From b7771accdd2fbc3d1b9677de3c6c0c5cca02da29 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20Zl=C3=A1mal?= Date: Wed, 16 Mar 2022 13:29:24 +0100 Subject: [PATCH 1/2] feat(rt_data_vocesnet): added service pushing vo cesnet data to RT - Generate CSV with "user_id,vo_cesnet_member_mail,eppns" required for processing on RT instance. - Only valid members of VO cesnet are pushed, others are ignored. - Simple slave script copying rt-data-vocesnet file to /tmp/. --- gen/rt_data_vocesnet | 92 +++++++++++++++++++ send/rt_data_vocesnet | 4 + .../bin/process-rt_data_vocesnet.sh | 25 +++++ slave/process-rt-data-vocesnet/changelog | 5 + slave/process-rt-data-vocesnet/dependencies | 1 + .../process-rt-data-vocesnet/rpm.dependencies | 1 + slave/process-rt-data-vocesnet/short_desc | 1 + 7 files changed, 129 insertions(+) create mode 100755 gen/rt_data_vocesnet create mode 100755 send/rt_data_vocesnet create mode 100755 slave/process-rt-data-vocesnet/bin/process-rt_data_vocesnet.sh create mode 100644 slave/process-rt-data-vocesnet/changelog create mode 100644 slave/process-rt-data-vocesnet/dependencies create mode 100644 slave/process-rt-data-vocesnet/rpm.dependencies create mode 100644 slave/process-rt-data-vocesnet/short_desc diff --git a/gen/rt_data_vocesnet b/gen/rt_data_vocesnet new file mode 100755 index 00000000..31abbbfd --- /dev/null +++ b/gen/rt_data_vocesnet @@ -0,0 +1,92 @@ +#!/usr/bin/perl +use strict; +use warnings; +use perunServicesInit; +use perunServicesUtils; +use File::Basename; +use utf8; + +binmode STDOUT, ":utf8"; + +our $SERVICE_NAME = basename($0); +our $PROTOCOL_VERSION = "3.0.0"; +my $SCRIPT_VERSION = "3.0.0"; + +perunServicesInit::init; +my $DIRECTORY = perunServicesInit::getDirectory; +my $data = perunServicesInit::getHashedHierarchicalData; + +#Constants +our $A_USER_ID; *A_USER_ID = \'urn:perun:user:attribute-def:core:id'; +our $A_USER_EPPN; *A_USER_EPPN = \'urn:perun:user:attribute-def:virt:eduPersonPrincipalNames'; +our $A_MEMBER_STATUS; *A_MEMBER_STATUS = \'urn:perun:member:attribute-def:core:status'; +our $A_MEMBER_MAIL; *A_MEMBER_MAIL = \'urn:perun:member:attribute-def:def:mail'; +our $A_RES_VO_NAME; *A_RES_VO_NAME = \'urn:perun:resource:attribute-def:virt:voShortName'; + +our $STATUS_VALID; *STATUS_VALID = \'VALID'; + +#Other constants +our $EINFRA_DOMAIN = '@einfra.cesnet.cz'; +our $META_DOMAIN = '@meta.cesnet.cz'; + +my $service_file_name = "$DIRECTORY/$::SERVICE_NAME"; + +my $usersStructureByUserId = {}; + +##################################### + +foreach my $resourceId ($data->getResourceIds()) { + + my $voName = $data->getResourceAttributeValue(attrName => $A_RES_VO_NAME, resource => $resourceId); + + if ($voName ne 'cesnet') { + # allow only single VO "cesnet" -> data from all resources will be the same, including member mail + next; + } + + foreach my $memberId ($data->getMemberIdsForResource(resource => $resourceId)) { + + #skip non-valid members + next if $data->getMemberAttributeValue(attrName => $A_MEMBER_STATUS, member => $memberId) ne $STATUS_VALID; + + my $userId = $data->getUserAttributeValue(attrName => $A_USER_ID, member => $memberId); + + unless(defined $usersStructureByUserId->{$userId}) { + + my $mail = $data->getMemberAttributeValue(attrName => $A_MEMBER_MAIL, member => $memberId); + $usersStructureByUserId->{$userId}->{$A_MEMBER_MAIL} = $mail; + + #if user has meta eppn, he should have also einfra eppn + my %userEPPNs = map { $_ => 1 } @{$data->getUserAttributeValue(attrName => $A_USER_EPPN, member => $memberId)}; + foreach my $eppn (keys %userEPPNs) { + if($eppn =~ m/$META_DOMAIN/) { + my $neweppn = $eppn; + $neweppn =~ s/$META_DOMAIN/$EINFRA_DOMAIN/ge; + $userEPPNs{$neweppn} = 1; + } + } + #list of eppns must be unique + $usersStructureByUserId->{$userId}->{$A_USER_EPPN} = \%userEPPNs; + + } + + } +} + +####### FILE WITH DATA FOR OUTPUT FILE ###### +open SERVICE_FILE,">$service_file_name" or die "Cannot open $service_file_name: $! \n"; +binmode SERVICE_FILE, ":utf8"; + +#print header to the file +print SERVICE_FILE "user_id\tmail\teppns\n"; + +foreach my $userId (sort { $a <=> $b } keys %$usersStructureByUserId) { + print SERVICE_FILE $userId . "\t"; + print SERVICE_FILE $usersStructureByUserId->{$userId}->{$A_MEMBER_MAIL} . "\t"; + print SERVICE_FILE join(',', sort keys %{$usersStructureByUserId->{$userId}->{$A_USER_EPPN}}); + print SERVICE_FILE "\n"; +} + +close(SERVICE_FILE); + +perunServicesInit::finalize; diff --git a/send/rt_data_vocesnet b/send/rt_data_vocesnet new file mode 100755 index 00000000..660930c7 --- /dev/null +++ b/send/rt_data_vocesnet @@ -0,0 +1,4 @@ +#!/bin/bash +SERVICE_NAME="rt_data_vocesnet" + +. generic_send diff --git a/slave/process-rt-data-vocesnet/bin/process-rt_data_vocesnet.sh b/slave/process-rt-data-vocesnet/bin/process-rt_data_vocesnet.sh new file mode 100755 index 00000000..175f562d --- /dev/null +++ b/slave/process-rt-data-vocesnet/bin/process-rt_data_vocesnet.sh @@ -0,0 +1,25 @@ +#!/bin/bash + +PROTOCOL_VERSION='3.0.0' + +function process { + + DST_DIR="/tmp/" + DST_FILE="rt-data-vocesnet" + + ### Status codes + I_CHANGED=(0 "${DST_FILE} updated") + E_NOT_CHANGE=(50 'Cannot copy file ${FROM_PERUN} to ${DST_FILE}') + + FROM_PERUN="${WORK_DIR}/rt_data_vocesnet" + + create_lock + + cp "${FROM_PERUN}" "${DST_DIR}/${DST_FILE}" + + if [ $? -eq 0 ]; then + log_msg I_CHANGED + else + log_msg E_NOT_CHANGED + fi +} diff --git a/slave/process-rt-data-vocesnet/changelog b/slave/process-rt-data-vocesnet/changelog new file mode 100644 index 00000000..d4f074fa --- /dev/null +++ b/slave/process-rt-data-vocesnet/changelog @@ -0,0 +1,5 @@ +perun-slave-process-rt-data-vocesnet (3.0.0) stable; urgency=low + + * New package for processing service rt_data_vocesnet + + -- Pavel Zlamal Wed, 16 Mar 2022 13:20:00 +0100 diff --git a/slave/process-rt-data-vocesnet/dependencies b/slave/process-rt-data-vocesnet/dependencies new file mode 100644 index 00000000..a6717984 --- /dev/null +++ b/slave/process-rt-data-vocesnet/dependencies @@ -0,0 +1 @@ +perun-slave-base diff --git a/slave/process-rt-data-vocesnet/rpm.dependencies b/slave/process-rt-data-vocesnet/rpm.dependencies new file mode 100644 index 00000000..a6717984 --- /dev/null +++ b/slave/process-rt-data-vocesnet/rpm.dependencies @@ -0,0 +1 @@ +perun-slave-base diff --git a/slave/process-rt-data-vocesnet/short_desc b/slave/process-rt-data-vocesnet/short_desc new file mode 100644 index 00000000..7910104b --- /dev/null +++ b/slave/process-rt-data-vocesnet/short_desc @@ -0,0 +1 @@ +Package for perun service - rt_data_vocesnet From 18e580b7d84c9c3107ba8f91f034ce34fa4d2672 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20Zl=C3=A1mal?