Merge branch 'Tecnativa:master' into master

5 months ago · 1cb2c62e55
parent 2bae2cc840 75d40ca5e2
commit 1cb2c62e55
4 changed files with 22 additions and 9 deletions
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@ -11,7 +11,7 @@ repos:
        language: fail
        files: "\\.rej$"
  - repo: https://github.com/pre-commit/mirrors-prettier
-    rev: v2.7.1
+    rev: v3.0.3
    hooks:
      - id: prettier
        additional_dependencies:
@ -20,7 +20,7 @@ repos:
        args:
          - --plugin=@prettier/plugin-xml
  - repo: https://github.com/myint/autoflake
-    rev: v1.4
+    rev: v2.2.1
    hooks:
      - id: autoflake
        args:
@ -31,21 +31,21 @@ repos:
          - --remove-duplicate-keys
          - --remove-unused-variables
  - repo: https://github.com/asottile/pyupgrade
-    rev: v2.34.0
+    rev: v3.13.0
    hooks:
      - id: pyupgrade
  - repo: https://github.com/psf/black
-    rev: 22.3.0
+    rev: 23.9.1
    hooks:
      - id: black
  - repo: https://github.com/timothycrosley/isort
-    rev: 5.10.1
+    rev: 5.12.0
    hooks:
      - id: isort
        args:
          - --settings=.
  - repo: https://github.com/pycqa/flake8
-    rev: 3.9.2
+    rev: 6.1.0
    hooks:
      - &flake8
        id: flake8
@ -60,7 +60,7 @@ repos:
          - --extend-ignore=F401
        files: /__init__\.py$
  - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.3.0
+    rev: v4.4.0
    hooks:
      - id: check-case-conflict
      - id: check-executables-have-shebangs
--- a/2
+++ b/2
@ -2,6 +2,8 @@ FROM haproxy:2.2-alpine

 EXPOSE 2375
 ENV ALLOW_RESTARTS=0 \
+    ALLOW_STOP=0 \
+    ALLOW_START=0 \
    AUTH=0 \
    BUILD=0 \
    COMMIT=0 \
--- a/README.md
+++ b/README.md
@ -125,6 +125,9 @@ extremely critical but can expose some information that your service does not ne
 -   `COMMIT`
 -   `CONFIGS`
 -   `CONTAINERS`
+-   `ALLOW_START` (containers/`id`/`start`)
+-   `ALLOW_STOP` (containers/`id`/`stop`)
+-   `ALLOW_RESTARTS` (containers/`id`/`stop`|`restart`|`kill`)
 -   `DISTRIBUTION`
 -   `EXEC`
 -   `GRPC`
@ -230,7 +233,7 @@ env DOCKER_IMAGE_NAME=my_custom_image poetry run pytest
 ## Logging

 You can set the logging level or severity level of the messages to be logged with the
-environment variable `LOG_LEVEL`. Defaul value is info. Possible values are: debug,
+environment variable `LOG_LEVEL`. Default value is info. Possible values are: debug,
 info, notice, warning, err, crit, alert and emerg.

 ## Supported API versions
--- a/haproxy.cfg
+++ b/haproxy.cfg
@ -39,10 +39,16 @@ defaults
 backend dockerbackend
    server dockersocket $SOCKET_PATH

+backend docker-events
+    server dockersocket $SOCKET_PATH
+    timeout server 0
+
 frontend dockerfrontend
-    bind :2375
+    bind :::2375 v4v6
    http-request deny unless METH_GET || { env(POST) -m bool }
    http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[a-zA-Z0-9_.-]+/((stop)|(restart)|(kill)) } { env(ALLOW_RESTARTS) -m bool }
+    http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[a-zA-Z0-9_.-]+/start } { env(ALLOW_START) -m bool }
+    http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[a-zA-Z0-9_.-]+/stop } { env(ALLOW_STOP) -m bool }
    http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/auth } { env(AUTH) -m bool }
    http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/build } { env(BUILD) -m bool }
    http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/commit } { env(COMMIT) -m bool }
@ -68,3 +74,5 @@ frontend dockerfrontend
    http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/volumes } { env(VOLUMES) -m bool }
    http-request deny
    default_backend dockerbackend
+
+    use_backend docker-events if { path,url_dec -m reg -i ^(/v[\d\.]+)?/events }