diff --git a/abaco-create.sh b/abaco-create.sh index 04b9a04..3cdec51 100755 --- a/abaco-create.sh +++ b/abaco-create.sh @@ -20,6 +20,7 @@ Options: -f force actor update -s create a stateless actor (default) -S create a stateful actor +-A disable creation of Tapis tokens -u use actor uid -v verbose output -V very verbose output @@ -41,11 +42,12 @@ privileged="false" stateless="true" force="false" use_uid="false" +request_token="true" tok= env_json= declare -a env_args -while getopts ":hn:e:E:pfsSuvz:V" o; do +while getopts ":hn:e:E:pfsSuvz:AV" o; do case "${o}" in z) # custom token tok=${OPTARG} @@ -71,6 +73,9 @@ while getopts ":hn:e:E:pfsSuvz:V" o; do S) # stateful! stateless="false" ;; + A) # do not request tokens + request_token="false" + ;; u) # use uid use_uid="true" ;; @@ -118,7 +123,7 @@ args_default_env=$(build_json_from_array "${env_args[@]}") default_env=$(echo "$file_default_env $args_default_env" | jq -s add) # curl command -data="{\"image\":\"${image}\", \"name\":\"${name}\", \"privileged\":${privileged}, \"stateless\":${stateless}, \"force\":${force}, \"useContainerUid\":${use_uid}, \"defaultEnvironment\":${default_env}}" +data="{\"image\":\"${image}\", \"name\":\"${name}\", \"privileged\":${privileged}, \"stateless\":${stateless}, \"force\":${force}, \"useContainerUid\":${use_uid}, \"defaultEnvironment\":${default_env}, \"token\":${request_token}}" curlCommand="curl -X POST -sk -H \"Authorization: Bearer $TOKEN\" -H \"Content-Type: application/json\" --data '$data' '$BASE_URL/actors/v2'" function filter() { diff --git a/abaco-deploy.sh b/abaco-deploy.sh index 3a4c39c..7b188b0 100755 --- a/abaco-deploy.sh +++ b/abaco-deploy.sh @@ -21,12 +21,13 @@ Options: -t override file REACTOR_IMAGE_VERSION -s override REACTOR_STATEFUL to deploy the actor as stateless -S override REACTOR_STATEFUL to deploy the actor as stateful + -A override REACTOR_TOKENS to deploy actor without Tapis tokens -p don't pull source image when building -k bypass Docker cache when building -K skip pushing to the container registry - -R dry run - only build image -U update preexisting actor (provided or from .ACTOR_ID) -D display only (do not cache actor ID on the host) + -R dry run - build container image and stop " function usage() { @@ -71,10 +72,12 @@ displayonly=0 stateful=0 varstateful= optstateful= +opt_no_token=0 +no_tokens=0 verbose=0 current_actor= -while getopts ":hz:F:B:RpkUkKsvSDO:c:t:" o; do +while getopts ":hz:F:B:RpkUkKsvSDAO:c:t:" o; do case "${o}" in z) # API token tok=${OPTARG} @@ -115,6 +118,9 @@ while getopts ":hz:F:B:RpkUkKsvSDO:c:t:" o; do S) # stateful optstateful=1 ;; + A) # disable tokens + opt_no_token=1 + ;; D) # display only displayonly=1 ;; @@ -207,6 +213,7 @@ REACTOR_DESCRIPTION= REACTOR_STATEFUL= REACTOR_PRIVILEGED= REACTOR_USE_UID= +REACTOR_TOKENS= # Docker image DOCKER_HUB_ORG= @@ -243,6 +250,17 @@ if [ -z "${REACTOR_NAME}" ]; then echo "${REACTOR_NAME}" fi +# Whether to automatically request API tokens +if [ "${REACTOR_TOKENS}" == "1" ]; then + # Read default from config file + # Do not disable in abaco create/update + no_tokens=0 +fi +# If CLI option was passed, disable in abaco create/update +if ((opt_no_token)); then + no_tokens=1 +fi + # Read STATEFUL from config if [ "${REACTOR_STATEFUL}" == "1" ]; then stateful=1 @@ -330,6 +348,11 @@ if [ "${REACTOR_USE_UID}" == "1" ]; then ABACO_CREATE_OPTS="$ABACO_CREATE_OPTS -u" fi +# Pass -A to create if token issuance is to be disabled +if ((no_tokens)); then + ABACO_CREATE_OPTS="$ABACO_CREATE_OPTS -A" +fi + # If updating, do not include name or stateless if [ -z "$current_actor" ]; then ABACO_CREATE_OPTS="$ABACO_CREATE_OPTS -n ${REACTOR_NAME}" diff --git a/abaco-init.sh b/abaco-init.sh index 2d05083..f57db2e 100755 --- a/abaco-init.sh +++ b/abaco-init.sh @@ -126,6 +126,7 @@ cat <"${basepath}/${name}/reactor.rc" # Reactor mandatory settings REACTOR_NAME=${name} REACTOR_DESCRIPTION="${description}" +REACTOR_TOKENS=1 REACTOR_PRIVILEGED= REACTOR_USE_UID= REACTOR_STATEFUL= diff --git a/abaco-update.sh b/abaco-update.sh index 0553509..43970a0 100755 --- a/abaco-update.sh +++ b/abaco-update.sh @@ -17,8 +17,9 @@ Options: -e set environment variables (key=value) -E read environment variables from json file -p add privileged status - -f force update + -A disable creation of Tapis tokens -u use actor uid + -f force update -v verbose output -V very verbose output " @@ -37,11 +38,12 @@ privileged="false" stateless="true" force="false" use_uid="false" +request_token="true" tok= # the s and S opts are here to swallow them when passed - we do not allow # toggling between stateless and stateful via an update operation -while getopts ":he:E:pfsSuvz:V" o; do +while getopts ":he:E:pfsSAuvz:V" o; do case "${o}" in z) # custom token tok=${OPTARG} @@ -64,6 +66,9 @@ while getopts ":he:E:pfsSuvz:V" o; do S) # stateful! stateless="false" ;; + A) # do not request tokens + request_token="false" + ;; u) # use uid use_uid=true ;; @@ -113,7 +118,7 @@ stateless=$(${DIR}/abaco ls -v ${actorid} | jq -r .result.stateless) # curl command # \"stateless\":\"${stateless}\", -data="{\"stateless\":\"${stateless}\", \"image\":\"${image}\", \"privileged\":${privileged}, \"force\":${force}, \"useContainerUid\":${use_uid}, \"defaultEnvironment\":${default_env}}" +data="{\"stateless\":\"${stateless}\", \"image\":\"${image}\", \"privileged\":${privileged}, \"force\":${force}, \"useContainerUid\":${use_uid}, \"defaultEnvironment\":${default_env}, \"token\":${request_token}}" curlCommand="curl -X PUT -sk -H \"Authorization: Bearer $TOKEN\" -H \"Content-Type: application/json\" --data '$data' '$BASE_URL/actors/v2/${actorid}'" function filter() {