You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@datalab.apache.org by lf...@apache.org on 2022/11/02 08:47:02 UTC
[incubator-datalab] 01/09: fixed conflict
This is an automated email from the ASF dual-hosted git repository.
lfrolov pushed a commit to branch epm-v2.5.2.1
in repository https://gitbox.apache.org/repos/asf/incubator-datalab.git
commit cf6f85fbd354a10e4f371c68f928ee30a84b461f
Author: leonidfrolov <fr...@gmail.com>
AuthorDate: Tue Oct 11 17:59:39 2022 +0300
fixed conflict
---
.../src/base/scripts/configure_keycloak.py | 20 ++++++++---
.../src/general/lib/os/fab.py | 32 ++++++++++-------
.../src/general/scripts/gcp/jupyter_configure.py | 41 ++++++++++++++++++++++
3 files changed, 76 insertions(+), 17 deletions(-)
diff --git a/infrastructure-provisioning/src/base/scripts/configure_keycloak.py b/infrastructure-provisioning/src/base/scripts/configure_keycloak.py
index 5974b2c45..516a8ab52 100644
--- a/infrastructure-provisioning/src/base/scripts/configure_keycloak.py
+++ b/infrastructure-provisioning/src/base/scripts/configure_keycloak.py
@@ -40,6 +40,7 @@ parser.add_argument('--instance_public_ip', type=str, default='')
parser.add_argument('--hostname', type=str, default='')
parser.add_argument('--project_name', type=str, default='')
parser.add_argument('--endpoint_name', type=str, default='')
+parser.add_argument('--exploratory_name', type=str, default='')
args = parser.parse_args()
##############
@@ -50,6 +51,7 @@ if __name__ == "__main__":
logging.info('[CONFIGURE KEYCLOAK]')
keycloak_auth_server_url = '{}/realms/master/protocol/openid-connect/token'.format(
args.keycloak_auth_server_url)
+
keycloak_auth_data = {
"username": args.keycloak_user,
"password": args.keycloak_user_password,
@@ -63,26 +65,36 @@ if __name__ == "__main__":
keycloak_client_create_url = '{0}/admin/realms/{1}/clients'.format(args.keycloak_auth_server_url,
args.keycloak_realm_name)
if args.project_name and args.endpoint_name:
- keycloak_client_name = "{0}-{1}-{2}".format(args.service_base_name, args.project_name, args.endpoint_name)
+ if args.exploratory_name:
+ keycloak_client_name = "{0}-{1}-{2}-{3}".format(args.service_base_name, args.project_name,
+ args.endpoint_name, args.exploratory_name)
+ else:
+ keycloak_client_name = "{0}-{1}-{2}".format(args.service_base_name, args.project_name,
+ args.endpoint_name)
else:
keycloak_client_name = "{0}-ui".format(args.service_base_name)
+
keycloak_client_id = str(uuid.uuid4())
- if args.hostname == '':
+
+ if not args.hostname:
keycloak_redirectUris = 'https://{0}/*,http://{0}/*'.format(args.instance_public_ip).lower().split(',')
else:
keycloak_redirectUris = 'https://{0}/*,http://{0}/*,https://{1}/*,http://{1}/*'.format(
args.instance_public_ip, args.hostname).lower().split(',')
+
keycloak_client_data = {
"clientId": keycloak_client_name,
"id": keycloak_client_id,
"enabled": "true",
- "redirectUris": keycloak_redirectUris,
"publicClient": "false",
"secret": args.keycloak_client_secret,
"protocol": "openid-connect",
}
- if not args.project_name:
+ if not args.exploratory_name:
+ keycloak_client_data["redirectUris"] = keycloak_redirectUris
+
+ if args.exploratory_name or not args.project_name:
keycloak_client_data["serviceAccountsEnabled"] = "true"
try:
diff --git a/infrastructure-provisioning/src/general/lib/os/fab.py b/infrastructure-provisioning/src/general/lib/os/fab.py
index b4f93a218..d32fd54bc 100644
--- a/infrastructure-provisioning/src/general/lib/os/fab.py
+++ b/infrastructure-provisioning/src/general/lib/os/fab.py
@@ -40,22 +40,28 @@ from patchwork import files
# general functions for all resources
-def init_datalab_connection(hostname, username, keyfile):
+
+def init_datalab_connection(hostname, username, keyfile, reserve_user='', run_echo=True):
try:
global conn
- attempt = 0
- while attempt < 15:
- logging.info('connection attempt {}'.format(attempt))
- conn = Connection(host=hostname, user=username, connect_kwargs={'banner_timeout': 200,
+ if reserve_user:
+ users = [username, reserve_user]
+ else:
+ users = [username]
+ for user in users:
+ attempt = 0
+ while attempt < 15:
+ logging.info('connection attempt {} with user {}'.format(attempt, user))
+ conn = Connection(host=hostname, user=user, connect_kwargs={'banner_timeout': 200,
'key_filename': keyfile})
- conn.config.run.echo = True
- try:
- conn.run('hostname')
- conn.config.run.echo = True
- return conn
- except:
- attempt += 1
- time.sleep(10)
+ conn.config.run.echo = run_echo
+ try:
+ conn.run('hostname')
+ conn.config.run.echo = run_echo
+ return conn
+ except:
+ attempt += 1
+ time.sleep(10)
if attempt == 15:
logging.info('Unable to establish connection')
raise Exception
diff --git a/infrastructure-provisioning/src/general/scripts/gcp/jupyter_configure.py b/infrastructure-provisioning/src/general/scripts/gcp/jupyter_configure.py
index caa17e17d..5e972b84e 100644
--- a/infrastructure-provisioning/src/general/scripts/gcp/jupyter_configure.py
+++ b/infrastructure-provisioning/src/general/scripts/gcp/jupyter_configure.py
@@ -31,6 +31,7 @@ import sys
import traceback
import subprocess
from fabric import *
+import uuid
if __name__ == "__main__":
try:
@@ -205,6 +206,46 @@ if __name__ == "__main__":
datalab.fab.append_result("Failed to setup git credentials.", str(err))
GCPActions.remove_instance(notebook_config['instance_name'], notebook_config['zone'])
sys.exit(1)
+
+ try:
+ logging.info('[SETUP KEYCLOAK CLIENT]')
+ notebook_config['keycloak_client_name'] = '{}-{}-{}-{}'\
+ .format(notebook_config['service_base_name'], notebook_config['project_name'],
+ notebook_config['endpoint_name'], notebook_config['exploratory_name'])
+ notebook_config['keycloak_client_secret'] = str(uuid.uuid4())
+ keycloak_params = "--service_base_name {} --keycloak_auth_server_url {} --keycloak_realm_name {} " \
+ "--keycloak_user {} --keycloak_user_password {} --keycloak_client_secret {} " \
+ "--project_name {} --endpoint_name {} --exploratory_name {}"\
+ .format(notebook_config['service_base_name'], os.environ['keycloak_auth_server_url'],
+ os.environ['keycloak_realm_name'], os.environ['keycloak_user'],
+ os.environ['keycloak_user_password'], notebook_config['keycloak_client_secret'],
+ notebook_config['project_name'], notebook_config['endpoint_name'],
+ notebook_config['exploratory_name'])
+ try:
+ subprocess.run("~/scripts/{}.py {}".format('configure_keycloak', keycloak_params), shell=True, check=True)
+ except:
+ datalab.fab.append_result("Failed setup keycloak client")
+ raise Exception
+
+ try:
+ conn = datalab.fab.init_datalab_connection(instance_hostname, notebook_config['datalab_ssh_user'],
+ notebook_config['ssh_key_path'], '', False)
+
+ with open("/home/datalab-user/template.json") as py3kernel:
+ content = json.loads(py3kernel.read())
+ content['env']['KEYCLOAK_CLIENT'] = notebook_config['keycloak_client_name']
+ content['env']['KEYCLOAK_SECRET'] = notebook_config['keycloak_client_secret']
+ print(content['env'])
+ with open("/home/datalab-user/template.json", 'w') as py3kernel:
+ py3kernel.write(json.dumps(content))
+ except:
+ datalab.fab.append_result("Failed to write variables to .bashrc")
+ raise Exception
+
+ except Exception as err:
+ datalab.fab.append_result("Failed setup keycloak client ", str(err))
+ GCPActions.remove_instance(notebook_config['instance_name'], notebook_config['zone'])
+ sys.exit(1)
if notebook_config['image_enabled'] == 'true':
try:
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@datalab.apache.org
For additional commands, e-mail: commits-help@datalab.apache.org