[varnish-agent] Initial import (#1008189)
Dridi Boukelmoune
dridi at fedoraproject.org
Mon Dec 9 13:57:06 UTC 2013
commit 93428b55b31bc3fabab8802792ca6dfa1287585a
Author: Dridi Boukelmoune <dridi.boukelmoune at gmail.com>
Date: Mon Dec 9 14:52:03 2013 +0100
Initial import (#1008189)
.gitignore | 1 +
agent.params | 14 ++++
sources | 1 +
vagent.automake.patch | 9 ++
vagent.configure.patch | 13 +++
vagent.disable_ban_tests.patch | 12 +++
vagent.secret_privileges.patch | 79 ++++++++++++++++++++
vagent.test_suite.patch | 161 ++++++++++++++++++++++++++++++++++++++++
varnish-agent.service | 23 ++++++
varnish-agent.spec | 118 +++++++++++++++++++++++++++++
10 files changed, 431 insertions(+), 0 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index e69de29..e66617e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1 @@
+/2.1.tar.gz
diff --git a/agent.params b/agent.params
new file mode 100644
index 0000000..a3f30fc
--- /dev/null
+++ b/agent.params
@@ -0,0 +1,14 @@
+# Varnish-agent environment configuration description. This was derived
+# from the old style sysconfig/defaults settings
+
+# Default port to bind to.
+VAGENT_PORT=6085
+
+# Default location of the HTML interface.
+VAGENT_HTML_DIRECTORY=/usr/share/varnish-agent/html
+
+# Additional options if needed.
+VAGENT_OPTS=
+
+# Shared secret file, used to authenticate with varnishd
+VAGENT_SECRET_FILE=/etc/varnish/agent_secret
diff --git a/sources b/sources
index e69de29..086db7e 100644
--- a/sources
+++ b/sources
@@ -0,0 +1 @@
+e0db886b0a2e63285bb5270dbbeaa9e8 2.1.tar.gz
diff --git a/vagent.automake.patch b/vagent.automake.patch
new file mode 100644
index 0000000..406af63
--- /dev/null
+++ b/vagent.automake.patch
@@ -0,0 +1,9 @@
+diff --git i/src/Makefile.am w/src/Makefile.am
+index e03f762..f343bdc 100644
+--- i/src/Makefile.am
++++ w/src/Makefile.am
+@@ -1,3 +1,4 @@
++AUTOMAKE_OPTIONS=subdir-objects
+ AM_CPPFLAGS = -I$(top_srcdir)/include
+ AM_CFLAGS = -Wall -Werror -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Wreturn-type -Wcast-qual -Wwrite-strings -Wswitch -Wshadow -Wcast-align -Wunused-parameter -Wchar-subscripts -Winline -Wnested-externs -Wredundant-decls -Wformat -Wextra -Wno-missing-field-initializers -Wno-sign-compare -fstack-protector-all
+
diff --git a/vagent.configure.patch b/vagent.configure.patch
new file mode 100644
index 0000000..4a6cba6
--- /dev/null
+++ b/vagent.configure.patch
@@ -0,0 +1,13 @@
+diff --git i/configure.ac w/configure.ac
+index 4238306..1e1d6ed 100644
+--- i/configure.ac
++++ w/configure.ac
+@@ -5,7 +5,7 @@ AC_PREREQ(2.61)
+ AC_COPYRIGHT([Copyright (c) 2012-2013 Varnish Software])
+ AC_INIT([varnish-agent], [2.1])
+ AC_CONFIG_SRCDIR([src/main.c])
+-AM_CONFIG_HEADER(config.h)
++AC_CONFIG_HEADERS([config.h])
+
+ AM_INIT_AUTOMAKE([-Wall -Werror foreign parallel-tests])
+
diff --git a/vagent.disable_ban_tests.patch b/vagent.disable_ban_tests.patch
new file mode 100644
index 0000000..65c0633
--- /dev/null
+++ b/vagent.disable_ban_tests.patch
@@ -0,0 +1,12 @@
+diff --git i/tests/Makefile.am w/tests/Makefile.am
+index 0d433a3..010f801 100644
+--- i/tests/Makefile.am
++++ w/tests/Makefile.am
+@@ -1,6 +1,5 @@
+ LOG_COMPILER = $(srcdir)/test-wrapper
+-TESTS = ban.sh \
+- badvarnishd.sh \
++TESTS = badvarnishd.sh \
+ json.sh \
+ log.sh \
+ status.sh \
diff --git a/vagent.secret_privileges.patch b/vagent.secret_privileges.patch
new file mode 100644
index 0000000..018bec7
--- /dev/null
+++ b/vagent.secret_privileges.patch
@@ -0,0 +1,79 @@
+diff --git i/include/common.h w/include/common.h
+index bd1ac3c..4c4bf46 100644
+--- i/include/common.h
++++ w/include/common.h
+@@ -42,6 +42,7 @@ struct agent_config_t {
+ char *T_arg;
+ char *T_arg_orig;
+ char *S_arg;
++ int S_arg_fd;
+ char *n_arg;
+ char *u_arg;
+ char *g_arg;
+diff --git i/src/main.c w/src/main.c
+index 4bd0f5a..b2a1b54 100644
+--- i/src/main.c
++++ w/src/main.c
+@@ -41,6 +41,7 @@
+ #define daemon I_hate_you_so_much_right_now
+ #endif
+
++#include <fcntl.h>
+ #include <stdio.h>
+ #include <unistd.h>
+ #include <stdint.h>
+@@ -97,6 +98,7 @@ static void core_opt(struct agent_core_t *core, int argc, char **argv)
+ assert(core->config != NULL);
+ core->config->n_arg = NULL;
+ core->config->S_arg = NULL;
++ core->config->S_arg_fd = -1;
+ core->config->T_arg = NULL;
+ core->config->g_arg = NULL;
+ core->config->u_arg = NULL;
+@@ -125,7 +127,11 @@ static void core_opt(struct agent_core_t *core, int argc, char **argv)
+ core->config->n_arg = optarg;
+ break;
+ case 'S':
++ // avoid fd leak
++ if (core->config->S_arg_fd > 0)
++ close(core->config->S_arg_fd);
+ core->config->S_arg = optarg;
++ core->config->S_arg_fd = open(optarg, O_RDONLY);
+ break;
+ case 'T':
+ core->config->T_arg_orig = optarg;
+diff --git i/src/modules/vadmin.c w/src/modules/vadmin.c
+index 547813b..a63b8b6 100644
+--- i/src/modules/vadmin.c
++++ w/src/modules/vadmin.c
+@@ -145,7 +145,7 @@ n_arg_sock(struct agent_core_t *core)
+ static int
+ cli_sock(struct vadmin_config_t *vadmin, struct agent_core_t *core)
+ {
+- int fd;
++ int fd = core->config->S_arg_fd;
+ unsigned status;
+ char *answer = NULL;
+ char buf[CLI_AUTH_RESPONSE_LEN + 1];
+@@ -167,7 +167,12 @@ cli_sock(struct vadmin_config_t *vadmin, struct agent_core_t *core)
+ assert(close(vadmin->sock) == 0);
+ return(-1);
+ }
+- fd = open(core->config->S_arg, O_RDONLY);
++ if (fd < 0) {
++ fd = open(core->config->S_arg, O_RDONLY);
++ core->config->S_arg_fd = fd;
