finn pushed to branch finn/80-remote-parser at BuildGrid / buildgrid
Commits:
-
5117f6b9
by finnball at 2018-09-12T09:10:54Z
-
5c5ccd1f
by finnball at 2018-09-12T09:11:55Z
-
df92cb56
by finnball at 2018-09-12T09:12:25Z
6 changed files:
- buildgrid/_app/commands/cmd_server.py
- + buildgrid/_app/settings/__init__.py
- + buildgrid/_app/settings/cas.yml
- buildgrid/_app/settings/default.yml
- buildgrid/_app/settings/parser.py
- + buildgrid/_app/settings/remote-storage.yml
Changes:
| ... | ... | @@ -53,10 +53,16 @@ def start(context, config): |
| 53 | 53 |
insecure_mode = server_settings['insecure-mode']
|
| 54 | 54 |
|
| 55 | 55 |
credentials = None
|
| 56 |
+ credentials_settings = server_settings.get('credentials')
|
|
| 56 | 57 |
if not insecure_mode:
|
| 57 |
- server_key = server_settings['tls-server-key']
|
|
| 58 |
- server_cert = server_settings['tls-server-cert']
|
|
| 59 |
- client_certs = server_settings['tls-client-certs']
|
|
| 58 |
+ if not credentials_settings:
|
|
| 59 |
+ click.echo("ERROR: no TLS keys were specified and no defaults could be found.\n" +
|
|
| 60 |
+ "Set `insecure-mode: false` in order to deactivate TLS encryption.\n", err=True)
|
|
| 61 |
+ sys.exit(-1)
|
|
| 62 |
+ |
|
| 63 |
+ server_key = credentials_settings['tls-server-key']
|
|
| 64 |
+ server_cert = credentials_settings['tls-server-cert']
|
|
| 65 |
+ client_certs = credentials_settings['tls-client-certs']
|
|
| 60 | 66 |
credentials = context.load_server_credentials(server_key, server_cert, client_certs)
|
| 61 | 67 |
|
| 62 | 68 |
if not credentials:
|
| 1 |
+server:
|
|
| 2 |
+ port: 50052
|
|
| 3 |
+ insecure-mode: true
|
|
| 4 |
+ tls-server-key: null
|
|
| 5 |
+ tls-server-cert: null
|
|
| 6 |
+ tls-client-certs: null
|
|
| 7 |
+ |
|
| 8 |
+description: |
|
|
| 9 |
+ Just a CAS.
|
|
| 10 |
+ |
|
| 11 |
+instances:
|
|
| 12 |
+ - name: main
|
|
| 13 |
+ description: |
|
|
| 14 |
+ The main server
|
|
| 15 |
+ |
|
| 16 |
+ storages:
|
|
| 17 |
+ - !disk-storage &main-storage
|
|
| 18 |
+ path: ~/cas/
|
|
| 19 |
+ |
|
| 20 |
+ services:
|
|
| 21 |
+ - !cas
|
|
| 22 |
+ storage: *main-storage
|
| 1 | 1 |
server:
|
| 2 | 2 |
port: 50051
|
| 3 |
+ insecure-mode: true
|
|
| 3 | 4 |
tls-server-key: null
|
| 4 | 5 |
tls-server-cert: null
|
| 5 | 6 |
tls-client-certs: null
|
| 6 |
- insecure-mode: true
|
|
| 7 | 7 |
|
| 8 | 8 |
description: |
|
| 9 | 9 |
A single default instance
|
| ... | ... | @@ -14,7 +14,11 @@ |
| 14 | 14 |
|
| 15 | 15 |
|
| 16 | 16 |
import os
|
| 17 |
+import sys
|
|
| 18 |
+from urllib.parse import urlparse
|
|
| 17 | 19 |
|
| 20 |
+import click
|
|
| 21 |
+import grpc
|
|
| 18 | 22 |
import yaml
|
| 19 | 23 |
|
| 20 | 24 |
from buildgrid.server.controller import ExecutionController
|
| ... | ... | @@ -22,9 +26,12 @@ from buildgrid.server.actioncache.storage import ActionCache |
| 22 | 26 |
from buildgrid.server.cas.instance import ByteStreamInstance, ContentAddressableStorageInstance
|
| 23 | 27 |
from buildgrid.server.cas.storage.disk import DiskStorage
|
| 24 | 28 |
from buildgrid.server.cas.storage.lru_memory_cache import LRUMemoryCache
|
| 29 |
+from buildgrid.server.cas.storage.remote import RemoteStorage
|
|
| 25 | 30 |
from buildgrid.server.cas.storage.s3 import S3Storage
|
| 26 | 31 |
from buildgrid.server.cas.storage.with_cache import WithCacheStorage
|
| 27 | 32 |
|
| 33 |
+from ..cli import Context
|
|
| 34 |
+ |
|
| 28 | 35 |
|
| 29 | 36 |
class YamlFactory(yaml.YAMLObject):
|
| 30 | 37 |
@classmethod
|
| ... | ... | @@ -58,6 +65,45 @@ class S3(YamlFactory): |
| 58 | 65 |
return S3Storage(bucket, endpoint_url=endpoint)
|
| 59 | 66 |
|
| 60 | 67 |
|
| 68 |
+class Remote(YamlFactory):
|
|
| 69 |
+ |
|
| 70 |
+ yaml_tag = u'!remote-storage'
|
|
| 71 |
+ |
|
| 72 |
+ def __new__(cls, url, credentials=None):
|
|
| 73 |
+ # TODO: Context could be passed into the parser.
