[28/35] airavata git commit: AIRAVATA-2500 Thrift stub code generation
http://git-wip-us.apache.org/repos/asf/airavata/blob/3184c238/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/API/Airavata.php -- diff --git a/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/API/Airavata.php b/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/API/Airavata.php index 18bfcf5..c8976ba 100644 --- a/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/API/Airavata.php +++ b/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/API/Airavata.php @@ -3428,6 +3428,71 @@ interface AiravataIf { */ public function deleteGatewayStoragePreference(\Airavata\Model\Security\AuthzToken $authzToken, $gatewayID, $storageId); /** + * @param \Airavata\Model\Security\AuthzToken $authzToken + * @return \Airavata\Model\AppCatalog\AccountProvisioning\SSHAccountProvisioner[] + * @throws \Airavata\API\Error\InvalidRequestException + * @throws \Airavata\API\Error\AiravataClientException + * @throws \Airavata\API\Error\AiravataSystemException + * @throws \Airavata\API\Error\AuthorizationException + */ + public function getSSHAccountProvisioners(\Airavata\Model\Security\AuthzToken $authzToken); + /** + * Check if user has an SSH account on the given compute resource. This + * method will only work if the compute resource has an SSHAccountProvisioner configured for it. + * + * @param \Airavata\Model\Security\AuthzToken $authzToken + * @param string $computeResourceId + * @param string $userId + * @return bool + * @throws \Airavata\API\Error\InvalidRequestException + * @throws \Airavata\API\Error\AiravataClientException + * @throws \Airavata\API\Error\AiravataSystemException + * @throws \Airavata\API\Error\AuthorizationException + */ + public function doesUserHaveSSHAccount(\Airavata\Model\Security\AuthzToken $authzToken, $computeResourceId, $userId); + /** + * Setup and return a UserComputeResourcePreference object for this user to SSH into the given compute resource with + * the given SSH credential. This method will only work if the compute resource has an SSHAccountProvisioner + * configured for it. The returned UserComputeResourcePreference object is not saved; it is up to the client to + * call addUserComputeResourcePreference to persist it. + * + * @param \Airavata\Model\Security\AuthzToken $authzToken + * @param string $computeResourceId + * @param string $userId + * @param string $airavataCredStoreToken + * @return \Airavata\Model\AppCatalog\UserResourceProfile\UserComputeResourcePreference User specific preferences for a Computer Resource + * + * computeResourceId: + * Corelate the preference to a compute resource. + * + * + * loginUserName: + * If turned true, Airavata will override the preferences of better alternatives exist. + * + * + * preferredBatchQueue: + * Gateways can choose a defualt batch queue based on average job dimention, reservations or other metrics. + * + * scratchLocation: + * Path to the local scratch space on a HPC cluster. Typically used to create working directory for job execution. + * + * allocationProjectNumber: + * Typically used on HPC machines to charge computing usage to a account number. For instance, on XSEDE once an + *allocation is approved, an allocation number is assigned. Before passing this number with job submittions, the + *account to be used has to be added to the allocation. + * + * resourceSpecificCredentialStoreToken: + * Resource specific credential store token. If this token is specified, then it is superceeded by the gateway's + * default credential store. + * + * + * @throws \Airavata\API\Error\InvalidRequestException + * @throws \Airavata\API\Error\AiravataClientException + * @throws \Airavata\API\Error\AiravataSystemException + * @throws \Airavata\API\Error\AuthorizationException + */ + public function setupUserComputeResourcePreferencesForSSH(\Airavata\Model\Security\AuthzToken $authzToken, $computeResourceId, $userId, $airavataCredStoreToken); + /** * Register User Resource Profile. * * @param UserResourceProfile @@ -12720,6 +12785,200 @@ class AiravataClient implements \Airavata\API\AiravataIf { throw new \Exception("deleteGatewayStoragePreference failed: unknown result"); } + public function getSSHAccountProvisioners(\Airavata\Model\Security\AuthzToken $authzToken) + { +$this->send_getSSHAccountProvisioners($authzToken); +return $this->recv_getSSHAccountProvisioners(); + } + + public function send_getSSHAccountProvisioners(\Airavata\Model\Security\AuthzToken $authzToken) + { +$args = new \Airavata\API\Airavata_getSSHAccountProvisioners_args(); +$args->authzToken = $authzToken; +$bin_accel =
[17/35] airavata git commit: AIRAVATA-2500 Add creation of scratch location
AIRAVATA-2500 Add creation of scratch location Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/8c748c66 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/8c748c66 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/8c748c66 Branch: refs/heads/AIRAVATA-2500 Commit: 8c748c66b5f4c40847432b6abe5b1ca535188be9 Parents: 3d161b8 Author: Marcus ChristieAuthored: Wed Aug 23 17:19:05 2017 -0400 Committer: Marcus Christie Committed: Tue Sep 19 15:07:56 2017 -0400 -- .../accountprovisioning/SSHAccountManager.java | 11 ++- .../airavata/accountprovisioning/SSHUtil.java | 79 +++- 2 files changed, 84 insertions(+), 6 deletions(-) -- http://git-wip-us.apache.org/repos/asf/airavata/blob/8c748c66/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java -- diff --git a/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java b/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java index d565fe9..a56a632 100644 --- a/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java +++ b/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java @@ -34,6 +34,8 @@ import org.apache.airavata.registry.api.RegistryService; import org.apache.airavata.registry.api.client.RegistryServiceClientFactory; import org.apache.airavata.registry.api.exception.RegistryServiceException; import org.apache.thrift.TException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import java.util.HashMap; import java.util.List; @@ -43,6 +45,8 @@ import java.util.stream.Collectors; public class SSHAccountManager { +private final static Logger logger = LoggerFactory.getLogger(SSHAccountManager.class); + // TODO: change return type to one that returns some details of the SSH account setup, for example the scratch location public static void setupSSHAccount(String gatewayId, String computeResourceId, String username, SSHCredential sshCredential) { @@ -84,8 +88,9 @@ public class SSHAccountManager { // Install SSH key sshAccountProvisioner.installSSHKey(username, sshCredential.getPublicKey()); +// TODO: replace hard coded port 22 with port from SSHJobSubmission interface // Verify can authenticate to host -boolean validated = SSHUtil.validate(username, computeResourceDescription.getHostName(), 22, sshCredential); +boolean validated = SSHUtil.validate(computeResourceDescription.getHostName(), 22, username, sshCredential); if (!validated) { throw new RuntimeException("Failed to validate installation of key for [" + username + "] on [" + computeResourceDescription.getHostName() + "] using SSH Account Provisioner [" @@ -93,8 +98,10 @@ public class SSHAccountManager { } // create the scratch location on the host -// TODO: create the scratch location String scratchLocation = sshAccountProvisioner.getScratchLocation(username); +SSHUtil.execute(computeResourceDescription.getHostName(), 22, username, sshCredential, "mkdir -p " + scratchLocation); + +// TODO: return information about provisioned account } private static Map resolveProvisionerConfig(String gatewayId, String provisionerName, Map provisionerConfig) { http://git-wip-us.apache.org/repos/asf/airavata/blob/8c748c66/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHUtil.java -- diff --git a/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHUtil.java b/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHUtil.java index 4b5452a..2550270 100644 --- a/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHUtil.java +++ b/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHUtil.java @@ -20,12 +20,14 @@ package org.apache.airavata.accountprovisioning; -import com.jcraft.jsch.JSch; -import com.jcraft.jsch.JSchException; -import com.jcraft.jsch.Session; +import com.jcraft.jsch.*; import org.apache.airavata.model.credential.store.SSHCredential; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import java.io.ByteArrayOutputStream;
[12/35] airavata git commit: AIRAVATA-2500 SSHAccountManager: install SSH key and verify
AIRAVATA-2500 SSHAccountManager: install SSH key and verify Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/3d161b81 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/3d161b81 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/3d161b81 Branch: refs/heads/AIRAVATA-2500 Commit: 3d161b8161975be658259739047e36df3bd6ef38 Parents: 2a90139 Author: Marcus ChristieAuthored: Mon Aug 14 12:38:53 2017 -0400 Committer: Marcus Christie Committed: Tue Sep 19 15:07:56 2017 -0400 -- .../accountprovisioning/SSHAccountManager.java | 104 ++- .../airavata/accountprovisioning/SSHUtil.java | 83 +++ 2 files changed, 162 insertions(+), 25 deletions(-) -- http://git-wip-us.apache.org/repos/asf/airavata/blob/3d161b81/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java -- diff --git a/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java b/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java index dcb819b..d565fe9 100644 --- a/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java +++ b/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java @@ -25,43 +25,48 @@ import org.apache.airavata.common.utils.ServerSettings; import org.apache.airavata.credential.store.client.CredentialStoreClientFactory; import org.apache.airavata.credential.store.cpi.CredentialStoreService; import org.apache.airavata.credential.store.exception.CredentialStoreException; +import org.apache.airavata.model.appcatalog.accountprovisioning.SSHAccountProvisionerConfigParam; +import org.apache.airavata.model.appcatalog.computeresource.ComputeResourceDescription; +import org.apache.airavata.model.appcatalog.gatewayprofile.ComputeResourcePreference; import org.apache.airavata.model.credential.store.PasswordCredential; +import org.apache.airavata.model.credential.store.SSHCredential; import org.apache.airavata.registry.api.RegistryService; import org.apache.airavata.registry.api.client.RegistryServiceClientFactory; import org.apache.airavata.registry.api.exception.RegistryServiceException; import org.apache.thrift.TException; import java.util.HashMap; +import java.util.List; import java.util.Map; +import java.util.function.Function; +import java.util.stream.Collectors; public class SSHAccountManager { -// TODO: need private key too to verify -public static void setupSSHAccount(String gatewayId, String hostname, String username, String sshPublicKey) { - -// TODO: finish implementing +// TODO: change return type to one that returns some details of the SSH account setup, for example the scratch location +public static void setupSSHAccount(String gatewayId, String computeResourceId, String username, SSHCredential sshCredential) { // get compute resource preferences for the gateway and hostname +// TODO: close the registry service client transport when done with it +RegistryService.Client registryServiceClient = getRegistryServiceClient(); +ComputeResourcePreference computeResourcePreference = null; +ComputeResourceDescription computeResourceDescription = null; +try { +computeResourcePreference = registryServiceClient.getGatewayComputeResourcePreference(gatewayId, computeResourceId); +computeResourceDescription = registryServiceClient.getComputeResource(computeResourceId); +} catch(TException e) { +throw new RuntimeException(e); +} // get the account provisioner and config values for the preferences -String provisionerName = null; -Map provisionerConfig = null; - -CredentialStoreService.Client credentialStoreServiceClient = getCredentialStoreClient(); -// Resolve any CRED_STORE_PASSWORD_TOKEN config parameters to passwords -Map resolvedConfig = new HashMap<>(); -for (Map.Entry configEntry : provisionerConfig.entrySet() ) { -if (configEntry.getKey().getType() == ConfigParam.ConfigParamType.CRED_STORE_PASSWORD_TOKEN) { -try { -PasswordCredential password = credentialStoreServiceClient.getPasswordCredential(configEntry.getValue(), gatewayId); -resolvedConfig.put(configEntry.getKey(), password.getPassword()); -} catch (TException e) { -
[32/35] airavata git commit: AIRAVATA-2500 Thrift stub code generation
AIRAVATA-2500 Thrift stub code generation Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/fab19005 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/fab19005 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/fab19005 Branch: refs/heads/AIRAVATA-2500 Commit: fab19005af44bec99634aa5d9233948803428d16 Parents: 71d33ea Author: Marcus ChristieAuthored: Thu Sep 7 15:16:43 2017 -0400 Committer: Marcus Christie Committed: Tue Sep 19 15:08:05 2017 -0400 -- .../Model/AppCatalog/GatewayProfile/Types.php | 23 .../ComputeResourcePreference.java | 114 ++- 2 files changed, 133 insertions(+), 4 deletions(-) -- http://git-wip-us.apache.org/repos/asf/airavata/blob/fab19005/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/Model/AppCatalog/GatewayProfile/Types.php -- diff --git a/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/Model/AppCatalog/GatewayProfile/Types.php b/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/Model/AppCatalog/GatewayProfile/Types.php index da3071a..63e39bc 100644 --- a/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/Model/AppCatalog/GatewayProfile/Types.php +++ b/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/Model/AppCatalog/GatewayProfile/Types.php @@ -118,6 +118,10 @@ class ComputeResourcePreference { * @var array */ public $sshAccountProvisionerConfig = null; + /** + * @var string + */ + public $sshAccountProvisionerAdditionalInfo = null; public function __construct($vals=null) { if (!isset(self::$_TSPEC)) { @@ -194,6 +198,10 @@ class ComputeResourcePreference { 'type' => TType::STRING, ), ), +17 => array( + 'var' => 'sshAccountProvisionerAdditionalInfo', + 'type' => TType::STRING, + ), ); } if (is_array($vals)) { @@ -245,6 +253,9 @@ class ComputeResourcePreference { if (isset($vals['sshAccountProvisionerConfig'])) { $this->sshAccountProvisionerConfig = $vals['sshAccountProvisionerConfig']; } + if (isset($vals['sshAccountProvisionerAdditionalInfo'])) { +$this->sshAccountProvisionerAdditionalInfo = $vals['sshAccountProvisionerAdditionalInfo']; + } } } @@ -392,6 +403,13 @@ class ComputeResourcePreference { $xfer += $input->skip($ftype); } break; +case 17: + if ($ftype == TType::STRING) { +$xfer += $input->readString($this->sshAccountProvisionerAdditionalInfo); + } else { +$xfer += $input->skip($ftype); + } + break; default: $xfer += $input->skip($ftype); break; @@ -498,6 +516,11 @@ class ComputeResourcePreference { } $xfer += $output->writeFieldEnd(); } +if ($this->sshAccountProvisionerAdditionalInfo !== null) { + $xfer += $output->writeFieldBegin('sshAccountProvisionerAdditionalInfo', TType::STRING, 17); + $xfer += $output->writeString($this->sshAccountProvisionerAdditionalInfo); + $xfer += $output->writeFieldEnd(); +} $xfer += $output->writeFieldStop(); $xfer += $output->writeStructEnd(); return $xfer; http://git-wip-us.apache.org/repos/asf/airavata/blob/fab19005/airavata-api/airavata-data-models/src/main/java/org/apache/airavata/model/appcatalog/gatewayprofile/ComputeResourcePreference.java -- diff --git a/airavata-api/airavata-data-models/src/main/java/org/apache/airavata/model/appcatalog/gatewayprofile/ComputeResourcePreference.java b/airavata-api/airavata-data-models/src/main/java/org/apache/airavata/model/appcatalog/gatewayprofile/ComputeResourcePreference.java index 3edf60c..d758e9d 100644 --- a/airavata-api/airavata-data-models/src/main/java/org/apache/airavata/model/appcatalog/gatewayprofile/ComputeResourcePreference.java +++ b/airavata-api/airavata-data-models/src/main/java/org/apache/airavata/model/appcatalog/gatewayprofile/ComputeResourcePreference.java @@ -105,6 +105,7 @@ public class ComputeResourcePreference implements org.apache.thrift.TBase, SchemeFactory> schemes = new HashMap (); static { @@ -128,6 +129,7 @@ public class ComputeResourcePreference implements org.apache.thrift.TBase sshAccountProvisionerConfig; // optional + private String sshAccountProvisionerAdditionalInfo; // optional /** The set of fields this struct contains, along with convenience
