From what I understand, when signing/pushing an image in skopeo, you can create multiple signatures. Here is essentially what I am trying to do:
podman build -t tester:1.0 .
podman tag tester:1.0 tester:latest
skopeo copy --sign-by <fingerprint> containers-storage:localhost/tester:1.0 docker://registry:5000/tester:1.0
skopeo copy --sign-by <fingerprint> containers-storage:localhost/tester:latest docker://registry:5000/tester:latest
What I am expecting is to see multiple signatures under /var/lib/containers/sigstore/tester\#sha256\=<hash>/ something along the lines of signature-1, signature-2. But what I am actually seeing is that signature-1 gets generated after the first skopeo copy command, and then is overwritten after the second. If I upload this signature to the sigstore, then I can pull the latest tag, but if I pull 1.0 then I get the following error:
Trying to pull registry:5000/tester:1.0...
Error: Source image rejected: None of the signatures were accepted, reasons: Signature for identity registry:5000/tester:latest is not accepted; Signature for identity registry:5000/tester:latest is not accepted
This is because the overwritten signature is for the identity registry:5000/tester:latest since that is the last tag that was pushed. Why is it being overwritten? How do I have skopeo assign a separate signature for each identity (tag)?
Related
Is it possible to trigger an HTTP cloud function in response to a pubsub message?
When editing a subscription, google makes it possible to push the message to an HTTPS endpoint, but for abuse reasons one has to be able to prove that you own the domain in order to do this, and of course you can't prove that you own google's own *.cloudfunctions.net domain which is where they get deployed.
The particular topic I'm trying to subscribe to is a public one, projects/pubsub-public-data/topics/taxirides-realtime. The answer might be use a background function rather than HTTP triggered, but that doesn't work for different reasons:
gcloud functions deploy echo --trigger-resource projects/pubsub-public-data/topics/taxirides-realtime --trigger-event google.pubsub.topic.publish
ERROR: gcloud crashed (ArgumentTypeError): Invalid value 'projects/pubsub-public-data/topics/taxirides-realtime': Topic must contain only Latin letters (lower- or upper-case), digits and the characters - + . _ ~ %. It must start with a letter and be from 3 to 255 characters long.
This seems to indicate this is only permitted on topics I own, which is a strange limitation.
It is possible to publish from a pub/sub topic to a cloud function. I was looking for a way to publish messages from a topic in project A to a function in project B. This was not possible with a regular topic trigger, but it is possible with http-trigger. Overall steps to follow:
Creata a http-triggered function in project B.
Create a topic in project A.
Create a push subscription on that topic in project A.
Domain verification
Push subscription
Here we have to fill in three things: the endpoint, the audience and the service account under which the function runs.
Push Endpoint: https://REGION-PROJECT_ID.cloudfunctions.net/FUNC_NAME/ (slash at end)
Audience: https://REGION-PROJECT_ID.cloudfunctions.net/FUNC_NAME (no slash at end)
Service Account: Choose a service account under which you want to send the actual message. Be sure the service account has the "roles/cloudfunctions.invoker" role on the cloud function that you are sending the messages to. Since november 2019, http-triggered functions are automatically secured because AllUsers is not set by default. Do not set this property unless you want your http function to be public!
Domain verification
Now you probably can't save your subscription because of an error, that is because the endpoint is not validated by Google. Therefore you need to whitelist the function URL at: https://console.cloud.google.com/apis/credentials/domainverification?project=PROJECT_NAME.
Following this step will also bring you to the Google Search Console, where you would also need to verify you own the endpoint. Sadly, at the time of writing this process cannot be automated.
Next we need to add something in the lines of the following (python example) to your cloud function to allow google to verify the function:
if request.method == 'GET':
return '''
<html>
<head>
<meta name="google-site-verification" content="{token}" />
</head>
<body>
</body>
</html>
'''.format(token=config.SITE_VERIFICATION_CODE)
Et voila! This should be working now.
