Brett Smith [Mon, 18 Sep 2023 14:35:42 +0000 (10:35 -0400)]
20497: Give brief instructions for reviewing subprocess output
This was previously discussed in the same paragraph as the main workflow
download collection. Moving it here means we don't jump back and forth
as much between the main workflow process and a subprocess.
Arvados-DCO-1.1-Signed-off-by: Brett Smith <brett.smith@curii.com>
Peter Amstutz [Mon, 18 Sep 2023 13:32:11 +0000 (09:32 -0400)]
Pin cwltest version that we package, refs #20973
The subsequent release of cwltest confirms that files exist on disk,
since our files are in Keep, all the tests fail. We should add
[optional] Arvados support to cwltest so it can access Keep but for
the time being just package the last working version.
Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz@curii.com>
Brett Smith [Mon, 18 Sep 2023 13:31:14 +0000 (09:31 -0400)]
20497: Direct the reader to the tutorial project via Public Favorites
Unfortunately searching for the project raises a couple of issues:
* The search results return two copies of the project, one from pirca
and one from jutro. If the reader picks the jutro one, they'll be
prompted to log in again, losing their progress and kicking them off the
happy path.
* The search results also return the finished demo workflow process we
publish for people, "(start here) Example WGS processing workflow". This
is attractive to people because it says "(start here)", has a bright
green "Completed" badge next to it, and the difference between a process
and a project may not be clear to people who are just getting started
with Arvados.
Arvados-DCO-1.1-Signed-off-by: Brett Smith <brett.smith@curii.com>
Brett Smith [Wed, 13 Sep 2023 18:16:19 +0000 (14:16 -0400)]
20932/20850/20890: Remove switch instructions from Workbench migration guide
The switch feature has been removed from Workbench 2, and a deprecation
notice in Workbench 1 now prominently leads you to switch. See #20890
and #20850, respectively.
Arvados-DCO-1.1-Signed-off-by: Brett Smith <brett.smith@curii.com>
> This may also provide better behavior in cases of network hiccups or
> other remote server turbulence.
This was written with the expectation that those problems would raise
`HTTPClient::BadResponseError`. That was mistaken. Those problems
actually raise lower-level socket exceptions instead.
We now have a ticket to improve the error handling here. It's out of
scope for #20750, since the error handling is no worse than it was
before the branch.
Arvados-DCO-1.1-Signed-off-by: Brett Smith <brett.smith@curii.com>
Brett Smith [Sun, 27 Aug 2023 02:13:39 +0000 (22:13 -0400)]
20839: Mark deprecated PySDK functions as such
This is in preparation to remove these from the SDK in Arvados 3.0.
These changes exacerbated the circular import between the top-level
arvados and util, which had knock-off effects on other import
statements, causing them to see the world differently (like whether
`arvados.api` is a module or function). Most of the import-related
shuffling is meant to mitigate all that.
Arvados-DCO-1.1-Signed-off-by: Brett Smith <brett.smith@curii.com>
Brett Smith [Sun, 27 Aug 2023 02:01:32 +0000 (22:01 -0400)]
20839: Replace arvados.util.list_all calls throughout
In preparation to deprecate this function. This does leave a couple
calls in arv-docker-migrate19, but that command will also be deprecated
and removed at least as soon as the function.
The changes to the the sdk/cwl/tests/test_submit.py mocks are necessary
because of mechanical differences between list_all and keyset_list_all.
Arvados-DCO-1.1-Signed-off-by: Brett Smith <brett.smith@curii.com>
test fixup
Arvados-DCO-1.1-Signed-off-by: Brett Smith <brett.smith@curii.com>
Lucas Di Pentima [Fri, 25 Aug 2023 13:30:11 +0000 (10:30 -0300)]
20889: Fixes a bug when database & controller roles are on a single node.
The database role gets handled first, so the controller node gets removed
from the list and then when checking if multiple nodes were available, the
code path for a single controller didn't checked if the node was already
removed from the node list.
Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <lucas.dipentima@curii.com>
Brett Smith [Wed, 23 Aug 2023 01:47:33 +0000 (21:47 -0400)]
20750: Reorder remote token validation strategy
See updated comments for an explanation of why we do queries in the
order that we do. Briefly, now that getting the current API client
authorization is no longer subject to token scopes, that query has the
best chance of telling us immediately whether or not the token is
valid. If that query succeeds, but the current user query fails, we
might still be able to load a user record from the database from the
token's owner_uuid, and use that.
The immediate application for this change is sharing tokens with limited
scopes. When the user creates such a token, we expect they're doing so
using a token with unlimited scopes, and their user record will have
been loaded into the database at that time. Then visitors using the
sharing token will be able to authorize from that database record,
without having permission to query the full user record (and see the
creator's name and email address) directly.
This may also provide better behavior in cases of network hiccups or
other remote server turbulence. Now only one query *needs* to succeed,
the current token API call.
With these changes, it seemed appropriate to propagate any remote error
status codes back to the client, so they can also distinguish permanent
authorization failures from temporary ones. To do that, we attach an
`http_status` singleton method to the original
HTTPClient::BadResponseError. ApplicationController#render_error already
uses that method to determine the status code to return to the client,
and this commit extends CurrentApiToken with similar behavior. Before
this commit, there were definitely other cases that could raise
unhandled exceptions; I assume they were previously all returning
generic error codes, and probably untested. I think this is improved
behavior that makes sense with the rest of the change.
Arvados-DCO-1.1-Signed-off-by: Brett Smith <brett.smith@curii.com>
projects / arvados.git / log