Hi Stain, Hi Alan, Can you please review the code with my latest commit @ https://github.com/NadeeshDilanga/incubator-taverna-common-activities/commits/docker where I came up with a Configuration Manager and also implemented "Configurable".
I would like to add a unit test case for this by creating a DockerContainerConfigurationImpl and inject a ConfigurationManager. Can you please point me to such example. I tried, but could not find anything yet. i.e I was not able to find a usage of "DatabaseConfigurationImpl" in taverna-engine/taverna-osgi/taverna-common-activities repos. Because I am planning to have a proper test case before the mid term evaluation deadline. Also appreciate if you can provide your feedback/expectations on this project's mid point and if it has any required TODOs I can complete them ASAP before the mid term evaluation deadline. On Mon, Jun 20, 2016 at 1:47 AM, Nadeesh Dilanga <[email protected]> wrote: > Hi all, one more thing to add. > Create container is the most heavy API call(payload/parameter size). But > how about things like start/stop/search/info/delete/ like methods. Should > be think on accepting them as as activity plugin configs ? > > > > > > > On Sat, Jun 18, 2016 at 3:12 AM, Nadeesh Dilanga <[email protected]> > wrote: > >> Hi Alan, Hi Stian, >> Please refer my latest commit @ >> >> https://github.com/NadeeshDilanga/incubator-taverna-common-activities/commits/docker/taverna-docker-activity >> >> where I have implemented reading a injected configuration. Can you please >> review this and let me know what I am missing here. But one thing I would >> like to know is, who is responsible of creating(populating) the >> DockerContainerConfiguration ? We have to allow user to give a docker.conf >> and from which some one construct the DockerContainerConfiguration and >> inject it to the activity plugin. >> >> Then I went through the taverna-engine repo code base looking for the >> clue Stian gave, where I have to implement Configurable interface, and use >> ConfigurationManager. And Configuration manager interface had >> store/populate methods to override, but I found it bit unclear to figure >> out how exactly I can use that to my use case/how it works/relation ship >> between Configurable interface and ConfigurationManager. Do we have any >> documentation on that ? >> >> For SSL issue, I am calling the container as >> https://192.168.99.100:2376/containers/create where 192.168.99.100 is >> my container host. I assume that is the target you meant ? >> >> >> >> On Fri, Jun 17, 2016 at 10:12 AM, Stian Soiland-Reyes <[email protected]> >> wrote: >> >>> Probably it is that the local Docker daemon has a self-signed >>> certificate that Java does not recognize. >>> >>> >>> Taverna has the credential manager - which should normally pop up and >>> ask if you want to accept (and store) the certificate. >>> >>> I'm not sure why that is not happening here.. perhaps because your >>> RESTUtil uses the Apache HTTPClient rather than the built-in URL >>> handling, then there is no link to the Credential Manager? >>> >>> >>> Could you try if it works to do a "dummy connection" first with >>> something like new URL("https://localhost:1239/";).openConnection() >>> (whatever the port is) -- this should trigger the certificate >>> handling in Java. >>> >>> >>> I must admit I could not find out how this is done in the REST activity.. >>> >>> https://github.com/apache/incubator-taverna-common-activities/blob/master/taverna-rest-activity/src/main/java/org/apache/taverna/activities/rest/RESTActivityCredentialsProvider.java >>> >>> is used for username/password (e.g. http basic auth) through Credential >>> Manager. >>> >>> >>> Does the REST activity today support https:// connections against >>> 'unknown' SSL certificates? (e.g. triggering the pop-ups in Workbench) >>> >>> >>> This file CLAIMS to do it, but doesn't seem to: >>> >>> >>> https://github.com/apache/incubator-taverna-common-activities/blob/master/taverna-rest-activity/src/main/java/org/apache/taverna/activities/rest/HTTPRequestHandler.java#L116 >>> >>> // Register a protocol scheme for https that uses Taverna's >>> // SSLSocketFactory >>> >>> but it uses the regular org.apache.http.conn.ssl.SSLSocketFactory >>> >>> .. I would have thought it should use >>> CredentialManager.getTavernaSSLSocketFactory() from >>> >>> >>> https://github.com/apache/incubator-taverna-engine/blob/master/taverna-credential-manager-impl/src/main/java/org/apache/taverna/security/credentialmanager/impl/CredentialManagerImpl.java#L2004 >>> >>> >>> Perhaps something similar to that HTTPRequestHandler code to >>> initialise org.apache.http would work? >>> >>> >>> On 17 June 2016 at 06:32, Nadeesh Dilanga <[email protected]> wrote: >>> > Still got stuck further on the SSL issue[1]. May be something to do >>> with my >>> > setup. So I also implemented invoking simple HTTP(without SSL) in >>> > additional to HTTP SSL. >>> > >>> > Meanwhile I already started getting configuration thru that spring >>> > inject-able framework. Will commit those changes also(without just >>> blocking >>> > on Http SSL issue) to my private repo from which I am planning to send >>> > pull request. >>> > >>> > [1]: >>> > >>> > avax.net.ssl.SSLHandshakeException: >>> > sun.security.validator.ValidatorException: PKIX path building failed: >>> > sun.security.provider.certpath.SunCertPathBuilderException: unable to >>> find >>> > valid certification path to requested target >>> > at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) >>> > at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1902) >>> > at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276) >>> > at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270) >>> > at >>> > >>> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1338) >>> > at >>> > >>> sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:154) >>> > at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) >>> > at sun.security.ssl.Handshaker.process_record(Handshaker.java:804) >>> > at >>> sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1032) >>> > at >>> > >>> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1328) >>> > at >>> > sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1355) >>> > at >>> > sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) >>> > at >>> > >>> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:543) >>> > at >>> > >>> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:409) >>> > at >>> > >>> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:479) >>> > at >>> > >>> org.apache.http.conn.scheme.SchemeSocketFactoryAdaptor.connectSocket(SchemeSocketFactoryAdaptor.java:66) >>> > at >>> > >>> org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:177) >>> > at >>> > >>> org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:144) >>> > at >>> > >>> org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:131) >>> > at >>> > >>> org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:611) >>> > at >>> > >>> org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446) >>> > at >>> > >>> org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:882) >>> > at >>> > >>> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82) >>> > at >>> > >>> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107) >>> > at >>> > >>> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:55) >>> > at >>> > org.apache.taverna.activities.docker.RESTUtil.doPost(RESTUtil.java:125) >>> > at >>> > >>> org.apache.taverna.activities.docker.RESTUtil.createContainer(RESTUtil.java:90) >>> > at >>> > >>> org.apache.taverna.activities.docker.test.TestCreateContainer.testCreateContainer(TestCreateContainer.java:40) >>> > at >>> > >>> org.apache.taverna.activities.docker.test.TestCreateContainer.main(TestCreateContainer.java:32) >>> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>> > at >>> > >>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) >>> > at >>> > >>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >>> > at java.lang.reflect.Method.invoke(Method.java:601) >>> > at >>> com.intellij.rt.execution.application.AppMain.main(AppMain.java:134) >>> > Caused by: sun.security.validator.ValidatorException: PKIX path >>> building >>> > failed: sun.security.provider.certpath.SunCertPathBuilderException: >>> unable >>> > to find valid certification path to requested target >>> > at >>> sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385) >>> > at >>> > >>> sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) >>> > at sun.security.validator.Validator.validate(Validator.java:260) >>> > at >>> > >>> sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) >>> > at >>> > >>> sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231) >>> > at >>> > >>> sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) >>> > at >>> > >>> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1320) >>> > ... 29 more >>> > Caused by: sun.security.provider.certpath.SunCertPathBuilderException: >>> > unable to find valid certification path to requested target >>> > at >>> > >>> sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196) >>> > at >>> java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268) >>> > at >>> sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380) >>> > ... 35 more >>> > >>> > >>> > On Wed, Jun 15, 2016 at 6:17 PM, Nadeesh Dilanga <[email protected] >>> > >>> > wrote: >>> > >>> >> It is the container host and I am invoking the remote API. Will do >>> more >>> >> troubleshooting and get back. >>> >> >>> >> On Wed, Jun 15, 2016 at 7:05 AM, Alan Williams < >>> [email protected]> >>> >> wrote: >>> >> >>> >>> On 15-Jun-16 09:02, Nadeesh Dilanga wrote: >>> >>> >>> >>>> Hi Alan, >>> >>>> Thank you very much for the pointer. I went through and understood >>> how >>> >>>> works. >>> >>>> 1. Implement docker factory class to return an activity >>> configuration. >>> >>>> 2. Accept the configuration in the DockerActivity constructor. >>> >>>> >>> >>>> Please correct me if I missed something. >>> >>>> >>> >>> >>> >>> I need a picture of what is being proposed :) >>> >>> >>> >>> Also I am working on the implementation and commiting my code to my >>> forked >>> >>>> repo at [1]. I will send pull requests once following TODOs >>> finishes. >>> >>>> 1. Test HTTPS invocation(right now I am having a SSL handshake >>> issue and >>> >>>> working on it) >>> >>>> >>> >>>> I am using SSLContext.getDefault() and gives me >>> >>>> javax.net.ssl.SSLHandshakeException: >>> >>>> sun.security.validator.ValidatorException: PKIX path building >>> failed: >>> >>>> sun.security.provider.certpath.SunCertPathBuilderException: unable >>> to >>> >>>> find >>> >>>> valid certification path to requested target >>> >>>> >>> >>>> I have a unit test to test this. I also tried setting system >>> properties >>> >>>> javax.net.ssl.keyStore, javax.net.ssl.trustStore, >>> >>>> javax.net.ssl.keyStorePassword. But no luck. >>> >>>> >>> >>> >>> >>> What is the target of the HTTPS ? Does it have a valid certificate? >>> >>> >>> >>> 2. Enhance the activity class to read configuration injected by >>> Spring. >>> >>>> >>> >>>> >>> >>>> [1] - >>> >>>> >>> >>>> >>> https://github.com/NadeeshDilanga/incubator-taverna-common-activities/commits/docker >>> >>>> >>> >>> >>> >>> Great. >>> >>> >>> >>> Alan >>> >>> >>> >>> >>> >>> >>> >> >>> >>> >>> >>> -- >>> Stian Soiland-Reyes >>> Apache Taverna (incubating), Apache Commons >>> http://orcid.org/0000-0001-9842-9718 >>> >> >> >
