Tue, 26 Oct 2021 00:39:28 CDT | login

Information for build htgettoken-1.6-1.osg35.el7

Package Namehtgettoken
SummaryGet OIDC bearer tokens by interacting with Hashicorp vault
Descriptionhtgettoken gets OIDC bearer tokens by interacting with Hashicorp vault
Built byDave Dykstra
State complete
StartedThu, 16 Sep 2021 15:16:06 CDT
CompletedThu, 16 Sep 2021 15:19:41 CDT
Taskbuild (osg-el7, /svn/native/redhat/trunk/htgettoken:26616)
Extra{'source': {'original_url': 'svn+https://vdt.cs.wisc.edu/svn/native/redhat/trunk/htgettoken#26616'}}
htgettoken-1.6-1.osg35.el7.src.rpm (info) (download)
htgettoken-1.6-1.osg35.el7.x86_64.rpm (info) (download)
Changelog * Wed Sep 15 2021 Dave Dykstra <dwd@fnal.gov> 1.6-1 - Try a default cafile of '/etc/pki/tls/cert.pem' if system default is empty. This can happen when the SSL_CERT_FILE environment variable is empty. * Tue Sep 14 2021 Dave Dykstra <dwd@fnal.gov> 1.5-1 - Add httokendecode command - Add RELEASE_PROCEDURE file * Mon Sep 13 2021 Dave Dykstra <dwd@fnal.gov> 1.4-1 - Add --vaulttokenminttl option - Add --web-open-command option, and default it to xdg-open only when $SSH_CLIENT is not set - Send the extra 'server' parameter recognized by htvault-config >= 1.5 when --secretpath=secret/oauth/creds/%issuer/%credkey:%role, to use shared vault secrets instance (will be default later) - Use the new pyinstaller 4.5 exclude_system_libraries() function instead of the previous hack to exclude system libraries from being bundled * Tue Jul 13 2021 Dave Dykstra <dwd@fnal.gov> 1.3-1 - Add --kerbprincipal option - Change the default kerbpath to include issuer and role - Limit oidc polling to 2 minutes - Disable oidc authentication when running in the background, that is, when none of stdin, stdout, or stderr are on a tty - Document that audience can be a comma or space separated list - Updated pip-installed dependent packages to latest versions * Thu Apr 08 2021 Dave Dykstra <dwd@fnal.gov> 1.2-1 - Fix working with a kerberos domain that is missing from krb5.conf - Extract more formatted information from http exceptions - Improve format of printed kerberos exceptions * Wed Dec 30 2020 Dave Dykstra <dwd@fnal.gov> 1.1-1 - Integrate with htcondor, including these changes: - Change --authpath option name to --oidcpath. - Add --noidc option. - Add --vaulttokenttl option. - Make --vaulttokenfile default to /dev/stdout if the ttl is more than a million seconds, and also require it to start with /dev/std or /dev/fd if the ttl is more than a million seconds. - Add --vaulttokeninfile option. - Add --nobearertoken option. - Add --showbearerurl option. - Send progress output to stderr if --vaulttokenfile is /dev/stdout or --showbearerurl option is enabled. - Use a separate version number for the python library downloads tarball. * Tue Dec 01 2020 Dave Dykstra <dwd@fnal.gov> 1.0-1 - Add --credkey option. - Add --vaultalias option. - Add --nokerberos and --kerbpath options. - Change the name of the --vaultrole option to --role; the short name -r remains unchanged. - Fill out the man page and add a html version of it to the source, generated by a Makefile. * Mon Nov 02 2020 Dave Dykstra <dwd@fnal.gov> 0.5-1 - Set BROWSER variable to prevent xdg-open from running lynx, which hangs. * Fri Oct 16 2020 Dave Dykstra <dwd@fnal.gov> 0.4-1 - Support the new poll api in addition to the old device_wait api when waiting for authorization response - Use colon as separator in default secret path instead of hyphen - Add --scopes and --audience options - Implement the --minsecs option (was present before but didn't work) - Stop reading old bearer token and remove use of jwt package * Tue Jul 28 2020 Dave Dykstra <dwd@fnal.gov> 0.3-1 - Avoid including standard system libraries with pyinstaller - Increase timeout on web browser interaction to 5 minutes - Set up the interrupt signal to kill the program - Add BuildRequires for openssl-devel and swig - Remove confusing code for setting default cafile on RHEL and make setting the Debian default more clear * Wed Jul 22 2020 Dave Dykstra <dwd@fnal.gov> 0.2-1 - Allow for missing xdg-open - Add some missing "Exception as e" clauses - Create configdir if missing when needed - Change from jwt pip package to pyjwt, and disable verify_aud * Tue Jul 21 2020 Dave Dykstra <dwd@fnal.gov> 0.1-1 - Initial release