digdag basic auth

digdag.md

1. server setting

digdag.conf

server.authenticator-class = io.digdag.standards.auth.basic.BasicAuthenticator
basicauth.username = admin
basicauth.password = password
basicauth.admin = true

digdag server -m -c ./test.conf

2. client test

digdag init hoge

digdag push without authentication

digdag push hoge
2020-11-09 16:01:05 +0900: Digdag v0.9.42
Creating .digdag/tmp/archive-8199759381272871533.tar.gz...
  Archiving hoge.dig
Workflows:
  hoge.dig
error: Status code 401: HTTP 401 Unauthorized

digdag push with authentication

digdag push hoge --basic-auth admin:password
2020-11-09 16:01:38 +0900: Digdag v0.9.42
Creating .digdag/tmp/archive-5192889579379093264.tar.gz...
  Archiving hoge.dig
Workflows:
  hoge.dig
Uploaded:
  id: 1
  name: hoge
  revision: 60044413-7a78-4fd0-9730-fe1950cc9ea4
  archive type: db
  project created at: 2020-11-09T07:01:41Z
  revision updated at: 2020-11-09T07:01:41Z

Use `digdag workflows` to show all workflows.

3. accessing digdag server with curl

without authentication

curl -v http://localhost:65432/api/workflows
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 65432 (#0)
> GET /api/workflows HTTP/1.1
> Host: localhost:65432
> User-Agent: curl/7.59.0
> Accept: */*
>
< HTTP/1.1 401 Unauthorized
< Connection: keep-alive
< Content-Type: application/json
< Content-Length: 55
< Date: Mon, 09 Nov 2020 07:02:05 GMT
<
* Connection #0 to host localhost left intact
{"message":"Missing Authorization header","status":401}

Generating authorization header

echo -n 'admin:password' | openssl base64
YWRtaW46cGFzc3dvcmQ=

Accessing digdag server using authorization header

curl -H 'authorization: Basic YWRtaW46cGFzc3dvcmQ=' -v http://localhost:65432/api/workflows

curl -H 'authorization: Basic YWRtaW46cGFtp://localhost:65432/api/workflows
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 65432 (#0)
> GET /api/workflows HTTP/1.1
> Host: localhost:65432
> User-Agent: curl/7.59.0
> Accept: */*
> authorization: Basic YWRtaW46cGFzc3dvcmQ=
>
< HTTP/1.1 200 OK
< Connection: keep-alive
< Transfer-Encoding: chunked
< Content-Type: application/json
< Date: Mon, 09 Nov 2020 08:35:25 GMT
<
* Connection #0 to host localhost left intact
{"workflows":[{"id":"1","name":"hoge","project":{"id":"1","name":"hoge"},"revision":"37442336-7134-4663-9610-785874383cc6","timezone":"UTC","config":{"+setup":{"echo>":"start ${session_time}"},"+disp_current_date":{"echo>":"${moment(session_time).utc().format('YYYY-MM-DD HH:mm:ss Z')}"},"+repeat":{"for_each>":{"order":["first","second","third"],"animal":["dog","cat"]},"_do":{"echo>":"${order} ${animal}"},"_parallel":true},"+teardown":{"echo>":"finish ${session_time}"}}}]}

4. Accessing web browser

Install SimpleModifyHeaders

SimpleModifyHeader.png

Hello @hiroyuki-sato
I followed this document to access digdag UI. It is not working. Can you please let me know what is the new way to access the UI using basic authentication?

Thank you!

Hello, @doctor. Could you tell me the detail? Could you show me an error message? And what Digdag version are you using?

Hello @hiroyuki-sato, Simple Modify Headers extension did not work for me. I followed the instructions but I was getting 401 response with error: missing authorization header. After I changed to modheader extension for chrome, UI is working fine. Thanks!