To avoid having to provide user credentials in remote terraform services for webapp and landing, we should only run identity login for non-landing and non-webapp nodes which is specified by running this on
only primary nodes (when unspecified, nodes are also primary) and secondary nodes.
Details
Details
terraform apply. On running landing and webapp nodes, I no longer receive errors about missing user credentials
Diff Detail
Diff Detail
- Repository
- rCOMM Comm
- Lint
Lint Not Applicable - Unit
Tests Not Applicable
Event Timeline
keyserver/src/keyserver.js | ||
---|---|---|
137–157 ↗ | (On Diff #42919) | This is getting really deeply nested. What do you think of this instead? await (async () => { // Should not be run by Landing or WebApp nodes if (!isPrimaryNode && !isSecondaryNode) { return; } // We await here to ensure that the keyserver has been provisioned a // commServicesAccessToken. In the future, this will be necessary for // many keyserver operations. const identityInfo = await verifyUserLoggedIn(); if (!isPrimaryNode) { return; } // We don't await here, as Tunnelbroker communication is not needed // for normal keyserver behavior yet. In addition, this doesn't // return information useful for other keyserver functions. ignorePromiseRejections( createAndMaintainTunnelbrokerWebsocket(null), ); if (process.env.NODE_ENV !== 'development') { return; } await createAuthoritativeKeyserverConfigFiles( identityInfo.userId, ); })(); |
keyserver/src/keyserver.js | ||
---|---|---|
137–157 ↗ | (On Diff #42919) | Yeah. I like this way better. It's much cleaner Will include in next rebase |