|
|
| 74 |
+ context = Context()
|
|
| 75 |
+ |
|
| 76 |
+ url = urlparse(url)
|
|
| 77 |
+ remote = '{}:{}'.format(url.hostname, url.port or 50051)
|
|
| 78 |
+ |
|
| 79 |
+ channel = None
|
|
| 80 |
+ if url.scheme == 'http':
|
|
| 81 |
+ channel = grpc.insecure_channel(remote)
|
|
| 82 |
+ |
|
| 83 |
+ else:
|
|
| 84 |
+ if not credentials:
|
|
| 85 |
+ click.echo("ERROR: no TLS keys were specified and no defaults could be found.\n" +
|
|
| 86 |
+ "Set remote url scheme to `http` in order to deactivate" +
|
|
| 87 |
+ "TLS encryption.\n", err=True)
|
|
| 88 |
+ sys.exit(-1)
|
|
| 89 |
+ |
|
| 90 |
+ client_key = credentials['tls-client-key']
|
|
| 91 |
+ client_cert = credentials['tls-client-cert']
|
|
| 92 |
+ server_cert = credentials['tls-server-cert']
|
|
| 93 |
+ credentials = context.load_client_credentials(client_key,
|
|
| 94 |
+ client_cert,
|
|
| 95 |
+ server_cert)
|
|
| 96 |
+ if not credentials:
|
|
| 97 |
+ click.echo("ERROR: no TLS keys were specified and no defaults could be found.\n" +
|
|
| 98 |
+ "Set remote url scheme to `http` in order to deactivate" +
|
|
| 99 |
+ "TLS encryption.\n", err=True)
|
|
| 100 |
+ sys.exit(-1)
|
|
| 101 |
+ |
|
| 102 |
+ channel = grpc.secure_channel(remote, credentials)
|
|
| 103 |
+ |
|
| 104 |
+ return RemoteStorage(channel)
|
|
| 105 |
+ |
|
| 106 |
+ |
|
| 61 | 107 |
class WithCache(YamlFactory):
|
| 62 | 108 |
|
| 63 | 109 |
yaml_tag = u'!with-cache-storage'
|
| ... | ... | @@ -118,6 +164,7 @@ def get_parser(): |
| 118 | 164 |
yaml.SafeLoader.add_constructor(Disk.yaml_tag, Disk.from_yaml)
|
| 119 | 165 |
yaml.SafeLoader.add_constructor(LRU.yaml_tag, LRU.from_yaml)
|
| 120 | 166 |
yaml.SafeLoader.add_constructor(S3.yaml_tag, S3.from_yaml)
|
| 167 |
+ yaml.SafeLoader.add_constructor(Remote.yaml_tag, Remote.from_yaml)
|
|
| 121 | 168 |
yaml.SafeLoader.add_constructor(WithCache.yaml_tag, WithCache.from_yaml)
|
| 122 | 169 |
yaml.SafeLoader.add_constructor(CAS.yaml_tag, CAS.from_yaml)
|
| 123 | 170 |
yaml.SafeLoader.add_constructor(ByteStream.yaml_tag, ByteStream.from_yaml)
|
| 1 |
+server:
|
|
| 2 |
+ port: 50051
|
|
| 3 |
+ insecure-mode: false
|
|
| 4 |
+ tls-server-key: null
|
|
| 5 |
+ tls-server-cert: null
|
|
| 6 |
+ tls-client-certs: null
|
|
| 7 |
+ |
|
| 8 |
+ |
|
| 9 |
+description: |
|
|
| 10 |
+ A single default instance with remote storage.
|
|
| 11 |
+ |
|
| 12 |
+instances:
|
|
| 13 |
+ - name: main
|
|
| 14 |
+ description: |
|
|
| 15 |
+ The main server
|
|
| 16 |
+ |
|
| 17 |
+ storages:
|
|
| 18 |
+ - !remote-storage &main-storage
|
|
| 19 |
+ url: "https://localhost:50052"
|
|
| 20 |
+ credentials:
|
|
| 21 |
+ tls-client-key: null
|
|
| 22 |
+ tls-client-cert: null
|
|
| 23 |
+ tls-server-cert: null
|
|
| 24 |
+ |
|
| 25 |
+ services:
|
|
| 26 |
+ - !action-cache &main-action
|
|
| 27 |
+ storage: *main-storage
|
|
| 28 |
+ max_cached_refs: 256
|
|
| 29 |
+ allow_updates: true
|
|
| 30 |
+ |
|
| 31 |
+ - !execution
|
|
| 32 |
+ storage: *main-storage
|
|
| 33 |
+ action_cache: *main-action
|
|
| 34 |
+ |
|
| 35 |
+ - !cas
|
|
| 36 |
+ storage: *main-storage
|
|
| 37 |
+ |
|
| 38 |
+ - !bytestream
|
|
| 39 |
+ storage: *main-storage
|