From: Tom Clegg Date: Thu, 31 Jul 2014 14:30:59 +0000 (-0400) Subject: 3261: Add Keep blob_signing_key configuration. X-Git-Tag: 1.1.0~2380^2~14 X-Git-Url: https://git.arvados.org/arvados.git/commitdiff_plain/7305149050a24e7429ff679579cd4182188a7116 3261: Add Keep blob_signing_key configuration. --- diff --git a/docker/arvdock b/docker/arvdock index 075505ca63..0122fc3552 100755 --- a/docker/arvdock +++ b/docker/arvdock @@ -285,11 +285,11 @@ function do_start { [ -f $v/keep/.metadata.yml ] && sudo rm $v/keep/.metadata.yml done start_container "25107:25107" "keep_server_0" \ - "${keep_volumes[0]}:/dev/keep-0" \ + "${keep_volumes[0]}:/keep-data" \ "api_server:api" \ "arvados/keep" start_container "25108:25107" "keep_server_1" \ - "${keep_volumes[1]}:/dev/keep-0" \ + "${keep_volumes[1]}:/keep-data" \ "api_server:api" \ "arvados/keep" fi diff --git a/docker/build_tools/Makefile b/docker/build_tools/Makefile index 74a04dff5e..8b5cd9e1fc 100644 --- a/docker/build_tools/Makefile +++ b/docker/build_tools/Makefile @@ -73,7 +73,7 @@ DOC_DEPS = doc/Dockerfile doc/apache2_vhost WORKBENCH_DEPS = workbench/Dockerfile \ $(WORKBENCH_GENERATED) -KEEP_DEPS = keep/Dockerfile +KEEP_DEPS = keep/Dockerfile $(KEEP_GENERATED) SSO_DEPS = $(SSO_GENERATED) @@ -87,6 +87,10 @@ COMPUTE_GENERATED = compute/generated/setup.sh COMPUTE_GENERATED_IN = compute/setup.sh.in +KEEP_GENERATED_IN := $(shell ls keep/*.in) + +KEEP_GENERATED := $(shell ls -1 $(KEEP_GENERATED_IN) | perl -pe 's:^keep:keep/generated:') + API_GENERATED = \ api/generated/arvados-clients.yml \ api/generated/apache2_vhost \ @@ -173,6 +177,7 @@ $(WORKBENCH_GENERATED): config.yml $(WORKBENCH_GENERATED_IN) $(CONFIG_RB) $(COMPUTE_GENERATED): config.yml $(COMPUTE_GENERATED_IN) + $(CONFIG_RB) $(WAREHOUSE_GENERATED): config.yml $(WAREHOUSE_GENERATED_IN) $(CONFIG_RB) @@ -180,6 +185,9 @@ $(WAREHOUSE_GENERATED): config.yml $(WAREHOUSE_GENERATED_IN) $(SSO_GENERATED): config.yml $(SSO_GENERATED_IN) $(CONFIG_RB) +$(KEEP_GENERATED): config.yml $(KEEP_GENERATED_IN) + $(CONFIG_RB) + # The docker build -q option suppresses verbose build output. # Necessary to prevent failure on building warehouse; see # https://github.com/dotcloud/docker/issues/3172 diff --git a/docker/keep/Dockerfile b/docker/keep/Dockerfile index ca37f10dc0..e342c8dba2 100644 --- a/docker/keep/Dockerfile +++ b/docker/keep/Dockerfile @@ -10,5 +10,8 @@ RUN /usr/bin/apt-get update RUN /usr/bin/apt-get install keep +ADD generated/run-keep /usr/local/bin/ +ADD generated/keep_signing_secret /etc/ + # Start keep -CMD ["/usr/bin/keep"] +CMD ["/usr/local/bin/run-keep"] diff --git a/docker/keep/keep_signing_secret.in b/docker/keep/keep_signing_secret.in new file mode 100644 index 0000000000..e5b39c868a --- /dev/null +++ b/docker/keep/keep_signing_secret.in @@ -0,0 +1 @@ +@@KEEP_SIGNING_SECRET@@ \ No newline at end of file diff --git a/docker/keep/run-keep.in b/docker/keep/run-keep.in new file mode 100755 index 0000000000..41360d7a01 --- /dev/null +++ b/docker/keep/run-keep.in @@ -0,0 +1,11 @@ +#!/bin/sh + +pkf="/etc/keep_signing_secret" +if [ -z "$pkf" ] +then + permisson_key_arg="" +else + permisson_key_arg="-permission-key-file=$f" +fi + +exec keep $permission_key_arg -listen=":25107" -volumes="/keep-data"