[23/35] airavata git commit: AIRAVATA-2500 Implement API method to get provisioner metadata
AIRAVATA-2500 Implement API method to get provisioner metadata Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/643d35b3 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/643d35b3 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/643d35b3 Branch: refs/heads/AIRAVATA-2500 Commit: 643d35b3884d1014a47c3a1b50fc6580d0dabeb1 Parents: 469a7e7 Author: Marcus ChristieAuthored: Thu Sep 7 09:41:17 2017 -0400 Committer: Marcus Christie Committed: Tue Sep 19 15:07:57 2017 -0400 -- .../server/handler/AiravataServerHandler.java | 56 ++-- .../accountprovisioning/SSHAccountManager.java | 3 +- .../SSHAccountProvisioner.java | 10 ++-- .../SSHAccountProvisionerFactory.java | 14 ++--- .../SSHAccountProvisionerProvider.java | 3 +- .../IULdapSSHAccountProvisioner.java| 10 .../IULdapSSHAccountProvisionerProvider.java| 31 ++- .../SSHAccountProvisionerFactoryTest.java | 4 +- .../provisioner/TestSSHAccountProvisioner.java | 10 .../TestSSHAccountProvisionerProvider.java | 10 .../airavata-apis/airavata_api.thrift | 12 ++--- .../account_provisioning_model.thrift | 12 +++-- 12 files changed, 107 insertions(+), 68 deletions(-) -- http://git-wip-us.apache.org/repos/asf/airavata/blob/643d35b3/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java -- diff --git a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java b/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java index bb3f2c0..febb703 100644 --- a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java +++ b/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java @@ -19,7 +19,10 @@ */ package org.apache.airavata.api.server.handler; +import org.apache.airavata.accountprovisioning.ConfigParam; import org.apache.airavata.accountprovisioning.SSHAccountManager; +import org.apache.airavata.accountprovisioning.SSHAccountProvisionerFactory; +import org.apache.airavata.accountprovisioning.SSHAccountProvisionerProvider; import org.apache.airavata.api.Airavata; import org.apache.airavata.api.airavata_apiConstants; import org.apache.airavata.api.server.util.ThriftClientPool; @@ -38,6 +41,7 @@ import org.apache.airavata.messaging.core.Type; import org.apache.airavata.model.WorkflowModel; import org.apache.airavata.model.appcatalog.accountprovisioning.SSHAccountProvisioner; import org.apache.airavata.model.appcatalog.accountprovisioning.SSHAccountProvisionerConfigParam; +import org.apache.airavata.model.appcatalog.accountprovisioning.SSHAccountProvisionerConfigParamType; import org.apache.airavata.model.appcatalog.appdeployment.ApplicationDeploymentDescription; import org.apache.airavata.model.appcatalog.appdeployment.ApplicationModule; import org.apache.airavata.model.appcatalog.appinterface.ApplicationInterfaceDescription; @@ -3969,30 +3973,48 @@ public class AiravataServerHandler implements Airavata.Iface { @Override @SecurityCheck -public List getSSHAccountProvisionerNames(AuthzToken authzToken) throws InvalidRequestException, AiravataClientException, AiravataSystemException, AuthorizationException, TException { +public List getSSHAccountProvisioners(AuthzToken authzToken) throws InvalidRequestException, AiravataClientException, AiravataSystemException, AuthorizationException, TException { -// TODO: implement -return null; -} - -@Override -@SecurityCheck -public List getSSHAccountProvisionerConfigParams(AuthzToken authzToken, String provisionerName) throws InvalidRequestException, AiravataClientException, AiravataSystemException, AuthorizationException, TException { - -// TODO: implement -return null; +List sshAccountProvisioners = new ArrayList<>(); +List sshAccountProvisionerProviders = SSHAccountProvisionerFactory.getSSHAccountProvisionerProviders(); +for (SSHAccountProvisionerProvider provider : sshAccountProvisionerProviders) { +// TODO: Move this Thrift conversion to utility class +SSHAccountProvisioner sshAccountProvisioner = new SSHAccountProvisioner(); + sshAccountProvisioner.setCanCreateAccount(provider.canCreateAccount()); + sshAccountProvisioner.setCanInstallSSHKey(provider.canInstallSSHKey()); +
[19/35] airavata git commit: AIRAVATA-2500 Persist SSH account provisioner and config
AIRAVATA-2500 Persist SSH account provisioner and config Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/ac2823a6 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/ac2823a6 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/ac2823a6 Branch: refs/heads/AIRAVATA-2500 Commit: ac2823a604abca6e0db6314dd7658c1325bb94c3 Parents: 722aabd Author: Marcus ChristieAuthored: Fri Sep 1 12:33:40 2017 -0400 Committer: Marcus Christie Committed: Tue Sep 19 15:07:56 2017 -0400 -- .../accountprovisioning/SSHAccountManager.java | 5 +- .../catalog/impl/GwyResourceProfileImpl.java| 10 ++ .../model/ComputeResourcePreference.java| 31 +-- .../SSHAccountProvisionerConfiguration.java | 98 .../SSHAccountProvisionerConfigurationPK.java | 57 .../ComputeHostPreferenceResource.java | 50 +++--- .../app/catalog/util/AppCatalogJPAUtils.java| 8 ++ .../util/AppCatalogThriftConversion.java| 8 +- .../src/main/resources/META-INF/persistence.xml | 1 + .../src/main/resources/appcatalog-derby.sql | 11 +++ .../src/main/resources/appcatalog-mysql.sql | 13 ++- .../DeltaScripts/appCatalog_schema_delta.sql| 31 +++ .../gateway_resource_profile_model.thrift | 2 +- 13 files changed, 300 insertions(+), 25 deletions(-) -- http://git-wip-us.apache.org/repos/asf/airavata/blob/ac2823a6/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java -- diff --git a/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java b/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java index f9ed22a..74c0dd2 100644 --- a/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java +++ b/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java @@ -25,7 +25,6 @@ import org.apache.airavata.common.utils.ServerSettings; import org.apache.airavata.credential.store.client.CredentialStoreClientFactory; import org.apache.airavata.credential.store.cpi.CredentialStoreService; import org.apache.airavata.credential.store.exception.CredentialStoreException; -import org.apache.airavata.model.appcatalog.accountprovisioning.SSHAccountProvisionerConfigParam; import org.apache.airavata.model.appcatalog.computeresource.ComputeResourceDescription; import org.apache.airavata.model.appcatalog.computeresource.JobSubmissionInterface; import org.apache.airavata.model.appcatalog.computeresource.JobSubmissionProtocol; @@ -181,11 +180,11 @@ public class SSHAccountManager { } } -private static Map convertConfigParams(String provisionerName, Map thriftConfigParams) { +private static Map convertConfigParams(String provisionerName, Map thriftConfigParams) { List configParams = SSHAccountProvisionerFactory.getSSHAccountProvisionerConfigParams(provisionerName); Map configParamMap = configParams.stream().collect(Collectors.toMap(ConfigParam::getName, Function.identity())); -return thriftConfigParams.entrySet().stream().collect(Collectors.toMap(entry -> configParamMap.get(entry.getKey().getName()), entry -> entry.getValue())); +return thriftConfigParams.entrySet().stream().collect(Collectors.toMap(entry -> configParamMap.get(entry.getKey()), entry -> entry.getValue())); } private static RegistryService.Client getRegistryServiceClient() { http://git-wip-us.apache.org/repos/asf/airavata/blob/ac2823a6/modules/registry/registry-core/src/main/java/org/apache/airavata/registry/core/app/catalog/impl/GwyResourceProfileImpl.java -- diff --git a/modules/registry/registry-core/src/main/java/org/apache/airavata/registry/core/app/catalog/impl/GwyResourceProfileImpl.java b/modules/registry/registry-core/src/main/java/org/apache/airavata/registry/core/app/catalog/impl/GwyResourceProfileImpl.java index ccfb08a..78a6f0f 100644 --- a/modules/registry/registry-core/src/main/java/org/apache/airavata/registry/core/app/catalog/impl/GwyResourceProfileImpl.java +++ b/modules/registry/registry-core/src/main/java/org/apache/airavata/registry/core/app/catalog/impl/GwyResourceProfileImpl.java @@ -89,6 +89,11 @@ public class GwyResourceProfileImpl implements GwyResourceProfile { if
[16/35] airavata git commit: AIRAVATA-2500 Finish implementing SSHAccountManager
AIRAVATA-2500 Finish implementing SSHAccountManager Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/0d1e90f6 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/0d1e90f6 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/0d1e90f6 Branch: refs/heads/AIRAVATA-2500 Commit: 0d1e90f612831337588867f2589819eefcadde0a Parents: 8c748c6 Author: Marcus ChristieAuthored: Thu Aug 24 14:23:10 2017 -0400 Committer: Marcus Christie Committed: Tue Sep 19 15:07:56 2017 -0400 -- .../accountprovisioning/SSHAccountManager.java | 41 ++-- 1 file changed, 30 insertions(+), 11 deletions(-) -- http://git-wip-us.apache.org/repos/asf/airavata/blob/0d1e90f6/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java -- diff --git a/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java b/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java index a56a632..ec7cfc1 100644 --- a/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java +++ b/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java @@ -27,7 +27,11 @@ import org.apache.airavata.credential.store.cpi.CredentialStoreService; import org.apache.airavata.credential.store.exception.CredentialStoreException; import org.apache.airavata.model.appcatalog.accountprovisioning.SSHAccountProvisionerConfigParam; import org.apache.airavata.model.appcatalog.computeresource.ComputeResourceDescription; +import org.apache.airavata.model.appcatalog.computeresource.JobSubmissionInterface; +import org.apache.airavata.model.appcatalog.computeresource.JobSubmissionProtocol; +import org.apache.airavata.model.appcatalog.computeresource.SSHJobSubmission; import org.apache.airavata.model.appcatalog.gatewayprofile.ComputeResourcePreference; +import org.apache.airavata.model.appcatalog.userresourceprofile.UserComputeResourcePreference; import org.apache.airavata.model.credential.store.PasswordCredential; import org.apache.airavata.model.credential.store.SSHCredential; import org.apache.airavata.registry.api.RegistryService; @@ -47,24 +51,37 @@ public class SSHAccountManager { private final static Logger logger = LoggerFactory.getLogger(SSHAccountManager.class); -// TODO: change return type to one that returns some details of the SSH account setup, for example the scratch location -public static void setupSSHAccount(String gatewayId, String computeResourceId, String username, SSHCredential sshCredential) { +public static UserComputeResourcePreference setupSSHAccount(String gatewayId, String computeResourceId, String username, SSHCredential sshCredential) { // get compute resource preferences for the gateway and hostname -// TODO: close the registry service client transport when done with it RegistryService.Client registryServiceClient = getRegistryServiceClient(); ComputeResourcePreference computeResourcePreference = null; ComputeResourceDescription computeResourceDescription = null; +SSHJobSubmission sshJobSubmission = null; try { computeResourcePreference = registryServiceClient.getGatewayComputeResourcePreference(gatewayId, computeResourceId); computeResourceDescription = registryServiceClient.getComputeResource(computeResourceId); +// Find the SSHJobSubmission +for (JobSubmissionInterface jobSubmissionInterface : computeResourceDescription.getJobSubmissionInterfaces()) { +if (jobSubmissionInterface.getJobSubmissionProtocol() == JobSubmissionProtocol.SSH) { +sshJobSubmission = registryServiceClient.getSSHJobSubmission(jobSubmissionInterface.getJobSubmissionInterfaceId()); +break; +} +} } catch(TException e) { throw new RuntimeException(e); +} finally { +if (registryServiceClient.getInputProtocol().getTransport().isOpen()) { + registryServiceClient.getInputProtocol().getTransport().close(); +} +} + +if (sshJobSubmission == null) { +throw new RuntimeException("Compute resource [" + computeResourceId + "] does not have an SSH Job Submission interface."); } // get the account provisioner and config values for the preferences if (!computeResourcePreference.isSetSshAccountProvisioner()) { -
[04/35] airavata git commit: Added IU Geology Survey Group gateway directory vara.yml
Added IU Geology Survey Group gateway directory vara.yml Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/862c25be Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/862c25be Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/862c25be Branch: refs/heads/AIRAVATA-2500 Commit: 862c25be80db341369c40781ea8d3f531eb76bfd Parents: 2f471d1 Author: Eroma AbeysingheAuthored: Mon Aug 14 16:41:52 2017 -0400 Committer: Eroma Abeysinghe Committed: Mon Aug 14 16:41:52 2017 -0400 -- .../production/pga_config/iugeosurvey/vars.yml | 61 1 file changed, 61 insertions(+) -- http://git-wip-us.apache.org/repos/asf/airavata/blob/862c25be/dev-tools/ansible/inventories/scigap/production/pga_config/iugeosurvey/vars.yml -- diff --git a/dev-tools/ansible/inventories/scigap/production/pga_config/iugeosurvey/vars.yml b/dev-tools/ansible/inventories/scigap/production/pga_config/iugeosurvey/vars.yml new file mode 100644 index 000..bbbaf31 --- /dev/null +++ b/dev-tools/ansible/inventories/scigap/production/pga_config/iugeosurvey/vars.yml @@ -0,0 +1,61 @@ +# +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# + +--- +pga_repo: "https://github.com/apache/airavata-php-gateway.git; +git_branch: "master" +user: "pga" +group: "pga" +doc_root_dir: "/var/www/portals/{{ gateway_id }}" +vhost_servername: "geosurveyiu.scigap.org" +vhost_ssl: true +# TODO: have Ansible manage these files as well +ssl_certificate_file: "/etc/letsencrypt/live/geosurveyiu.scigap.org/cert.pem" +ssl_certificate_chain_file: "/etc/letsencrypt/live/geosurveyiu.scigap.org/fullchain.pem" +ssl_certificate_key_file: "/etc/letsencrypt/live/geosurveyiu.scigap.org/privkey.pem" + +## Keycloak related variables +tenant_domain: "{{ gateway_id }}" +admin_username: "admin" +admin_password: "{{ vault_admin_password }}" +oauth_client_key: "{{ vault_oauth_client_key }}" +oauth_client_secret: "{{ vault_oauth_client_secret }}" +oidc_discovery_url: "https://iam.scigap.org/auth/realms/{{ tenant_domain }}/.well-known/openid-configuration" + +auth_options: + - name: "IU Geology Survey" +oauth_grant_type: "password" +oauth_callback_url: "https://{{ vhost_servername }}/callback-url" + +gateway_id: "iu-geology-survey" +# relative to document root dir +experiment_data_dir: "{{ user_data_dir }}/{{ gateway_id }}" +gateway_data_store_resource_id: "gf4.ucs.indiana.edu_61552681-96f0-462a-a36c-a62a010bffc6" +#gateway_data_store_ssh_public_key: "ssh-rsa B3NzaC1yc2EDAQABAAABAQDEuA1indjdczBXg2qrmD0bB0QfKq0u2q3o25DegTaty5LoogW+APEvXmwc2g6PzkM75MgfMsTErMQaQ3/PoElADQKg2/NePz05YWobn9zrPZFeRWfOqWMjFDx72cffHKBzgnahFDBlR/YJhf4IZJ+EOA1zMiMF2oZQmEYQtbQFhbKPF+jrScEQeuXVuXWSS2sKNAVKj3pY4kmi9kEOYELee/O6ghBUfrVhB95vDKJPgmQSuo3pgkLRdflTBSAQ54UchwjXi2RA9Xv0RXJF/JyyRGn6bSbRxYhsm5RJeiBVj4ua7p2b36rSYVqtVsTKEonx5kYdKzwyjJXWpjB2KtQp" + +## Portal related variables +super_admin_portal: "false" +admin_emails: "['sgrc-iu-gr...@iu.edu','wangy...@indiana.edu']" +portal_email_username: "pga.airav...@gmail.com" +portal_email_password: "{{ vault_portal_email_password }}" +#portal_theme: "gsu-gateway-theme" +#portal_theme_repo: "https://github.com/SciGaP/gsu-gateway-theme; +portal_title: "IU Geology Survey" +...
