[ARVADOS] updated: 2.1.0-254-g31e186b3a
Git user
git at public.arvados.org
Mon Jan 11 20:09:35 UTC 2021
Summary of changes:
lib/controller/federation/conn.go | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
via 31e186b3a6f5f89584d50ab9e874551bcc99b674 (commit)
from 33a1353e611685b4e22a91ed652fe7d2a6d19feb (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
commit 31e186b3a6f5f89584d50ab9e874551bcc99b674
Author: Nico Cesar <nico at nicocesar.com>
Date: Mon Jan 11 15:08:19 2021 -0500
Added ExpiresAt when creating authorizations for remote clusters
Arvados-DCO-1.1-Signed-off-by: Nico Cesar <nico at curii.com>
diff --git a/lib/controller/federation/conn.go b/lib/controller/federation/conn.go
index ffca3b117..00523c782 100644
--- a/lib/controller/federation/conn.go
+++ b/lib/controller/federation/conn.go
@@ -365,13 +365,13 @@ func (conn *Conn) ContainerRequestCreate(ctx context.Context, options arvados.Cr
}
if strings.HasPrefix(aca.UUID, conn.cluster.ClusterID) {
// Local user, submitting to a remote cluster.
- // Create a new (FIXME: needs to be
- // time-limited!) token.
+ // Create a new time-limited token.
local, ok := conn.local.(*localdb.Conn)
if !ok {
return arvados.ContainerRequest{}, httpErrorf(http.StatusInternalServerError, "bug: local backend is a %T, not a *localdb.Conn", conn.local)
}
- aca, err = local.CreateAPIClientAuthorization(ctx, conn.cluster.SystemRootToken, rpc.UserSessionAuthInfo{UserUUID: user.UUID})
+ aca, err = local.CreateAPIClientAuthorization(ctx, conn.cluster.SystemRootToken, rpc.UserSessionAuthInfo{UserUUID: user.UUID,
+ ExpiresAt: time.Now().UTC().Add(conn.cluster.Collections.BlobSigningTTL.Duration())})
if err != nil {
return arvados.ContainerRequest{}, err
}
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list