Mercurial > repos > fubar > mashmap
view tf_apikey_mutate/tf_apikey_mutate.xml @ 1:0183cad9d13b draft
planemo upload
| author | fubar |
|---|---|
| date | Thu, 22 Feb 2024 10:48:01 +0000 |
| parents | |
| children |
line wrap: on
line source
<tool name="tf_apikey_mutate" id="tf_apikey_mutate" version="0.001"> <!--Source in git at: https://github.com/fubar2/galaxy--> <!--Created by toolfactory@galaxy.org at 21/05/2023 10:01:12 using the Galaxy Tool Factory.--> <description>Rotates all API keys in a ToolFactory instance </description> <requirements> <requirement version="1.1.1" type="package">bioblend</requirement> <requirement version="3.10.12" type="package">python</requirement> <requirement type="package">six</requirement> </requirements> <stdio> <exit_code range="1:" level="fatal"/> </stdio> <version_command><![CDATA[echo "0.001"]]></version_command> <command><![CDATA[python $runme --galaxy_root "$__root_dir__" --galaxy_venv "$__root_dir__/.venv" > $APIK_mutate_log]]></command> <configfiles> <configfile name="runme"><![CDATA[#raw #!/usr/bin/env python import argparse import hashlib import os import random import subprocess import sys from time import sleep from urllib import request from urllib.error import URLError from bioblend import galaxy def add_user(sa_session, security_agent, email, password, key=None, username="admin"): """ Add Galaxy User. From John https://gist.github.com/jmchilton/4475646 """ query = sa_session.query(User).filter_by(email=email) user = None uexists = False User.use_pbkdf2 = False if query.count() > 0: user = query.first() user.username = username user.set_password_cleartext(password) sa_session.add(user) sa_session.flush() uexists = True else: user = User(email) user.username = username user.set_password_cleartext(password) sa_session.add(user) sa_session.flush() security_agent.create_private_user_role(user) if not user.default_permissions: security_agent.user_set_default_permissions(user, history=True, dataset=True) if key is not None: query = sa_session.query(APIKeys).filter_by(user_id=user.id).delete() sa_session.flush() api_key = APIKeys() api_key.user_id = user.id api_key.key = key sa_session.add(api_key) sa_session.flush() return user, uexists def run_sed(options): """ eg replacement = 'APIK="%s"' % options.key line_start = 'APIK=' """ fixme = [] tool_config_file: "tool_conf.xml,../local_tools/local_tool_conf.xml" # database_connection: "sqlite:///<data_dir>/universe.sqlite?isolation_level=IMMEDIATE" tfc = 'tool_conf.xml,%s/local_tools/local_tool_conf.xml' % options.galaxy_root fixfile = "%s/config/galaxy.yml" % options.galaxy_root fixme.append((' virtualenv: ', ' virtualenv: "%s"' % options.galaxy_venv, fixfile)) fixme.append((' galaxy_root: ', ' galaxyroot: "%s"' % options.galaxy_root, fixfile)) fixme.append((' tool_config_file: ', ' tool_config_file: "%s"' % tfc, fixfile)) fixfile = "%s/local_tools/toolfactory/toolfactory.py" % options.galaxy_root fixme.append((' self.GALAXY_ADMIN_KEY =', ' self.GALAXY_ADMIN_KEY = "%s"' % options.key, fixfile )) fixme.append((' self.GALAXY_URL = ' , ' self.GALAXY_URL = "%s"' % options.galaxy_url, fixfile )) fixfile = "%s/local_tools/toolfactory/install_tf_deps.sh" % options.galaxy_root fixme.append(('APIK=', 'APIK="%s"' % options.key, fixfile )) fixme.append(('LOCALTOOLDIR=', 'LOCALTOOLDIR="%s"' % os.path.join(os.path.abspath(options.galaxy_root), "local_tools"), fixfile )) fixfile = "%s/local_tools/toolfactory/localplanemotest.sh" % options.galaxy_root fixme.append(('GALAXY_URL=', 'GALAXY_URL=%s' % options.galaxy_url, fixfile)) fixme.append(('API_KEY=', 'API_KEY=%s' % options.key, fixfile)) fixfile = "%s/local_tools/toolfactory/toolfactory_fast_test.sh" % options.galaxy_root fixme.append(('GALAXY_URL=', 'GALAXY_URL=%s' % options.galaxy_url, fixfile)) fixme.append(('API_KEY=', 'API_KEY=%s' % options.key, fixfile)) fixme.append(('GALAXY_VENV=', 'GALAXY_VENV=%s' % options.galaxy_venv, fixfile)) fixme.append(('API_KEY_USER=', 'API_KEY_USER=%s' % options.botkey, fixfile)) for line_start, line_replacement, file_to_edit in fixme: cmd = ["sed", "-i", "s#.