Add config option to enable (m)TLS between Poseidon and Nomad
This commit is contained in:
Jan-Eric Hellenberg
committed by
Jan-Eric Hellenberg
Jan-Eric Hellenberg
parent
e2d71a11ad
commit
6a60b6cd89
@@ -5,8 +5,8 @@ import (
|
||||
"errors"
|
||||
"fmt"
|
||||
nomadApi "github.com/hashicorp/nomad/api"
|
||||
"gitlab.hpi.de/codeocean/codemoon/poseidon/internal/config"
|
||||
"io"
|
||||
"net/url"
|
||||
)
|
||||
|
||||
var (
|
||||
@@ -16,7 +16,7 @@ var (
|
||||
// apiQuerier provides access to the Nomad functionality.
|
||||
type apiQuerier interface {
|
||||
// init prepares an apiClient to be able to communicate to a provided Nomad API.
|
||||
init(nomadURL *url.URL, nomadNamespace, nomadToken string) (err error)
|
||||
init(nomadConfig *config.Nomad) (err error)
|
||||
|
||||
// LoadJobList loads the list of jobs from the Nomad API.
|
||||
LoadJobList() (list []*nomadApi.JobListStub, err error)
|
||||
@@ -61,17 +61,24 @@ type nomadAPIClient struct {
|
||||
namespace string
|
||||
}
|
||||
|
||||
func (nc *nomadAPIClient) init(nomadURL *url.URL, nomadNamespace, nomadToken string) (err error) {
|
||||
func (nc *nomadAPIClient) init(nomadConfig *config.Nomad) (err error) {
|
||||
nomadTLSConfig := &nomadApi.TLSConfig{}
|
||||
if nomadConfig.TLS.Active {
|
||||
nomadTLSConfig.CACert = nomadConfig.TLS.CAFile
|
||||
nomadTLSConfig.ClientCert = nomadConfig.TLS.CertFile
|
||||
nomadTLSConfig.ClientKey = nomadConfig.TLS.KeyFile
|
||||
}
|
||||
|
||||
nc.client, err = nomadApi.NewClient(&nomadApi.Config{
|
||||
Address: nomadURL.String(),
|
||||
TLSConfig: &nomadApi.TLSConfig{},
|
||||
Namespace: nomadNamespace,
|
||||
SecretID: nomadToken,
|
||||
Address: nomadConfig.URL().String(),
|
||||
TLSConfig: nomadTLSConfig,
|
||||
Namespace: nomadConfig.Namespace,
|
||||
SecretID: nomadConfig.Token,
|
||||
})
|
||||
if err != nil {
|
||||
return fmt.Errorf("error creating new Nomad client: %w", err)
|
||||
}
|
||||
nc.namespace = nomadNamespace
|
||||
nc.namespace = nomadConfig.Namespace
|
||||
return nil
|
||||
}
|
||||
|
||||
|
||||
@@ -6,12 +6,11 @@ import (
|
||||
context "context"
|
||||
|
||||
api "github.com/hashicorp/nomad/api"
|
||||
config "gitlab.hpi.de/codeocean/codemoon/poseidon/internal/config"
|
||||
|
||||
io "io"
|
||||
|
||||
mock "github.com/stretchr/testify/mock"
|
||||
|
||||
url "net/url"
|
||||
)
|
||||
|
||||
// apiQuerierMock is an autogenerated mock type for the apiQuerier type
|
||||
@@ -202,13 +201,13 @@ func (_m *apiQuerierMock) allocation(jobID string) (*api.Allocation, error) {
|
||||
return r0, r1
|
||||
}
|
||||
|
||||
// init provides a mock function with given fields: nomadURL, nomadNamespace, nomadToken
|
||||
func (_m *apiQuerierMock) init(nomadURL *url.URL, nomadNamespace string, nomadToken string) error {
|
||||
ret := _m.Called(nomadURL, nomadNamespace, nomadToken)
|
||||
// init provides a mock function with given fields: nomadConfig
|
||||
func (_m *apiQuerierMock) init(nomadConfig *config.Nomad) error {
|
||||
ret := _m.Called(nomadConfig)
|
||||
|
||||
var r0 error
|
||||
if rf, ok := ret.Get(0).(func(*url.URL, string, string) error); ok {
|
||||
r0 = rf(nomadURL, nomadNamespace, nomadToken)
|
||||
if rf, ok := ret.Get(0).(func(*config.Nomad) error); ok {
|
||||
r0 = rf(nomadConfig)
|
||||
} else {
|
||||
r0 = ret.Error(0)
|
||||
}
|
||||
|
||||
@@ -6,12 +6,11 @@ import (
|
||||
context "context"
|
||||
|
||||
api "github.com/hashicorp/nomad/api"
|
||||
config "gitlab.hpi.de/codeocean/codemoon/poseidon/internal/config"
|
||||
|
||||
io "io"
|
||||
|
||||
mock "github.com/stretchr/testify/mock"
|
||||
|
||||
url "net/url"
|
||||
)
|
||||
|
||||
// ExecutorAPIMock is an autogenerated mock type for the ExecutorAPI type
|
||||
@@ -394,13 +393,13 @@ func (_m *ExecutorAPIMock) allocation(jobID string) (*api.Allocation, error) {
