def test_02_condor_ce_run_condor(self):
core.skip_ok_unless_installed('htcondor-ce', 'htcondor-ce-client',
'htcondor-ce-condor', 'condor')
self.skip_bad_unless(service.is_running('condor-ce'), 'ce not running')
self.skip_bad_unless(service.is_running('condor'),
'condor not running')
self.skip_bad_unless(core.state['jobs.env-set'],
'job environment not set')
token_file = core.config['token.condor_write']
self.skip_bad_unless(
core.state['proxy.valid'] or os.path.exists(token_file),
'requires a scitoken or a proxy')
command = [
'condor_ce_run', '--debug', '-r',
'%s:9619' % core.get_hostname(), '/bin/env'
]
if os.path.exists(token_file):
# FIXME: After HTCONDOR-636 is released (targeted for HTCondor-CE 5.1.2),
# we can stop setting _condor_SCITOKENS_FILE
for token_var in ('_condor_SCITOKENS_FILE', 'BEARER_TOKEN_FILE'):
os.environ[token_var] = token_file
else:
core.log_message(
'condor WRITE token not found; skipping SCITOKENS auth')
if core.osg_release() == "3.6" and \
core.PackageVersion('condor') >= '9.0.0' and \
core.PackageVersion('condor') < '9.0.8':
with core.no_x509(core.options.username):
self.run_job_in_tmp_dir(command, 'condor_ce_run a Condor job')
else:
self.run_job_in_tmp_dir(command, 'condor_ce_run a Condor job')
def run_trace(self, *args):
"""Run condor_ce_trace along with any additional *args. If trace completes with a held job, also return output
from 'condor_ce_q -held'.
"""
cwd = os.getcwd()
os.chdir('/tmp')
self.command += ['condor_ce_trace', '--debug'
] + list(args) + [core.get_hostname()]
if core.osg_release() == "3.6" and \
core.PackageVersion('condor') >= '9.0.0' and \
core.PackageVersion('condor') < '9.0.8':
with core.no_x509(core.options.username):
trace_rc, trace_out, trace_err = core.system(self.command,
user=True)
else:
trace_rc, trace_out, trace_err = core.system(self.command,
user=True)
os.chdir(cwd)
if trace_rc:
msg = 'condor_ce_trace failed'
if trace_out.find(', was held'):
msg = 'condor_ce_trace job held'
_, hold_out, hold_err = core.system(('condor_ce_q', '-held'))
self.fail(
core.diagnose(msg, self.command, trace_rc,
str(trace_out) + str(hold_out),
str(trace_err) + str(hold_err)))
return trace_out, trace_err
def test_06b_xrdcp_download_scitoken(self):
self.skip_unless_security("SCITOKENS")
remote_file = TestXrootd.user_file_to_download
remote_url = xroot_url(remote_file)
command = ('xrdcp', '--nopbar', '--debug', '2', remote_url,
TestXrootd.download_temp)
message = "xrdcp download with scitoken"
with core.no_x509(core.options.username), core.environ_context(
{"BEARER_TOKEN_FILE": core.config['token.xrootd']}):
self._test_download(remote_file, command, message)
def test_04b_xrdcp_upload_scitoken_authenticated_denied(self):
self.skip_unless_security("SCITOKENS")
try:
with core.no_x509(core.options.username), core.environ_context(
{"BEARER_TOKEN_FILE": core.config['token.xrootd']}):
xrootd_url = xroot_url(TestXrootd.rootdir_copied_file)
command = ('xrdcp', '--debug', '2', TestXrootd.__data_path,
xrootd_url)
core.check_system(
command,
"Authenticated xrdcp upload to dir w/o write access (should be denied)",
exit=ERR_PERMISSION_DENIED,
user=True)
self.assertFalse(
os.path.exists(TestXrootd.rootdir_copied_file),
"Uploaded file wrongly present")
finally:
files.remove(TestXrootd.rootdir_copied_file)
def test_03b_xrdcp_upload_scitoken_authenticated(self):
self.skip_unless_security("SCITOKENS")
xrootd_url = xroot_url(TestXrootd.user_copied_file_scitoken)
command = ('xrdcp', '--force', '--debug', '2', TestXrootd.__data_path,
xrootd_url)
with core.no_x509(core.options.username):
# TODO: Passing token contents with $BEARER_TOKEN or having the token be in /tmp/bt_u$UID is currently
# broken (token is not found/not used). Using $BEARER_TOKEN_FILE or having the token be in
# $X509_RUNTIME_DIR/bt_u$UID works. Bug report forthcoming.
with core.environ_context({
"BEARER_TOKEN":
core.state['token.xrootd_contents'],
"BEARER_TOKEN_FILE":
None
}):
message = "xrdcp upload to user dir with scitoken in BEARER_TOKEN"
expected_exit = 0
if core.PackageVersion("xrootd-libs") <= "5.3.2":
message += " (expected failure)"
expected_exit = ERR_AUTH_FAIL
core.check_system(command,
message,
exit=expected_exit,
user=True)
with core.environ_context({
"BEARER_TOKEN_FILE":
core.config['token.xrootd'],
"BEARER_TOKEN":
None
}):
message = "xrdcp upload to user dir with scitoken file in BEARER_TOKEN_FILE"
expected_exit = 0
core.check_system(command,
message,
exit=expected_exit,
user=True)
# TODO: Test token discovery at $X509_RUNTIME_DIR/bt_u$UID and /tmp/bt_u$UID
self.assert_(os.path.exists(TestXrootd.user_copied_file_scitoken),
"Uploaded file missing")