Hi, I also sent a pull request https://github.com/apache/incubator-taverna-common-activities/pull/5 with my current four commits.
On Tue, Jun 21, 2016 at 3:21 AM, Nadeesh Dilanga <[email protected]> wrote: > Hi Stain, Hi Alan, > Can you please review the code with my latest commit @ > https://github.com/NadeeshDilanga/incubator-taverna-common-activities/commits/docker > where I came up with a Configuration Manager and also implemented > "Configurable". > > I would like to add a unit test case for this by creating a > DockerContainerConfigurationImpl and inject a ConfigurationManager. Can you > please point me to such example. I tried, but could not find anything yet. > i.e I was not able to find a usage of "DatabaseConfigurationImpl" in > taverna-engine/taverna-osgi/taverna-common-activities repos. > > Because I am planning to have a proper test case before the mid term > evaluation deadline. Also appreciate if you can provide your > feedback/expectations on this project's mid point and if it has any > required TODOs I can complete them ASAP before the mid term evaluation > deadline. > > > On Mon, Jun 20, 2016 at 1:47 AM, Nadeesh Dilanga <[email protected]> > wrote: > >> Hi all, one more thing to add. >> Create container is the most heavy API call(payload/parameter size). But >> how about things like start/stop/search/info/delete/ like methods. Should >> be think on accepting them as as activity plugin configs ? >> >> >> >> >> >> >> On Sat, Jun 18, 2016 at 3:12 AM, Nadeesh Dilanga <[email protected]> >> wrote: >> >>> Hi Alan, Hi Stian, >>> Please refer my latest commit @ >>> >>> https://github.com/NadeeshDilanga/incubator-taverna-common-activities/commits/docker/taverna-docker-activity >>> >>> where I have implemented reading a injected configuration. Can you >>> please review this and let me know what I am missing here. But one thing I >>> would like to know is, who is responsible of creating(populating) the >>> DockerContainerConfiguration ? We have to allow user to give a docker.conf >>> and from which some one construct the DockerContainerConfiguration and >>> inject it to the activity plugin. >>> >>> Then I went through the taverna-engine repo code base looking for the >>> clue Stian gave, where I have to implement Configurable interface, and use >>> ConfigurationManager. And Configuration manager interface had >>> store/populate methods to override, but I found it bit unclear to figure >>> out how exactly I can use that to my use case/how it works/relation ship >>> between Configurable interface and ConfigurationManager. Do we have any >>> documentation on that ? >>> >>> For SSL issue, I am calling the container as >>> https://192.168.99.100:2376/containers/create where 192.168.99.100 is >>> my container host. I assume that is the target you meant ? >>> >>> >>> >>> On Fri, Jun 17, 2016 at 10:12 AM, Stian Soiland-Reyes <[email protected]> >>> wrote: >>> >>>> Probably it is that the local Docker daemon has a self-signed >>>> certificate that Java does not recognize. >>>> >>>> >>>> Taverna has the credential manager - which should normally pop up and >>>> ask if you want to accept (and store) the certificate. >>>> >>>> I'm not sure why that is not happening here.. perhaps because your >>>> RESTUtil uses the Apache HTTPClient rather than the built-in URL >>>> handling, then there is no link to the Credential Manager? >>>> >>>> >>>> Could you try if it works to do a "dummy connection" first with >>>> something like new URL("https://localhost:1239/";).openConnection() >>>> (whatever the port is) -- this should trigger the certificate >>>> handling in Java. >>>> >>>> >>>> I must admit I could not find out how this is done in the REST >>>> activity.. >>>> >>>> https://github.com/apache/incubator-taverna-common-activities/blob/master/taverna-rest-activity/src/main/java/org/apache/taverna/activities/rest/RESTActivityCredentialsProvider.java >>>> >>>> is used for username/password (e.g. http basic auth) through Credential >>>> Manager. >>>> >>>> >>>> Does the