Infrastructure/ansible
3
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

fas: backport stupid patch

Browse source 
Just backport and apply this patch during build.
The reasons are too insane for words: cherrypy-2.3.0 is actually not compatible with the Cookie library
from Python2.5 and up, because they add carriage returns.
It actually never broke in production because mod_wsgi daemon mode will handle and toss the \r's.
But gunicorn in EL6 has a backported security fix that throws the header entirely out.

This just took me way too deep down the stacks.

Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
This commit is contained in:
Patrick Uiterwijk 2019-05-11 02:40:31 +02:00
parent 27e4136913
commit 9890203336
1 changed files with 5 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
roles/openshift-apps/fas/templates/buildconfig-fas.yml
View file

@ -38,6 +38,11 @@ spec:
mkdir -p /app && \
ln -sf /usr/sbin/fas.wsgi /app/app.py
RUN yum install -y patch && \
curl https://infrastructure.fedoraproject.org/cgit/ansible.git/plain/roles/fas_server/files/0001-bugfix.patch | patch /usr/lib/python2.6/site-packages/CherryPy-2.3.0-py2.6.egg/cherrypy/_cphttptools.py && \
rm -f /usr/lib/python2.6/site-packages/CherryPy-2.3.0-py2.6.egg/cherrypy/_cphttptools.py{c,o}
EXPOSE 8080
EXPOSE 8000
ENTRYPOINT bash