summaryrefslogtreecommitdiff
path: root/worker_manager
diff options
context:
space:
mode:
authorLars Wirzenius <liw@liw.fi>2018-04-08 10:17:29 +0300
committerLars Wirzenius <liw@liw.fi>2018-04-08 13:05:54 +0300
commit896d176ef803c096ec8d197bb961c7367d862bcb (patch)
tree5f17432546db1e1e1a0564e6129a5b33af6e246d /worker_manager
parentb9171928c024fde56789846233a539ccd0ffee48 (diff)
downloadick2-896d176ef803c096ec8d197bb961c7367d862bcb.tar.gz
Add: worker-manager gets client credenticals via config file
Diffstat (limited to 'worker_manager')
-rwxr-xr-xworker_manager37
1 files changed, 30 insertions, 7 deletions
diff --git a/worker_manager b/worker_manager
index 6fd556c..1590109 100755
--- a/worker_manager
+++ b/worker_manager
@@ -35,14 +35,20 @@ class WorkerManager(cliapp.Application):
def add_settings(self):
self.settings.string(
- ['controller'],
- 'base URL for the controller',
- metavar='URL',
+ ['client-id'],
+ 'use ID as the client id when authenticatin to IDP',
+ metavar='ID',
+ )
+
+ self.settings.string(
+ ['client-secret-cmd'],
+ 'run CMD to gget the client secret when authentication to IDP',
+ metavar='CMD',
)
self.settings.string(
- ['name'],
- 'name of this worker',
+ ['controller'],
+ 'base URL for the controller',
metavar='URL',
)
@@ -82,16 +88,20 @@ class WorkerManager(cliapp.Application):
raise
def main_program(self, args):
- self.settings.require('name')
+ self.settings.require('client-id')
+ self.settings.require('client-secret-cmd')
self.settings.require('controller')
- name = self.settings['name']
+ name = self.settings['client-id']
url = self.settings['controller']
workspace = self.settings['workspace']
systree = self.settings['systree']
+ secret = self.get_client_secret()
+
api = ControllerAPI(name, url)
api.set_verify_tls(self.settings['verify-tls'])
+ api.set_client_creds(name, secret)
worker = Worker(name, api, workspace, systree)
logging.info('Worker manager %s starts, controller is %s', name, url)
@@ -108,6 +118,12 @@ class WorkerManager(cliapp.Application):
secs = self.settings['sleep']
time.sleep(secs)
+ def get_client_secret(self):
+ cmd = self.settings['client-secret-cmd']
+ output = cliapp.runcmd(['sh', '-c', cmd])
+ lines = output.splitlines()
+ return lines[0].strip()
+
class ControllerAPI:
@@ -126,13 +142,20 @@ class ControllerAPI:
self._cc.set_controller_url(url)
self._ac = None
self._blobs = None
+ self._client_id = None
+ self._client_secret = None
def set_verify_tls(self, verify):
self._cc.set_verify_tls(verify)
+ def set_client_creds(self, client_id, client_secret):
+ self._client_id = client_id
+ self._client_secret = client_secret
+
def get_token(self):
if self._ac is None:
self._ac = self._cc.get_auth_client()
+ self._ac.set_client_creds(self._client_id, self._client_secret)
return self._ac.get_token(self._scopes)
def register(self):