Story #4181
closedStory #3693: Lazy for Pulp3
As a streamer user, I have content protection like in Pulp itself
100%
Description
Problem¶
Content that should be protected could be fetched by unauthorized clients via the streamer which could either (a) fetch the content fresh and hand it to the client or (b) serve up an already-saved Artifact from Pulp's filesystem.
One Solution: Signed URLs¶
This is how we did it in Pulp 2. The client authorization for that content is checked in the content app. Then when Pulp redirects the client it signs it with a time-limited signature. Then that redirect is validated by a webserver, e.g. apache, nginx, gunicorn, etc. If the url is valid, the url is reverse proxy sent to either squid or the streamer itself.
The downsides here are that each webserver will need to handle this differently so Pulp remaining webserver agnostic is unlikely.
Also it makes the architecture a lot more complicated introducing additional dependencies, crypto calls, and an additional webserver everywhere the streamer is run.
Another Solution: Don't Use Squid Temporarily¶
Add the content protection to the streamer app the same way it was added to the content app. This would cause squid to never be able to be used though because content cached in front of the streamer couldn't be protected and could be fetched by another client.
Not using squid mainly affects repos with policy='cache_only' which serves the content and then forgets it. This means there is no caching w/ that setting.
Note that with policy='on_demand' the only downsides are multiple requests arriving at the streamer for the same file before the first one completes would not be de-duplicated like squid would have done. Once the first request saves the Artifact, additional requests are de-duplicated.
Adds the content app to pulpcore.content
The Settings can be a lot simpler now that the architecture no longer required redirection. It does need to account for the content being served on a different HOST. This PR handles that.
Since the settings are now single values, they are much easier to override using Dynaconf, which is great.
The content app can be removed now that the streamer code is handling it all.
This PR is a prototype and has no docs. Use Pulp as normal , but run the streamer from github.com/bmbouter/pulp_streamer/ and run the streamer with:
gunicorn pulpcore.streamer:server --bind localhost:8080 --worker-class aiohttp.GunicornWebWorker -w 2
This PR needs pulp-smash changes from pulp_file so it requires the PR below:
Required PR: https://github.com/pulp/pulp_file/pull/140
https://pulp.plan.io/issues/4239 closes #4239
https://pulp.plan.io/issues/3698 closes #3698
https://pulp.plan.io/issues/3699 closes #3699
https://pulp.plan.io/issues/4181 closes #4181
https://pulp.plan.io/issues/4243 closes #4243