[20/35] airavata git commit: AIRAVATA-2500: generated Thrift stub code
http://git-wip-us.apache.org/repos/asf/airavata/blob/722aabd4/airavata-api/airavata-data-models/src/main/java/org/apache/airavata/model/appcatalog/accountprovisioning/SSHAccountProvisioner.java -- diff --git a/airavata-api/airavata-data-models/src/main/java/org/apache/airavata/model/appcatalog/accountprovisioning/SSHAccountProvisioner.java b/airavata-api/airavata-data-models/src/main/java/org/apache/airavata/model/appcatalog/accountprovisioning/SSHAccountProvisioner.java new file mode 100644 index 000..fb0a965 --- /dev/null +++ b/airavata-api/airavata-data-models/src/main/java/org/apache/airavata/model/appcatalog/accountprovisioning/SSHAccountProvisioner.java @@ -0,0 +1,600 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * Autogenerated by Thrift Compiler (0.9.3) + * + * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING + * @generated + */ +package org.apache.airavata.model.appcatalog.accountprovisioning; + +import org.apache.thrift.scheme.IScheme; +import org.apache.thrift.scheme.SchemeFactory; +import org.apache.thrift.scheme.StandardScheme; + +import org.apache.thrift.scheme.TupleScheme; +import org.apache.thrift.protocol.TTupleProtocol; +import org.apache.thrift.protocol.TProtocolException; +import org.apache.thrift.EncodingUtils; +import org.apache.thrift.TException; +import org.apache.thrift.async.AsyncMethodCallback; +import org.apache.thrift.server.AbstractNonblockingServer.*; +import java.util.List; +import java.util.ArrayList; +import java.util.Map; +import java.util.HashMap; +import java.util.EnumMap; +import java.util.Set; +import java.util.HashSet; +import java.util.EnumSet; +import java.util.Collections; +import java.util.BitSet; +import java.nio.ByteBuffer; +import java.util.Arrays; +import javax.annotation.Generated; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"}) +@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)") +public class SSHAccountProvisioner implements org.apache.thrift.TBase, java.io.Serializable, Cloneable, Comparable { + private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("SSHAccountProvisioner"); + + private static final org.apache.thrift.protocol.TField NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("name", org.apache.thrift.protocol.TType.STRING, (short)1); + private static final org.apache.thrift.protocol.TField CAN_CREATE_ACCOUNT_FIELD_DESC = new org.apache.thrift.protocol.TField("canCreateAccount", org.apache.thrift.protocol.TType.BOOL, (short)2); + private static final org.apache.thrift.protocol.TField CAN_INSTALL_SSHKEY_FIELD_DESC = new org.apache.thrift.protocol.TField("canInstallSSHKey", org.apache.thrift.protocol.TType.BOOL, (short)3); + + private static final Map schemes = new HashMap (); + static { +schemes.put(StandardScheme.class, new SSHAccountProvisionerStandardSchemeFactory()); +schemes.put(TupleScheme.class, new SSHAccountProvisionerTupleSchemeFactory()); + } + + private String name; // required + private boolean canCreateAccount; // required + private boolean canInstallSSHKey; // required + + /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */ + public enum _Fields implements org.apache.thrift.TFieldIdEnum { +NAME((short)1, "name"), +CAN_CREATE_ACCOUNT((short)2, "canCreateAccount"), +CAN_INSTALL_SSHKEY((short)3, "canInstallSSHKey"); + +private static final Map byName = new HashMap (); + +static { + for (_Fields field : EnumSet.allOf(_Fields.class)) { +byName.put(field.getFieldName(), field); + } +} + +/** + * Find the _Fields constant that matches fieldId, or null if its not found. + */ +public static _Fields findByThriftId(int fieldId) { + switch(fieldId) { +case 1: // NAME + return NAME; +case 2: // CAN_CREATE_ACCOUNT + return
[24/35] airavata git commit: AIRAVATA-2500 Thrift stub generation
http://git-wip-us.apache.org/repos/asf/airavata/blob/469a7e79/airavata-api/airavata-data-models/src/main/java/org/apache/airavata/model/appcatalog/gatewayprofile/ComputeResourcePreference.java -- diff --git a/airavata-api/airavata-data-models/src/main/java/org/apache/airavata/model/appcatalog/gatewayprofile/ComputeResourcePreference.java b/airavata-api/airavata-data-models/src/main/java/org/apache/airavata/model/appcatalog/gatewayprofile/ComputeResourcePreference.java index 0d52abb..5601424 100644 --- a/airavata-api/airavata-data-models/src/main/java/org/apache/airavata/model/appcatalog/gatewayprofile/ComputeResourcePreference.java +++ b/airavata-api/airavata-data-models/src/main/java/org/apache/airavata/model/appcatalog/gatewayprofile/ComputeResourcePreference.java @@ -23,32 +23,15 @@ */ package org.apache.airavata.model.appcatalog.gatewayprofile; +import org.apache.thrift.EncodingUtils; +import org.apache.thrift.protocol.TTupleProtocol; import org.apache.thrift.scheme.IScheme; import org.apache.thrift.scheme.SchemeFactory; import org.apache.thrift.scheme.StandardScheme; - import org.apache.thrift.scheme.TupleScheme; -import org.apache.thrift.protocol.TTupleProtocol; -import org.apache.thrift.protocol.TProtocolException; -import org.apache.thrift.EncodingUtils; -import org.apache.thrift.TException; -import org.apache.thrift.async.AsyncMethodCallback; -import org.apache.thrift.server.AbstractNonblockingServer.*; -import java.util.List; -import java.util.ArrayList; -import java.util.Map; -import java.util.HashMap; -import java.util.EnumMap; -import java.util.Set; -import java.util.HashSet; -import java.util.EnumSet; -import java.util.Collections; -import java.util.BitSet; -import java.nio.ByteBuffer; -import java.util.Arrays; + import javax.annotation.Generated; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; +import java.util.*; @SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"}) /** @@ -127,7 +110,7 @@ public class ComputeResourcePreference implements org.apache.thrift.TBase sshAccountProvisionerConfig; // optional + private MapsshAccountProvisionerConfig; // optional /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */ public enum _Fields implements org.apache.thrift.TFieldIdEnum { @@ -281,7 +264,7 @@ public class ComputeResourcePreference implements org.apache.thrift.TBase __this__sshAccountProvisionerConfig = new HashMap (other.sshAccountProvisionerConfig.size()); - for (Map.Entry other_element : other.sshAccountProvisionerConfig.entrySet()) { - - org.apache.airavata.model.appcatalog.accountprovisioning.SSHAccountProvisionerConfigParam other_element_key = other_element.getKey(); -String other_element_value = other_element.getValue(); - - org.apache.airavata.model.appcatalog.accountprovisioning.SSHAccountProvisionerConfigParam __this__sshAccountProvisionerConfig_copy_key = new org.apache.airavata.model.appcatalog.accountprovisioning.SSHAccountProvisionerConfigParam(other_element_key); - -String __this__sshAccountProvisionerConfig_copy_value = other_element_value; - - __this__sshAccountProvisionerConfig.put(__this__sshAccountProvisionerConfig_copy_key, __this__sshAccountProvisionerConfig_copy_value); - } + Map __this__sshAccountProvisionerConfig = new HashMap (other.sshAccountProvisionerConfig); this.sshAccountProvisionerConfig = __this__sshAccountProvisionerConfig; } } @@ -752,18 +724,18 @@ public class ComputeResourcePreference implements org.apache.thrift.TBase(); + this.sshAccountProvisionerConfig = new HashMap (); } this.sshAccountProvisionerConfig.put(key, val); } - public Map getSshAccountProvisionerConfig() { + public Map getSshAccountProvisionerConfig() { return this.sshAccountProvisionerConfig; } - public void setSshAccountProvisionerConfig(Map sshAccountProvisionerConfig) { + public void setSshAccountProvisionerConfig(Map sshAccountProvisionerConfig) { this.sshAccountProvisionerConfig = sshAccountProvisionerConfig; } @@ -908,7 +880,7 @@ public class ComputeResourcePreference implements org.apache.thrift.TBase)value); +setSshAccountProvisionerConfig((Map )value); } break; @@ -1767,13 +1739,12 @@ public class ComputeResourcePreference implements
[21/35] airavata git commit: AIRAVATA-2500: generated Thrift stub code
http://git-wip-us.apache.org/repos/asf/airavata/blob/722aabd4/airavata-api/airavata-api-stubs/src/main/java/org/apache/airavata/api/Airavata.java -- diff --git a/airavata-api/airavata-api-stubs/src/main/java/org/apache/airavata/api/Airavata.java b/airavata-api/airavata-api-stubs/src/main/java/org/apache/airavata/api/Airavata.java index 851f96e..6214caf 100644 --- a/airavata-api/airavata-api-stubs/src/main/java/org/apache/airavata/api/Airavata.java +++ b/airavata-api/airavata-api-stubs/src/main/java/org/apache/airavata/api/Airavata.java @@ -2621,11 +2621,34 @@ public class Airavata { */ public boolean deleteGatewayStoragePreference(org.apache.airavata.model.security.AuthzToken authzToken, String gatewayID, String storageId) throws org.apache.airavata.model.error.InvalidRequestException, org.apache.airavata.model.error.AiravataClientException, org.apache.airavata.model.error.AiravataSystemException, org.apache.airavata.model.error.AuthorizationException, org.apache.thrift.TException; -public List getSSHAccountProvisionerNames(org.apache.airavata.model.security.AuthzToken authzToken) throws org.apache.airavata.model.error.InvalidRequestException, org.apache.airavata.model.error.AiravataClientException, org.apache.airavata.model.error.AiravataSystemException, org.apache.airavata.model.error.AuthorizationException, org.apache.thrift.TException; +public List getSSHAccountProvisionerNames(org.apache.airavata.model.security.AuthzToken authzToken) throws org.apache.airavata.model.error.InvalidRequestException, org.apache.airavata.model.error.AiravataClientException, org.apache.airavata.model.error.AiravataSystemException, org.apache.airavata.model.error.AuthorizationException, org.apache.thrift.TException; public List getSSHAccountProvisionerConfigParams(org.apache.airavata.model.security.AuthzToken authzToken, String provisionerName) throws org.apache.airavata.model.error.InvalidRequestException, org.apache.airavata.model.error.AiravataClientException, org.apache.airavata.model.error.AiravataSystemException, org.apache.airavata.model.error.AuthorizationException, org.apache.thrift.TException; /** + * Setup and return a UserComputeResourcePreference object for this user to SSH into the given compute resource with + * the given SSH credential. This method will only work if the compute resource has an SSHAccountProvisioner + * configured for it. The returned UserComputeResourcePreference object is not saved; it is up to the client to + * call addUserComputeResourcePreference to persist it. + * + * @param authzToken + * @param computeResourceId + * @param username + * @param airavataCredStoreToken + */ +public org.apache.airavata.model.appcatalog.userresourceprofile.UserComputeResourcePreference setupUserComputeResourcePreferencesForSSH(org.apache.airavata.model.security.AuthzToken authzToken, String computeResourceId, String username, String airavataCredStoreToken) throws org.apache.airavata.model.error.InvalidRequestException, org.apache.airavata.model.error.AiravataClientException, org.apache.airavata.model.error.AiravataSystemException, org.apache.airavata.model.error.AuthorizationException, org.apache.thrift.TException; + +/** + * Check if user has an SSH account on the given compute resource. This + * method will only work if the compute resource has an SSHAccountProvisioner configured for it. + * + * @param authzToken + * @param computeResourceId + * @param username + */ +public boolean doesUserHaveSSHAccount(org.apache.airavata.model.security.AuthzToken authzToken, String computeResourceId, String username) throws org.apache.airavata.model.error.InvalidRequestException, org.apache.airavata.model.error.AiravataClientException, org.apache.airavata.model.error.AiravataSystemException, org.apache.airavata.model.error.AuthorizationException, org.apache.thrift.TException; + +/** * Register User Resource Profile. * * @param UserResourceProfile @@ -3299,6 +3322,10 @@ public class Airavata { public void getSSHAccountProvisionerConfigParams(org.apache.airavata.model.security.AuthzToken authzToken, String provisionerName, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException; +public void setupUserComputeResourcePreferencesForSSH(org.apache.airavata.model.security.AuthzToken authzToken, String computeResourceId, String username, String airavataCredStoreToken, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException; + +public void doesUserHaveSSHAccount(org.apache.airavata.model.security.AuthzToken authzToken, String computeResourceId, String username, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException; +
[30/35] airavata git commit: AIRAVATA-2500 Thrift stub code generation
AIRAVATA-2500 Thrift stub code generation Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/3184c238 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/3184c238 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/3184c238 Branch: refs/heads/AIRAVATA-2500 Commit: 3184c23874cf15aef991859bbb87b9d1e0892f9d Parents: 643d35b Author: Marcus ChristieAuthored: Thu Sep 7 09:42:32 2017 -0400 Committer: Marcus Christie Committed: Tue Sep 19 15:08:05 2017 -0400 -- .../java/org/apache/airavata/api/Airavata.java | 36866 - .../resources/lib/Airavata/API/Airavata.php | 8436 ++-- .../Model/AppCatalog/GatewayProfile/Types.php | 120 +- .../SSHAccountProvisioner.java | 159 +- .../ComputeResourcePreference.java |25 +- 5 files changed, 22774 insertions(+), 22832 deletions(-) --
[31/35] airavata git commit: Integrate IULdapSSHAccountProvisioner with fixes
