examples that i tested:
# Step 1: Create a user via the web UI API
CREATE_USER_URL="http://${NODE_IP}:30080/api/v2.31/auth.create_user"
USER_PAYLOAD='{"email": "k8s-agent@clearml.ai", "name": "k8s-agent", "company": "clearml", "given_name": "k8s", "family_name": "agent"}'
CREATE_USER_RESPONSE=$(curl -s -X POST \
-H "Content-Type: application/json" \
-d "$USER_PAYLOAD" \
"$CREATE_USER_URL")
#Step 4: Using the configured admin credentials for initial authentication
curl -s -X POST \
-H "Content-Type: application/json" \
-u "admin:mypassword123" \
-d "$USER_PAYLOAD" \
"$CREATE_USER_URL"
with this i have full acess to the running server, and can create the credentials via UI with no problem
this is how i am doing it and Its prob something simple that i am missing
But in all of them i get missing credentials Unauthorized (missing credentials)
i also tried to match it with the secure.conf
Defaulted container "clearml-apiserver" out of: clearml-apiserver, init-apiserver (init)
{
"http": {
"session_secret": {
"apiserver": "V8gcW3EneNDcNfO7G_TSUsWe7uLozyacc9_I33o7bxUo8rCN31VLRg"
}
},
"auth": {
"fixed_users": {
"enabled": true,
"pass_hashed": false,
"users": [
{"username": "admin", "password": "clearml123!", "name": "Administrator"},
{"username": "user1", "password": "clearml456!", "name": "Regular User"}
]
},
"token_secret": "Rq8FW84sSqVgq7WvBB_4EzNl9y8z8IGiDXX3C345_a5AZfcwZcwCIA"
}
}
# Step 3: Create credentials using JWT token via web server
API_URL="http://${NODE_IP}:30080/api/v2.31/auth.create_credentials"
PAYLOAD='{"label": "k8s-agent-credentials"}'
RESPONSE=$(curl -s -X POST \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $TOKEN" \
-d "$PAYLOAD" \
"$API_URL")
Hi @<1811208768843681792:profile|BraveGrasshopper38> , you can do anything programatically that you can do via the webUI. I suggest opening dev tools (F12) and checking what is being sent in the network tab when you create credentials.
How are you trying it programatically? Are you providing API keys for authentication?
then
helm install clearml clearml/clearml \
--namespace "$NS" \
--values /tmp/server-values.yaml \
--wait \
--timeout "$TMO"
With no sucess, @<1523701070390366208:profile|CostlyOstrich36> I hope this provides a clear idea of what i am trying, any help is fantastic
What i intended to do was via calls do the same so i can automate it
# Step 2: Login via web UI API
LOGIN_URL="http://${NODE_IP}:30080/api/v2.31/auth.login"
LOGIN_PAYLOAD='{"username": "k8s-agent"}'
LOGIN_RESPONSE=$(curl -s -X POST \
-H "Content-Type: application/json" \
-d "$LOGIN_PAYLOAD" \
"$LOGIN_URL")
So im setting the server like this:
global:
defaultStorageClass: $STORAGE_CLASS
apiserver:
replicaCount: 1
resources:
requests:
cpu: "200m"
memory: "512Mi"
limits:
cpu: "2000m"
memory: "4Gi"
service:
type: NodePort
nodePort: 30008
port: 8008
additionalConfigs:
secure.conf: |
{
"http": {
"session_secret": {
"apiserver": "V8gcW3EneNDcNfO7G_TSUsWe7uLozyacc9_I33o7bxUo8rCN31VLRg"
}
},
"auth": {
"fixed_users": {
"enabled": true,
"pass_hashed": false,
"users": [
{"username": "admin", "password": "$ADMIN_PASS", "name": "Administrator"},
{"username": "user1", "password": "clearml456!", "name": "Regular User"}
]
},
"token_secret": "AAAAAA"
}
}
webserver:
replicaCount: 1
resources:
requests:
cpu: "100m"
memory: "256Mi"
limits:
cpu: "1000m"
memory: "2Gi"
service:
type: NodePort
nodePort: 30080
port: 8080
fileserver:
replicaCount: 1
resources:
requests:
cpu: "100m"
memory: "256Mi"
limits:
cpu: "1000m"
memory: "2Gi"
service:
type: NodePort
nodePort: 30081
port: 8081
storage:
data:
class: $STORAGE_CLASS
size: 50Gi
ingress:
enabled: false
elasticsearch:
enabled: true
master:
replicas: 1
persistence:
enabled: true
storageClass: $STORAGE_CLASS
size: 20Gi
data:
replicas: 1
persistence:
enabled: true
storageClass: $STORAGE_CLASS
size: 50Gi
mongodb:
enabled: true
replicaCount: 1
persistence:
enabled: true
storageClass: $STORAGE_CLASS
size: 20Gi
redis:
enabled: true
master:
persistence:
enabled: true
storageClass: $STORAGE_CLASS
size: 10Gi
yes that was my understanding but:
From browser network analysis:
- Create User :
POST /api/v2.31/auth.create_uservia port 30080- Payload:{"email": "...", "name": "...", "company": "...", "given_name": "...", "family_name": "..."} - Response: User ID- Login :
POST /api/v2.31/auth.loginvia port 30080- Payload:{"username": "username"} - Response: JWT token- Create Credentials :
POST /api/v2.31/auth.create_credentialsvia port 30080- Headers:Authorization: Bearer <JWT_TOKEN> - Response:
{"access_key": "...", "secret_key": "..."}
but no mater what i get Unauthorized (missing credentials) when trying programatically
curl -s -X POST \
-H "Content-Type: application/json" \
-d '{"username": "admin", "password": "clearml123!"}' \
"
"
{"meta":{"id":"db21b4b3124f4bdda14c00f60c621599","trx":"db21b4b3124f4bdda14c00f60c621599","endpoint":{"name":"auth.login","requested_version":"2.31","actual_version":"1.0"},"result_code":401,"result_subcode":20,"# First, try to login as adminsing credentials)","error_stack":null,"error_data":{}},"data":{}}