[ARVADOS] created: 1.3.0-3026-gd67b634b9

Git user git at public.arvados.org
Thu Aug 27 17:11:31 UTC 2020


        at  d67b634b9afe9bebeaef461dfdd2edfa4e5740fd (commit)


commit d67b634b9afe9bebeaef461dfdd2edfa4e5740fd
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Thu Aug 27 13:09:16 2020 -0400

    16749: Command line user management for arvbox
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/doc/install/arvbox.html.textile.liquid b/doc/install/arvbox.html.textile.liquid
index 5db8cfc19..c01ec61fa 100644
--- a/doc/install/arvbox.html.textile.liquid
+++ b/doc/install/arvbox.html.textile.liquid
@@ -17,8 +17,11 @@ h2. Quick start
 $ git clone https://github.com/arvados/arvados.git
 $ cd arvados/tools/arvbox/bin
 $ ./arvbox start localdemo
+$ ./arvbox adduser demouser demo at example.com
 </pre>
 
+You can now log in as @demouser@ using the password you selected.
+
 h2. Requirements
 
 * Linux 3.x+ and Docker 1.9+
@@ -46,6 +49,9 @@ update  <config>   stop, pull latest image, run
 build   <config>   build arvbox Docker image
 reboot  <config>   stop, build arvbox Docker image, run
 rebuild <config>   build arvbox Docker image, no layer cache
+checkpoint         create database backup
+restore            restore checkpoint
+hotreset           reset database and restart API without restarting container
 reset              delete arvbox arvados data (be careful!)
 destroy            delete all arvbox code and data (be careful!)
 log <service>      tail log of specified service
@@ -55,6 +61,11 @@ pipe               run a bash script piped in from stdin
 sv <start|stop|restart> <service>
                    change state of service inside arvbox
 clone <from> <to>  clone dev arvbox
+adduser <username> <email>
+                   add a user login
+removeuser <username>
+                   remove user login
+listusers          list user logins
 </pre>
 
 h2. Install root certificate
diff --git a/tools/arvbox/bin/arvbox b/tools/arvbox/bin/arvbox
index 8f13215bc..a15da4694 100755
--- a/tools/arvbox/bin/arvbox
+++ b/tools/arvbox/bin/arvbox
@@ -619,6 +619,20 @@ sv restart keepproxy
 EOF
 	;;
 
+    adduser)
+	docker exec -ti $ARVBOX_CONTAINER /usr/local/lib/arvbox/edit_users.py /var/lib/arvados/cluster_config.yml.override $(getclusterid) add $@
+	docker exec $ARVBOX_CONTAINER sv restart controller
+	;;
+
+    removeuser)
+	docker exec -ti $ARVBOX_CONTAINER /usr/local/lib/arvbox/edit_users.py /var/lib/arvados/cluster_config.yml.override $(getclusterid) remove $@
+	docker exec $ARVBOX_CONTAINER sv restart controller
+	;;
+
+    listusers)
+	exec docker exec -ti $ARVBOX_CONTAINER /usr/local/lib/arvbox/edit_users.py /var/lib/arvados/cluster_config.yml $(getclusterid) list
+	;;
+
     *)
         echo "Arvados-in-a-box             https://doc.arvados.org/install/arvbox.html"
         echo
@@ -649,5 +663,10 @@ EOF
         echo "sv <start|stop|restart> <service> "
 	echo "                   change state of service inside arvbox"
         echo "clone <from> <to>  clone dev arvbox"
+	echo "adduser <username> <email>"
+	echo "                   add a user login"
+	echo "removeuser <username>"
+	echo "                   remove user login"
+	echo "listusers          list user logins"
         ;;
 esac
diff --git a/tools/arvbox/lib/arvbox/docker/Dockerfile.base b/tools/arvbox/lib/arvbox/docker/Dockerfile.base
index b6d6c68e3..c5c3774a9 100644
--- a/tools/arvbox/lib/arvbox/docker/Dockerfile.base
+++ b/tools/arvbox/lib/arvbox/docker/Dockerfile.base
@@ -109,7 +109,7 @@ ADD gitolite.rc \
     keep-setup.sh common.sh createusers.sh \
     logger runsu.sh waitforpostgres.sh \
     yml_override.py api-setup.sh \
-    go-setup.sh devenv.sh cluster-config.sh \
+    go-setup.sh devenv.sh cluster-config.sh edit_users.py \
     /usr/local/lib/arvbox/
 
