Add OpenSslLegacyShim to ensure OpenSSL 1.1 libraries are accessible on Linux
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
This commit introduces the OpenSslLegacyShim class, which sets the LD_LIBRARY_PATH environment variable to include the directory containing OpenSSL 1.1 native libraries. This is necessary for Mongo2Go to function correctly on Linux platforms that do not ship these libraries by default. The shim checks if the current operating system is Linux and whether the required directory exists before modifying the environment variable.
This commit is contained in:
master
@@ -33,22 +33,32 @@ internal static class AuthorityTokenUtilities
|
||||
|
||||
var cacheKey = $"{options.Authority.Url}|{credential}|{scope}";
|
||||
|
||||
if (!string.IsNullOrWhiteSpace(scope) && scope.Contains("orch:operate", StringComparison.OrdinalIgnoreCase))
|
||||
{
|
||||
var reasonHash = HashOperatorMetadata(options.Authority.OperatorReason);
|
||||
var ticketHash = HashOperatorMetadata(options.Authority.OperatorTicket);
|
||||
cacheKey = $"{cacheKey}|op_reason:{reasonHash}|op_ticket:{ticketHash}";
|
||||
}
|
||||
|
||||
return cacheKey;
|
||||
}
|
||||
|
||||
private static string HashOperatorMetadata(string value)
|
||||
{
|
||||
if (string.IsNullOrWhiteSpace(value))
|
||||
{
|
||||
return "none";
|
||||
}
|
||||
if (!string.IsNullOrWhiteSpace(scope))
|
||||
{
|
||||
if (scope.Contains("orch:operate", StringComparison.OrdinalIgnoreCase))
|
||||
{
|
||||
var reasonHash = HashMetadata(options.Authority.OperatorReason);
|
||||
var ticketHash = HashMetadata(options.Authority.OperatorTicket);
|
||||
cacheKey = $"{cacheKey}|op_reason:{reasonHash}|op_ticket:{ticketHash}";
|
||||
}
|
||||
|
||||
if (scope.Contains("orch:backfill", StringComparison.OrdinalIgnoreCase))
|
||||
{
|
||||
var reasonHash = HashMetadata(options.Authority.BackfillReason);
|
||||
var ticketHash = HashMetadata(options.Authority.BackfillTicket);
|
||||
cacheKey = $"{cacheKey}|bf_reason:{reasonHash}|bf_ticket:{ticketHash}";
|
||||
}
|
||||
}
|
||||
|
||||
return cacheKey;
|
||||
}
|
||||
|
||||
private static string HashMetadata(string? value)
|
||||
{
|
||||
if (string.IsNullOrWhiteSpace(value))
|
||||
{
|
||||
return "none";
|
||||
}
|
||||
|
||||
var trimmed = value.Trim();
|
||||
var bytes = Encoding.UTF8.GetBytes(trimmed);
|
||||
|
||||
@@ -111,28 +111,44 @@ public static class CliBootstrapper
|
||||
"StellaOps:Authority:OperatorReason",
|
||||
"Authority:OperatorReason");
|
||||
|
||||
authority.OperatorTicket = ResolveWithFallback(
|
||||
authority.OperatorTicket,
|
||||
configuration,
|
||||
"STELLAOPS_ORCH_TICKET",
|
||||
"StellaOps:Authority:OperatorTicket",
|
||||
"Authority:OperatorTicket");
|
||||
|
||||
authority.TokenCacheDirectory = ResolveWithFallback(
|
||||
authority.TokenCacheDirectory,
|
||||
configuration,
|
||||
"STELLAOPS_AUTHORITY_TOKEN_CACHE_DIR",
|
||||
"StellaOps:Authority:TokenCacheDirectory",
|
||||
authority.OperatorTicket = ResolveWithFallback(
|
||||
authority.OperatorTicket,
|
||||
configuration,
|
||||
"STELLAOPS_ORCH_TICKET",
|
||||
"StellaOps:Authority:OperatorTicket",
|
||||
"Authority:OperatorTicket");
|
||||
|
||||
authority.BackfillReason = ResolveWithFallback(
|
||||
authority.BackfillReason,
|
||||
configuration,
|
||||
"STELLAOPS_ORCH_BACKFILL_REASON",
|
||||
"StellaOps:Authority:BackfillReason",
|
||||
"Authority:BackfillReason");
|
||||
|
||||
authority.BackfillTicket = ResolveWithFallback(
|
||||
authority.BackfillTicket,
|
||||
configuration,
|
||||
"STELLAOPS_ORCH_BACKFILL_TICKET",
|
||||
"StellaOps:Authority:BackfillTicket",
|
||||
