Skip to content

Commit

Permalink
Add tests for stash/osdf scitokens.conf generation
Browse files Browse the repository at this point in the history 
This also adds a test VO and ResourceGroup that's only visible to the tests,
and test code to load them.  This will allow us to test generation on fake
data and not have the code break due to production data changes.

This was originally written for PR opensciencegrid#3457 but we changed our minds about that
feature.
  • Loading branch information
@matyasselmeci
matyasselmeci committed Nov 8, 2023
1 parent 7197492 commit 47e0f13
Show file tree
Hide file tree
Showing 3 changed files with 415 additions and 0 deletions.
246 changes: 246 additions & 0 deletions src/tests/data/testrg.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,246 @@
Production: true
SupportCenter: Self Supported

GroupDescription: Test Resource Group

GroupID: 91359

Resources:
TEST_STASHCACHE_CACHE:
Active: true
Description: This is a StashCache cache server at TEST.
ID: 99958
ContactLists:
Administrative Contact:
Primary:
ID: OSG1000002
Name: Matyas Selmeci
Secondary:
ID: OSG1000015
Name: Aaron Moate
Security Contact:
Primary:
ID: OSG1000002
Name: Matyas Selmeci
Secondary:
ID: OSG1000015
Name: Aaron Moate
FQDN: sc-cache.test.wisc.edu
DN: /CN=sc-cache.test.wisc.edu
Services:
XRootD cache server:
Description: StashCache cache server
VOOwnership:
testvo: 100
AllowedVOs:
- ANY

TEST_TIGER_CACHE:
Active: true
Description: This is a StashCache cache server at TEST running on the Tiger Kubernetes cluster.
ID: 91098
ContactLists:
Administrative Contact:
Primary:
ID: OSG1000002
Name: Matyas Selmeci
Secondary:
ID: OSG1000015
Name: Aaron Moate
Security Contact:
Primary:
ID: OSG1000002
Name: Matyas Selmeci
Secondary:
ID: OSG1000015
Name: Aaron Moate
FQDN: stash-cache.osg.test.io
DN: /CN=stash-cache.osg.test.io
Services:
XRootD cache server:
Description: StashCache cache server
VOOwnership:
testvo: 100
AllowedVOs:
- ANY

TEST_STASHCACHE_ORIGIN:
Active: true
Description: This is a StashCache origin server at TEST.
ID: 99959
ContactLists:
Administrative Contact:
Primary:
ID: OSG1000002
Name: Matyas Selmeci
Secondary:
ID: OSG1000015
Name: Aaron Moate
Security Contact:
Primary:
ID: OSG1000002
Name: Matyas Selmeci
Secondary:
ID: OSG1000015
Name: Aaron Moate
FQDN: sc-origin.test.wisc.edu
DN: /CN=sc-origin.test.wisc.edu
Services:
XRootD origin server:
Description: StashCache origin server
VOOwnership:
testvo: 100
AllowedVOs:
- ANY

TEST_STASHCACHE_ORIGIN_2000:
Active: true
Description: This is a StashCache origin server at TEST.
ID: 91069
ContactLists:
Administrative Contact:
Primary:
ID: OSG1000002
Name: Matyas Selmeci
Secondary:
ID: OSG1000015
Name: Aaron Moate
Security Contact:
Primary:
ID: OSG1000002
Name: Matyas Selmeci
Secondary:
ID: OSG1000015
Name: Aaron Moate
FQDN: sc-origin2000.test.wisc.edu
DN: /CN=sc-origin2000.test.wisc.edu
Services:
XRootD origin server:
Description: StashCache origin server
VOOwnership:
testvo: 100
AllowedVOs:
- ANY

TEST_STASHCACHE_ORIGIN_AUTH_2000:
Active: true
Description: This is a StashCache origin server at TEST.
ID: 91192
ContactLists:
Administrative Contact:
Primary:
ID: OSG1000002
Name: Matyas Selmeci
Secondary:
ID: OSG1000015
Name: Aaron Moate
Security Contact:
Primary:
ID: OSG1000002
Name: Matyas Selmeci
Secondary:
ID: OSG1000015
Name: Aaron Moate
FQDN: origin-auth2000.test.wisc.edu
FQDNAliases:
- origin-auth.test.wisc.edu
DN: /CN=origin-auth2000.test.wisc.edu
Services:
XRootD origin server:
Description: StashCache origin server, see OPS-198
VOOwnership:
testvo: 100
AllowedVOs:
- ANY

TEST_OSGDEV_SHOVELER_CACHE:
Active: true
Description: This is a testing StashCache cache server with a shoveler at TEST running on the Tiger Kubernetes cluster.
ContactLists:
Administrative Contact:
Primary:
ID: OSG1000002
Name: Matyas Selmeci
Secondary:
ID: OSG1000015
Name: Aaron Moate
Security Contact:
Primary:
ID: OSG1000002
Name: Matyas Selmeci
Secondary:
ID: OSG1000015
Name: Aaron Moate
FQDN: stash-cache-shoveler.osgdev.test.io
DN: /CN=stash-cache-shoveler.osgdev.test.io
Services:
XRootD cache server:
Description: StashCache cache server
VOOwnership:
testvo: 100
AllowedVOs:
- ANY

