You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mesos.apache.org by an...@apache.org on 2017/03/25 19:06:38 UTC

[02/14] mesos git commit: Added support for auth tokens to the default executor.

Added support for auth tokens to the default executor.

This patch updates the default executor to extract
an authentication token from its environment when present,
and use this token to authenticate with the agent.

Review: https://reviews.apache.org/r/57808/


Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/0fea4c5f
Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/0fea4c5f
Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/0fea4c5f

Branch: refs/heads/master
Commit: 0fea4c5fb4ab785cf8c6d6db9e288391a8705e65
Parents: dfdd9bd
Author: Greg Mann <gr...@mesosphere.io>
Authored: Sat Mar 25 12:04:14 2017 -0700
Committer: Anand Mazumdar <an...@apache.org>
Committed: Sat Mar 25 12:04:14 2017 -0700

----------------------------------------------------------------------
 src/launcher/default_executor.cpp | 20 +++++++++++++++++---
 1 file changed, 17 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/mesos/blob/0fea4c5f/src/launcher/default_executor.cpp
----------------------------------------------------------------------
diff --git a/src/launcher/default_executor.cpp b/src/launcher/default_executor.cpp
index ee24531..606fd9c 100644
--- a/src/launcher/default_executor.cpp
+++ b/src/launcher/default_executor.cpp
@@ -120,7 +120,8 @@ public:
       const ExecutorID& _executorId,
       const ::URL& _agent,
       const string& _sandboxDirectory,
-      const string& _launcherDirectory)
+      const string& _launcherDirectory,
+      const Option<string>& _authenticationToken)
     : ProcessBase(process::ID::generate("default-executor")),
       state(DISCONNECTED),
       contentType(ContentType::PROTOBUF),
@@ -133,7 +134,8 @@ public:
       executorId(_executorId),
       agent(_agent),
       sandboxDirectory(_sandboxDirectory),
-      launcherDirectory(_launcherDirectory) {}
+      launcherDirectory(_launcherDirectory),
+      authenticationToken(_authenticationToken) {}
 
   virtual ~DefaultExecutor() = default;
 
@@ -1191,6 +1193,10 @@ private:
     request.headers = {{"Accept", stringify(contentType)},
                        {"Content-Type", stringify(contentType)}};
 
+    if (authenticationToken.isSome()) {
+      request.headers["Authorization"] = "Bearer " + authenticationToken.get();
+    }
+
     // Only pipeline requests when there is an active connection.
     if (connection.isSome()) {
       request.keepAlive = true;
@@ -1286,6 +1292,7 @@ private:
   const ::URL agent; // Agent API URL.
   const string sandboxDirectory;
   const string launcherDirectory;
+  const Option<string> authenticationToken;
 
   LinkedHashMap<UUID, Call::Update> unacknowledgedUpdates;
 
@@ -1392,13 +1399,20 @@ int main(int argc, char** argv)
   }
   sandboxDirectory = value.get();
 
+  Option<string> authenticationToken;
+  value = os::getenv("MESOS_EXECUTOR_AUTHENTICATION_TOKEN");
+  if (value.isSome()) {
+    authenticationToken = value.get();
+  }
+
   Owned<mesos::internal::DefaultExecutor> executor(
       new mesos::internal::DefaultExecutor(
           frameworkId,
           executorId,
           agent,
           sandboxDirectory,
-          flags.launcher_dir));
+          flags.launcher_dir,
+          authenticationToken));
 
   process::spawn(executor.get());
   process::wait(executor.get());