Beispiel #1
0
// doRequest makes an authenticated request to the GitHub API.
func doRequest(method, url string, body io.Reader) ([]byte, error) {
	req, err := http.NewRequest(method, url, body)
	if err != nil {
		return nil, err
	}

	// These values are cached, so we can fetch them every time.
	userpass, err := metadata.ProjectAttributeValue(authMetadataKey)
	if err != nil {
		return nil, err
	}
	p := strings.SplitN(userpass, ":", 2)
	if len(p) != 2 {
		return nil, errors.New("bad authentication data")
	}
	req.SetBasicAuth(p[0], p[1])

	resp, err := http.DefaultClient.Do(req)
	if err != nil {
		return nil, err
	}
	respBody, err := ioutil.ReadAll(resp.Body)
	resp.Body.Close()
	if err != nil {
		return nil, err
	}
	if resp.StatusCode/100 != 2 {
		return respBody, fmt.Errorf("Bad response: %v\nBody:\n%s", resp.Status, respBody)
	}
	return respBody, nil

}
Beispiel #2
0
Datei: gce.go Projekt: pirater/os
func NewGceCloudConfig() *GceCloudConfig {

	userData, err := metadata.InstanceAttributeValue("user-data")
	if err != nil {
		log.Errorf("Could not retrieve user-data: %s", err)
	}

	projectSSHKeys, err := metadata.ProjectAttributeValue("sshKeys")
	if err != nil {
		log.Errorf("Could not retrieve project SSH Keys: %s", err)
	}

	instanceSSHKeys, err := metadata.InstanceAttributeValue("sshKeys")
	if err != nil {
		log.Errorf("Could not retrieve instance SSH Keys: %s", err)
	}

	nonUserDataSSHKeysRaw := projectSSHKeys + "\n" + instanceSSHKeys
	nonUserDataSSHKeys := gceSshKeyFormatter(nonUserDataSSHKeysRaw)

	gceCC := &GceCloudConfig{
		FileName:           gceCloudConfigFile,
		UserData:           userData,
		NonUserDataSSHKeys: nonUserDataSSHKeys,
	}

	return gceCC
}
Beispiel #3
0
func gceAttr(name string) string {
	s, err := metadata.ProjectAttributeValue(name)
	if err != nil {
		log.Printf("error querying metadata for %q: %s", name, err)
		return ""
	}
	return s
}
Beispiel #4
0
func loadMirrorCred() {
	cred, err := metadata.ProjectAttributeValue("mirror-credentials")
	if err != nil {
		log.Printf("No mirror credentials available: %v", err)
		return
	}
	p := strings.SplitN(strings.TrimSpace(cred), ":", 2)
	if len(p) != 2 {
		log.Fatalf("Bad mirror credentials: %q", cred)
	}
	mirrorCredCache.username, mirrorCredCache.password = p[0], p[1]
}
Beispiel #5
0
func checkTryBuildDeps() error {
	if !hasStorageScope() {
		return errors.New("coordinator's GCE instance lacks the storage service scope")
	}
	wr := storage.NewWriter(serviceCtx, buildLogBucket(), "hello.txt")
	fmt.Fprintf(wr, "Hello, world! Coordinator start-up at %v", time.Now())
	if err := wr.Close(); err != nil {
		return fmt.Errorf("test write of a GCS object to bucket %q failed: %v", buildLogBucket(), err)
	}
	gobotPass, err := metadata.ProjectAttributeValue("gobot-password")
	if err != nil {
		return fmt.Errorf("failed to get project metadata 'gobot-password': %v", err)
	}
	gerritClient = gerrit.NewClient("https://go-review.googlesource.com",
		gerrit.BasicAuth("git-gobot.golang.org", strings.TrimSpace(string(gobotPass))))

	return nil
}
Beispiel #6
0
func loadKey() {
	if *masterKeyFile != "" {
		b, err := ioutil.ReadFile(*masterKeyFile)
		if err != nil {
			log.Fatal(err)
		}
		masterKeyCache = bytes.TrimSpace(b)
		return
	}
	if *mode == "dev" {
		masterKeyCache = []byte("gophers rule")
		return
	}
	masterKey, err := metadata.ProjectAttributeValue("builder-master-key")
	if err != nil {
		log.Fatalf("No builder master key available: %v", err)
	}
	masterKeyCache = []byte(strings.TrimSpace(masterKey))
}
Beispiel #7
0
// validate compares the signature in the request header with the body.
func validate(r *http.Request) (body []byte, err error) {
	// Decode signature header.
	sigHeader := r.Header.Get("X-Hub-Signature")
	sigParts := strings.SplitN(sigHeader, "=", 2)
	if len(sigParts) != 2 {
		return nil, fmt.Errorf("Bad signature header: %q", sigHeader)
	}
	var h func() hash.Hash
	switch alg := sigParts[0]; alg {
	case "sha1":
		h = sha1.New
	case "sha256":
		h = sha256.New
	default:
		return nil, fmt.Errorf("Unsupported hash algorithm: %q", alg)
	}
	gotSig, err := hex.DecodeString(sigParts[1])
	if err != nil {
		return nil, err
	}

	// Compute expected signature.
	key, err := metadata.ProjectAttributeValue(secretMetadataKey)
	if err != nil {
		return nil, err
	}
	body, err = ioutil.ReadAll(r.Body)
	if err != nil {
		return nil, err
	}
	mac := hmac.New(h, []byte(key))
	mac.Write(body)
	expectSig := mac.Sum(nil)

	if !hmac.Equal(gotSig, expectSig) {
		return nil, fmt.Errorf("Invalid signature %X, want %x", gotSig, expectSig)
	}
	return body, nil
}
Beispiel #8
0
func init() {
	builderKey, _ = metadata.ProjectAttributeValue("builder-key")
}