require 'ostruct' require 'yaml' # A Rack middleware application that creates a single configuration for Helix Web # Services. # # Most web services are modular Sinatra applications, which does come with it's # own settings mechanism. We should try to avoid those settings in most cases. # Perhaps only if those settings are only relevant to the logic directly # within the Sinatra app. # # Many other settings, like the port setting of the associated Helix Versioning # Engine, should be exposed and overridable by the client application. These # settings should be defined here. # # This class provides middleware that will inject an `hws_settings` object into # each request. This `hws_settings` object is seeded by values declared on this # class. When the system starts, our system config file is read in, and default # system values are overridden. On any request, these settings can be # overridden by the user. # # Additionally, there are "system" settings that are only overridable from the # system config file. Client classes should reference this class directly: # HWSSettings.system. # # ## Naming Conventions # # Use uppercase letters, numbers, or underscores only. # # ## HTTP Header Override Syntax # # We allow per-request overrides of settings via HTTP headers. # # The key format of the custom setting is: # # `X-PERFORCE-HELIX_WEB_SERVICES-{key}` # # For example: # # X-PERFORCE-HELIX_WEB_SERVICES-P4HOST: perforce.mycompany.com # X-PERFORCE-HELIX_WEB_SERVICES-P4CHARSET: auto # # Please note that headers will be converted by Rack to all uppercase, hence # our naming conventions. # # ## System Config File # # The system configuration is stored in the # `/etc/perforce/helix_web_services.conf` file. This is a YAML # file, and we override any locally defined variables with values found in # this file. ()If you specify a value in this file we do not locally define, # we ignore it.) # # Example values in /etc/perforce/helix_web_services.conf: # # P4HOST: 'perforce.mycompany.com' # P4PORT: '9991' # # class HWSSettings SYSTEM_CONFIG_PATH = '/etc/perforce/helix_web_services.conf' @settings = OpenStruct.new( # The .git-fusion depot name :GIT_FUSION_DEPOT => '.git-fusion', # If set, the HVEProjects class will use this path to locate projects # in the system. :HVE_PROJECTS_PATH => nil, # The current API level used to interact with the Perforce server :P4APILEVEL => '78', # The hostname of the p4d (Helix Versioning Engine) instance :P4HOST => nil, # The port of the p4d (Helix Versioning Engine) instance :P4PORT => '1666', # The charset setting to use when connecting to the p4d instance :P4CHARSET => 'auto' ) @system = OpenStruct.new( # Allow the indicated commands to be used in the # /helix_verdsioning_engine/v1/commands methods # Each entry is either a string (the command name) or an Array of command # and required arguments. :COMMAND_WHITELIST => ['info', ['files', '-m']], # Set this to true to use helix cloud as the authentication source. :ENABLE_HELIX_CLOUD_AUTH => false, # Enable Helix Cloud project helpers. :ENABLE_HELIX_CLOUD_PROJECTS => false, # The local file location that defines where services are located :SERVICE_CONFIGURATION => '/etc/perforce/services.json', # Use this working directory for temporary workspaces (typically for making submits) :WORKSPACE_DIR => '/var/lib/perforce/helix_web_services/workspaces' ) class << self # Returns baseline settings with system overrides applied. # # This is a copy of state. If you want to alter the default settings in # code instead of via config files, use the `settings_handle` def settings s = OpenStruct.new(@settings) s.each_pair do |key, _| if overrides.respond_to?(key) s[key] = overrides[key] end end s end # You can tweak the default settings directly here in code. def settings_handle @settings end # Returns our system settings overridden by local configuration in overrides. # # This is a *copy* of the class system settings, suitable for editing and # passing on. # # See the official guide for declared options. def system s = OpenStruct.new(@system) s.each_pair do |key, _| if overrides.respond_to?(key) s[key] = overrides[key] end end s end # In case your code wants to edit the system classes directly. Typically # used for test initialization. def system_handle @system end # Return the system overrides in our system configuration file. def overrides return @overrides ||= init_overrides end private def init_overrides if File.exists?(SYSTEM_CONFIG_PATH) OpenStruct.new(YAML.load_file(SYSTEM_CONFIG_PATH)) end end end def initialize(app) @app = app end def call(env) hws_settings = self.class.settings env.each do |key, value| match = /^HTTP_X_PERFORCE_HELIX_WEB_SERVICES_(.*)$/.match(key) if match hws_settings[match[1]] = value end end env['hws_settings'] = hws_settings @app.call(env) end end
# | Change | User | Description | Committed | |
---|---|---|---|---|---|
#21 | 17271 | tjuricek | Remove deprecated Ruby implementation. | ||
#20 | 17127 | tjuricek | Change default configuration to not include regex-like delimiters. | ||
#19 | 17122 | tjuricek |
Add an optional human-readable description for submits via Helix Sync. P4WEBAPI-165 |
||
#18 | 17109 | tjuricek | Sorting configuration options alphabetically | ||
#17 | 17108 | ptomiak |
Changes to enable automatic trusts. Implement a setting switch to automatically any new p4d we are talking to - mainly for GitSwarm. If a user will try to authenticate aganist a p4d we never saw before the fingerprint will be automatically accepted and login will carry on as usual. Added doc's section. |
||
#16 | 16332 | tjuricek |
Update documentation for new configuration, deployment. Also, fix default location for hws_console. |
||
#15 | 16316 | tjuricek | Add 'group' setting (which can be nulled) to set the privileges on the installed unicorn config | ||
#14 | 16312 | tjuricek | Use local self-signed cert instead of grabbing distribution-specific default certs. | ||
#13 | 16310 | tjuricek | Fix default path to nginx generated via omnibus | ||
#12 | 16285 | tjuricek |
Deploy/install improvements - Include nginx in Omnibus distribution, do not conflict with system nginx install - Use old-school sysvinit scripts - Create 'hws_launch' wrapper to initiate nginx and unicorn, which also reads system config file for settings |
||
#11 | 16167 | tjuricek |
Use the '-x' flag on a specific client to obtain a "lock" before submitting files. Also using the lock on typically generated temporary clients just in case. |
||
#10 | 16095 | tjuricek | Shorten /helix_versioning_engine URLs to /p4 | ||
#9 | 16090 | tjuricek |
Rename ENABLE_AUTOMATIC_TRUST to ENABLE_MAN_IN_MIDDLE_ATTACKS and remove documentation. Only use this option for allowing developers to regenerate fingerprints on their own p4ds. |
||
#8 | 16076 | tjuricek |
Use a TRUST_FINGERPRINTS file to decide which p4 trust fingerprints to accept. If we receive a request that is *not* in this file, and this setting is used, we reject it. This is our recommendation for production servers. The ENABLE_AUTOMATIC_TRUST is only to be used for testing servers. We need this because of a high-cost of the Qt test framework. Revised upon request of Alan Teague and Doug Scheirer. |
||
#7 | 16072 | tjuricek |
Helix Cloud integration for Helix Sync services. This includes a "mock_raymond" rails application for keeping tabs on basic integration with Helix Cloud. We do not test against a live server. See integration history for more details. |
||
#6 | 15969 | tjuricek |
Add support for repo creation/update and deletion, same for SSH keys. Add util module for supporting methods, modify temp client to dissapear. (Modified submit of review 15549 by @ptomiak) |
||
#5 | 15873 | tjuricek |
Added automatic calls to trust remote servers, if enabled in the system. It's enabled by default, but can be disabled for admins that do not want it. The p4trust file is moved somewhere writable by us. Also, disabling the p4enviro cache. |
||
#4 | 15757 | tjuricek |
Add resolve implementation for submitting from shelves for Helix Sync Includes additional concepts for creating a "helix sync shelf client" vs a "helix sync device client". It's expected that there's basically one shelf client per user per project. The "device" client is an additional client per user per project per machine. The HWS services will submit via the "shelf client". The resolve implementation remains untested at the moment in order to get the client changes in the hands of Helix Sync developers. |
||
#3 | 15700 | tjuricek | Allow custom scripts to be loaded into the process in order to modify HWS or add some functionality. | ||
#2 | 15698 | tjuricek |
Added a /helix_versioning_engine/v[api]/login method This is used by the Helix Sync client to differentiate the auth source of HWS from that of P4D (to be used for projects). |
||
#1 | 15622 | tjuricek |
Move source code to 'source/' subdirectory of branch. build/ will remain where it is. |
||
//guest/perforce_software/helix-web-services/main/helix_web_services/lib/hws_settings.rb | |||||
#9 | 15545 | tjuricek | Place in config and hooks for Helix Cloud authentication. | ||
#8 | 15512 | tjuricek | Fix issues where system overrides would not always override some of the local settings. | ||
#7 | 15437 | tjuricek |
Basic "HVE Project" implementation. This will allow directories in a HVE instance to host 'projects' for use by helix sync. There are no methods defined for creating the projects, however. This does not include any specialization or testing in the Qt API yet. I may investigate creating a "higher level" interface for Qt client apps. |
||
#6 | 15297 | tjuricek |
Implement of 'cluster services' configuration. The configuration will be stored in a local JSON file, which is expected to be maintained by the systems admin. Eventually, it's expected to have this sort of thing implemented via Helix Admin. |
||
#5 | 15243 | tjuricek |
Example implementation of Git Fusion repo listing. Seems to work given a wee bit of manual poking against perforce:1666 |
||
#4 | 15222 | tjuricek |
Revise server specs testing and documentation. Note: also fixed issues with setting P4PORT via headers. For whatever reason, the host setting doesn't seem to work like I expect it to, though P4PORT works just fine. |
||
#3 | 15208 | tjuricek |
Revise 'command' implementation, tests, and documentaiton. This includes a change from a command blacklist to a whitelist. See P4WEBAPI-21 |
||
#2 | 15110 | tjuricek | Revise changes methods for new p4 connection handling, add server specs, remove model references in client, and update asciidoc documentation. | ||
#1 | 15032 | tjuricek |
Starting config and doc revisions. System is now broken while revisions underway. Configuration of the p4d connection is now done via a single HWSSettings middleware object injected into the Rack env. The HWSP4Cleanup middleware now cleans up any p4 injected into the Rack env. The Auth::App class now mostly just contains one method to generate a p4 ticket. /auth/v1/login. Added yard documentation for the main project. Yard docs have been reconfigured to dump into build/ directories. This should probably be done with each release. Hm... The top level rake file contains a task, 'all:doc', to update our documentation. This should probably be run for each checkin. Hm... Specs are now using Rack::Test on top of a 'live' p4d. I'd suggest you still use the p4util mechanism, which now dumps to a /tmp folder, so we can safely add P4IGNORE rules back into your local .p4config file. Old 'perforce' application now called 'helix_versioning_engine'. Removing cache data. Helix Sync may be slow. It may also get axed. We'll see. |