addressed review comments. 11/8/2019
Signed-off-by: Chao Li <chaol@vmware.com>
This commit is contained in:
parent
8bf02125f9
commit
a26aa3a417
|
@ -39,8 +39,7 @@ func (s *Server) CheckResourceWebHook(dbPipeline db.Pipeline) http.Handler {
|
|||
return
|
||||
}
|
||||
|
||||
globalVariables := creds.NewVariables(s.secretManager, dbPipeline.TeamName(), dbPipeline.Name(), false)
|
||||
variables, err := dbPipeline.Variables(logger, globalVariables, s.varSourcePool)
|
||||
variables, err := dbPipeline.Variables(logger, s.secretManager, s.varSourcePool)
|
||||
if err != nil {
|
||||
logger.Error("failed-to-create-var-sources", err)
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
|
|
|
@ -86,7 +86,8 @@ type ATCCommand struct {
|
|||
|
||||
type RunCommand struct {
|
||||
Logger flag.Lager
|
||||
VarSourcePool creds.VarSourcePool
|
||||
|
||||
varSourcePool creds.VarSourcePool
|
||||
|
||||
BindIP flag.IP `long:"bind-ip" default:"0.0.0.0" description:"IP address on which to listen for web traffic."`
|
||||
BindPort uint16 `long:"bind-port" default:"8080" description:"Port on which to listen for HTTP traffic."`
|
||||
|
@ -451,7 +452,7 @@ func (cmd *RunCommand) Runner(positionalArguments []string) (ifrit.Runner, error
|
|||
return nil, err
|
||||
}
|
||||
|
||||
cmd.VarSourcePool = creds.NewVarSourcePool(5 * time.Minute)
|
||||
cmd.varSourcePool = creds.NewVarSourcePool(5 * time.Minute, clock.NewClock())
|
||||
|
||||
members, err := cmd.constructMembers(logger, reconfigurableSink, apiConn, backendConn, gcConn, storage, lockFactory, secretManager)
|
||||
if err != nil {
|
||||
|
@ -613,7 +614,7 @@ func (cmd *RunCommand) constructAPIMembers(
|
|||
dbContainerRepository := db.NewContainerRepository(dbConn)
|
||||
gcContainerDestroyer := gc.NewDestroyer(logger, dbContainerRepository, dbVolumeRepository)
|
||||
dbBuildFactory := db.NewBuildFactory(dbConn, lockFactory, cmd.GC.OneOffBuildGracePeriod)
|
||||
dbCheckFactory := db.NewCheckFactory(dbConn, lockFactory, secretManager, cmd.VarSourcePool, cmd.GlobalResourceCheckTimeout)
|
||||
dbCheckFactory := db.NewCheckFactory(dbConn, lockFactory, secretManager, cmd.varSourcePool, cmd.GlobalResourceCheckTimeout)
|
||||
|
||||
accessFactory := accessor.NewAccessFactory(authHandler.PublicKey())
|
||||
customActionRoleMap := accessor.CustomActionRoleMap{}
|
||||
|
@ -818,7 +819,7 @@ func (cmd *RunCommand) constructBackendMembers(
|
|||
)
|
||||
|
||||
dbBuildFactory := db.NewBuildFactory(dbConn, lockFactory, cmd.GC.OneOffBuildGracePeriod)
|
||||
dbCheckFactory := db.NewCheckFactory(dbConn, lockFactory, secretManager, cmd.VarSourcePool, cmd.GlobalResourceCheckTimeout)
|
||||
dbCheckFactory := db.NewCheckFactory(dbConn, lockFactory, secretManager, cmd.varSourcePool, cmd.GlobalResourceCheckTimeout)
|
||||
dbPipelineFactory := db.NewPipelineFactory(dbConn, lockFactory)
|
||||
componentFactory := db.NewComponentFactory(dbConn)
|
||||
|
||||
|
@ -1018,7 +1019,7 @@ func (cmd *RunCommand) constructGCMember(
|
|||
atc.ComponentCollectorVolumes: gc.NewVolumeCollector(dbVolumeRepository, cmd.GC.MissingGracePeriod),
|
||||
atc.ComponentCollectorContainers: gc.NewContainerCollector(dbContainerRepository, jobRunner, cmd.GC.MissingGracePeriod),
|
||||
atc.ComponentCollectorCheckSessions: gc.NewResourceConfigCheckSessionCollector(resourceConfigCheckSessionLifecycle),
|
||||
atc.ComponentCollectorVarSources: gc.NewCollectorTask(cmd.VarSourcePool.(gc.Collector)),
|
||||
atc.ComponentCollectorVarSources: gc.NewCollectorTask(cmd.varSourcePool.(gc.Collector)),
|
||||
}
|
||||
|
||||
for collectorName, collector := range collectors {
|
||||
|
@ -1478,7 +1479,7 @@ func (cmd *RunCommand) constructEngine(
|
|||
builder.NewDelegateFactory(),
|
||||
cmd.ExternalURL.String(),
|
||||
secretManager,
|
||||
cmd.VarSourcePool,
|
||||
cmd.varSourcePool,
|
||||
cmd.EnableRedactSecrets,
|
||||
)
|
||||
|
||||
|
@ -1598,7 +1599,7 @@ func (cmd *RunCommand) constructAPIHandler(
|
|||
concourse.Version,
|
||||
concourse.WorkerVersion,
|
||||
secretManager,
|
||||
cmd.VarSourcePool,
|
||||
cmd.varSourcePool,
|
||||
credsManagers,