"Authority:BackfillTicket");
|
||||
|
||||
authority.TokenCacheDirectory = ResolveWithFallback(
|
||||
authority.TokenCacheDirectory,
|
||||
configuration,
|
||||
"STELLAOPS_AUTHORITY_TOKEN_CACHE_DIR",
|
||||
"StellaOps:Authority:TokenCacheDirectory",
|
||||
"Authority:TokenCacheDirectory");
|
||||
|
||||
authority.Url = authority.Url?.Trim() ?? string.Empty;
|
||||
authority.ClientId = authority.ClientId?.Trim() ?? string.Empty;
|
||||
authority.ClientSecret = string.IsNullOrWhiteSpace(authority.ClientSecret) ? null : authority.ClientSecret.Trim();
|
||||
authority.Username = authority.Username?.Trim() ?? string.Empty;
|
||||
authority.Password = string.IsNullOrWhiteSpace(authority.Password) ? null : authority.Password.Trim();
|
||||
authority.Scope = string.IsNullOrWhiteSpace(authority.Scope) ? StellaOpsScopes.ConcelierJobsTrigger : authority.Scope.Trim();
|
||||
authority.OperatorReason = authority.OperatorReason?.Trim() ?? string.Empty;
|
||||
authority.OperatorTicket = authority.OperatorTicket?.Trim() ?? string.Empty;
|
||||
authority.Password = string.IsNullOrWhiteSpace(authority.Password) ? null : authority.Password.Trim();
|
||||
authority.Scope = string.IsNullOrWhiteSpace(authority.Scope) ? StellaOpsScopes.ConcelierJobsTrigger : authority.Scope.Trim();
|
||||
authority.OperatorReason = authority.OperatorReason?.Trim() ?? string.Empty;
|
||||
authority.OperatorTicket = authority.OperatorTicket?.Trim() ?? string.Empty;
|
||||
authority.BackfillReason = authority.BackfillReason?.Trim() ?? string.Empty;
|
||||
authority.BackfillTicket = authority.BackfillTicket?.Trim() ?? string.Empty;
|
||||
|
||||
authority.Resilience ??= new StellaOpsCliAuthorityResilienceOptions();
|
||||
authority.Resilience.RetryDelays ??= new List<TimeSpan>();
|
||||
|
||||
@@ -46,11 +46,15 @@ public sealed class StellaOpsCliAuthorityOptions
|
||||
|
||||
public string Scope { get; set; } = StellaOpsScopes.ConcelierJobsTrigger;
|
||||
|
||||
public string OperatorReason { get; set; } = string.Empty;
|
||||
|
||||
public string OperatorTicket { get; set; } = string.Empty;
|
||||
|
||||
public string TokenCacheDirectory { get; set; } = string.Empty;
|
||||
public string OperatorReason { get; set; } = string.Empty;
|
||||
|
||||
public string OperatorTicket { get; set; } = string.Empty;
|
||||
|
||||
public string BackfillReason { get; set; } = string.Empty;
|
||||
|
||||
public string BackfillTicket { get; set; } = string.Empty;
|
||||
|
||||
public string TokenCacheDirectory { get; set; } = string.Empty;
|
||||
|
||||
public StellaOpsCliAuthorityResilienceOptions Resilience { get; set; } = new();
|
||||
}
|
||||
|
||||
@@ -31,6 +31,8 @@ internal sealed class BackendOperationsClient : IBackendOperationsClient
|
||||
|
||||
private const string OperatorReasonParameterName = "operator_reason";
|
||||
private const string OperatorTicketParameterName = "operator_ticket";
|
||||
private const string BackfillReasonParameterName = "backfill_reason";
|
||||
private const string BackfillTicketParameterName = "backfill_ticket";
|
||||
|
||||
private readonly HttpClient _httpClient;
|
||||
private readonly StellaOpsCliOptions _options;
|
||||
@@ -1745,26 +1747,52 @@ internal sealed class BackendOperationsClient : IBackendOperationsClient
|
||||
}
|
||||
}
|
||||
|
||||
private IReadOnlyDictionary<string, string>? ResolveOperatorMetadataIfNeeded(string? scope)
|
||||
private IReadOnlyDictionary<string, string>? ResolveOrchestratorMetadataIfNeeded(string? scope)
|
||||
{
|
||||
if (string.IsNullOrWhiteSpace(scope) || !scope.Contains("orch:operate", StringComparison.OrdinalIgnoreCase))
