From b9c3a3d2f9def292af58037c92b357a258bcc629 Mon Sep 17 00:00:00 2001
From: Christian Kellner <christian@kellner.me>
Date: Fri, 25 Sep 2020 18:53:41 +0200
Subject: [PATCH] all: sync with composer changes

Upstream composer has introduce a few changes that we need to
adapt for:

 - the koji composer API is now exposed on the standard https
   port (443). Thus koji hub and web need to move to a different
   pair: 8080 (http) and 4343 (https). Change the scripts and
   tests for that

 - the koji API gained a prefix 'api/composer-koji/v1/'. Change
   client and unit tests to use that prefix. Use urljoin to
   create new APIs

 - composer configuration format (osbuild-composer.toml) has
   changed and now also includes configuration for the CA
   and allowed domains

 - update the composer RPM repositories to the commit for the
   21 upstream release.
---
 container/builder/osbuild-koji.conf             |  4 ++--
 container/hub/hub.conf                          |  2 +-
 make-tags.sh                                    |  2 +-
 plugins/builder/osbuild.py                      | 10 ++++++----
 run-koji-container.sh                           |  4 ++--
 schutzbot/repos/fedora/32/osbuild-composer.repo |  4 ++--
 schutzbot/repos/rhel/8.2/osbuild-composer.repo  |  4 ++--
 test/data/osbuild-composer.toml                 | 10 +++++++++-
 test/integration.sh                             |  2 +-
 test/integration/test_koji.py                   |  2 +-
 test/unit/test_builder.py                       | 10 +++++++---
 11 files changed, 34 insertions(+), 20 deletions(-)

diff --git a/container/builder/osbuild-koji.conf b/container/builder/osbuild-koji.conf
index aa86d23..3140f61 100644
--- a/container/builder/osbuild-koji.conf
+++ b/container/builder/osbuild-koji.conf
@@ -1,7 +1,7 @@
 [composer]
-url = https://composer:8701/
+url = https://composer/
 ssl_cert = /share/worker-crt.pem, /share/worker-key.pem
 ssl_verify = /share/worker-ca.pem
 
 [koji]
-url = https://localhost/kojihub/
+url = https://localhost:4343/kojihub/
diff --git a/container/hub/hub.conf b/container/hub/hub.conf
index 6dba6e8..70a90c3 100644
--- a/container/hub/hub.conf
+++ b/container/hub/hub.conf
@@ -28,7 +28,7 @@ ProxyDNs = CN=koji,OU=kojiweb,O=RH,L=BE,ST=BE,C=DE
 
 ##  Other options  ##
 LoginCreatesUser = Off
-KojiWebURL = http://localhost/koji
+KojiWebURL = http://localhost:8080/koji
 EmailDomain = kojihub.local
 NotifyOnSuccess = False
 DisableNotifications = True
diff --git a/make-tags.sh b/make-tags.sh
index 5ab662c..a265ccd 100755
--- a/make-tags.sh
+++ b/make-tags.sh
@@ -1,7 +1,7 @@
 #!/usr/bin/sh
 set -ux
 
-KOJI="koji --server=http://localhost/kojihub --user=kojiadmin --password=kojipass --authtype=password"
+KOJI="koji --server=http://localhost:8080/kojihub --user=kojiadmin --password=kojipass --authtype=password"
 
 $KOJI add-tag f32
 $KOJI add-tag --parent f32 f32-candidate
diff --git a/plugins/builder/osbuild.py b/plugins/builder/osbuild.py
index 261da9e..3649836 100644
--- a/plugins/builder/osbuild.py
+++ b/plugins/builder/osbuild.py
@@ -33,13 +33,14 @@ from koji.daemon import fast_incremental_upload
 from koji.tasks import BaseTaskHandler
 
 
-DEFAULT_COMPOSER_URL = "http://localhost:8701/"
+DEFAULT_COMPOSER_URL = "https://localhost"
 DEFAULT_KOJIHUB_URL = "https://localhost/kojihub"
 DEFAULT_CONFIG_FILES = [
     "/usr/share/koji-osbuild/builder.conf",
     "/etc/koji-osbuild/builder.conf"
 ]
 
+API_BASE = "api/composer-koji/v1/"
 
 # The following classes are a implementation of osbuild composer's
 # koji API. It is based on the corresponding OpenAPI specification
@@ -159,7 +160,8 @@ class ComposeStatus:
 
 class Client:
     def __init__(self, url):
-        self.url = url
+        self.server = url
+        self.url = urllib.parse.urljoin(url, API_BASE)
         self.http = requests.Session()
 
     @staticmethod
@@ -175,7 +177,7 @@ class Client:
         return certs
 
     def compose_create(self, compose_request: ComposeRequest):
-        url = urllib.parse.urljoin(self.url, f"/compose")
+        url = urllib.parse.urljoin(self.url, "compose")
 
         data = compose_request.as_dict()
         res = self.http.post(url, json=data)
@@ -190,7 +192,7 @@ class Client:
         return compose_id, koji_build_id
 
     def compose_status(self, compose_id: str):
-        url = urllib.parse.urljoin(self.url, f"/compose/{compose_id}")
+        url = urllib.parse.urljoin(self.url, f"compose/{compose_id}")
 
         res = self.http.get(url)
 