Sources:
https://github.com/googleapis/nodejs-pubsub/issues/118#issuecomment-379823198,
https://cloud.google.com/functions/docs/calling/http
Currently, Cloud Functions does not allow one to create a function that receives messages for a topic in a different project. Therefore, specifying the full path including "projects/pubsub-public-data" does not work. The gcloud command to deploy a Cloud Function for a topic expects the topic name only (and not the full resource path). Since the full resource path contains the "/" character, it is not a valid specification and results in the error you see.
The error you are getting seems to be that you are misspelling something in the gcloud command you are issuing.
ERROR: gcloud crashed (ArgumentTypeError): Invalid value 'projects/pubsub-public-data/topics/taxirides-realtime': Topic must contain only Latin letters (lower- or upper-case), digits and the characters - + . _ ~ %. It must start with a letter and be from 3 to 255 characters long
Are you putting a newline character in the middle of the command?
I have created JMeter script that need to be used for different environments like Staging, Production, etc. I want to dynamically change the IP address.
Can someone let me know how can I proceed with this?
Remove all the IP, port, protocol details from the HTTP Sampler.
Add HTTP Request Defaults under test plan - in which you can update IP, Port & Protocol details. So, just changing it one place will do for entire test.
As you need to change it dynamically, use property file/properties. for example.. (these names can be anything)
host.ip=10.11.12.13
host.port=443
host.protocol=https
You can pass the properties via command line argument to the test.
jmeter -n -t /path/to/test.jmx -l /path/to/result.jtl -Jhost.ip=10.111.12.13 -Jhost.port=443 -Jhost.protocol=https -Jtest.duration=300
J - defines a local JMeter property.
In the test, access these values using ${__P(host.ip)},${__P(host.port)}..etc
If you have a lot of properties, You can have a look at the Property File Reader. I have been using this for a while & I love it.
Advantage is - even in the GUI mode, it will work great.
http://www.testautomationguru.com/jmeter-property-file-reader-a-custom-config-element/
If you use the Property File Reader & pass the property file name itself dynamically, then use
jmeter -n -t /path/to/test.jmx -l /path/to/result.jtl -Jproperty.file.path=/path/to/file.properties
Then access it using ${__P(property.file.path)} in the File Path.
I'm completely new to axis2c and I've just downloaded and unpacked
axis2c 1.6 for Windows (binary release).
I've followed the installation instructions and have successfully
started axis2_http_server.
Trying to access the Calculator service's WSDL works fine but any call to
the service's add method returns "invalid XML in request" as well as the
same text is shown in the console window where axis2_http_server is
running.
I've also tried soapUI. The request shown is:
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:typ="http://ws.apache.org/axis2/services/Calculator/types">
<soapenv:Header/>
<soapenv:Body>
<typ:add>
<param_1>1.0</param_1>
<param_2>1.0</param_2>
</typ:add>
The response is
<soapenv:Fault>
<faultcode>soapenv:Sender</faultcode>
<faultstring>Invalid XML format in request</faultstring>
</soapenv:Fault>
The problem is issued in in calc.c (function axis2_calc_add()), where
seq_node = axiom_node_get_first_child(complex_node, env);
returns NULL.
Calculator service example has multiple issues that prevents it to work.
Firstly, implementation of add operation is invalid, it expects request like that (here is only contents of soap body):
<typ:add>
<complex_node>
<seq_node>
<param_1>1</param_1>
<param_2>2</param_2>
</seq_node>
</complex_node>
</typ:add>
Looks like someone committed that code by mistake.
Secondly, code that is implemented in Calculator service does not allow to have whitespaces between request elements. It takes any first node hoping it is an element, but fails, because takes text node between elements.
To start that example without modification of the service:
use one of sub, div, mul operations.
remove all whitespaces in request element like that:
<typ:sub><param_1>3</param_1><param_2>2</param_2></typ:sub>
Then you will be able to call the service.
If you want to see fully working Calculator service, you can compile Axis2/C from axis2-unofficial project (or install it from binary archive).
Or, you can apply that changes to the original source code and recompile it.
Here is a wget command that executes a HTML / PHP stack report suite that is hosted by a third party - we don't have control over the PHP or HTML page
wget --no-check-certificate --http-user=/myacc --http-password=mypass -O /tmp/myoutput.csv "https://myserver.mydomain.com/mymodule.php?myrepcode=9999&action=exportcsv&admin=myappuserid&password=myappuserpass&startdate=2011-01-16&enddate=2011-01-16&reportby=mypreferredview"
All the elements are working perfectly:
--http-user / --http-pass as offered by a browsers standard popup for username and password prompt
-O /tmp/myoutput.csv - the output file of interest
https://myserver.mydomain.com/mymodule.php?myrepcode=9999&action=exportcsv&admin=myappuserid&password=myappuserpass&startdate=2011-01-16&enddate=2011-01-16&reportby=mypreferredview"
The file generated on the fly by the parameters
myrepcode=9999 - a reference to the report in question
action=exportcsv internally written in the function
admin=myappuserid the third party operats SSL to access the site - then internal username and password stored in a database to access the functions of the site)
password=myappuserpass
startdate=2011-01-16 this and end data are parameters specific to the report 9999
enddate=2011-01-16
reportby=mypreferredview This is an option in the report that facilitates different levels of detail or aggregation
The problem is that the reportby parameter is a radio button selection in a list of 5 selections (sure I enough the default is highest level of aggregation , I want the last one which is the most detailed)
Here is a sample of the HTML page code for the options of reportby
The tags in the HTML are not whitelisted - so I will send the sample if requested
<td>View by</td>
<td>
<input class="naf-radio" name="reportby" id="reportby[thedefault]" value="thedefault" type="radio">The Default
<input class="naf-radio" name="reportby" id="reportby[myleastpreferred]" value="myleastpreferred" type="radio">My Least Preferred
<input class="naf-radio" name="reportby" id="reportby[mysecondleastpreferred]" value="mysecondleastpreferred" type="radio">My Second Least Preferred
<input class="naf-radio" name="reportby" id="reportby[mythirdleastpreferred]" value="mythirdleastpreferred" type="radio">My Third Least Preferred
<input class="naf-radio" name="reportby" id="reportby[mypreferred]" value="mypreferred" type="radio">My Preferred
</td>
No matter which of the reportby items I select in the wget statement - thedefault is always executed.
Questions
1) Has anyone come across this notation in HTML (id=inputname[inputelement])
I spoke to a senior web developer and he has never seen this notation for inputs (id=inputname[inputelement]) - and w3schools do not appear familiar with this either based on an extensive search
2) Can a wget command select a none default radio item when executing the command ?
This probably will be initially received with a "Use CURL" response- however the wget approach works very well in the limited environment I am operating in - particularly as I need to download 10000 of these such items.
Thanks ahead of response
A radio button is just another form element and can be passed through the querystring usually. Some applications will demand that parameters are passed as POST data but this isn't that common in my experience.
What you'll need to do is find the name of the radio buttonand the value that is on the desired option. You then just add &name=value to your current url and it should act like selecting that radio button.
The notation id=inputname[inputelement] could exist in javascript or similar languages but not in HTML. In HTML its just name=value type of declarations in urls (and attribtues and other things). In this case I would assume that this string was meant to have been interpreted in whatever code generated the HTML rather than rendered to screen.
Also you need to make sure you urlencode any values that you are putting in the url to make sure they don't contain any illegal characters (eg an & or = will confuse it completely).
If the querystring method doesn't work then wget has a --post-data switch that allows you to specify data to be posted whcih is what a form would do. If you use --post-data=reportby=mypreferred I hope you should have more success with that.
If this still fails then I would use some tool to view your wget request as well as your request through a browser and compare the headers and data to see what is different about them. one such tool for this is fiddler (http://www.fiddler2.com/fiddler2/) though I'm sure many others exist.
