X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/a7a482db3954fa6470be74f0e00f6e1e105e0b6c..ae92d144610446849eb568247a44f02ae985c281:/lib/config/deprecated.go diff --git a/lib/config/deprecated.go b/lib/config/deprecated.go index 0689efa440..c0a7921b36 100644 --- a/lib/config/deprecated.go +++ b/lib/config/deprecated.go @@ -5,6 +5,7 @@ package config import ( + "encoding/json" "fmt" "io/ioutil" "net/url" @@ -23,6 +24,13 @@ type deprRequestLimits struct { type deprCluster struct { RequestLimits deprRequestLimits NodeProfiles map[string]nodeProfile + Login struct { + GoogleClientID *string + GoogleClientSecret *string + GoogleAlternateEmailAddresses *bool + ProviderAppID *string + ProviderAppSecret *string + } } type deprecatedConfig struct { @@ -36,7 +44,6 @@ type nodeProfile struct { Keepproxy systemServiceInstance `json:"keepproxy"` Keepstore systemServiceInstance `json:"keepstore"` Keepweb systemServiceInstance `json:"keep-web"` - Nodemanager systemServiceInstance `json:"arvados-node-manager"` DispatchCloud systemServiceInstance `json:"arvados-dispatch-cloud"` RailsAPI systemServiceInstance `json:"arvados-api-server"` Websocket systemServiceInstance `json:"arvados-ws"` @@ -80,11 +87,70 @@ func (ldr *Loader) applyDeprecatedConfig(cfg *arvados.Config) error { if dst, n := &cluster.API.MaxRequestAmplification, dcluster.RequestLimits.MultiClusterRequestConcurrency; n != nil && *n != *dst { *dst = *n } + + // Google* moved to Google.* + if dst, n := &cluster.Login.Google.ClientID, dcluster.Login.GoogleClientID; n != nil && *n != *dst { + *dst = *n + if *n != "" { + // In old config, non-empty ClientID meant enable + cluster.Login.Google.Enable = true + } + } + if dst, n := &cluster.Login.Google.ClientSecret, dcluster.Login.GoogleClientSecret; n != nil && *n != *dst { + *dst = *n + } + if dst, n := &cluster.Login.Google.AlternateEmailAddresses, dcluster.Login.GoogleAlternateEmailAddresses; n != nil && *n != *dst { + *dst = *n + } + cfg.Clusters[id] = cluster } return nil } +func (ldr *Loader) applyDeprecatedVolumeDriverParameters(cfg *arvados.Config) error { + for clusterID, cluster := range cfg.Clusters { + for volID, vol := range cluster.Volumes { + if vol.Driver == "S3" { + var params struct { + AccessKey string `json:",omitempty"` + SecretKey string `json:",omitempty"` + AccessKeyID string + SecretAccessKey string + } + err := json.Unmarshal(vol.DriverParameters, ¶ms) + if err != nil { + return fmt.Errorf("error loading %s.Volumes.%s.DriverParameters: %w", clusterID, volID, err) + } + if params.AccessKey != "" || params.SecretKey != "" { + if params.AccessKeyID != "" || params.SecretAccessKey != "" { + return fmt.Errorf("cannot use old keys (AccessKey/SecretKey) and new keys (AccessKeyID/SecretAccessKey) at the same time in %s.Volumes.%s.DriverParameters -- you must remove the old config keys", clusterID, volID) + } + var allparams map[string]interface{} + err = json.Unmarshal(vol.DriverParameters, &allparams) + if err != nil { + return fmt.Errorf("error loading %s.Volumes.%s.DriverParameters: %w", clusterID, volID, err) + } + for k := range allparams { + if lk := strings.ToLower(k); lk == "accesskey" || lk == "secretkey" { + delete(allparams, k) + } + } + ldr.Logger.Warnf("using your old config keys %s.Volumes.