fedcloudclient API references¶
fedcloudclient.checkin module¶
Implementation of "fedcloud token" commands for interactions with EGI Check-in and access tokens
- fedcloudclient.checkin.get_access_token(oidc_access_token, oidc_refresh_token, oidc_client_id, oidc_client_secret, oidc_url, oidc_agent_account)[source]¶
Getting access token. Generate new access token from oidc-agent or refresh token (if given) or use existing token
Check expiration time of access token Raise error if no valid token exists
- Parameters
oidc_access_token --
oidc_refresh_token --
oidc_client_id --
oidc_client_secret --
oidc_url --
oidc_agent_account --
- Returns
access token
- fedcloudclient.checkin.oidc_discover(oidc_url)[source]¶
Discover oidc endpoints
- Parameters
oidc_url -- CheckIn URL
- Returns
JSON object of OIDC configuration
- fedcloudclient.checkin.refresh_access_token(oidc_client_id, oidc_client_secret, oidc_refresh_token, oidc_url)[source]¶
Retrieve access token in plain text (string)
- Parameters
oidc_client_id --
oidc_client_secret --
oidc_refresh_token --
oidc_url --
- Returns
access token
fedcloudclient.endpoint module¶
"fedcloud endpoint" commands are complementary part of the "fedcloud site" commands.
Instead of using site configurations defined in files saved in GitHub repository or local disk, the commands try to get site information directly from GOCDB (Grid Operations Configuration Management Database) https://goc.egi.eu/ or make probe test on sites
- fedcloudclient.endpoint.find_endpoint(service_type, production=True, monitored=True, site=None)[source]¶
Searching GOCDB for endpoints according to service types and status
- Parameters
service_type --
production --
monitored --
site -- list of sites, None for searching all sites
- Returns
list of endpoints
- fedcloudclient.endpoint.get_keystone_url(os_auth_url, path)[source]¶
Helper function for fixing keystone URL
- fedcloudclient.endpoint.get_project_id_from_vo_site(access_token, vo, site)[source]¶
Deprecated in favor of new functions in sites.py
Get project ID from site ID and VO name
- fedcloudclient.endpoint.get_projects(os_auth_url, unscoped_token)[source]¶
Get list of projects from unscoped token
- fedcloudclient.endpoint.get_projects_from_sites(access_token, site)[source]¶
Get all projects from sites using access token
- fedcloudclient.endpoint.get_projects_from_sites_dict(access_token, site)[source]¶
Get all projects as a dictionary from sites using access token,
- fedcloudclient.endpoint.get_scoped_token(os_auth_url, access_token, project_id)[source]¶
Get a scoped token, trying various protocol names if needed
- fedcloudclient.endpoint.get_sites()[source]¶
Get list of sites (using GOCDB instead of site configuration)
- Returns
list of site IDs
fedcloudclient.sites module¶
"fedcloud site" commands will read site configurations and manipulate with them. If the local site configurations exist at ~/.config/fedcloud/site-config/, fedcloud will read them from there, otherwise the commands will read from GitHub repository.
By default, fedcloud does not save anything on local disk, users have to save the site configuration to local disk explicitly via "fedcloud site save-config" command. The advantage of having local site configurations, beside faster loading, is to give users ability to make customizations, e.g. add additional VOs, remove sites they do not have access, and so on.
- fedcloudclient.sites.delete_site_config(config_dir)[source]¶
Delete site configs to local directory specified in config_dir.
- Parameters
config_dir -- path to directory containing site configuration
- Returns
None
- fedcloudclient.sites.find_endpoint_and_project_id(site_name, vo)[source]¶
Return Keystone endpoint and project ID from site name and VO according to site configuration
- Parameters
site_name -- site ID in GOCDB
vo -- VO name. None if finding only site endpoint
- Returns
endpoint, project_id, protocol if the VO exist on the site, otherwise None, None, None
- fedcloudclient.sites.find_site_data(site_name)[source]¶
Return configuration of the correspondent site with site_name
- Parameters
site_name -- site ID in GOCDB
- Returns
configuration of site if found, otherwise None
- fedcloudclient.sites.list_sites()[source]¶
List of all sites IDs in site configurations
- Returns
list of site IDs
- fedcloudclient.sites.read_default_site_config()[source]¶
Read default site configurations from GitHub. Storing site configurations in a global variable, that will be used by other functions
- Returns
None
- fedcloudclient.sites.read_local_site_config(config_dir)[source]¶
Read site configurations from local directory specified in config_dir. Storing site configurations in global variable, that will be used by other functions
- Parameters
config_dir -- path to directory containing site configuration
- Returns
None
- fedcloudclient.sites.read_site_config()[source]¶
Read site configurations from local config dir if exist, otherwise from default GitHub location. Storing site configurations in global variable, that will be used by other functions. Call read_local_site_config() or read_default_site_config()
- Returns
None
- fedcloudclient.sites.read_site_schema()[source]¶
Read schema.json for validating site configuration
- Returns
JSON object from schema.json
fedcloudclient.openstack module¶
Implementation of "fedcloud openstack" or "fedcloud openstack-int" for performing OpenStack commands on sites
- fedcloudclient.openstack.check_openstack_client_installation()[source]¶
Check if openstack command-line client is installed and available via $PATH
- Returns
True if available
- fedcloudclient.openstack.fedcloud_openstack(oidc_access_token, site, vo, openstack_command, json_output=True)[source]¶
Simplified version of fedcloud_openstack_full() function using default EGI setting for identity provider and protocols Call openstack client with default options for EGI Check-in
- Parameters
oidc_access_token -- Checkin access token. Passed to openstack client as --os-access-token
site -- site ID in GOCDB
vo -- VO name
openstack_command -- OpenStack command in tuple, e.g. ("image", "list", "--long")
json_output -- if result is JSON object or string. Default:True
- Returns
error code, result or error message
- fedcloudclient.openstack.fedcloud_openstack_full(oidc_access_token, openstack_auth_protocol, openstack_auth_type, checkin_identity_provider, site, vo, openstack_command, json_output=True)[source]¶
Calling openstack client with full options specified, including support for other identity providers and protocols
- Parameters
oidc_access_token -- Checkin access token. Passed to openstack client as --os-access-token
openstack_auth_protocol -- Checkin protocol (openid, oidc). Passed to openstack client as --os-protocol
openstack_auth_type -- Checkin authentication type (v3oidcaccesstoken). Passed to openstack client as --os-auth-type
checkin_identity_provider -- Checkin identity provider in mapping (egi.eu). Passed to openstack client as --os-identity-provider
site -- site ID in GOCDB
vo -- VO name
openstack_command -- OpenStack command in tuple, e.g. ("image", "list", "--long")
json_output -- if result is JSON object or string. Default:True
- Returns
error code, result or error message
fedcloudclient.cli module¶
Main CLI module