Is there a way to get the Last-Modified-Date of a file on a Web Site?
i.e. Here is an example file I have out there:
http://www.ymcadetroit.org/atf/cf/%7B2101903E-A11A-4532-A64D-9D823368A605%7D/Birmingham_Youth_Sports_Parent_Manual.pdf
Go to the website you want to know about, wait for it to fully load, then go to the address bar and write this:
javascript:alert(document.lastModified)
You'll get a popup that says when it was last modified.
The HTTP intends the Last-Modified header field to declare the last modification date. But the server needs to know that date.
On static files whose content is sent directly to the client and not interpreted otherwise by the server (e.g. .html, .css, .js) it uses the last modified date of that file. But on files that generated content dynamically (PHP, Python, etc.) the script needs to specify that information itself. But unfortunatly many scripts don’t to that.
So if a Last-Modified header field is present, you can use that information. But if not, you cannot determin the last modification date.
Here is some C# code to do it:
public DateTime GetLastModifyTime(string url)
{
WebRequest request = WebRequest.Create(url);
request.Credentials = CredentialCache.DefaultNetworkCredentials;
request.Method = "HEAD";
using (WebResponse response = request.GetResponse())
{
string lastModifyString = response.Headers.Get("Last-Modified");
DateTime remoteTime;
if (DateTime.TryParse(lastModifyString, out remoteTime))
{
return remoteTime;
}
return DateTime.MinValue;
}
}
I realize this question is 4 years old, but a search of the web proved that satisfactory answers remain rare. Peter's answer is part of the solution. When I had the same problem to solve, that got me started. But the rest of the solution...
As he said, the web server must be configured to send the last-modified date ... so how do you configure the web server?
Assuming you have the necessary level of control, you first need to enable server side includes. There are several ways to do this - one of which is the "xbithack". A good reference is http://httpd.apache.org/docs/current/howto/ssi.html.
Assuming you've done this, you need to set the execute bit on any html file that needs to have server-side includes parsed. This can be done at the command line of a UNIX-like system: chmod u+x file.html or on the Mac using get-info (command-I) on the file.
This leaves the snippet to actually put in your file, which looks like this:
This document last modified <!--#flastmod file="index.html" -->
Since I found many, many recommendations that didn't include this, and simply used the javascript document.lastModified, I suspect that some servers give you what you want with the javascript version, whereas some (including the one hosting our stuff) don't.
To obtain the last modified date from client side, you can access the HTML DOM using the lastModified property using JavaScript.
The lastModified property grabs the information from the head portion sent with all web requests. The value can be manually set by developers on the web-server side of things so it may not reflect the actual last modified date of the file responsible for delivering the content.
Example
<!DOCTYPE html>
<html>
<body>
<b>document.lastModified : </b>
<script>document.write( document.lastModified );</script>
</body>
</html>
The specific command in JavaScript that retrieves this is document.lastModified and can easily be converted into a Date object as follows :
var x = new Date(document.lastModified);
More information can be found on the site I used as a reference w3 schools : HTML DOM lastModified Property
I believe the web server must be configured to send the last-modified date in an HTTP-header, this is certainly one way. Check out section 14.29 Last-Modified of this document:
http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
You can do the following to get Last-Modified:
https://superuser.com/a/991895
Using curl:
curl -s -v -X HEAD http://foo.com/bar/baz.pdf 2>&1 | grep '^< Last-Modified:'
Using wget:
wget --server-response --spider http://example.com/bar/example.pdf 2>&1 | grep -i Last-Modified
With just plain HTML, no you cannot.
You can with PHP, or ASP, or any other server side language.
I'm not an expert in headers, but believe you are looking for this:
There is a way to check the date when a file was modified:
View HTTP headers in Google Chrome?
Check in there (Chrome's Developer Tools / Network / Selected File / Headers) the "If-Modified-Since" variable.
Until now this has helped me to achieve what you are asking, get a file's modification date.
In php:
print getlastmod();
print gmdate('D, d M Y H:i:s', getlastmod());