Comments (6)
@Andreyco it's actually done on purpose - to protect production (public) websites from users calling /worker/queue or /worker/schedule directly. The idea is to set worker environments (APP_ENV) to something like production-worker instead. I will put this in the README.
If you have a better idea of how to isolate these 2 special routes from public - share :))
from laravel-aws-worker.
I added this in README
Alternative implementation could be an extra environment variable (eg. REGISTER_ROUTES). If it's set - routes are added.
I just don't like the idea of registering the routes by default - you don't want normal users to run your jobs ;)
from laravel-aws-worker.
How I reason about Laravel worker app
- it processes long running tasks.
- it runs in its very own container/environment.
- it's not accessible from outside - only AWS daemon pushes POST requests to worker. Based on this, I don't see any reason to worry about URLs being registered in any environment. They are not accessible from outside.
Is there any possibility anyone would use this package outside of AWS Worker environment? Is it event possible/reasonable?
Also, I would not rely on env name to decide whether to register routes or not. I like REGISTER_ROUTES
flag more :) But as noted above, we should be not worried about this at all (let me know if I am mistaken here).
These are my assumptions and findings, I might be wrong. I am, often :)
PS: don't take any of these notes wrong, I am so thankful for this package, it's very good! I hope we figure something out.
from laravel-aws-worker.
You are right, but very often people run the same application in both web and worker environments. Moreover, Laravel actually assumes that you are doing so - jobs are serialized on one end, and they are supposed to correctly desereliaze and run (read - have all the same classes and methods available) on another end.
Therefore, people would add this package and it would go to both worker and web environments. Hence the protection measure - to ensure extra routes don't land in public web :)
If you worker is a separate application, then there is no problem of course.
Having said all that, an environment variable seems like a more comfortable and clear way to do this. I will put this into next version!
from laravel-aws-worker.
https://github.com/dusterio/laravel-aws-worker/releases/tag/v0.1.8
I added REGISTER_WORKER_ROUTES variable and currently it's set to true by default (to avoid service interruption for existing users)
from laravel-aws-worker.
Yep, you are correct.
I have jobs with empty "handle" method on public facing app + very same job with "handle" implemented on worker app.
One one side it leads to (very low) duplications but on the other side responsibilities are clear here.
Seems line env variable + major version bump (no to break existing code) would be best solution here.
Sent from my iPhone
On 21 Oct 2016, at 01:56, Denis Mysenko [email protected] wrote:
You are right, but very often people run the same application in both web and worker environments. Moreover, Laravel actually assumes that you are doing so - jobs are serialized on one end, and they are supposed to correctly desereliaze and run (read - have all the same classes and methods available) on another end.
Therefore, people would add this package and it would go to both worker and web environments. Hence the protection measure - to ensure extra routes don't land in public web :)
If you worker is a separate application, then there is no problem of course.
Having said all that, an environment variable seems like a more comfortable and clear way to do this. I will put this into next version!
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or mute the thread.
from laravel-aws-worker.
Related Issues (20)
- Laravel 7 no support in BindsWorker HOT 4
- Testing
- Not reading the environment variables HOT 3
- SECURITY: Set default of REGISTER_WORKER_ROUTES to false HOT 5
- Scheduler seems to execute tasks as root user HOT 1
- Can't access variables off job class HOT 1
- Support for Lumen 7 HOT 3
- Broken Laravel 7 worker support HOT 2
- preg_match fails matching tries & timeouts
- Maximum execution time of 60 seconds exceeded
- UTF-8 characters unserialize() error at offset HOT 18
- Manually Releasing not working HOT 1
- No routes in routes list - laravel 8 HOT 3
- provider not registered HOT 2
- Concurrent Process HOT 1
- Laravel 8 Interface is not instantiable HOT 1
- How to define max "workers" (max simultaneous task per worker server) HOT 2
- Question: is there support for the backoff option on job retries? HOT 3
- Laravel aws worker clobbers horizon/redis queue configuration HOT 1
- Unresolvable dependency resolving [Parameter #3 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from laravel-aws-worker.