[ARVADOS] updated: 1.1.2-141-g0e3c1f9

Git user git at public.curoverse.com
Fri Feb 2 09:55:42 EST 2018


Summary of changes:
 .../app/assets/javascripts/components/search.js    |   4 +-
 .../app/assets/javascripts/components/sessions.js  |  12 +-
 .../app/assets/javascripts/models/session_db.js    |  96 +++++++--
 .../views/search/{index.html.erb => index.html}    |   3 +-
 apps/workbench/config/application.default.yml      |   5 -
 sdk/cwl/tests/arvados-tests.sh                     |   3 +
 sdk/cwl/tests/{secondary/dir => hg19}/hg19.fa      |   0
 sdk/cwl/tests/{secondary/dir => hg19}/hg19.fa.amb  |   0
 sdk/cwl/tests/{secondary/dir => hg19}/hg19.fa.ann  |   0
 sdk/cwl/tests/{secondary/dir => hg19}/hg19.fa.fai  |   0
 sdk/go/arvadostest/fixtures.go                     |   1 +
 .../controllers/arvados/v1/schema_controller.rb    |   1 +
 services/api/test/fixtures/users.yml               |  16 ++
 .../arvados/v1/schema_controller_test.rb           |   1 +
 .../crunch-dispatch-slurm/crunch-dispatch-slurm.go |  91 +++-----
 .../crunch-dispatch-slurm_test.go                  | 195 ++++++-----------
 services/crunch-dispatch-slurm/slurm.go            |  73 +++++++
 services/crunch-dispatch-slurm/squeue.go           |   9 +-
 services/crunch-run/crunchrun.go                   | 239 +++++++++------------
 services/crunch-run/crunchrun_test.go              | 143 ++++++------
 services/fuse/arvados_fuse/fusedir.py              | 105 ++++-----
 tools/arvbox/lib/arvbox/docker/Dockerfile.base     |   1 +
 tools/arvbox/lib/arvbox/docker/Dockerfile.demo     |   5 +-
 tools/arvbox/lib/arvbox/docker/crunch-setup.sh     |   9 +-
 tools/arvbox/lib/arvbox/docker/go-setup.sh         |  16 ++
 tools/arvbox/lib/arvbox/docker/keep-setup.sh       |   9 +-
 .../docker/service/arv-git-httpd/run-service       |   9 +-
 .../lib/arvbox/docker/service/composer/run-service |  12 +-
 .../service/crunch-dispatch-local/run-service      |  15 +-
 .../lib/arvbox/docker/service/keep-web/run-service |   9 +-
 .../arvbox/docker/service/keepproxy/run-service    |   9 +-
 .../arvbox/lib/arvbox/docker/service/postgres/run  |   2 +
 .../arvbox/docker/service/websockets/run-service   |   8 +-
 tools/sync-groups/sync-groups.go                   |  21 +-
 tools/sync-groups/sync-groups_test.go              |  33 +--
 35 files changed, 586 insertions(+), 569 deletions(-)
 rename apps/workbench/app/views/search/{index.html.erb => index.html} (52%)
 copy sdk/cwl/tests/{secondary/dir => hg19}/hg19.fa (100%)
 copy sdk/cwl/tests/{secondary/dir => hg19}/hg19.fa.amb (100%)
 copy sdk/cwl/tests/{secondary/dir => hg19}/hg19.fa.ann (100%)
 copy sdk/cwl/tests/{secondary/dir => hg19}/hg19.fa.fai (100%)
 create mode 100644 services/crunch-dispatch-slurm/slurm.go
 create mode 100644 tools/arvbox/lib/arvbox/docker/go-setup.sh

