diff --git a/CHANGES/1550.bugfix b/CHANGES/1550.bugfix new file mode 100644 index 000000000..f3554617a --- /dev/null +++ b/CHANGES/1550.bugfix @@ -0,0 +1 @@ +Pulp Container specific settings are now properly validated at startup of a Pulp instance. diff --git a/pulp_container/app/dynaconf_hooks.py b/pulp_container/app/dynaconf_hooks.py new file mode 100644 index 000000000..d8c69f99e --- /dev/null +++ b/pulp_container/app/dynaconf_hooks.py @@ -0,0 +1,36 @@ +from dynaconf import Validator + + +token_auth_disabled_validator = Validator("TOKEN_AUTH_DISABLED", eq=True) +token_server_validator = Validator("TOKEN_SERVER", must_exist=True) +token_signature_algorithm_validator = Validator("TOKEN_SIGNATURE_ALGORITHM", must_exist=True) +public_key_path_validator = Validator("PUBLIC_KEY_PATH", must_exist=True) +private_key_path_validator = Validator("PRIVATE_KEY_PATH", must_exist=True) + + +def post(settings) -> dict: + """ + Post load hook for Pulp settings to validate Container-specific variables. + """ + raise Exception( + "TAD: " + str(settings["TOKEN_AUTH_DISABLED"]) + + " TS: " + str(settings["TOKEN_SERVER"]) + + " TSA: " + str(settings["TOKEN_SIGNATURE_ALGORITHM"]) + + " PuKP: " + str(settings["PUBLIC_KEY_PATH"]) + + " PrKP: " + str(settings["PRIVATE_KEY_PATH"]) + ) + + container_settings_validator = token_auth_disabled_validator | ( + token_server_validator + & token_signature_algorithm_validator + & public_key_path_validator + & private_key_path_validator + ) + container_settings_validator.messages["combined"] = ( + "When token authentification is enabled ('TOKEN_AUTH_DISABLED=False'), all of the " + "following settings variables must be set: 'TOKEN_SERVER', 'TOKEN_SIGNATURE_ALGORITHM', " + "'PUBLIC_KEY_PATH', 'PRIVATE_KEY_PATH'. Please check your Pulp config file." + ) + container_settings_validator.validate(settings) + + return {}