You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by bz...@apache.org on 2022/09/19 06:00:14 UTC

[apisix-python-plugin-runner] branch master updated: fix: socket file permission (#55)

This is an automated email from the ASF dual-hosted git repository.

bzp2010 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix-python-plugin-runner.git


The following commit(s) were added to refs/heads/master by this push:
     new 250b936  fix: socket file permission (#55)
250b936 is described below

commit 250b936f489fc540c465b434d427834448104ac4
Author: Young <is...@outlook.com>
AuthorDate: Mon Sep 19 14:00:10 2022 +0800

    fix: socket file permission (#55)
---
 apisix/runner/server/server.py            |  6 +++++
 ci/apisix/config.yaml                     | 40 ++++++++++++++++++++++---------
 ci/docker-compose.yml                     |  1 +
 tests/e2e/plugins/plugins_rewrite_test.go |  2 +-
 tests/e2e/plugins/plugins_stop_test.go    |  2 +-
 tests/e2e/tools/tools.go                  | 10 ++++++--
 6 files changed, 46 insertions(+), 15 deletions(-)

diff --git a/apisix/runner/server/server.py b/apisix/runner/server/server.py
index eb7cd3a..347d51b 100644
--- a/apisix/runner/server/server.py
+++ b/apisix/runner/server/server.py
@@ -84,6 +84,12 @@ class Server:
         self.sock.bind(self.fd)
         self.sock.listen(1024)
 
+        # the default socket permission is 0755, which prevents the 'nobody' worker process
+        # from writing to it if the APISIX is run under root.
+        os.chmod(self.fd, 0o766)
+        if os.stat(self.fd).st_mode & 0xfff != 0o766:
+            raise Exception("can't change mode for unix socket permission to 766")
+
         self.logger = NewServerLogger(config.logging.level)
 
         print("listening on unix:%s" % self.fd)
diff --git a/ci/apisix/config.yaml b/ci/apisix/config.yaml
index 379137a..455f2b2 100644
--- a/ci/apisix/config.yaml
+++ b/ci/apisix/config.yaml
@@ -16,21 +16,39 @@
 #
 
 apisix:
-  allow_admin:
-    - 0.0.0.0/0
+  node_listen:
+    - 9080
   enable_control: true
   control:
     ip: "0.0.0.0"
     port: 9092
-  admin_key:
-    - name: admin
-      key: edd1c9f034335f136f87ad84b625c8f1
-      role: admin
-etcd:
-   host:
-     - http://etcd:2379
-   prefix: "/apisix"
-   timeout: 30
+
+deployment:
+  role: traditional
+  role_traditional:
+    config_provider: etcd
+  admin:
+    admin_key:
+      -
+        name: admin
+        key: edd1c9f034335f136f87ad84b625c8f1
+        role: admin
+
+    enable_admin_cors: true
+    allow_admin:
+      - 0.0.0.0/0
+    admin_listen:
+      ip: 0.0.0.0
+      port: 9180
+
+    admin_api_version: v3
+
+  etcd:
+    host:
+      - "http://etcd:2379"
+    timeout: 30
+    startup_retry: 2
+
 ext-plugin:
   path_for_test: /tmp/runner.sock
 nginx_config:
diff --git a/ci/docker-compose.yml b/ci/docker-compose.yml
index 0843858..40faba1 100644
--- a/ci/docker-compose.yml
+++ b/ci/docker-compose.yml
@@ -27,6 +27,7 @@ services:
     depends_on:
       - etcd
     ports:
+      - "9180:9180/tcp"
       - "9080:9080/tcp"
       - "9091:9091/tcp"
       - "9443:9443/tcp"
diff --git a/tests/e2e/plugins/plugins_rewrite_test.go b/tests/e2e/plugins/plugins_rewrite_test.go
index 31056e8..4a23e99 100644
--- a/tests/e2e/plugins/plugins_rewrite_test.go
+++ b/tests/e2e/plugins/plugins_rewrite_test.go
@@ -32,7 +32,7 @@ var _ = ginkgo.Describe("Rewrite Plugin", func() {
 			tools.RunTestCase(tc)
 		},
 		table.Entry("create python runner rewrite plugin route success", tools.HttpTestCase{
-			Object: tools.GetA6Expect(),
+			Object: tools.PutA6Conf(),
 			Method: http.MethodPut,
 			Path:   "/apisix/admin/routes/1",
 			Body: `{
diff --git a/tests/e2e/plugins/plugins_stop_test.go b/tests/e2e/plugins/plugins_stop_test.go
index 19f7410..930c1ba 100644
--- a/tests/e2e/plugins/plugins_stop_test.go
+++ b/tests/e2e/plugins/plugins_stop_test.go
@@ -32,7 +32,7 @@ var _ = ginkgo.Describe("Stop Plugin", func() {
 			tools.RunTestCase(tc)
 		},
 		table.Entry("create python runner stop plugin route success", tools.HttpTestCase{
-			Object: tools.GetA6Expect(),
+			Object: tools.PutA6Conf(),
 			Method: http.MethodPut,
 			Path:   "/apisix/admin/routes/1",
 			Body: `{
diff --git a/tests/e2e/tools/tools.go b/tests/e2e/tools/tools.go
index 064d93b..69af9d4 100644
--- a/tests/e2e/tools/tools.go
+++ b/tests/e2e/tools/tools.go
@@ -27,16 +27,22 @@ import (
 
 var (
 	token  = "edd1c9f034335f136f87ad84b625c8f1"
-	A6Host = "http://127.0.0.1:9080"
+	A6_CP_Host = "http://127.0.0.1:9180"
+	A6_DP_Host = "http://127.0.0.1:9080"
 )
 
 func GetAdminToken() string {
 	return token
 }
 
+func PutA6Conf() *httpexpect.Expect {
+	t := ginkgo.GinkgoT()
+	return httpexpect.New(t, A6_CP_Host)
+}
+
 func GetA6Expect() *httpexpect.Expect {
 	t := ginkgo.GinkgoT()
-	return httpexpect.New(t, A6Host)
+	return httpexpect.New(t, A6_DP_Host)
 }
 
 type HttpTestCase struct {