[arvados] updated: 2.1.0-2770-gc966970d6

git repository hosting git at public.arvados.org
Wed Jul 20 20:00:03 UTC 2022


Summary of changes:
 apps/workbench/Gemfile.lock                 |  80 ++++++++++----------
 cmd/arvados-package/install.go              |   2 +-
 doc/install/automatic.html.textile.liquid   |   2 +-
 lib/boot/cert.go                            |  11 ++-
 lib/config/config.default.yml               |  30 ++++----
 lib/install/init.go                         |  99 ++++++++++++++++--------
 lib/service/tls.go                          |   2 +-
 sdk/go/arvados/config.go                    |   5 +-
 services/api/Gemfile.lock                   |  80 ++++++++++----------
 services/api/app/models/user.rb             |  17 +++++
 services/api/test/integration/users_test.rb |  56 ++++++++++++++
 services/keep-web/handler.go                |  38 ++++++++--
 services/keep-web/handler_test.go           | 113 ++++++++++++++++++++++------
 13 files changed, 374 insertions(+), 161 deletions(-)

       via  c966970d64c21d7adaf1c3c8b737aa9e7c166f0e (commit)
       via  8b2af30849edeab5ad8ebc6b51eaec39e5fdd81a (commit)
       via  3c87fb14f48b78d30142f12c8cb855dba92c926d (commit)
       via  8bba581238a7a9a1e4e1965320999de448cc3b7a (commit)
       via  08b07a1a27a19eecd70a09cf4b47727224a9d36d (commit)
       via  61289799493bef68bf502ae07bd2cba6e161e7f3 (commit)
       via  89a3d1b2fedbc6cea8dfc09c81dcea05ff22bcb5 (commit)
       via  2f0c775a9e1ab8c3abdd94c854326fab771c4b5e (commit)
       via  53effa806b73a1c728fba9160b23000c8f7cc5e0 (commit)
       via  52fd35cf046bbb1b20a7b884f485fc65de71a86a (commit)
       via  e16ee88755436818cbed44dabb784d1d3254d469 (commit)
       via  e07a9786ff1fa6e53f4429e301ea866e886eb649 (commit)
       via  70d97b98ddf977505069795ef08236fb439b18e1 (commit)
       via  0873efcdab481d9f77f477f4adbf56ee3380f2f9 (commit)
       via  e9b55fb61c952360b25e008a39630c7ae1f687b6 (commit)
       via  4e8873ba05e44e49284e05e6fdc0913c525269b3 (commit)
       via  41a378b99c8c4411a66c19e878b7535c67de2ba3 (commit)
      from  d15f485909cf84aeda62c0a843f384cb218e0125 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.


commit c966970d64c21d7adaf1c3c8b737aa9e7c166f0e
Author: Tom Clegg <tom at curii.com>
Date:   Wed Jul 20 15:55:57 2022 -0400

    17344: -create-db=false to use $POSTGRES_HOST/USER/etc instead.
    
    Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom at curii.com>

diff --git a/lib/install/init.go b/lib/install/init.go
index 79c9fbdac..36501adf8 100644
--- a/lib/install/init.go
+++ b/lib/install/init.go
@@ -38,14 +38,20 @@ import (
 var InitCommand cmd.Handler = &initCommand{}
 
 type initCommand struct {
-	ClusterID          string
-	Domain             string
-	PostgreSQLPassword string
-	Login              string
-	TLS                string
-	AdminEmail         string
-	Start              bool
-
+	ClusterID  string
+	Domain     string
+	CreateDB   bool
+	Login      string
+	TLS        string
+	AdminEmail string
+	Start      bool
+
+	PostgreSQL struct {
+		Host     string
+		User     string
+		Password string
+		DB       string
+	}
 	LoginPAM                bool
 	LoginTest               bool
 	LoginGoogle             bool
@@ -77,6 +83,7 @@ func (initcmd *initCommand) RunCommand(prog string, args []string, stdin io.Read
 	flags.SetOutput(stderr)
 	versionFlag := flags.Bool("version", false, "Write version information to stdout and exit 0")
 	flags.StringVar(&initcmd.ClusterID, "cluster-id", "", "cluster `id`, like x1234 for a dev cluster")
+	flags.BoolVar(&initcmd.CreateDB, "create-db", true, "create an 'arvados' postgresql role and database using 'sudo -u postgres psql ...' (if false, use existing database specified by POSTGRES_HOST, POSTGRES_USER, POSTGRES_PASSWORD, and POSTGRES_DB env vars, and assume 'CREATE EXTENSION IF NOT EXISTS pg_trgm' has already been done)")
 	flags.StringVar(&initcmd.Domain, "domain", hostname, "cluster public DNS `name`, like x1234.arvadosapi.com")
 	flags.StringVar(&initcmd.Login, "login", "", "login `backend`: test, pam, 'google {client-id} {client-secret}', or ''")
 	flags.StringVar(&initcmd.AdminEmail, "admin-email", "", "give admin privileges to user with given `email`")
@@ -140,22 +147,37 @@ func (initcmd *initCommand) RunCommand(prog string, args []string, stdin io.Read
 		}
 	}
 
