Merge pull request #14 from ARGOeu-Metrics/devel

Version 0.2.1

Jenkinsfile

@@ -13,25 +13,38 @@ pipeline {
     stages {
         stage ('Build'){
             parallel {
-               stage ('Build Centos 7') {
+                stage ('CentOS 7') {
                     agent {
                         docker {
                             image 'argo.registry:5000/epel-7-ams'
+                            alwaysPull true
                             args '-u jenkins:jenkins'
                         }
                     }
                     steps {
-                        echo 'Building Rpm...'
+                        echo 'Building CentOS 7 RPM...'
                         withCredentials(bindings: [sshUserPrivateKey(credentialsId: 'jenkins-rpm-repo', usernameVariable: 'REPOUSER', \
                                                                     keyFileVariable: 'REPOKEY')]) {
                             sh "/home/jenkins/build-rpm.sh -w ${WORKSPACE} -b ${BRANCH_NAME} -d centos7 -p ${PROJECT_DIR} -s ${REPOKEY}"
                         }
                         archiveArtifacts artifacts: '**/*.rpm', fingerprint: true
                     }
-                    post {
-                        always {
-                            cleanWs()
+                }
+                stage ('Rocky 9') {
+                    agent {
+                        docker {
+                            image 'argo.registry:5000/epel-9-ams'
+                            alwaysPull true
+                            args '-u jenkins:jenkins'
+                        }
+                    }
+                    steps {
+                        echo 'Building Rocky 9 RPM...'
+                        withCredentials(bindings: [sshUserPrivateKey(credentialsId: 'jenkins-rpm-repo', usernameVariable: 'REPOUSER', \
+                                                                    keyFileVariable: 'REPOKEY')]) {
+                            sh "/home/jenkins/build-rpm.sh -w ${WORKSPACE} -b ${BRANCH_NAME} -d rocky9 -p ${PROJECT_DIR} -s ${REPOKEY}"
                         }
+                        archiveArtifacts artifacts: '**/*.rpm', fingerprint: true
                     }
                 }
             }

argo-probe-oidc.spec

@@ -3,7 +3,7 @@
 
 Name:      argo-probe-oidc
 Summary:   ARGO probes for handling of OIDC tokens.
-Version:   0.2.0
+Version:   0.2.1
 Release:   1%{?dist}
 License:   ASL 2.0
 Group:     Development/System
@@ -13,9 +13,17 @@ Prefix:    %{_prefix}
 BuildArch: noarch
 
 BuildRequires: python3-devel
+
+%if 0%{?el7}
 Requires: python36-requests
 Requires: python36-jwt
 
+%else
+Requires: python3-requests
+Requires: python3-jwt
+
+%endif
+
 %description
 This package includes probes for fetching OIDC access token and checking refresh token validity.
 
@@ -42,6 +50,8 @@ rm -rf $RPM_BUILD_ROOT
 
 
 %changelog
+* Wed May 22 2024 Katarina Zailac <kzailac@srce.hr> - 0.2.1-1%{?dist}
+- ARGO-4547 Prepare el9 build for argo-probe-oidc
 * Thu Oct 5 2023 Katarina Zailac <kzailac@srce.hr> - 0.2.0-1%{?dist}
 - ARGO-4389 Set username as parameter to probe fetching OIDC token
 * Thu Jun 30 2022 Katarina Zailac <kzailac@srce.hr> - 0.1.1-1%{?dist}

modules/refresh_token_expiration.py

@@ -32,7 +32,16 @@ def __exit__(self, exc_type, exc_val, exc_tb):
 def validate_token(args):
     date_format = "%b %d %Y %H:%M:%S"
     try:
-        unix_time = jwt.decode(args.token, verify=False)["exp"]
+        jwt_options = {
+            "verify_signature": False,
+            "verify_exp": True,
+            "verify_nbf": False,
+            "verify_iat": False,
+            "verify_aud": False
+        }
+        unix_time = jwt.decode(
+            args.token, algorithms=["HS256"], options=jwt_options
+        )["exp"]
         expiration_time = datetime.datetime.fromtimestamp(unix_time)
         timedelta = expiration_time - datetime.datetime.today()