diff options
Diffstat (limited to 'src/buildtool/execution_api')
9 files changed, 24 insertions, 40 deletions
diff --git a/src/buildtool/execution_api/remote/TARGETS b/src/buildtool/execution_api/remote/TARGETS index 4bf96ea0..3f7961d5 100644 --- a/src/buildtool/execution_api/remote/TARGETS +++ b/src/buildtool/execution_api/remote/TARGETS @@ -27,6 +27,7 @@ , ["@", "gsl-lite", "", "gsl-lite"] , ["src/buildtool/common", "bazel_types"] , ["src/buildtool/execution_api/bazel_msg", "bazel_msg"] + , ["src/buildtool/auth", "auth"] ] , "proto": [ ["@", "bazel_remote_apis", "", "remote_execution_proto"] diff --git a/src/buildtool/execution_api/remote/bazel/bazel_ac_client.cpp b/src/buildtool/execution_api/remote/bazel/bazel_ac_client.cpp index d96db45a..6eac5adf 100644 --- a/src/buildtool/execution_api/remote/bazel/bazel_ac_client.cpp +++ b/src/buildtool/execution_api/remote/bazel/bazel_ac_client.cpp @@ -18,12 +18,9 @@ #include "src/buildtool/common/bazel_types.hpp" #include "src/buildtool/execution_api/remote/bazel/bazel_client_common.hpp" -BazelAcClient::BazelAcClient(std::string const& server, - Port port, - std::string const& user, - std::string const& pwd) noexcept { +BazelAcClient::BazelAcClient(std::string const& server, Port port) noexcept { stub_ = bazel_re::ActionCache::NewStub( - CreateChannelWithCredentials(server, port, user, pwd)); + CreateChannelWithCredentials(server, port)); } auto BazelAcClient::GetActionResult( diff --git a/src/buildtool/execution_api/remote/bazel/bazel_ac_client.hpp b/src/buildtool/execution_api/remote/bazel/bazel_ac_client.hpp index 8712beb8..c9914e77 100644 --- a/src/buildtool/execution_api/remote/bazel/bazel_ac_client.hpp +++ b/src/buildtool/execution_api/remote/bazel/bazel_ac_client.hpp @@ -29,10 +29,7 @@ /// https://github.com/bazelbuild/bazel/blob/4b6ad34dbba15dacebfb6cbf76fa741649cdb007/third_party/remoteapis/build/bazel/remote/execution/v2/remote_execution.proto#L137 class BazelAcClient { public: - BazelAcClient(std::string const& server, - Port port, - std::string const& user = "", - std::string const& pwd = "") noexcept; + BazelAcClient(std::string const& server, Port port) noexcept; [[nodiscard]] auto GetActionResult( std::string const& instance_name, diff --git a/src/buildtool/execution_api/remote/bazel/bazel_cas_client.cpp b/src/buildtool/execution_api/remote/bazel/bazel_cas_client.cpp index 8158ee55..232c5c08 100644 --- a/src/buildtool/execution_api/remote/bazel/bazel_cas_client.cpp +++ b/src/buildtool/execution_api/remote/bazel/bazel_cas_client.cpp @@ -31,13 +31,10 @@ namespace { } // namespace -BazelCasClient::BazelCasClient(std::string const& server, - Port port, - std::string const& user, - std::string const& pwd) noexcept - : stream_{std::make_unique<ByteStreamClient>(server, port, user, pwd)} { +BazelCasClient::BazelCasClient(std::string const& server, Port port) noexcept + : stream_{std::make_unique<ByteStreamClient>(server, port)} { stub_ = bazel_re::ContentAddressableStorage::NewStub( - CreateChannelWithCredentials(server, port, user, pwd)); + CreateChannelWithCredentials(server, port)); } auto BazelCasClient::FindMissingBlobs( diff --git a/src/buildtool/execution_api/remote/bazel/bazel_cas_client.hpp b/src/buildtool/execution_api/remote/bazel/bazel_cas_client.hpp index b40d84d2..bcf6df7e 100644 --- a/src/buildtool/execution_api/remote/bazel/bazel_cas_client.hpp +++ b/src/buildtool/execution_api/remote/bazel/bazel_cas_client.hpp @@ -33,10 +33,7 @@ /// https://github.com/bazelbuild/bazel/blob/4b6ad34dbba15dacebfb6cbf76fa741649cdb007/third_party/remoteapis/build/bazel/remote/execution/v2/remote_execution.proto#L243 class BazelCasClient { public: - BazelCasClient(std::string const& server, - Port port, - std::string const& user = "", - std::string const& pwd = "") noexcept; + BazelCasClient(std::string const& server, Port port) noexcept; /// \brief Find missing blobs /// \param[in] instance_name Name of the CAS instance diff --git a/src/buildtool/execution_api/remote/bazel/bazel_client_common.hpp b/src/buildtool/execution_api/remote/bazel/bazel_client_common.hpp index 9df99b97..60fb7860 100644 --- a/src/buildtool/execution_api/remote/bazel/bazel_client_common.hpp +++ b/src/buildtool/execution_api/remote/bazel/bazel_client_common.hpp @@ -22,6 +22,7 @@ #include <string> #include "grpcpp/grpcpp.h" +#include "src/buildtool/auth/authentication.hpp" #include "src/buildtool/common/bazel_types.hpp" #include "src/buildtool/execution_api/bazel_msg/bazel_common.hpp" #include "src/buildtool/execution_api/remote/config.hpp" @@ -29,18 +30,20 @@ [[maybe_unused]] [[nodiscard]] static inline auto CreateChannelWithCredentials( std::string const& server, - Port port, - std::string const& user = "", - [[maybe_unused]] std::string const& pwd = "") noexcept { - std::shared_ptr<grpc::ChannelCredentials> cred; + Port port) noexcept { + + std::shared_ptr<grpc::ChannelCredentials> creds; std::string address = server + ':' + std::to_string(port); - if (user.empty()) { - cred = grpc::InsecureChannelCredentials(); + if (Auth::GetAuthMethod() == AuthMethod::kTLS) { + auto tls_opts = grpc::SslCredentialsOptions{Auth::TLS::CACert(), + Auth::TLS::ClientKey(), + Auth::TLS::ClientCert()}; + creds = grpc::SslCredentials(tls_opts); } else { - // TODO(oreiche): set up authentication credentials + creds = grpc::InsecureChannelCredentials(); } - return grpc::CreateChannel(address, cred); + return grpc::CreateChannel(address, creds); } [[maybe_unused]] static inline void LogStatus(Logger const* logger, diff --git a/src/buildtool/execution_api/remote/bazel/bazel_execution_client.cpp b/src/buildtool/execution_api/remote/bazel/bazel_execution_client.cpp index a1e031a8..b1244e0c 100644 --- a/src/buildtool/execution_api/remote/bazel/bazel_execution_client.cpp +++ b/src/buildtool/execution_api/remote/bazel/bazel_execution_client.cpp @@ -47,11 +47,9 @@ void LogExecutionStatus(gsl::not_null<Logger const*> const& logger, } // namespace BazelExecutionClient::BazelExecutionClient(std::string const& server, - Port port, - std::string const& user, - std::string const& pwd) noexcept { + Port port) noexcept { stub_ = bazel_re::Execution::NewStub( - CreateChannelWithCredentials(server, port, user, pwd)); + CreateChannelWithCredentials(server, port)); } auto BazelExecutionClient::Execute(std::string const& instance_name, diff --git a/src/buildtool/execution_api/remote/bazel/bazel_execution_client.hpp b/src/buildtool/execution_api/remote/bazel/bazel_execution_client.hpp index 06b3cfdc..480caf9c 100644 --- a/src/buildtool/execution_api/remote/bazel/bazel_execution_client.hpp +++ b/src/buildtool/execution_api/remote/bazel/bazel_execution_client.hpp @@ -52,10 +52,7 @@ class BazelExecutionClient { } }; - BazelExecutionClient(std::string const& server, - Port port, - std::string const& user = "", - std::string const& pwd = "") noexcept; + BazelExecutionClient(std::string const& server, Port port) noexcept; [[nodiscard]] auto Execute(std::string const& instance_name, bazel_re::Digest const& action_digest, diff --git a/src/buildtool/execution_api/remote/bazel/bytestream_client.hpp b/src/buildtool/execution_api/remote/bazel/bytestream_client.hpp index 85e26078..8edaef3e 100644 --- a/src/buildtool/execution_api/remote/bazel/bytestream_client.hpp +++ b/src/buildtool/execution_api/remote/bazel/bytestream_client.hpp @@ -71,12 +71,9 @@ class ByteStreamClient { } }; - ByteStreamClient(std::string const& server, - Port port, - std::string const& user = "", - std::string const& pwd = "") noexcept { + ByteStreamClient(std::string const& server, Port port) noexcept { stub_ = google::bytestream::ByteStream::NewStub( - CreateChannelWithCredentials(server, port, user, pwd)); + CreateChannelWithCredentials(server, port)); } [[nodiscard]] auto IncrementalRead( |