asekretenko commented on a change in pull request #383:
URL: https://github.com/apache/mesos/pull/383#discussion_r624698872
##########
File path: src/python/cli_new/lib/cli/config.py
##########
@@ -119,6 +119,65 @@ def master(self):
return master
+ def principal(self):
+ """
+ Return the principal in the configuration file
+ """
+ if "principal" not in self.data["master"]:
+ return None
Review comment:
`return self.data["master"].get("principal")` would be a bit less
verbose and less error-prone
same applies to similar locations below
##########
File path: src/python/cli_new/lib/cli/mesos.py
##########
@@ -504,13 +508,23 @@ def _attach_container_output(self):
client from the agent.
"""
+ # Set authentication header
+ auth = None
+ # pylint: disable=line-too-long
+ if self.config.agent_principal() is not None and
self.config.agent_secret() is not None:
+ auth = requests.auth.HTTPBasicAuth(
+ self.config.agent_principal(),
+ self.config.agent_secret()
+ )
+
Review comment:
Given that this code occurs three times, it is definitely worth
extracting into a dedicated function.
##########
File path: src/python/cli_new/lib/cli/http.py
##########
@@ -64,7 +73,7 @@ def get_json(addr, endpoint, condition=None, timeout=5,
query=None):
data = None
try:
- data = read_endpoint(addr, endpoint, query)
+ data = read_endpoint(addr, endpoint, config, query)
except Exception as exception:
Review comment:
Well, I understand that this code used to silently drop arbitrary errors
since time immemorial, but probably now it is the right time to fix this:)
##########
File path: src/python/cli_new/lib/cli/http.py
##########
@@ -38,20 +38,29 @@ def read_endpoint(addr, endpoint, query=None):
except Exception as exception:
raise CLIException("Unable to sanitize address '{addr}': {error}"
.format(addr=addr, error=str(exception)))
-
try:
url = "{addr}/{endpoint}".format(addr=addr, endpoint=endpoint)
if query is not None:
- url += "?{query}".format(query=urllib.parse.urlencode(query))
- http_response = urllib.request.urlopen(url).read().decode("utf-8")
+ url += "?{query}".format(query=urlencode(query))
+ if config.principal() is not None and config.secret() is not None:
+ headers = urllib3.make_headers(
+ basic_auth=config.principal() + ":" + config.secret()
+ )
+ else:
+ headers = None
+ http = urllib3.PoolManager()
+ http_response = http.request('GET', url, headers=headers)
except Exception as exception:
+ print(exception)
Review comment:
The call site in `get_json()` might be a better place to print the
exception.
For example, if `http_response.data.decode('utf-8')` in this function fails
for some reason on every attempt, `get_json()` will be silently crashlooping.
##########
File path: src/python/cli_new/lib/cli/mesos.py
##########
@@ -539,6 +554,16 @@ def _launch_nested_container_session(self):
nested container and attach to its output stream.
The output stream is then sent back in the response.
"""
+
+ # Set authentication header
+ # pylint: disable=line-too-long
+ auth = None
+ if self.config.agent_principal() is not None and
self.config.agent_secret() is not None:
Review comment:
You can just wrap the line instead of suppressing pylint warnings:
```
if self.config.agent_principal() is not None and \
self.config.agent_secret() is not None:
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
