sfa.git
10 years agoSetting tag sfa-3.1-7 sfa-3.1-7
Thierry Parmentelat [Wed, 4 Jun 2014 09:53:38 +0000 (11:53 +0200)]
Setting tag sfa-3.1-7
sfi return code should be more meaningful - not yet for all commands though
DEFAULT_CREDENTIAL_LIFETIME now 28 days (was 31)
dropped support for legacy credentials
bugfix: short-lived credentials triggered a bug with UTC translated into localtime
further minor cleanup of timestamp formats

10 years agocleanup
Thierry Parmentelat [Wed, 4 Jun 2014 08:22:41 +0000 (10:22 +0200)]
cleanup

10 years agorestore default credential validity period to 28 days
Thierry Parmentelat [Wed, 4 Jun 2014 07:46:45 +0000 (09:46 +0200)]
restore default credential validity period to 28 days
had been inadvertantly committed as 2 hours for a while when debugging the short-lived credential issue
used to be 31 days prior to that

10 years agocosmetic, rename variable expected to be a datetime as 'dt' as opposed to 'input...
Thierry Parmentelat [Wed, 4 Jun 2014 07:44:23 +0000 (09:44 +0200)]
cosmetic, rename variable expected to be a datetime as 'dt' as opposed to 'input' that can be a string or number or datetime

10 years agobugfix for the issue reported by Brecht when using short-lived credentials
Thierry Parmentelat [Wed, 4 Jun 2014 07:42:55 +0000 (09:42 +0200)]
bugfix for the issue reported by Brecht when using short-lived credentials
there was one conversion that mixed UTC and localtime in datetime_to_epoch

10 years agomore cleanup on timestamps - issue with short-lived credentials still present though
Thierry Parmentelat [Tue, 3 Jun 2014 15:06:24 +0000 (17:06 +0200)]
more cleanup on timestamps - issue with short-lived credentials still present though

10 years agodebug msgs
Thierry Parmentelat [Tue, 3 Jun 2014 15:05:47 +0000 (17:05 +0200)]
debug msgs

10 years agoa little more robust against odd conditions
Thierry Parmentelat [Tue, 3 Jun 2014 15:03:43 +0000 (17:03 +0200)]
a little more robust against odd conditions

10 years agosfi retcod should now be a bit more meaningful - maybe not for all commands though
Thierry Parmentelat [Tue, 3 Jun 2014 14:54:05 +0000 (16:54 +0200)]
sfi retcod should now be a bit more meaningful - maybe not for all commands though
not quite sure how a returnvalue should be analyzed - see method 'success' here

10 years agomore accurate comment
Thierry Parmentelat [Mon, 2 Jun 2014 14:56:41 +0000 (16:56 +0200)]
more accurate comment

10 years agothis goes with previous commit
Thierry Parmentelat [Mon, 2 Jun 2014 14:56:23 +0000 (16:56 +0200)]
this goes with previous commit

10 years agodrop support for legacy credentials
Thierry Parmentelat [Mon, 2 Jun 2014 14:55:41 +0000 (16:55 +0200)]
drop support for legacy credentials

10 years agoSetting tag sfa-3.1-6 sfa-3.1-6
Thierry Parmentelat [Mon, 2 Jun 2014 08:09:39 +0000 (10:09 +0200)]
Setting tag sfa-3.1-6
iotlab driver: Allocate uses OAR
iotlab driver: using actual_caller_hrn

10 years agoiotlab driver: using actual_caller_hrn form options on Allocate call, allow the testb...
Loic Baron [Fri, 30 May 2014 15:55:38 +0000 (17:55 +0200)]
iotlab driver: using actual_caller_hrn form options on Allocate call, allow the testbed to know which of the users of the slice launched the call, works even with delegated creds

10 years agoMerge branch 'geni-v3' of http://git.onelab.eu/sfa into geni-v3
Loic Baron [Fri, 30 May 2014 15:00:15 +0000 (17:00 +0200)]
Merge branch 'geni-v3' of git.onelab.eu/sfa into geni-v3

10 years agoiotlab driver: updated the Allocate function to work with the iotlab testbed using OAR
Loic Baron [Fri, 30 May 2014 14:58:57 +0000 (16:58 +0200)]
iotlab driver: updated the Allocate function to work with the iotlab testbed using OAR

10 years agoSetting tag sfa-3.1-5 sfa-3.1-5
Thierry Parmentelat [Wed, 28 May 2014 22:28:50 +0000 (00:28 +0200)]
Setting tag sfa-3.1-5
Slice Manager is down by default
sfi renew -l/--as-long-as-possible and e.g. sfi renew <> +2[d|w|m]
also renew tries to find a max date for renewal instead of bailing out
sfaclientlib file names scheme keeps track of user as well as object for credentials
none fields get removed before sending over xmlrpc - partially for now
cleanup on time formats and - hopefully timezones
cleanup on speaking_for
Allocate passes actual_caller_hrn as part of options to driver
iotlab driver and leases
new modules abac_credential, credential_factory and speaksfor_util

10 years agodos2unix'ed abac_credential
Thierry Parmentelat [Wed, 28 May 2014 22:22:49 +0000 (00:22 +0200)]
dos2unix'ed abac_credential

10 years agooops this was meant in the previous commit
Thierry Parmentelat [Wed, 28 May 2014 15:49:17 +0000 (17:49 +0200)]
oops this was meant in the previous commit

10 years agoalways using utcnow on datetime objects
Thierry Parmentelat [Wed, 28 May 2014 15:41:29 +0000 (17:41 +0200)]
always using utcnow on datetime objects

10 years agosubstantial cleanup of the renew method and client
Thierry Parmentelat [Wed, 28 May 2014 14:37:46 +0000 (16:37 +0200)]
substantial cleanup of the renew method and client
* sfi -l aka --as-long-as-possible is supported in sfi
* sfi renew <> +2d / +3w / +4m is now working as well as the other time formats (int, rfc3339...)
* most importantly the final expiration time is trimmed to the min of credential expiration and max_slice_renewal, but goes on with these values instead of whining

10 years agoprovide an example to sfi renew help
Thierry Parmentelat [Wed, 28 May 2014 13:43:03 +0000 (15:43 +0200)]
provide an example to sfi renew help

10 years agomore helpful log line for Renew
Thierry Parmentelat [Wed, 28 May 2014 10:57:00 +0000 (12:57 +0200)]
more helpful log line for Renew

10 years agoremove duplicate log line
Thierry Parmentelat [Wed, 28 May 2014 10:52:06 +0000 (12:52 +0200)]
remove duplicate log line

10 years agodescribe now returns something so we can properly fetch the rspec in there
Thierry Parmentelat [Wed, 28 May 2014 10:30:56 +0000 (12:30 +0200)]
describe now returns something so we can properly fetch the rspec in there

10 years agoreview and clean up the speaks_for mess
Thierry Parmentelat [Wed, 28 May 2014 10:30:26 +0000 (12:30 +0200)]
review and clean up the speaks_for mess
some methods seem to need this addition too but for now I'd rather not mix both issues

10 years agoturn off slice manager by default
Thierry Parmentelat [Wed, 28 May 2014 08:36:35 +0000 (10:36 +0200)]
turn off slice manager by default

10 years agocosmetic again
Thierry Parmentelat [Wed, 28 May 2014 07:47:18 +0000 (09:47 +0200)]
cosmetic again

10 years agocosmetic, create a single Credential instance named the_credential
Thierry Parmentelat [Tue, 27 May 2014 20:48:18 +0000 (22:48 +0200)]
cosmetic, create a single Credential instance named the_credential

10 years agoCredential.actual_caller_hrn tries to find out who is really calling, for delegated...
Thierry Parmentelat [Tue, 27 May 2014 20:45:47 +0000 (22:45 +0200)]
Credential.actual_caller_hrn tries to find out who is really calling, for delegated credentials
Allocate takes advantage of this to pass options['actual_caller_hrn'] to its driver

10 years agoremove references to speaking_for_hrn
Tony Mack [Mon, 26 May 2014 21:30:08 +0000 (17:30 -0400)]
remove references to speaking_for_hrn

10 years agoanother attempts at working arouns the options issue
Thierry Parmentelat [Mon, 26 May 2014 11:05:31 +0000 (13:05 +0200)]
another attempts at working arouns the options issue

