-#
-# sfi.py - basic SFA command-line client
-# this module is also used in sfascan
-#
+"""
+sfi.py - basic SFA command-line client
+this module is also used in sfascan
+"""
+
+# pylint: disable=c0111, c0413
from sfa.util.xrn import get_leaf, get_authority, hrn_to_urn, Xrn
from sfa.util.config import Config
from sfa.util.version import version_core
from sfa.util.xrn import get_leaf, get_authority, hrn_to_urn, Xrn
from sfa.util.config import Config
from sfa.util.version import version_core
# various auxiliary material that we keep at hand
self.command = None
# need to call this other than just 'config' as we have a
# various auxiliary material that we keep at hand
self.command = None
# need to call this other than just 'config' as we have a
msg = "Invalid command\n"
msg += "Commands: "
msg += ','.join(commands_list)
msg = "Invalid command\n"
msg += "Commands: "
msg += ','.join(commands_list)
parser.add_option("-p", "--pi", dest='delegate_pi', default=None, action='store_true',
help="delegate your PI credentials, so s.t. like -A your_hrn^")
parser.add_option("-A", "--to-authority", dest='delegate_to_authority', action='store_true', default=False,
parser.add_option("-p", "--pi", dest='delegate_pi', default=None, action='store_true',
help="delegate your PI credentials, so s.t. like -A your_hrn^")
parser.add_option("-A", "--to-authority", dest='delegate_to_authority', action='store_true', default=False,
self.sfi_parser = self.create_parser_global()
(options, args) = self.sfi_parser.parse_args()
if options.help:
self.sfi_parser = self.create_parser_global()
(options, args) = self.sfi_parser.parse_args()
if options.help:
elif hasattr(config, "SFI_SM"):
self.sm_url = config.SFI_SM
else:
elif hasattr(config, "SFI_SM"):
self.sm_url = config.SFI_SM
else:
elif hasattr(config, "SFI_REGISTRY"):
self.reg_url = config.SFI_REGISTRY
else:
elif hasattr(config, "SFI_REGISTRY"):
self.reg_url = config.SFI_REGISTRY
else:
elif hasattr(config, "SFI_USER"):
self.user = config.SFI_USER
else:
elif hasattr(config, "SFI_USER"):
self.user = config.SFI_USER
else:
elif hasattr(config, "SFI_AUTH"):
self.authority = config.SFI_AUTH
else:
elif hasattr(config, "SFI_AUTH"):
self.authority = config.SFI_AUTH
else:
"Initializing SfaClientBootstrap with {}".format(self.reg_url))
client_bootstrap = SfaClientBootstrap(self.user, self.reg_url, self.options.sfi_dir,
"Initializing SfaClientBootstrap with {}".format(self.reg_url))
client_bootstrap = SfaClientBootstrap(self.user, self.reg_url, self.options.sfi_dir,
# if -k is provided, use this to initialize private key
if self.options.user_private_key:
client_bootstrap.init_private_key_if_missing(
# if -k is provided, use this to initialize private key
if self.options.user_private_key:
client_bootstrap.init_private_key_if_missing(
# trigger legacy compat code if needed
# the name has changed from just <leaf>.pkey to <hrn>.pkey
if not os.path.isfile(client_bootstrap.private_key_filename()):
# trigger legacy compat code if needed
# the name has changed from just <leaf>.pkey to <hrn>.pkey
if not os.path.isfile(client_bootstrap.private_key_filename()):
try:
legacy_private_key = os.path.join(self.options.sfi_dir, "{}.pkey"
.format(Xrn.unescape(get_leaf(self.user))))
try:
legacy_private_key = os.path.join(self.options.sfi_dir, "{}.pkey"
.format(Xrn.unescape(get_leaf(self.user))))
"no authority specified. Use -a or set SF_AUTH")
sys.exit(-1)
return self.client_bootstrap.authority_credential_string(self.authority)
"no authority specified. Use -a or set SF_AUTH")
sys.exit(-1)
return self.client_bootstrap.authority_credential_string(self.authority)
self.registry_proxy \
= SfaServerProxy(self.reg_url, self.private_key, self.my_gid,
timeout=self.options.timeout, verbose=self.options.debug)
self.registry_proxy \
= SfaServerProxy(self.reg_url, self.private_key, self.my_gid,
timeout=self.options.timeout, verbose=self.options.debug)
records = self.registry().Resolve(node_hrn, self.my_credential_string)
records = filter_records('node', records)
if not records:
records = self.registry().Resolve(node_hrn, self.my_credential_string)
records = filter_records('node', records)
if not records:
"No such component:{}".format(opts.component))
record = records[0]
cm_url = "http://{}:{}/".format(record['hostname'], CM_PORT)
"No such component:{}".format(opts.component))
record = records[0]
cm_url = "http://{}:{}/".format(record['hostname'], CM_PORT)
# the config
if not self.sm_url.startswith('http://') or self.sm_url.startswith('https://'):
self.sm_url = 'http://' + self.sm_url
# the config
if not self.sm_url.startswith('http://') or self.sm_url.startswith('https://'):
self.sm_url = 'http://' + self.sm_url
"Contacting Slice Manager at: {}".format(self.sm_url))
self.sliceapi_proxy \
= SfaServerProxy(self.sm_url, self.private_key, self.my_gid,