|
||||
containerserver.NewInterceptTimeoutFactory(cmd.InterceptIdleTimeout),
|
||||
)
|
||||
|
@ -1638,7 +1639,6 @@ func (cmd *RunCommand) constructPipelineSyncer(
|
|||
pipelineFactory,
|
||||
componentFactory,
|
||||
func(pipeline db.Pipeline) ifrit.Runner {
|
||||
variables := creds.NewVariables(secretManager, pipeline.TeamName(), pipeline.Name(), false)
|
||||
return grouper.NewParallel(os.Interrupt, grouper.Members{
|
||||
{
|
||||
Name: fmt.Sprintf("radar:%d", pipeline.ID()),
|
||||
|
@ -1648,7 +1648,7 @@ func (cmd *RunCommand) constructPipelineSyncer(
|
|||
"pipeline": pipeline.Name(),
|
||||
}),
|
||||
(cmd.Developer.Noop || cmd.EnableLidar),
|
||||
radarSchedulerFactory.BuildScanRunnerFactory(pipeline, cmd.ExternalURL.String(), variables, cmd.VarSourcePool, bus),
|
||||
radarSchedulerFactory.BuildScanRunnerFactory(pipeline, cmd.ExternalURL.String(), secretManager, cmd.varSourcePool, bus),
|
||||
pipeline,
|
||||
1*time.Minute,
|
||||
),
|
||||
|
|
|
@ -4,6 +4,7 @@ import (
|
|||
"sync"
|
||||
"time"
|
||||
|
||||
"code.cloudfoundry.org/clock"
|
||||
"code.cloudfoundry.org/lager"
|
||||
"encoding/json"
|
||||
)
|
||||
|
@ -19,6 +20,7 @@ type inPoolManager struct {
|
|||
manager Manager
|
||||
secretsFactory SecretsFactory
|
||||
lastUseTime time.Time
|
||||
clock clock.Clock
|
||||
}
|
||||
|
||||
func (m *inPoolManager) Close(logger lager.Logger) {
|
||||
|
@ -26,14 +28,15 @@ func (m *inPoolManager) Close(logger lager.Logger) {
|
|||
}
|
||||
|
||||
func (m *inPoolManager) NewSecrets() Secrets {
|
||||
m.lastUseTime = time.Now()
|
||||
m.lastUseTime = m.clock.Now()
|
||||
return m.secretsFactory.NewSecrets()
|
||||
}
|
||||
|
||||
type varSourcePool struct {
|
||||
pool map[string]*inPoolManager
|
||||
lock sync.Mutex
|
||||
ttl time.Duration
|
||||
pool map[string]*inPoolManager
|
||||
lock sync.Mutex
|
||||
ttl time.Duration
|
||||
clock clock.Clock
|
||||
}
|
||||
|
||||
func (pool *varSourcePool) Size() int {
|
||||
|
@ -66,6 +69,7 @@ func (pool *varSourcePool) FindOrCreate(logger lager.Logger, config map[string]i
|
|||
}
|
||||
|
||||
pool.pool[key] = &inPoolManager{
|
||||
clock: pool.clock,
|
||||
manager: manager,
|
||||
secretsFactory: secretsFactory,
|
||||
}
|
||||
|
@ -84,7 +88,7 @@ func (pool *varSourcePool) Collect(logger lager.Logger) error {
|
|||
|
||||
toDeleteKeys := []string{}
|
||||
for key, manager := range pool.pool {
|
||||
if manager.lastUseTime.Add(pool.ttl).Before(time.Now()) {
|
||||
if manager.lastUseTime.Add(pool.ttl).Before(pool.clock.Now()) {
|
||||
toDeleteKeys = append(toDeleteKeys, key)
|
||||
manager.Close(logger)
|
||||
}
|
||||
|
@ -99,10 +103,11 @@ func (pool *varSourcePool) Collect(logger lager.Logger) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func NewVarSourcePool(ttl time.Duration) VarSourcePool {
|
||||
func NewVarSourcePool(ttl time.Duration, clock clock.Clock) VarSourcePool {
|
||||
return &varSourcePool{
|
||||
pool: map[string]*inPoolManager{},
|
||||
lock: sync.Mutex{},
|
||||
ttl: ttl,
|
||||
pool: map[string]*inPoolManager{},
|
||||
lock: sync.Mutex{},
|
||||
ttl: ttl,
|
||||
clock: clock,
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
package creds_test
|
||||
|
||||
import (
|
||||
"code.cloudfoundry.org/clock/fakeclock"
|
||||
"code.cloudfoundry.org/lager"
|
||||
"code.cloudfoundry.org/lager/lagertest"
|
||||
"github.com/concourse/concourse/atc/creds"
|
||||
|
@ -20,6 +21,7 @@ var _ = Context("pool", func() {
|
|||
factory creds.ManagerFactory
|
||||
varSourcePool creds.VarSourcePool
|
||||
config1, config2 map[string]interface{}
|
||||
fakeClock *fakeclock.FakeClock
|
||||
)
|
||||
|
||||
BeforeEach(func() {
|
||||
|
@ -33,17 +35,19 @@ var _ = Context("pool", func() {
|
|||
config2 = map[string]interface{}{
|
||||
"vars": map[string]interface{}{"k2": "v2"},
|
||||
}
|
||||
|
||||
fakeClock = fakeclock.NewFakeClock(time.Now())
|
||||
})
|
||||
|
||||
Context("FindOrCreate", func() {
|
||||
BeforeEach(func() {
|
||||
varSourcePool = creds.NewVarSourcePool(5 * time.Minute)
|
||||
varSourcePool = creds.NewVarSourcePool(5*time.Minute, fakeClock)
|
||||
})
|
||||
|
||||
Context("add 1 config", func() {
|
||||
var (
|
||||
secrets creds.Secrets
|
||||
err error
|
||||
err error
|
||||
)
|
||||
|
||||
JustBeforeEach(func() {
|
||||
|
@ -72,7 +76,7 @@ var _ = Context("pool", func() {
|
|||
Context("add 2 configs", func() {
|
||||
var (
|
||||
secrets1, secrets2 creds.Secrets
|
||||
err error
|
||||
err error
|
||||
)
|
||||
JustBeforeEach(func() {
|
||||
secrets1, err = varSourcePool.FindOrCreate(logger, config1, factory)
|
||||
|
@ -113,7 +117,7 @@ var _ = Context("pool", func() {
|
|||
Context("add same config for multiple times", func() {
|
||||
var (
|
||||
secrets1, secrets2 creds.Secrets
|
||||
err error
|
||||
err error
|
||||
)
|
||||
JustBeforeEach(func() {
|
||||
secrets1, err = varSourcePool.FindOrCreate(logger, config1, factory)
|
||||
|
@ -164,24 +168,24 @@ var _ = Context("pool", func() {
|
|||
var err error
|
||||
|
||||
BeforeEach(func() {
|
||||
varSourcePool = creds.NewVarSourcePool(4 * time.Second)
|
||||
varSourcePool = creds.NewVarSourcePool(7*time.Second, fakeClock)
|
||||
})
|
||||
It("should clean up once ttl expires", func() {
|
||||
_, err = varSourcePool.FindOrCreate(logger, config1, factory)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(varSourcePool.Size()).To(Equal(1))
|
||||
|
||||
time.Sleep(2*time.Second)
|
||||
fakeClock.IncrementBySeconds(4)
|
||||
_, err = varSourcePool.FindOrCreate(logger, config2, factory)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(varSourcePool.Size()).To(Equal(2))
|
||||
|
||||
time.Sleep(2*time.Second)
|
||||
fakeClock.IncrementBySeconds(4)
|
||||
err = varSourcePool.(gc.Collector).Collect(logger)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(varSourcePool.Size()).To(Equal(1))
|
||||
|
||||
time.Sleep(2*time.Second)
|
||||
fakeClock.IncrementBySeconds(4)
|
||||
err = varSourcePool.(gc.Collector).Collect(logger)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(varSourcePool.Size()).To(Equal(0))
|
||||
|
|
|
@ -151,13 +151,6 @@ func (c *checkFactory) TryCreateCheck(logger lager.Logger, checkable Checkable,
|
|||
}
|
||||
}
|
||||
|
||||
globalVars := creds.NewVariables(
|
||||
c.secrets,
|
||||
checkable.TeamName(),
|
||||
checkable.PipelineName(),
|
||||
false,
|
||||
)
|
||||
|
||||
pp, found, err := checkable.Pipeline()
|
||||
if err != nil {
|
||||
return nil, false, fmt.Errorf("failed to reload pipeline: %s", err.Error())
|
||||
|
@ -166,7 +159,7 @@ func (c *checkFactory) TryCreateCheck(logger lager.Logger, checkable Checkable,
|
|||
return nil, false, fmt.Errorf("pipeline not found")
|
||||
}
|
||||
|
||||
varss, err := pp.Variables(logger, globalVars, c.varSourcePool)
|
||||
varss, err := pp.Variables(logger, c.secrets, c.varSourcePool)
|
||||
if err != nil {
|
||||
return nil, false, err
|
||||
}
|
||||
|
|
|
@ -475,11 +475,11 @@ type FakePipeline struct {
|
|||
varSourcesReturnsOnCall map[int]struct {
|
||||
result1 atc.VarSourceConfigs
|
||||
}
|
||||
VariablesStub func(lager.Logger, vars.Variables, creds.VarSourcePool) (vars.Variables, error)
|
||||
VariablesStub func(lager.Logger, creds.Secrets, creds.VarSourcePool) (vars.Variables, error)
|
||||
variablesMutex sync.RWMutex
|
||||
variablesArgsForCall []struct {
|
||||
arg1 lager.Logger
|
||||
arg2 vars.Variables
|
||||
arg2 creds.Secrets
|
||||
arg3 creds.VarSourcePool
|
||||
}
|
||||
variablesReturns struct {
|
||||
|
@ -2691,12 +2691,12 @@ func (fake *FakePipeline) VarSourcesReturnsOnCall(i int, result1 atc.VarSourceCo
|
|||
}{result1}
|
||||
}
|
||||
|
||||
func (fake *FakePipeline) Variables(arg1 lager.Logger, arg2 vars.Variables, arg3 creds.VarSourcePool) (vars.Variables, error) {
|
||||
func (fake *FakePipeline) Variables(arg1 lager.Logger, arg2 creds.Secrets, arg3 creds.VarSourcePool) (vars.Variables, error) {
|
||||
fake.variablesMutex.Lock()
|
||||
ret, specificReturn := fake.variablesReturnsOnCall[len(fake.variablesArgsForCall)]
|
||||
fake.variablesArgsForCall = append(fake.variablesArgsForCall, struct {
|
||||
arg1 lager.Logger
|
||||
arg2 vars.Variables
|
||||
arg2 creds.Secrets
|
||||
arg3 creds.VarSourcePool
