search

voxpupuli / puppet-blacksmith

Ruby Gem with Puppet Module utilities
Apache License 2.0
69 stars 31 forks source link

Support for uploading to Artifactory #64

Closed bodgit closed 5 years ago

bodgit commented 6 years ago

I'm trying to use this module to upload to an internal Artifactory server that is configured with a forge-like repository. Currently I'm seeing two problems:

  1. The username I'm using to connect to Artifactory is assumed to be the author of the module when in fact the module is owned by the company rather than any one user. For example, if I create an internal module companyname-modulename but I publish to Artifactory as username then it assumes the release tarball is named username-modulename-*.tar.gz. This might be as simple as trusting the metadata.json rather than the credentials in the case they differ.
  2. The "forge" URL is defined as http://artifactory.example.com/artifactory/api/puppet/local-puppet and so blacksmith seems to be trying to log in by appending /oauth/token to this URL which doesn't work. In the case of Artifactory, just using basic auth with the given credentials should be enough to work although it does also support using things like bearer tokens, etc. which might be nice to support.
ekohl commented 6 years ago

This relates to https://github.com/voxpupuli/puppet-blacksmith/issues/56 so we should probably find a generic way to upload artifacts. Pulp and Artifactory will probably have the same issues regarding authentication.

IMHO the whole lib/puppet_blacksmith/forge.rb does way too much and functions are very big.

ekohl commented 6 years ago

https://github.com/voxpupuli/puppet-blacksmith/pull/65 should split off most of the problematic code. I'm still VERY unhappy with the credential loading in that class, but it shouldn't be in the way too much. The next step would be to make http_url and http_headers understand Artifactory style uploads. Perhaps by introducing a forge_type variable?

bodgit commented 6 years ago

Perhaps by introducing a forge_type variable?

That could work, would also allow introduction of a pulp type too.

ekohl commented 6 years ago

That could work, would also allow introduction of a pulp type too.

Would you be able to come up with a PR to introduce this? I don't have access to Artifactory so testing is hard. I'd be happy to help you come up with the changes if you get stuck.

bodgit commented 6 years ago

I'll see what I can do. From the documentation the upload process is fairly simple, this is the equivalent curl command:

curl -u username:password -X PUT http://artifactory.example.com/artifactory/local-puppet/author/module/author-module-version.tar.gz -T pkg/author-module-version.tar.gz

That's pretty much it.