|
||||
if (string.IsNullOrWhiteSpace(scope))
|
||||
{
|
||||
return null;
|
||||
}
|
||||
|
||||
var reason = _options.Authority.OperatorReason?.Trim();
|
||||
var ticket = _options.Authority.OperatorTicket?.Trim();
|
||||
var requiresOperate = scope.Contains("orch:operate", StringComparison.OrdinalIgnoreCase);
|
||||
var requiresBackfill = scope.Contains("orch:backfill", StringComparison.OrdinalIgnoreCase);
|
||||
|
||||
if (string.IsNullOrWhiteSpace(reason) || string.IsNullOrWhiteSpace(ticket))
|
||||
if (!requiresOperate && !requiresBackfill)
|
||||
{
|
||||
throw new InvalidOperationException("Authority.OperatorReason and Authority.OperatorTicket must be configured when requesting orch:operate tokens. Set STELLAOPS_ORCH_REASON and STELLAOPS_ORCH_TICKET or the corresponding configuration values.");
|
||||
return null;
|
||||
}
|
||||
|
||||
return new Dictionary<string, string>(StringComparer.Ordinal)
|
||||
var metadata = new Dictionary<string, string>(StringComparer.Ordinal);
|
||||
|
||||
if (requiresOperate)
|
||||
{
|
||||
[OperatorReasonParameterName] = reason,
|
||||
[OperatorTicketParameterName] = ticket
|
||||
};
|
||||
var reason = _options.Authority.OperatorReason?.Trim();
|
||||
var ticket = _options.Authority.OperatorTicket?.Trim();
|
||||
|
||||
if (string.IsNullOrWhiteSpace(reason) || string.IsNullOrWhiteSpace(ticket))
|
||||
{
|
||||
throw new InvalidOperationException("Authority.OperatorReason and Authority.OperatorTicket must be configured when requesting orch:operate tokens. Set STELLAOPS_ORCH_REASON and STELLAOPS_ORCH_TICKET or the corresponding configuration values.");
|
||||
}
|
||||
|
||||
metadata[OperatorReasonParameterName] = reason;
|
||||
metadata[OperatorTicketParameterName] = ticket;
|
||||
}
|
||||
|
||||
if (requiresBackfill)
|
||||
{
|
||||
var reason = _options.Authority.BackfillReason?.Trim();
|
||||
var ticket = _options.Authority.BackfillTicket?.Trim();
|
||||
|
||||
if (string.IsNullOrWhiteSpace(reason) || string.IsNullOrWhiteSpace(ticket))
|
||||
{
|
||||
throw new InvalidOperationException("Authority.BackfillReason and Authority.BackfillTicket must be configured when requesting orch:backfill tokens. Set STELLAOPS_ORCH_BACKFILL_REASON and STELLAOPS_ORCH_BACKFILL_TICKET or the corresponding configuration values.");
|
||||
}
|
||||
|
||||
metadata[BackfillReasonParameterName] = reason;
|
||||
metadata[BackfillTicketParameterName] = ticket;
|
||||
}
|
||||
|
||||
return metadata;
|
||||
}
|
||||
|
||||
private async Task<string?> ResolveAccessTokenAsync(CancellationToken cancellationToken)
|
||||
@@ -1802,7 +1830,7 @@ internal sealed class BackendOperationsClient : IBackendOperationsClient
|
||||
}
|
||||
|
||||
var scope = AuthorityTokenUtilities.ResolveScope(_options);
|
||||
var operatorMetadata = ResolveOperatorMetadataIfNeeded(scope);
|
||||
var orchestratorMetadata = ResolveOrchestratorMetadataIfNeeded(scope);
|
||||
|
||||
StellaOpsTokenResult token;
|
||||
if (!string.IsNullOrWhiteSpace(_options.Authority.Username))
|
||||
@@ -1821,7 +1849,7 @@ internal sealed class BackendOperationsClient : IBackendOperationsClient
|
||||
}
|
||||
else
|
||||
{
|
||||
token = await _tokenClient.RequestClientCredentialsTokenAsync(scope, operatorMetadata, cancellationToken).ConfigureAwait(false);
|
||||
token = await _tokenClient.RequestClientCredentialsTokenAsync(scope, orchestratorMetadata, cancellationToken).ConfigureAwait(false);
|
||||
}
|
||||
|
||||
await _tokenClient.CacheTokenAsync(cacheKey, token.ToCacheEntry(), cancellationToken).ConfigureAwait(false);
|
||||
|
||||
Reference in New Issue
Block a user