Skip to content
Snippets Groups Projects
Commit a42058f9 authored by Cort Posnansky's avatar Cort Posnansky Committed by Cody Messick
Browse files

Config: Remove broken x509 option, add scitokens option

parent 6687aa07
No related merge requests found
Pipeline #690448 passed
......@@ -92,7 +92,7 @@ class Config:
self.condor.submit = self.create_condor_submit_options(
self.condor,
x509_proxy=self.condor.x509_proxy,
use_scitokens=self.condor.use_scitokens,
)
# validate config
......@@ -129,7 +129,7 @@ class Config:
time_bin[ifo_key] = segments.split_segments(segs, one_ifo_length, start_pad)
self.time_bins.extend(time_bin)
def create_condor_submit_options(self, condor_config, x509_proxy=False):
def create_condor_submit_options(self, condor_config, use_scitokens=False):
if "accounting_group_user" in condor_config:
accounting_group_user = condor_config["accounting_group_user"]
else:
......@@ -162,10 +162,20 @@ class Config:
submit_opts['+SingularityImage'] = f'"{singularity_image}"'
submit_opts['transfer_executable'] = False
# proxy options
if x509_proxy:
submit_opts['x509userproxy'] = x509_proxy
submit_opts['use_x509userproxy'] = True
# scitoken options
if use_scitokens:
if use_scitokens == True:
submit_opts["use_oauth_services"] = "scitokens"
else:
submit_opts["use_oauth_services"] = "igwn"
submit_opts["igwn_oauth_options"] = ("--nooidc"
" --vaultserver vault.ligo.org"
" --issuer igwn"
" --out $ENV(HOME)/.config/htgettoken/bearer_token"
f" --credkey {use_scitokens}")
if "/" in use_scitokens:
submit_opts["igwn_oauth_options"] += f" --role {use_scitokens.split('/')[0]}"
environment["BEARER_TOKEN_FILE"] = f"$$(CondorScratchDir)/.condor_creds/{submit_opts['use_oauth_services']}.use"
# file transfer options
if not self.condor.transfer_files:
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment