commands

package
v0.0.0-...-bee7c02 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 11, 2025 License: BSD-3-Clause, BSD-3-Clause Imports: 19 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AuthenticateBbclientd

func AuthenticateBbclientd(address string, token string, debug bool)

AuthenticateBbclientd auths our CAS mounts

bb_clientd mounts CAS as a fuse filesystem. It also runs a grpc enpoint that acts as a proxy for our build cluster backend.

It authenticates the fuse filesystem by intercepting credentials that come from requests from the RBE client (bazel). Those credentials are reused when a user wants to read a file from CAS (testslogs from failed builds, etc..).

The issue with this auth setup is that users must do an initial bazel invocation to "seed" the credentials before they're able to use the CAS mounts. This is a poor user experience.

To get around this we're sending a dummy rpc request through the proxy at `enkit login` so that bbclientd is automatically authenticated on user login for the day.

A less hacky approach would be to add proper credentials helper support for bb_clientd so auth happens when the daemon starts up. Upstream has already indicated they'd be happy to accept this contribution. If we're able to land that feature (or someone else does) then this code can be removed.

The ticket for cred helper support in bb_clientd: ENGPROD-355

func TokenAuthInterceptor

func TokenAuthInterceptor(token string) grpc.UnaryClientInterceptor

Adds our auth headers to our requests

Types

type Login

type Login struct {
	*cobra.Command

	BbclientdAddress string
	Debug            bool
	NoDefault        bool
	MinWaitTime      time.Duration
	// contains filtered or unexported fields
}

func NewLogin

func NewLogin(base *client.BaseFlags, rng *rand.Rand, populator kflags.Populator) *Login

NewLogin creates a new Login command.

Base is the pointer to a base object, initialized with NewBase. rng is a secure random number generator.

When the login command is run, it will: - apply the configuration defaults necessary for the domain, using a populator. - retrieve an authentication token from the authentication server. - save it on disk, optionally as a default identity.

func (*Login) Run

func (l *Login) Run(cmd *cobra.Command, args []string) error

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL