Validate settings before running Pulp instance

When token authentization is enabled, 4 additional variables have to be set. The state of these variables is now checked, while properly informing the user, instead of relying on exceptions raised later during the instance's run. closes #1550
pulp · Jun 24, 2024 · 4fb8bc6 · 4fb8bc6
1 parent ce05037
commit 4fb8bc6
Showing 1 changed file with 29 additions and 0 deletions.
diff --git a/pulp_container/app/dynaconf_hooks.py b/pulp_container/app/dynaconf_hooks.py
@@ -0,0 +1,29 @@
+from dynaconf import Validator
+
+
+token_auth_enabled_validator = Validator("TOKEN_AUTH_DISABLED", eq=True)
+token_server_validator = Validator("TOKEN_SERVER", must_exist=True)
+token_signature_algorithm_validator = Validator("TOKEN_SIGNATURE_ALGORITHM", must_exist=True)
+public_key_path_validator = Validator("PUBLIC_KEY_PATH", must_exist=True)
+private_key_path_validator = Validator("PRIVATE_KEY_PATH", must_exist=True)
+
+
+def post(settings) -> dict:
+    """
+    Post load hook for Pulp settings to validate Container-specific variables.
+    """
+
+    container_settings_validator = token_auth_enabled_validator | (
+        token_server_validator
+        & token_signature_algorithm_validator
+        & public_key_path_validator
+        & private_key_path_validator
+    )
+    container_settings_validator.messages["combined"] = (
+        "When token authentification is enabled ('TOKEN_AUTH_DISABLED=False'), all of the "
+        "following settings variables must be set: 'TOKEN_SERVER', 'TOKEN_SIGNATURE_ALGORITHM', "
+        "'PUBLIC_KEY_PATH', 'PRIVATE_KEY_PATH'. Please check your Pulp config file."
+    )
+    container_settings_validator.validate(settings)
+
+    return {}