10 years agoundo woraround before we try something else
Thierry Parmentelat [Mon, 26 May 2014 11:05:15 +0000 (13:05 +0200)]
undo woraround before we try something else

10 years agoit is wrong and dangerous to define defaut arguments as a mutable like []
Thierry Parmentelat [Mon, 26 May 2014 09:48:50 +0000 (11:48 +0200)]
it is wrong and dangerous to define defaut arguments as a mutable like []

10 years agoworaround for undefined 'options' in checkCredentials
Thierry Parmentelat [Mon, 26 May 2014 09:48:06 +0000 (11:48 +0200)]
woraround for undefined 'options' in checkCredentials

10 years agoremove debug logging
Tony Mack [Fri, 23 May 2014 13:49:55 +0000 (09:49 -0400)]
remove debug logging

10 years agodeclare speaks_for_gid
Tony Mack [Fri, 23 May 2014 13:47:30 +0000 (09:47 -0400)]
declare speaks_for_gid

10 years agoMerge branch 'geni-v3' of ssh://git.onelab.eu/git/sfa into geni-v3
Saint-Marcel Frederic [Fri, 23 May 2014 09:44:55 +0000 (11:44 +0200)]
Merge branch 'geni-v3' of ssh://git.onelab.eu/git/sfa into geni-v3

10 years agoadd get_leases method with filter slice_hrn for listing leases in allocate method
Saint-Marcel Frederic [Fri, 23 May 2014 09:44:47 +0000 (11:44 +0200)]
add get_leases method with filter slice_hrn for listing leases in allocate method

10 years agobugfix when you submit many leases on same resources
Saint-Marcel Frederic [Fri, 23 May 2014 09:43:45 +0000 (11:43 +0200)]
bugfix when you submit many leases on same resources

10 years agodos2unix'ed
Thierry Parmentelat [Fri, 23 May 2014 06:29:04 +0000 (08:29 +0200)]
dos2unix'ed

10 years agocosmetic
Thierry Parmentelat [Fri, 23 May 2014 06:28:28 +0000 (08:28 +0200)]
cosmetic

10 years agopass options to auth.check
Tony Mack [Thu, 22 May 2014 02:37:46 +0000 (22:37 -0400)]
pass options to auth.check

10 years agofix speaks for auth
Tony Mack [Thu, 22 May 2014 02:33:08 +0000 (22:33 -0400)]
fix speaks for auth

10 years agofix speaks for auth
Tony Mack [Thu, 22 May 2014 02:32:25 +0000 (22:32 -0400)]
fix speaks for auth

10 years agofix speaks for auth
Tony Mack [Thu, 22 May 2014 02:31:36 +0000 (22:31 -0400)]
fix speaks for auth

10 years agobugfix when user has no key
Saint-Marcel Frederic [Tue, 20 May 2014 11:57:45 +0000 (13:57 +0200)]
bugfix when user has no key

10 years agoreview uses of strftime to use a common central date format sfatime.SFATIME_FORMAT
Thierry Parmentelat [Mon, 19 May 2014 14:56:58 +0000 (16:56 +0200)]
review uses of strftime to use a common central date format sfatime.SFATIME_FORMAT

10 years agoon Lucia's behalf : cleanup xmlrpc args that might have None values as this is not...
Thierry Parmentelat [Fri, 16 May 2014 09:10:39 +0000 (11:10 +0200)]
on Lucia's behalf : cleanup xmlrpc args that might have None values as this is not accepted on the emulab-based iminds server-side

10 years agochange naming scheme for credentials held by clientbootstrap (and thus sfi)
Thierry Parmentelat [Wed, 14 May 2014 12:16:23 +0000 (14:16 +0200)]
change naming scheme for credentials held by clientbootstrap (and thus sfi)
so that we can store credentials for different users, so that sfi -u works as expected

10 years agocosmetic
Thierry Parmentelat [Wed, 14 May 2014 11:54:41 +0000 (13:54 +0200)]
cosmetic