++ }
++ else
++ lseek(fd, 0, SEEK_SET);
+ if (fd < 0) {
+ logger(vadmin->logger, "Cannot open \"%s\": %s",
+ core->config->S_arg, strerror(errno));
+@@ -175,7 +180,6 @@ cli_sock(struct vadmin_config_t *vadmin, struct agent_core_t *core)
+ return (-1);
+ }
+ VCLI_AuthResponse(fd, answer, buf);
+- assert(close(fd) == 0);
+ free(answer);
+
+ cli_write(vadmin->sock, "auth ");
diff --git a/vagent.test_suite.patch b/vagent.test_suite.patch
new file mode 100644
index 0000000..477fe3f
--- /dev/null
+++ b/vagent.test_suite.patch
@@ -0,0 +1,161 @@
+diff --git a/tests/badvarnishd.sh b/tests/badvarnishd.sh
+index 2e6ed13..6e4913c 100755
+--- a/tests/badvarnishd.sh
++++ b/tests/badvarnishd.sh
+@@ -6,6 +6,7 @@ VARNISH_PID=$TMPDIR/varnish.pid
+ PHASE=1
+ VARNISH_PORT=$(( 1024 + ( $RANDOM % 48000 ) ))
+
++start_backend
+ phase() {
+ now=$(date +%s)
+ echo
+@@ -121,5 +122,6 @@ test_it GET status "" "Child in state stopped"
+ phase "Cleanup"
+ stop_agent
+ stop_varnish
++stop_backend
+ rm -fr $TMPDIR
+ exit $ret
+diff --git a/tests/data/boot.vcl b/tests/data/boot.vcl
+index 312a052..ddf7d13 100644
+--- a/tests/data/boot.vcl
++++ b/tests/data/boot.vcl
+@@ -1 +1 @@
+-backend default { .host = "kly.no"; }
++backend default { .host = "localhost"; }
+diff --git a/tests/empty_response_backend.py b/tests/empty_response_backend.py
+new file mode 100755
+index 0000000..2dde367
+--- /dev/null
++++ b/tests/empty_response_backend.py
+@@ -0,0 +1,21 @@
++#!/usr/bin/python
++
++import BaseHTTPServer
++
++class EmptyResponseHandler(BaseHTTPServer.BaseHTTPRequestHandler):
++
++ def send_empty_response(self):
++ self.send_response(204)
++ self.end_headers()
++
++ def do_GET(self):
++ self.send_empty_response()
++
++ def do_HEAD(self):
++ self.send_empty_response()
++
++ def do_POST(self):
++ self.send_empty_response()
++
++if __name__ == '__main__':
++ BaseHTTPServer.test(EmptyResponseHandler)
+diff --git a/tests/util.sh b/tests/util.sh
+index e353e48..9910c51 100644
+--- a/tests/util.sh
++++ b/tests/util.sh
+@@ -10,6 +10,8 @@ TMPDIR="${TMPDIR:-$(mktemp -d)}"
+ SRCDIR="${SRCDIR:-"."}"
+ ORIGPWD="${ORIGPWD:-"."}"
+ VARNISH_PID="${TMPDIR}/varnish.pid"
++BACKEND_PID="${TMPDIR}/backend.pid"
++BACKEND_LOG="${TMPDIR}/backend.log"
+
+ inc() {
+ N=$(( ${N} + 1 ))
+@@ -30,30 +32,43 @@ pass() {
+ echo "$*"
+ }
+
++stop_backend() {
++ backendpid="$(cat "$BACKEND_PID")"
++ if [ -z "$backendpid" ]; then
++ fail "NO BACKEND_PID? Damn..."
++ else
++ echo -e "\tStopping the backend($backendpid)"
++ kill $backendpid
++ fi
++}
++
+ stop_varnish() {
+ varnishpid="$(cat "$VARNISH_PID")"
+ if [ -z "$varnishpid" ]; then
+- fail "NO VARNISHPID? Bad stuff..."
++ fail "NO VARNISH_PID? Bad stuff..."
++ else
++ echo -e "\tStopping varnish($varnishpid)"
++ kill $varnishpid
+ fi
+- echo -e "\tStopping varnish($varnishpid)"
+- kill $varnishpid
+ }
+
+ stop_agent() {
+ agentpid=$(cat ${TMPDIR}/agent.pid)
+- if [ -z $agentpid ]; then
++ if [ -z "$agentpid" ]; then
+ fail "Stopping agent but no agent pid found. BORK"
++ else
++ echo -e "\tStopping agent($agentpid)"
++ kill $agentpid
+ fi
+- echo -e "\tStopping agent($agentpid)"
+- kill $agentpid
+ }
+
+ cleanup() {
+- echo Stopping varnishd and the agent
++ echo Stopping varnishd, the agent and the backend
+ [ -z "$varnishpid" ] || kill "$varnishpid" || true
+ [ -z "$agentpid" ] || kill "$agentpid" || true
+- stop_varnish
+ stop_agent
++ stop_varnish
++ stop_backend
+ echo Cleaning up
+ rm -rf ${TMPDIR}
+ }
+@@ -88,13 +103,33 @@ pidwait() {
+ fi
+ }
+
++start_backend() {
++ echo "Starting backend:"
++ python -u empty_response_backend.py 0 >$BACKEND_LOG 2>&1 &
++ backendpid=$(jobs -p %+)
++ echo $backendpid >$BACKEND_PID
++ echo -e "\tStarted the backend. Pid $backendpid"
++ for i in $(seq 10); do
++ sleep 1
++ backendport=$(grep -F 'Serving HTTP' $BACKEND_LOG | awk '{print $6}')
++ [ -n "$backendport" ] && break
++ done
++ if [ -z "$backendport" ]; then
++ echo -e "\tFailed to bind in a timely fashion"
++ exit 1
++ fi
++ echo -e "\tListening to *:$backendport"
++ echo "backend default { .host = \"localhost:$backendport\"; }" >$TMPDIR/boot.vcl
++}
++
+ start_varnish() {
+ head -c 16 /dev/urandom > "$TMPDIR/secret"
+- printf "${INDENT}Starting varnishd\n\n"
++ printf "${INDENT}Starting varnishd:\n\n"
+ varnishd -f "${SRCDIR}/data/boot.vcl" \
+ -P "$VARNISH_PID" \
+ -n "$TMPDIR" \
+ -p auto_restart=off \
++ -p ban_lurker_sleep=10 \
+ -a 127.0.0.1:0 \
+ -T 127.0.0.1:0 \
+ -s malloc,50m \
+@@ -115,6 +150,7 @@ start_agent() {
+
+ init_all() {
+ init_misc
++ start_backend
+ start_varnish
+ start_agent
+ }
diff --git a/varnish-agent.service b/varnish-agent.service
new file mode 100644
index 0000000..c9ec625
--- /dev/null
+++ b/varnish-agent.service
@@ -0,0 +1,23 @@
+[Unit]
+Description=Administration agent for Varnish Cache
+Documentation=man:varnish-agent(1)
+After=varnish
+
+[Service]
+
+EnvironmentFile=/etc/varnish/*.params
+Type=forking
+PIDFile=/var/run/varnish-agent.pid
+PrivateTmp=true
+
+ExecStart=/usr/bin/varnish-agent \
+ -P /var/run/varnish-agent.pid \
+ -c $VAGENT_PORT \
+ -H $VAGENT_HTML_DIRECTORY \
+ -u $VARNISH_USER \
+ -g $VARNISH_GROUP \
+ -S $VARNISH_SECRET_FILE \
+ $VAGENT_OPTS
+
+[Install]
+WantedBy=multi-user.target
diff --git a/varnish-agent.spec b/varnish-agent.spec
new file mode 100644
index 0000000..cca1a9e
--- /dev/null
+++ b/varnish-agent.spec
@@ -0,0 +1,118 @@
+Name: varnish-agent
+Version: 2.1
+Release: 5%{?dist}
+Summary: Administration agent for Varnish Cache
+Group: System Environment/Daemons
+
+License: BSD
+URL: https://github.com/varnish/vagent2
+Source0: https://github.com/varnish/vagent2/archive/%{version}.tar.gz
