Access token file does not exist, causing deployment to fail

Questions
1

Hi!

I have a docker-compose running Postgres and the Daml for Postgres driver (using jwt authentication).

I am trying to deploy to it:

daml deploy --host localhost --port 6564 --access-token-file="file:///tmp/jwt/system.token"

which fails:

daml-helper: file:///tmp/jwt/system.token: openFile: does not exist (No such file or directory)

The compose looks like:

version: '3'

services:
  db:
    image: postgres
    ports:
      - "5432:5432"
    restart: always
    environment:
      POSTGRES_PASSWORD: daml

  daml:
    image: dacsbxd86.azurecr.io/daml/1.11.1
    user: root
    ports:
      - "6865:6865"
      - "6564:6564"
    volumes:
      - ".daml:/tmp/.daml"
      - "./security/certs/jwt:/tmp/jwt"
    entrypoint: ["/bin/bash", "-c", "source /root/.bashrc; java -jar /opt/daml-on-sql-1.11.1.jar --auth-jwt-rs256-jwks=file:///tmp/jwt/jwks.json --ledgerid daml-carbon-ledger --sql-backend-jdbcurl 'jdbc:postgresql://db/postgres?user=postgres&password=daml'"]

It finds /tmp/jwt/jwks.json fine, but I am doing something wrong with the --access-token-file?

My JWT token looks like:

{
  "https://daml.com/ledger-api": {
    "ledgerId": "daml-carbon-ledger",
    "applicationId": "carbon",
    "admin": true,
    "actAs": [
      "System"
    ],
    "readAs": [
      "System"
    ]
  },
  "exp": 1619732519,
  "aud": "https://daml.com/ledger-api",
  "azp": "system",
  "iss": "local-jwt-provider",
  "iat": 1619646119,
  "gty": "client-credentials",
  "sub": "system@clients"
}

Thanks,
Per

1 Like
2

Hi @perbergman,
--access-token-file expects a file path not a URL. So try something like -access-token-file="/tmp/jwt/system.token"

2 Likes
3

4 posts were split to a new topic: GRPCIOTimeout when running within a docker container