       via  0e3c1f9c71f537d000459cbd3159ca6c198461c8 (commit)
       via  75fd99e49f880aac55ae568c76c5151857e6beff (commit)
       via  dac01e1015f4d769a929651a74096e8a13592cf7 (commit)
       via  29e4cf39674f54e5607d84d612ff867a4add0347 (commit)
       via  ef2889f20ad25c30abb05c53cc5e08e2c2ed97d3 (commit)
       via  9482a917eef77ef64fc9fee27b0d107727f765ad (commit)
       via  b4351d725f01431856cbe1ea0e8faf8d4f91dd4e (commit)
       via  3a4434f8b767e05456eea248f645422b1ed670d0 (commit)
       via  5bd7108fed4a87eb7cc5a25844bb8c100977c968 (commit)
       via  1b7a6c0ca4fa348c313a0862cfca597319cfe08f (commit)
       via  90bffaaf5e537608c3a8d2520544bfdd9b98d286 (commit)
       via  8137793fcd26eed30004f62a0c9ed0f839a9bd5e (commit)
       via  b50ea3465244e66ecf2a852f598f5b576e705017 (commit)
       via  e6fa5ac95cff84a7b00dd8ab32349d88473400da (commit)
       via  e8de8d362df44459ecbdff44ed27a12b7652762c (commit)
       via  03ee5e57fab4ec34b5830e8a93d329a084adf42c (commit)
       via  ae35f42f7026faa85894b0a8c90caec87c6af239 (commit)
       via  1809dbb21b4cb65e0e141dd41d41a3516ef33ec5 (commit)
       via  0dcf9daff8fce376f20f125c3ef867333976c18c (commit)
       via  8758f3ddc81b9ef9aaab111eb331e452c4ec7de5 (commit)
       via  a63829d71b904ead17aeac3c68bf01e9b020a3a1 (commit)
       via  bb72c328306667a0429c10caa90a79b2b9ff0bd6 (commit)
       via  2edd084814bd450c0bfb14915bb9bc3ce96498eb (commit)
       via  3194c1b24ffe6fff5fcb2f620ca6ee43741e3462 (commit)
       via  d14421423f2bd72b2c3eb95bdebe85a210972a12 (commit)
       via  31007a99c336423f2b34a306028ec0aa41b1dd3a (commit)
       via  3a3fc5ac54a80b62b05f78cf2da0a7b43f4a4380 (commit)
      from  95c228e25cd1a483ec391a9b2c5d6fb048f620f1 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.


commit 0e3c1f9c71f537d000459cbd3159ca6c198461c8
Author: Lucas Di Pentima <ldipentima at veritasgenetics.com>
Date:   Fri Feb 2 11:53:48 2018 -0300

    11454: Removed unnecessary call on migrateNonFederatedSessions()
    Added auto loading of remote hosts listed on home cluster's api discovery doc. (WIP)
    
    Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <ldipentima at veritasgenetics.com>

diff --git a/apps/workbench/app/assets/javascripts/components/search.js b/apps/workbench/app/assets/javascripts/components/search.js
index 0839491..17055b3 100644
--- a/apps/workbench/app/assets/javascripts/components/search.js
+++ b/apps/workbench/app/assets/javascripts/components/search.js
@@ -2,11 +2,6 @@
 //
 // SPDX-License-Identifier: AGPL-3.0
 
-$(document).on('ready', function() {
-    var db = new SessionDB()
-    db.migrateNonFederatedSessions()
-})
-
 window.SearchResultsTable = {
     maybeLoadMore: function(dom) {
         var loader = this.loader
diff --git a/apps/workbench/app/assets/javascripts/components/sessions.js b/apps/workbench/app/assets/javascripts/components/sessions.js
index 6a20342..12015b0 100644
--- a/apps/workbench/app/assets/javascripts/components/sessions.js
+++ b/apps/workbench/app/assets/javascripts/components/sessions.js
@@ -7,6 +7,7 @@ $(document).on('ready', function() {
     db.checkForNewToken()
     db.fillMissingUUIDs()
     db.migrateNonFederatedSessions()
+    db.autoLoadRemoteHosts()
 })
 
 window.SessionsTable = {
diff --git a/apps/workbench/app/assets/javascripts/models/session_db.js b/apps/workbench/app/assets/javascripts/models/session_db.js
index 26306b8..2d22a98 100644
--- a/apps/workbench/app/assets/javascripts/models/session_db.js
+++ b/apps/workbench/app/assets/javascripts/models/session_db.js
@@ -238,5 +238,23 @@ window.SessionDB = function() {
                 }
             })
         },
+        // If remoteHosts is listed on the local API discovery doc, try to add any
+        // listed remote without an active session.
+        autoLoadRemoteHosts: function() {
+            var activeSessions = db.loadActive()
+            var doc = db.discoveryDoc(db.loadLocal())
+            doc.map(function(d) {
+                // NOTE: the below line is to simulate that 9tee4 is included as a remote host
+                // the current test cluster
+                // d.remoteHosts = {"9tee4":"9tee4.arvadosapi.com"}
+                Object.keys(d.remoteHosts).map(function(uuidPrefix) {
+                    if (!(uuidPrefix in Object.keys(activeSessions))) {
+                        db.findAPI(d.remoteHosts[uuidPrefix]).then(function(baseURL) {
+                            db.login(baseURL, false)
+                        })
+                    }
+                })
+            })
+        },
     })
 }

commit 75fd99e49f880aac55ae568c76c5151857e6beff
Author: Lucas Di Pentima <ldipentima at veritasgenetics.com>
Date:   Thu Feb 1 13:40:17 2018 -0300

    11454: Show a link to the remote workbench on the sessions page.
    On page load, detect those non-federated active sessions and try to
    migrate them to federated logins just in case they're stale sessions.
    If the federated login doesn't succeed, keep the session's previous state.
    Removed workbench remote_hosts config.
    
    Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <ldipentima at veritasgenetics.com>

diff --git a/apps/workbench/app/assets/javascripts/components/search.js b/apps/workbench/app/assets/javascripts/components/search.js
index 9a23648..0839491 100644
--- a/apps/workbench/app/assets/javascripts/components/search.js
+++ b/apps/workbench/app/assets/javascripts/components/search.js
@@ -2,6 +2,11 @@
 //
 // SPDX-License-Identifier: AGPL-3.0
 
+$(document).on('ready', function() {
+    var db = new SessionDB()
+    db.migrateNonFederatedSessions()
+})
+
 window.SearchResultsTable = {
     maybeLoadMore: function(dom) {
         var loader = this.loader
@@ -90,7 +95,7 @@ window.SearchResultsTable = {
 
 window.Search = {
     oninit: function(vnode) {
-        vnode.state.sessionDB = new SessionDB(vnode.attrs.remoteHosts)
+        vnode.state.sessionDB = new SessionDB()
         vnode.state.searchEntered = m.stream()
         vnode.state.searchActive = m.stream()
         // When searchActive changes (e.g., when restoring state
diff --git a/apps/workbench/app/assets/javascripts/components/sessions.js b/apps/workbench/app/assets/javascripts/components/sessions.js
index 964f89a..6a20342 100644
--- a/apps/workbench/app/assets/javascripts/components/sessions.js
+++ b/apps/workbench/app/assets/javascripts/components/sessions.js
@@ -6,6 +6,7 @@ $(document).on('ready', function() {
     var db = new SessionDB()
     db.checkForNewToken()
     db.fillMissingUUIDs()
+    db.migrateNonFederatedSessions()
 })
 
 window.SessionsTable = {
@@ -41,7 +42,11 @@ window.SessionsTable = {
                                 m('td', session.user.is_active ?
                                     m('span.label.label-success', 'logged in') :
                                     m('span.label.label-warning', 'inactive')),
-                                m('td', {title: session.baseURL}, uuidPrefix),
+                                m('td', {title: session.baseURL}, [
+                                    m('a', {
+                                        href: db.workbenchBaseURL(session) + '?api_token=' + session.token
+                                    }, uuidPrefix),
+                                ]),
                                 m('td', session.user.username),
                                 m('td', session.user.email),
                                 m('td', session.isFromRails ? null : m('button.btn.btn-xs.btn-default', {
diff --git a/apps/workbench/app/assets/javascripts/models/session_db.js b/apps/workbench/app/assets/javascripts/models/session_db.js
index 52d8930..26306b8 100644
--- a/apps/workbench/app/assets/javascripts/models/session_db.js
+++ b/apps/workbench/app/assets/javascripts/models/session_db.js
@@ -2,10 +2,9 @@
 //
 // SPDX-License-Identifier: AGPL-3.0
 
-window.SessionDB = function(rhosts) {
+window.SessionDB = function() {
     var db = this
     Object.assign(db, {
-        remoteHosts: rhosts || [],
         discoveryCache: {},
         tokenUUIDCache: null,
         loadFromLocalStorage: function() {
@@ -75,7 +74,7 @@ window.SessionDB = function(rhosts) {
                 })
             })
         },
-        login: function(baseURL) {
+        login: function(baseURL, fallbackLogin = true) {
             // Initiate login procedure with given API base URL (e.g.,
             // "http://api.example/").
             //
@@ -104,7 +103,7 @@ window.SessionDB = function(rhosts) {
                             db.save(user.owner_uuid.slice(0, 5), remoteSession)
                         })
                     })
-                } else {
+                } else if (fallbackLogin) {
                     // Classic login
                     document.location = baseURL + 'login?return_to=' + encodeURIComponent(document.location.href.replace(/\?.*/, '')+'?baseURL='+encodeURIComponent(baseURL))
                 }
@@ -227,5 +226,17 @@ window.SessionDB = function(rhosts) {
             opts.headers.authorization = 'OAuth2 '+ session.token
             return m.request(session.baseURL + path, opts)
         },
+        // Check non-federated remote active sessions if they should be migrated to
+        // a salted token.
+        migrateNonFederatedSessions: function() {
+            var sessions = db.loadActive()
+            Object.keys(sessions).map(function(uuidPrefix) {
+                session = sessions[uuidPrefix]
+                if (!session.isFromRails && session.token && session.token.indexOf('v2/') < 0) {
+                    // Only try the federated login
+                    db.login(session.baseURL, false)
+                }
+            })
+        },
     })
 }
diff --git a/apps/workbench/app/views/search/index.html.erb b/apps/workbench/app/views/search/index.html
similarity index 52%
rename from apps/workbench/app/views/search/index.html.erb
rename to apps/workbench/app/views/search/index.html
index ff3e190..d2a83864 100644
--- a/apps/workbench/app/views/search/index.html.erb
+++ b/apps/workbench/app/views/search/index.html
@@ -2,6 +2,5 @@
 
 SPDX-License-Identifier: AGPL-3.0 -->
 
-<div data-mount-mithril="Search" 
-    data-remote-hosts="<%= Rails.configuration.remote_hosts %>">
+<div data-mount-mithril="Search">
 </div>
diff --git a/apps/workbench/config/application.default.yml b/apps/workbench/config/application.default.yml
index 4cf7b5e..76f7a30 100644
--- a/apps/workbench/config/application.default.yml
+++ b/apps/workbench/config/application.default.yml
@@ -314,8 +314,3 @@ common:
   # Link to use for Arvados Workflow Composer app, or false if not available.
   #
   composer_url: false
-
-  # Multi site search federation feature:
-  # * remote_hosts: List of API servers that allow logins from accounts on this
-  #   workbench's cluster.
-  remote_hosts: []

commit dac01e1015f4d769a929651a74096e8a13592cf7
Author: Lucas Di Pentima <ldipentima at veritasgenetics.com>
Date:   Wed Jan 31 16:37:15 2018 -0300

    11454: Do federated logins by requesting the current user object
    instead of the classic login flow.
    When the user is inactive on the remote cluster, label the session
    properly and exclude it from SessionDB.loadActive()'s results.
    
    Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <ldipentima at veritasgenetics.com>

diff --git a/apps/workbench/app/assets/javascripts/components/search.js b/apps/workbench/app/assets/javascripts/components/search.js
index 5cb292b..9a23648 100644
--- a/apps/workbench/app/assets/javascripts/components/search.js
+++ b/apps/workbench/app/assets/javascripts/components/search.js
@@ -154,8 +154,6 @@ window.Search = {
         })
     },
     view: function(vnode) {
-        // FIXME: The line below seems superfluous
-        // var sessions = vnode.state.sessionDB.loadAll()
         return m('form', {
             onsubmit: function() {
                 vnode.state.searchActive(vnode.state.searchEntered())
diff --git a/apps/workbench/app/assets/javascripts/components/sessions.js b/apps/workbench/app/assets/javascripts/components/sessions.js
index e7cc505..964f89a 100644
--- a/apps/workbench/app/assets/javascripts/components/sessions.js
+++ b/apps/workbench/app/assets/javascripts/components/sessions.js
@@ -38,7 +38,9 @@ window.SessionsTable = {
                         var session = sessions[uuidPrefix]
                         return m('tr', [
                             session.token && session.user ? [
-                                m('td', m('span.label.label-success', 'logged in')),
+                                m('td', session.user.is_active ?
+                                    m('span.label.label-success', 'logged in') :
+                                    m('span.label.label-warning', 'inactive')),
                                 m('td', {title: session.baseURL}, uuidPrefix),
                                 m('td', session.user.username),
                                 m('td', session.user.email),
diff --git a/apps/workbench/app/assets/javascripts/models/session_db.js b/apps/workbench/app/assets/javascripts/models/session_db.js
index 77fddcb..52d8930 100644
--- a/apps/workbench/app/assets/javascripts/models/session_db.js
+++ b/apps/workbench/app/assets/javascripts/models/session_db.js
@@ -25,7 +25,7 @@ window.SessionDB = function(rhosts) {
         loadActive: function() {
             var sessions = db.loadAll()
             Object.keys(sessions).forEach(function(key) {
-                if (!sessions[key].token)
+                if (!sessions[key].token || !sessions[key].user.is_active)
                     delete sessions[key]
             })
             return sessions
@@ -91,7 +91,18 @@ window.SessionDB = function(rhosts) {
                     (dd.remoteHostsViaDNS && apiHostname.indexOf('arvadosapi.com') >= 0)) {
                     // Federated identity login via salted token
                     db.saltedToken(dd.uuidPrefix).then(function(token) {
-                        document.location = baseURL + 'login?return_to=' + encodeURIComponent(document.location.href.replace(/\?.*/, '')+'?baseURL='+encodeURIComponent(baseURL)) + '&api_token='+encodeURIComponent(token)
+                        m.request(baseURL+'arvados/v1/users/current', {
+                            headers: {
+                                authorization: 'Bearer '+token,
+                            },
+                        }).then(function(user) {
+                            var remoteSession = {
+                                user: user,
+                                baseURL: baseURL,
+                                token: token
+                            }
+                            db.save(user.owner_uuid.slice(0, 5), remoteSession)
+                        })
                     })
                 } else {
                     // Classic login

commit 29e4cf39674f54e5607d84d612ff867a4add0347
Author: Lucas Di Pentima <ldipentima at veritasgenetics.com>
Date:   Tue Jan 30 20:43:44 2018 -0300

    11454: Cache the local session token's uuid after being requested from the API.
    
    Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <ldipentima at veritasgenetics.com>

diff --git a/apps/workbench/app/assets/javascripts/models/session_db.js b/apps/workbench/app/assets/javascripts/models/session_db.js
index 79e98ca..77fddcb 100644
--- a/apps/workbench/app/assets/javascripts/models/session_db.js
+++ b/apps/workbench/app/assets/javascripts/models/session_db.js
@@ -7,6 +7,7 @@ window.SessionDB = function(rhosts) {
     Object.assign(db, {
         remoteHosts: rhosts || [],
         discoveryCache: {},
+        tokenUUIDCache: null,
         loadFromLocalStorage: function() {
             try {
                 return JSON.parse(window.localStorage.getItem('sessions')) || {}
@@ -111,22 +112,13 @@ window.SessionDB = function(rhosts) {
             // Takes a cluster UUID prefix and returns a salted token to allow
             // log into said cluster using federated identity.
             var session = db.loadLocal()
-            return db.request(session, '/arvados/v1/api_client_authorizations', {
-                data: {
-                    filters: JSON.stringify([['api_token', '=', session.token]]),
-                }
-            }).then(function(resp) {
-                if (resp.items.length == 1) {
-                    var token_uuid = resp.items[0].uuid
-                    if (token_uuid.length !== '') {
-                        var shaObj = new jsSHA("SHA-1", "TEXT")
-                        shaObj.setHMACKey(session.token, "TEXT")
-                        shaObj.update(uuid_prefix)
-                        var hmac = shaObj.getHMAC("HEX")
-                        return 'v2/' + token_uuid + '/' + hmac
-                    } else { return null }
-                }
-            }).catch(function(err) { return null })
+            return db.tokenUUID().then(function(token_uuid){
+                var shaObj = new jsSHA("SHA-1", "TEXT")
+                shaObj.setHMACKey(session.token, "TEXT")
+                shaObj.update(uuid_prefix)
+                var hmac = shaObj.getHMAC("HEX")
+                return 'v2/' + token_uuid + '/' + hmac
+            })
         },
         checkForNewToken: function() {
             // If there's a token and baseURL in the location bar (i.e.,
@@ -198,6 +190,26 @@ window.SessionDB = function(rhosts) {
             }
             return cache
         },
+        // Return a promise with the local session token's UUID from the API server.
+        tokenUUID: function() {
+            var cache = db.tokenUUIDCache
+            if (!cache) {
+                var session = db.loadLocal()
+                return db.request(session, '/arvados/v1/api_client_authorizations', {
+                    data: {
+                        filters: JSON.stringify([['api_token', '=', session.token]]),
+                    }
+                }).then(function(resp) {
+                    var uuid = resp.items[0].uuid
+                    db.tokenUUIDCache = uuid
+                    return uuid
+                })
+            } else {
+                return new Promise(function(resolve, reject) {
+                    resolve(cache)
+                })
+            }
+        },
         request: function(session, path, opts) {
             opts = opts || {}
             opts.headers = opts.headers || {}

commit ef2889f20ad25c30abb05c53cc5e08e2c2ed97d3
Merge: 95c228e 9482a91
Author: Lucas Di Pentima <ldipentima at veritasgenetics.com>
Date:   Tue Jan 30 15:29:50 2018 -0300

    Merge branch 'master' into 11454-wb-federated-search
    
    Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <ldipentima at veritasgenetics.com>


-----------------------------------------------------------------------


hooks/post-receive
-- 




More information about the arvados-commits mailing list