 ADD runit /etc/runit
diff --git a/tools/arvbox/lib/arvbox/docker/cluster-config.sh b/tools/arvbox/lib/arvbox/docker/cluster-config.sh
index 141398465..3ae1abe62 100755
--- a/tools/arvbox/lib/arvbox/docker/cluster-config.sh
+++ b/tools/arvbox/lib/arvbox/docker/cluster-config.sh
@@ -134,13 +134,6 @@ Clusters:
     Login:
       Test:
         Enable: true
-        Users:
-          admin:
-            Email: admin at example.com
-            Password: admin
-          user:
-            Email: user at example.com
-            Password: user
     Users:
       NewUsersAreActive: true
       AutoAdminUserWithEmail: admin at example.com
@@ -173,6 +166,18 @@ EOF
 
 cp /var/lib/arvados/cluster_config.yml /etc/arvados/config.yml
 
+chmod og-rw \
+      /var/lib/arvados/cluster_config.yml.override \
+      /var/lib/arvados/cluster_config.yml \
+      /etc/arvados/config.yml \
+      /var/lib/arvados/api_secret_token \
+      /var/lib/arvados/blob_signing_key \
+      /var/lib/arvados/management_token \
+      /var/lib/arvados/system_root_token \
+      /var/lib/arvados/api_database_pw \
+      /var/lib/arvados/workbench_secret_token \
+      /var/lib/arvados/superuser_token \
+
 mkdir -p /var/lib/arvados/run_tests
 cat >/var/lib/arvados/run_tests/config.yml <<EOF
 Clusters:
diff --git a/tools/arvbox/lib/arvbox/docker/edit_users.py b/tools/arvbox/lib/arvbox/docker/edit_users.py
new file mode 100755
index 000000000..ab046b11d
--- /dev/null
+++ b/tools/arvbox/lib/arvbox/docker/edit_users.py
@@ -0,0 +1,70 @@
+#!/usr/bin/env python3
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: AGPL-3.0
+
+import ruamel.yaml
+import sys
+import getpass
+import os
+
+def print_help():
+    print("%s <path/to/config.yaml> <clusterid> add <username> <email> [pass]" % (sys.argv[0]))
+    print("%s <path/to/config.yaml> <clusterid> remove <username>" % (" " * len(sys.argv[0])))
+    print("%s <path/to/config.yaml> <clusterid> list" % (" " * len(sys.argv[0])))
+    exit()
+
+if len(sys.argv) < 4:
+    print_help()
+
+fn = sys.argv[1]
+cl = sys.argv[2]
+op = sys.argv[3]
+
+if op == "remove" and len(sys.argv) < 5:
+    print_help()
+if op == "add" and len(sys.argv) < 6:
+    print_help()
+
+if op in ("add", "remove"):
+    user = sys.argv[4]
+
+if not os.path.exists(fn):
+    open(fn, "w").close()
+
+with open(fn, "r") as f:
+    conf = ruamel.yaml.round_trip_load(f)
+
+if not conf:
+    conf = {}
+
+conf["Clusters"] = conf.get("Clusters", {})
+conf["Clusters"][cl] = conf["Clusters"].get(cl, {})
+conf["Clusters"][cl]["Login"] = conf["Clusters"][cl].get("Login", {})
+conf["Clusters"][cl]["Login"]["Test"] = conf["Clusters"][cl]["Login"].get("Test", {})
+conf["Clusters"][cl]["Login"]["Test"]["Users"] = conf["Clusters"][cl]["Login"]["Test"].get("Users", {})
+
+users_obj = conf["Clusters"][cl]["Login"]["Test"]["Users"]
+
+if op == "add":
+    email = sys.argv[5]
+    if len(sys.argv) == 7:
+        p = sys.argv[6]
+    else:
+        p = getpass.getpass("Password for %s: " % user)
+
+    users_obj[user] = {
+        "Email": email,
+        "Password": p
+    }
+    print("Added %s" % user)
+elif op == "remove":
+    del users_obj[user]
+    print("Removed %s" % user)
+elif op == "list":
+    print(ruamel.yaml.round_trip_dump(users_obj))
+else:
+    print("Operations are 'add', 'remove' and 'list'")
+
+with open(fn, "w") as f:
+    f.write(ruamel.yaml.round_trip_dump(conf))

-----------------------------------------------------------------------


hooks/post-receive
-- 




More information about the arvados-commits mailing list