*%s.*#%s#g" % (line_start, line_replacement), file_to_edit] print("## executing", ' '.join(cmd)) res = subprocess.run(cmd) if not res.returncode == 0: print('### Non zero %d return code from %s ' % (res.returncode, ''.join(cmd))) if __name__ == "__main__": print('starting!', file=sys.stderr) apikey = "%s" % hash(random.random()) apikey2 = "%s" % hash(random.random()) parser = argparse.ArgumentParser(description="Create Galaxy Admin User.") parser.add_argument("--galaxy_url", help="Galaxy server URL", default="http://localhost:8080") parser.add_argument("--galaxy_root", help="Galaxy root directory path", default="/work/galaxytf") parser.add_argument("--galaxy_venv", help="Galaxy venv path", default="/work/galaxytf/.venv") parser.add_argument("--user", help="Username - an email address.", default="toolfactory@galaxy.org") parser.add_argument("--password", help="Password", default="ChangeMe!") parser.add_argument("--password2", help="Password", default=apikey2) parser.add_argument("--key", help="API-Key.", default=apikey) parser.add_argument("--botkey", help="bot API-Key.", default=apikey2) parser.add_argument("--username", default="tfadmin") parser.add_argument("args", nargs=argparse.REMAINDER) options = parser.parse_args() sys.path.insert(1, options.galaxy_root) sys.path.insert(1, os.path.join(options.galaxy_root, "lib")) sys.path.insert(1, os.path.join(options.galaxy_venv, "lib", "python3.10", "site-packages")) from galaxy.model import User, APIKeys from galaxy.model.mapping import init from galaxy.model.orm.scripts import get_config cnf = get_config(argv=['-c','galaxy', ],cwd=options.galaxy_root) print('cnf=%s' % cnf, file=sys.stderr) cdb_url = cnf["db_url"] # or perhaps "postgresql:///ubuntu?host=/var/run/postgresql" # this is harder to please get_config(sys.argv, use_argparse=False)["db_url"] print('### Using cdb_url', cdb_url, file=sys.stderr) mapping = init("/tmp/", cdb_url) sa_session = mapping.context security_agent = mapping.security_agent usr, uexists = add_user( sa_session, security_agent, options.user, options.password, key=options.key, username=options.username ) print("added user", options.user, "apikey", options.key, file=sys.stderr) usr, uexists = add_user( sa_session, security_agent, 'test@bx.psu.edu', options.password2, key=options.botkey, username='bot' ) run_sed(options) print('Evil deeds done', file=sys.stderr) #end raw]]></configfile> </configfiles> <inputs/> <outputs> <data name="APIK_mutate_log" format="txt" label="APIK_mutate_log" hidden="false"/> </outputs> <tests> <test> <output name="APIK_mutate_log" value="APIK_mutate_log_sample" compare="sim_size" delta="100"/> </test> </tests> <help><![CDATA[ **What it Does** Regenerates fresh API keys for the ToolFactory administrative user and rewrites them into all the relevant utility code. The Docker image is constructed with a new set of keys but they are identical in every image, so running this tool in that image makes sure that while it is running, it is not using the distributed keys. It will do the same thing for a local disk installation but has already been run once at first boot. No real harm running it again to recycle all your keys if you like. Will break the ToolFactory if it breaks. Safe in Docker since it's not persistent :) Use at your own peril. This is a crazy tool to run. This script consistently fails tool test, but actually works fine on a ToolFactory docker or local installation. It reuses code from the initial configuration to create new, random API keys for the admin logins. ]]></help> <citations> <citation type="doi">10.1093/bioinformatics/bts573</citation> </citations> </tool>