Integrate IULdapSSHAccountProvisioner with fixes Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/74371129 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/74371129 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/74371129 Branch: refs/heads/AIRAVATA-2500 Commit: 743711290ee07336005ee7a4d023cdce5325a6f6 Parents: 1c2ab27 Author: Marcus ChristieAuthored: Mon Sep 18 15:12:16 2017 -0400 Committer: Marcus Christie Committed: Tue Sep 19 15:08:05 2017 -0400 -- .../IULdapSSHAccountProvisioner.java| 242 ++- .../IULdapSSHAccountProvisionerProvider.java| 47 ++-- .../SSHAccountProvisionerFactoryTest.java | 4 - .../TestSSHAccountProvisionerProvider.java | 2 +- 4 files changed, 153 insertions(+), 142 deletions(-) -- http://git-wip-us.apache.org/repos/asf/airavata/blob/74371129/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/provisioner/IULdapSSHAccountProvisioner.java -- diff --git a/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/provisioner/IULdapSSHAccountProvisioner.java b/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/provisioner/IULdapSSHAccountProvisioner.java index 331c01c..d0c204f 100644 --- a/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/provisioner/IULdapSSHAccountProvisioner.java +++ b/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/provisioner/IULdapSSHAccountProvisioner.java @@ -21,152 +21,158 @@ package org.apache.airavata.accountprovisioning.provisioner; import org.apache.airavata.accountprovisioning.ConfigParam; +import org.apache.airavata.accountprovisioning.SSHAccountManager; import org.apache.airavata.accountprovisioning.SSHAccountProvisioner; -import org.apache.directory.api.ldap.model.cursor.CursorException; -import org.apache.directory.ldap.client.api.*; -import org.apache.directory.api.ldap.model.cursor.EntryCursor; -import org.apache.directory.api.ldap.model.entry.Attribute; +import org.apache.directory.api.ldap.model.entry.DefaultAttribute; import org.apache.directory.api.ldap.model.entry.Entry; -import org.apache.directory.api.ldap.model.entry.Modification; -import org.apache.directory.api.ldap.model.entry.DefaultEntry; +import org.apache.directory.api.ldap.model.entry.ModificationOperation; import org.apache.directory.api.ldap.model.exception.LdapException; -import org.apache.directory.api.ldap.model.message.SearchScope; -import org.apache.directory.api.ldap.model.message.DeleteResponse; +import org.apache.directory.api.ldap.model.message.ModifyRequest; +import org.apache.directory.api.ldap.model.message.ModifyRequestImpl; +import org.apache.directory.api.ldap.model.message.ModifyResponse; import org.apache.directory.api.ldap.model.message.ResultCodeEnum; -import org.junit.Assert; +import org.apache.directory.api.ldap.model.name.Dn; +import org.apache.directory.ldap.client.api.LdapConnection; +import org.apache.directory.ldap.client.api.LdapNetworkConnection; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.io.IOException; +import java.util.HashMap; import java.util.Map; -import java.util.List; +import java.util.function.Function; public class IULdapSSHAccountProvisioner implements SSHAccountProvisioner { -String ldaphost, adminDN, ldap_username, ldap_password, adminPass, ldapBaseDN; -int ldapport, ldapPortId; -LdapConnection connection; +private final static Logger logger = LoggerFactory.getLogger(SSHAccountManager.class); +public static final String LDAP_PUBLIC_KEY_OBJECT_CLASS = "ldapPublicKey"; +public static final String SSH_PUBLIC_KEY_ATTRIBUTE_NAME = "sshPublicKey"; + +private String ldapHost, ldapUsername, ldapPassword, ldapBaseDN, canonicalScratchLocation; +private int ldapPort; @Override public void init(Map config) { -// TODO: implement -ldapServerName = config.get(new ConfigParam("ldaphost"));//"bazooka.hps.iu.edu" -ldapPortId = config.get(new ConfigParam("ldapport"));//"636" -ldap_username = config.get(new ConfigParam("ldap_username"));//"cn=sgrcusr" -ldap_password = config.get(new ConfigParam("ldap_password"));//"lore footwork engorge" -ldapBaseDN = config.get(new ConfigParam( "ldapBaseDN" ));//"dc=rt,dc=iu,dc=edu" -try { -connection = new LdapNetworkConnection(ldaphost, ldapport, true); - - -System.out.println( "binding connection:" ); -String
[09/35] airavata git commit: UAB CILogon config
UAB CILogon config Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/6488090f Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/6488090f Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/6488090f Branch: refs/heads/AIRAVATA-2500 Commit: 6488090f90eab30e37c4ca39cc0fa24025aeaffb Parents: d537890 Author: Marcus ChristieAuthored: Wed Aug 16 11:33:36 2017 -0400 Committer: Marcus Christie Committed: Wed Aug 16 11:33:36 2017 -0400 -- .../inventories/scigap/production/pga_config/uab/vars.yml| 4 1 file changed, 4 insertions(+) -- http://git-wip-us.apache.org/repos/asf/airavata/blob/6488090f/dev-tools/ansible/inventories/scigap/production/pga_config/uab/vars.yml -- diff --git a/dev-tools/ansible/inventories/scigap/production/pga_config/uab/vars.yml b/dev-tools/ansible/inventories/scigap/production/pga_config/uab/vars.yml index 4355173..ac5dda5 100644 --- a/dev-tools/ansible/inventories/scigap/production/pga_config/uab/vars.yml +++ b/dev-tools/ansible/inventories/scigap/production/pga_config/uab/vars.yml @@ -42,6 +42,10 @@ oidc_discovery_url: "https://iam.scigap.org/auth/realms/{{ tenant_domain }}/.wel auth_options: - name: "The University of Alabama at Birmingham Science Gateway" oauth_grant_type: "password" + - name: "CILogon" +oauth_grant_type: "authorization_code" +oauth_authorize_url_extra_params: "kc_idp_hint=cilogon" +logo: "/assets/cilogon-logo-24x24-b.png" oauth_callback_url: "https://{{ vhost_servername }}/callback-url" gateway_id: "alabama-birmingham"
[26/35] airavata git commit: AIRAVATA-2500 Thrift stub generation
AIRAVATA-2500 Thrift stub generation Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/469a7e79 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/469a7e79 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/469a7e79 Branch: refs/heads/AIRAVATA-2500 Commit: 469a7e791db59ca277685f47a422e8805d3c4042 Parents: ac2823a Author: Marcus ChristieAuthored: Fri Sep 1 17:12:46 2017 -0400 Committer: Marcus Christie Committed: Tue Sep 19 15:07:57 2017 -0400 -- .../java/org/apache/airavata/api/Airavata.java | 782 +-- .../ComputeResourcePreference.java | 78 +- 2 files changed, 415 insertions(+), 445 deletions(-) --
[27/35] airavata git commit: AIRAVATA-2500 Thrift stub code generation
http://git-wip-us.apache.org/repos/asf/airavata/blob/3184c238/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/Model/AppCatalog/GatewayProfile/Types.php -- diff --git a/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/Model/AppCatalog/GatewayProfile/Types.php b/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/Model/AppCatalog/GatewayProfile/Types.php index f0b329d..da3071a 100644 --- a/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/Model/AppCatalog/GatewayProfile/Types.php +++ b/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/Model/AppCatalog/GatewayProfile/Types.php @@ -110,6 +110,14 @@ class ComputeResourcePreference { * @var int */ public $reservationEndTime = null; + /** + * @var string + */ + public $sshAccountProvisioner = null; + /** + * @var array + */ + public $sshAccountProvisionerConfig = null; public function __construct($vals=null) { if (!isset(self::$_TSPEC)) { @@ -170,6 +178,22 @@ class ComputeResourcePreference { 'var' => 'reservationEndTime', 'type' => TType::I64, ), +15 => array( + 'var' => 'sshAccountProvisioner', + 'type' => TType::STRING, + ), +16 => array( + 'var' => 'sshAccountProvisionerConfig', + 'type' => TType::MAP, + 'ktype' => TType::STRING, + 'vtype' => TType::STRING, + 'key' => array( +'type' => TType::STRING, + ), + 'val' => array( +'type' => TType::STRING, +), + ), ); } if (is_array($vals)) { @@ -215,6 +239,12 @@ class ComputeResourcePreference { if (isset($vals['reservationEndTime'])) { $this->reservationEndTime = $vals['reservationEndTime']; } + if (isset($vals['sshAccountProvisioner'])) { +$this->sshAccountProvisioner = $vals['sshAccountProvisioner']; + } + if (isset($vals['sshAccountProvisionerConfig'])) { +$this->sshAccountProvisionerConfig = $vals['sshAccountProvisionerConfig']; + } } } @@ -335,6 +365,33 @@ class ComputeResourcePreference { $xfer += $input->skip($ftype); } break; +case 15: + if ($ftype == TType::STRING) { +$xfer += $input->readString($this->sshAccountProvisioner); + } else { +$xfer += $input->skip($ftype); + } + break; +case 16: + if ($ftype == TType::MAP) { +$this->sshAccountProvisionerConfig = array(); +$_size0 = 0; +$_ktype1 = 0; +$_vtype2 = 0; +$xfer += $input->readMapBegin($_ktype1, $_vtype2, $_size0); +for ($_i4 = 0; $_i4 < $_size0; ++$_i4) +{ + $key5 = ''; + $val6 = ''; + $xfer += $input->readString($key5); + $xfer += $input->readString($val6); + $this->sshAccountProvisionerConfig[$key5] = $val6; +} +$xfer += $input->readMapEnd(); + } else { +$xfer += $input->skip($ftype); + } + break; default: $xfer += $input->skip($ftype); break; @@ -418,6 +475,29 @@ class ComputeResourcePreference { $xfer += $output->writeI64($this->reservationEndTime); $xfer += $output->writeFieldEnd(); } +if ($this->sshAccountProvisioner !== null) { + $xfer += $output->writeFieldBegin('sshAccountProvisioner', TType::STRING, 15); + $xfer += $output->writeString($this->sshAccountProvisioner); + $xfer += $output->writeFieldEnd(); +} +if ($this->sshAccountProvisionerConfig !== null) { + if (!is_array($this->sshAccountProvisionerConfig)) { +throw new TProtocolException('Bad type in structure.', TProtocolException::INVALID_DATA); + } + $xfer += $output->writeFieldBegin('sshAccountProvisionerConfig', TType::MAP, 16); + { +$output->writeMapBegin(TType::STRING, TType::STRING, count($this->sshAccountProvisionerConfig)); +{ + foreach ($this->sshAccountProvisionerConfig as $kiter7 => $viter8) + { +$xfer += $output->writeString($kiter7); +$xfer += $output->writeString($viter8); + } +} +$output->writeMapEnd(); + } + $xfer += $output->writeFieldEnd(); +} $xfer += $output->writeFieldStop(); $xfer += $output->writeStructEnd(); return $xfer; @@ -711,15 +791,15 @@ class GatewayResourceProfile { case 3: if ($ftype == TType::LST) { $this->computeResourcePreferences = array(); -$_size0 = 0; -$_etype3 = 0; -$xfer +=
[14/35] airavata git commit: AIRAVATA-2500 Update thrift API and regenerated
http://git-wip-us.apache.org/repos/asf/airavata/blob/2a901394/airavata-api/airavata-api-stubs/src/main/java/org/apache/airavata/api/Airavata.java -- diff --git a/airavata-api/airavata-api-stubs/src/main/java/org/apache/airavata/api/Airavata.java b/airavata-api/airavata-api-stubs/src/main/java/org/apache/airavata/api/Airavata.java index 6ef1610..851f96e 100644 --- a/airavata-api/airavata-api-stubs/src/main/java/org/apache/airavata/api/Airavata.java +++ b/airavata-api/airavata-api-stubs/src/main/java/org/apache/airavata/api/Airavata.java @@ -2621,6 +2621,10 @@ public class Airavata { */ public boolean deleteGatewayStoragePreference(org.apache.airavata.model.security.AuthzToken authzToken, String gatewayID, String storageId) throws org.apache.airavata.model.error.InvalidRequestException, org.apache.airavata.model.error.AiravataClientException, org.apache.airavata.model.error.AiravataSystemException, org.apache.airavata.model.error.AuthorizationException, org.apache.thrift.TException; +public List getSSHAccountProvisionerNames(org.apache.airavata.model.security.AuthzToken authzToken) throws org.apache.airavata.model.error.InvalidRequestException, org.apache.airavata.model.error.AiravataClientException, org.apache.airavata.model.error.AiravataSystemException, org.apache.airavata.model.error.AuthorizationException, org.apache.thrift.TException; + +public List getSSHAccountProvisionerConfigParams(org.apache.airavata.model.security.AuthzToken authzToken, String provisionerName) throws org.apache.airavata.model.error.InvalidRequestException, org.apache.airavata.model.error.AiravataClientException, org.apache.airavata.model.error.AiravataSystemException, org.apache.airavata.model.error.AuthorizationException, org.apache.thrift.TException; + /** * Register User Resource Profile. * @@ -3291,6 +3295,10 @@ public class Airavata { public void deleteGatewayStoragePreference(org.apache.airavata.model.security.AuthzToken authzToken, String gatewayID, String storageId, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException; +public void getSSHAccountProvisionerNames(org.apache.airavata.model.security.AuthzToken authzToken, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException; + +public void getSSHAccountProvisionerConfigParams(org.apache.airavata.model.security.AuthzToken authzToken, String provisionerName, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException; + public void registerUserResourceProfile(org.apache.airavata.model.security.AuthzToken authzToken, org.apache.airavata.model.appcatalog.userresourceprofile.UserResourceProfile userResourceProfile, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException; public void getUserResourceProfile(org.apache.airavata.model.security.AuthzToken authzToken, String userId, String gatewayID, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException; @@ -8275,6 +8283,77 @@ public class Airavata { throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "deleteGatewayStoragePreference failed: unknown result"); } +public List getSSHAccountProvisionerNames(org.apache.airavata.model.security.AuthzToken authzToken) throws org.apache.airavata.model.error.InvalidRequestException, org.apache.airavata.model.error.AiravataClientException, org.apache.airavata.model.error.AiravataSystemException, org.apache.airavata.model.error.AuthorizationException, org.apache.thrift.TException +{ + send_getSSHAccountProvisionerNames(authzToken); + return recv_getSSHAccountProvisionerNames(); +} + +public void send_getSSHAccountProvisionerNames(org.apache.airavata.model.security.AuthzToken authzToken) throws org.apache.thrift.TException +{ + getSSHAccountProvisionerNames_args args = new getSSHAccountProvisionerNames_args(); + args.setAuthzToken(authzToken); + sendBase("getSSHAccountProvisionerNames", args); +} + +public List recv_getSSHAccountProvisionerNames() throws org.apache.airavata.model.error.InvalidRequestException, org.apache.airavata.model.error.AiravataClientException, org.apache.airavata.model.error.AiravataSystemException, org.apache.airavata.model.error.AuthorizationException, org.apache.thrift.TException +{ + getSSHAccountProvisionerNames_result result = new getSSHAccountProvisionerNames_result(); + receiveBase(result, "getSSHAccountProvisionerNames"); + if (result.isSetSuccess()) { +return result.success; + } + if (result.ire != null) { +throw result.ire; + } + if (result.ace != null) { +throw result.ace; + } + if
[34/35] airavata git commit: AIRAVATA-2500 SSHAccountManager bug fixes
AIRAVATA-2500 SSHAccountManager bug fixes Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/31f3906b Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/31f3906b Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/31f3906b Branch: refs/heads/AIRAVATA-2500 Commit: 31f3906b6123bb1ce57cd9030f05f15d343cd9f9 Parents: 3184c23 Author: Marcus ChristieAuthored: Thu Sep 7 13:11:03 2017 -0400 Committer: Marcus Christie Committed: Tue Sep 19 15:08:05 2017 -0400 -- .../apache/airavata/accountprovisioning/SSHAccountManager.java | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) -- http://git-wip-us.apache.org/repos/asf/airavata/blob/31f3906b/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java -- diff --git a/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java b/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java index 8493dc1..70c144c 100644 --- a/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java +++ b/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java @@ -165,7 +165,7 @@ public class SSHAccountManager { PasswordCredential password = credentialStoreServiceClient.getPasswordCredential(configEntry.getValue(), gatewayId); resolvedConfig.put(configEntry.getKey(), password.getPassword()); } catch (TException e) { -throw new RuntimeException("Failed to get password needed to configure " + provisionerName); +throw new RuntimeException("Failed to get password needed to configure " + provisionerName, e); } } else { resolvedConfig.put(configEntry.getKey(), configEntry.getValue()); @@ -182,6 +182,8 @@ public class SSHAccountManager { } private static Map convertConfigParams(String provisionerName, Map thriftConfigParams) { +// TODO: also check that all required parameters are present? +// TODO: also, this doesn't handle optional entries which should be skipped if missing from thriftConfigParams List configParams = SSHAccountProvisionerFactory.getSSHAccountProvisionerConfigParams(provisionerName); Map configParamMap = configParams.stream().collect(Collectors.toMap(ConfigParam::getName, Function.identity())); @@ -204,7 +206,7 @@ public class SSHAccountManager { try { String credServerHost = ServerSettings.getCredentialStoreServerHost(); int credServerPort = Integer.valueOf(ServerSettings.getCredentialStoreServerPort()); -return CredentialStoreClientFactory.createAiravataCSClient(null, 0); +return CredentialStoreClientFactory.createAiravataCSClient(credServerHost, credServerPort); } catch (CredentialStoreException | ApplicationSettingsException e) { throw new RuntimeException("Failed to create credential store service client", e); }
