dbee214259
support serving the API over unix domain socket
...
`unix://$PATH` as listen argument will bind aptly to a unix domain socket
rather than TCP.
This allows binding the API to a UDS rather than a port.
Since aptly has no concept of authentication or any amount of high level
API hardening one needs to bottle it up in some other manner. Binding
to a localhost port is often a step in the right direction, ultimately is
still a scary insecure setup as any user on that host getting compromised
would mean that the entire archive is compromised as well.
UDS on the other hand are basically files and have their access managed
by regular file permission. As such, binding to a socket is in fact
the least insecure way to listen as you'd have to explicitly open up the
socket permissions to an access qualified group. In the most conservative
scenario that means no one but the aptly user can talk to the API, in a
more practical setup apache might get access as well and proxy the UDS
with authentication or limited to GET operations.
Using UDS allows reducing the attack surface of the API server while
preserving all the flexibility.
2017-02-28 09:58:39 +01:00
5a71847b7f
Simplify test implementation
2017-02-15 20:18:47 +01:00
4456f8da57
Refactor
2017-02-15 20:18:47 +01:00
970b1a424a
Fix bugged implementation
2017-02-15 20:18:47 +01:00
edffa24658
Test startup checks for serve command
2017-02-15 20:18:47 +01:00
33d6cd8c0a
Allow filter to be empty for aptly * search commands
...
Empty filter implies "select all packages".
2017-02-10 23:07:06 +03:00
92116072c2
Fix and enable broken graph layout tests
2017-01-20 02:19:45 +01:00
4bf27d1dae
Merge branch 'master' into master
2017-01-19 23:07:49 +01:00
b0dd83335f
Merge branch 'master' into print_sources
2017-01-19 00:50:13 +03:00
7c62a706c4
Disable tests failing due to inappropriate test data
2017-01-17 01:04:07 +01:00
96948d6f18
Basic test of graph layout
2017-01-17 00:46:51 +01:00
345fa02fdc
Allow requesting the unrendered dot graph from the graph endpoint
...
When api/graph.{dot,gv} is requested the raw string for dot gets returned.
This allows client-side rendering rather than server-side. It also makes
the optional dependency on graphivz for dot unnecessary to use the graph
endpoint.
2017-01-13 12:57:42 +01:00
0fdee9cbf6
Added publish show command
2017-01-10 10:59:07 +01:00
50e3e93166
print snapshot sources in snapshot show command
2017-01-09 17:29:01 +01:00
f939532461
added exit code 2 for go 1.5 support
2016-06-22 21:59:56 -07:00
aa4e225455
fix unit tests
2016-06-22 21:00:51 -07:00
65541a1df2
Fix system tests.
2016-05-16 13:02:00 +03:00
902c6487da
Merge branch 'master' of https://github.com/dstelter/aptly into dstelter-master
2016-05-16 12:06:00 +03:00
1d5b7f59cf
Update system tests.
2016-05-16 11:38:20 +03:00
1c45c79cc1
Allow overriding architecture info from Release file
...
Adds a flag -force-architectures to ignore missing architectures from
mirrors. This flag can be used in cases where the mirrored repository
does not provide an "Architecture: " line.
Example Release file:
http://mitaka-jessie.pkgs.mirantis.com/debian/dists/jessie-mitaka-backports/Release
2016-05-16 03:25:00 +02:00
7a8af044ee
0.9.8~dev version.
2016-04-21 12:24:36 +03:00
a667744502
Updte system tests.
2016-04-18 13:16:34 +03:00
52f7c83f95
Release 0.9.7.
2016-04-18 12:30:36 +03:00
ff52d2655a
Fix package search missing duplicate packages. #225
...
Implement package list with duplicate entries, use it when
initiating search from PackageCollection.
2016-03-22 12:23:13 +03:00
60cca0245b
Fix system tests.
2016-03-20 22:01:41 +03:00
cfaa8f3881
Fix system tests.
2016-03-10 18:42:40 +03:00
b966b2eabf
Fix HOME expansion.
2016-03-02 13:56:11 +03:00
a4e573bb07
Fix system tests after squeeze->squeeze-lts move.
2016-03-02 13:25:12 +03:00
a29453805c
Publish under root using :. explicit prefix. #339
2016-03-01 12:34:59 +03:00
ee05bb23c9
Fix Swift tests for SHA512.
2016-02-18 12:29:12 +03:00
77be7b9e3b
Support for SHA-512 hashes on publishing/downloads.
2016-02-18 12:01:51 +03:00
f50e008763
Make 'SkipContents' configurable in API. #345
...
Also add global configuration to disable 'skipContents' by
default for all new published repos/snapshots.
2016-02-14 14:49:16 +03:00
fd30b37a0e
Bump version to 0.9.7~dev.
2016-01-24 23:15:23 +03:00
9738687116
Add -no-lock to aptly api serve to excercise locking.
2016-01-24 23:02:46 +03:00
219315c01d
Fix one more system test on version.
2016-01-24 22:45:53 +03:00
62f44e53fd
Version bump to 0.9.6.
2016-01-24 21:48:33 +03:00
631fe44c6b
Security: don't download files we don't have checksums for. #324
2015-12-22 13:52:53 +03:00
08bc5ac934
Fix system tests for Go 1.5.
...
Some error strings in Go 1.5 have changed. Until we have something
better for that, use string replace.
2015-09-22 12:40:42 +03:00
c160cbccc7
Fix mirror system tests.
2015-09-22 11:42:05 +03:00
8bda799545
Support for Go-style templating in format for aptly * search. #254
2015-07-02 12:19:41 +03:00
6c28e3aca8
Update flat repository.
2015-06-26 13:24:31 +03:00
901babe500
Fix test.
2015-06-26 13:15:11 +03:00
0c6f38ab08
Fix system test.
2015-06-26 13:09:57 +03:00
974cec3e73
Fix publish tests.
2015-06-26 03:14:22 +03:00
442c5f090f
Fix package tests.
2015-06-26 03:08:22 +03:00
40e48c963a
Revert "Update publish tests, as some multiline fields are actually multiline."
...
This reverts commit a030e24b96
2015-06-18 03:33:09 +03:00
e39736153d
Update package tests.
2015-06-18 03:29:12 +03:00
f032196d70
Mirror has been updated.
2015-06-18 02:15:39 +03:00
a030e24b96
Update publish tests, as some multiline fields are actually multiline.
2015-06-18 02:13:15 +03:00
a88d92436f
Fix system test for mirrors list.
2015-05-29 00:15:54 +03:00
Harald Sitter
jola5
Andrey Smirnov
jola5
Oliver Sauder
Blake Kostner
Daniel Stelter-Gliese