Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[master] Artifactory module basic auth fix #65642

Merged
merged 4 commits into from
Dec 28, 2023
Merged

[master] Artifactory module basic auth fix #65642

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
c1a6129
Artifactory module basic auth fix
ubrix Nov 29, 2023
9329942
Added changelog
ubrix Dec 18, 2023
d6f5834
Fixed pre-commit failures
ubrix Dec 19, 2023
0f29cb2
Merge branch 'master' into fix_basic_auth_artifactory
ubrix Dec 19, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions changelog/58936.fixed.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Fixed issue with basic auth causing invalid header error and 401 Bad Request, by using HTTPBasicAuthHandler instead of header.
102 changes: 36 additions & 66 deletions salt/modules/artifactory.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,20 @@ def __virtual__():
return True


def set_basic_auth(url, username, password):
"""
Sets the username and password for a specific url. Helper method.

CLI Example:

"""
pw_mgr = urllib.request.HTTPPasswordMgrWithDefaultRealm()
pw_mgr.add_password(None, url, username, password)
basic_auth_handler = urllib.request.HTTPBasicAuthHandler(pw_mgr)
opener = urllib.request.build_opener(basic_auth_handler)
urllib.request.install_opener(opener)


def get_latest_snapshot(
artifactory_url,
repository,
Expand Down Expand Up @@ -75,20 +89,13 @@ def get_latest_snapshot(
target_dir,
classifier,
)

headers = {}
if username and password:
headers["Authorization"] = "Basic {}".format(
salt.utils.hashutils.base64_encodestring(
"{}:{}".format(username.replace("\n", ""), password.replace("\n", ""))
)
)
set_basic_auth(artifactory_url, username, password)
artifact_metadata = _get_artifact_metadata(
artifactory_url=artifactory_url,
repository=repository,
group_id=group_id,
artifact_id=artifact_id,
headers=headers,
use_literal_group_id=use_literal_group_id,
)
version = artifact_metadata["latest_version"]
Expand All @@ -100,12 +107,11 @@ def get_latest_snapshot(
version=version,
packaging=packaging,
classifier=classifier,
headers=headers,
use_literal_group_id=use_literal_group_id,
)
target_file = __resolve_target_file(file_name, target_dir, target_file)

return __save_artifact(snapshot_url, target_file, headers)
return __save_artifact(snapshot_url, target_file)


def get_snapshot(
Expand Down Expand Up @@ -162,13 +168,8 @@ def get_snapshot(
target_dir,
classifier,
)
headers = {}
if username and password:
headers["Authorization"] = "Basic {}".format(
salt.utils.hashutils.base64_encodestring(
"{}:{}".format(username.replace("\n", ""), password.replace("\n", ""))
)
)
set_basic_auth(artifactory_url, username, password)
snapshot_url, file_name = _get_snapshot_url(
artifactory_url=artifactory_url,
repository=repository,
Expand All @@ -178,12 +179,11 @@ def get_snapshot(
packaging=packaging,
snapshot_version=snapshot_version,
classifier=classifier,
headers=headers,
use_literal_group_id=use_literal_group_id,
)
target_file = __resolve_target_file(file_name, target_dir, target_file)

return __save_artifact(snapshot_url, target_file, headers)
return __save_artifact(snapshot_url, target_file)


def get_latest_release(
Expand Down Expand Up @@ -235,19 +235,13 @@ def get_latest_release(
target_dir,
classifier,
)
headers = {}
if username and password:
headers["Authorization"] = "Basic {}".format(
salt.utils.hashutils.base64_encodestring(
"{}:{}".format(username.replace("\n", ""), password.replace("\n", ""))
)
)
set_basic_auth(artifactory_url, username, password)
version = __find_latest_version(
artifactory_url=artifactory_url,
repository=repository,
group_id=group_id,
artifact_id=artifact_id,
headers=headers,
)
release_url, file_name = _get_release_url(
repository,
Expand All @@ -261,7 +255,7 @@ def get_latest_release(
)
target_file = __resolve_target_file(file_name, target_dir, target_file)

return __save_artifact(release_url, target_file, headers)
return __save_artifact(release_url, target_file)


def get_release(
Expand Down Expand Up @@ -317,13 +311,8 @@ def get_release(
target_dir,
classifier,
)
headers = {}
if username and password:
headers["Authorization"] = "Basic {}".format(
salt.utils.hashutils.base64_encodestring(
"{}:{}".format(username.replace("\n", ""), password.replace("\n", ""))
)
)
set_basic_auth(artifactory_url, username, password)
release_url, file_name = _get_release_url(
repository,
group_id,
Expand All @@ -336,7 +325,7 @@ def get_release(
)
target_file = __resolve_target_file(file_name, target_dir, target_file)

return __save_artifact(release_url, target_file, headers)
return __save_artifact(release_url, target_file)


def __resolve_target_file(file_name, target_dir, target_file=None):
Expand All @@ -354,11 +343,8 @@ def _get_snapshot_url(
packaging,
snapshot_version=None,
classifier=None,
headers=None,
use_literal_group_id=False,
):
if headers is None:
headers = {}
has_classifier = classifier is not None and classifier != ""

if snapshot_version is None:
Expand All @@ -369,7 +355,6 @@ def _get_snapshot_url(
group_id=group_id,
artifact_id=artifact_id,
version=version,
headers=headers,
)
if (
not has_classifier
Expand Down Expand Up @@ -503,7 +488,6 @@ def _get_artifact_metadata_xml(
repository,
group_id,
artifact_id,
headers,
use_literal_group_id=False,
):

