Skip to content

Instantly share code, notes, and snippets.

@hiroyuki-sato
Last active July 1, 2022 06:37
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save hiroyuki-sato/229302a1867025876de7fd1d8ffa2bf1 to your computer and use it in GitHub Desktop.
Save hiroyuki-sato/229302a1867025876de7fd1d8ffa2bf1 to your computer and use it in GitHub Desktop.
digdag basic auth

1. server setting

digdag.conf

server.authenticator-class = io.digdag.standards.auth.basic.BasicAuthenticator
basicauth.username = admin
basicauth.password = password
basicauth.admin = true
digdag server -m -c ./test.conf

2. client test

digdag init hoge

digdag push without authentication

digdag push hoge
2020-11-09 16:01:05 +0900: Digdag v0.9.42
Creating .digdag/tmp/archive-8199759381272871533.tar.gz...
  Archiving hoge.dig
Workflows:
  hoge.dig
error: Status code 401: HTTP 401 Unauthorized

digdag push with authentication

digdag push hoge --basic-auth admin:password
2020-11-09 16:01:38 +0900: Digdag v0.9.42
Creating .digdag/tmp/archive-5192889579379093264.tar.gz...
  Archiving hoge.dig
Workflows:
  hoge.dig
Uploaded:
  id: 1
  name: hoge
  revision: 60044413-7a78-4fd0-9730-fe1950cc9ea4
  archive type: db
  project created at: 2020-11-09T07:01:41Z
  revision updated at: 2020-11-09T07:01:41Z

Use `digdag workflows` to show all workflows.

3. accessing digdag server with curl

without authentication

curl -v http://localhost:65432/api/workflows
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 65432 (#0)
> GET /api/workflows HTTP/1.1
> Host: localhost:65432
> User-Agent: curl/7.59.0
> Accept: */*
>
< HTTP/1.1 401 Unauthorized
< Connection: keep-alive
< Content-Type: application/json
< Content-Length: 55
< Date: Mon, 09 Nov 2020 07:02:05 GMT
<
* Connection #0 to host localhost left intact
{"message":"Missing Authorization header","status":401}

Generating authorization header

echo -n 'admin:password' | openssl base64
YWRtaW46cGFzc3dvcmQ=

Accessing digdag server using authorization header

curl -H 'authorization: Basic YWRtaW46cGFzc3dvcmQ=' -v http://localhost:65432/api/workflows
curl -H 'authorization: Basic YWRtaW46cGFtp://localhost:65432/api/workflows
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 65432 (#0)
> GET /api/workflows HTTP/1.1
> Host: localhost:65432
> User-Agent: curl/7.59.0
> Accept: */*
> authorization: Basic YWRtaW46cGFzc3dvcmQ=
>
< HTTP/1.1 200 OK
< Connection: keep-alive
< Transfer-Encoding: chunked
< Content-Type: application/json
< Date: Mon, 09 Nov 2020 08:35:25 GMT
<
* Connection #0 to host localhost left intact
{"workflows":[{"id":"1","name":"hoge","project":{"id":"1","name":"hoge"},"revision":"37442336-7134-4663-9610-785874383cc6","timezone":"UTC","config":{"+setup":{"echo>":"start ${session_time}"},"+disp_current_date":{"echo>":"${moment(session_time).utc().format('YYYY-MM-DD HH:mm:ss Z')}"},"+repeat":{"for_each>":{"order":["first","second","third"],"animal":["dog","cat"]},"_do":{"echo>":"${order} ${animal}"},"_parallel":true},"+teardown":{"echo>":"finish ${session_time}"}}}]}

4. Accessing web browser

Install SimpleModifyHeaders

@doctor
Copy link

doctor commented Jun 29, 2022

Hello @hiroyuki-sato
I followed this document to access digdag UI. It is not working. Can you please let me know what is the new way to access the UI using basic authentication?

Thank you!

@hiroyuki-sato
Copy link
Author

Hello, @doctor. Could you tell me the detail? Could you show me an error message? And what Digdag version are you using?

@doctor
Copy link

doctor commented Jul 1, 2022

Hello @hiroyuki-sato, Simple Modify Headers extension did not work for me. I followed the instructions but I was getting 401 response with error: missing authorization header. After I changed to modheader extension for chrome, UI is working fine. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment