Mercurial > repos > fubar > mashmap

diff tf_apikey_mutate/tf_apikey_mutate.xml @ 1:0183cad9d13b draft

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
planemo upload
author fubar
date Thu, 22 Feb 2024 10:48:01 +0000
parents
children
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tf_apikey_mutate/tf_apikey_mutate.xml	Thu Feb 22 10:48:01 2024 +0000
@@ -0,0 +1,186 @@
+<tool name="tf_apikey_mutate" id="tf_apikey_mutate" version="0.001">
+  <!--Source in git at: https://github.com/fubar2/galaxy-->
+  <!--Created by toolfactory@galaxy.org at 21/05/2023 10:01:12 using the Galaxy Tool Factory.-->
+  <description>Rotates all API keys in a ToolFactory instance </description>
+  <requirements>
+    <requirement version="1.1.1" type="package">bioblend</requirement>
+   <requirement version="3.10.12" type="package">python</requirement>
+   <requirement type="package">six</requirement>
+  </requirements>
+  <stdio>
+    <exit_code range="1:" level="fatal"/>
+  </stdio>
+  <version_command><![CDATA[echo "0.001"]]></version_command>
+  <command><![CDATA[python
+$runme --galaxy_root "$__root_dir__" --galaxy_venv "$__root_dir__/.venv"
+>
+$APIK_mutate_log]]></command>
+  <configfiles>
+    <configfile name="runme"><![CDATA[#raw
+
+#!/usr/bin/env python
+import argparse
+import hashlib
+import os
+import random
+import subprocess
+import sys
+from time import sleep
+from urllib import request
+from urllib.error import URLError
+
+from bioblend import galaxy
+
+def add_user(sa_session, security_agent, email, password, key=None, username="admin"):
+    """
+    Add Galaxy User.
+    From John https://gist.github.com/jmchilton/4475646
+    """
+    query = sa_session.query(User).filter_by(email=email)
+    user = None
+    uexists = False
+    User.use_pbkdf2 = False
+    if query.count() > 0:
+        user = query.first()
+        user.username = username
+        user.set_password_cleartext(password)
+        sa_session.add(user)
+        sa_session.flush()
+        uexists = True
+    else:
+        user = User(email)
+        user.username = username
+        user.set_password_cleartext(password)
+        sa_session.add(user)
+        sa_session.flush()
+
+        security_agent.create_private_user_role(user)
+        if not user.default_permissions:
+            security_agent.user_set_default_permissions(user, history=True, dataset=True)
+
+    if key is not None:
+        query = sa_session.query(APIKeys).filter_by(user_id=user.id).delete()
+        sa_session.flush()
+
+        api_key = APIKeys()
+        api_key.user_id = user.id
+        api_key.key = key
+        sa_session.add(api_key)
+        sa_session.flush()
+    return user, uexists
+
+def run_sed(options):
+    """
+    eg replacement = 'APIK="%s"' % options.key
+    line_start = 'APIK='
+    """
+    fixme = []
+    tool_config_file: "tool_conf.xml,../local_tools/local_tool_conf.xml"
+    # database_connection: "sqlite:///<data_dir>/universe.sqlite?isolation_level=IMMEDIATE"
+    tfc = 'tool_conf.xml,%s/local_tools/local_tool_conf.xml' % options.galaxy_root
+    fixfile = "%s/config/galaxy.yml" % options.galaxy_root
+    fixme.append(('  virtualenv: ', '  virtualenv: "%s"' % options.galaxy_venv, fixfile))
+    fixme.append(('  galaxy_root: ', '  galaxyroot: "%s"' % options.galaxy_root, fixfile))
+    fixme.append(('  tool_config_file: ', '  tool_config_file: "%s"' % tfc, fixfile))
+    fixfile = "%s/local_tools/toolfactory/toolfactory.py" % options.galaxy_root
+    fixme.append(('        self.GALAXY_ADMIN_KEY =', '        self.GALAXY_ADMIN_KEY = "%s"' % options.key, fixfile ))
+    fixme.append(('        self.GALAXY_URL = ' , '        self.GALAXY_URL = "%s"' % options.galaxy_url, fixfile ))
+    fixfile = "%s/local_tools/toolfactory/install_tf_deps.sh" % options.galaxy_root
+    fixme.append(('APIK=', 'APIK="%s"' % options.key, fixfile ))
+    fixme.append(('LOCALTOOLDIR=', 'LOCALTOOLDIR="%s"' % os.path.join(os.path.abspath(options.galaxy_root), "local_tools"),  fixfile ))
+    fixfile = "%s/local_tools/toolfactory/localplanemotest.sh" % options.galaxy_root
+    fixme.append(('GALAXY_URL=', 'GALAXY_URL=%s' % options.galaxy_url, fixfile))
+    fixme.append(('API_KEY=', 'API_KEY=%s' % options.key, fixfile))
+    fixfile = "%s/local_tools/toolfactory/toolfactory_fast_test.sh" % options.galaxy_root
+    fixme.append(('GALAXY_URL=', 'GALAXY_URL=%s' % options.galaxy_url, fixfile))
+    fixme.append(('API_KEY=', 'API_KEY=%s' % options.key, fixfile))
+    fixme.append(('GALAXY_VENV=', 'GALAXY_VENV=%s' % options.galaxy_venv, fixfile))
+    fixme.append(('API_KEY_USER=', 'API_KEY_USER=%s' % options.botkey, fixfile))
+    for line_start, line_replacement, file_to_edit in fixme:
+        cmd = ["sed", "-i", "s#.*%s.*#%s#g" % (line_start, line_replacement), file_to_edit]
+        print("## executing", ' '.join(cmd))
+        res = subprocess.run(cmd)
+        if not res.returncode == 0:
+            print('### Non zero %d return code from %s ' % (res.returncode, ''.join(cmd)))
+
+
+if __name__ == "__main__":
+    print('starting!', file=sys.stderr)
+    apikey = "%s" % hash(random.random())
+    apikey2 = "%s" % hash(random.random())
+    parser = argparse.ArgumentParser(description="Create Galaxy Admin User.")
+    parser.add_argument("--galaxy_url", help="Galaxy server URL", default="http://localhost:8080")
+    parser.add_argument("--galaxy_root",  help="Galaxy root directory path", default="/work/galaxytf")
+    parser.add_argument("--galaxy_venv", help="Galaxy venv path", default="/work/galaxytf/.venv")
+    parser.add_argument("--user", help="Username - an email address.", default="toolfactory@galaxy.org")
+    parser.add_argument("--password", help="Password", default="ChangeMe!")
+    parser.add_argument("--password2", help="Password", default=apikey2)
+    parser.add_argument("--key", help="API-Key.", default=apikey)
+    parser.add_argument("--botkey", help="bot API-Key.", default=apikey2)
+    parser.add_argument("--username", default="tfadmin")
+    parser.add_argument("args", nargs=argparse.REMAINDER)
+    options = parser.parse_args()
+    sys.path.insert(1, options.galaxy_root)
+    sys.path.insert(1, os.path.join(options.galaxy_root, "lib"))
+    sys.path.insert(1, os.path.join(options.galaxy_venv, "lib", "python3.10", "site-packages"))
+    from galaxy.model import User, APIKeys
+    from galaxy.model.mapping import init
+    from galaxy.model.orm.scripts import get_config
+    cnf = get_config(argv=['-c','galaxy', ],cwd=options.galaxy_root)
+    print('cnf=%s' % cnf, file=sys.stderr)
+    cdb_url = cnf["db_url"]
+    # or perhaps "postgresql:///ubuntu?host=/var/run/postgresql"
+    # this is harder to please get_config(sys.argv, use_argparse=False)["db_url"]
+    print('### Using cdb_url', cdb_url, file=sys.stderr)
+    mapping = init("/tmp/", cdb_url)
+    sa_session = mapping.context
+    security_agent = mapping.security_agent
+    usr, uexists = add_user(
+        sa_session, security_agent, options.user, options.password, key=options.key, username=options.username
+    )
+    print("added user", options.user, "apikey", options.key, file=sys.stderr)
+
+    usr, uexists = add_user(
+        sa_session, security_agent, 'test@bx.psu.edu',   options.password2, key=options.botkey, username='bot'
+    )
+    run_sed(options)
+    print('Evil deeds done', file=sys.stderr)
+
+
+#end raw]]></configfile>
+  </configfiles>
+  <inputs/>
+  <outputs>
+    <data name="APIK_mutate_log" format="txt" label="APIK_mutate_log" hidden="false"/>
+  </outputs>
+  <tests>
+    <test>
+      <output name="APIK_mutate_log" value="APIK_mutate_log_sample" compare="sim_size" delta="100"/>
+    </test>
+  </tests>
+  <help><![CDATA[
+
+**What it Does**
+
+Regenerates fresh API keys for the ToolFactory administrative user and rewrites them into all the relevant utility code.
+
+The Docker image is constructed with a new set of keys but they are identical in every image, so running this tool
+in that image makes sure that while it is running, it is not using the distributed keys. It will do the same thing for a
+local disk installation but has already been run once at first boot. No real harm running it again to recycle all your keys
+if you like.
+
+Will break the ToolFactory if it breaks.
+Safe in Docker since it's not persistent :)
+Use at your own peril.
+This is a crazy tool to run.
+
+This script consistently fails tool test, but actually works fine on a ToolFactory docker or local installation.
+It reuses code from the initial configuration to create new, random API keys for the admin logins.
+
+
+]]></help>
+  <citations>
+    <citation type="doi">10.1093/bioinformatics/bts573</citation>
+  </citations>
+</tool>
+