[ARVADOS] updated: 6a202a2765bdbac5062fd34231804527edfb6a14
Git user
git at public.curoverse.com
Mon Apr 18 11:44:47 EDT 2016
Summary of changes:
doc/install/install-keepstore.html.textile.liquid | 2 +-
services/api/config/application.default.yml | 4 +++-
services/keepstore/keepstore.go | 3 ++-
3 files changed, 6 insertions(+), 3 deletions(-)
via 6a202a2765bdbac5062fd34231804527edfb6a14 (commit)
from ecf4a87ac687b713d3eb4f191f4c5ead293fa046 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
commit 6a202a2765bdbac5062fd34231804527edfb6a14
Author: radhika <radhika at curoverse.com>
Date: Mon Apr 18 11:44:16 2016 -0400
8936: update blob-signing-ttl related documentation.
diff --git a/doc/install/install-keepstore.html.textile.liquid b/doc/install/install-keepstore.html.textile.liquid
index 13dfaf6..0f36c5d 100644
--- a/doc/install/install-keepstore.html.textile.liquid
+++ b/doc/install/install-keepstore.html.textile.liquid
@@ -41,7 +41,7 @@ Usage of ./keepstore:
-azure-storage-account-name="": Azure storage account name used for subsequent --azure-storage-container-volume arguments.
-azure-storage-container-volume=[]: Use the given container as a storage volume. Can be given multiple times.
-azure-storage-replication=3: Replication level to report to clients when data is stored in an Azure container.
- -blob-signature-ttl=1209600: Lifetime of blob permission signatures. See services/api/config/application.default.yml.
+ -blob-signature-ttl=1209600: Lifetime of blob permission signatures. This will become a part of the signing key, and will cause clients to retry or fail if changed while they are in progress. See services/api/config/application.default.yml.
-blob-signing-key-file="": File containing the secret key for generating and verifying blob permission signatures.
-data-manager-token-file="": File with the API token used by the Data Manager. All DELETE requests or GET /index requests must carry this token.
-enforce-permissions=false: Enforce permission signatures on requests.
diff --git a/services/api/config/application.default.yml b/services/api/config/application.default.yml
index 6691683..8a1c644 100644
--- a/services/api/config/application.default.yml
+++ b/services/api/config/application.default.yml
@@ -148,7 +148,9 @@ common:
###
# Lifetime (in seconds) of blob permission signatures generated by
- # the API server. This determines how long a client can take (after
+ # the API server. This will become a part of the blob signing key,
+ # and will cause clients to retry or fail if changed while they are
+ # in progres.This determines how long a client can take (after
# retrieving a collection record) to retrieve the collection data
# from Keep. If the client needs more time than that (assuming the
# collection still has the same content and the relevant user/token
diff --git a/services/keepstore/keepstore.go b/services/keepstore/keepstore.go
index 40e62c5..cf15dff 100644
--- a/services/keepstore/keepstore.go
+++ b/services/keepstore/keepstore.go
@@ -189,7 +189,8 @@ func main() {
&permissionTTLSec,
"blob-signature-ttl",
int(time.Duration(2*7*24*time.Hour).Seconds()),
- "Lifetime of blob permission signatures. "+
+ "Lifetime of blob permission signatures. This will become a part of the signing key, "+
+ "and will cause clients to retry or fail if changed while they are in progress. "+
"See services/api/config/application.default.yml.")
flag.BoolVar(
&flagSerializeIO,
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list