Graham Christensen
fdb6e7dd97
fixup: return the user entity on login
2021-04-28 18:30:35 -04:00
Graham Christensen
a34f23f7e6
api-test: use is for nicer errors
2021-04-28 18:28:35 -04:00
Graham Christensen
20df86c275
api-test.t: make it work under yath
...
1. Configure the in-memory Hydra instance with a null path input cache
time to avoid caching slowing the test down.
2. Use the Catalyst::Test helpers so we talk to the application and skip
needing to actually run a webserver.
3. Change path references to use a tempdir, since this is running while
other tests are also running.
4. Change the login flow to save a cookie and pass it manually. A bit
weird, but it avoids a dependency on heavier browser-mimicking
libraries.
2021-04-28 18:28:35 -04:00
Graham Christensen
38c7f88b7c
rename api-test.pl to .t so it runs under yath
2021-04-28 18:28:35 -04:00
Graham Christensen
dd6cd33e98
move the api-test.nix in to the jobsdir
2021-04-28 18:28:35 -04:00
Graham Christensen
823da22e4f
Merge pull request #937 from DeterminateSystems/flesh-out-api
...
hydra-api: flesh out Jobset, JobsetInput schemas; implement DELETE /jobset/{project-id}/{jobset-id}
2021-04-28 13:43:04 -04:00
Cole Helbling
948b3cf073
Jobset: add HTTP API test
2021-04-28 10:37:06 -07:00
Graham Christensen
725c9c2f81
login: redirect to the current-user page
2021-04-28 08:32:10 -07:00
Graham Christensen
d589db2ed9
login: missing parameters are 400s
2021-04-28 08:31:59 -07:00
Eelco Dolstra
8d6a5aac84
Merge pull request #939 from regnat/include-localhost-features
...
Include localhost's features in the default machine file
2021-04-28 12:25:21 +02:00
regnat
abff212d06
Use system-features from the Nix conf in the default machine file
...
Fix #936
2021-04-28 11:43:04 +02:00
regnat
d58b3274f9
test: Don't generate a Nix conf in the makefile
...
The config is overriden by the `test_init` perl function, so it’s at
best misleading to create a first one there
2021-04-28 11:41:37 +02:00
Cole Helbling
42ef3b7b72
hydra-api: update Project and Jobset examples with the new schema
...
For future reference, this was generated by sending the request and piping it to
`yq -y` so that it would spit out YAML.
2021-04-27 23:09:33 -07:00
Cole Helbling
bcd3bbb680
hydra-api: implement DELETE /jobset/{project-id}/{jobset-id}
2021-04-27 16:16:42 -07:00
Cole Helbling
72fec31dbb
hydra-api: flesh out JobsetInput schema
2021-04-27 16:16:42 -07:00
Cole Helbling
2600810551
hydra-api: flesh out Jobset schema
...
* made all columns available via the API (except for forceeval)
* renamed flakeref to flake to unify the API with the database schema
* renamed inputs to jobsetinputs to unify the API with the database schema
2021-04-27 16:16:42 -07:00
Graham Christensen
0c8d016a38
Merge pull request #935 from DeterminateSystems/delete-project
...
hydra-api: implement DELETE /project/{id}
2021-04-27 11:15:15 -04:00
Cole Helbling
ddccf6a60e
hydra-api: implement DELETE /project/{id}
2021-04-27 08:10:09 -07:00
Graham Christensen
ada497db4f
Merge pull request #934 from DeterminateSystems/missing-name
...
hydra-api: add missing `name` property
2021-04-26 22:02:14 -04:00
Cole Helbling
9128802727
hydra-api: add missing name
property
...
The Hydra website allows you to change the name of a Project, so it only makes
sense for the API to expose this functionality as well.
2021-04-26 18:55:10 -07:00
Graham Christensen
fa5811eabf
Merge pull request #933 from cole-h/boolean-json
...
Serialize `enabled` and `hidden` columns as boolean
2021-04-26 19:44:59 -04:00
Cole Helbling
50fab154a4
ToJSON: serialize string_columns to JSON
...
If the column is undefined, then it should be an empty string according to your
API spec.
2021-04-26 16:39:13 -07:00
Graham Christensen
f0ede5f8b8
t: Test Projects JSON serialization and deserialization
2021-04-26 16:39:13 -07:00
Graham Christensen
f2b9649bf2
Projects: serialize enabled
and hidden
as boolean
2021-04-26 16:03:32 -07:00
Graham Christensen
4aea02e1e1
ToJSON: serialize boolean_columns to JSON boolean
2021-04-26 16:03:32 -07:00
Graham Christensen
683b8c41c1
Merge pull request #932 from cole-h/project
...
Add homepage to Projects schema
2021-04-26 18:57:02 -04:00
Graham Christensen
8e3b3c95f8
Merge pull request #931 from cole-h/put-project
...
hydra-api: hidden -> visible
2021-04-26 18:48:29 -04:00
Cole Helbling
c757867b9e
Add homepage to Projects schema
2021-04-26 15:46:30 -07:00
Cole Helbling
221cc0663d
hydra-api: hidden -> visible
...