|
||||
return r0, r1
|
||||
}
|
||||
|
||||
// init provides a mock function with given fields: nomadURL, nomadNamespace, nomadToken
|
||||
func (_m *ExecutorAPIMock) init(nomadURL *url.URL, nomadNamespace string, nomadToken string) error {
|
||||
ret := _m.Called(nomadURL, nomadNamespace, nomadToken)
|
||||
// init provides a mock function with given fields: nomadConfig
|
||||
func (_m *ExecutorAPIMock) init(nomadConfig *config.Nomad) error {
|
||||
ret := _m.Called(nomadConfig)
|
||||
|
||||
var r0 error
|
||||
if rf, ok := ret.Get(0).(func(*url.URL, string, string) error); ok {
|
||||
r0 = rf(nomadURL, nomadNamespace, nomadToken)
|
||||
if rf, ok := ret.Get(0).(func(*config.Nomad) error); ok {
|
||||
r0 = rf(nomadConfig)
|
||||
} else {
|
||||
r0 = ret.Error(0)
|
||||
}
|
||||
|
||||
@@ -10,7 +10,6 @@ import (
|
||||
"gitlab.hpi.de/codeocean/codemoon/poseidon/pkg/logging"
|
||||
"gitlab.hpi.de/codeocean/codemoon/poseidon/pkg/nullio"
|
||||
"io"
|
||||
"net/url"
|
||||
"strconv"
|
||||
"time"
|
||||
)
|
||||
@@ -81,15 +80,15 @@ type APIClient struct {
|
||||
|
||||
// NewExecutorAPI creates a new api client.
|
||||
// One client is usually sufficient for the complete runtime of the API.
|
||||
func NewExecutorAPI(nomadURL *url.URL, nomadNamespace, nomadToken string) (ExecutorAPI, error) {
|
||||
func NewExecutorAPI(nomadConfig *config.Nomad) (ExecutorAPI, error) {
|
||||
client := &APIClient{apiQuerier: &nomadAPIClient{}}
|
||||
err := client.init(nomadURL, nomadNamespace, nomadToken)
|
||||
err := client.init(nomadConfig)
|
||||
return client, err
|
||||
}
|
||||
|
||||
// init prepares an apiClient to be able to communicate to a provided Nomad API.
|
||||
func (a *APIClient) init(nomadURL *url.URL, nomadNamespace, nomadToken string) error {
|
||||
if err := a.apiQuerier.init(nomadURL, nomadNamespace, nomadToken); err != nil {
|
||||
func (a *APIClient) init(nomadConfig *config.Nomad) error {
|
||||
if err := a.apiQuerier.init(nomadConfig); err != nil {
|
||||
return fmt.Errorf("error initializing API querier: %w", err)
|
||||
}
|
||||
return nil
|
||||
|
||||
@@ -131,28 +131,38 @@ var (
|
||||
|
||||
const TestNamespace = "unit-tests"
|
||||
const TestNomadToken = "n0m4d-t0k3n"
|
||||
const TestDefaultAddress = "127.0.0.1"
|
||||
|
||||
func NomadTestConfig(address string) *config.Nomad {
|
||||
return &config.Nomad{
|
||||
Address: address,
|
||||
Port: 4646,
|
||||
Token: TestNomadToken,
|
||||
TLS: config.TLS{
|
||||
Active: false,
|
||||
},
|
||||
Namespace: TestNamespace,
|
||||
}
|
||||
}
|
||||
|
||||
func TestApiClient_init(t *testing.T) {
|
||||
client := &APIClient{apiQuerier: &nomadAPIClient{}}
|
||||
err := client.init(&TestURL, TestNamespace, TestNomadToken)
|
||||
err := client.init(NomadTestConfig(TestDefaultAddress))
|
||||
require.Nil(t, err)
|
||||
}
|
||||
|
||||
func TestApiClientCanNotBeInitializedWithInvalidUrl(t *testing.T) {
|
||||
client := &APIClient{apiQuerier: &nomadAPIClient{}}
|
||||
err := client.init(&url.URL{
|
||||
Scheme: "http",
|
||||
Host: "http://127.0.0.1:4646",
|
||||
}, TestNamespace, TestNomadToken)
|
||||
err := client.init(NomadTestConfig("http://" + TestDefaultAddress))
|
||||
assert.NotNil(t, err)
|
||||
}
|
||||
|
||||
func TestNewExecutorApiCanBeCreatedWithoutError(t *testing.T) {
|
||||
expectedClient := &APIClient{apiQuerier: &nomadAPIClient{}}
|
||||
err := expectedClient.init(&TestURL, TestNamespace, TestNomadToken)
|
||||
err := expectedClient.init(NomadTestConfig(TestDefaultAddress))
|
||||
require.Nil(t, err)
|
||||
|
||||
_, err = NewExecutorAPI(&TestURL, TestNamespace, TestNomadToken)
|
||||
_, err = NewExecutorAPI(NomadTestConfig(TestDefaultAddress))
|
||||
require.Nil(t, err)
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user