REST activity today support https:// connections against >>>> 'unknown' SSL certificates? (e.g. triggering the pop-ups in Workbench) >>>> >>>> >>>> This file CLAIMS to do it, but doesn't seem to: >>>> >>>> >>>> https://github.com/apache/incubator-taverna-common-activities/blob/master/taverna-rest-activity/src/main/java/org/apache/taverna/activities/rest/HTTPRequestHandler.java#L116 >>>> >>>> // Register a protocol scheme for https that uses Taverna's >>>> // SSLSocketFactory >>>> >>>> but it uses the regular org.apache.http.conn.ssl.SSLSocketFactory >>>> >>>> .. I would have thought it should use >>>> CredentialManager.getTavernaSSLSocketFactory() from >>>> >>>> >>>> https://github.com/apache/incubator-taverna-engine/blob/master/taverna-credential-manager-impl/src/main/java/org/apache/taverna/security/credentialmanager/impl/CredentialManagerImpl.java#L2004 >>>> >>>> >>>> Perhaps something similar to that HTTPRequestHandler code to >>>> initialise org.apache.http would work? >>>> >>>> >>>> On 17 June 2016 at 06:32, Nadeesh Dilanga <[email protected]> wrote: >>>> > Still got stuck further on the SSL issue[1]. May be something to do >>>> with my >>>> > setup. So I also implemented invoking simple HTTP(without SSL) in >>>> > additional to HTTP SSL. >>>> > >>>> > Meanwhile I already started getting configuration thru that spring >>>> > inject-able framework. Will commit those changes also(without just >>>> blocking >>>> > on Http SSL issue) to my private repo from which I am planning to >>>> send >>>> > pull request. >>>> > >>>> > [1]: >>>> > >>>> > avax.net.ssl.SSLHandshakeException: >>>> > sun.security.validator.ValidatorException: PKIX path building failed: >>>> > sun.security.provider.certpath.SunCertPathBuilderException: unable to >>>> find >>>> > valid certification path to requested target >>>> > at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) >>>> > at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1902) >>>> > at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276) >>>> > at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270) >>>> > at >>>> > >>>> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1338) >>>> > at >>>> > >>>> sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:154) >>>> > at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) >>>> > at sun.security.ssl.Handshaker.process_record(Handshaker.java:804) >>>> > at >>>> sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1032) >>>> > at >>>> > >>>> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1328) >>>> > at >>>> > sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1355) >>>> > at >>>> > sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) >>>> > at >>>> > >>>> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:543) >>>> > at >>>> > >>>> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:409) >>>> > at >>>> > >>>> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:479) >>>> > at >>>> > >>>> org.apache.http.conn.scheme.SchemeSocketFactoryAdaptor.connectSocket(SchemeSocketFactoryAdaptor.java:66) >>>> > at >>>> > >>>> org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:177) >>>> > at >>>> > >>>> org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:144) >>>> > at >>>> > >>>> org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:131) >>>> > at >>>> > >>>> org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:611) >>>> > at >>>> > >>>> org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446) >>>> > at >>>> > >>>> org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:882) >>>> > at >>>> > >>>> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82) >>>> > at >>>> > >>>> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107) >>>> > at >>>> > >>>> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:55) >>>> > at >>>> > >>>> org.apache.taverna.activities.docker.RESTUtil.doPost(RESTUtil.java:125) >>>> > at >>>> > >>>> org.apache.taverna.activities.docker.RESTUtil.createContainer(RESTUtil.java:90) >>>> > at >>>> > >>>> org.apache.taverna.activities.docker.test.TestCreateContainer.testCreateContainer(TestCreateContainer.java:40) >>>> > at >>>> > >>>> org.apache.taverna.activities.docker.test.TestCreateContainer.main(TestCreateContainer.java:32) >>>> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>> > at >>>> > >>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) >>>> > at >>>> > >>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >>>> > at java.lang.reflect.Method.invoke(Method.java:601) >>>> > at >>>> com.intellij.rt.execution.application.AppMain.main(AppMain.java:134) >>>> > Caused by: sun.security.validator.ValidatorException: PKIX path >>>> building >>>> > failed: sun.security.provider.certpath.SunCertPathBuilderException: >>>> unable >>>> > to find valid certification path to requested target >>>> > at >>>> sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385) >>>> > at >>>> > >>>> sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) >>>> > at sun.security.validator.Validator.validate(Validator.java:260) >>>> > at >>>> > >>>> sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) >>>> > at >>>> > >>>> sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231) >>>> > at >>>> > >>>> sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) >>>> > at >>>> > >>>> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1320) >>>> > ... 29 more >>>> > Caused by: sun.security.provider.certpath.SunCertPathBuilderException: >>>> > unable to find valid certification path to requested target >>>> > at >>>> > >>>> sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196) >>>> > at >>>> java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268) >>>> > at >>>> sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380) >>>> > ... 35 more >>>> > >>>> > >>>> > On Wed, Jun 15, 2016 at 6:17 PM, Nadeesh Dilanga < >>>> [email protected]> >>>> > wrote: >>>> > >>>> >> It is the container host and I am invoking the remote API. Will do >>>> more >>>> >> troubleshooting and get back. >>>> >> >>>> >> On Wed, Jun 15, 2016 at 7:05 AM, Alan Williams < >>>> [email protected]> >>>> >> wrote: >>>> >> >>>> >>> On 15-Jun-16 09:02, Nadeesh Dilanga wrote: >>>> >>> >>>> >>>> Hi Alan, >>>> >>>> Thank you very much for the pointer. I went through and understood >>>> how >>>> >>>> works. >>>> >>>> 1. Implement docker factory class to return an activity >>>> configuration. >>>> >>>> 2. Accept the configuration in the DockerActivity constructor. >>>> >>>> >>>> >>>> Please correct me if I missed something. >>>> >>>> >>>> >>> >>>> >>> I need a picture of what is being proposed :) >>>> >>> >>>> >>> Also I am working on the implementation and commiting my code to my >>>> forked >>>> >>>> repo at [1]. I will send pull requests once following TODOs >>>> finishes. >>>> >>>> 1. Test HTTPS invocation(right now I am having a SSL handshake >>>> issue and >>>> >>>> working on it) >>>> >>>> >>>> >>>> I am using SSLContext.getDefault() and gives me >>>> >>>> javax.net.ssl.SSLHandshakeException: >>>> >>>> sun.security.validator.ValidatorException: PKIX path building >>>> failed: >>>> >>>> sun.security.provider.certpath.SunCertPathBuilderException: unable >>>> to >>>> >>>> find >>>> >>>> valid certification path to requested target >>>> >>>> >>>> >>>> I have a unit test to test this. I also tried setting system >>>> properties >>>> >>>> javax.net.ssl.keyStore, javax.net.ssl.trustStore, >>>> >>>> javax.net.ssl.keyStorePassword. But no luck. >>>> >>>> >>>> >>> >>>> >>> What is the target of the HTTPS ? Does it have a valid certificate? >>>> >>> >>>> >>> 2. Enhance the activity class to read configuration injected by >>>> Spring. >>>> >>>> >>>> >>>> >>>> >>>> [1] - >>>> >>>> >>>> >>>> >>>> https://github.com/NadeeshDilanga/incubator-taverna-common-activities/commits/docker >>>> >>>> >>>> >>> >>>> >>> Great. >>>> >>> >>>> >>> Alan >>>> >>> >>>> >>> >>>> >>> >>>> >> >>>> >>>> >>>> >>>> -- >>>> Stian Soiland-Reyes >>>> Apache Taverna (incubating), Apache Commons >>>> http://orcid.org/0000-0001-9842-9718 >>>> >>> >>> >> >
