Support for package blacklists
This adds support for blacklisting the mirroring of certain packages. This requires a very new bandersnatch running under python3. Change-Id: I0de38d79947bbae10650879b0fbdc77db0131918
This commit is contained in:
parent
1c71224305
commit
268f301a33
|
@ -17,11 +17,12 @@
|
|||
# Class to set up bandersnatch mirroring.
|
||||
#
|
||||
class bandersnatch::mirror (
|
||||
$group = 'root',
|
||||
$hash_index = false,
|
||||
$mirror_root = '/srv/static/mirror',
|
||||
$static_root = '/srv/static',
|
||||
$user = 'root',
|
||||
$group = 'root',
|
||||
$hash_index = false,
|
||||
$package_blacklist = [],
|
||||
$mirror_root = '/srv/static/mirror',
|
||||
$static_root = '/srv/static',
|
||||
$user = 'root',
|
||||
) {
|
||||
|
||||
if ! defined(File[$static_root]) {
|
||||
|
|
|
@ -40,4 +40,13 @@ delete-packages = true
|
|||
; generate daily access statistics that will be aggregated on the master PyPI.
|
||||
access-log-pattern = /var/log/apache2/pypi.*openstack.org_access.*
|
||||
|
||||
<% if not @package_blacklist.empty? -%>
|
||||
; blacklist
|
||||
; List of PyPI packages not to sync - Useful if malicious packages are mirrored
|
||||
[blacklist]
|
||||
packages =
|
||||
<% @package_blacklist.each do |package| -%>
|
||||
<%= package %>
|
||||
<% end -%>
|
||||
<% end -%>
|
||||
; vim: set ft=cfg:
|
||||
|
|
Loading…
Reference in New Issue