help="Debug (xml-rpc) protocol messages")
parser.add_option("-p", "--protocol", dest="protocol", default="xmlrpc",
help="RPC protocol (xmlrpc or soap)")
+ # would it make sense to use ~/.ssh/id_rsa as a default here ?
parser.add_option("-k", "--private-key",
action="store", dest="user_private_key", default=None,
help="point to the private key file to use if not yet installed in sfi_dir")
# init self-signed cert, user credentials and gid
def bootstrap (self):
bootstrap = SfaClientBootstrap (self.user, self.reg_url, self.options.sfi_dir)
- # xxx todo : add a -k option to specify an external private key to install in workdir
+ # if -k is provided, use this to initialize private key
if self.options.user_private_key:
bootstrap.init_private_key_if_missing (self.options.user_private_key)
else:
- # trigger legacy compat code if needed
+ # trigger legacy compat code if needed
+ # the name has changed from just <leaf>.pkey to <hrn>.pkey
if not os.path.isfile(bootstrap.private_key_filename()):
self.logger.info ("private key not found, trying legacy name")
try:
bootstrap.bootstrap_my_gid()
# extract what's needed
self.private_key = bootstrap.private_key()
- self.my_gid = bootstrap.my_gid ()
self.my_credential_string = bootstrap.my_credential_string ()
+ self.my_gid = bootstrap.my_gid ()
self.bootstrap = bootstrap
- # xxx this too should be handled in bootstrap
- def get_cached_credential(self, file):
- """
- Return a cached credential only if it hasn't expired.
- """
- if (os.path.isfile(file)):
- credential = Credential(filename=file)
- # make sure it isnt expired
- if not credential.get_expiration or \
- datetime.datetime.today() < credential.get_expiration():
- return credential
- return None
-
- def get_auth_cred(self):
+ def my_authority_credential_string(self):
if not self.authority:
self.logger.critical("no authority specified. Use -a or set SF_AUTH")
sys.exit(-1)
return self.bootstrap.authority_credential_string (self.authority)
- def get_slice_cred(self, name):
+ def slice_credential_string(self, name):
return self.bootstrap.slice_credential_string (name)
- # should be supported by sfaclientbootstrap
+ # xxx should be supported by sfaclientbootstrap as well
def delegate_cred(self, object_cred, hrn, type='authority'):
# the gid and hrn of the object we are delegating
if isinstance(object_cred, str):
self.logger.critical("No such registry record file %s"%record)
sys.exit(1)
- # xxx opts undefined
def get_component_proxy_from_hrn(self, hrn):
# direct connection to the nodes component manager interface
records = self.registry.Resolve(hrn, self.my_credential_string)
records = filter_records('node', records)
if not records:
- self.logger.warning("No such component:%r"% opts.component)
+ self.logger.warning("No such component:%r"% hrn)
record = records[0]
return self.server_proxy(record['hostname'], CM_PORT, self.private_key, self.my_gid)
host_parts[0] = host_parts[0] + ":" + str(port)
url = "http://%s" % "/".join(host_parts)
return SfaServerProxy(url, keyfile, certfile, timeout=self.options.timeout,
- verbose=self.options.debug)
+ verbose=self.options.debug)
# xxx opts could be retrieved in self.options
def server_proxy_from_opts(self, opts):
def add(self, opts, args):
"add record into registry from xml file (Register)"
- auth_cred = self.get_auth_cred()
+ auth_cred = self.my_authority_credential_string()
if len(args)!=1:
self.print_help()
sys.exit(1)
if record.get_name() == self.user:
cred = self.my_credential_string
else:
- cred = self.get_auth_cred()
+ cred = self.my_authority_credential_string()
elif record['type'] in ["slice"]:
try:
- cred = self.get_slice_cred(record.get_name())
+ cred = self.slice_credential_string(record.get_name())
except ServerException, e:
# XXX smbaker -- once we have better error return codes, update this
# to do something better than a string compare
if "Permission error" in e.args[0]:
- cred = self.get_auth_cred()
+ cred = self.my_authority_credential_string()
