def test_02_condor_ce_run_condor(self): core.skip_ok_unless_installed('htcondor-ce', 'htcondor-ce-client', 'htcondor-ce-condor', 'condor') self.skip_bad_unless(service.is_running('condor-ce'), 'ce not running') self.skip_bad_unless(service.is_running('condor'), 'condor not running') self.skip_bad_unless(core.state['jobs.env-set'], 'job environment not set') token_file = core.config['token.condor_write'] self.skip_bad_unless( core.state['proxy.valid'] or os.path.exists(token_file), 'requires a scitoken or a proxy') command = [ 'condor_ce_run', '--debug', '-r', '%s:9619' % core.get_hostname(), '/bin/env' ] if os.path.exists(token_file): # FIXME: After HTCONDOR-636 is released (targeted for HTCondor-CE 5.1.2), # we can stop setting _condor_SCITOKENS_FILE for token_var in ('_condor_SCITOKENS_FILE', 'BEARER_TOKEN_FILE'): os.environ[token_var] = token_file else: core.log_message( 'condor WRITE token not found; skipping SCITOKENS auth') if core.osg_release() == "3.6" and \ core.PackageVersion('condor') >= '9.0.0' and \ core.PackageVersion('condor') < '9.0.8': with core.no_x509(core.options.username): self.run_job_in_tmp_dir(command, 'condor_ce_run a Condor job') else: self.run_job_in_tmp_dir(command, 'condor_ce_run a Condor job')
def run_trace(self, *args): """Run condor_ce_trace along with any additional *args. If trace completes with a held job, also return output from 'condor_ce_q -held'. """ cwd = os.getcwd() os.chdir('/tmp') self.command += ['condor_ce_trace', '--debug' ] + list(args) + [core.get_hostname()] if core.osg_release() == "3.6" and \ core.PackageVersion('condor') >= '9.0.0' and \ core.PackageVersion('condor') < '9.0.8': with core.no_x509(core.options.username): trace_rc, trace_out, trace_err = core.system(self.command, user=True) else: trace_rc, trace_out, trace_err = core.system(self.command, user=True) os.chdir(cwd) if trace_rc: msg = 'condor_ce_trace failed' if trace_out.find(', was held'): msg = 'condor_ce_trace job held' _, hold_out, hold_err = core.system(('condor_ce_q', '-held')) self.fail( core.diagnose(msg, self.command, trace_rc, str(trace_out) + str(hold_out), str(trace_err) + str(hold_err))) return trace_out, trace_err
def test_06b_xrdcp_download_scitoken(self): self.skip_unless_security("SCITOKENS") remote_file = TestXrootd.user_file_to_download remote_url = xroot_url(remote_file) command = ('xrdcp', '--nopbar', '--debug', '2', remote_url, TestXrootd.download_temp) message = "xrdcp download with scitoken" with core.no_x509(core.options.username), core.environ_context( {"BEARER_TOKEN_FILE": core.config['token.xrootd']}): self._test_download(remote_file, command, message)
def test_04b_xrdcp_upload_scitoken_authenticated_denied(self): self.skip_unless_security("SCITOKENS") try: with core.no_x509(core.options.username), core.environ_context( {"BEARER_TOKEN_FILE": core.config['token.xrootd']}): xrootd_url = xroot_url(TestXrootd.rootdir_copied_file) command = ('xrdcp', '--debug', '2', TestXrootd.__data_path, xrootd_url) core.check_system( command, "Authenticated xrdcp upload to dir w/o write access (should be denied)", exit=ERR_PERMISSION_DENIED, user=True) self.assertFalse( os.path.exists(TestXrootd.rootdir_copied_file), "Uploaded file wrongly present") finally: files.remove(TestXrootd.rootdir_copied_file)
def test_03b_xrdcp_upload_scitoken_authenticated(self): self.skip_unless_security("SCITOKENS") xrootd_url = xroot_url(TestXrootd.user_copied_file_scitoken) command = ('xrdcp', '--force', '--debug', '2', TestXrootd.__data_path, xrootd_url) with core.no_x509(core.options.username): # TODO: Passing token contents with $BEARER_TOKEN or having the token be in /tmp/bt_u$UID is currently # broken (token is not found/not used). Using $BEARER_TOKEN_FILE or having the token be in # $X509_RUNTIME_DIR/bt_u$UID works. Bug report forthcoming. with core.environ_context({ "BEARER_TOKEN": core.state['token.xrootd_contents'], "BEARER_TOKEN_FILE": None }): message = "xrdcp upload to user dir with scitoken in BEARER_TOKEN" expected_exit = 0 if core.PackageVersion("xrootd-libs") <= "5.3.2": message += " (expected failure)" expected_exit = ERR_AUTH_FAIL core.check_system(command, message, exit=expected_exit, user=True) with core.environ_context({ "BEARER_TOKEN_FILE": core.config['token.xrootd'], "BEARER_TOKEN": None }): message = "xrdcp upload to user dir with scitoken file in BEARER_TOKEN_FILE" expected_exit = 0 core.check_system(command, message, exit=expected_exit, user=True) # TODO: Test token discovery at $X509_RUNTIME_DIR/bt_u$UID and /tmp/bt_u$UID self.assert_(os.path.exists(TestXrootd.user_copied_file_scitoken), "Uploaded file missing")