This repository authenticates and forwards requests to unpack images into a CVMFS repository.
This API accepts the name of an image to unpack along with a GitLab JWT token. This server then forwards that image, along with a pipeline trigger token, to another GitLab CI that performs the unpacking of the image into CVMFS.
- Client sends request to this API from within a GitLab CI.
- This API authenticates the Client (ensures the pipeline was ran from within a specific GitLab instance).
- This API sends a request to a different GitLab CI to unpack the image.
Using podman (or docker), run
podman create -p 8000:8000 --env-file=.env --name unpack-api gitlab-registry.cern.ch/mfatouro/unpack-to-cvmfs/unpack-api:latestOtherwise, this package can be installed with
pip install .Copy the sample configuration
cp .env.sample .envThen open .env and set the values for your use case.
First, create a docker container as shown in the installation instructions.
Then, create a systemd service file at /etc/systemd/system/unpack-api.service with the following content
[Unit]
Description=API to authenticate and trigger a GitLab CI pipeline
Wants=syslog.service
Wants=network.target
[Service]
Restart=always
User=<user>
Group=<user>
ExecStart=/usr/bin/podman start -a unpack-api
ExecStop=/usr/bin/podman stop -t 2 unpack-api
[Install]
WantedBy=multi-user.target
replacing <user> with the user you'd like to run the service.
Finally, enable and run the service with
sudo systemctl enable unpack-api
sudo systemctl start unpack-apiInstall with
pip install -e ".[dev]"Then, enable pre-commit with
pre-commit install