-	// Do the "create extension" thing early. This way, if there's
-	// no local postgresql server (a likely failure mode), we can
-	// bail out without any side effects, and the user can start
-	// over easily.
-	fmt.Fprintln(stderr, "installing pg_trgm postgresql extension...")
-	cmd := exec.CommandContext(ctx, "sudo", "-u", "postgres", "psql", "--quiet",
-		"-c", `CREATE EXTENSION IF NOT EXISTS pg_trgm`)
-	cmd.Dir = "/"
-	cmd.Stdout = stdout
-	cmd.Stderr = stderr
-	err = cmd.Run()
-	if err != nil {
-		err = fmt.Errorf("error preparing postgresql server: %w", err)
-		return 1
+	if initcmd.CreateDB {
+		// Do the "create extension" thing early. This way, if
+		// there's no local postgresql server (a likely
+		// failure mode), we can bail out without any side
+		// effects, and the user can start over easily.
+		fmt.Fprintln(stderr, "installing pg_trgm postgresql extension...")
+		cmd := exec.CommandContext(ctx, "sudo", "-u", "postgres", "psql", "--quiet",
+			"-c", `CREATE EXTENSION IF NOT EXISTS pg_trgm`)
+		cmd.Dir = "/"
+		cmd.Stdout = stdout
+		cmd.Stderr = stderr
+		err = cmd.Run()
+		if err != nil {
+			err = fmt.Errorf("error preparing postgresql server: %w", err)
+			return 1
+		}
+		fmt.Fprintln(stderr, "...done")
+		initcmd.PostgreSQL.Host = "localhost"
+		initcmd.PostgreSQL.User = "arvados"
+		initcmd.PostgreSQL.Password = initcmd.RandomHex(32)
+		initcmd.PostgreSQL.DB = "arvados"
+	} else {
+		initcmd.PostgreSQL.Host = os.Getenv("POSTGRES_HOST")
+		initcmd.PostgreSQL.User = os.Getenv("POSTGRES_USER")
+		initcmd.PostgreSQL.Password = os.Getenv("POSTGRES_PASSWORD")
+		initcmd.PostgreSQL.DB = os.Getenv("POSTGRES_DB")
+		if initcmd.PostgreSQL.Host == "" || initcmd.PostgreSQL.User == "" || initcmd.PostgreSQL.Password == "" || initcmd.PostgreSQL.DB == "" {
+			err = fmt.Errorf("missing $POSTGRES_* env var(s) for -create-db=false; see %s -help", prog)
+			return 1
+		}
 	}
-	fmt.Fprintln(stderr, "...done")
 
 	wwwuser, err := user.Lookup("www-data")
 	if err != nil {
@@ -166,7 +188,6 @@ func (initcmd *initCommand) RunCommand(prog string, args []string, stdin io.Read
 	if err != nil {
 		return 1
 	}
-	initcmd.PostgreSQLPassword = initcmd.RandomHex(32)
 
 	fmt.Fprintln(stderr, "creating data storage directory /var/lib/arvados/keep ...")
 	err = os.Mkdir("/var/lib/arvados/keep", 0600)
@@ -257,10 +278,10 @@ func (initcmd *initCommand) RunCommand(prog string, args []string, stdin io.Read
     ManagementToken: {{printf "%q" ( .RandomHex 50 )}}
     PostgreSQL:
       Connection:
-        dbname: arvados
-        host: localhost
-        user: arvados
-        password: {{printf "%q" .PostgreSQLPassword}}
+        dbname: {{printf "%q" .PostgreSQL.DB}}
+        host: {{printf "%q" .PostgreSQL.Host}}
+        user: {{printf "%q" .PostgreSQL.User}}
+        password: {{printf "%q" .PostgreSQL.Password}}
     SystemRootToken: {{printf "%q" ( .RandomHex 50 )}}
     TLS:
       {{if eq .TLS "insecure"}}
@@ -345,7 +366,7 @@ func (initcmd *initCommand) RunCommand(prog string, args []string, stdin io.Read
 	fmt.Fprintln(stderr, "...done")
 