10 years agoSetting tag sfa-3.1-4 sfa-3.1-4
Thierry Parmentelat [Wed, 7 May 2014 01:31:24 +0000 (21:31 -0400)]
Setting tag sfa-3.1-4
for register and update, client is expected to set
reg-researchers rather than researcher
reg-pis rather than pi
although the old forms are still supported
renamed sfi add into sfi register (add still works)
sfaadmin to return a meaningful exit code when fails
fix for sfadump
plimporter to report and ignore person or slice without a hrn
add support for stuff like sfi update -t slice -x the.slice.hrn -r none

10 years agotypo in comment
Thierry Parmentelat [Mon, 5 May 2014 02:34:31 +0000 (22:34 -0400)]
typo in comment

10 years agojust repair indentations after renaming @args into @add_options
Thierry Parmentelat [Sun, 4 May 2014 20:58:55 +0000 (16:58 -0400)]
just repair indentations after renaming @args into @add_options

10 years agoalign internal name 'pis' -> 'reg_pis' in sfi.py
Thierry Parmentelat [Sun, 4 May 2014 20:41:50 +0000 (16:41 -0400)]
align internal name 'pis' -> 'reg_pis' in sfi.py

10 years agodeal with 'pi' vs 'reg-pis'
Thierry Parmentelat [Sun, 4 May 2014 20:37:25 +0000 (16:37 -0400)]
deal with 'pi' vs 'reg-pis'

10 years agomake the normalize function reusable
Thierry Parmentelat [Sun, 4 May 2014 20:34:52 +0000 (16:34 -0400)]
make the normalize function reusable

10 years agosimplify normalize_input_researcher
Thierry Parmentelat [Sun, 4 May 2014 20:26:07 +0000 (16:26 -0400)]
simplify normalize_input_researcher
nobody ever complained aobut this 'researchers' thing os let's keep things simple here

10 years agoreview the comment about normalizing input records in register/update
Thierry Parmentelat [Sun, 4 May 2014 20:24:44 +0000 (16:24 -0400)]
review the comment about normalizing input records in register/update

10 years agocleaning up
Thierry Parmentelat [Sun, 4 May 2014 06:32:31 +0000 (08:32 +0200)]
cleaning up

10 years agoit is dangerous to set defaults to mutable objects like [] or {}
Thierry Parmentelat [Wed, 30 Apr 2014 10:43:49 +0000 (12:43 +0200)]
it is dangerous to set defaults to mutable objects like [] or {}
plus, we don't actually use this

10 years agodescription was not passed to register
Thierry Parmentelat [Wed, 30 Apr 2014 10:38:34 +0000 (12:38 +0200)]
description was not passed to register
email was not passed to update
use consistent ordering

10 years agothrow 1 as an exit retcod when things go wrong
Thierry Parmentelat [Wed, 30 Apr 2014 10:02:25 +0000 (12:02 +0200)]
throw 1 as an exit retcod when things go wrong

10 years agosfaadmin to use reg-researchers as well
Thierry Parmentelat [Wed, 30 Apr 2014 09:56:27 +0000 (11:56 +0200)]
sfaadmin to use reg-researchers as well

10 years agouse more consistent names @args -> @add_options - internal 'options'->'add_options...
Thierry Parmentelat [Wed, 30 Apr 2014 09:47:25 +0000 (11:47 +0200)]
use more consistent names @args -> @add_options - internal 'options'->'add_options' as well

10 years agoreordered imports
Thierry Parmentelat [Wed, 30 Apr 2014 09:41:21 +0000 (11:41 +0200)]
reordered imports

10 years agofix sfi aliases - sfi add would not work
Thierry Parmentelat [Wed, 30 Apr 2014 09:12:11 +0000 (11:12 +0200)]
fix sfi aliases - sfi add would not work

10 years agosfi exit code non-0 if unknown command
Thierry Parmentelat [Wed, 30 Apr 2014 09:11:00 +0000 (11:11 +0200)]
sfi exit code non-0 if unknown command

10 years agodealing with reg-researchers vs researcher
Thierry Parmentelat [Tue, 29 Apr 2014 16:28:26 +0000 (18:28 +0200)]
dealing with reg-researchers vs researcher
register and update now expect 'reg-researchers' to be set
for legacy if instead we find 'researcher' (sic: singular) then we pretend it was 'reg-researchers'
not terribly nice but should work for that one relation, others to follow