"Contacting Slice Manager at: {}".format(self.sm_url))
self.sliceapi_proxy \
= SfaServerProxy(self.sm_url, self.private_key, self.my_gid,
version = ReturnValue.get_value(result)
# cache version for 20 minutes
cache.add(cache_key, version, ttl=60 * 20)
version = ReturnValue.get_value(result)
# cache version for 20 minutes
cache.add(cache_key, version, ttl=60 * 20)
# resurrect this temporarily so we can support V1 aggregates for a while
def server_supports_options_arg(self, server):
"""
# resurrect this temporarily so we can support V1 aggregates for a while
def server_supports_options_arg(self, server):
"""
hrn, self.my_credential_string, resolve_options)
record_dicts = filter_records(options.type, record_dicts)
if not record_dicts:
hrn, self.my_credential_string, resolve_options)
record_dicts = filter_records(options.type, record_dicts)
if not record_dicts:
@declare_command("[xml-filename]", "", ['add'])
def register(self, options, args):
"""
@declare_command("[xml-filename]", "", ['add'])
def register(self, options, args):
"""
@declare_command("[xml-filename]", "")
def update(self, options, args):
"""
@declare_command("[xml-filename]", "")
def update(self, options, args):
"""
@declare_command("slice_hrn", "")
def describe(self, options, args):
"""
@declare_command("slice_hrn", "")
def describe(self, options, args):
"""
filename = os.path.join(self.options.sfi_dir,
"{}_for_{}.{}.cred".format(message, to_hrn, to_type))
delegated_credential.save_to_file(filename, save_parents=True)
filename = os.path.join(self.options.sfi_dir,
"{}_for_{}.{}.cred".format(message, to_hrn, to_type))
delegated_credential.save_to_file(filename, save_parents=True)
* compute all the slices that you currently have credentials on
* refresh all your credentials (you as a user and pi, your slices)
* upload them to the manifold backend server
* compute all the slices that you currently have credentials on
* refresh all your credentials (you as a user and pi, your slices)
* upload them to the manifold backend server
my_records = self.registry().Resolve(self.user, self.my_credential_string)
if len(my_records) != 1:
print("Cannot Resolve {} -- exiting".format(self.user))
sys.exit(1)
my_record = my_records[0]
my_auths_all = my_record['reg-pi-authorities']
my_records = self.registry().Resolve(self.user, self.my_credential_string)
if len(my_records) != 1:
print("Cannot Resolve {} -- exiting".format(self.user))
sys.exit(1)
my_record = my_records[0]
my_auths_all = my_record['reg-pi-authorities']
my_auths = my_auths_all
if options.delegate_auths:
my_auths = list(set(my_auths_all).intersection(
set(options.delegate_auths)))
my_auths = my_auths_all
if options.delegate_auths:
my_auths = list(set(my_auths_all).intersection(
set(options.delegate_auths)))
"Restricted to user-provided auths {}".format(my_auths))
# (c) get the set of slices that we are in
my_slices_all = my_record['reg-slices']
"Restricted to user-provided auths {}".format(my_auths))
# (c) get the set of slices that we are in
my_slices_all = my_record['reg-slices']
my_slices = my_slices_all
# if user provided slices, deal only with these - if they are found
if options.delegate_slices:
my_slices = list(set(my_slices_all).intersection(
set(options.delegate_slices)))
my_slices = my_slices_all
# if user provided slices, deal only with these - if they are found
if options.delegate_slices:
my_slices = list(set(my_slices_all).intersection(
set(options.delegate_slices)))
"Restricted to user-provided slices: {}".format(my_slices))
# (d) make sure we have *valid* credentials for all these
"Restricted to user-provided slices: {}".format(my_slices))
# (d) make sure we have *valid* credentials for all these
.format(hrn, htype, delegatee_hrn, delegatee_type))
with open(filename, 'w') as f:
f.write(delegated_credential)
.format(hrn, htype, delegatee_hrn, delegatee_type))
with open(filename, 'w') as f:
f.write(delegated_credential)
hrn_delegated_credentials.append(
(hrn, htype, delegated_credential, filename, ))
# (f) and finally upload them to manifold server
# xxx todo add an option so the password can be set on the command line
# (but *NOT* in the config file) so other apps can leverage this
hrn_delegated_credentials.append(
(hrn, htype, delegated_credential, filename, ))
# (f) and finally upload them to manifold server
# xxx todo add an option so the password can be set on the command line
# (but *NOT* in the config file) so other apps can leverage this
url=myslice_dict['backend'],
platform=myslice_dict['platform'],
username=myslice_dict['username'],
url=myslice_dict['backend'],
platform=myslice_dict['platform'],
username=myslice_dict['username'],
.format(count_success, count_all))
# at first I thought we would want to save these,
.format(count_success, count_all))
# at first I thought we would want to save these,