 	fmt.Fprintln(stderr, "initializing database...")
-	cmd = exec.CommandContext(ctx, "sudo", "-u", "www-data", "-E", "HOME=/var/www", "PATH=/var/lib/arvados/bin:"+os.Getenv("PATH"), "/var/lib/arvados/bin/bundle", "exec", "rake", "db:setup")
+	cmd := exec.CommandContext(ctx, "sudo", "-u", "www-data", "-E", "HOME=/var/www", "PATH=/var/lib/arvados/bin:"+os.Getenv("PATH"), "/var/lib/arvados/bin/bundle", "exec", "rake", "db:setup")
 	cmd.Dir = "/var/lib/arvados/railsapi"
 	cmd.Stdout = stderr
 	cmd.Stderr = stderr

commit 8b2af30849edeab5ad8ebc6b51eaec39e5fdd81a
Merge: d15f48590 3c87fb14f
Author: Tom Clegg <tom at curii.com>
Date:   Wed Jul 20 15:02:00 2022 -0400

    17344: Merge branch 'main'
    
    Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom at curii.com>

diff --cc doc/install/automatic.html.textile.liquid
index 33c6fd3d3,d72f8f69e..398ebc20e
--- a/doc/install/automatic.html.textile.liquid
+++ b/doc/install/automatic.html.textile.liquid
@@@ -50,46 -28,20 +50,46 @@@ Arvados needs a login backend. To get s
  h2. Initialize the cluster
  
  <pre>
 -# echo > /etc/apt/sources.list.d/arvados.list "deb http://apt.arvados.org/buster buster main"
 -# apt-get update
 -# apt-get install arvados-server-easy
 -# arvados-server init -cluster-id x9999 -domain x9999.example.com -tls acme -admin-email example at gmail.com.example
 +# echo > /etc/apt/sources.list.d/arvados.list "deb http://apt.arvados.org/$(lsb_release -sc) $(lsb_release -sc) main"
 +# apt update
 +# apt install arvados-server-easy
- # arvados-server init -cluster-id x9999 -domain x9999.example.com -tls auto -login pam
++# arvados-server init -cluster-id x9999 -domain x9999.example.com -tls acme -login pam
  </pre>
  
 -When the "init" command is finished, navigate to the link shown in the terminal (e.g., @https://x9999.example.com/token?api_token=zzzzzzzzzzzzzzzzzzzzzz@). This will log you in to your admin account.
 +When the "init" command is finished, navigate to the link shown in the terminal (e.g., @https://x9999.example.com/@) and log in with the account you created above.
  
 -h2. Enable login
 +Activate your new Arvados user account. Copy the UUID (looks like @x9999-tpzed-xxxxxxxxxxxxxxx@) from your browser's location bar and run:
  
 -Follow the instructions to "set up Google login":{{site.baseurl}}/install/setup-login.html or another authentication option.
 +<pre>
 +# arv sudo user setup --uuid x9999-tpzed-xxxxxxxxxxxxxxx
 +</pre>
 +
 +Run the diagnostics tool to ensure everything is working.
 +
 +<pre>
 +# arv sudo diagnostics
 +</pre>
 +
 +h2. Customize the cluster
 +
 +Things you should plan to update before using your cluster in production:
 +* "Set up Google login":{{site.baseurl}}/install/setup-login.html or another authentication option.
 +* "Set up a wildcard TLS certificate and DNS name,":{{site.baseurl}}/install/install-manual-prerequisites.html#dnstls or enable @TrustAllContent@ mode.
 +* Update storage configuration to use a cloud storage bucket ("S3":{{site.baseurl}}/install/configure-s3-object-storage.html or "Azure":{{site.baseurl}}/install/configure-azure-blob-storage.html) instead of the local filesystem.
 +* Update "CloudVMs configuration":{{site.baseurl}}/install/crunch2-cloud/install-dispatch-cloud.html to use a cloud provider to bring up VMs on demand instead of running containers on the server host.
 +
 +h2. Updating configuration
 +
 +After updating your configuration file (@/etc/arvados/config.yml@), notify the server:
 +
 +<pre>
 +# systemctl reload arvados-server
 +</pre>
  
 -After updating your configuration file (@/etc/arvados/config.yml@), restart the server to make your changes take effect:
 +Optionally, add "AutoReloadConfig: true" at the top of @/etc/arvados/config.yml at . Arvados will automatically reload the config file when it changes.
  
  <pre>
 -# systemctl restart arvados-server
 +AutoReloadConfig: true
 +Clusters:
 +  [...]
  </pre>

-----------------------------------------------------------------------


hooks/post-receive
-- 




More information about the arvados-commits mailing list