|
||||
}{arg1, arg2, arg3})
|
||||
fake.recordInvocation("Variables", []interface{}{arg1, arg2, arg3})
|
||||
|
@ -2717,13 +2717,13 @@ func (fake *FakePipeline) VariablesCallCount() int {
|
|||
return len(fake.variablesArgsForCall)
|
||||
}
|
||||
|
||||
func (fake *FakePipeline) VariablesCalls(stub func(lager.Logger, vars.Variables, creds.VarSourcePool) (vars.Variables, error)) {
|
||||
func (fake *FakePipeline) VariablesCalls(stub func(lager.Logger, creds.Secrets, creds.VarSourcePool) (vars.Variables, error)) {
|
||||
fake.variablesMutex.Lock()
|
||||
defer fake.variablesMutex.Unlock()
|
||||
fake.VariablesStub = stub
|
||||
}
|
||||
|
||||
func (fake *FakePipeline) VariablesArgsForCall(i int) (lager.Logger, vars.Variables, creds.VarSourcePool) {
|
||||
func (fake *FakePipeline) VariablesArgsForCall(i int) (lager.Logger, creds.Secrets, creds.VarSourcePool) {
|
||||
fake.variablesMutex.RLock()
|
||||
defer fake.variablesMutex.RUnlock()
|
||||
argsForCall := fake.variablesArgsForCall[i]
|
||||
|
|
|
@ -87,7 +87,7 @@ type Pipeline interface {
|
|||
Destroy() error
|
||||
Rename(string) error
|
||||
|
||||
Variables(lager.Logger, vars.Variables, creds.VarSourcePool) (vars.Variables, error)
|
||||
Variables(lager.Logger, creds.Secrets, creds.VarSourcePool) (vars.Variables, error)
|
||||
}
|
||||
|
||||
type pipeline struct {
|
||||
|
@ -1106,7 +1106,8 @@ func (p *pipeline) getBuildsFrom(tx Tx, col string) (map[string]Build, error) {
|
|||
// Variables creates variables for this pipeline. If this pipeline has its own
|
||||
// var_sources, a vars.MultiVars containing all pipeline specific var_sources
|
||||
// plug the global variables, otherwise just return the global variables.
|
||||
func (p *pipeline) Variables(logger lager.Logger, globalVars vars.Variables, varSourcePool creds.VarSourcePool) (vars.Variables, error) {
|
||||
func (p *pipeline) Variables(logger lager.Logger, globalSecrets creds.Secrets, varSourcePool creds.VarSourcePool) (vars.Variables, error) {
|
||||
globalVars := creds.NewVariables(globalSecrets, p.TeamName(), p.Name(), false)
|
||||
varss := []vars.Variables{}
|
||||
for _, cm := range p.varSources {
|
||||
factory := creds.ManagerFactories()[cm.Type]
|
||||
|
|
|
@ -1,7 +1,9 @@
|
|||
package db_test
|
||||
|
||||
import (
|
||||
"code.cloudfoundry.org/clock"
|
||||
"github.com/concourse/concourse/atc/creds"
|
||||
"github.com/concourse/concourse/atc/creds/credsfakes"
|
||||
"github.com/concourse/concourse/vars"
|
||||
"strconv"
|
||||
"time"
|
||||
|
@ -2272,9 +2274,15 @@ var _ = Describe("Pipeline", func() {
|
|||
err error
|
||||
)
|
||||
BeforeEach(func() {
|
||||
globalVars := vars.StaticVariables{"gk": "gv"}
|
||||
varSourcePool := creds.NewVarSourcePool(1*time.Minute)
|
||||
pvars, err = pipeline.Variables(logger, globalVars, varSourcePool)
|
||||
fakeSecrets = new(credsfakes.FakeSecrets)
|
||||
fakeSecrets.GetStub = func(key string)(interface{}, *time.Time, bool, error) {
|
||||
if key == "gk" {
|
||||
return "gv", nil, true, nil
|
||||
}
|
||||
return nil, nil, false, nil
|
||||
}
|
||||
varSourcePool := creds.NewVarSourcePool(1*time.Minute, clock.NewClock())
|
||||
pvars, err = pipeline.Variables(logger, fakeSecrets, varSourcePool)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
})
|
||||
|
||||
|
|
|
@ -800,8 +800,7 @@ func (t *team) FindCheckContainers(logger lager.Logger, pipelineName string, res
|
|||
return nil, nil, err
|
||||
}
|
||||
|
||||
globalVariables := creds.NewVariables(secretManager, t.name, pipeline.Name(), false)
|
||||
variables, err := pipeline.Variables(logger, globalVariables, varSourcePool)
|
||||
variables, err := pipeline.Variables(logger, secretManager, varSourcePool)
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
|
|
|
@ -75,9 +75,9 @@ func (builder *stepBuilder) BuildStep(logger lager.Logger, build db.Build) (exec
|
|||
|
||||
var credVarsTracker vars.CredVarsTracker
|
||||
|
||||
globalVars := creds.NewVariables(builder.globalSecrets, build.TeamName(), build.PipelineName(), false)
|
||||
// "fly execute" generated build will have no pipeline.
|
||||
if build.PipelineID() == 0 {
|
||||
globalVars := creds.NewVariables(builder.globalSecrets, build.TeamName(), build.PipelineName(), false)
|
||||
credVarsTracker = vars.NewCredVarsTracker(globalVars, builder.redactSecrets)
|
||||
} else {
|
||||
pipeline, found, err := build.Pipeline()
|
||||
|
@ -88,7 +88,7 @@ func (builder *stepBuilder) BuildStep(logger lager.Logger, build db.Build) (exec
|
|||
return exec.IdentityStep{}, errors.New("pipeline not found")
|
||||
}
|
||||
|
||||
varss, err := pipeline.Variables(logger, globalVars, builder.varSourcePool)
|
||||
varss, err := pipeline.Variables(logger, builder.globalSecrets, builder.varSourcePool)
|
||||
if err != nil {
|
||||
return exec.IdentityStep{}, err
|
||||
}
|
||||
|
@ -120,8 +120,7 @@ func (builder *stepBuilder) CheckStep(logger lager.Logger, check db.Check) (exec
|
|||
return exec.IdentityStep{}, errors.New("pipeline not found")
|
||||
}
|
||||
|
||||
globalVars := creds.NewVariables(builder.globalSecrets, check.TeamName(), check.PipelineName(), false)
|
||||
varss, err := pipeline.Variables(logger, globalVars, builder.varSourcePool)
|
||||
varss, err := pipeline.Variables(logger, builder.globalSecrets, builder.varSourcePool)
|
||||
if err != nil {
|
||||
return exec.IdentityStep{}, fmt.Errorf("failed to create pipeline variables: %s", err.Error())
|
||||
}
|
||||
|
|
|
@ -9,16 +9,15 @@ import (
|
|||
"github.com/concourse/concourse/atc/pipelines"
|
||||
"github.com/concourse/concourse/atc/radar"
|
||||
"github.com/concourse/concourse/atc/scheduler"
|
||||
"github.com/concourse/concourse/vars"
|
||||
)
|
||||
|
||||
type FakeRadarSchedulerFactory struct {
|
||||
BuildScanRunnerFactoryStub func(db.Pipeline, string, vars.Variables, creds.VarSourcePool, radar.Notifications) radar.ScanRunnerFactory
|
||||
BuildScanRunnerFactoryStub func(db.Pipeline, string, creds.Secrets, creds.VarSourcePool, radar.Notifications) radar.ScanRunnerFactory
|
||||
buildScanRunnerFactoryMutex sync.RWMutex
|
||||
buildScanRunnerFactoryArgsForCall []struct {
|
||||
arg1 db.Pipeline
|
||||
arg2 string
|
||||
arg3 vars.Variables
|
||||
arg3 creds.Secrets
|
||||
arg4 creds.VarSourcePool
|
||||
arg5 radar.Notifications
|
||||
}
|
||||
|
@ -43,13 +42,13 @@ type FakeRadarSchedulerFactory struct {
|
|||
invocationsMutex sync.RWMutex
|
||||
}
|
||||
|
||||
func (fake *FakeRadarSchedulerFactory) BuildScanRunnerFactory(arg1 db.Pipeline, arg2 string, arg3 vars.Variables, arg4 creds.VarSourcePool, arg5 radar.Notifications) radar.ScanRunnerFactory {
|
||||
func (fake *FakeRadarSchedulerFactory) BuildScanRunnerFactory(arg1 db.Pipeline, arg2 string, arg3 creds.Secrets, arg4 creds.VarSourcePool, arg5 radar.Notifications) radar.ScanRunnerFactory {
|
||||
fake.buildScanRunnerFactoryMutex.Lock()
|
||||
ret, specificReturn := fake.buildScanRunnerFactoryReturnsOnCall[len(fake.buildScanRunnerFactoryArgsForCall)]
|
||||
fake.buildScanRunnerFactoryArgsForCall = append(fake.buildScanRunnerFactoryArgsForCall, struct {
|
||||
arg1 db.Pipeline
|
||||
arg2 string
|
||||
arg3 vars.Variables
|
||||
arg3 creds.Secrets
|
||||
arg4 creds.VarSourcePool
|
||||
arg5 radar.Notifications
|
||||
}{arg1, arg2, arg3, arg4, arg5})
|
||||
|
@ -71,13 +70,13 @@ func (fake *FakeRadarSchedulerFactory) BuildScanRunnerFactoryCallCount() int {
|
|||
return len(fake.buildScanRunnerFactoryArgsForCall)
|
||||
}
|
||||
|
||||
func (fake *FakeRadarSchedulerFactory) BuildScanRunnerFactoryCalls(stub func(db.Pipeline, string, vars.Variables, creds.VarSourcePool, radar.Notifications) radar.ScanRunnerFactory) {
|
||||
func (fake *FakeRadarSchedulerFactory) BuildScanRunnerFactoryCalls(stub func(db.Pipeline, string, creds.Secrets, creds.VarSourcePool, radar.Notifications) radar.ScanRunnerFactory) {
|
||||
fake.buildScanRunnerFactoryMutex.Lock()
|
||||
defer fake.buildScanRunnerFactoryMutex.Unlock()
|
||||
fake.BuildScanRunnerFactoryStub = stub
|
||||
}
|
||||
|
||||
func (fake *FakeRadarSchedulerFactory) BuildScanRunnerFactoryArgsForCall(i int) (db.Pipeline, string, vars.Variables, creds.VarSourcePool, radar.Notifications) {
|
||||
func (fake *FakeRadarSchedulerFactory) BuildScanRunnerFactoryArgsForCall(i int) (db.Pipeline, string, creds.Secrets, creds.VarSourcePool, radar.Notifications) {
|
||||
fake.buildScanRunnerFactoryMutex.RLock()
|
||||
defer fake.buildScanRunnerFactoryMutex.RUnlock()
|
||||
argsForCall := fake.buildScanRunnerFactoryArgsForCall[i]
|
||||
|
|
|
@ -15,14 +15,13 @@ import (
|
|||
"github.com/concourse/concourse/atc/scheduler/inputmapper/inputconfig"
|
||||
"github.com/concourse/concourse/atc/scheduler/maxinflight"
|
||||
"github.com/concourse/concourse/atc/worker"
|
||||
"github.com/concourse/concourse/vars"
|
||||
)
|
||||
|
||||
//go:generate counterfeiter . RadarSchedulerFactory
|
||||
|
||||
type RadarSchedulerFactory interface {
|
||||
BuildScanRunnerFactory(dbPipeline db.Pipeline, externalURL string, variables vars.Variables, pool creds.VarSourcePool, notifications radar.Notifications) radar.ScanRunnerFactory
|
||||
BuildScheduler(pipeline db.Pipeline) scheduler.BuildScheduler
|
||||
BuildScanRunnerFactory(db.Pipeline, string, creds.Secrets, creds.VarSourcePool, radar.Notifications) radar.ScanRunnerFactory
|
||||
BuildScheduler(db.Pipeline) scheduler.BuildScheduler
|
||||
}
|
||||
|
||||
type radarSchedulerFactory struct {
|
||||
|
@ -52,7 +51,7 @@ func NewRadarSchedulerFactory(
|
|||
}
|
||||
}
|
||||
|
||||
func (rsf *radarSchedulerFactory) BuildScanRunnerFactory(dbPipeline db.Pipeline, externalURL string, variables vars.Variables, varSourcePool creds.VarSourcePool, notifications radar.Notifications) radar.ScanRunnerFactory {
|
||||
func (rsf *radarSchedulerFactory) BuildScanRunnerFactory(dbPipeline db.Pipeline, externalURL string, secrets creds.Secrets, varSourcePool creds.VarSourcePool, notifications radar.Notifications) radar.ScanRunnerFactory {
|
||||
return radar.NewScanRunnerFactory(
|
||||
rsf.pool,
|
||||
rsf.resourceFactory,
|
||||
|
@ -62,7 +61,7 @@ func (rsf *radarSchedulerFactory) BuildScanRunnerFactory(dbPipeline db.Pipeline,
|
|||
dbPipeline,
|
||||
clock.NewClock(),
|
||||
externalURL,
|
||||
variables,
|
||||
secrets,
|
||||
varSourcePool,
|
||||
rsf.strategy,
|
||||
notifications,
|
||||
|
|
|
@ -15,7 +15,6 @@ import (
|
|||
"github.com/concourse/concourse/atc/metric"
|
||||
"github.com/concourse/concourse/atc/resource"
|
||||
"github.com/concourse/concourse/atc/worker"
|
||||
"github.com/concourse/concourse/vars"
|
||||
)
|
||||
|
||||
var GlobalResourceCheckTimeout time.Duration
|
||||
|
@ -28,7 +27,7 @@ type resourceScanner struct {
|
|||
defaultInterval time.Duration
|
||||
dbPipeline db.Pipeline
|
||||
externalURL string
|
||||
variables vars.Variables
|
||||
secrets creds.Secrets
|
||||
varSourcePool creds.VarSourcePool
|
||||
strategy worker.ContainerPlacementStrategy
|
||||
}
|
||||
|
@ -41,7 +40,7 @@ func NewResourceScanner(
|
|||
defaultInterval time.Duration,
|
||||
dbPipeline db.Pipeline,
|
||||
externalURL string,
|
||||
variables vars.Variables,
|
||||
secrets creds.Secrets,
|
||||
varSourcePool creds.VarSourcePool,
|
||||
strategy worker.ContainerPlacementStrategy,
|
||||
) Scanner {
|
||||
|
@ -53,7 +52,7 @@ func NewResourceScanner(
|
|||
defaultInterval: defaultInterval,
|
||||
dbPipeline: dbPipeline,
|
||||
externalURL: externalURL,
|
||||
variables: variables,
|
||||
secrets: secrets,
|
||||
varSourcePool: varSourcePool,
|
||||
strategy: strategy,
|
||||
}
|
||||
|
@ -167,7 +166,7 @@ func (scanner *resourceScanner) scan(logger lager.Logger, resourceID int, fromVe
|
|||
}
|
||||
|
||||
// Combine pipeline specific var_sources with the global credential manager.