= Date: Mon, 11 Apr 2022 08:12:56 +0200 Subject: [PATCH 2/2] fix(crm_ceitec): support working in the container - Moved expected location of local state file "crm_ceitec.last" from the same folder as send script to the spool sub-folder. - This allows the service to operate inside the perun-engine container and to have permanent local state on the machine. --- send/crm_ceitec | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/send/crm_ceitec b/send/crm_ceitec index 489a42e0..2033ff03 100755 --- a/send/crm_ceitec +++ b/send/crm_ceitec @@ -5,13 +5,14 @@ use File::Copy; use ScriptLock; use Data::Dumper; use Time::Piece; +use File::Path; sub diffCSV; sub logCRM; my $service_name = "crm_ceitec"; my $protocol_version = "3.1.0"; -my $script_version = "3.0.5"; +my $script_version = "3.0.6"; my $facility_name = $ARGV[0]; chomp($facility_name); @@ -20,6 +21,10 @@ chomp($facility_name); my $lock = ScriptLock->new($facility_name . "_" . $service_name); ($lock->lock() == 1) or die "Unable to get lock, service propagation was already running."; +# create send spool unless it exists +my $sendSpoolPath = "./spool/$facility_name/$service_name"; +mkpath($sendSpoolPath) or die "Error creating $sendSpoolPath\n" unless -d $sendSpoolPath; + my @diff = diffCSV(); my $error = 0; @@ -97,9 +102,9 @@ if ($error == 1) { # backup previous state by timestamp my $currentTimestamp = localtime->ymd . "-" . localtime->hms; - copy("./$service_name.last","./logs/$service_name.previous.".$currentTimestamp) or die "Move to backup failed: $!"; + copy("$sendSpoolPath/$service_name.last","./logs/$service_name.previous.".$currentTimestamp) or die "Move to backup failed: $!"; # make new state as LAST - copy("../gen/spool/$facility_name/$service_name/$service_name","./$service_name.last") or die "Move failed: $!"; + copy("../gen/spool/$facility_name/$service_name/$service_name","$sendSpoolPath/$service_name.last") or die "Move new state failed: $!"; $lock->unlock(); } # @@ -108,7 +113,7 @@ if ($error == 1) { sub diffCSV() { # Open last state file - my $storage_file_path = "./$service_name.last"; + my $storage_file_path = "$sendSpoolPath/$service_name.last"; open my $storage_file, $storage_file_path or die "Could not open $storage_file_path: $!"; # Open new gen file @@ -144,7 +149,7 @@ sub diffCSV() { my $keynumber = keys %previous_state; if ($keynumber < 1) { print "Previous state was empty! Exiting! See:\n$dest_fname_new\n$dest_fname_prev"; - copy("./$service_name.last",$dest_fname_prev) or die "Move to /tmp backup failed: $!"; + copy("$sendSpoolPath/$service_name.last",$dest_fname_prev) or die "Move to /tmp backup failed: $!"; copy($gen_file_path,$dest_fname_new) or die "Move to /tmp backup failed: $!"; $lock->unlock(); exit 1; @@ -153,14 +158,14 @@ sub diffCSV() { my $keynumber_new = keys %current_state; if ($keynumber_new < 1) { print "Current state is empty! Exiting! See:\n $dest_fname_new \n $dest_fname_prev"; - copy("./$service_name.last",$dest_fname_prev) or die "Move to /tmp backup failed: $!"; + copy("$sendSpoolPath/$service_name.last",$dest_fname_prev) or die "Move to /tmp backup failed: $!"; copy($gen_file_path,$dest_fname_new) or die "Move to /tmp backup failed: $!"; $lock->unlock(); exit 1; } if (@diff > 500) { - copy("./$service_name.last",$dest_fname_prev) or die "Move to /tmp backup failed: $!"; + copy("$sendSpoolPath/$service_name.last",$dest_fname_prev) or die "Move to /tmp backup failed: $!"; copy($gen_file_path,$dest_fname_new) or die "Move to /tmp backup failed: $!"; print "Updating more than 500 entries! Exiting for safety!\n"; logCRM("--- Would update ---\n" . Dumper(\@diff));