Use more native methods of SmartProxy for validation

ekohl · ekohl · commit 20e968415dfd · 2021-06-24T11:25:52.000+02:00
This uses more built in validators. It also creates a setting for the
public key file and derives it if not specified.

The only downside is that the validate_readable doesn't print a helpful
command to generate it if needed. Programmable settings can be used to
generate it on the fly if the parent directory is readable. Another
alternative is to introduce another custom validator.

It slightly abuses the dependency injection hook to configure the task
launcher registry.
diff --git a/lib/smart_proxy_remote_execution_ssh.rb b/lib/smart_proxy_remote_execution_ssh.rb
@@ -6,50 +6,12 @@
 module Proxy::RemoteExecution
   module Ssh
     class << self
-      def validate!
-        unless private_key_file
-          raise "settings for `ssh_identity_key` not set"
-        end
-
-        unless File.exist?(private_key_file)
-          raise "Ssh public key file #{private_key_file} doesn't exist.\n"\
-            "You can generate one with `ssh-keygen -t rsa -b 4096 -f #{private_key_file} -N ''`"
-        end
-
-        unless File.exist?(public_key_file)
-          raise "Ssh public key file #{public_key_file} doesn't exist"
-        end
-
-        validate_ssh_log_level!
-      end
-
       def private_key_file
         File.expand_path(Plugin.settings.ssh_identity_key_file)
       end
 
       def public_key_file
-        File.expand_path("#{private_key_file}.pub")
-      end
-
-      def validate_ssh_log_level!
-        wanted_level = Plugin.settings.ssh_log_level.to_s
-        levels = Plugin::SSH_LOG_LEVELS
-        unless levels.include? wanted_level
-          raise "Wrong value '#{Plugin.settings.ssh_log_level}' for ssh_log_level, must be one of #{levels.join(', ')}"
-        end
-
-        current = ::Proxy::SETTINGS.log_level.to_s.downcase
-
-        # regular log levels correspond to upcased ssh logger levels
-        ssh, regular = [wanted_level, current].map do |wanted|
-          levels.each_with_index.find { |value, _index| value == wanted }.last
-        end
-
-        if ssh < regular
-          raise 'ssh_log_level cannot be more verbose than regular log level'
-        end
-
-        Plugin.settings.ssh_log_level = Plugin.settings.ssh_log_level.to_sym
+        File.expand_path(Plugin.settings.ssh_identity_public_key_file)
       end
     end
   end
diff --git a/lib/smart_proxy_remote_execution_ssh/plugin.rb b/lib/smart_proxy_remote_execution_ssh/plugin.rb
@@ -1,9 +1,11 @@
+require_relative 'validators'
+
 module Proxy::RemoteExecution::Ssh
   class Plugin < Proxy::Plugin
     SSH_LOG_LEVELS = %w[debug info warn error fatal].freeze
 
-    http_rackup_path File.expand_path("http_config.ru", File.expand_path("../", __FILE__))
-    https_rackup_path File.expand_path("http_config.ru", File.expand_path("../", __FILE__))
+    http_rackup_path File.expand_path("http_config.ru", __dir__)
+    https_rackup_path File.expand_path("http_config.ru", __dir__)
 
     settings_file "remote_execution_ssh.yml"
     default_settings :ssh_identity_key_file   => '~/.ssh/id_rsa_foreman_proxy',
@@ -17,8 +19,21 @@ class Plugin < Proxy::Plugin
                      :ssh_log_level           => :fatal,
                      :cleanup_working_dirs    => true
 
+    load_validators ssh_log_level: Proxy::RemoteExecution::Ssh::Validators::SshLogLevel
+    load_programmable_settings do |settings|
+      if settings[:ssh_identity_key_file] && !settings[:ssh_identity_public_key_file]
+        settings[:ssh_identity_public_key_file] = "#{settings[:ssh_identity_key_file}.pub"
+      end
+
+      settings[:ssh_log_level] = settings[:ssh_log_level].to_sym
+    end
+
+    validate_readable :ssh_identity_key_file, :ssh_identity_public_key_file
+    validate :ssh_log_level, ssh_log_level: SSH_LOG_LEVELS
+
     plugin :ssh, Proxy::RemoteExecution::Ssh::VERSION
-    after_activation do
+
+    load_classes do
       require 'smart_proxy_dynflow'
       require 'smart_proxy_remote_execution_ssh/version'
       require 'smart_proxy_remote_execution_ssh/cockpit'
@@ -27,9 +42,10 @@ class Plugin < Proxy::Plugin
       require 'smart_proxy_remote_execution_ssh/dispatcher'
       require 'smart_proxy_remote_execution_ssh/log_filter'
       require 'smart_proxy_remote_execution_ssh/runners'
+    end
 
-      Proxy::RemoteExecution::Ssh.validate!
-
+    # Not really Smart Proxy dependency injection, but similar enough
+    load_dependency_injection_wirings do |container_instance, settings|
       Proxy::Dynflow::TaskLauncherRegistry.register('ssh', Proxy::Dynflow::TaskLauncher::Batch)
     end
 
diff --git a/lib/smart_proxy_remote_execution_ssh/validators.rb b/lib/smart_proxy_remote_execution_ssh/validators.rb
@@ -0,0 +1,30 @@
+module Proxy
+  module RemoteExecution
+    module Ssh
+      module Validators
+        class SshLogLevel < ::Proxy::PluginValidators::Base
+          def validate!(settings)
+            setting_value = settings[@setting_name].to_s
+
+            unless @params.include?(setting_value)
+              raise ::Proxy::Error::ConfigurationError, "Parameter '#{@setting_name}' must be one of #{@params.join(', ')}"
+            end
+
+            current = ::Proxy::SETTINGS.log_level.to_s.downcase
+
+            # regular log levels correspond to upcased ssh logger levels
+            ssh, regular = [wanted_level, current].map do |wanted|
+              levels.each_with_index.find { |value, _index| value == wanted }.last
+            end
+
+            if ssh < regular
+              raise ::Proxy::Error::ConfigurationError, "Parameter '#{@setting_name}' cannot be more verbose than regular log level (#{current})"
+            end
+
+            true
+          end
+        end
+      end
+    end
+  end
+end
