diff --git a/CHANGES b/CHANGES index 7b100d30..b8230cad 100644 --- a/CHANGES +++ b/CHANGES @@ -15,6 +15,9 @@ gcf 2.10: * Do not assume `PROJECT_MEMBER_UID` is returned when listing project members, but allow it. (#857) * Thanks to Umar Toseef for the bug report. + * Calling `getslicecred` while specifying a `slicecredfile` that exists + no longer means just return that file. Instead, that file will be + ignored and, if you specify `-o`, replaced. (#868) * Stitcher * Catch expiration too great errors from PG AMs and quit. (#828) diff --git a/README-omni.txt b/README-omni.txt index 6b732955..10825bfc 100644 --- a/README-omni.txt +++ b/README-omni.txt @@ -55,6 +55,9 @@ New in v2.10: * Do not assume `PROJECT_MEMBER_UID` is returned when listing project members, but allow it. (#857) * Thanks to Umar Toseef for the bug report. + * Calling `getslicecred` while specifying a `slicecredfile` that exists + no longer means just return that file. Instead, that file will be + ignored and, if you specify `-o`, replaced. (#868) New in v2.9: * If `sliverstatus` fails in a way that indicates there are no local resources, @@ -1102,10 +1105,10 @@ The filename is `-cred.xml` But you can specify the filename using the `--slicecredfile` option or by defining the `GENI_SLICECRED` environment variable to the desired path. -Additionally, if you specify the `--slicecredfile` option or define the +NOTE: If you specify the `--slicecredfile` option or define the `GENI_SLICECRED` environment variable, and that -references a file that is not empty, then we do not query the Slice -Authority for this credential, but instead read it from this file. +references a file that is not empty, then that file will be ignored, +and replaced if you specify `-o`. Arg: slice name Slice name could be a full URN, but is usually just the slice name portion. diff --git a/src/gcf/omnilib/chhandler.py b/src/gcf/omnilib/chhandler.py index 06690893..3e5e5f20 100644 --- a/src/gcf/omnilib/chhandler.py +++ b/src/gcf/omnilib/chhandler.py @@ -681,9 +681,8 @@ def getslicecred(self, args): But if you specify the --slicecredfile option then that is the filename used. - Additionally, if you specify the --slicecredfile option and that - references a file that is not empty, then we do not query the Slice - Authority for this credential, but instead read it from this file. + NOTE: If you specify the --slicecredfile option and that + references a file that is not empty, then that file will be ignored, and replaced if you specify `-o`. e.g.: Get slice mytest credential from slice authority, save to a file: @@ -713,11 +712,24 @@ def getslicecred(self, args): # FIXME: catch errors getting slice URN to give prettier error msg? urn = self.framework.slice_name_to_urn(name) + retVal = "" + sf = None + if self.opts.slicecredfile and os.path.exists(self.opts.slicecredfile): + if self.opts.output: + scwarn = "Ignoring and replacing saved slice credential %s. " % (self.opts.slicecredfile) + else: + scwarn = "Ignoring saved slice credential %s. " % (self.opts.slicecredfile) + self.logger.info(scwarn) + retVal += scwarn +"\n" + sf = self.opts.slicecredfile + self.opts.slicecredfile = None (cred, message) = _get_slice_cred(self, urn) if cred is None: retVal = "No slice credential returned for slice %s: %s"%(urn, message) return retVal, None + if sf: + self.opts.slicecredfile = sf # Log if the slice expires soon _print_slice_expiration(self, urn, cred)