else:
raise
elif record.get_type() in ["authority"]:
- cred = self.get_auth_cred()
+ cred = self.my_authority_credential_string()
elif record.get_type() == 'node':
- cred = self.get_auth_cred()
+ cred = self.my_authority_credential_string()
else:
raise "unknown record type" + record.get_type()
record = record.as_dict()
def remove(self, opts, args):
"remove registry record by name (Remove)"
- auth_cred = self.get_auth_cred()
+ auth_cred = self.my_authority_credential_string()
if len(args)!=1:
self.print_help()
sys.exit(1)
api_options['info'] = opts.info
if args:
- cred = self.get_slice_cred(args[0])
+ cred = self.slice_credential_string(args[0])
hrn = args[0]
api_options['geni_slice_urn'] = hrn_to_urn(hrn, 'slice')
else:
server_version = self.get_cached_server_version(server)
slice_hrn = args[0]
slice_urn = hrn_to_urn(slice_hrn, 'slice')
- slice_cred = self.get_slice_cred(slice_hrn)
+ slice_cred = self.slice_credential_string(slice_hrn)
delegated_cred = None
if server_version.get('interface') == 'slicemgr':
# delegate our cred to the slice manager
"""
slice_hrn = args[0]
slice_urn = hrn_to_urn(slice_hrn, 'slice')
- slice_cred = self.get_slice_cred(slice_hrn)
+ slice_cred = self.slice_credential_string(slice_hrn)
creds = [slice_cred]
if opts.delegate:
delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
"""
slice_hrn = args[0]
slice_urn = hrn_to_urn(slice_hrn, 'slice')
- slice_cred = self.get_slice_cred(slice_hrn)
+ slice_cred = self.slice_credential_string(slice_hrn)
creds = [slice_cred]
if opts.delegate:
delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
"""
slice_hrn = args[0]
slice_urn = hrn_to_urn(slice_hrn, 'slice')
- slice_cred = self.get_slice_cred(args[0])
+ slice_cred = self.slice_credential_string(args[0])
creds = [slice_cred]
if opts.delegate:
delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
"""
slice_hrn = args[0]
slice_urn = hrn_to_urn(slice_hrn, 'slice')
- slice_cred = self.get_slice_cred(args[0])
+ slice_cred = self.slice_credential_string(args[0])
creds = [slice_cred]
if opts.delegate:
delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
slice_hrn = args[0]
slice_urn = hrn_to_urn(slice_hrn, 'slice')
server = self.server_proxy_from_opts(opts)
- slice_cred = self.get_slice_cred(args[0])
+ slice_cred = self.slice_credential_string(args[0])
creds = [slice_cred]
if opts.delegate:
delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
slice_hrn = args[0]
slice_urn = hrn_to_urn(slice_hrn, 'slice')
server = self.server_proxy_from_opts(opts)
- slice_cred = self.get_slice_cred(args[0])
+ slice_cred = self.slice_credential_string(args[0])
creds = [slice_cred]
if opts.delegate:
delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
"""
slice_hrn = args[0]
slice_urn = hrn_to_urn(slice_hrn, 'slice')
- slice_cred = self.get_slice_cred(slice_hrn)
+ slice_cred = self.slice_credential_string(slice_hrn)
creds = [slice_cred]
if opts.delegate:
delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
"""
slice_hrn, rspec_path = args[0], args[1]
slice_urn = hrn_to_urn(slice_hrn, 'slice')
- slice_cred = self.get_slice_cred(slice_hrn)
+ slice_cred = self.slice_credential_string(slice_hrn)
creds = [slice_cred]
if opts.delegate:
delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
slice_hrn = ticket.gidObject.get_hrn()
slice_urn = hrn_to_urn(slice_hrn, 'slice')
#slice_hrn = ticket.attributes['slivers'][0]['hrn']
- slice_cred = self.get_slice_cred(slice_hrn)
+ slice_cred = self.slice_credential_string(slice_hrn)
# get a list of node hostnames from the RSpec
tree = etree.parse(StringIO(ticket.rspec))
if opts.delegate_user:
cred = self.delegate_cred(self.my_credential_string, delegee_hrn, 'user')
elif opts.delegate_slice:
- slice_cred = self.get_slice_cred(opts.delegate_slice)
+ slice_cred = self.slice_credential_string(opts.delegate_slice)
cred = self.delegate_cred(slice_cred, delegee_hrn, 'slice')
else:
self.logger.warning("Must specify either --user or --slice <hrn>")