Merge pull request #113 from fedora-infra/wipe_tokens

Wipe GitLab Runners tokens and ensure they stay wiped

pagure_exporter/conf/standard.py

@@ -116,6 +116,12 @@
 srcecloc = "UNAVAILABLE"
 destcloc = "UNAVAILABLE"
 
+# Regular expression to help detection of the GitLab Runners token in response body
+detect = "\"runners_token\":\"[A-Za-z0-9]+\""
+
+# Placeholder string to substitute the detected GitLab Runners tokens in response body
+cutout = "\"runners_token\":\"SECURE_STANDARD_PASSWORD_HERE\""
+
 # GitLab client object to be used while interacting with the destination namespace
 gobj = None
 

test/cassettes/test_stat/test_stat_destdata_obtninfo[Checking for possible errors while attempting to authenticate in the destination namespace using wrong credentials].yaml

@@ -34,14 +34,14 @@ interactions:
       Content-Length:
       - '902'
       Content-Security-Policy:
-      - default-src 'self';script-src 'self' 'nonce-GBims42pVTUFADn0L4ybq7G4S'; style-src
-        'self' 'nonce-GBims42pVTUFADn0L4ybq7G4S'; object-src 'none';base-uri 'self';img-src
+      - default-src 'self';script-src 'self' 'nonce-SCaJvJw9onhzXWteteBlJfhGj'; style-src
+        'self' 'nonce-SCaJvJw9onhzXWteteBlJfhGj'; object-src 'none';base-uri 'self';img-src
         'self' https:;connect-src 'self' https://pagure.io:8088;frame-src https://docs.pagure.org;frame-ancestors
         https://pagure.io;
       Content-Type:
       - application/json
       Date:
-      - Tue, 05 Mar 2024 04:20:05 GMT
+      - Wed, 06 Mar 2024 02:29:41 GMT
       Keep-Alive:
       - timeout=5, max=100
       Referrer-Policy:
@@ -84,19 +84,19 @@ interactions:
       CF-Cache-Status:
       - MISS
       CF-RAY:
-      - 85f74fc2089094ce-CCU
+      - 85feeb68789294b0-CCU
       Connection:
       - keep-alive
       Content-Length:
       - '30'
       Content-Type:
       - application/json
       Date:
-      - Tue, 05 Mar 2024 04:20:06 GMT
+      - Wed, 06 Mar 2024 02:29:42 GMT
       NEL:
       - '{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}'
       Report-To:
-      - '{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hQ2nSmJ%2BOf2nYAH3ZU0UnHhq2rlyL643n8tt%2B3dAvcPIzUrui%2FoLzmvDMMoS4otPWjqqHKkf%2FPJV6tB4qzaC2%2BgI59ROj0MznnAsuXGe7lpXEltNUwjiTdAvE3GG9ncVWR0olOIEoE%3D"}],"group":"cf-nel","max_age":604800}'
+      - '{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xKJOUV3cm2xVYzxufG%2BykJh8KAc5tk3X2%2BotUZ4wn2VwrPa6HerDRdjGbGzils6IgmzGTjE0BXGrUzNerxNxmodqxUMWPePxODVfgZERUESL8EooU3dmFsu4nOBuKxp9%2FGYBp%2FD9vP8%3D"}],"group":"cf-nel","max_age":604800}'
       Server:
       - cloudflare
       Set-Cookie: ''
@@ -105,135 +105,7 @@ interactions:
       content-security-policy:
       - default-src 'none'
       gitlab-lb:
-      - haproxy-main-55-lb-gprd
-      gitlab-sv:
-      - api-gke-us-east1-c
-      referrer-policy:
-      - strict-origin-when-cross-origin
-      strict-transport-security:
-      - max-age=31536000
-      vary:
-      - Origin, Accept-Encoding
-      x-content-type-options:
-      - nosniff
-      x-frame-options:
-      - SAMEORIGIN
-      x-gitlab-meta:
-      - '{"correlation_id":"fb7944fe3213b94f8578ff5f46972d2f","version":"1"}'
-      x-request-id:
-      - fb7944fe3213b94f8578ff5f46972d2f
-      x-runtime:
-      - '0.021086'
-    status:
-      code: 401
-      message: Unauthorized
-- request:
-    body: null
-    headers:
-      Accept:
-      - '*/*'
-      Accept-Encoding:
-      - gzip, deflate
-      Connection:
-      - keep-alive
-      User-Agent:
-      - python-requests/2.31.0
-    method: GET
-    uri: https://pagure.io/api/0/protop2g-test-srce
-  response:
-    body:
-      string: "{\n  \"access_groups\": {\n    \"admin\": [], \n    \"collaborator\":
-        [], \n    \"commit\": [], \n    \"ticket\": []\n  }, \n  \"access_users\":
-        {\n    \"admin\": [], \n    \"collaborator\": [], \n    \"commit\": [], \n
-        \   \"owner\": [\n      \"t0xic0der\"\n    ], \n    \"ticket\": []\n  }, \n
-        \ \"close_status\": [], \n  \"custom_keys\": [], \n  \"date_created\": \"1697168063\",
-        \n  \"date_modified\": \"1697168063\", \n  \"description\": \"The source namespace
-        for the Pagure Exporter project to run tests against\", \n  \"full_url\":
-        \"https://pagure.io/protop2g-test-srce\", \n  \"fullname\": \"protop2g-test-srce\",
-        \n  \"id\": 17042, \n  \"milestones\": {}, \n  \"name\": \"protop2g-test-srce\",
-        \n  \"namespace\": null, \n  \"parent\": null, \n  \"priorities\": {}, \n
-        \ \"tags\": [], \n  \"url_path\": \"protop2g-test-srce\", \n  \"user\": {\n
-        \   \"full_url\": \"https://pagure.io/user/t0xic0der\", \n    \"fullname\":
-        \"Akashdeep Dhar\", \n    \"name\": \"t0xic0der\", \n    \"url_path\": \"user/t0xic0der\"\n
-        \ }\n}\n"
-    headers:
-      Connection:
-      - Upgrade, Keep-Alive
-      Content-Length:
-      - '902'
-      Content-Security-Policy:
-      - default-src 'self';script-src 'self' 'nonce-DdDNEEHtr4deyPfVpRCVn7Qjd'; style-src
-        'self' 'nonce-DdDNEEHtr4deyPfVpRCVn7Qjd'; object-src 'none';base-uri 'self';img-src
-        'self' https:;connect-src 'self' https://pagure.io:8088;frame-src https://docs.pagure.org;frame-ancestors
-        https://pagure.io;
-      Content-Type:
-      - application/json
-      Date:
-      - Tue, 05 Mar 2024 05:21:00 GMT
-      Keep-Alive:
-      - timeout=5, max=100
-      Referrer-Policy:
-      - same-origin
-      Server:
-      - Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1k mod_wsgi/4.6.4 Python/3.6
-      Set-Cookie: ''
-      Strict-Transport-Security:
-      - max-age=31536000; includeSubDomains; preload
-      Upgrade:
-      - h2,h2c
-      X-Content-Type-Options:
-      - nosniff
-      X-Frame-Options:
-      - ALLOW-FROM https://pagure.io/
-      X-Xss-Protection:
-      - 1; mode=block
-    status:
-      code: 200
-      message: OK
-- request:
-    body: null
-    headers:
-      Accept:
-      - '*/*'
-      Accept-Encoding:
-      - gzip, deflate
-      Connection:
-      - keep-alive
-      Content-type:
-      - application/json
-      User-Agent:
-      - python-gitlab/4.4.0
-    method: GET
-    uri: https://gitlab.com/api/v4/projects/42823949
-  response:
-    body:
-      string: '{"message":"401 Unauthorized"}'
-    headers:
-      CF-Cache-Status:
-      - MISS
-      CF-RAY:
-      - 85f7a8fb5b3e93cb-CCU
-      Connection:
-      - keep-alive
-      Content-Length:
-      - '30'
-      Content-Type:
-      - application/json
-      Date:
-      - Tue, 05 Mar 2024 05:21:01 GMT
-      NEL:
-      - '{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}'
-      Report-To:
-      - '{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGsdIcTDHtqi68K9laqmUvAbBBtpZ%2FUj2p2lCR0HwJiHxWxpCES9YU8DLMVBR1BKRo7IVdLi6PN4pMNvWZvWA7v4JmV1MZGFIeqYA60VyORJGHyCErTwG8odNVWVf0ixEVNKHCH57xM%3D"}],"group":"cf-nel","max_age":604800}'
-      Server:
-      - cloudflare
-      Set-Cookie: ''
-      cache-control:
-      - no-cache
-      content-security-policy:
-      - default-src 'none'
-      gitlab-lb:
-      - haproxy-main-59-lb-gprd
+      - haproxy-main-53-lb-gprd
       gitlab-sv:
       - api-gke-us-east1-d
       referrer-policy:
@@ -247,11 +119,11 @@ interactions:
       x-frame-options:
       - SAMEORIGIN
       x-gitlab-meta:
-      - '{"correlation_id":"5e914f8bd7d3cf8369ef7d8d2dc0b8f6","version":"1"}'
+      - '{"correlation_id":"50ea7fd0afb6f4a2b6f981bc8977721f","version":"1"}'
       x-request-id:
-      - 5e914f8bd7d3cf8369ef7d8d2dc0b8f6
+      - 50ea7fd0afb6f4a2b6f981bc8977721f
       x-runtime:
-      - '0.021041'
+      - '0.027991'
     status:
       code: 401
       message: Unauthorized