[ARVADOS] updated: 6a202a2765bdbac5062fd34231804527edfb6a14

Git user git at public.curoverse.com
Mon Apr 18 11:44:47 EDT 2016


Summary of changes:
 doc/install/install-keepstore.html.textile.liquid | 2 +-
 services/api/config/application.default.yml       | 4 +++-
 services/keepstore/keepstore.go                   | 3 ++-
 3 files changed, 6 insertions(+), 3 deletions(-)

       via  6a202a2765bdbac5062fd34231804527edfb6a14 (commit)
      from  ecf4a87ac687b713d3eb4f191f4c5ead293fa046 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.


commit 6a202a2765bdbac5062fd34231804527edfb6a14
Author: radhika <radhika at curoverse.com>
Date:   Mon Apr 18 11:44:16 2016 -0400

    8936: update blob-signing-ttl related documentation.

diff --git a/doc/install/install-keepstore.html.textile.liquid b/doc/install/install-keepstore.html.textile.liquid
index 13dfaf6..0f36c5d 100644
--- a/doc/install/install-keepstore.html.textile.liquid
+++ b/doc/install/install-keepstore.html.textile.liquid
@@ -41,7 +41,7 @@ Usage of ./keepstore:
   -azure-storage-account-name="": Azure storage account name used for subsequent --azure-storage-container-volume arguments.
   -azure-storage-container-volume=[]: Use the given container as a storage volume. Can be given multiple times.
   -azure-storage-replication=3: Replication level to report to clients when data is stored in an Azure container.
-  -blob-signature-ttl=1209600: Lifetime of blob permission signatures. See services/api/config/application.default.yml.
+  -blob-signature-ttl=1209600: Lifetime of blob permission signatures. This will become a part of the signing key, and will cause clients to retry or fail if changed while they are in progress. See services/api/config/application.default.yml.
   -blob-signing-key-file="": File containing the secret key for generating and verifying blob permission signatures.
   -data-manager-token-file="": File with the API token used by the Data Manager. All DELETE requests or GET /index requests must carry this token.
   -enforce-permissions=false: Enforce permission signatures on requests.
diff --git a/services/api/config/application.default.yml b/services/api/config/application.default.yml
index 6691683..8a1c644 100644
--- a/services/api/config/application.default.yml
+++ b/services/api/config/application.default.yml
@@ -148,7 +148,9 @@ common:
   ###
 
   # Lifetime (in seconds) of blob permission signatures generated by
-  # the API server. This determines how long a client can take (after
+  # the API server. This will become a part of the blob signing key,
+  # and will cause clients to retry or fail if changed while they are
+  # in progres.This determines how long a client can take (after
   # retrieving a collection record) to retrieve the collection data
   # from Keep. If the client needs more time than that (assuming the
   # collection still has the same content and the relevant user/token
diff --git a/services/keepstore/keepstore.go b/services/keepstore/keepstore.go
index 40e62c5..cf15dff 100644
--- a/services/keepstore/keepstore.go
+++ b/services/keepstore/keepstore.go
@@ -189,7 +189,8 @@ func main() {
 		&permissionTTLSec,
 		"blob-signature-ttl",
 		int(time.Duration(2*7*24*time.Hour).Seconds()),
-		"Lifetime of blob permission signatures. "+
+		"Lifetime of blob permission signatures. This will become a part of the signing key, "+
+			"and will cause clients to retry or fail if changed while they are in progress. "+
 			"See services/api/config/application.default.yml.")
 	flag.BoolVar(
 		&flagSerializeIO,

-----------------------------------------------------------------------


hooks/post-receive
-- 




More information about the arvados-commits mailing list