You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openwhisk.apache.org by ni...@apache.org on 2022/05/31 06:23:45 UTC
[openwhisk] branch master updated: Use pureconfig for invoker/scheduler's basic http auth (#5252)
This is an automated email from the ASF dual-hosted git repository.
ningyougang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/openwhisk.git
The following commit(s) were added to refs/heads/master by this push:
new 0c4aab1bd Use pureconfig for invoker/scheduler's basic http auth (#5252)
0c4aab1bd is described below
commit 0c4aab1bd57bc4b8eb1e0e968b714e6447aeabea
Author: jiangpengcheng <ji...@navercorp.com>
AuthorDate: Tue May 31 14:23:36 2022 +0800
Use pureconfig for invoker/scheduler's basic http auth (#5252)
---
ansible/group_vars/all | 2 ++
ansible/roles/invoker/tasks/deploy.yml | 2 ++
.../src/main/scala/org/apache/openwhisk/core/WhiskConfig.scala | 6 ++++++
core/invoker/src/main/resources/application.conf | 2 ++
.../apache/openwhisk/core/invoker/DefaultInvokerServer.scala | 7 ++++---
.../org/apache/openwhisk/core/invoker/FPCInvokerServer.scala | 7 ++++---
.../apache/openwhisk/core/scheduler/FPCSchedulerServer.scala | 10 +++++-----
7 files changed, 25 insertions(+), 11 deletions(-)
diff --git a/ansible/group_vars/all b/ansible/group_vars/all
index 0c84b92fc..b94385cc0 100644
--- a/ansible/group_vars/all
+++ b/ansible/group_vars/all
@@ -213,6 +213,8 @@ invoker:
{% endif %}"
extraEnv: "{{ invoker_extraEnv | default({}) }}"
protocol: "{{ invoker_protocol | default('https') }}"
+ username: "{{ invoker_username | default('invoker.user') }}"
+ password: "{{ invoker_password | default('invoker.pass') }}"
ssl:
cn: "openwhisk-invokers"
keyPrefix: "{{ __invoker_ssl_keyPrefix }}"
diff --git a/ansible/roles/invoker/tasks/deploy.yml b/ansible/roles/invoker/tasks/deploy.yml
index 4d9b395d2..674fab91f 100644
--- a/ansible/roles/invoker/tasks/deploy.yml
+++ b/ansible/roles/invoker/tasks/deploy.yml
@@ -287,6 +287,8 @@
"CONFIG_whisk_containerPool_prewarmExpirationCheckIntervalVariance": "{{ container_pool_prewarm_expirationCheckIntervalVariance | default('10 seconds') }}"
"CONFIG_whisk_containerPool_prewarmPromotion": "{{ container_pool_strict | default('false') | lower }}"
"CONFIG_whisk_containerPool_prewarmMaxRetryLimit": "{{ container_pool_prewarm_max_retry_limit | default(5) }}"
+ "CONFIG_whisk_invoker_username": "{{ invoker.username }}"
+ "CONFIG_whisk_invoker_password": "{{ invoker.password }}"
- name: extend invoker dns env
set_fact:
diff --git a/common/scala/src/main/scala/org/apache/openwhisk/core/WhiskConfig.scala b/common/scala/src/main/scala/org/apache/openwhisk/core/WhiskConfig.scala
index 5836a9fff..7ddbc1f4d 100644
--- a/common/scala/src/main/scala/org/apache/openwhisk/core/WhiskConfig.scala
+++ b/common/scala/src/main/scala/org/apache/openwhisk/core/WhiskConfig.scala
@@ -308,4 +308,10 @@ object ConfigKeys {
val whiskClusterName = "whisk.cluster.name"
val dataManagementServiceRetryInterval = "whisk.scheduler.data-management-service.retry-interval"
+
+ val whiskSchedulerUsername = "whisk.scheduler.username"
+ val whiskSchedulerPassword = "whisk.scheduler.password"
+
+ val whiskInvokerUsername = "whisk.invoker.username"
+ val whiskInvokerPassword = "whisk.invoker.password"
}
diff --git a/core/invoker/src/main/resources/application.conf b/core/invoker/src/main/resources/application.conf
index 25818f53d..946b4717e 100644
--- a/core/invoker/src/main/resources/application.conf
+++ b/core/invoker/src/main/resources/application.conf
@@ -176,6 +176,8 @@ whisk {
}
invoker {
+ username: "invoker.user"
+ password: "invoker.pass"
protocol: http
}
runtime.delete.timeout = "30 seconds"
diff --git a/core/invoker/src/main/scala/org/apache/openwhisk/core/invoker/DefaultInvokerServer.scala b/core/invoker/src/main/scala/org/apache/openwhisk/core/invoker/DefaultInvokerServer.scala
index f2c4e56ba..f3503b55e 100644
--- a/core/invoker/src/main/scala/org/apache/openwhisk/core/invoker/DefaultInvokerServer.scala
+++ b/core/invoker/src/main/scala/org/apache/openwhisk/core/invoker/DefaultInvokerServer.scala
@@ -22,8 +22,10 @@ import akka.http.scaladsl.model.StatusCodes