|
||||
varss, err := scanner.dbPipeline.Variables(logger, scanner.variables, scanner.varSourcePool)
|
||||
varss, err := scanner.dbPipeline.Variables(logger, scanner.secrets, scanner.varSourcePool)
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
|
|
|
@ -40,6 +40,7 @@ var _ = Describe("ResourceScanner", func() {
|
|||
fakeDBPipeline *dbfakes.FakePipeline
|
||||
fakeClock *fakeclock.FakeClock
|
||||
fakeVarSourcePool *credsfakes.FakeVarSourcePool
|
||||
fakeSecrets *credsfakes.FakeSecrets
|
||||
interval time.Duration
|
||||
variables vars.Variables
|
||||
|
||||
|
@ -63,6 +64,15 @@ var _ = Describe("ResourceScanner", func() {
|
|||
fakeLock = &lockfakes.FakeLock{}
|
||||
interval = 1 * time.Minute
|
||||
GlobalResourceCheckTimeout = 1 * time.Hour
|
||||
|
||||
fakeSecrets = new(credsfakes.FakeSecrets)
|
||||
fakeSecrets.GetStub = func(key string) (interface{}, *time.Time, bool, error) {
|
||||
if key == "source-params" {
|
||||
return "some-secret-sauce", nil, true, nil
|
||||
}
|
||||
return nil, nil, false, nil
|
||||
}
|
||||
|
||||
variables = vars.StaticVariables{
|
||||
"source-params": "some-secret-sauce",
|
||||
}
|
||||
|
@ -134,7 +144,7 @@ var _ = Describe("ResourceScanner", func() {
|
|||
interval,
|
||||
fakeDBPipeline,
|
||||
"https://www.example.com",
|
||||
variables,
|
||||
fakeSecrets,
|
||||
fakeVarSourcePool,
|
||||
fakeStrategy,
|
||||
)
|
||||
|
|
|
@ -13,7 +13,6 @@ import (
|
|||
"github.com/concourse/concourse/atc/db"
|
||||
"github.com/concourse/concourse/atc/resource"
|
||||
"github.com/concourse/concourse/atc/worker"
|
||||
"github.com/concourse/concourse/vars"
|
||||
)
|
||||
|
||||
type resourceTypeScanner struct {
|
||||
|
@ -24,7 +23,7 @@ type resourceTypeScanner struct {
|
|||
defaultInterval time.Duration
|
||||
dbPipeline db.Pipeline
|
||||
externalURL string
|
||||
variables vars.Variables
|
||||
secrets creds.Secrets
|
||||
varSourcePool creds.VarSourcePool
|
||||
strategy worker.ContainerPlacementStrategy
|
||||
}
|
||||
|
@ -37,7 +36,7 @@ func NewResourceTypeScanner(
|
|||
defaultInterval time.Duration,
|
||||
dbPipeline db.Pipeline,
|
||||
externalURL string,
|
||||
variables vars.Variables,
|
||||
secrets creds.Secrets,
|
||||
varSourcePool creds.VarSourcePool,
|
||||
strategy worker.ContainerPlacementStrategy,
|
||||
) Scanner {
|
||||
|
@ -49,7 +48,7 @@ func NewResourceTypeScanner(
|
|||
defaultInterval: defaultInterval,
|
||||
dbPipeline: dbPipeline,
|
||||
externalURL: externalURL,
|
||||
variables: variables,
|
||||
secrets: secrets,
|
||||
varSourcePool: varSourcePool,
|
||||
strategy: strategy,
|
||||
}
|
||||
|
@ -128,7 +127,7 @@ func (scanner *resourceTypeScanner) scan(logger lager.Logger, resourceTypeID int
|
|||
return 0, err
|
||||
}
|
||||
|
||||
varss, err := scanner.dbPipeline.Variables(logger, scanner.variables, scanner.varSourcePool)
|
||||
varss, err := scanner.dbPipeline.Variables(logger, scanner.secrets, scanner.varSourcePool)
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
|
@ -143,7 +142,7 @@ func (scanner *resourceTypeScanner) scan(logger lager.Logger, resourceTypeID int
|
|||
return 0, err
|
||||
}
|
||||
|
||||
source, err := creds.NewSource(scanner.variables, savedResourceType.Source()).Evaluate()
|
||||
source, err := creds.NewSource(varss, savedResourceType.Source()).Evaluate()
|
||||
if err != nil {
|
||||
logger.Error("failed-to-evaluate-resource-type-source", err)
|
||||
scanner.setCheckError(logger, savedResourceType, err)
|
||||
|
|
|
@ -40,6 +40,7 @@ var _ = Describe("ResourceTypeScanner", func() {
|
|||
fakeResourceConfigScope *dbfakes.FakeResourceConfigScope
|