[08/35] airavata git commit: Changes to the vars.yml, added the key for data storage access
Changes to the vars.yml, added the key for data storage access Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/d5378905 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/d5378905 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/d5378905 Branch: refs/heads/AIRAVATA-2500 Commit: d53789056fe011f224b154812d20478aa09be3a8 Parents: 4b1c437 Author: Eroma AbeysingheAuthored: Tue Aug 15 14:32:24 2017 -0400 Committer: Eroma Abeysinghe Committed: Tue Aug 15 14:32:24 2017 -0400 -- .../production/pga_config/csbglsu/vault.yml | 18 ++ 1 file changed, 18 insertions(+) -- http://git-wip-us.apache.org/repos/asf/airavata/blob/d5378905/dev-tools/ansible/inventories/scigap/production/pga_config/csbglsu/vault.yml -- diff --git a/dev-tools/ansible/inventories/scigap/production/pga_config/csbglsu/vault.yml b/dev-tools/ansible/inventories/scigap/production/pga_config/csbglsu/vault.yml new file mode 100644 index 000..389345b --- /dev/null +++ b/dev-tools/ansible/inventories/scigap/production/pga_config/csbglsu/vault.yml @@ -0,0 +1,18 @@ +$ANSIBLE_VAULT;1.1;AES256 +37373436626563633733323039346662383239383061336466343737393938656462636137346131 +303137343664326361353339643737643739313031310a356263326561396432613635653138 +66306332326430373161353835386561356238616135663933363864663039343131636430316265 +3731613866633663360a383131363564373532303438313837633766656131346132653964333735 +66386332336132313833613335613763633133386430346535383662643730376233643931323038 +35633238623962343165333935323936303366393465623733616431303638313562336236346635 +3535323930336337353738643061626164366430613961633662646266613961656264656431 +33353839353637333266343538653133383232366563363965323662626437396264383734656137 +30356534386264326636313465643534396639323232613637613031613736323433373238336437 +61373732316536363861643131366364653764363964356334366430336130336233383837653131 +623130396433306532393161303961393064366538353530643261316630613836653761 +3739613531313839666162613164626134613935356635323037393063656361303237613437 +64636163373962666562383164653334323335623065373063396564376465633238316332346336 +6635613038313137306563383935663864326234373963383536383864316330383561376430 +3332323237376665313939323831353334363834383832346562666132666265653135633030 +38373634366433623731393561646330383466353062646338373837383336323361623362663264 +3661
[05/35] airavata git commit: Added IU Geology Survey Group gateway directory vault.yml
Added IU Geology Survey Group gateway directory vault.yml Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/5ad47345 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/5ad47345 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/5ad47345 Branch: refs/heads/AIRAVATA-2500 Commit: 5ad4734521c5e6ab8fb5eae8dd4b770bee553dff Parents: 862c25b Author: Eroma AbeysingheAuthored: Mon Aug 14 16:42:54 2017 -0400 Committer: Eroma Abeysinghe Committed: Mon Aug 14 16:42:54 2017 -0400 -- .../production/pga_config/iugeosurvey/vault.yml | 18 ++ 1 file changed, 18 insertions(+) -- http://git-wip-us.apache.org/repos/asf/airavata/blob/5ad47345/dev-tools/ansible/inventories/scigap/production/pga_config/iugeosurvey/vault.yml -- diff --git a/dev-tools/ansible/inventories/scigap/production/pga_config/iugeosurvey/vault.yml b/dev-tools/ansible/inventories/scigap/production/pga_config/iugeosurvey/vault.yml new file mode 100644 index 000..fc2f7c5 --- /dev/null +++ b/dev-tools/ansible/inventories/scigap/production/pga_config/iugeosurvey/vault.yml @@ -0,0 +1,18 @@ +$ANSIBLE_VAULT;1.1;AES256 +66636531313965303866643038636339303766383030653235633538623237323036336434336435 +633039663263633738353137653639396461656163390a323064393931376165373038323437 +39313937363536663364633562393039643935313838363837376335386261303665 +303134633730370a613937303739323839303633303164373466386239613436643737653266 +3634663032613064666462623161373733363661303269643961336564313036383366356164 +66383439326331316336313437393537626139323066356366383366613437303866323638363831 +39373561653365626664326431363562333037616538303234313762633262663631633832646338 +63316335356161343134663366643037633666366563386339353332346261333230393730316364 +3530346530386536656332386135353138646533643465303266613166616161393038626461 +3861303264333939333162623664383565383935313832383034333632336465363263366639 +63643738316237313134653038363266383161353862363332353262333166623736323734336339 +61333233343230373665346336393530613936636533643732613539333634396566313962386331 +64623062313161633265646535313334643563613365353439313935383239353334623030396230 +3234343163636535346665323064326436313332663732353166383463363130306561353366 +36336432386131383062353065356434653233356361343533393462356361643363396261306431 +36316133353530376435643732653034356362333164373233376530383430303731333737646338 +3930
[22/35] airavata git commit: AIRAVATA-2500: generated Thrift stub code
AIRAVATA-2500: generated Thrift stub code Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/722aabd4 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/722aabd4 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/722aabd4 Branch: refs/heads/AIRAVATA-2500 Commit: 722aabd4c4fcde001ace20416ea16027a1299224 Parents: 8f2f135 Author: Marcus ChristieAuthored: Thu Aug 31 09:17:23 2017 -0400 Committer: Marcus Christie Committed: Tue Sep 19 15:07:56 2017 -0400 -- .../java/org/apache/airavata/api/Airavata.java | 4698 +++--- .../SSHAccountProvisioner.java | 600 +++ .../SSHAccountProvisionerConfigParam.java | 733 +++ .../SSHAccountProvisionerConfigParamType.java | 62 + 4 files changed, 5345 insertions(+), 748 deletions(-) --
[01/35] airavata git commit: Added Diana's email to admin emails [Forced Update!]
Repository: airavata Updated Branches: refs/heads/AIRAVATA-2500 daedef2eb -> 743711290 (forced update) Added Diana's email to admin emails Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/67f6fad3 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/67f6fad3 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/67f6fad3 Branch: refs/heads/AIRAVATA-2500 Commit: 67f6fad3b77f16b4e3ffbdfa0bc5fd52b32c4452 Parents: 21a7505 Author: Eroma AbeysingheAuthored: Mon Aug 7 11:54:26 2017 -0400 Committer: Eroma Abeysinghe Committed: Mon Aug 7 11:54:26 2017 -0400 -- .../inventories/scigap/PICKSC-Production/group_vars/pga/vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/airavata/blob/67f6fad3/dev-tools/ansible/inventories/scigap/PICKSC-Production/group_vars/pga/vars.yml -- diff --git a/dev-tools/ansible/inventories/scigap/PICKSC-Production/group_vars/pga/vars.yml b/dev-tools/ansible/inventories/scigap/PICKSC-Production/group_vars/pga/vars.yml index 32e556e..d71f02f 100644 --- a/dev-tools/ansible/inventories/scigap/PICKSC-Production/group_vars/pga/vars.yml +++ b/dev-tools/ansible/inventories/scigap/PICKSC-Production/group_vars/pga/vars.yml @@ -66,7 +66,7 @@ gateway_data_store_ssh_public_key: "ssh-rsa B3NzaC1yc2EDAQABAAABAQCZG7vi ## Portal related variables super_admin_portal: "false" -admin_emails: "['sgrc-iu-gr...@iu.edu']" +admin_emails: "['sgrc-iu-gr...@iu.edu','dugas...@ad.nmsu.edu']" portal_email_username: "pga.airav...@gmail.com" portal_email_password: "{{ vault_portal_email_password }}" # The portal theme is included in the dreg-gateway branch of airavata-php-gateway
[02/35] airavata git commit: Update Ansible deploy for dREG gateway (Keycloak migration)
Update Ansible deploy for dREG gateway (Keycloak migration) Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/ccd25183 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/ccd25183 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/ccd25183 Branch: refs/heads/AIRAVATA-2500 Commit: ccd251830eca38e2d1fba0d0640fca77a6ca3dd0 Parents: 67f6fad Author: Marcus ChristieAuthored: Tue Aug 8 17:27:44 2017 -0400 Committer: Marcus Christie Committed: Wed Aug 9 11:20:25 2017 -0400 -- .../dreg-production/group_vars/pga/vars.yml | 14 +--- .../dreg-production/group_vars/pga/vault.yml| 34 ++-- 2 files changed, 27 insertions(+), 21 deletions(-) -- http://git-wip-us.apache.org/repos/asf/airavata/blob/ccd25183/dev-tools/ansible/inventories/scigap/dreg-production/group_vars/pga/vars.yml -- diff --git a/dev-tools/ansible/inventories/scigap/dreg-production/group_vars/pga/vars.yml b/dev-tools/ansible/inventories/scigap/dreg-production/group_vars/pga/vars.yml index 5eed223..a192f6b 100644 --- a/dev-tools/ansible/inventories/scigap/dreg-production/group_vars/pga/vars.yml +++ b/dev-tools/ansible/inventories/scigap/dreg-production/group_vars/pga/vars.yml @@ -25,8 +25,8 @@ real_user_data_dir: "/data/gateway-user-data" ## Airavata Client related variables airavata_server: "tls://{{ groups['api-orch'][0] }}" airavata_port: "9930" -# FIXME: temporarily turn off SSL verification for WSO2 IS -auth_verify_peer: "false" +airavata_profile_service_server: "{{ groups['api-orch'][0] }}" +oauth_service_url: "https://iam.scigap.org/auth; pga_repo: "https://github.com/apache/airavata-php-gateway.git; git_branch: "dreg-gateway" @@ -41,15 +41,21 @@ ssl_certificate_chain_file: "/etc/letsencrypt/live/dreg.dnasequence.org/fullchai ssl_certificate_key_file: "/etc/letsencrypt/live/dreg.dnasequence.org/privkey.pem" pga_ssl_vhost_template: "{{ inventory_dir }}/files/pga-ssl-vhost.conf.j2" -## WSO2 IS related variables -tenant_domain: "dreg.cornell" +## Keycloak related variables +tenant_domain: "{{ gateway_id }}" admin_username: "admin" admin_password: "{{ vault_admin_password }}" oauth_client_key: "{{ vault_oauth_client_key }}" oauth_client_secret: "{{ vault_oauth_client_secret }}" +oidc_discovery_url: "https://iam.scigap.org/auth/realms/{{ tenant_domain }}/.well-known/openid-configuration" # dREG gateway automatically gives users the gateway-user role so they don't have to wait on admin approval initial_role_name: "gateway-user" +auth_options: + - name: "dREG" +oauth_grant_type: "password" +oauth_callback_url: "https://{{ vhost_servername }}/callback-url" + gateway_id: "cornelldna" # relative to document root dir experiment_data_dir: "{{ user_data_dir }}/cornell-dnasequence" http://git-wip-us.apache.org/repos/asf/airavata/blob/ccd25183/dev-tools/ansible/inventories/scigap/dreg-production/group_vars/pga/vault.yml -- diff --git a/dev-tools/ansible/inventories/scigap/dreg-production/group_vars/pga/vault.yml b/dev-tools/ansible/inventories/scigap/dreg-production/group_vars/pga/vault.yml index eaca63b..d10aef2 100644 --- a/dev-tools/ansible/inventories/scigap/dreg-production/group_vars/pga/vault.yml +++ b/dev-tools/ansible/inventories/scigap/dreg-production/group_vars/pga/vault.yml @@ -1,18 +1,18 @@ $ANSIBLE_VAULT;1.1;AES256 -37653231363231666433316261313238643763633234663866393832386236643436623566303263 -3334323065363831656435383564623034393661323037300a34326331633131366134613661 -39633030386362623966303630653462373762373034323134356539313036376563613335383135 -3962646533323362370a383064616634303730373232353663386165313666303732396635643562 -39313037323264656236323337643862636265626138656435303064353531616264633435643965 -3861613861303933313436643635666337643533343264326637653864356563343532333262 -3532333533643733396437336665373734303230623864303234316235343764376636353236 -323631386334323963306138326562373461613138373539356534313362313766313164 -35386534313033623563613635343163633564613636636236316633623263313437626337663530 -64313166323263353266623135616236653463356439363530373630653232363863303238356265 -65363630393364636238643861386161356635666331336530626533666434373931393237643861 -3338366365343931306439373565306432383665343366636161643938396136383234386232 -33343238636238373936663365316663653532616364636336363936316235353164636365613738 -33346462386230623735376132306663633932363838643935373539316565626435646565393833 -66623065373162623964363665646436356464643366633764323232343736353032616561643637
[29/35] airavata git commit: AIRAVATA-2500 Thrift stub code generation
http://git-wip-us.apache.org/repos/asf/airavata/blob/3184c238/airavata-api/airavata-api-stubs/src/main/java/org/apache/airavata/api/Airavata.java -- diff --git a/airavata-api/airavata-api-stubs/src/main/java/org/apache/airavata/api/Airavata.java b/airavata-api/airavata-api-stubs/src/main/java/org/apache/airavata/api/Airavata.java index d92d222..48fdbd8 100644 --- a/airavata-api/airavata-api-stubs/src/main/java/org/apache/airavata/api/Airavata.java +++ b/airavata-api/airavata-api-stubs/src/main/java/org/apache/airavata/api/Airavata.java @@ -2621,9 +2621,7 @@ public class Airavata { */ public boolean deleteGatewayStoragePreference(org.apache.airavata.model.security.AuthzToken authzToken, String gatewayID, String storageId) throws org.apache.airavata.model.error.InvalidRequestException, org.apache.airavata.model.error.AiravataClientException, org.apache.airavata.model.error.AiravataSystemException, org.apache.airavata.model.error.AuthorizationException, org.apache.thrift.TException; -public List getSSHAccountProvisionerNames(org.apache.airavata.model.security.AuthzToken authzToken) throws org.apache.airavata.model.error.InvalidRequestException, org.apache.airavata.model.error.AiravataClientException, org.apache.airavata.model.error.AiravataSystemException, org.apache.airavata.model.error.AuthorizationException, org.apache.thrift.TException; - -public List getSSHAccountProvisionerConfigParams(org.apache.airavata.model.security.AuthzToken authzToken, String provisionerName) throws org.apache.airavata.model.error.InvalidRequestException, org.apache.airavata.model.error.AiravataClientException, org.apache.airavata.model.error.AiravataSystemException, org.apache.airavata.model.error.AuthorizationException, org.apache.thrift.TException; +public List getSSHAccountProvisioners(org.apache.airavata.model.security.AuthzToken authzToken) throws org.apache.airavata.model.error.InvalidRequestException, org.apache.airavata.model.error.AiravataClientException, org.apache.airavata.model.error.AiravataSystemException, org.apache.airavata.model.error.AuthorizationException, org.apache.thrift.TException; /** * Check if user has an SSH account on the given compute resource. This @@ -2631,9 +2629,9 @@ public class Airavata { * * @param authzToken * @param computeResourceId - * @param username + * @param userId */ -public boolean doesUserHaveSSHAccount(org.apache.airavata.model.security.AuthzToken authzToken, String computeResourceId, String username) throws org.apache.airavata.model.error.InvalidRequestException, org.apache.airavata.model.error.AiravataClientException, org.apache.airavata.model.error.AiravataSystemException, org.apache.airavata.model.error.AuthorizationException, org.apache.thrift.TException; +public boolean doesUserHaveSSHAccount(org.apache.airavata.model.security.AuthzToken authzToken, String computeResourceId, String userId) throws org.apache.airavata.model.error.InvalidRequestException, org.apache.airavata.model.error.AiravataClientException, org.apache.airavata.model.error.AiravataSystemException, org.apache.airavata.model.error.AuthorizationException, org.apache.thrift.TException; /** * Setup and return a UserComputeResourcePreference object for this user to SSH into the given compute resource with @@ -2643,10 +2641,10 @@ public class Airavata { * * @param authzToken * @param computeResourceId - * @param username + * @param userId * @param airavataCredStoreToken */ -public org.apache.airavata.model.appcatalog.userresourceprofile.UserComputeResourcePreference setupUserComputeResourcePreferencesForSSH(org.apache.airavata.model.security.AuthzToken authzToken, String computeResourceId, String username, String airavataCredStoreToken) throws org.apache.airavata.model.error.InvalidRequestException, org.apache.airavata.model.error.AiravataClientException, org.apache.airavata.model.error.AiravataSystemException, org.apache.airavata.model.error.AuthorizationException, org.apache.thrift.TException; +public org.apache.airavata.model.appcatalog.userresourceprofile.UserComputeResourcePreference setupUserComputeResourcePreferencesForSSH(org.apache.airavata.model.security.AuthzToken authzToken, String computeResourceId, String userId, String airavataCredStoreToken) throws org.apache.airavata.model.error.InvalidRequestException, org.apache.airavata.model.error.AiravataClientException, org.apache.airavata.model.error.AiravataSystemException, org.apache.airavata.model.error.AuthorizationException, org.apache.thrift.TException; /** * Register User Resource Profile. @@ -3318,13 +3316,11 @@ public class Airavata { public void deleteGatewayStoragePreference(org.apache.airavata.model.security.AuthzToken authzToken, String gatewayID,
