From: Tom Clegg Date: Wed, 8 Apr 2020 14:11:23 +0000 (-0400) Subject: Merge branch '16212-pam-login' X-Git-Tag: 2.1.0~258 X-Git-Url: https://git.arvados.org/arvados.git/commitdiff_plain/4f1152fbdd0506d3d07449bedb2479f2938bcf73?hp=-c Merge branch '16212-pam-login' refs #16212 Arvados-DCO-1.1-Signed-off-by: Tom Clegg --- 4f1152fbdd0506d3d07449bedb2479f2938bcf73 diff --combined build/run-tests.sh index 721269b88e,72a7620ba7..0212d1bc0e --- a/build/run-tests.sh +++ b/build/run-tests.sh @@@ -35,7 -35,7 +35,7 @@@ Options --short Skip (or scale down) some slow tests. --interactive Set up, then prompt for test/install steps to perform. WORKSPACE=path Arvados source tree to test. -CONFIGSRC=path Dir with config.yml file containing PostgreSQL section for use by tests. (required) +CONFIGSRC=path Dir with config.yml file containing PostgreSQL section for use by tests. services/api_test="TEST=test/functional/arvados/v1/collections_controller_test.rb" Restrict apiserver tests to the given file sdk/python_test="--test-suite tests.test_keep_locator" @@@ -197,8 -197,10 +197,8 @@@ sanity_checks() [[ -n "${skip[sanity]}" ]] && return 0 ( [[ -n "$WORKSPACE" ]] && [[ -d "$WORKSPACE/services" ]] ) \ || fatal "WORKSPACE environment variable not set to a source directory (see: $0 --help)" - [[ -n "$CONFIGSRC" ]] \ - || fatal "CONFIGSRC environment not set (see: $0 --help)" - [[ -s "$CONFIGSRC/config.yml" ]] \ - || fatal "'$CONFIGSRC/config.yml' is empty or not found (see: $0 --help)" + [[ -z "$CONFIGSRC" ]] || [[ -s "$CONFIGSRC/config.yml" ]] \ + || fatal "CONFIGSRC is $CONFIGSRC but '$CONFIGSRC/config.yml' is empty or not found (see: $0 --help)" echo Checking dependencies: echo "locale: ${LANG}" [[ "$(locale charmap)" = "UTF-8" ]] \ @@@ -260,6 -262,9 +260,9 @@@ echo -n 'libpq libpq-fe.h: ' find /usr/include -path '*/postgresql/libpq-fe.h' | egrep --max-count=1 . \ || fatal "No libpq libpq-fe.h. Try: apt-get install libpq-dev" + echo -n 'libpam pam_appl.h: ' + find /usr/include -path '*/security/pam_appl.h' | egrep --max-count=1 . \ + || fatal "No libpam pam_appl.h. Try: apt-get install libpam-dev" echo -n 'postgresql: ' psql --version || fatal "No postgresql. Try: apt-get install postgresql postgresql-client-common" echo -n 'phantomjs: ' @@@ -551,14 -556,8 +554,14 @@@ setup_ruby_environment() bundle="$(gem env gempath | cut -f1 -d:)/bin/bundle" ( export HOME=$GEMHOME - ("$bundle" version | grep -q 2.0.2) \ - || gem install --user bundler -v 2.0.2 + bundlers="$(gem list --details bundler)" + versions=(1.11.0 1.17.3 2.0.2) + for v in ${versions[@]}; do + if ! echo "$bundlers" | fgrep -q "($v)"; then + gem install --user $(for v in ${versions[@]}; do echo bundler:${v}; done) + break + fi + done "$bundle" version | tee /dev/stderr | grep -q 'version 2' ) || fatal 'install bundler' fi @@@ -594,11 -593,6 +597,11 @@@ setup_virtualenv() } initialize() { + # If dependencies like ruby, go, etc. are installed in + # /var/lib/arvados -- presumably by "arvados-server install" -- + # then we want to use those versions, instead of whatever happens + # to be