||||
fakeClock *fakeclock.FakeClock
|
||||
fakeVarSourcePool *credsfakes.FakeVarSourcePool
|
||||
fakeSecrets *credsfakes.FakeSecrets
|
||||
interval time.Duration
|
||||
variables vars.Variables
|
||||
metadata db.ContainerMetadata
|
||||
|
@ -56,6 +57,15 @@ var _ = Describe("ResourceTypeScanner", func() {
|
|||
BeforeEach(func() {
|
||||
fakeLock = &lockfakes.FakeLock{}
|
||||
interval = 1 * time.Minute
|
||||
|
||||
fakeSecrets = new(credsfakes.FakeSecrets)
|
||||
fakeSecrets.GetStub = func(key string) (interface{}, *time.Time, bool, error) {
|
||||
if key == "source-params" {
|
||||
return "some-secret-sauce", nil, true, nil
|
||||
}
|
||||
return nil, nil, false, nil
|
||||
}
|
||||
|
||||
variables = vars.StaticVariables{
|
||||
"source-params": "some-secret-sauce",
|
||||
}
|
||||
|
@ -113,7 +123,7 @@ var _ = Describe("ResourceTypeScanner", func() {
|
|||
interval,
|
||||
fakeDBPipeline,
|
||||
"https://www.example.com",
|
||||
variables,
|
||||
fakeSecrets,
|
||||
fakeVarSourcePool,
|
||||
fakeStrategy,
|
||||
)
|
||||
|
|
|
@ -4,13 +4,11 @@ import (
|
|||
"github.com/concourse/concourse/atc/creds"
|
||||
"time"
|
||||
|
||||
"code.cloudfoundry.org/clock"
|
||||
"code.cloudfoundry.org/lager"
|
||||
"github.com/concourse/concourse/atc/db"
|
||||
"github.com/concourse/concourse/atc/resource"
|
||||
"github.com/concourse/concourse/atc/worker"
|
||||
"github.com/concourse/concourse/vars"
|
||||
|
||||
"code.cloudfoundry.org/clock"
|
||||
"code.cloudfoundry.org/lager"
|
||||
)
|
||||
|
||||
//go:generate counterfeiter . ScanRunnerFactory
|
||||
|
@ -36,7 +34,7 @@ func NewScanRunnerFactory(
|
|||
dbPipeline db.Pipeline,
|
||||
clock clock.Clock,
|
||||
externalURL string,
|
||||
variables vars.Variables,
|
||||
secrets creds.Secrets,
|
||||
varSourcePool creds.VarSourcePool,
|
||||
strategy worker.ContainerPlacementStrategy,
|
||||
notifications Notifications,
|
||||
|
@ -49,7 +47,7 @@ func NewScanRunnerFactory(
|
|||
resourceTypeCheckingInterval,
|
||||
dbPipeline,
|
||||
externalURL,
|
||||
variables,
|
||||
secrets,
|
||||
varSourcePool,
|
||||
strategy,
|
||||
)
|
||||
|
@ -62,7 +60,7 @@ func NewScanRunnerFactory(
|
|||
resourceCheckingInterval,
|
||||
dbPipeline,
|
||||
externalURL,
|
||||
variables,
|
||||
secrets,
|
||||
varSourcePool,
|
||||
strategy,
|
||||
)
|
||||
|
|
|
@ -62,8 +62,6 @@ func NewScannerFactory(
|
|||
}
|
||||
|
||||
func (f *scannerFactory) NewResourceScanner(logger lager.Logger, dbPipeline db.Pipeline) Scanner {
|
||||
globalVariables := creds.NewVariables(f.secretManager, dbPipeline.TeamName(), dbPipeline.Name(), false)
|
||||
|
||||
return NewResourceScanner(
|
||||
clock.NewClock(),
|
||||
f.pool,
|
||||
|
@ -72,15 +70,13 @@ func (f *scannerFactory) NewResourceScanner(logger lager.Logger, dbPipeline db.P
|
|||
f.resourceCheckingInterval,
|
||||
dbPipeline,
|
||||
f.externalURL,
|
||||
globalVariables,
|
||||
f.secretManager,
|
||||
f.varSourcePool,
|
||||
f.strategy,
|
||||
)
|
||||
}
|
||||
|
||||
func (f *scannerFactory) NewResourceTypeScanner(logger lager.Logger, dbPipeline db.Pipeline) Scanner {
|
||||
globalVariables := creds.NewVariables(f.secretManager, dbPipeline.TeamName(), dbPipeline.Name(), false)
|
||||
|
||||
return NewResourceTypeScanner(
|
||||
clock.NewClock(),
|
||||
f.pool,
|
||||
|
@ -89,7 +85,7 @@ func (f *scannerFactory) NewResourceTypeScanner(logger lager.Logger, dbPipeline
|
|||
f.resourceTypeCheckingInterval,
|
||||
dbPipeline,
|
||||
f.externalURL,
|
||||
globalVariables,
|
||||
f.secretManager,
|
||||
f.varSourcePool,
|
||||
f.strategy,
|
||||
)
|
||||
|
|
Loading…
Reference in New Issue