[Webservice] Use MUNGE credential with update_conf requests
Description
When people use the update_config.py
script to change calibration config, it would be useful to know who is doing it.
This uses MUNGE to make a single-use credential for the current user in the script, and checks it in the webservice, looking up the name for the committer. For now, I've aimed to allow (but log) any failures of this mechanism. That includes anyone who has a local copy of the script and therefore sends the request without the credential.
In the webservice I've used the pymunge package (a ctypes wrapper around libmunge), but in the script I've used munge
as a subprocess, so it doesn't need extra dependencies installed.
This also lets us try the idea out before using it for injecting constants.
How Has This Been Tested?
Deployed this version of the webservice on max-exfl-cal002, and ran:
python3 update_config.py --karabo-id FXE_XAD_JF1M --proposal 8116 --correct --roi-definitions 2 110 165 0 1024 -2 --webservice-address tcp://max-exfl-cal002:5555
This is a dry run, I haven't tested actually committing the changes. But I checked the logs for the webservice and it handled the MUNGE credential without an error.
Types of changes
- New feature (non-breaking change which adds functionality)
Checklist:
- My code follows the code style of this project.