10 years agono change, reviews comments
Thierry Parmentelat [Tue, 29 Apr 2014 14:27:07 +0000 (16:27 +0200)]
no change, reviews comments

10 years agoadd_option based on command canonical name, so sfi add can recognize e.g. -t user
Thierry Parmentelat [Tue, 29 Apr 2014 10:47:13 +0000 (12:47 +0200)]
add_option based on command canonical name, so sfi add can recognize e.g. -t user

10 years agomore room for args
Thierry Parmentelat [Tue, 29 Apr 2014 10:46:04 +0000 (12:46 +0200)]
more room for args

10 years agosupport for --researchers none so one can clean the set of users in a slice - mostly...
Thierry Parmentelat [Mon, 28 Apr 2014 16:17:47 +0000 (18:17 +0200)]
support for --researchers none so one can clean the set of users in a slice - mostly a convenience for tests

10 years agorename register_command into declare_command that is less confusing now that we have...
Thierry Parmentelat [Mon, 28 Apr 2014 16:16:38 +0000 (18:16 +0200)]
rename register_command into declare_command that is less confusing now that we have a register command

10 years agoadd a -n/--no-details option to sfi show;
Thierry Parmentelat [Mon, 28 Apr 2014 15:45:16 +0000 (17:45 +0200)]
add a -n/--no-details option to sfi show;
when provided Resolve is called with details=False, so we really get only the registry's view

10 years agocreate the ability to defein aliases within afi commands
Thierry Parmentelat [Mon, 28 Apr 2014 15:44:25 +0000 (17:44 +0200)]
create the ability to defein aliases within afi commands
so fomw now on 'register' is the official name for calling registry's Register
sfi add can still be used as an alias

10 years agofix make sync in test infra based on lxc containers
Thierry Parmentelat [Mon, 28 Apr 2014 15:22:23 +0000 (17:22 +0200)]
fix make sync in test infra based on lxc containers

10 years agosomehow we happen to have persons and slices without an hrn
Thierry Parmentelat [Thu, 17 Apr 2014 10:00:30 +0000 (12:00 +0200)]
somehow we happen to have persons and slices without an hrn
until we get this more properly fixed these currently get skipped so the process can get through

10 years agocosmetic change for more readable logs
Thierry Parmentelat [Thu, 17 Apr 2014 09:59:38 +0000 (11:59 +0200)]
cosmetic change for more readable logs

10 years agofix so that sfadump can be used to inspect gids and creds
Thierry Parmentelat [Tue, 15 Apr 2014 16:05:56 +0000 (18:05 +0200)]
fix so that sfadump can be used to inspect gids and creds

10 years agoQuick patch as the registry on PLE was returning
Thierry Parmentelat [Wed, 9 Apr 2014 15:57:19 +0000 (17:57 +0200)]
Quick patch as the registry on PLE was returning
'urn': 'urn:publicid:IDN++ple'
which broke manifold down the road
With this patch in place we now get
'urn': 'urn:publicid:IDN+ple+authority+sa’
instead which is already better

10 years agoSetting tag sfa-3.1-3 sfa-3.1-3
Thierry Parmentelat [Thu, 3 Apr 2014 14:41:54 +0000 (16:41 +0200)]
Setting tag sfa-3.1-3
fix for user hrn's that have a dash in their leaf
fix for names of GENI federates
fix for SFA_MAX_SLICE_RENEW

10 years agomagic for debugging in make
Thierry Parmentelat [Wed, 2 Apr 2014 17:35:35 +0000 (19:35 +0200)]
magic for debugging in make

10 years agowhen GetCredential is called with an explicit type, do not 'guess' that we might...
Thierry Parmentelat [Tue, 1 Apr 2014 08:19:32 +0000 (10:19 +0200)]
when GetCredential is called with an explicit type, do not 'guess' that we might be dealing with a sliver based on hrn leaf

10 years agocosmetic, access dbsession object only when needed
Thierry Parmentelat [Tue, 1 Apr 2014 08:18:27 +0000 (10:18 +0200)]
cosmetic, access dbsession object only when needed

10 years agotest boxes don't have the /rootfs/ path anymore
Thierry Parmentelat [Mon, 31 Mar 2014 13:26:11 +0000 (15:26 +0200)]
test boxes don't have the /rootfs/ path anymore