installed in /usr. + PATH="/var/lib/arvados/bin:${PATH}" sanity_checks echo "WORKSPACE=$WORKSPACE" @@@ -1065,7 -1059,7 +1068,7 @@@ test_sdk/cli() } test_sdk/java-v2() { - cd "$WORKSPACE/sdk/java-v2" && gradle test + cd "$WORKSPACE/sdk/java-v2" && gradle test ${testargs[sdk/java-v2]} } test_services/login-sync() { diff --combined lib/controller/handler.go index 3929a1103f,d62ffe2fd4..01f2161632 --- a/lib/controller/handler.go +++ b/lib/controller/handler.go @@@ -67,10 -67,6 +67,10 @@@ func (h *Handler) CheckHealth() error return err } +func (h *Handler) Done() <-chan struct{} { + return nil +} + func neverRedirect(*http.Request, []*http.Request) error { return http.ErrUseLastResponse } func (h *Handler) setup() { @@@ -83,6 -79,7 +83,7 @@@ rtr := router.New(federation.New(h.Cluster)) mux.Handle("/arvados/v1/config", rtr) + mux.Handle("/"+arvados.EndpointUserAuthenticate.Path, rtr) if !h.Cluster.ForceLegacyAPI14 { mux.Handle("/arvados/v1/collections", rtr) diff --combined sdk/go/arvados/config.go index 79e47ba5d1,71f6f85bff..6b83fb96d4 --- a/sdk/go/arvados/config.go +++ b/sdk/go/arvados/config.go @@@ -136,6 -136,9 +136,9 @@@ type Cluster struct GoogleClientID string GoogleClientSecret string GoogleAlternateEmailAddresses bool + PAM bool + PAMService string + PAMDefaultEmailDomain string ProviderAppID string ProviderAppSecret string LoginCluster string @@@ -421,24 -424,6 +424,24 @@@ var errDuplicateInstanceTypeName = erro // UnmarshalJSON handles old config files that provide an array of // instance types instead of a hash. func (it *InstanceTypeMap) UnmarshalJSON(data []byte) error { + fixup := func(t InstanceType) (InstanceType, error) { + if t.ProviderType == "" { + t.ProviderType = t.Name + } + if t.Scratch == 0 { + t.Scratch = t.IncludedScratch + t.AddedScratch + } else if t.AddedScratch == 0 { + t.AddedScratch = t.Scratch - t.IncludedScratch + } else if t.IncludedScratch == 0 { + t.IncludedScratch = t.Scratch - t.AddedScratch + } + + if t.Scratch != (t.IncludedScratch + t.AddedScratch) { + return t, fmt.Errorf("InstanceType %q: Scratch != (IncludedScratch + AddedScratch)", t.Name) + } + return t, nil + } + if len(data) > 0 && data[0] == '[' { var arr []InstanceType err := json.Unmarshal(data, &arr) @@@ -454,9 -439,19 +457,9 @@@ if _, ok := (*it)[t.Name]; ok { return errDuplicateInstanceTypeName } - if t.ProviderType == "" { - t.ProviderType = t.Name - } - if t.Scratch == 0 { - t.Scratch = t.IncludedScratch + t.AddedScratch - } else if t.AddedScratch == 0 { - t.AddedScratch = t.Scratch - t.IncludedScratch - } else if t.IncludedScratch == 0 { - t.IncludedScratch = t.Scratch - t.AddedScratch - } - - if t.Scratch != (t.IncludedScratch + t.AddedScratch) { - return fmt.Errorf("%v: Scratch != (IncludedScratch + AddedScratch)", t.Name) + t, err := fixup(t) + if err != nil { + return err } (*it)[t.Name] = t } @@@ -472,9 -467,8 +475,9 @@@ *it = InstanceTypeMap(hash) for name, t := range *it { t.Name = name - if t.ProviderType == "" { - t.ProviderType = name + t, err := fixup(t) + if err != nil { + return err } (*it)[name] = t }