TEST-ITB-HELM-ORIGIN:
Active: false
Description: >-
This is a testing OSDF origin server on the Tiger cluster,
deployed via Helm. It serves both public and protected data.
ID: 91370
ContactLists:
Administrative Contact:
Primary:
ID: OSG1000002
Name: Matyas Selmeci
Secondary:
ID: OSG1000003
Name: Brian Lin
Security Contact:
Primary:
ID: OSG1000002
Name: Matyas Selmeci
Secondary:
ID: OSG1000003
Name: Brian Lin
FQDN: helm-origin.osgdev.test.io
DN: /CN=helm-origin.osgdev.test.io
Services:
XRootD origin server:
Description: xrootd stash-origin and stash-origin-auth instances
VOOwnership:
testvo: 100
AllowedVOs:
- testvo

TEST-ITB-HELM-CACHE1:
Active: false
Description: >-
This is a testing StashCache cache server the Tiger cluster,
deployed via Helm.
ID: 91339
ContactLists:
Administrative Contact:
Primary:
ID: OSG1000003
Name: Brian Lin
Tertiary:
ID: OSG1000002
Name: Matyas Selmeci
Security Contact:
Primary:
ID: OSG1000002
Name: Matyas Selmeci
Secondary:
ID: OSG1000015
Name: Aaron Moate
FQDN: helm-cache1.osgdev.test.io
DN: /CN=helm-cache1.osgdev.test.io
Services:
XRootD cache server:
Description: StashCache cache server
VOOwnership:
testvo: 100
AllowedVOs:
- testvo
- OSG

108 changes: 108 additions & 0 deletions src/tests/data/testvo.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,108 @@
AppDescription: Test VO
CertificateOnly: false
Community: Test VO
Contacts:
Administrative Contact:
- ID: OSG1000015
Name: Aaron Moate
Miscellaneous Contact:
- ID: OSG1000018
Name: Christina Koch
Registration Authority:
- ID: OSG1000015
Name: Aaron Moate
Security Contact:
- ID: OSG1000015
Name: Aaron Moate
VO Manager:
- ID: 48e1c2f26dc3479a6cf9b2de7c79d654ac27b1d1
Name: Miron Livny
Credentials:
TokenIssuers:
- URL: https://test.wisc.edu
DefaultUnixUser: vdttest
Disable: false
FieldsOfScience:
PrimaryFields:
- Multi-Science Community
SecondaryFields:
- Community Grid
ID: 9999
LongName: Test Virtual Organization
OASIS:
Managers:
- Name: Aaron Moate
DNs: /DC=org/DC=doegrids/OU=People/CN=Aaron Moate 717557
ID: OSG1000015
UseOASIS: true
PrimaryURL: https://test.wisc.edu
PurposeURL: https://test.wisc.edu/approach.shtml
SupportURL: https://test.wisc.edu

DataFederations:
StashCache:
Namespaces:
- Path: /testvo/PUBLIC
Authorizations:
- PUBLIC
AllowedOrigins:
# sc-origin.test.wisc.edu
- TEST_STASHCACHE_ORIGIN
# sc-origin2000.test.wisc.edu
- TEST_STASHCACHE_ORIGIN_2000
AllowedCaches:
- ANY

- Path: /testvo/itb/helm-origin/PUBLIC
Authorizations:
- PUBLIC
AllowedOrigins:
# helm-origin.osgdev.test.io
- TEST-ITB-HELM-ORIGIN
AllowedCaches:
- ANY

- Path: /testvo/itb/helm-origin/PROTECTED
Authorizations:
- FQAN: /TESTVO
- DN: /DC=org/DC=cilogon/C=US/O=University of Wisconsin-Madison/CN=Matyas Selmeci A148276
- SciTokens:
Issuer: https://test.wisc.edu
Base Path: /testvo
Map Subject: False
AllowedOrigins:
# helm-origin.osgdev.test.io
- TEST-ITB-HELM-ORIGIN
AllowedCaches:
- ANY

- Path: /testvo
Authorizations:
- SciTokens:
Issuer: https://test.wisc.edu
Base Path: /testvo
Map Subject: True
AllowedOrigins:
# origin-auth2000.test.wisc.edu
- TEST_STASHCACHE_ORIGIN_AUTH_2000
AllowedCaches:
- ANY
Writeback: https://origin-auth2000.test.wisc.edu:1095
DirList: https://origin-auth2000.test.wisc.edu:1095
CredentialGeneration:
BasePath: /testvo
Strategy: OAuth2
Issuer: https://test.wisc.edu
MaxScopeDepth: 3

- Path: /testvo/issuer2test
Authorizations:
- SciTokens:
Issuer: https://test.wisc.edu/issuer2
BasePath: "/testvo/issuer2test"
MapSubject: False
AllowedOrigins:
# helm-origin.osgdev.test.io
- TEST-ITB-HELM-ORIGIN
AllowedCaches:
- ANY
Loading

0 comments on commit 47e0f13

Please sign in to comment.