Unify teams auth concerns under a single env var (#2306)

2025-11-09 13:44:53 +08:00 · 2023-10-25 12:31:52 +02:00 · 2023-10-25 12:31:52 +02:00 · a2c1fe4b27
commit a2c1fe4b27
parent b661273f1a
3 changed files with 72 additions and 64 deletions
--- a/lib/livebook/application.ex
+++ b/lib/livebook/application.ex
@ -61,7 +61,7 @@ defmodule Livebook.Application do
    case Supervisor.start_link(children, opts) do
      {:ok, _} = result ->
        load_lb_env_vars()
-        create_offline_hub()
+        create_teams_hub()
        clear_env_vars()
        display_startup_info()
        Livebook.Hubs.connect_hubs()
@ -246,19 +246,30 @@ defmodule Livebook.Application do
    Livebook.Secrets.set_startup_secrets(secrets)
  end

-  def create_offline_hub() do
-    name = System.get_env("LIVEBOOK_TEAMS_NAME")
-    public_key = System.get_env("LIVEBOOK_TEAMS_OFFLINE_KEY")
-    encrypted_secrets = System.get_env("LIVEBOOK_TEAMS_SECRETS")
-    encrypted_file_systems = System.get_env("LIVEBOOK_TEAMS_FS")
+  defp create_teams_hub() do
+    teams_key = System.get_env("LIVEBOOK_TEAMS_KEY")
+    auth = System.get_env("LIVEBOOK_TEAMS_AUTH")

-    if name && public_key do
-      teams_key =
-        System.get_env("LIVEBOOK_TEAMS_KEY") ||
+    cond do
+      teams_key && auth ->
+        case String.split(auth, ":") do
+          ["offline", name, public_key] -> create_offline_hub(teams_key, name, public_key)
+          _ -> Livebook.Config.abort!("Invalid LIVEBOOK_TEAMS_AUTH configuration.")
+        end
+
+      teams_key || auth ->
        Livebook.Config.abort!(
-            "You specified LIVEBOOK_TEAMS_NAME, but LIVEBOOK_TEAMS_KEY is missing."
+          "You must specify both LIVEBOOK_TEAMS_KEY and LIVEBOOK_TEAMS_AUTH."
        )

+      true ->
+        :ok
+    end
+  end
+
+  defp create_offline_hub(teams_key, name, public_key) do
+    encrypted_secrets = System.get_env("LIVEBOOK_TEAMS_SECRETS")
+    encrypted_file_systems = System.get_env("LIVEBOOK_TEAMS_FS")
    secret_key = Livebook.Teams.derive_key(teams_key)
    id = "team-#{name}"

@ -314,7 +325,6 @@ defmodule Livebook.Application do
      }
    })
  end
-  end

  defp config_env_var?("LIVEBOOK_" <> _), do: true
  defp config_env_var?("RELEASE_" <> _), do: true
--- a/lib/livebook/hubs/dockerfile.ex
+++ b/lib/livebook/hubs/dockerfile.ex
@ -158,8 +158,7 @@ defmodule Livebook.Hubs.Dockerfile do

      # Teams Hub configuration for airgapped deployment
      ENV LIVEBOOK_TEAMS_KEY ${TEAMS_KEY}
-      ENV LIVEBOOK_TEAMS_NAME "#{hub.hub_name}"
-      ENV LIVEBOOK_TEAMS_OFFLINE_KEY "#{hub.org_public_key}"
+      ENV LIVEBOOK_TEAMS_AUTH "offline:#{hub.hub_name}:#{hub.org_public_key}"
      """

    secrets =
--- a/test/livebook/hubs/dockerfile_test.exs
+++ b/test/livebook/hubs/dockerfile_test.exs
@ -101,8 +101,7 @@ defmodule Livebook.Hubs.DockerfileTest do

             # Teams Hub configuration for airgapped deployment
             ENV LIVEBOOK_TEAMS_KEY ${TEAMS_KEY}
-             ENV LIVEBOOK_TEAMS_NAME "org-name-387"
-             ENV LIVEBOOK_TEAMS_OFFLINE_KEY "lb_opk_fpxnp3r5djwxnmirx3tu276hialoivf3"
+             ENV LIVEBOOK_TEAMS_AUTH "offline:org-name-387:lb_opk_fpxnp3r5djwxnmirx3tu276hialoivf3"

             # Apps configuration
             ENV LIVEBOOK_APPS_PATH "/apps"