import akka.http.scaladsl.model.headers.BasicHttpCredentials
import akka.http.scaladsl.server.Route
import org.apache.openwhisk.common.{Logging, TransactionId}
+import org.apache.openwhisk.core.ConfigKeys
import org.apache.openwhisk.http.BasicRasService
import org.apache.openwhisk.http.ErrorResponse.terminate
+import pureconfig.loadConfigOrThrow
import spray.json.PrettyPrinter
import scala.concurrent.ExecutionContext
@@ -57,9 +59,8 @@ class DefaultInvokerServer(val invoker: InvokerCore, systemUsername: String, sys
object DefaultInvokerServer extends InvokerServerProvider {
- // TODO: TBD, after FPCInvokerReactive is ready, can read the credentials from pureconfig
- val invokerUsername = "admin"
- val invokerPassword = "admin"
+ private val invokerUsername = loadConfigOrThrow[String](ConfigKeys.whiskInvokerUsername)
+ private val invokerPassword = loadConfigOrThrow[String](ConfigKeys.whiskInvokerPassword)
override def instance(
invoker: InvokerCore)(implicit ec: ExecutionContext, actorSystem: ActorSystem, logger: Logging): BasicRasService =
diff --git a/core/invoker/src/main/scala/org/apache/openwhisk/core/invoker/FPCInvokerServer.scala b/core/invoker/src/main/scala/org/apache/openwhisk/core/invoker/FPCInvokerServer.scala
index a3b800e1e..61d194f4b 100644
--- a/core/invoker/src/main/scala/org/apache/openwhisk/core/invoker/FPCInvokerServer.scala
+++ b/core/invoker/src/main/scala/org/apache/openwhisk/core/invoker/FPCInvokerServer.scala
@@ -22,8 +22,10 @@ import akka.http.scaladsl.model.StatusCodes
import akka.http.scaladsl.model.headers.BasicHttpCredentials
import akka.http.scaladsl.server.Route
import org.apache.openwhisk.common.{Logging, TransactionId}
+import org.apache.openwhisk.core.ConfigKeys
import org.apache.openwhisk.http.BasicRasService
import org.apache.openwhisk.http.ErrorResponse.terminate
+import pureconfig.loadConfigOrThrow
import spray.json.PrettyPrinter
import scala.concurrent.ExecutionContext
@@ -57,9 +59,8 @@ class FPCInvokerServer(val invoker: InvokerCore, systemUsername: String, systemP
object FPCInvokerServer extends InvokerServerProvider {
- // TODO: TBD, after FPCInvokerReactive is ready, can read the credentials from pureconfig
- val invokerUsername = "admin"
- val invokerPassword = "admin"
+ private val invokerUsername = loadConfigOrThrow[String](ConfigKeys.whiskInvokerUsername)
+ private val invokerPassword = loadConfigOrThrow[String](ConfigKeys.whiskInvokerPassword)
override def instance(
invoker: InvokerCore)(implicit ec: ExecutionContext, actorSystem: ActorSystem, logger: Logging): BasicRasService =
diff --git a/core/scheduler/src/main/scala/org/apache/openwhisk/core/scheduler/FPCSchedulerServer.scala b/core/scheduler/src/main/scala/org/apache/openwhisk/core/scheduler/FPCSchedulerServer.scala
index 874362fe9..4fd2f9b69 100644
--- a/core/scheduler/src/main/scala/org/apache/openwhisk/core/scheduler/FPCSchedulerServer.scala
+++ b/core/scheduler/src/main/scala/org/apache/openwhisk/core/scheduler/FPCSchedulerServer.scala
@@ -23,8 +23,10 @@ import akka.http.scaladsl.model.StatusCodes
import akka.http.scaladsl.model.headers.BasicHttpCredentials
import akka.http.scaladsl.server.Route
import org.apache.openwhisk.common.{Logging, TransactionId}
+import org.apache.openwhisk.core.ConfigKeys
import org.apache.openwhisk.http.BasicRasService
import org.apache.openwhisk.http.ErrorResponse.terminate
+import pureconfig.loadConfigOrThrow
import spray.json.DefaultJsonProtocol._
import spray.json._
@@ -75,11 +77,9 @@ class FPCSchedulerServer(scheduler: SchedulerCore, systemUsername: String, syste
object FPCSchedulerServer {
- // TODO: TBD, after FPCScheduler is ready, can read the credentials from pureconfig
- val schedulerUsername = "admin"
- val schedulerPassword = "admin"
-
- val queuePathPrefix = "queue"
+ private val schedulerUsername = loadConfigOrThrow[String](ConfigKeys.whiskSchedulerUsername)
+ private val schedulerPassword = loadConfigOrThrow[String](ConfigKeys.whiskSchedulerPassword)
+ private val queuePathPrefix = "queue"
def instance(scheduler: SchedulerCore)(implicit ec: ExecutionContext,
actorSystem: ActorSystem,