Giter Site home page Giter Site logo

relengapi-proxy's Introduction

RelEngAPI Proxy

This is the proxy server which is used in the docker-worker which allows individual tasks to talk to Releng API without hardcoding credentials into the containers themselves.

This works by creating a temporary RelengAPI access token bearing the permissions specified for the task. Permissions are specified as scopes, with the prefix docker-worker:relengapi-proxy:. For example, the tooltool.download.internal permission will be available if the task has scope docker-worker:relengapi-proxy:tooltool.download.internal. Note that * cannot be used to get all relengapi permissions.

The temporary token is requested using a permanent token known only to the proxy, given on the command line with --relengapi-token.

Note, relengapi-proxy can currently only run on https://taskcluster.net !!

If other taskcluster deployment environments need to be supported, the hardcoded reference to this rootURL should be removed from the code, and the rootURL should be provided as an additional required command line parameter.

Examples

Start the server, giving a relengapi token that can issue temporary tokens and a task ID

relengapi-proxy --relengapi-token 12341234 -- 2szAy1JzSr6pyjVCdiTcoQ

Once that's running, and assuming a docker alias mapping relengapi:80 to the proxy,

curl relengapi/tooltool/sha512/<some-sha512>

to download a file from tooltool, for example.

Deployment

The proxy server can be deployed directly by building and running the package, but the prefered method is via the ./build.sh script which will compile the proxy server for linux/amd64 and deploy the server to a docker image.

./build.sh user/relengapi-proxy-server

Download via go get

You will need at least go 1.8. A newer version of go 1.x is also ok.

Set up your GOPATH

go get github.com/taskcluster/relengapi-proxy

Hacking

To build, just run

go build

Tests

To run the full test suites you need a RelengAPI token.
That token must have at least base.tokens.tmp.issue, as well as any permissions tasks may need.
The token is supplied with the --relengapi-token command-line argument.
Note that credentials must not be included in environment variables!

relengapi-proxy's People

Contributors

ccooper avatar djmitche avatar garbas avatar jhford avatar lightsofapollo avatar petemoore avatar

Watchers

avatar avatar avatar avatar avatar

Forkers

petemoore djmitche garbas

relengapi-proxy's Issues

CODE_OF_CONDUCT.md isn't correct

Your required text does not appear to be correct

As of January 1 2019, Mozilla requires that all GitHub projects include this CODE_OF_CONDUCT.md file in the project root. The file has two parts:

  1. Required Text - All text under the headings Community Participation Guidelines and How to Report, are required, and should not be altered.
  2. Optional Text - The Project Specific Etiquette heading provides a space to speak more specifically about ways people can work effectively and inclusively together. Some examples of those can be found on the Firefox Debugger project, and Common Voice. (The optional part is commented out in the raw template file, and will not be visible until you modify and uncomment that part.)

If you have any questions about this file, or Code of Conduct policies and procedures, please reach out to [email protected].

(Message COC003)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.