X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/41305b5ac71cc9a306dc654c42c11ffcc4258a47..159db45a4fb728ed659e9c6cda9e7f2d117dcff9:/lib/config/load.go diff --git a/lib/config/load.go b/lib/config/load.go index 7eb4039100..cc26cdaecc 100644 --- a/lib/config/load.go +++ b/lib/config/load.go @@ -241,36 +241,50 @@ func (ldr *Loader) Load() (*arvados.Config, error) { return nil, fmt.Errorf("transcoding config data: %s", err) } + var loadFuncs []func(*arvados.Config) error if !ldr.SkipDeprecated { - err = ldr.applyDeprecatedConfig(&cfg) - if err != nil { - return nil, err - } + loadFuncs = append(loadFuncs, + ldr.applyDeprecatedConfig, + ldr.applyDeprecatedVolumeDriverParameters, + ) } if !ldr.SkipLegacy { // legacy file is required when either: // * a non-default location was specified // * no primary config was loaded, and this is the // legacy config file for the current component - for _, err := range []error{ - ldr.loadOldEnvironmentVariables(&cfg), - ldr.loadOldKeepstoreConfig(&cfg), - ldr.loadOldKeepWebConfig(&cfg), - ldr.loadOldCrunchDispatchSlurmConfig(&cfg), - ldr.loadOldWebsocketConfig(&cfg), - ldr.loadOldKeepproxyConfig(&cfg), - ldr.loadOldGitHttpdConfig(&cfg), - ldr.loadOldKeepBalanceConfig(&cfg), - } { - if err != nil { - return nil, err - } + loadFuncs = append(loadFuncs, + ldr.loadOldEnvironmentVariables, + ldr.loadOldKeepstoreConfig, + ldr.loadOldKeepWebConfig, + ldr.loadOldCrunchDispatchSlurmConfig, + ldr.loadOldWebsocketConfig, + ldr.loadOldKeepproxyConfig, + ldr.loadOldGitHttpdConfig, + ldr.loadOldKeepBalanceConfig, + ) + } + for _, f := range loadFuncs { + err = f(&cfg) + if err != nil { + return nil, err } } // Check for known mistakes for id, cc := range cfg.Clusters { + for remote := range cc.RemoteClusters { + if remote == "*" || remote == "SAMPLE" { + continue + } + err = ldr.checkClusterID(fmt.Sprintf("Clusters.%s.RemoteClusters.%s", id, remote), remote, true) + if err != nil { + return nil, err + } + } for _, err = range []error{ + ldr.checkClusterID(fmt.Sprintf("Clusters.%s", id), id, false), + ldr.checkClusterID(fmt.Sprintf("Clusters.%s.Login.LoginCluster", id), cc.Login.LoginCluster, true), ldr.checkToken(fmt.Sprintf("Clusters.%s.ManagementToken", id), cc.ManagementToken), ldr.checkToken(fmt.Sprintf("Clusters.%s.SystemRootToken", id), cc.SystemRootToken), ldr.checkToken(fmt.Sprintf("Clusters.%s.Collections.BlobSigningKey", id), cc.Collections.BlobSigningKey), @@ -286,16 +300,31 @@ func (ldr *Loader) Load() (*arvados.Config, error) { return &cfg, nil } +var acceptableClusterIDRe = regexp.MustCompile(`^[a-z0-9]{5}$`) + +func (ldr *Loader) checkClusterID(label, clusterID string, emptyStringOk bool) error { + if emptyStringOk && clusterID == "" { + return nil + } else if !acceptableClusterIDRe.MatchString(clusterID) { + return fmt.Errorf("%s: cluster ID should be 5 alphanumeric characters", label) + } + return nil +} + var acceptableTokenRe = regexp.MustCompile(`^[a-zA-Z0-9]+$`) var acceptableTokenLength = 32 func (ldr *Loader) checkToken(label, token string) error { if token == "" { - ldr.Logger.Warnf("%s: secret token is not set (use %d+ random characters from a-z, A-Z, 0-9)", label, acceptableTokenLength) + if ldr.Logger != nil { + ldr.Logger.Warnf("%s: secret token is not set (use %d+ random characters from a-z, A-Z, 0-9)", label, acceptableTokenLength) + } } else if !acceptableTokenRe.MatchString(token) { return fmt.Errorf("%s: unacceptable characters in token (only a-z, A-Z, 0-9 are acceptable)", label) } else if len(token) < acceptableTokenLength { - ldr.Logger.Warnf("%s: token is too short (should be at least %d characters)", label, acceptableTokenLength) + if ldr.Logger != nil { + ldr.Logger.Warnf("%s: token is too short (should be at least %d characters)", label, acceptableTokenLength) + } } return nil }