Skip to content

Commit

Permalink
sweep: #7208 feat: pilot submission with tokens in a multi-VO setup
Browse files Browse the repository at this point in the history
  • Loading branch information
aldbr authored and web-flow committed Oct 20, 2023
1 parent 271a3e1 commit a8aca80
Showing 1 changed file with 11 additions and 2 deletions.
13 changes: 11 additions & 2 deletions src/DIRAC/WorkloadManagementSystem/Agent/SiteDirector.py
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@
from DIRAC.MonitoringSystem.Client.MonitoringReporter import MonitoringReporter
from DIRAC.ResourceStatusSystem.Client.ResourceStatus import ResourceStatus
from DIRAC.ResourceStatusSystem.Client.SiteStatus import SiteStatus
from DIRAC.Resources.Computing.ComputingElement import ComputingElement
from DIRAC.WorkloadManagementSystem.Client import PilotStatus
from DIRAC.WorkloadManagementSystem.Client.PilotScopes import PILOT_SCOPES

Expand Down Expand Up @@ -446,7 +447,7 @@ def submitPilots(self):
ce.setProxy(proxy, lifetime_secs)

# Get valid token if needed
if "Token" in ce.ceParameters.get("Tag", []):
if self.__supportToken(ce):
result = self.__getPilotToken(audience=ce.audienceName)
if not result["OK"]:
return result
Expand All @@ -467,6 +468,14 @@ def submitPilots(self):

return S_OK()

def __supportToken(self, ce: ComputingElement) -> bool:
"""Check whether the SiteDirector is able to submit pilots with tokens.
* the CE is able to receive any token. Validation: Tag = Token should be included in the CE parameters.
* the CE is able to receive VO-specifc tokens. Validation: Tag = Token:<VO> should be included in the CE parameters.
"""
return "Token" in ce.ceParameters.get("Tag", []) or f"Token:{self.vo}" in ce.ceParameters.get("Tag", [])

def __getPilotToken(self, audience: str, scope: list[str] = None):
"""Get the token corresponding to the pilot user identity
Expand Down Expand Up @@ -1234,7 +1243,7 @@ def _updatePilotStatusPerQueue(self, queue, proxy):
ce.setProxy(proxy, 23300)

# Get valid token if needed
if "Token" in ce.ceParameters.get("Tag", []):
if self.__supportToken(ce):
result = self.__getPilotToken(audience=ce.audienceName)
if not result["OK"]:
self.log.error("Failed to get token", f"{ceName}: {result['Message']}")
Expand Down

0 comments on commit a8aca80

Please sign in to comment.