Add support for Keytab

dfc8e853 · Brice Copy · 2f3cc439 · dfc8e853 · dfc8e853 · dfc8e853
Commit dfc8e853 authored 4 years ago by Brice Copy
--- a/.gitignore
+++ b/.gitignore
+ktab.priv
+*.keytab
--- a/README.md
+++ b/README.md
@@ -10,7 +10,22 @@ You can pass arguments directly on the command line :

    docker run -ti --rm -v `pwd`:/work gitlab-registry.cern.ch/industrial-controls/services/dash/worker:latest my-script.py

-You can also mount `/build/target` as a persistent volume if you wish to collect the output of your build.
+You can also mount `/opt/spark-nxcals/work` as a persistent volume if you wish to collect the output of your build.
+
+# How to use
+
+
+* Generate a keytab with :
+```
+   cern-get-keytab --user --keytab nxcals.keytab
+```
+* Provide Influxdb connectivity env variables
+* Provide parameters to your extraction script
+* Run :
+```
+docker run -e KPRINCIPAL=$USER -v `pwd`/nxcals.keytab:/auth/private.keytab -v `pwd`/myscript.py:/opt/spark-nxcals/work/script.py etlworker
+``` 
+

 # How to release


--- a/entrypoint.sh
+++ b/entrypoint.sh
 #!/bin/bash
 source $SPARK_HOME/nxcals-python3-env/bin/activate
 
-export PYTHONPATH=$SPARK_HOME/nxcals-python3-env/lib/python3.6/site-packages:$PYTHONPATH
\ No newline at end of file
+export PYTHONPATH=$SPARK_HOME/nxcals-python3-env/lib/python3.6/site-packages:$PYTHONPATH
+
+if [ -z "$KPRINCIPAL" ]
+then
+    echo "Please provide Kerberos Principal with ENV KPRINCIPAL"
+    exit 1
+else
+    if [ -f /auth/private.keytab ]
+    then
+      echo "Authenticating with provided keytab for principal $KPRINCIPAL"
+      kinit -kt /auth/private.keytab $KPRINCIPAL
+    else
+      echo "Please provide Kerberos keytab at /auth/private.keytab"
+      exit 1
+    fi
+fi
+
+echo "Now running $@"
+exec "$@"
\ No newline at end of file