Expand All @@ -516,8 +500,8 @@ def _get_artifact_metadata_xml(
)

try:
request = urllib.request.Request(artifact_metadata_url, None, headers)
artifact_metadata_xml = urllib.request.urlopen(request).read()
log.debug("Metadata url %s", artifact_metadata_url)
artifact_metadata_xml = urllib.request.urlopen(artifact_metadata_url).read()
except (HTTPError, URLError) as err:
message = "Could not fetch data from url: {}. ERROR: {}".format(
artifact_metadata_url, err
Expand All @@ -529,19 +513,13 @@ def _get_artifact_metadata_xml(


def _get_artifact_metadata(
artifactory_url,
repository,
group_id,
artifact_id,
headers,
use_literal_group_id=False,
artifactory_url, repository, group_id, artifact_id, use_literal_group_id=False
):
metadata_xml = _get_artifact_metadata_xml(
artifactory_url=artifactory_url,
repository=repository,
group_id=group_id,
artifact_id=artifact_id,
headers=headers,
use_literal_group_id=use_literal_group_id,
)
root = ET.fromstring(metadata_xml)
Expand Down Expand Up @@ -580,7 +558,6 @@ def _get_snapshot_version_metadata_xml(
group_id,
artifact_id,
version,
headers,
use_literal_group_id=False,
):

Expand All @@ -594,8 +571,9 @@ def _get_snapshot_version_metadata_xml(
)

try:
request = urllib.request.Request(snapshot_version_metadata_url, None, headers)
snapshot_version_metadata_xml = urllib.request.urlopen(request).read()
snapshot_version_metadata_xml = urllib.request.urlopen(
snapshot_version_metadata_url
).read()
except (HTTPError, URLError) as err:
message = "Could not fetch data from url: {}. ERROR: {}".format(
snapshot_version_metadata_url, err
Expand All @@ -607,15 +585,14 @@ def _get_snapshot_version_metadata_xml(


def _get_snapshot_version_metadata(
artifactory_url, repository, group_id, artifact_id, version, headers
artifactory_url, repository, group_id, artifact_id, version
):
metadata_xml = _get_snapshot_version_metadata_xml(
artifactory_url=artifactory_url,
repository=repository,
group_id=group_id,
artifact_id=artifact_id,
version=version,
headers=headers,
)
metadata = ET.fromstring(metadata_xml)

Expand Down Expand Up @@ -657,7 +634,6 @@ def __find_latest_version(
repository,
group_id,
artifact_id,
headers,
use_literal_group_id=False,
):

Expand All @@ -670,8 +646,7 @@ def __find_latest_version(
)

try:
request = urllib.request.Request(latest_version_url, None, headers)
version = urllib.request.urlopen(request).read()
version = urllib.request.urlopen(latest_version_url).read()
except (HTTPError, URLError) as err:
message = "Could not fetch data from url: {}. ERROR: {}".format(
latest_version_url, err
Expand All @@ -686,17 +661,15 @@ def __find_latest_version(
return version


def __save_artifact(artifact_url, target_file, headers):
def __save_artifact(artifact_url, target_file):
log.debug("__save_artifact(%s, %s)", artifact_url, target_file)
result = {"status": False, "changes": {}, "comment": ""}

if os.path.isfile(target_file):
log.debug("File %s already exists, checking checksum...", target_file)
checksum_url = artifact_url + ".sha1"

checksum_success, artifact_sum, checksum_comment = __download(
checksum_url, headers
)
checksum_success, artifact_sum, checksum_comment = __download(checksum_url)
if checksum_success:
artifact_sum = salt.utils.stringutils.to_unicode(artifact_sum)
log.debug("Downloaded SHA1 SUM: %s", artifact_sum)
Expand Down Expand Up @@ -725,13 +698,12 @@ def __save_artifact(artifact_url, target_file, headers):
log.debug("Downloading: %s -> %s", artifact_url, target_file)

try:
request = urllib.request.Request(artifact_url, None, headers)
f = urllib.request.urlopen(request)
f = urllib.request.urlopen(artifact_url)
with salt.utils.files.fopen(target_file, "wb") as local_file:
local_file.write(salt.utils.stringutils.to_bytes(f.read()))
result["status"] = True
result["comment"] = __append_comment(
"Artifact downloaded from URL: {}".format(artifact_url),
f"Artifact downloaded from URL: {artifact_url}",
result["comment"],
)
result["changes"]["downloaded_file"] = target_file
Expand All @@ -755,15 +727,13 @@ def __get_classifier_url(classifier):
return "-" + classifier if has_classifier else ""


def __download(request_url, headers):
def __download(request_url):
log.debug("Downloading content from %s", request_url)

success = False
content = None
comment = None
try:
request = urllib.request.Request(request_url, None, headers)
url = urllib.request.urlopen(request)
url = urllib.request.urlopen(request_url)
content = url.read()
success = True
except HTTPError as e:
Expand Down
Loading
Loading