10 years agopl: we need to distinguish between local pl sites/slices and foreign ones coming...
Mohamed Larabi [Fri, 28 Mar 2014 15:47:56 +0000 (16:47 +0100)]
pl: we need to distinguish between local pl sites/slices and foreign ones coming from the federation

10 years agoDescribe(): no need to send None value in api_options
Mohamed Larabi [Fri, 28 Mar 2014 13:30:32 +0000 (14:30 +0100)]
Describe(): no need to send None value in api_options

10 years agov2_to_v3_adapter : record.sync() takes dbsession as an arg
Mohamed Larabi [Wed, 19 Mar 2014 11:11:19 +0000 (12:11 +0100)]
v2_to_v3_adapter : record.sync() takes dbsession as an arg

10 years agodummyaggregate: fix get_slivers()
Mohamed Larabi [Fri, 7 Mar 2014 14:50:53 +0000 (15:50 +0100)]
dummyaggregate: fix get_slivers()

10 years agodummy driver: typo fix
Mohamed Larabi [Fri, 7 Mar 2014 12:50:26 +0000 (13:50 +0100)]
dummy driver: typo fix

10 years agodont truncate login base
Tony Mack [Fri, 28 Feb 2014 19:44:24 +0000 (14:44 -0500)]
dont truncate login base

10 years agofix NameError
Tony Mack [Thu, 27 Feb 2014 14:13:18 +0000 (09:13 -0500)]
fix NameError

10 years agouse SFA_MAX_SLICE_RENEW instead of hardcoded value to determine the maximum days...
Tony Mack [Wed, 26 Feb 2014 00:20:51 +0000 (19:20 -0500)]
use SFA_MAX_SLICE_RENEW instead of hardcoded value to determine the maximum days a slice can be renewed

10 years agouse plxrn to process xrns
Tony Mack [Tue, 25 Feb 2014 15:17:10 +0000 (10:17 -0500)]
use plxrn to process xrns

10 years agofix regex in pl_login_base()
Tony Mack [Tue, 25 Feb 2014 15:13:31 +0000 (10:13 -0500)]
fix regex in pl_login_base()

10 years agoSetting tag sfa-3.1-2 sfa-3.1-2
Mohamed Larabi [Thu, 20 Feb 2014 13:17:54 +0000 (14:17 +0100)]
Setting tag sfa-3.1-2
-- Core
added support for geni_extend_alap (as long as possible) in RenewSliver.
adding support for geni_speaking_for option,
-- RSpecs
Add support for Ofelia OpenFlow RSpecs
-- PlanetLab
Set Admins as PI's of the top authority while importing.
-- IoTLab
Iotlab and cortexlab ported to geni-v3.
Moving methods using the SFA db and api object from Shell to Driver.
Propagating the changes in iotlabimporter, iotlabaggregate and iotlabslices.
Iotlab now using sfa database for the special table lease_table.
Using alchemy.py classes to create a session to the DB.
Cleaning and documenting.
Fix Allocate() API call
-- client
handle single slivers.
fix sfi.py version and trusted.
-- PlanetLab
handle single slivers by Provision(), Delete() and PerformOperationalAction().
fix foreign slices mgt in sliver_to_slice_xrn() and check_sliver_credentials().
wider mgt of new slice url and description.
-- Packaging
rename senslab package into iotlab.
don't package xml-builder anymore.
fix debian/ubuntu packaging.

10 years agoplimporter: use Site/Slice/Person HRN tags instead of calculating the HRN
Mohamed Larabi [Wed, 19 Feb 2014 15:26:27 +0000 (16:26 +0100)]
plimporter: use Site/Slice/Person HRN tags instead of calculating the HRN

10 years agohandle escape chars in hrn
Tony Mack [Mon, 17 Feb 2014 16:36:46 +0000 (11:36 -0500)]
handle escape chars in hrn

10 years agoMerge branch 'geni-v3' of ssh://git.onelab.eu/git/sfa into geni-v3
Loic Baron [Fri, 14 Feb 2014 16:30:49 +0000 (17:30 +0100)]
Merge branch 'geni-v3' of ssh://git.onelab.eu/git/sfa into geni-v3