chef_secrets for data collector #1131
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
stevendanna
reviewed
Mar 8, 2017
| ngx.req.set_header("x-data-collector-auth", "version=1.0") | ||
| -- Secrets are provided by chef_secrets and will be preloaded into the environment. | ||
| ngx.req.set_header("x-data-collector-token", os.getenv("DATA_COLLECTOR_TOKEN")) | ||
| ngx.req.set_header("x-data-collector-auth", "version=1.0")gT |
| if res.status == ngx.HTTP_OK then | ||
| ngx.var.upstream = '<%= URI.parse(node['private_chef']['data_collector']['root_url']).scheme %>://data-collector' | ||
| ngx.req.set_uri('<%= URI.parse(node['private_chef']['data_collector']['root_url']).path %>') | ||
| ngx.req.set_header("x-data-collector-token", "<%= node['private_chef']['data_collector']['token'] %>") | ||
| -- Secrets are provided by chef_secrets and will be preloaded into the environment. | ||
| ngx.req.set_header("x-data-collector-token", os.getenv("DATA_COLLECTOR_TOKEN")) |
There was a problem hiding this comment.
I wonder if we can make sure we don't look this up on every request. It should be cheap, either way though.
There was a problem hiding this comment.
Well we've thought that before and stuff got mysterious. I'd prefer this to go the redis password route...
There was a problem hiding this comment.
We can do it similarly. If we do it in confg.lua it should only ever need to run once.
| def confirm_continue!(message) | ||
| require 'highline' | ||
| if ARGV.delete("--yes") | ||
| exit(0) |
There was a problem hiding this comment.
I think you want to return here rather than exit.
stevendanna
reviewed
Mar 8, 2017
| if !HighLine.agree("Would you like to continue (y/n)? ") | ||
| exit(0) | ||
| end | ||
| add_command_under_category "set-data-collector-token", "Secrets Management", "Set or change the data collector token", 2 do |
There was a problem hiding this comment.
In addition to this command we probably need to ingest existing attrs.
marcparadise
force-pushed
the
mp/data-collector-secrets-2
branch
from
ac58fe7 to
ec8f899
Compare
16 tasks
marcparadise
force-pushed
the
mp/data-collector-secrets-2
branch
2 times, most recently
from
c64e28e to
db14071
Compare
Signed-off-by: Marc A. Paradise <[email protected]>
- Ensure priv dir exists - Fix badmatch on ensure_all_started Signed-off-by: Steven Danna <[email protected]>
Signed-off-by: Stephan Renatus <[email protected]>
srenatus
force-pushed
the
mp/data-collector-secrets-2
branch
from
db14071 to
3350262
Compare
srenatus
approved these changes
Mar 10, 2017
There was a problem hiding this comment.
@stevendanna and I have paired on changing what we'd wanted to see changed and done some testing. LGTM.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Relatively untested WIP.
Signed-off-by: Marc A. Paradise [email protected]