diff options
author | Christopher Baines <mail@cbaines.net> | 2021-02-28 18:41:07 +0000 |
---|---|---|
committer | Christopher Baines <mail@cbaines.net> | 2021-02-28 18:41:07 +0000 |
commit | 1f79fc38a17ceda30f378efd4e7f80f252c99b4d (patch) | |
tree | e5cf6166d69b3f7249d4006846751bf1fb6e5720 /scripts/guix-build-coordinator-agent.in | |
parent | caf63dce0ea29a07c5205a69ff6f60b7c6b60084 (diff) | |
download | build-coordinator-1f79fc38a17ceda30f378efd4e7f80f252c99b4d.tar build-coordinator-1f79fc38a17ceda30f378efd4e7f80f252c99b4d.tar.gz |
Add a new dynamic authentication approach
This avoids the need to create agents upfront, which could be useful when
creating many childhurd VMs or using scheduling tools to dynamically run
agents.
Diffstat (limited to 'scripts/guix-build-coordinator-agent.in')
-rw-r--r-- | scripts/guix-build-coordinator-agent.in | 65 |
1 files changed, 53 insertions, 12 deletions
diff --git a/scripts/guix-build-coordinator-agent.in b/scripts/guix-build-coordinator-agent.in index 895adf7..b5c0bd0 100644 --- a/scripts/guix-build-coordinator-agent.in +++ b/scripts/guix-build-coordinator-agent.in @@ -23,13 +23,15 @@ ;;; <http://www.gnu.org/licenses/>. (use-modules (srfi srfi-1) + (srfi srfi-11) (srfi srfi-37) (ice-9 threads) (ice-9 textual-ports) ((guix config) #:prefix guix-config:) (guix-build-coordinator utils) (guix-build-coordinator agent) - (guix-build-coordinator agent-messaging)) + (guix-build-coordinator agent-messaging) + (guix-build-coordinator agent-messaging http)) (define %options ;; Specifications of the command-line options @@ -43,6 +45,11 @@ (alist-cons 'uuid arg result))) + (option '("name") #t #f + (lambda (opt name arg result) + (alist-cons 'name + arg + result))) (option '("password") #t #f (lambda (opt name arg result) (alist-cons 'password @@ -54,6 +61,17 @@ (string-trim-right (call-with-input-file arg get-string-all)) result))) + (option '("dynamic-auth-token") #t #f + (lambda (opt name arg result) + (alist-cons 'dynamic-auth-token + arg + result))) + (option '("dynamic-auth-token-file") #t #f + (lambda (opt name arg result) + (alist-cons 'dynamic-auth-token + (string-trim-right + (call-with-input-file arg get-string-all)) + result))) (option '("max-parallel-builds") #t #f (lambda (opt name arg result) (alist-cons 'max-parallel-builds @@ -117,16 +135,39 @@ (let ((opts (parse-options %options %option-defaults (cdr (program-arguments))))) - (run-agent (assq-ref opts 'uuid) + (let-values + (((uuid coordinator-interface) + (cond + ((and (string? (assq-ref opts 'uuid)) + (string? (assq-ref opts 'password))) + (values + (assq-ref opts 'uuid) + (make-http-agent-interface + (assq-ref opts 'coordinator) + (assq-ref opts 'uuid) + (assq-ref opts 'password)))) + ((and (string? (assq-ref opts 'name)) + (string? (assq-ref opts 'dynamic-auth-token))) + (let ((session-credentials + (fetch-session-credentials (assq-ref opts 'coordinator) + (assq-ref opts 'name) + (assq-ref opts 'dynamic-auth-token)))) + (values + (assoc-ref session-credentials "id") (make-http-agent-interface (assq-ref opts 'coordinator) - (assq-ref opts 'uuid) - (assq-ref opts 'password)) - (delete-duplicates (assq-ref opts 'systems)) - (assq-ref opts 'max-parallel-builds) - (or (assq-ref opts 'derivation-substitute-urls) - (assq-ref opts 'substitute-urls)) - (or (assq-ref opts 'non-derivation-substitute-urls) - (assq-ref opts 'substitute-urls)) - (assq-ref opts 'metrics-file) - (assq-ref opts 'max-1min-load-average))) + (assoc-ref session-credentials "id") + (assoc-ref session-credentials "password"))))) + (else + (error "unknown coordinator interface"))))) + + (run-agent uuid + coordinator-interface + (delete-duplicates (assq-ref opts 'systems)) + (assq-ref opts 'max-parallel-builds) + (or (assq-ref opts 'derivation-substitute-urls) + (assq-ref opts 'substitute-urls)) + (or (assq-ref opts 'non-derivation-substitute-urls) + (assq-ref opts 'substitute-urls)) + (assq-ref opts 'metrics-file) + (assq-ref opts 'max-1min-load-average)))) |