Skip to content
This repository has been archived by the owner on Jul 7, 2020. It is now read-only.

Commit

Permalink
Merge pull request #296 from addthis/minion-regex
Browse files Browse the repository at this point in the history 
Limiting spawn to fetch log from only minions.
  • Loading branch information
@Tingting-He-ODC
Tingting-He-ODC committed Sep 5, 2019
2 parents c700de9 + 68c9290 commit 7d4aa8d
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 1 deletion.
5 changes: 4 additions & 1 deletion hydra-main/src/main/java/com/addthis/hydra/job/web/SpawnServiceConfiguration.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,7 @@ public class SpawnServiceConfiguration {
@Nullable public final String keyStorePath;
@Nullable public final String keyStorePassword;
@Nullable public final String keyManagerPassword;
@Nullable public final String minionHostnameAllowed;

public static final SpawnServiceConfiguration SINGLETON;

Expand All @@ -70,7 +71,8 @@ public SpawnServiceConfiguration(@JsonProperty(value = "webPort", required = tru
@JsonProperty(value = "groupLogDir") String groupLogDir,
@JsonProperty(value = "keyStorePath") String keyStorePath,
@JsonProperty(value = "keyStorePassword") String keyStorePassword,
@JsonProperty(value = "keyManagerPassword") String keyManagerPassword) {
@JsonProperty(value = "keyManagerPassword") String keyManagerPassword,
@JsonProperty(value = "minionHostnameAllowed") String minionHostnameAllowed){
this.webPort = webPort;
this.webPortSSL = webPortSSL;
this.requireSSL = requireSSL;
Expand All @@ -86,6 +88,7 @@ public SpawnServiceConfiguration(@JsonProperty(value = "webPort", required = tru
this.keyStorePath = keyStorePath;
this.keyStorePassword = keyStorePassword;
this.keyManagerPassword = keyManagerPassword;
this.minionHostnameAllowed = minionHostnameAllowed;
}

}
5 changes: 5 additions & 0 deletions hydra-main/src/main/java/com/addthis/hydra/job/web/resources/JobsResource.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -121,10 +121,12 @@ public class JobsResource implements Closeable {
private final JobRequestHandler requestHandler;
private final CodecJackson validationCodec;
private final CloseableHttpClient httpClient;
private final String minionHostnameAllowed;

public JobsResource(Spawn spawn, SpawnServiceConfiguration configuration, JobRequestHandler requestHandler) {
this.spawn = spawn;
this.maxLogFileLines = configuration.maxLogFileLines;
this.minionHostnameAllowed = configuration.minionHostnameAllowed;
this.requestHandler = requestHandler;
this.httpClient = HttpClients.createDefault();
CodecJackson defaultCodec = Jackson.defaultCodec();
Expand Down Expand Up @@ -918,6 +920,9 @@ public Response getJobTaskLog(@PathParam("jobID") String jobID,
if (minion == null) {
body.put("error", "Missing required query parameter 'minion'");
return Response.status(Response.Status.BAD_REQUEST).entity(body.toString()).build();
} else if (!minion.matches(minionHostnameAllowed)) {
body.put("error", "This 'minion' is not an allowed host");
return Response.status(Response.Status.BAD_REQUEST).entity(body.toString()).build();
} else if (node == null) {
body.put("error", "Missing required query parameter 'node'");
return Response.status(Response.Status.BAD_REQUEST).entity(body.toString()).build();
Expand Down

0 comments on commit 7d4aa8d

Please sign in to comment.