+Source1: varnish-agent.service
+Source2: agent.params
+
+# The patches all come from the following pull requests:
+# https://github.com/varnish/vagent2/pull/94
+# https://github.com/varnish/vagent2/pull/101
+
+# offers a better out-of-the-box experience
+Patch0: vagent.secret_privileges.patch
+
+# necessary fixes for the build
+Patch1: vagent.configure.patch
+Patch2: vagent.automake.patch
+Patch3: vagent.test_suite.patch
+
+# disables a failing test upstream is investigating
+# it looks like a bug in varnish, not the agent
+Patch4: vagent.disable_ban_tests.patch
+
+BuildRequires: autoconf automake libtool python-docutils
+BuildRequires: systemd varnish-libs-devel libmicrohttpd-devel
+BuildRequires: varnish python-demjson perl-libwww-perl
+
+Requires: varnish
+
+Requires(post): systemd
+Requires(preun): systemd
+Requires(postun): systemd
+
+
+%description
+Varnish Agent software that runs on all caches managed by Varnish
+Administration Console (VAC).
+
+
+%prep
+%autosetup -n vagent2-%{version} -p1
+
+# varnish-agent expects to be built from the git repository
+sed -i s/NOGIT/%{version}/ include/Makefile.am
+
+
+%build
+./autogen.sh
+%configure
+make %{?_smp_mflags}
+
+
+%install
+%make_install
+
+install -m 755 -d %{buildroot}%{_sharedstatedir}/%{name}
+install -m 755 -d %{buildroot}%{_unitdir}
+install -m 755 -d %{buildroot}%{_sysconfdir}/varnish
+
+install -pm 644 -t %{buildroot}%{_unitdir} %{SOURCE1}
+install -pm 644 -t %{buildroot}%{_sysconfdir}/varnish %{SOURCE2}
+
+
+%check
+make check
+
+
+%files
+%doc LICENSE THANKS
+%{_bindir}/%{name}
+%{_mandir}/man1/%{name}.1*
+%{_datadir}/%{name}
+%{_unitdir}/%{name}.service
+%{_sharedstatedir}/%{name}
+%config(noreplace) %{_sysconfdir}/varnish/agent.params
+
+
+%post
+%systemd_post varnish-agent.service
+
+
+%preun
+%systemd_preun varnish-agent.service
+
+
+%postun
+%systemd_postun_with_restart varnish-agent.service
+
+
+%changelog
+* Sun Dec 08 2013 Dridi Boukelmoune <dridi.boukelmoune at gmail.com> - 2.1-5
+- Removed the %%optflags on the %%configure command line
+
+* Sat Dec 07 2013 Dridi Boukelmoune <dridi.boukelmoune at gmail.com> - 2.1-4
+- Added a patch to make the test suites work offline
+- Added a patch to disable the ban test suite
+- Removed the default -S option from the service
+
+* Fri Nov 01 2013 Dridi Boukelmoune <dridi.boukelmoune at gmail.com> - 2.1-3
+- Added a patch for subdir-objects in automake
+- Moved CFLAGS to the configure command line
+
+* Sun Oct 27 2013 Dridi Boukelmoune <dridi.boukelmoune at gmail.com> - 2.1-2
+- Requires: varnish
+- BuildRequires: varnish python-demjson
+- Added a patch for root privileges on the secret file
+- Added a patch for the deprecated AM_CONFIG_HEADER macro
+- Added a check section
+- sed -i s/NOGIT/%{version}/ include/Makefile.am
+- mv vagent.params agent.params
+
+* Sun Sep 15 2013 Dridi Boukelmoune <dridi.boukelmoune at gmail.com> - 2.1-1
+- Initial spec.
More information about the scm-commits
mailing list