diff --git a/src/rest-server/package.json b/src/rest-server/package.json index e4303100b..443eb737e 100644 --- a/src/rest-server/package.json +++ b/src/rest-server/package.json @@ -68,7 +68,7 @@ "scripts": { "coveralls": "nyc report --reporter=text-lcov | coveralls ..", "lint": "eslint .", - "mocha": "mocha --require ./test/setup --ui bdd --recursive --timeout 1000 --exit", + "mocha": "mocha --file ./test/setup --ui bdd --recursive --timeout 1000 --exit", "start": "node index.js", "test": "npm run lint && nyc npm run mocha" } diff --git a/src/rest-server/src/config/kubernetes.js b/src/rest-server/src/config/kubernetes.js index ab7375e07..288932158 100644 --- a/src/rest-server/src/config/kubernetes.js +++ b/src/rest-server/src/config/kubernetes.js @@ -21,15 +21,8 @@ const {readFileSync} = require('fs'); const k8s = require('@kubernetes/client-node'); const logger = require('@pai/config/logger'); -const bufferFromFileOrData = (path, data) => { - if (path) { - return readFileSync(path); - } else if (data) { - return Buffer.from(data, 'base64'); - } -}; - const apiserverConfig = {}; +let initPromise = Promise.resolve(); const { K8S_APISERVER_URI, @@ -47,8 +40,9 @@ if (RBAC_IN_CLUSTER === 'false') { apiserverConfig.ca = readFileSync(K8S_APISERVER_CA_FILE, 'utf8'); } if (K8S_APISERVER_TOKEN_FILE) { - // Will be a string since http header can only receive a string. - apiserverConfig.token = readFileSync(K8S_APISERVER_TOKEN_FILE, 'utf8'); + apiserverConfig.headers = { + Authorization: `Bearer ${readFileSync(K8S_APISERVER_TOKEN_FILE, 'utf8')}`, + }; } } else { if (K8S_APISERVER_CA_FILE) { @@ -65,13 +59,22 @@ if (RBAC_IN_CLUSTER === 'false') { } else { kc.loadFromDefault(); } + + // https://github.com/kubernetes-client/javascript/blob/da9f3d872bdebaebf37fe22f089b2a1c655fe591/src/config.ts#L373 + const httpsOptions = {headers: {}}; const cluster = kc.getCurrentCluster(); - const user = kc.getCurrentUser(); apiserverConfig.uri = cluster.server; - apiserverConfig.token = user.token; - apiserverConfig.ca = bufferFromFileOrData(cluster.caFile, cluster.caData); - apiserverConfig.key = bufferFromFileOrData(user.keyFile, user.keyData); - apiserverConfig.cert = bufferFromFileOrData(user.certFile, user.certData); + initPromise = kc.applytoHTTPSOptions(httpsOptions).then(() => { + apiserverConfig.headers = httpsOptions.headers; + apiserverConfig.ca = httpsOptions.ca; + apiserverConfig.key = httpsOptions.key; + apiserverConfig.cert = httpsOptions.cert; + }).catch((e) => { + logger.error('failed to init rbac config. Please check your clusters\' config'); + logger.error(e.stack); + // hard rejection + process.exit(1); + }); } catch (error) { logger.error('failed to init rbac config. Please check your clusters\' config'); throw error; @@ -82,4 +85,5 @@ assert(apiserverConfig.uri, 'K8S_APISERVER_URI should be set in environments'); module.exports = { apiserver: apiserverConfig, + initPromise, }; diff --git a/src/rest-server/src/models/kubernetes.js b/src/rest-server/src/models/kubernetes.js index 1c0c5a0c1..393d3d900 100644 --- a/src/rest-server/src/models/kubernetes.js +++ b/src/rest-server/src/models/kubernetes.js @@ -15,11 +15,18 @@ const getClient = (baseURL = '') => { 'Accept': 'application/json', }, }; - if (apiserver.ca) { - config.httpsAgent = new Agent({ca: apiserver.ca, cert: apiserver.cert, key: apiserver.key}); + if (apiserver.ca || apiserver.cert || apiserver.key) { + config.httpsAgent = new Agent({ + ca: apiserver.ca, + cert: apiserver.cert, + key: apiserver.key, + }); } - if (apiserver.token) { - config.headers['Authorization'] = `Bearer ${apiserver.token}`; + if (apiserver.headers) { + config.headers = { + ...apiserver.headers, + ...config.headers, + }; } return axios.create(config); }; diff --git a/src/rest-server/src/server.js b/src/rest-server/src/server.js index 22d85b91d..526ad6a57 100644 --- a/src/rest-server/src/server.js +++ b/src/rest-server/src/server.js @@ -25,14 +25,17 @@ require('module-alias/register'); const config = require('@pai/config'); const logger = require('@pai/config/logger'); -const app = require('@pai/config/express'); +const {initPromise} = require('@pai/config/kubernetes'); +module.exports = initPromise.then(() => { + const app = require('@pai/config/express'); -logger.info('config: %j', config); + logger.info('config: %j', config); -// start the server -app.listen(config.serverPort, () => { - logger.info('RESTful API server starts on port %d', config.serverPort); + // start the server + app.listen(config.serverPort, () => { + logger.info('RESTful API server starts on port %d', config.serverPort); + }); + + return app; }); - -module.exports = app; diff --git a/src/rest-server/test/setup.js b/src/rest-server/test/setup.js index 7095fe0bb..60425bc3c 100644 --- a/src/rest-server/test/setup.js +++ b/src/rest-server/test/setup.js @@ -45,12 +45,19 @@ const nock = require('nock'); const chai = require('chai'); const chaiAsPromised = require('chai-as-promised'); const chaiHttp = require('chai-http'); -const server = require('@pai'); chai.use(chaiHttp); chai.use(chaiAsPromised); +before(function(done) { + this.timeout(10000); + require('@pai').then((server) => { + global.server = server; + done(); + }).catch((err) => done(err)); +}); + global.jwt = jwt; global.mustache = mustache; global.nock = nock; @@ -58,7 +65,6 @@ global.chai = chai; global.assert = chai.assert; global.expect = chai.expect; global.should = chai.should; -global.server = server; global.webhdfsUri = process.env.WEBHDFS_URI; global.launcherWebserviceUri = process.env.LAUNCHER_WEBSERVICE_URI; global.apiServerRootUri = process.env.K8S_APISERVER_URI;