[06/35] airavata git commit: Changes to the vars.yml, added the key for data storage access
Changes to the vars.yml, added the key for data storage access Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/8f57d7c3 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/8f57d7c3 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/8f57d7c3 Branch: refs/heads/AIRAVATA-2500 Commit: 8f57d7c3fe3584c543fe8a9dbbf3af2a817ee7ee Parents: 5ad4734 Author: Eroma AbeysingheAuthored: Mon Aug 14 16:52:19 2017 -0400 Committer: Eroma Abeysinghe Committed: Mon Aug 14 16:52:19 2017 -0400 -- .../inventories/scigap/production/pga_config/iugeosurvey/vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/airavata/blob/8f57d7c3/dev-tools/ansible/inventories/scigap/production/pga_config/iugeosurvey/vars.yml -- diff --git a/dev-tools/ansible/inventories/scigap/production/pga_config/iugeosurvey/vars.yml b/dev-tools/ansible/inventories/scigap/production/pga_config/iugeosurvey/vars.yml index bbbaf31..d9a3588 100644 --- a/dev-tools/ansible/inventories/scigap/production/pga_config/iugeosurvey/vars.yml +++ b/dev-tools/ansible/inventories/scigap/production/pga_config/iugeosurvey/vars.yml @@ -48,7 +48,7 @@ gateway_id: "iu-geology-survey" # relative to document root dir experiment_data_dir: "{{ user_data_dir }}/{{ gateway_id }}" gateway_data_store_resource_id: "gf4.ucs.indiana.edu_61552681-96f0-462a-a36c-a62a010bffc6" -#gateway_data_store_ssh_public_key: "ssh-rsa B3NzaC1yc2EDAQABAAABAQDEuA1indjdczBXg2qrmD0bB0QfKq0u2q3o25DegTaty5LoogW+APEvXmwc2g6PzkM75MgfMsTErMQaQ3/PoElADQKg2/NePz05YWobn9zrPZFeRWfOqWMjFDx72cffHKBzgnahFDBlR/YJhf4IZJ+EOA1zMiMF2oZQmEYQtbQFhbKPF+jrScEQeuXVuXWSS2sKNAVKj3pY4kmi9kEOYELee/O6ghBUfrVhB95vDKJPgmQSuo3pgkLRdflTBSAQ54UchwjXi2RA9Xv0RXJF/JyyRGn6bSbRxYhsm5RJeiBVj4ua7p2b36rSYVqtVsTKEonx5kYdKzwyjJXWpjB2KtQp" +gateway_data_store_ssh_public_key: "ssh-rsa B3NzaC1yc2EDAQABAAABAQDEuA1indjdczBXg2qrmD0bB0QfKq0u2q3o25DegTaty5LoogW+APEvXmwc2g6PzkM75MgfMsTErMQaQ3/PoElADQKg2/NePz05YWobn9zrPZFeRWfOqWMjFDx72cffHKBzgnahFDBlR/YJhf4IZJ+EOA1zMiMF2oZQmEYQtbQFhbKPF+jrScEQeuXVuXWSS2sKNAVKj3pY4kmi9kEOYELee/O6ghBUfrVhB95vDKJPgmQSuo3pgkLRdflTBSAQ54UchwjXi2RA9Xv0RXJF/JyyRGn6bSbRxYhsm5RJeiBVj4ua7p2b36rSYVqtVsTKEonx5kYdKzwyjJXWpjB2KtQp" ## Portal related variables super_admin_portal: "false"
[07/35] airavata git commit: Changes to the vars.yml, added the key for data storage access
Changes to the vars.yml, added the key for data storage access Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/4b1c4372 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/4b1c4372 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/4b1c4372 Branch: refs/heads/AIRAVATA-2500 Commit: 4b1c4372eee4dd4877a19d2d144b9e44b8f02133 Parents: 8f57d7c Author: Eroma AbeysingheAuthored: Tue Aug 15 14:32:07 2017 -0400 Committer: Eroma Abeysinghe Committed: Tue Aug 15 14:32:07 2017 -0400 -- .../production/pga_config/csbglsu/vars.yml | 61 dev-tools/ansible/pga-scigap-prod.yml | 4 +- 2 files changed, 64 insertions(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/airavata/blob/4b1c4372/dev-tools/ansible/inventories/scigap/production/pga_config/csbglsu/vars.yml -- diff --git a/dev-tools/ansible/inventories/scigap/production/pga_config/csbglsu/vars.yml b/dev-tools/ansible/inventories/scigap/production/pga_config/csbglsu/vars.yml new file mode 100644 index 000..b34e099 --- /dev/null +++ b/dev-tools/ansible/inventories/scigap/production/pga_config/csbglsu/vars.yml @@ -0,0 +1,61 @@ +# +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# + +--- +pga_repo: "https://github.com/apache/airavata-php-gateway.git; +git_branch: "master" +user: "pga" +group: "pga" +doc_root_dir: "/var/www/portals/{{ gateway_id }}" +vhost_servername: "csbglsu.scigap.org" +vhost_ssl: false +# TODO: have Ansible manage these files as well +#ssl_certificate_file: "/etc/letsencrypt/live/csbglsu.scigap.org/cert.pem" +#ssl_certificate_chain_file: "/etc/letsencrypt/live/csbglsu.scigap.org/fullchain.pem" +#ssl_certificate_key_file: "/etc/letsencrypt/live/csbglsu.scigap.org/privkey.pem" + +## Keycloak related variables +tenant_domain: "{{ gateway_id }}" +admin_username: "admin" +admin_password: "{{ vault_admin_password }}" +oauth_client_key: "{{ vault_oauth_client_key }}" +oauth_client_secret: "{{ vault_oauth_client_secret }}" +oidc_discovery_url: "https://iam.scigap.org/auth/realms/{{ tenant_domain }}/.well-known/openid-configuration" + +auth_options: + - name: "LSU Computational Sys Biology" +oauth_grant_type: "password" +oauth_callback_url: "https://{{ vhost_servername }}/callback-url" + +gateway_id: "lsu-computational-sys-biology" +# relative to document root dir +experiment_data_dir: "{{ user_data_dir }}/{{ gateway_id }}" +gateway_data_store_resource_id: "gf4.ucs.indiana.edu_61552681-96f0-462a-a36c-a62a010bffc6" +gateway_data_store_ssh_public_key: "ssh-rsa B3NzaC1yc2EDAQABAAABAQDc/WQnD40zGuO+bIMsWc0ey8oxDzEj/dPFPg8LN7oNn/V7pi74mF2D57wgA8KsxcpsNydcReSXZhx6FynlK6iABDZP5QdREmhm87gkrMQUA/ZI7R2q7ekchbRtCnrGwU/pdHBh4penaiScs08o7OPfqJJp/TfgwH92dA9dThqGf9hD1Y0nmWECfvX56rXAggcgZl+Q6IFD0VFinFMkqZRWFFi4Zm7yiKCNWYXvXlIGjFOlDp0/ONGg5wjpCFivhI934Uk6Y69hSMhnFJc6g1JHD4PLaBILlUjwEikmH6KL3ii6Wt30pou+tIihBDBv0ODR4jDiOeBJGkcisWeh3Uzj" + +## Portal related variables +super_admin_portal: "false" +admin_emails: "['sgrc-iu-gr...@iu.edu','mbrylin...@lsu.edu']" +portal_email_username: "pga.airav...@gmail.com" +portal_email_password: "{{ vault_portal_email_password }}" +#portal_theme: "gsu-gateway-theme" +#portal_theme_repo: "https://github.com/SciGaP/gsu-gateway-theme; +portal_title: "LSU Computational Sys Biology" +... http://git-wip-us.apache.org/repos/asf/airavata/blob/4b1c4372/dev-tools/ansible/pga-scigap-prod.yml -- diff --git a/dev-tools/ansible/pga-scigap-prod.yml b/dev-tools/ansible/pga-scigap-prod.yml index ea2fea1..45b80c3 100644 --- a/dev-tools/ansible/pga-scigap-prod.yml +++ b/dev-tools/ansible/pga-scigap-prod.yml @@ -41,5 +41,7 @@ - include: pga-single-vhost.yml vars_dir="{{ inventory_dir }}/pga_config/uab" - include: pga-single-vhost.yml vars_dir="{{ inventory_dir }}/pga_config/ultrascan" - include: pga-single-vhost.yml vars_dir="{{
[15/35] airavata git commit: AIRAVATA-2500 Update thrift API and regenerated
AIRAVATA-2500 Update thrift API and regenerated Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/2a901394 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/2a901394 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/2a901394 Branch: refs/heads/AIRAVATA-2500 Commit: 2a90139402c9c82350138adc4dc3bc59d56cee93 Parents: 77baac4 Author: Marcus ChristieAuthored: Mon Aug 14 12:36:19 2017 -0400 Committer: Marcus Christie Committed: Tue Sep 19 15:07:56 2017 -0400 -- .../java/org/apache/airavata/api/Airavata.java | 35330 + .../ComputeResourcePreference.java | 285 +- .../gatewayprofile/GatewayResourceProfile.java |72 +- .../account_provisioning_model.thrift | 2 +- .../gateway_resource_profile_model.thrift | 2 +- 5 files changed, 19411 insertions(+), 16280 deletions(-) --
[10/35] airavata git commit: AIRAVATA-2500 Implement SSHAccountProvisionerFactory
AIRAVATA-2500 Implement SSHAccountProvisionerFactory Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/77baac43 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/77baac43 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/77baac43 Branch: refs/heads/AIRAVATA-2500 Commit: 77baac438f9a59629a9fc21a904dc7397245a029 Parents: 1c39e2e Author: Marcus ChristieAuthored: Thu Aug 10 15:24:26 2017 -0400 Committer: Marcus Christie Committed: Tue Sep 19 15:07:40 2017 -0400 -- .../accountprovisioning/ConfigParam.java| 32 +++-- .../accountprovisioning/SSHAccountManager.java | 37 +- .../SSHAccountProvisioner.java | 9 --- .../SSHAccountProvisionerFactory.java | 28 +--- .../SSHAccountProvisionerProvider.java | 37 ++ .../IULdapSSHAccountProvisioner.java| 7 -- .../IULdapSSHAccountProvisionerProvider.java| 44 ...ta.accountprovisioning.SSHAccountProvisioner | 22 -- ...ntprovisioning.SSHAccountProvisionerProvider | 22 ++ .../SSHAccountProvisionerFactoryTest.java | 75 .../provisioner/TestSSHAccountProvisioner.java | 71 ++ .../TestSSHAccountProvisionerProvider.java | 66 + ...ntprovisioning.SSHAccountProvisionerProvider | 21 ++ .../account_provisioning_model.thrift | 2 +- .../gateway_resource_profile_model.thrift | 2 +- 15 files changed, 420 insertions(+), 55 deletions(-) -- http://git-wip-us.apache.org/repos/asf/airavata/blob/77baac43/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/ConfigParam.java -- diff --git a/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/ConfigParam.java b/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/ConfigParam.java index beb8bbc..cf27b7f 100644 --- a/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/ConfigParam.java +++ b/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/ConfigParam.java @@ -24,7 +24,7 @@ public class ConfigParam { public enum ConfigParamType { STRING, -CRED_TOKEN, +CRED_STORE_PASSWORD_TOKEN, } private boolean optional = false; @@ -32,36 +32,58 @@ public class ConfigParam { private String description; private ConfigParamType type = ConfigParamType.STRING; +public ConfigParam(String name) { +this.name = name; +} + public boolean isOptional() { return optional; } -public void setOptional(boolean optional) { +public ConfigParam setOptional(boolean optional) { this.optional = optional; +return this; } public String getName() { return name; } -public void setName(String name) { +public ConfigParam setName(String name) { this.name = name; +return this; } public String getDescription() { return description; } -public void setDescription(String description) { +public ConfigParam setDescription(String description) { this.description = description; +return this; } public ConfigParamType getType() { return type; } -public void setType(ConfigParamType type) { +public ConfigParam setType(ConfigParamType type) { this.type = type; +return this; +} + +@Override +public boolean equals(Object o) { +if (this == o) return true; +if (!(o instanceof ConfigParam)) return false; + +ConfigParam that = (ConfigParam) o; + +return name.equals(that.name); } +@Override +public int hashCode() { +return name.hashCode(); +} } http://git-wip-us.apache.org/repos/asf/airavata/blob/77baac43/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java -- diff --git a/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java b/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java index 4e00e4e..dcb819b 100644 --- a/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java +++ b/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/SSHAccountManager.java @@ -20,12 +20,18 @@ package
[03/35] airavata git commit: Added WVState University gateway directory
Added WVState University gateway directory Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/2f471d10 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/2f471d10 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/2f471d10 Branch: refs/heads/AIRAVATA-2500 Commit: 2f471d104dcd7a03ee5f46d758e51fee06825077 Parents: ccd2518 Author: Eroma AbeysingheAuthored: Mon Aug 14 15:54:52 2017 -0400 Committer: Eroma Abeysinghe Committed: Mon Aug 14 15:54:52 2017 -0400 -- .../scigap/production/pga_config/wvsu/vars.yml | 71 .../scigap/production/pga_config/wvsu/vault.yml | 18 + 2 files changed, 89 insertions(+) -- http://git-wip-us.apache.org/repos/asf/airavata/blob/2f471d10/dev-tools/ansible/inventories/scigap/production/pga_config/wvsu/vars.yml -- diff --git a/dev-tools/ansible/inventories/scigap/production/pga_config/wvsu/vars.yml b/dev-tools/ansible/inventories/scigap/production/pga_config/wvsu/vars.yml new file mode 100644 index 000..d8d3dda --- /dev/null +++ b/dev-tools/ansible/inventories/scigap/production/pga_config/wvsu/vars.yml @@ -0,0 +1,71 @@ +# +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# + +--- +pga_repo: "https://github.com/apache/airavata-php-gateway.git; +git_branch: "master" +user: "pga" +group: "pga" +doc_root_dir: "/var/www/portals/{{ gateway_id }}" +vhost_servername: "sciencegateway.wvstateu.edu" +#vhost_serveralias: "www.seagrid.org" +#vhost_servername: "beta.seagrid.org" +vhost_ssl: True +# TODO: have Ansible manage these files as well +ssl_certificate_file: "/etc/letsencrypt/live/sciencegateway.wvstateu.edu/cert.pem" +ssl_certificate_chain_file: "/etc/letsencrypt/live/sciencegateway.wvstateu.edu/fullchain.pem" +ssl_certificate_key_file: "/etc/letsencrypt/live/sciencegateway.wvstateu.edu/privkey.pem" +#ssl_certificate_file: "/etc/letsencrypt/live/beta.seagrid.org/cert.pem" +#ssl_certificate_chain_file: "/etc/letsencrypt/live/beta.seagrid.org/fullchain.pem" +#ssl_certificate_key_file: "/etc/letsencrypt/live/beta.seagrid.org/privkey.pem" + + +## Keycloak related variables +tenant_domain: "{{ gateway_id }}" +admin_username: "admin" +admin_password: "{{ vault_admin_password }}" +oauth_client_key: "{{ vault_oauth_client_key }}" +oauth_client_secret: "{{ vault_oauth_client_secret }}" +oidc_discovery_url: "https://iam.scigap.org/auth/realms/{{ tenant_domain }}/.well-known/openid-configuration" + +auth_options: + - name: "WVirginia State University" +oauth_grant_type: "password" + # - name: "CILogon" + # oauth_grant_type: "authorization_code" + # oauth_authorize_url_extra_params: "kc_idp_hint=cilogon" + # logo: "/assets/cilogon-logo-24x24-b.png" +oauth_callback_url: "https://{{ vhost_servername }}/callback-url" + +gateway_id: "wvirginia-state-university" +# relative to document root dir +experiment_data_dir: "{{ user_data_dir }}/wvirginia-state-university" +gateway_data_store_resource_id: "gf4.ucs.indiana.edu_61552681-96f0-462a-a36c-a62a010bffc6" +gateway_data_store_ssh_public_key: "ssh-rsa B3NzaC1yc2EDAQABAAABAQCHm/f06vFCah0lVLnykei1cwkKMGwaCdn//BjZtG/9OnV7fjDzjISBCuz+LEC/FJKv3BaByAQ0Tvq0GxIgBzR31r2Qpp7yKJyl1THpftrshPOD2M1FOJfebc9QAnVKdQQpIGtA5/viOnZfV0nnEXqiKjafsAdwnSP3097XSvD7UvQGwkhmG4oIbs66RTh19gUB3/4QZZBEbUDBaeHrxzwS/NXaQorCfrZt2mJCNeFLdhiqqg2JbT4g4X/Crps6es/o3fN6mRsFnRu9Y5Xhh/FFyT/u8IiW18FzHaH9hfOhyxeKRQCk0nJV+aREcmJ3wIk7VRA/bKGWcVDqZRHRvcPR" + +## Portal related variables +super_admin_portal: "false" +admin_emails: "['smalka...@wvstateu.edu', 'sgrc-iu-gr...@iu.edu']" +portal_email_username: "pga.airav...@gmail.com" +portal_email_password: "{{ vault_portal_email_password }}" +#portal_theme: "base" +#portal_theme_repo: "https://github.com/SciGaP/seagrid-website-theme.git; +portal_title: "WVirginia State University" +...
