modules/fm-orchestrator
1
0
Fork 0
mirror of https://pagure.io/fm-orchestrator.git synced 2026-04-13 14:29:42 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge #1780 Allow krb ccache to be configured

Browse Source
This commit is contained in:
Brendan Reilly
2023-02-27 17:59:35 +00:00
parent f58e07df2a 8709c632b0
commit 295847e672
2 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
module_build_service/common/config.py
View File

@@ -333,6 +333,7 @@ class Config(object):
},
"krb_keytab": {"type": None, "default": None, "desc": ""},
"krb_principal": {"type": None, "default": None, "desc": ""},
'krb_ccache': {"type": None, "default": "KEYRING:thread:mbs", "desc": ""},
"messaging": {"type": str, "default": "fedmsg", "desc": "The messaging system to use."},
"messaging_topic_prefix": {
"type": list,

4
module_build_service/common/koji.py
View File

@@ -143,7 +143,9 @@ def get_session(config, login=True):
log.debug(" keytab: %r, principal: %r" % (keytab, principal))
# We want to use the thread keyring for the ccache to ensure we have one cache per
# thread to avoid Kerberos cache corruption
ccache = "KEYRING:thread:mbs"
# Keyring may be inaccessible in containers, so let's allow it to be configured
ccache = getattr(config, "krb_ccache", None)
log.debug(" ccache: %r" % (ccache))
koji_session.gssapi_login(principal=principal, keytab=keytab, ccache=ccache)
elif authtype == "ssl":
koji_session.ssl_login(