[:hostname] = ENV["HOSTNAME"] + json j end From 631c2bdcf39c61cd7d49b89540b55e3d65b1b51c Mon Sep 17 00:00:00 2001 From: Ryan Cavicchioni Date: Tue, 28 Jan 2025 01:19:02 -0600 Subject: [PATCH 4/5] add metadata.name to Kustomization --- kustomize/kustomization.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/kustomize/kustomization.yaml b/kustomize/kustomization.yaml index 8d629be..92e5180 100644 --- a/kustomize/kustomization.yaml +++ b/kustomize/kustomization.yaml @@ -1,6 +1,8 @@ --- apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +metadata: + name: kipunji namespace: kipunji resources: - namespace.yaml From d1dc57f15a66e95d3265d92bb3b4d5a737f56e2b Mon Sep 17 00:00:00 2001 From: Ryan Cavicchioni Date: Thu, 6 Feb 2025 23:24:36 -0600 Subject: [PATCH 5/5] convert rollout to deployment --- kustomize/app/{rollout.yaml => deployment.yaml} | 16 ++-------------- kustomize/app/kustomization.yaml | 2 +- 2 files changed, 3 insertions(+), 15 deletions(-) rename kustomize/app/{rollout.yaml => deployment.yaml} (77%) diff --git a/kustomize/app/rollout.yaml b/kustomize/app/deployment.yaml similarity index 77% rename from kustomize/app/rollout.yaml rename to kustomize/app/deployment.yaml index 33ecea8..4401acd 100644 --- a/kustomize/app/rollout.yaml +++ b/kustomize/app/deployment.yaml @@ -1,24 +1,12 @@ --- -apiVersion: argoproj.io/v1alpha1 -kind: Rollout +apiVersion: v1 +kind: Service metadata: name: kipunji annotations: reloader.stakater.com/auto: "true" spec: replicas: 5 - strategy: - canary: - steps: - - setWeight: 20 - - pause: {} - - setWeight: 40 - - pause: {duration: 10} - - setWeight: 60 - - pause: {duration: 10} - - setWeight: 80 - - pause: {duration: 10} - revisionHistoryLimit: 2 selector: matchLabels: app: kipunji diff --git a/kustomize/app/kustomization.yaml b/kustomize/app/kustomization.yaml index 1d024f9..70d5e6d 100644 --- a/kustomize/app/kustomization.yaml +++ b/kustomize/app/kustomization.yaml @@ -5,6 +5,6 @@ namespace: kipunji resources: - secret.yaml - configmap.yaml - - rollout.yaml + - deployment.yaml - services.yaml - ingress.yaml