juergbi commented on issue #1913:
URL: https://github.com/apache/buildstream/issues/1913#issuecomment-2066106923
buildbox-casd already supports bearer authentication for remote servers,
reading the access token from a file. However, it currently supports this only
for remote servers configured on the command line, not with the dynamic
configuration used by BuildStream.
Tentative list of tasks to address this issue:
* buildbox-casd
- Support dynamic remotes also for execution servers (requires small
extension to the `LocalCAS` protocol)
- Support access tokens (+ optional reload interval) for dynamic remotes
(requires small extension to the `LocalCAS` protocol)
- If `netrc` support is desired, also support access tokens sent as
strings over the local protocol
* BuildStream
- Support configuring access tokens as paths (+ reload interval) in the
`auth` dict of remotes (as alternative to `client-key` / `client-cert`) and
pass that to buildbox-casd if specified
- If `netrc` support is desired, add a configuration option to enable
that, which then sends the password string from `netrc` to buildbox-casd
instead of a path
- Use buildbox-casd as proxy for all remote connections: At least remote
execution currently doesn't use buildbox-casd as proxy
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
