Hide keyboard shortcuts

Hot-keys on this page

r m x p   toggle line displays

j k   next/prev highlighted chunk

0   (zero) top of page

1   (one) first highlighted chunk

1# (c) Stefan Countryman 2019 

2 

3""" 

4Download and install the GWHEN Kerberos keytab used for accessing GraceDB on 

5production machines, or remove those credentials. To fetch or install a LIGO 

6robot keytab, you will need access to LLAMA S3 (see ``llama.com.s3`` for 

7details on credentials) and will need to set ``LLAMA_GRACEDB_AUTH`` to the S3 

8key for a valid LIGO GraceDb robot keytab stored in S3. **If you are running on 

9your personal computer, just use** ``kinit your.username@LIGO.ORG`` **followed 

10by** ``ligo-proxy-init -k`` **to get access to GraceDB instead of using this 

11script.** 

12""" 

13 

14import logging 

15from llama.cli import get_logging_cli, CliParser 

16from llama.com.gracedb import ( 

17 KEYTAB, 

18 keytab, 

19 install_keytab, 

20 uninstall, 

21 CERTDIR, 

22) 

23 

24LOGGER = logging.getLogger(__name__) 

25 

26 

27def get_parser(): 

28 """Get CLI Parser.""" 

29 parser = CliParser(description=__doc__, 

30 parents=(get_logging_cli('/dev/null', 'info'),)) 

31 parser.add_argument("subcmd", choices=('fetch', 'install', 'rm'), 

32 default='install', help=f""" 

33 If ``fetch`` is specified, download the robot keytab from LLAMA S3 if 

34 it is not currently installed (this requires you to have LLAMA S3 

35 credentials, which you don't need unless you are a developer or are 

36 putting this machine into production use; if you're just using LLAMA, 

37 use ``kinit`` instead of this keytab). If ``install`` is 

38 specified, ``fetch`` the keytab if missing and generate Kerberos 

39 credentials with it, installing them to ``{CERTDIR}``. If ``rm`` is 

40 specified, run ``kdestroy`` to deactivate those credentials and delete 

41 ``{CERTDIR}``. Also remove the keytab file from local storage. 

42 (default: ``install``)""") 

43 return parser 

44 

45 

46def main(): 

47 """Run CLI.""" 

48 parser = get_parser() 

49 args = parser.parse_args() 

50 cmd = args.subcmd 

51 if cmd == 'rm': 

52 uninstall() 

53 elif KEYTAB is None: 

54 parser.error("You need to have `LLAMA_GRACEDB_AUTH` set to an " 

55 "S3 key for a valid LIGO GraceDb robot keytab. This is " 

56 "a setting mostly used for production servers. If you " 

57 "don't know what this means, you should probably log in " 

58 "using your own LIGO credentials (instead of using this " 

59 "script) with `kinit your.username@LIGO.ORG` followed " 

60 "by `ligo-proxy-init -k`.") 

61 if cmd == 'fetch': 

62 keytab() 

63 elif cmd == 'install': 

64 install_keytab()