You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openwhisk.apache.org by ni...@apache.org on 2022/05/31 06:23:45 UTC

[openwhisk] branch master updated: Use pureconfig for invoker/scheduler's basic http auth (#5252)

This is an automated email from the ASF dual-hosted git repository.

ningyougang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/openwhisk.git


The following commit(s) were added to refs/heads/master by this push:
     new 0c4aab1bd Use pureconfig for invoker/scheduler's basic http auth (#5252)
0c4aab1bd is described below

commit 0c4aab1bd57bc4b8eb1e0e968b714e6447aeabea
Author: jiangpengcheng <ji...@navercorp.com>
AuthorDate: Tue May 31 14:23:36 2022 +0800

    Use pureconfig for invoker/scheduler's basic http auth (#5252)
---
 ansible/group_vars/all                                         |  2 ++
 ansible/roles/invoker/tasks/deploy.yml                         |  2 ++
 .../src/main/scala/org/apache/openwhisk/core/WhiskConfig.scala |  6 ++++++
 core/invoker/src/main/resources/application.conf               |  2 ++
 .../apache/openwhisk/core/invoker/DefaultInvokerServer.scala   |  7 ++++---
 .../org/apache/openwhisk/core/invoker/FPCInvokerServer.scala   |  7 ++++---
 .../apache/openwhisk/core/scheduler/FPCSchedulerServer.scala   | 10 +++++-----
 7 files changed, 25 insertions(+), 11 deletions(-)

diff --git a/ansible/group_vars/all b/ansible/group_vars/all
index 0c84b92fc..b94385cc0 100644
--- a/ansible/group_vars/all
+++ b/ansible/group_vars/all
@@ -213,6 +213,8 @@ invoker:
     {% endif %}"
   extraEnv: "{{ invoker_extraEnv | default({}) }}"
   protocol: "{{ invoker_protocol | default('https') }}"
+  username: "{{ invoker_username | default('invoker.user') }}"
+  password: "{{ invoker_password | default('invoker.pass') }}"
   ssl:
     cn: "openwhisk-invokers"
     keyPrefix: "{{ __invoker_ssl_keyPrefix }}"
diff --git a/ansible/roles/invoker/tasks/deploy.yml b/ansible/roles/invoker/tasks/deploy.yml
index 4d9b395d2..674fab91f 100644
--- a/ansible/roles/invoker/tasks/deploy.yml
+++ b/ansible/roles/invoker/tasks/deploy.yml
@@ -287,6 +287,8 @@
       "CONFIG_whisk_containerPool_prewarmExpirationCheckIntervalVariance": "{{ container_pool_prewarm_expirationCheckIntervalVariance | default('10 seconds') }}"
       "CONFIG_whisk_containerPool_prewarmPromotion": "{{ container_pool_strict | default('false') | lower }}"
       "CONFIG_whisk_containerPool_prewarmMaxRetryLimit": "{{ container_pool_prewarm_max_retry_limit | default(5) }}"
+      "CONFIG_whisk_invoker_username": "{{ invoker.username }}"
+      "CONFIG_whisk_invoker_password": "{{ invoker.password }}"
 
 - name: extend invoker dns env
   set_fact:
diff --git a/common/scala/src/main/scala/org/apache/openwhisk/core/WhiskConfig.scala b/common/scala/src/main/scala/org/apache/openwhisk/core/WhiskConfig.scala
index 5836a9fff..7ddbc1f4d 100644
--- a/common/scala/src/main/scala/org/apache/openwhisk/core/WhiskConfig.scala
+++ b/common/scala/src/main/scala/org/apache/openwhisk/core/WhiskConfig.scala
@@ -308,4 +308,10 @@ object ConfigKeys {
   val whiskClusterName = "whisk.cluster.name"
 
   val dataManagementServiceRetryInterval = "whisk.scheduler.data-management-service.retry-interval"
+
+  val whiskSchedulerUsername = "whisk.scheduler.username"
+  val whiskSchedulerPassword = "whisk.scheduler.password"
+
+  val whiskInvokerUsername = "whisk.invoker.username"
+  val whiskInvokerPassword = "whisk.invoker.password"
 }
diff --git a/core/invoker/src/main/resources/application.conf b/core/invoker/src/main/resources/application.conf
index 25818f53d..946b4717e 100644
--- a/core/invoker/src/main/resources/application.conf
+++ b/core/invoker/src/main/resources/application.conf
@@ -176,6 +176,8 @@ whisk {
   }
 
   invoker {
+    username: "invoker.user"
+    password: "invoker.pass"
     protocol: http
   }
   runtime.delete.timeout = "30 seconds"
diff --git a/core/invoker/src/main/scala/org/apache/openwhisk/core/invoker/DefaultInvokerServer.scala b/core/invoker/src/main/scala/org/apache/openwhisk/core/invoker/DefaultInvokerServer.scala
index f2c4e56ba..f3503b55e 100644
--- a/core/invoker/src/main/scala/org/apache/openwhisk/core/invoker/DefaultInvokerServer.scala
+++ b/core/invoker/src/main/scala/org/apache/openwhisk/core/invoker/DefaultInvokerServer.scala
@@ -22,8 +22,10 @@ import akka.http.scaladsl.model.StatusCodes
 import akka.http.scaladsl.model.headers.BasicHttpCredentials
 import akka.http.scaladsl.server.Route
 import org.apache.openwhisk.common.{Logging, TransactionId}
+import org.apache.openwhisk.core.ConfigKeys
 import org.apache.openwhisk.http.BasicRasService
 import org.apache.openwhisk.http.ErrorResponse.terminate
+import pureconfig.loadConfigOrThrow
 import spray.json.PrettyPrinter
 
 import scala.concurrent.ExecutionContext
@@ -57,9 +59,8 @@ class DefaultInvokerServer(val invoker: InvokerCore, systemUsername: String, sys
 
 object DefaultInvokerServer extends InvokerServerProvider {
 
-  // TODO: TBD, after FPCInvokerReactive is ready, can read the credentials from pureconfig
-  val invokerUsername = "admin"
-  val invokerPassword = "admin"
+  private val invokerUsername = loadConfigOrThrow[String](ConfigKeys.whiskInvokerUsername)
+  private val invokerPassword = loadConfigOrThrow[String](ConfigKeys.whiskInvokerPassword)
 
   override def instance(
     invoker: InvokerCore)(implicit ec: ExecutionContext, actorSystem: ActorSystem, logger: Logging): BasicRasService =
diff --git a/core/invoker/src/main/scala/org/apache/openwhisk/core/invoker/FPCInvokerServer.scala b/core/invoker/src/main/scala/org/apache/openwhisk/core/invoker/FPCInvokerServer.scala
index a3b800e1e..61d194f4b 100644
--- a/core/invoker/src/main/scala/org/apache/openwhisk/core/invoker/FPCInvokerServer.scala
+++ b/core/invoker/src/main/scala/org/apache/openwhisk/core/invoker/FPCInvokerServer.scala
@@ -22,8 +22,10 @@ import akka.http.scaladsl.model.StatusCodes
 import akka.http.scaladsl.model.headers.BasicHttpCredentials
 import akka.http.scaladsl.server.Route
 import org.apache.openwhisk.common.{Logging, TransactionId}
+import org.apache.openwhisk.core.ConfigKeys
 import org.apache.openwhisk.http.BasicRasService
 import org.apache.openwhisk.http.ErrorResponse.terminate
+import pureconfig.loadConfigOrThrow
 import spray.json.PrettyPrinter
 
 import scala.concurrent.ExecutionContext
@@ -57,9 +59,8 @@ class FPCInvokerServer(val invoker: InvokerCore, systemUsername: String, systemP
 
 object FPCInvokerServer extends InvokerServerProvider {
 
-  // TODO: TBD, after FPCInvokerReactive is ready, can read the credentials from pureconfig
-  val invokerUsername = "admin"
-  val invokerPassword = "admin"
+  private val invokerUsername = loadConfigOrThrow[String](ConfigKeys.whiskInvokerUsername)
+  private val invokerPassword = loadConfigOrThrow[String](ConfigKeys.whiskInvokerPassword)
 
   override def instance(
     invoker: InvokerCore)(implicit ec: ExecutionContext, actorSystem: ActorSystem, logger: Logging): BasicRasService =
diff --git a/core/scheduler/src/main/scala/org/apache/openwhisk/core/scheduler/FPCSchedulerServer.scala b/core/scheduler/src/main/scala/org/apache/openwhisk/core/scheduler/FPCSchedulerServer.scala
index 874362fe9..4fd2f9b69 100644
--- a/core/scheduler/src/main/scala/org/apache/openwhisk/core/scheduler/FPCSchedulerServer.scala
+++ b/core/scheduler/src/main/scala/org/apache/openwhisk/core/scheduler/FPCSchedulerServer.scala
@@ -23,8 +23,10 @@ import akka.http.scaladsl.model.StatusCodes
 import akka.http.scaladsl.model.headers.BasicHttpCredentials
 import akka.http.scaladsl.server.Route
 import org.apache.openwhisk.common.{Logging, TransactionId}
+import org.apache.openwhisk.core.ConfigKeys
 import org.apache.openwhisk.http.BasicRasService
 import org.apache.openwhisk.http.ErrorResponse.terminate
+import pureconfig.loadConfigOrThrow
 import spray.json.DefaultJsonProtocol._
 import spray.json._
 
@@ -75,11 +77,9 @@ class FPCSchedulerServer(scheduler: SchedulerCore, systemUsername: String, syste
 
 object FPCSchedulerServer {
 
-  // TODO: TBD, after FPCScheduler is ready, can read the credentials from pureconfig
-  val schedulerUsername = "admin"
-  val schedulerPassword = "admin"
-
-  val queuePathPrefix = "queue"
+  private val schedulerUsername = loadConfigOrThrow[String](ConfigKeys.whiskSchedulerUsername)
+  private val schedulerPassword = loadConfigOrThrow[String](ConfigKeys.whiskSchedulerPassword)
+  private val queuePathPrefix = "queue"
 
   def instance(scheduler: SchedulerCore)(implicit ec: ExecutionContext,
                                          actorSystem: ActorSystem,