Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Consul.Session should support tokens
See original GitHub issueThe methods under Consul.Session do not work on a system with ACLs enabled and the default ACL policy is deny. This happens even if the token is set in consul.Consul() as self.agent.token is not passed in the params to the http client.
Possible fix:
diff -ruN python-consul-0.7.2.orig/consul/base.py python-consul-0.7.2/consul/base.py
--- python-consul-0.7.2.orig/consul/base.py 2017-08-26 09:35:57.000000000 +0200
+++ python-consul-0.7.2/consul/base.py 2017-09-04 13:56:13.897000258 +0200
@@ -1679,6 +1679,8 @@
dc = dc or self.agent.dc
if dc:
params['dc'] = dc
+ if self.agent.token:
+ params['token'] = self.agent.token
data = {}
if name:
data['name'] = name
@@ -1716,6 +1718,8 @@
dc = dc or self.agent.dc
if dc:
params['dc'] = dc
+ if self.agent.token:
+ params['token'] = self.agent.token
return self.agent.http.put(
CB.bool(),
'/v1/session/destroy/%s' % session_id,
@@ -1757,6 +1761,8 @@
dc = dc or self.agent.dc
if dc:
params['dc'] = dc
+ if self.agent.token:
+ params['token'] = self.agent.token
if index:
params['index'] = index
if wait:
@@ -1787,6 +1793,8 @@
dc = dc or self.agent.dc
if dc:
params['dc'] = dc
+ if self.agent.token:
+ params['token'] = self.agent.token
if index:
params['index'] = index
if wait:
@@ -1824,6 +1832,8 @@
dc = dc or self.agent.dc
if dc:
params['dc'] = dc
+ if self.agent.token:
+ params['token'] = self.agent.token
if index:
params['index'] = index
if wait:
@@ -1850,6 +1860,8 @@
dc = dc or self.agent.dc
if dc:
params['dc'] = dc
+ if self.agent.token:
+ params['token'] = self.agent.token
return self.agent.http.put(
CB.json(one=True, allow_404=False),
'/v1/session/renew/%s' % session_id,
Issue Analytics
- State:
- Created 6 years ago
- Reactions:5
- Comments:5
Top Results From Across the Web
Session - HTTP API | Consul - HashiCorp Developer
Create Session. This endpoint initializes a new session. Sessions must be associated with a node and may be associated with any number of...
Read more >ACL Rules
The agent will check tokens locally as a check is registered, and Consul also performs periodic anti-entropy syncs, which may require an ACL...
Read more >salt.modules.consul - Salt Project Documentation
salt.modules.consul. acl_clone (consul_url=None, token=None, **kwargs) ... enable -- Whether the service should be enabled or disabled.
Read more >consulate 0.6.0 documentation
import consulate # Create a new instance of a consulate session session ... passing in an authorization token and then sets a key...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
I only use the standard client, but you can work around this if you set the X-Consul-Token header in the session. I am not sure what token consul will accept if the
tokenquery parameter is passed too.This probably should be added, but then the library is a bit inconsistent. If it were up to me, I’d probably get rid of token passing into methods and just have it when constructing the Consul object. But for now I find this is the easiest, and sometimes only way, to use ACL tokens.
For those using
consul.aio, the following ugliness does the trick, at least withaiohttp==3.3.2: