From 8973f80a32fddbe0cb6e8e60fa826062404b6d63 Mon Sep 17 00:00:00 2001
From: MichalPysik <n3r0x541@gmail.com>
Date: Fri, 21 Jun 2024 15:00:07 +0200
Subject: [PATCH] Validate settings before running Pulp instance

When token authentization is enabled, 4 additional variables have to be
set. The state of these variables is now checked, while properly
informing the user, instead of relying on exceptions raised later during
the instance's run.

closes #1550
---
 CHANGES/1550.bugfix            |  2 ++
 pulp_container/app/__init__.py |  1 +
 pulp_container/app/checks.py   | 46 ++++++++++++++++++++++++++++++++++
 3 files changed, 49 insertions(+)
 create mode 100644 CHANGES/1550.bugfix
 create mode 100644 pulp_container/app/checks.py

diff --git a/CHANGES/1550.bugfix b/CHANGES/1550.bugfix
new file mode 100644
index 000000000..54f524512
--- /dev/null
+++ b/CHANGES/1550.bugfix
@@ -0,0 +1,2 @@
+Pulp Container specific settings are now properly validated during the deployment checks of a Pulp
+instance.
diff --git a/pulp_container/app/__init__.py b/pulp_container/app/__init__.py
index 669f62a21..d02fc572d 100644
--- a/pulp_container/app/__init__.py
+++ b/pulp_container/app/__init__.py
@@ -11,3 +11,4 @@ class PulpContainerPluginAppConfig(PulpPluginAppConfig):
 
     def ready(self):
         super().ready()
+        from . import checks
diff --git a/pulp_container/app/checks.py b/pulp_container/app/checks.py
new file mode 100644
index 000000000..43d7b8753
--- /dev/null
+++ b/pulp_container/app/checks.py
@@ -0,0 +1,46 @@
+from django.conf import settings
+from django.core.checks import Error as CheckError, register
+
+
+@register(deploy=True)
+def container_settings_check(app_configs, **kwargs):
+    errors = []
+
+    # Other checks only apply if token auth is enabled
+    if str(getattr(settings, "TOKEN_AUTH_DISABLED", False)).lower() == "true":
+        return errors
+
+    if getattr(settings, "TOKEN_SERVER", None) is None:
+        errors.append(
+            CheckError(
+                "TOKEN_SERVER is a required setting that has to be configured when token"
+                " authentification is enabled",
+                id="pulp_container.E001",
+            ),
+        )
+    if getattr(settings, "TOKEN_SIGNATURE_ALGORITHM", None) is None:
+        errors.append(
+            CheckError(
+                "TOKEN_SIGNATURE_ALGORITHM is a required setting that has to be configured when"
+                " token authentification is enabled",
+                id="pulp_container.E001",
+            )
+        )
+    if getattr(settings, "PUBLIC_KEY_PATH", None) is None:
+        errors.append(
+            CheckError(
+                "PUBLIC_KEY_PATH is a required setting that has to be configured when token"
+                " authentification is enabled",
+                id="pulp_container.E001",
+            )
+        )
+    if getattr(settings, "PRIVATE_KEY_PATH", None) is None:
+        errors.append(
+            CheckError(
+                "PRIVATE_KEY_PATH is a required setting that has to be configured when token"
+                " authentification is enabled",
+                id="pulp_container.E001",
+            )
+        )
+
+    return errors