%s.DriverParameters.AccessKey/SecretKey -- but you should rename them to AccessKeyID/SecretAccessKey", clusterID, volID) + allparams["AccessKeyID"] = params.AccessKey + allparams["SecretAccessKey"] = params.SecretKey + vol.DriverParameters, err = json.Marshal(allparams) + if err != nil { + return err + } + cluster.Volumes[volID] = vol + } + } + } + } + return nil +} + func applyDeprecatedNodeProfile(hostname string, ssi systemServiceInstance, svc *arvados.Service) { scheme := "https" if !ssi.TLS { @@ -100,7 +166,7 @@ func applyDeprecatedNodeProfile(hostname string, ssi systemServiceInstance, svc if strings.HasPrefix(host, ":") { host = hostname + host } - svc.InternalURLs[arvados.URL{Scheme: scheme, Host: host}] = arvados.ServiceInstance{} + svc.InternalURLs[arvados.URL{Scheme: scheme, Host: host, Path: "/"}] = arvados.ServiceInstance{} } func (ldr *Loader) loadOldConfigHelper(component, path string, target interface{}) error { @@ -153,6 +219,7 @@ func loadOldClientConfig(cluster *arvados.Cluster, client *arvados.Client) { } if client.APIHost != "" { cluster.Services.Controller.ExternalURL.Host = client.APIHost + cluster.Services.Controller.ExternalURL.Path = "/" } if client.Scheme != "" { cluster.Services.Controller.ExternalURL.Scheme = client.Scheme @@ -268,7 +335,7 @@ func (ldr *Loader) loadOldWebsocketConfig(cfg *arvados.Config) error { cluster.PostgreSQL.ConnectionPool = *oc.PostgresPool } if oc.Listen != nil { - cluster.Services.Websocket.InternalURLs[arvados.URL{Host: *oc.Listen}] = arvados.ServiceInstance{} + cluster.Services.Websocket.InternalURLs[arvados.URL{Host: *oc.Listen, Path: "/"}] = arvados.ServiceInstance{} } if oc.LogLevel != nil { cluster.SystemLogs.LogLevel = *oc.LogLevel @@ -327,7 +394,7 @@ func (ldr *Loader) loadOldKeepproxyConfig(cfg *arvados.Config) error { loadOldClientConfig(cluster, oc.Client) if oc.Listen != nil { - cluster.Services.Keepproxy.InternalURLs[arvados.URL{Host: *oc.Listen}] = arvados.ServiceInstance{} + cluster.Services.Keepproxy.InternalURLs[arvados.URL{Host: *oc.Listen, Path: "/"}] = arvados.ServiceInstance{} } if oc.DefaultReplicas != nil { cluster.Collections.DefaultReplication = *oc.DefaultReplicas @@ -381,7 +448,6 @@ type oldKeepWebConfig struct { UUIDTTL *arvados.Duration MaxCollectionEntries *int MaxCollectionBytes *int64 - MaxPermissionEntries *int MaxUUIDEntries *int } @@ -413,11 +479,11 @@ func (ldr *Loader) loadOldKeepWebConfig(cfg *arvados.Config) error { loadOldClientConfig(cluster, oc.Client) if oc.Listen != nil { - cluster.Services.WebDAV.InternalURLs[arvados.URL{Host: *oc.Listen}] = arvados.ServiceInstance{} - cluster.Services.WebDAVDownload.InternalURLs[arvados.URL{Host: *oc.Listen}] = arvados.ServiceInstance{} + cluster.Services.WebDAV.InternalURLs[arvados.URL{Host: *oc.Listen, Path: "/"}] = arvados.ServiceInstance{} + cluster.Services.WebDAVDownload.InternalURLs[arvados.URL{Host: *oc.Listen, Path: "/"}] = arvados.ServiceInstance{} } if oc.AttachmentOnlyHost != nil { - cluster.Services.WebDAVDownload.ExternalURL = arvados.URL{Host: *oc.AttachmentOnlyHost} + cluster.Services.WebDAVDownload.ExternalURL = arvados.URL{Host: *oc.AttachmentOnlyHost, Path: "/"} } if oc.ManagementToken != nil { cluster.ManagementToken = *oc.ManagementToken @@ -437,9 +503,6 @@ func (ldr *Loader) loadOldKeepWebConfig(cfg *arvados.Config) error { if oc.Cache.MaxCollectionBytes != nil { cluster.Collections.WebDAVCache.MaxCollectionBytes = *oc.Cache.MaxCollectionBytes } - if oc.Cache.MaxPermissionEntries != nil { - cluster.Collections.WebDAVCache.MaxPermissionEntries = *oc.Cache.MaxPermissionEntries - } if oc.Cache.MaxUUIDEntries != nil { cluster.Collections.WebDAVCache.MaxUUIDEntries = *oc.Cache.MaxUUIDEntries } @@ -472,7 +535,7 @@ func (ldr *Loader) loadOldGitHttpdConfig(cfg *arvados.Config) error { return nil } var oc oldGitHttpdConfig - err := ldr.loadOldConfigHelper("arv-git-httpd", ldr.GitHttpdPath, &oc) + err := ldr.loadOldConfigHelper("arvados-git-httpd", ldr.GitHttpdPath, &oc) if os.IsNotExist(err) && ldr.GitHttpdPath == defaultGitHttpdConfigPath { return nil } else if err != nil {