[11/35] airavata git commit: AIRAVATA-2500 Initial interfaces, APIs for account provisioning
AIRAVATA-2500 Initial interfaces, APIs for account provisioning Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/1c39e2ea Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/1c39e2ea Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/1c39e2ea Branch: refs/heads/AIRAVATA-2500 Commit: 1c39e2ea715f736d25d874c36a519ee0ed250162 Parents: 6488090 Author: Marcus ChristieAuthored: Wed Aug 9 15:54:07 2017 -0400 Committer: Marcus Christie Committed: Tue Sep 19 15:07:40 2017 -0400 -- modules/compute-account-provisioning/pom.xml| 67 + .../accountprovisioning/ConfigParam.java| 67 + .../accountprovisioning/SSHAccountManager.java | 69 ++ .../SSHAccountProvisioner.java | 43 +++ .../SSHAccountProvisionerFactory.java | 49 + .../IULdapSSHAccountProvisioner.java| 75 ...ta.accountprovisioning.SSHAccountProvisioner | 22 ++ pom.xml | 1 + .../airavata-apis/airavata_api.thrift | 11 +++ .../account_provisioning_model.thrift | 40 +++ .../gateway_resource_profile_model.thrift | 5 +- 11 files changed, 448 insertions(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/airavata/blob/1c39e2ea/modules/compute-account-provisioning/pom.xml -- diff --git a/modules/compute-account-provisioning/pom.xml b/modules/compute-account-provisioning/pom.xml new file mode 100644 index 000..ee89d33 --- /dev/null +++ b/modules/compute-account-provisioning/pom.xml @@ -0,0 +1,67 @@ + + + +http://maven.apache.org/POM/4.0.0; + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance; + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd;> + +airavata +org.apache.airavata +0.17-SNAPSHOT +../../pom.xml + +4.0.0 + +compute-account-provisioning + + + +airavata-credential-store +org.apache.airavata +${project.version} + + +registry-api-stubs +org.apache.airavata +${project.version} + + +com.jcraft +jsch +0.1.50 + + +org.slf4j +slf4j-api + + +junit +junit +test + + +com.google.code.gson +gson +2.3.1 + + + + \ No newline at end of file http://git-wip-us.apache.org/repos/asf/airavata/blob/1c39e2ea/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/ConfigParam.java -- diff --git a/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/ConfigParam.java b/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/ConfigParam.java new file mode 100644 index 000..beb8bbc --- /dev/null +++ b/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/ConfigParam.java @@ -0,0 +1,67 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ + +package org.apache.airavata.accountprovisioning; + +public class ConfigParam { + +public enum ConfigParamType { +STRING, +CRED_TOKEN, +} + +private boolean optional = false; +private String name; +private String description; +private ConfigParamType type = ConfigParamType.STRING; + +public boolean isOptional() { +return optional; +} + +public void setOptional(boolean optional) { +this.optional = optional; +} + +public String getName() { +return name; +} + +public void setName(String
[18/35] airavata git commit: AIRAVATA-2500 Implement doesUserHaveSSHAccount and setup SSH account methods in API
AIRAVATA-2500 Implement doesUserHaveSSHAccount and setup SSH account methods in API Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/8f2f1353 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/8f2f1353 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/8f2f1353 Branch: refs/heads/AIRAVATA-2500 Commit: 8f2f135374c96f92ffb7eb1775bdfdecb144fb20 Parents: 0d1e90f Author: Marcus ChristieAuthored: Thu Aug 31 09:16:03 2017 -0400 Committer: Marcus Christie Committed: Tue Sep 19 15:07:56 2017 -0400 -- airavata-api/airavata-api-server/pom.xml| 5 ++ .../server/handler/AiravataServerHandler.java | 55 .../accountprovisioning/SSHAccountManager.java | 42 --- .../SSHAccountProvisionerProvider.java | 1 + .../airavata-apis/airavata_api.thrift | 24 - .../account_provisioning_model.thrift | 2 + 6 files changed, 122 insertions(+), 7 deletions(-) -- http://git-wip-us.apache.org/repos/asf/airavata/blob/8f2f1353/airavata-api/airavata-api-server/pom.xml -- diff --git a/airavata-api/airavata-api-server/pom.xml b/airavata-api/airavata-api-server/pom.xml index ada0b8f..a4d10af 100644 --- a/airavata-api/airavata-api-server/pom.xml +++ b/airavata-api/airavata-api-server/pom.xml @@ -93,6 +93,11 @@ services-security ${project.version} + +org.apache.airavata +compute-account-provisioning +${project.version} + http://git-wip-us.apache.org/repos/asf/airavata/blob/8f2f1353/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java -- diff --git a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java b/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java index 4ae91ea..bb3f2c0 100644 --- a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java +++ b/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java @@ -19,6 +19,7 @@ */ package org.apache.airavata.api.server.handler; +import org.apache.airavata.accountprovisioning.SSHAccountManager; import org.apache.airavata.api.Airavata; import org.apache.airavata.api.airavata_apiConstants; import org.apache.airavata.api.server.util.ThriftClientPool; @@ -35,6 +36,8 @@ import org.apache.airavata.messaging.core.MessagingFactory; import org.apache.airavata.messaging.core.Publisher; import org.apache.airavata.messaging.core.Type; import org.apache.airavata.model.WorkflowModel; +import org.apache.airavata.model.appcatalog.accountprovisioning.SSHAccountProvisioner; +import org.apache.airavata.model.appcatalog.accountprovisioning.SSHAccountProvisionerConfigParam; import org.apache.airavata.model.appcatalog.appdeployment.ApplicationDeploymentDescription; import org.apache.airavata.model.appcatalog.appdeployment.ApplicationModule; import org.apache.airavata.model.appcatalog.appinterface.ApplicationInterfaceDescription; @@ -3964,6 +3967,58 @@ public class AiravataServerHandler implements Airavata.Iface { } } +@Override +@SecurityCheck +public List getSSHAccountProvisionerNames(AuthzToken authzToken) throws InvalidRequestException, AiravataClientException, AiravataSystemException, AuthorizationException, TException { + +// TODO: implement +return null; +} + +@Override +@SecurityCheck +public List getSSHAccountProvisionerConfigParams(AuthzToken authzToken, String provisionerName) throws InvalidRequestException, AiravataClientException, AiravataSystemException, AuthorizationException, TException { + +// TODO: implement +return null; +} + +@Override +@SecurityCheck +public boolean doesUserHaveSSHAccount(AuthzToken authzToken, String computeResourceId, String username) throws InvalidRequestException, AiravataClientException, AiravataSystemException, AuthorizationException, TException { +String gatewayId = authzToken.getClaimsMap().get(Constants.GATEWAY_ID); +return SSHAccountManager.doesUserHaveSSHAccount(gatewayId, computeResourceId, username); +} + +@Override +@SecurityCheck +public UserComputeResourcePreference setupUserComputeResourcePreferencesForSSH(AuthzToken authzToken, String computeResourceId, String username, String airavataCredStoreToken)
[25/35] airavata git commit: AIRAVATA-2500 Thrift stub generation
http://git-wip-us.apache.org/repos/asf/airavata/blob/469a7e79/airavata-api/airavata-api-stubs/src/main/java/org/apache/airavata/api/Airavata.java -- diff --git a/airavata-api/airavata-api-stubs/src/main/java/org/apache/airavata/api/Airavata.java b/airavata-api/airavata-api-stubs/src/main/java/org/apache/airavata/api/Airavata.java index 6214caf..d92d222 100644 --- a/airavata-api/airavata-api-stubs/src/main/java/org/apache/airavata/api/Airavata.java +++ b/airavata-api/airavata-api-stubs/src/main/java/org/apache/airavata/api/Airavata.java @@ -2626,27 +2626,27 @@ public class Airavata { public List getSSHAccountProvisionerConfigParams(org.apache.airavata.model.security.AuthzToken authzToken, String provisionerName) throws org.apache.airavata.model.error.InvalidRequestException, org.apache.airavata.model.error.AiravataClientException, org.apache.airavata.model.error.AiravataSystemException, org.apache.airavata.model.error.AuthorizationException, org.apache.thrift.TException; /** - * Setup and return a UserComputeResourcePreference object for this user to SSH into the given compute resource with - * the given SSH credential. This method will only work if the compute resource has an SSHAccountProvisioner - * configured for it. The returned UserComputeResourcePreference object is not saved; it is up to the client to - * call addUserComputeResourcePreference to persist it. + * Check if user has an SSH account on the given compute resource. This + * method will only work if the compute resource has an SSHAccountProvisioner configured for it. * * @param authzToken * @param computeResourceId * @param username - * @param airavataCredStoreToken */ -public org.apache.airavata.model.appcatalog.userresourceprofile.UserComputeResourcePreference setupUserComputeResourcePreferencesForSSH(org.apache.airavata.model.security.AuthzToken authzToken, String computeResourceId, String username, String airavataCredStoreToken) throws org.apache.airavata.model.error.InvalidRequestException, org.apache.airavata.model.error.AiravataClientException, org.apache.airavata.model.error.AiravataSystemException, org.apache.airavata.model.error.AuthorizationException, org.apache.thrift.TException; +public boolean doesUserHaveSSHAccount(org.apache.airavata.model.security.AuthzToken authzToken, String computeResourceId, String username) throws org.apache.airavata.model.error.InvalidRequestException, org.apache.airavata.model.error.AiravataClientException, org.apache.airavata.model.error.AiravataSystemException, org.apache.airavata.model.error.AuthorizationException, org.apache.thrift.TException; /** - * Check if user has an SSH account on the given compute resource. This - * method will only work if the compute resource has an SSHAccountProvisioner configured for it. + * Setup and return a UserComputeResourcePreference object for this user to SSH into the given compute resource with + * the given SSH credential. This method will only work if the compute resource has an SSHAccountProvisioner + * configured for it. The returned UserComputeResourcePreference object is not saved; it is up to the client to + * call addUserComputeResourcePreference to persist it. * * @param authzToken * @param computeResourceId * @param username + * @param airavataCredStoreToken */ -public boolean doesUserHaveSSHAccount(org.apache.airavata.model.security.AuthzToken authzToken, String computeResourceId, String username) throws org.apache.airavata.model.error.InvalidRequestException, org.apache.airavata.model.error.AiravataClientException, org.apache.airavata.model.error.AiravataSystemException, org.apache.airavata.model.error.AuthorizationException, org.apache.thrift.TException; +public org.apache.airavata.model.appcatalog.userresourceprofile.UserComputeResourcePreference setupUserComputeResourcePreferencesForSSH(org.apache.airavata.model.security.AuthzToken authzToken, String computeResourceId, String username, String airavataCredStoreToken) throws org.apache.airavata.model.error.InvalidRequestException, org.apache.airavata.model.error.AiravataClientException, org.apache.airavata.model.error.AiravataSystemException, org.apache.airavata.model.error.AuthorizationException, org.apache.thrift.TException; /** * Register User Resource Profile. @@ -3322,10 +3322,10 @@ public class Airavata { public void getSSHAccountProvisionerConfigParams(org.apache.airavata.model.security.AuthzToken authzToken, String provisionerName, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException; -public void setupUserComputeResourcePreferencesForSSH(org.apache.airavata.model.security.AuthzToken authzToken, String computeResourceId, String username, String
[13/35] airavata git commit: AIRAVATA-2500 Update thrift API and regenerated