diff --git a/run-koji-container.sh b/run-koji-container.sh
index dfd3542..bd94dbf 100755
--- a/run-koji-container.sh
+++ b/run-koji-container.sh
@@ -106,8 +106,8 @@ koji_start() {
   ${CONTAINER_RUNTIME} run -d --name org.osbuild.koji.koji --network org.osbuild.koji \
     -v "${SHARE_DIR}:/share:z" \
     -v "${DATA_DIR}:/mnt:z" \
-    -p 80:80 \
-    -p 443:443 \
+    -p 8080:80 \
+    -p 4343:443 \
     -e POSTGRES_USER=koji \
     -e POSTGRES_PASSWORD=kojipass \
     -e POSTGRES_DB=koji \
diff --git a/schutzbot/repos/fedora/32/osbuild-composer.repo b/schutzbot/repos/fedora/32/osbuild-composer.repo
index 47542fd..d076384 100644
--- a/schutzbot/repos/fedora/32/osbuild-composer.repo
+++ b/schutzbot/repos/fedora/32/osbuild-composer.repo
@@ -1,6 +1,6 @@
 [osbuild-mock]
-name=osbuild mock osbuild/osbuild-composer/master-8ccbde8 fedora32
-baseurl=http://osbuild-composer-repos.s3-website.us-east-2.amazonaws.com/osbuild/osbuild-composer/master/8ccbde8/fedora32_x86_64
+name=osbuild mock osbuild/osbuild-composer/master-eb01680 fedora32
+baseurl=http://osbuild-composer-repos.s3-website.us-east-2.amazonaws.com/osbuild/osbuild-composer/master/eb01680/fedora32_x86_64
 enabled=1
 gpgcheck=0
 # Default dnf repo priority is 99. Lower number means higher priority.
diff --git a/schutzbot/repos/rhel/8.2/osbuild-composer.repo b/schutzbot/repos/rhel/8.2/osbuild-composer.repo
index e39dedb..7cb16b0 100644
--- a/schutzbot/repos/rhel/8.2/osbuild-composer.repo
+++ b/schutzbot/repos/rhel/8.2/osbuild-composer.repo
@@ -1,6 +1,6 @@
 [osbuild-mock]
-name=osbuild mock osbuild/osbuild-composer/master-8ccbde8 rhel82
-baseurl=http://osbuild-composer-repos.s3-website.us-east-2.amazonaws.com/osbuild/osbuild-composer/master/8ccbde8/rhel82_x86_64
+name=osbuild mock osbuild/osbuild-composer/master-eb01680 rhel82
+baseurl=http://osbuild-composer-repos.s3-website.us-east-2.amazonaws.com/osbuild/osbuild-composer/master/eb01680/rhel82_x86_64
 enabled=1
 gpgcheck=0
 # Default dnf repo priority is 99. Lower number means higher priority.
diff --git a/test/data/osbuild-composer.toml b/test/data/osbuild-composer.toml
index 4cd23dc..567f5b4 100644
--- a/test/data/osbuild-composer.toml
+++ b/test/data/osbuild-composer.toml
@@ -1,3 +1,11 @@
-[koji.localhost.kerberos]
+[koji]
+allowed_domains = ["localhost", "composer", "::1"]
+ca = "/etc/osbuild-composer/ca-crt.pem"
+
+[koji.servers.localhost.kerberos]
 principal = "osbuild-krb@LOCAL"
 keytab = "/etc/osbuild-composer/client.keytab"
+
+[worker]
+allowed_domains = ["localhost", "composer"]
+ca = "/etc/osbuild-composer/ca-crt.pem"
diff --git a/test/integration.sh b/test/integration.sh
index f9107b2..33dcef0 100755
--- a/test/integration.sh
+++ b/test/integration.sh
@@ -56,7 +56,7 @@ greenprint "Copying credentials and certificates"
 sudo test/copy-creds.sh
 
 greenprint "Testing Koji hub API access"
-koji --server=http://localhost/kojihub --user=osbuild --password=osbuildpass --authtype=password hello
+koji --server=http://localhost:8080/kojihub --user=osbuild --password=osbuildpass --authtype=password hello
 
 greenprint "Starting koji builder"
 sudo ./run-builder.sh start
diff --git a/test/integration/test_koji.py b/test/integration/test_koji.py
index 4a798a2..7e4a9ef 100644
--- a/test/integration/test_koji.py
+++ b/test/integration/test_koji.py
@@ -55,7 +55,7 @@ class TestIntegration(unittest.TestCase):
 
     def setUp(self):
         global_args = dict(
-            server="http://localhost/kojihub",
+            server="http://localhost:8080/kojihub",
             user="kojiadmin",
             password="kojipass",
             authtype="password")
diff --git a/test/unit/test_builder.py b/test/unit/test_builder.py
index 0080c59..66490cd 100644
--- a/test/unit/test_builder.py
+++ b/test/unit/test_builder.py
@@ -7,6 +7,7 @@ import json
 import os
 import sys
 import tempfile
+import urllib.parse
 import uuid
 import unittest.mock
 from flexmock import flexmock
@@ -17,9 +18,12 @@ import httpretty
 from plugintest import PluginTest
 
 
+API_BASE = "api/composer-koji/v1/"
+
+
 class MockComposer:
     def __init__(self, url, *, architectures=["x86_64"]):
-        self.url = url
+        self.url = urllib.parse.urljoin(url, API_BASE)
         self.architectures = architectures[:]
         self.composes = {}
         self.errors = []
@@ -29,7 +33,7 @@ class MockComposer:
     def httpretty_regsiter(self):
         httpretty.register_uri(
             httpretty.POST,
-            self.url + "compose",
+            urllib.parse.urljoin(self.url, "compose"),
             body=self.compose_create
         )
 
@@ -68,7 +72,7 @@ class MockComposer:
 
         httpretty.register_uri(
             httpretty.GET,
-            self.url + "compose/" + compose_id,
+            urllib.parse.urljoin(self.url, "compose/" + compose_id),
             body=self.compose_status
         )