You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Our previous implementation of Globus auth involved writing the user's Globus auth token to a file in their home directory. With the advent of PVC support in Workbench, we no longer have direct filesystem access to this directory from the API server.
We need to find a way to get this auth token to the user within the container.
Some methods proposed:
Put the auth token in a Secret or ConfigMap in the user's namespace - either could then be injected via envvar and/or file into all containers
Run a small Kubernetes Job to write the file to disk - file will be mounted into all containers via the user's PVC
Add an initContainer to each pod/container that the user starts - file will be manually written into all containers upon startup
This issue is complete when we have implemented one of the above or comparable to somehow asynchronously pass the user's Globus auth token from the Workbench apiserver's login handler into the pods that the user subsequently starts.
The text was updated successfully, but these errors were encountered:
Our previous implementation of Globus auth involved writing the user's Globus auth token to a file in their home directory. With the advent of PVC support in Workbench, we no longer have direct filesystem access to this directory from the API server.
We need to find a way to get this auth token to the user within the container.
Some methods proposed:
This issue is complete when we have implemented one of the above or comparable to somehow asynchronously pass the user's Globus auth token from the Workbench apiserver's login handler into the pods that the user subsequently starts.
The text was updated successfully, but these errors were encountered: