This module has a configuration file (
arranger.yaml by default)
that describes the host, port, ssl_context, trusted_authorities, and
logfile to use. It can also enable insecure logins. It can also change
the service limits.
If no configuration file is found it will default to the following values:
apiVersion: opentestfactory.org/v1beta2 kind: ServiceConfig current-context: default contexts: - context: port: 443 host: 127.0.0.1 ssl_context: adhoc eventbus: endpoint: https://127.0.0.1:38368 token: invalid max_jobs: 1024 max_job_steps: 10240 max_workers: 4 default_timeout_minutes: 360 name: default
ssl_context is either
adhoc, a list of two items (certificate file
path and private key file path), or
disabled (not recommended, will
switch to plain HTTP).
A context can also contain a
trusted_authorities, which is a list of
public key files, used for token validation.
A context can also allow for insecure (token-less) logins, if
enable_insecure_login is set to
true (by default, insecure logins are
Insecure logins, if enabled, are only allowed from a given address (
by default). This can be overridden by specifying
All those limits must be integers. If the entry is missing, the default value will be assumed.
max_jobs limits the number of jobs in a workflow. If a workflow contains or
generate more than this limit, the workflow will be cancelled. If not specified,
defaults to 1024.
max_job_steps limits the number of steps in a workflow. If a job contains or
generate more than this limit, the job will be cancelled. If not specified,
defaults to 10240.
max_workers limits the number of jobs in a workflow that can be running at
any given time. If not specified, defaults to 4.
default_timeout_minutes is the default maximum duration for a job, in minutes.
If not specified, defaults to 360 minutes.
python3 -m opentf.core.arranger [--context context] [--config configfile]
This module exposes one endpoint:
Whenever calling this endpoint, a signed token must be specified
This header will be of form:
Authorization: Bearer xxxxxxxx
It must be signed with one of the trusted authorities specified in the current context.