The PUT API doesn't accept `hidden` (even though the GET API responds with it).
2021-04-26 15:28:20 -07:00
Graham Christensen
2dfcd411da
Merge pull request #928 from cole-h/put-project
...
hydra-api: add missing properties to PUT /project/{id}
2021-04-26 15:06:05 -04:00
Cole Helbling
36da978489
hydra-api: add missing properties to PUT /project/{id}
2021-04-26 12:01:11 -07:00
Graham Christensen
453b8479be
Merge pull request #927 from cole-h/nonexistent-user-400
...
Return HTTP 400 when creating Project with nonexistent user
2021-04-26 14:40:15 -04:00
Cole Helbling
47e19ba22c
Return HTTP 400 when creating Project with nonexistent user
2021-04-26 11:32:39 -07:00
Graham Christensen
bc292db45b
Merge pull request #923 from Ma27/mail-auth
...
Add AuthenSASL to perl deps; improve email docs
2021-04-26 13:11:21 -04:00
Maximilian Bosch
963085a04a
Add AuthenSASL to perl deps; improve email docs
...
The addition of AuthenSASL seems to be necessary to properly
authenticate against an SMTP server. Without this I got errors
such as
error with Hydra::Plugin::EmailNotification=HASH(0x6ad0128)->buildFinished: SMTP auth requires MIME::Base64 and Authen::SASL
2021-04-26 18:33:57 +02:00
Graham Christensen
18c02afe77
Merge pull request #921 from Ma27/email-notification-create-jobset
...
Make it possible to enable email notifications when creating a jobset
2021-04-26 11:22:17 -04:00
Maximilian Bosch
21ed005c84
Make it possible to enable email notifications when creating a jobset
...
The checkbox is only enabled if `email_notification = 1` is set in
`hydra.conf`. However, when creating jobset (in contrast to the edit
form), the checkbox is always disabled because the `emailNotification`
parameter in Catalyst's stash was missing.
2021-04-24 19:48:43 +02:00
Eelco Dolstra
85e299d3d7
flake.lock: Update
...
Flake input changes:
* Updated 'nix': 'github:NixOS/nix/906adadacd2d1c98346a2f42c0b42a32d2806d94' -> 'github:NixOS/nix/d9864be4b757468d33bc49edddce5e4f04ef4b90'
2021-04-22 10:44:21 +02:00
Eelco Dolstra
a53f6657ee
Remove gc-check-reachability setting
...
It no longer exists on nix master.
2021-04-20 13:35:39 +02:00
Graham Christensen
1bb1ba6928
Merge pull request #916 from grahamc/argon2-nested
...
Rehash existing sha1 passwords with Argon2
2021-04-17 08:46:52 -04:00
Graham Christensen
05636de7d2
hydra-init: upgrade passwords to Argon2 on startup
2021-04-16 12:32:13 -04:00
Graham Christensen
79b0ddc27d
hydra-create-user: re-hash sha1 as Argon2
2021-04-16 12:32:13 -04:00
Graham Christensen
d10d8964f2
Users: add a validation step which lets the user's password be a Argon2 hashed sha1 hash.
...
OWASP suggests expiring all passwords and requiring users to update their password.
However, we don't have a way to do this. They suggest this mechanism
as a good alternative:
https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#upgrading-legacy-hashes
2021-04-16 12:32:13 -04:00
Eelco Dolstra
fa924ea697
Merge pull request #915 from grahamc/hydra-auth
...
Hydra auth: support Argon2, transparently upgrade hashes
2021-04-15 17:40:32 +02:00
Graham Christensen
9225be0897
Drop remaining sha1_hex references
...
Co-authored-by: Graham Christensen <graham@grahamc.com>
2021-04-15 11:35:18 -04:00
Graham Christensen
1d956be61e
hydra-create-user: support Argon2
...
Co-authored-by: Graham Christensen <graham@grahamc.com>
2021-04-15 11:35:16 -04:00
Graham Christensen
beb5be4302
Users: password changes via the web UI now use Argon2
...
Co-authored-by: Graham Christensen <graham@grahamc.com>
2021-04-15 11:35:13 -04:00
Graham Christensen
1da70030b7
Users: transparently upgrade passwords to Argon2
...
Passwords that are sha1 will be transparently upgraded to argon2,
and future comparisons will use Argon2
Co-authored-by: Graham Christensen <graham@grahamc.com>
2021-04-15 11:35:11 -04:00
Graham Christensen
29620df85e
Passwords: check in constant time
...
The default password comparison logic does not use
constant time validation. Switching to constant time
offers a meager improvement by removing a timing
oracle.
A prepatory step in moving to Argon2id password storage, since we'll need this change anyway after
for validating existing passwords.
Co-authored-by: Graham Christensen <graham@grahamc.com>
2021-04-15 11:34:56 -04:00
Graham Christensen
d4d8f1ba1b
Plugin::Authentication config: modernize
...
Some time in the last decade the plugin switched to preferring
a flatter namespace for realm config.
Co-authored-by: Graham Christensen <graham@grahamc.com>
2021-04-15 11:34:47 -04:00