Skip to content

Commit

Permalink
refactor!: rename creds -> auth, credentials -> authentication (#199)
Browse files Browse the repository at this point in the history
- rename cli "creds" option to "auth"
      former: "deadline creds login/logout/status"
      new: "deadline auth login/logout/status"
  - rename:
       "DeadlineCredentialsStatus" -> "DeadlineAuthenticationStatus"
       "DeadlineCredentialsStatusWidget" ->"DeadlineAuthenticationStatusWidget"
       "AwsCredentialsType" -> "AwsCredentialsSource"
       "AwsCredentialsStatus" -> "AwsAuthenticationStatus"

**BREAKING CHANGE**
The `deadline creds` subcommand has been renamed to `deadline auth`

Signed-off-by: Samuel Anderson <119458760+AWS-Samuel@users.noreply.github.com>
  • Loading branch information
AWS-Samuel authored Mar 7, 2024
1 parent 3b8d907 commit 66126a1
Show file tree
Hide file tree
Showing 13 changed files with 192 additions and 185 deletions.
16 changes: 8 additions & 8 deletions src/deadline/client/api/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -7,12 +7,12 @@
"wait_for_create_job_to_complete",
"get_boto3_session",
"get_boto3_client",
"AwsCredentialsStatus",
"AwsCredentialsType",
"AwsAuthenticationStatus",
"AwsCredentialsSource",
"TelemetryClient",
"check_credentials_status",
"check_authentication_status",
"check_deadline_api_available",
"get_credentials_type",
"get_credentials_source",
"list_farms",
"list_queues",
"list_jobs",
Expand All @@ -34,13 +34,13 @@

from ._loginout import login, logout
from ._session import (
AwsCredentialsStatus,
AwsCredentialsType,
AwsAuthenticationStatus,
AwsCredentialsSource,
get_queue_user_boto3_session,
check_credentials_status,
check_authentication_status,
get_boto3_client,
get_boto3_session,
get_credentials_type,
get_credentials_source,
get_studio_id,
get_user_and_identity_store_id,
)
Expand Down
24 changes: 13 additions & 11 deletions src/deadline/client/api/_loginout.py
Original file line number Diff line number Diff line change
Expand Up @@ -14,10 +14,10 @@

from ._session import (
invalidate_boto3_session_cache,
get_credentials_type,
check_credentials_status,
AwsCredentialsType,
AwsCredentialsStatus,
get_credentials_source,
check_authentication_status,
AwsCredentialsSource,
AwsAuthenticationStatus,
)
from ..config import get_setting
from ..exceptions import DeadlineOperationError
Expand Down Expand Up @@ -57,12 +57,14 @@ def _login_deadline_cloud_monitor(
f"Could not find Deadline Cloud Monitor at {deadline_cloud_monitor_path}. Please ensure Deadline Cloud Monitor is installed correctly and setup the {profile_name} profile again."
)
if on_pending_authorization:
on_pending_authorization(credential_type=AwsCredentialsType.DEADLINE_CLOUD_MONITOR_LOGIN)
on_pending_authorization(
credentials_source=AwsCredentialsSource.DEADLINE_CLOUD_MONITOR_LOGIN
)
# And wait for the user to complete login
while True:
# Deadline Cloud Monitor is a GUI app that will keep on running
# So we sit here and test that profile for validity until it works
if check_credentials_status(config) == AwsCredentialsStatus.AUTHENTICATED:
if check_authentication_status(config) == AwsAuthenticationStatus.AUTHENTICATED:
return f"Deadline Cloud Monitor Profile: {profile_name}"
if on_cancellation_check:
# Check if the UI has signaled a cancel
Expand Down Expand Up @@ -92,14 +94,14 @@ def login(
Args:
on_pending_authorization (Callable): A callback that receives method-specific information to continue login.
All methods: 'credential_type' parameter of type AwsCredentialsType
All methods: 'credentials_source' parameter of type AwsCredentialsSource
For Deadline Cloud Monitor: No additional parameters
on_cancellation_check (Callable): A callback that allows the operation to cancel before login completes
config (ConfigParser, optional): The Amazon Deadline Cloud configuration
object to use instead of the config file.
"""
credentials_type = get_credentials_type(config)
if credentials_type == AwsCredentialsType.DEADLINE_CLOUD_MONITOR_LOGIN:
credentials_source = get_credentials_source(config)
if credentials_source == AwsCredentialsSource.DEADLINE_CLOUD_MONITOR_LOGIN:
return _login_deadline_cloud_monitor(
on_pending_authorization, on_cancellation_check, config
)
Expand All @@ -116,8 +118,8 @@ def logout(config: Optional[ConfigParser] = None) -> str:
config (ConfigParser, optional): The Amazon Deadline Cloud configuration
object to use instead of the config file.
"""
credentials_type = get_credentials_type(config)
if credentials_type == AwsCredentialsType.DEADLINE_CLOUD_MONITOR_LOGIN:
credentials_source = get_credentials_source(config)
if credentials_source == AwsCredentialsSource.DEADLINE_CLOUD_MONITOR_LOGIN:
# Deadline Cloud Monitor writes the absolute path to itself to the config file
deadline_cloud_monitor_path = get_setting("deadline-cloud-monitor.path", config=config)
profile_name = get_setting("defaults.aws_profile_name", config=config)
Expand Down
24 changes: 12 additions & 12 deletions src/deadline/client/api/_session.py
Original file line number Diff line number Diff line change
Expand Up @@ -33,13 +33,13 @@
__cached_queue_id_for_queue_session = None


class AwsCredentialsType(Enum):
class AwsCredentialsSource(Enum):
NOT_VALID = 0
HOST_PROVIDED = 2
DEADLINE_CLOUD_MONITOR_LOGIN = 3


class AwsCredentialsStatus(Enum):
class AwsAuthenticationStatus(Enum):
CONFIGURATION_ERROR = 1
AUTHENTICATED = 2
NEEDS_LOGIN = 3
Expand Down Expand Up @@ -131,7 +131,7 @@ def get_boto3_client(service_name: str, config: Optional[ConfigParser] = None) -
return session.client(service_name)


def get_credentials_type(config: Optional[ConfigParser] = None) -> AwsCredentialsType:
def get_credentials_source(config: Optional[ConfigParser] = None) -> AwsCredentialsSource:
"""
Returns DEADLINE_CLOUD_MONITOR_LOGIN if Deadline Cloud Monitor wrote the credentials, HOST_PROVIDED otherwise.
Expand All @@ -143,12 +143,12 @@ def get_credentials_type(config: Optional[ConfigParser] = None) -> AwsCredential
session = get_boto3_session(config=config)
profile_config = session._session.get_scoped_config()
except ProfileNotFound:
return AwsCredentialsType.NOT_VALID
return AwsCredentialsSource.NOT_VALID
if "studio_id" in profile_config or "monitor_id" in profile_config:
# Deadline Cloud Monitor Desktop adds some Deadline Cloud-specific keys here which we can use to know that this came from the app
return AwsCredentialsType.DEADLINE_CLOUD_MONITOR_LOGIN
return AwsCredentialsSource.DEADLINE_CLOUD_MONITOR_LOGIN
else:
return AwsCredentialsType.HOST_PROVIDED
return AwsCredentialsSource.HOST_PROVIDED


def get_user_and_identity_store_id(
Expand Down Expand Up @@ -283,7 +283,7 @@ def _modified_logging_level(logger, level):
logger.setLevel(old_level)


def check_credentials_status(config: Optional[ConfigParser] = None) -> AwsCredentialsStatus:
def check_authentication_status(config: Optional[ConfigParser] = None) -> AwsAuthenticationStatus:
"""
Checks the status of the provided session, by
calling the sts::GetCallerIdentity API.
Expand All @@ -292,7 +292,7 @@ def check_credentials_status(config: Optional[ConfigParser] = None) -> AwsCreden
config (ConfigParser, optional): The Amazon Deadline Cloud configuration
object to use instead of the config file.
Returns AwsCredentialsStatus enum value:
Returns AwsAuthenticationStatus enum value:
- CONFIGURATION_ERROR if there is an unexpected error accessing credentials
- AUTHENTICATED if they are fine
- NEEDS_LOGIN if a Deadline Cloud Monitor login is required.
Expand All @@ -301,14 +301,14 @@ def check_credentials_status(config: Optional[ConfigParser] = None) -> AwsCreden
with _modified_logging_level(logging.getLogger("botocore.credentials"), logging.ERROR):
try:
get_boto3_session(config=config).client("sts").get_caller_identity()
return AwsCredentialsStatus.AUTHENTICATED
return AwsAuthenticationStatus.AUTHENTICATED
except Exception:
# We assume that the presence of a Deadline Cloud Monitor profile
# means we will know everything necessary to start it and login.

if get_credentials_type(config) == AwsCredentialsType.DEADLINE_CLOUD_MONITOR_LOGIN:
return AwsCredentialsStatus.NEEDS_LOGIN
return AwsCredentialsStatus.CONFIGURATION_ERROR
if get_credentials_source(config) == AwsCredentialsSource.DEADLINE_CLOUD_MONITOR_LOGIN:
return AwsAuthenticationStatus.NEEDS_LOGIN
return AwsAuthenticationStatus.CONFIGURATION_ERROR


class DeadlineClient:
Expand Down
4 changes: 2 additions & 2 deletions src/deadline/client/cli/_deadline_cli.py
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
from ._common import _PROMPT_WHEN_COMPLETE
from ._groups.bundle_group import cli_bundle
from ._groups.config_group import cli_config
from ._groups.creds_group import cli_creds
from ._groups.auth_group import cli_auth
from ._groups.farm_group import cli_farm
from ._groups.fleet_group import cli_fleet
from ._groups.handle_web_url_command import cli_handle_web_url
Expand Down Expand Up @@ -69,7 +69,7 @@ def main(ctx: click.Context, log_level: str):

main.add_command(cli_bundle)
main.add_command(cli_config)
main.add_command(cli_creds)
main.add_command(cli_auth)
main.add_command(cli_farm)
main.add_command(cli_fleet)
main.add_command(cli_handle_web_url)
Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.

"""
All the `deadline creds` commands:
All the `deadline auth` commands:
* login
* logout
* status
Expand All @@ -11,36 +11,36 @@
import logging

from ... import api
from ...api._session import _modified_logging_level, AwsCredentialsType
from ...api._session import _modified_logging_level, AwsCredentialsSource
from ...config import config_file, get_setting
from .._common import _apply_cli_options_to_config, _handle_error

JSON_FIELD_PROFILE_NAME = "profile_name"
JSON_FIELD_CRED_STATUS = "status"
JSON_FIELD_CRED_TYPE = "type"
JSON_FIELD_CRED_API_AVAILABLE = "api_availability"
JSON_FIELD_AUTH_STATUS = "status"
JSON_FIELD_CREDS_SOURCE = "source"
JSON_FIELD_AUTH_API_AVAILABLE = "api_availability"


def _cli_on_pending_authorization(**kwargs):
"""
Callback for `login`, to tell the user that Deadline Cloud Monitor is opening
"""

if kwargs["credential_type"] == AwsCredentialsType.DEADLINE_CLOUD_MONITOR_LOGIN:
if kwargs["credentials_source"] == AwsCredentialsSource.DEADLINE_CLOUD_MONITOR_LOGIN:
click.echo("Opening Deadline Cloud Monitor. Please login and then return here.")


@click.group(name="creds")
@click.group(name="auth")
@_handle_error
def cli_creds():
def cli_auth():
"""
Commands to work with Amazon Deadline Cloud credentials.
Commands to handle Amazon Deadline Cloud authentication.
"""


@cli_creds.command(name="login")
@cli_auth.command(name="login")
@_handle_error
def creds_login():
def auth_login():
"""
Logs in to the Amazon Deadline Cloud configured AWS profile.
Expand All @@ -58,9 +58,9 @@ def creds_login():
click.echo(f"\nSuccessfully logged in: {message}\n")


@cli_creds.command(name="logout")
@cli_auth.command(name="logout")
@_handle_error
def creds_logout():
def auth_logout():
"""
Logs out of the Deadline Cloud Monitor configured AWS profile.
"""
Expand All @@ -69,7 +69,7 @@ def creds_logout():
click.echo("Successfully logged out of all Deadline Cloud Monitor AWS profiles")


@cli_creds.command(name="status")
@cli_auth.command(name="status")
@click.option("--profile", help="The AWS profile to use.")
@click.option(
"--output",
Expand All @@ -84,36 +84,36 @@ def creds_logout():
"parsed/consumed by custom scripts.",
)
@_handle_error
def creds_status(output, **args):
"""EXPERIMENTAL - Gets the status of the credentials for the given AWS profile"""
def auth_status(output, **args):
"""EXPERIMENTAL - Gets the authentication status for the given AWS profile"""
# Get a temporary config object with the standard options handled
config = _apply_cli_options_to_config(**args)
profile_name = get_setting("defaults.aws_profile_name", config=config)
is_json_format = True if output == "json" else False

with _modified_logging_level(logging.getLogger("deadline.client.api"), logging.CRITICAL):
# always returns enum in AwsCredentialsType
creds_type = api.get_credentials_type(config=config)
creds_type_result = creds_type.name
# always returns enum in AwsCredentialsSource
creds_source = api.get_credentials_source(config=config)
creds_source_result = creds_source.name

# always returns enum in AwsCredentialsStatus
creds_status = api.check_credentials_status(config=config)
creds_status_results = creds_status.name
# always returns enum in AwsAuthenticationStatus
auth_status = api.check_authentication_status(config=config)
auth_status_results = auth_status.name

# always returns True/False
api_availability_result = api.check_deadline_api_available(config=config)

if not is_json_format:
width = 17
click.echo(f"{'Profile Name:': >{width}} {profile_name}")
click.echo(f"{'Type:': >{width}} {creds_type_result}")
click.echo(f"{'Status:': >{width}} {creds_status_results}")
click.echo(f"{'Source:': >{width}} {creds_source_result}")
click.echo(f"{'Status:': >{width}} {auth_status_results}")
click.echo(f"{'API Availability:': >{width}} {api_availability_result}")
else:
json_output = {
JSON_FIELD_PROFILE_NAME: profile_name,
JSON_FIELD_CRED_TYPE: creds_type_result,
JSON_FIELD_CRED_STATUS: creds_status_results,
JSON_FIELD_CRED_API_AVAILABLE: api_availability_result,
JSON_FIELD_CREDS_SOURCE: creds_source_result,
JSON_FIELD_AUTH_STATUS: auth_status_results,
JSON_FIELD_AUTH_API_AVAILABLE: api_availability_result,
}
click.echo(json.dumps(json_output, ensure_ascii=True))
Loading

0 comments on commit 66126a1

Please sign in to comment.