http://git-wip-us.apache.org/repos/asf/airavata/blob/2a901394/airavata-api/airavata-data-models/src/main/java/org/apache/airavata/model/appcatalog/gatewayprofile/ComputeResourcePreference.java -- diff --git a/airavata-api/airavata-data-models/src/main/java/org/apache/airavata/model/appcatalog/gatewayprofile/ComputeResourcePreference.java b/airavata-api/airavata-data-models/src/main/java/org/apache/airavata/model/appcatalog/gatewayprofile/ComputeResourcePreference.java index b1c092b..0d52abb 100644 --- a/airavata-api/airavata-data-models/src/main/java/org/apache/airavata/model/appcatalog/gatewayprofile/ComputeResourcePreference.java +++ b/airavata-api/airavata-data-models/src/main/java/org/apache/airavata/model/appcatalog/gatewayprofile/ComputeResourcePreference.java @@ -103,6 +103,8 @@ public class ComputeResourcePreference implements org.apache.thrift.TBase, SchemeFactory> schemes = new HashMap(); static { @@ -124,6 +126,8 @@ public class ComputeResourcePreference implements org.apache.thrift.TBase sshAccountProvisionerConfig; // optional /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */ public enum _Fields implements org.apache.thrift.TFieldIdEnum { @@ -148,7 +152,9 @@ public class ComputeResourcePreference implements org.apache.thrift.TBase byName = new HashMap (); @@ -191,6 +197,10 @@ public class ComputeResourcePreference implements org.apache.thrift.TBase metaDataMap; static { Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class); @@ -267,6 +277,12 @@ public class ComputeResourcePreference implements org.apache.thrift.TBase __this__sshAccountProvisionerConfig = new HashMap (other.sshAccountProvisionerConfig.size()); + for (Map.Entry other_element : other.sshAccountProvisionerConfig.entrySet()) { + + org.apache.airavata.model.appcatalog.accountprovisioning.SSHAccountProvisionerConfigParam other_element_key = other_element.getKey(); +String other_element_value = other_element.getValue(); + + org.apache.airavata.model.appcatalog.accountprovisioning.SSHAccountProvisionerConfigParam __this__sshAccountProvisionerConfig_copy_key = new org.apache.airavata.model.appcatalog.accountprovisioning.SSHAccountProvisionerConfigParam(other_element_key); + +String __this__sshAccountProvisionerConfig_copy_value = other_element_value; + + __this__sshAccountProvisionerConfig.put(__this__sshAccountProvisionerConfig_copy_key, __this__sshAccountProvisionerConfig_copy_value); + } + this.sshAccountProvisionerConfig = __this__sshAccountProvisionerConfig; +} } public ComputeResourcePreference deepCopy() { @@ -352,6 +386,8 @@ public class ComputeResourcePreference implements org.apache.thrift.TBase(); +} +this.sshAccountProvisionerConfig.put(key, val); + } + + public Map getSshAccountProvisionerConfig() { +return this.sshAccountProvisionerConfig; + } + + public void setSshAccountProvisionerConfig(Map sshAccountProvisionerConfig) { +this.sshAccountProvisionerConfig = sshAccountProvisionerConfig; + } + + public void unsetSshAccountProvisionerConfig() { +this.sshAccountProvisionerConfig = null; + } + + /** Returns true if field sshAccountProvisionerConfig is set (has been assigned a value) and false otherwise */ + public boolean isSetSshAccountProvisionerConfig() { +return this.sshAccountProvisionerConfig != null; + } + + public void setSshAccountProvisionerConfigIsSet(boolean value) { +if (!value) { + this.sshAccountProvisionerConfig = null; +} + } + public void setFieldValue(_Fields field, Object value) { switch (field) { case COMPUTE_RESOURCE_ID: @@ -803,6 +896,22 @@ public class ComputeResourcePreference implements org.apache.thrift.TBase)value); + } + break; + } } @@ -850,6 +959,12 @@ public class ComputeResourcePreference implements org.apache.thrift.TBase(2*_map0.size); + org.apache.airavata.model.appcatalog.accountprovisioning.SSHAccountProvisionerConfigParam _key1; +String _val2; +for (int _i3 = 0; _i3 < _map0.size; ++_i3) +{ + _key1 = new org.apache.airavata.model.appcatalog.accountprovisioning.SSHAccountProvisionerConfigParam(); + _key1.read(iprot); + _val2 =
[4/4] airavata-django-portal git commit: Requiring Django session for REST API
Requiring Django session for REST API Project: http://git-wip-us.apache.org/repos/asf/airavata-django-portal/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata-django-portal/commit/4147972a Tree: http://git-wip-us.apache.org/repos/asf/airavata-django-portal/tree/4147972a Diff: http://git-wip-us.apache.org/repos/asf/airavata-django-portal/diff/4147972a Branch: refs/heads/master Commit: 4147972a1c157f570abdc5baaa6f243154f4c586 Parents: e8e0fc4 Author: Marcus ChristieAuthored: Tue Sep 19 14:06:34 2017 -0400 Committer: Marcus Christie Committed: Tue Sep 19 14:06:34 2017 -0400 -- django_airavata/settings.py | 10 ++ 1 file changed, 10 insertions(+) -- http://git-wip-us.apache.org/repos/asf/airavata-django-portal/blob/4147972a/django_airavata/settings.py -- diff --git a/django_airavata/settings.py b/django_airavata/settings.py index c0b55d9..c803a33 100644 --- a/django_airavata/settings.py +++ b/django_airavata/settings.py @@ -129,6 +129,16 @@ USE_TZ = True STATIC_URL = '/static/' STATICFILES_DIRS = [os.path.join(BASE_DIR, "django_airavata", "static")] +# Django REST Framework configuration +REST_FRAMEWORK = { +'DEFAULT_AUTHENTICATION_CLASSES': ( +'rest_framework.authentication.SessionAuthentication', +), +'DEFAULT_PERMISSION_CLASSES': ( +'rest_framework.permissions.IsAuthenticated', +), +} + AUTHENTICATION_BACKENDS = [ 'django_airavata.apps.auth.backends.KeycloakBackend' ]
[3/4] airavata-django-portal git commit: Namespacing API urls
Namespacing API urls Project: http://git-wip-us.apache.org/repos/asf/airavata-django-portal/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata-django-portal/commit/e8e0fc44 Tree: http://git-wip-us.apache.org/repos/asf/airavata-django-portal/tree/e8e0fc44 Diff: http://git-wip-us.apache.org/repos/asf/airavata-django-portal/diff/e8e0fc44 Branch: refs/heads/master Commit: e8e0fc44f4c7764dfb48d3f9a227a2ad7d5898f2 Parents: c975f46 Author: Marcus ChristieAuthored: Mon Sep 18 10:09:54 2017 -0400 Committer: Marcus Christie Committed: Mon Sep 18 10:09:54 2017 -0400 -- django_airavata/apps/api/serializers.py | 6 +++--- django_airavata/apps/api/urls.py| 1 + django_airavata/apps/api/views.py | 4 ++-- 3 files changed, 6 insertions(+), 5 deletions(-) -- http://git-wip-us.apache.org/repos/asf/airavata-django-portal/blob/e8e0fc44/django_airavata/apps/api/serializers.py -- diff --git a/django_airavata/apps/api/serializers.py b/django_airavata/apps/api/serializers.py index 7f38bf1..12442dd 100644 --- a/django_airavata/apps/api/serializers.py +++ b/django_airavata/apps/api/serializers.py @@ -42,13 +42,13 @@ class GatewayIdDefaultField(serializers.CharField): self.default = settings.GATEWAY_ID class ProjectSerializer(serializers.Serializer): -url = FullyEncodedHyperlinkedIdentityField(view_name='project-detail', lookup_field='projectID', lookup_url_kwarg='project_id') +url = FullyEncodedHyperlinkedIdentityField(view_name='django_airavata_api:project-detail', lookup_field='projectID', lookup_url_kwarg='project_id') projectID = serializers.CharField(read_only=True) name = serializers.CharField(required=True) description = serializers.CharField(required=False) owner = GatewayUsernameDefaultField() gatewayId = GatewayIdDefaultField() -experiments = FullyEncodedHyperlinkedIdentityField(view_name='project-experiments', lookup_field='projectID', lookup_url_kwarg='project_id') +experiments = FullyEncodedHyperlinkedIdentityField(view_name='django_airavata_api:project-experiments', lookup_field='projectID', lookup_url_kwarg='project_id') def create(self, validated_data): return Project(**validated_data) @@ -65,7 +65,7 @@ class ExperimentSerializer(serializers.Serializer): experimentId = serializers.CharField(read_only=True) projectId = serializers.CharField(required=True) -project = FullyEncodedHyperlinkedIdentityField(view_name='project-detail', lookup_field='projectId', lookup_url_kwarg='project_id') +project = FullyEncodedHyperlinkedIdentityField(view_name='django_airavata_api:project-detail', lookup_field='projectId', lookup_url_kwarg='project_id') gatewayId = GatewayIdDefaultField() experimentType = serializers.CharField(required=True) userName = GatewayUsernameDefaultField() http://git-wip-us.apache.org/repos/asf/airavata-django-portal/blob/e8e0fc44/django_airavata/apps/api/urls.py -- diff --git a/django_airavata/apps/api/urls.py b/django_airavata/apps/api/urls.py index 750e677..1c5e19b 100644 --- a/django_airavata/apps/api/urls.py +++ b/django_airavata/apps/api/urls.py @@ -12,6 +12,7 @@ logger = logging.getLogger(__name__) router = routers.SimpleRouter() router.register(r'projects', views.ProjectViewSet, base_name='project') +app_name = 'django_airavata_api' urlpatterns = [ url(r'^$', views.api_root), # url(r'^projects/$', views.ProjectList.as_view(), name='api_project_list'), http://git-wip-us.apache.org/repos/asf/airavata-django-portal/blob/e8e0fc44/django_airavata/apps/api/views.py -- diff --git a/django_airavata/apps/api/views.py b/django_airavata/apps/api/views.py index 1181fa3..416fa5a 100644 --- a/django_airavata/apps/api/views.py +++ b/django_airavata/apps/api/views.py @@ -17,8 +17,8 @@ from django.views.decorators.csrf import csrf_exempt @api_view(['GET']) def api_root(request, format=None): return Response({ -'projects': reverse('project-list', request=request, format=format), -'experiments': reverse('api_experiment_list', request=request, format=format) +'projects': reverse('django_airavata_api:project-list', request=request, format=format), +'experiments': reverse('django_airavata_api:api_experiment_list', request=request, format=format) }) class GenericAPIBackedViewSet(GenericViewSet):
[1/4] airavata-django-portal git commit: Adding project's experiments to ProjectViewSet
Repository: airavata-django-portal Updated Branches: refs/heads/master 4253233ff -> 4147972a1 Adding project's experiments to ProjectViewSet Project: http://git-wip-us.apache.org/repos/asf/airavata-django-portal/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata-django-portal/commit/0a2bc1c5 Tree: http://git-wip-us.apache.org/repos/asf/airavata-django-portal/tree/0a2bc1c5 Diff: http://git-wip-us.apache.org/repos/asf/airavata-django-portal/diff/0a2bc1c5 Branch: refs/heads/master Commit: 0a2bc1c50cc53dfd030c6bec170f2d380ebf2404 Parents: 4253233 Author: Marcus ChristieAuthored: Mon Sep 18 09:19:59 2017 -0400 Committer: Marcus Christie Committed: Mon Sep 18 09:19:59 2017 -0400 -- django_airavata/apps/api/serializers.py | 4 ++-- django_airavata/apps/api/urls.py| 10 +- django_airavata/apps/api/views.py | 17 +++-- 3 files changed, 18 insertions(+), 13 deletions(-) -- http://git-wip-us.apache.org/repos/asf/airavata-django-portal/blob/0a2bc1c5/django_airavata/apps/api/serializers.py -- diff --git a/django_airavata/apps/api/serializers.py b/django_airavata/apps/api/serializers.py index d13b718..7f38bf1 100644 --- a/django_airavata/apps/api/serializers.py +++ b/django_airavata/apps/api/serializers.py @@ -42,13 +42,13 @@ class GatewayIdDefaultField(serializers.CharField): self.default = settings.GATEWAY_ID class ProjectSerializer(serializers.Serializer): -url = FullyEncodedHyperlinkedIdentityField(view_name='project-detail', lookup_field='projectID', lookup_url_kwarg='pk') +url = FullyEncodedHyperlinkedIdentityField(view_name='project-detail', lookup_field='projectID', lookup_url_kwarg='project_id') projectID = serializers.CharField(read_only=True) name = serializers.CharField(required=True) description = serializers.CharField(required=False) owner = GatewayUsernameDefaultField() gatewayId = GatewayIdDefaultField() -experiments = FullyEncodedHyperlinkedIdentityField(view_name='api_project_experiments_list', lookup_field='projectID', lookup_url_kwarg='project_id') +experiments = FullyEncodedHyperlinkedIdentityField(view_name='project-experiments', lookup_field='projectID', lookup_url_kwarg='project_id') def create(self, validated_data): return Project(**validated_data) http://git-wip-us.apache.org/repos/asf/airavata-django-portal/blob/0a2bc1c5/django_airavata/apps/api/urls.py -- diff --git a/django_airavata/apps/api/urls.py b/django_airavata/apps/api/urls.py index 544c07b..750e677 100644 --- a/django_airavata/apps/api/urls.py +++ b/django_airavata/apps/api/urls.py @@ -5,6 +5,10 @@ from django.conf.urls import include, url from rest_framework import routers from rest_framework.urlpatterns import format_suffix_patterns +import logging + +logger = logging.getLogger(__name__) + router = routers.SimpleRouter() router.register(r'projects', views.ProjectViewSet, base_name='project') @@ -13,10 +17,14 @@ urlpatterns = [ # url(r'^projects/$', views.ProjectList.as_view(), name='api_project_list'), # More specific, longer URLs should come before less specific, shorter ones # since the regular expression for project_id allows any character, even '/' -url(r'^projects/(?P.+)/experiments/$', views.ProjectExperimentList.as_view(), name='api_project_experiments_list'), +# url(r'^projects/(?P.+)/experiments/$', views.ProjectExperimentList.as_view(), name='api_project_experiments_list'), # url(r'^projects/(?P.+)/$', views.ProjectDetail.as_view(), name='api_project_detail'), url(r'^experiments/$', views.ExperimentList.as_view(), name='api_experiment_list'), url(r'^', include(router.urls)), ] +if logger.isEnabledFor(logging.DEBUG): +for url in router.urls: +logger.debug("router url: {}".format(url)) + urlpatterns = format_suffix_patterns(urlpatterns) \ No newline at end of file http://git-wip-us.apache.org/repos/asf/airavata-django-portal/blob/0a2bc1c5/django_airavata/apps/api/views.py -- diff --git a/django_airavata/apps/api/views.py b/django_airavata/apps/api/views.py index 2de3ba8..1181fa3 100644 --- a/django_airavata/apps/api/views.py +++ b/django_airavata/apps/api/views.py @@ -2,7 +2,7 @@ from . import serializers from rest_framework import status, mixins -from rest_framework.decorators import api_view +from rest_framework.decorators import api_view, detail_route from rest_framework.views import APIView from rest_framework.viewsets import GenericViewSet from rest_framework.response import Response @@ -81,6 +81,7 @@ class
[2/4] airavata-django-portal git commit: Fix calling ProjectViewSet directly to get project list
Fix calling ProjectViewSet directly to get project list Project: http://git-wip-us.apache.org/repos/asf/airavata-django-portal/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata-django-portal/commit/c975f46f Tree: http://git-wip-us.apache.org/repos/asf/airavata-django-portal/tree/c975f46f Diff: http://git-wip-us.apache.org/repos/asf/airavata-django-portal/diff/c975f46f Branch: refs/heads/master Commit: c975f46f65eed677d12c16927a5aa25a5832260e Parents: 0a2bc1c Author: Marcus ChristieAuthored: Mon Sep 18 09:30:47 2017 -0400 Committer: Marcus Christie Committed: Mon Sep 18 09:44:56 2017 -0400 -- django_airavata/apps/workspace/views.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/airavata-django-portal/blob/c975f46f/django_airavata/apps/workspace/views.py -- diff --git a/django_airavata/apps/workspace/views.py b/django_airavata/apps/workspace/views.py index 6967f25..b7d8d8f 100644 --- a/django_airavata/apps/workspace/views.py +++ b/django_airavata/apps/workspace/views.py @@ -13,7 +13,7 @@ logger = logging.getLogger(__name__) @login_required def projects_list(request): -response = ProjectList().get(request) +response = ProjectViewSet.as_view({'get': 'list'})(request) projects_json = JSONRenderer().render(response.data) return render(request, 'django_airavata_workspace/projects_list.html', {