From ee120a54f32d3643eefbef03ca0f4ca9c423e58b Mon Sep 17 00:00:00 2001 From: Alexis de Talhouët Date: Fri, 12 Apr 2019 18:51:26 -0400 Subject: Add python CommandExecutor gRPC server w/ auth MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Change-Id: Ie5fefb804c3d88c5be19d19da10d4d2b5f36008c Issue-ID: CCSDK-1164 Signed-off-by: Alexis de Talhouët --- ms/command-executor/pom.xml | 40 ++++++------- .../src/main/python/command_executor_server.py | 69 ++++++++++++++++++++++ .../python/request_header_validator_interceptor.py | 38 ++++++++++++ 3 files changed, 127 insertions(+), 20 deletions(-) create mode 100644 ms/command-executor/src/main/python/command_executor_server.py create mode 100644 ms/command-executor/src/main/python/request_header_validator_interceptor.py diff --git a/ms/command-executor/pom.xml b/ms/command-executor/pom.xml index 903ccdcaf..af1b4f43b 100755 --- a/ms/command-executor/pom.xml +++ b/ms/command-executor/pom.xml @@ -66,26 +66,26 @@ - - - - - - - - - - - - - - - - - - - - + + maven-assembly-plugin + 3.1.0 + + ${basedir}/target/docker-stage + + src/main/docker/distribution.xml + + posix + + + + ${assembly.id} + package + + single + + + + org.codehaus.groovy.maven gmaven-plugin diff --git a/ms/command-executor/src/main/python/command_executor_server.py b/ms/command-executor/src/main/python/command_executor_server.py new file mode 100644 index 000000000..35eed8e57 --- /dev/null +++ b/ms/command-executor/src/main/python/command_executor_server.py @@ -0,0 +1,69 @@ +#!/usr/bin/python + +# +# Copyright (C) 2019 Bell Canada. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from builtins import KeyboardInterrupt +from concurrent import futures +import time +import sys + +import grpc + +import proto.CommandExecutor_pb2_grpc as CommandExecutor_pb2_grpc + +from request_header_validator_interceptor import RequestHeaderValidatorInterceptor + +_ONE_DAY_IN_SECONDS = 60 * 60 * 24 + + +class CommandExecutorServer(CommandExecutor_pb2_grpc.CommandExecutorServiceServicer): + + def prepareEnv(self, request, context): + return + + def executeCommand(self, request, context): + return + + +def serve(): + port = sys.argv[1] + basic_auth = sys.argv[2] + ' ' + sys.argv[3] + + header_validator = RequestHeaderValidatorInterceptor( + 'authorization', basic_auth, grpc.StatusCode.UNAUTHENTICATED, + 'Access denied!') + + server = grpc.server( + futures.ThreadPoolExecutor(max_workers=10), + interceptors=(header_validator,)) + + CommandExecutor_pb2_grpc.add_CommandExecutorServiceServicer_to_server( + CommandExecutorServer(), server) + + server.add_insecure_port('[::]:' + port) + server.start() + + print("Command Executor Server started on %s" % port) + + try: + while True: + time.sleep(_ONE_DAY_IN_SECONDS) + except KeyboardInterrupt: + server.stop(0) + + +if __name__ == '__main__': + serve() diff --git a/ms/command-executor/src/main/python/request_header_validator_interceptor.py b/ms/command-executor/src/main/python/request_header_validator_interceptor.py new file mode 100644 index 000000000..261357337 --- /dev/null +++ b/ms/command-executor/src/main/python/request_header_validator_interceptor.py @@ -0,0 +1,38 @@ +# +# Copyright (C) 2019 Bell Canada. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +import grpc + + +def _unary_unary_rpc_terminator(code, details): + def terminate(ignored_request, context): + context.abort(code, details) + + return grpc.unary_unary_rpc_method_handler(terminate) + + +class RequestHeaderValidatorInterceptor(grpc.ServerInterceptor): + + def __init__(self, header, value, code, details): + self._header = header + self._value = value + self._terminator = _unary_unary_rpc_terminator(code, details) + + def intercept_service(self, continuation, handler_call_details): + if (self._header, self._value) in handler_call_details.invocation_metadata: + return continuation(handler_call_details) + else: + return self._terminator -- cgit 1.2.3-korg