You are viewing a plain text version of this content. The canonical link for it is here.
Posted to reviews@mesos.apache.org by Kapil Arya <ka...@mesosphere.io> on 2017/04/28 18:54:03 UTC
Review Request 58762: Use SecretFetcher to fetch secret executor
environment.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58762/
-----------------------------------------------------------
Review request for mesos, Gilbert Song, Greg Mann, Jie Yu, and Vinod Kone.
Bugs: MESOS-7419
https://issues.apache.org/jira/browse/MESOS-7419
Repository: mesos
Description
-------
Secrets specified in the executor environment variables are resolved using a secret-fetcher module. If no secret-fetcher module is specified, an internal default implementation is used to resolve the secrets.
Diffs
-----
src/slave/slave.hpp 77fb93abc701cd34b69c75b6219c219fdb784a67
src/slave/slave.cpp 8b8078dbb656e9db2efa53cc4ec5bed2cc01d49a
src/tests/containerizer/mesos_containerizer_tests.cpp 13e0f7e603a3ffdd0965b253d7abfe6a069cd2b4
src/tests/hook_tests.cpp 02d8f800c3eb9b1e617a14c78c2ef1e45d1c72bb
Diff: https://reviews.apache.org/r/58762/diff/1/
Testing
-------
Thanks,
Kapil Arya
Re: Review Request 58762: Use SecretFetcher to fetch secret executor
environment.
Posted by Vinod Kone <vi...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58762/#review173537
-----------------------------------------------------------
src/slave/slave.cpp
Lines 2740 (patched)
<https://reviews.apache.org/r/58762/#comment246523>
s/secret resolution in executor environment/calculating executor environment/ ?
I think the secret fetching part should be internal to the `executorEnvironment` function.
src/slave/slave.cpp
Line 7625 (original), 7637 (patched)
<https://reviews.apache.org/r/58762/#comment246524>
CHECK_SOME(secretFetcher);
src/slave/slave.cpp
Lines 7639 (patched)
<https://reviews.apache.org/r/58762/#comment246525>
Ouch. Lets not do await please. We need to make this asynchronous.
src/slave/slave.cpp
Lines 7665-7666 (patched)
<https://reviews.apache.org/r/58762/#comment246526>
I think these should return an error instead of crashing the agent.
src/slave/slave.cpp
Lines 7668 (patched)
<https://reviews.apache.org/r/58762/#comment246527>
Ditto. No await please.
- Vinod Kone
On April 28, 2017, 6:54 p.m., Kapil Arya wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58762/
> -----------------------------------------------------------
>
> (Updated April 28, 2017, 6:54 p.m.)
>
>
> Review request for mesos, Gilbert Song, Greg Mann, Jie Yu, and Vinod Kone.
>
>
> Bugs: MESOS-7419
> https://issues.apache.org/jira/browse/MESOS-7419
>
>
> Repository: mesos
>
>
> Description
> -------
>
> Secrets specified in the executor environment variables are resolved using a secret-fetcher module. If no secret-fetcher module is specified, an internal default implementation is used to resolve the secrets.
>
>
> Diffs
> -----
>
> src/slave/slave.hpp 77fb93abc701cd34b69c75b6219c219fdb784a67
> src/slave/slave.cpp 8b8078dbb656e9db2efa53cc4ec5bed2cc01d49a
> src/tests/containerizer/mesos_containerizer_tests.cpp 13e0f7e603a3ffdd0965b253d7abfe6a069cd2b4
> src/tests/hook_tests.cpp 02d8f800c3eb9b1e617a14c78c2ef1e45d1c72bb
>
>
> Diff: https://reviews.apache.org/r/58762/diff/1/
>
>
> Testing
> -------
>
>
> Thanks,
>
> Kapil Arya
>
>