Fixed rfc as string in Proxy class, improved VOMScert verification an…

…d added fix to CHANGELOG
glideinWMS · Aug 19, 2022 · e540fd3 · e540fd3
1 parent 53241cf
commit e540fd3
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 5 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -34,6 +34,7 @@ Changes since the last release
 -   Fixed `glidien_config` corrupted by concurrent custom scripts run via HTCSS startd cron (#163)
 -   Fixed unnecessary proxy/hostcert.pem workaround in frontend config (issue #66)
 -   Fixed analyze_entries and python3 readiness (issue #194)
+-   Fixed gwms-renew-proxies service should check if local VOMS cert is expired (issue #21)
 
 ### Testing / Development
 

diff --git a/frontend/gwms_renew_proxies.py b/frontend/gwms_renew_proxies.py
@@ -42,15 +42,18 @@ class ConfigError(BaseException):
 class Proxy:
     """Class for holding information related to the proxy"""
 
-    def __init__(self, cert, key, output, lifetime, uid=0, gid=0, rfc=True, pathlength="20", bits="2048"):
+    def __init__(self, cert, key, output, lifetime, uid=0, gid=0, rfc="true", pathlength="20", bits="2048"):
         self.cert = cert
         self.key = key
         self.tmp_output_fd = tempfile.NamedTemporaryFile(dir=os.path.dirname(output), delete=False)
         self.output = output
         self.lifetime = lifetime
         self.uid = uid
         self.gid = gid
-        self.rfc = rfc
+        if str(rfc).lower() == "true":
+            self.rfc = True
+        else:
+            self.rfc = False
         self.pathlength = pathlength
         self.bits = bits
 
@@ -79,12 +82,19 @@ def cleanup(self):
         """Cleanup temporary proxy files"""
         os.remove(self.tmp_output_fd.name)
 
-    @classmethod
+    @staticmethod
     def voms_proxy_info(filename, *opts):
-        """Run voms-proxy-info on a arbritary file. Returns stdout, stderr, and return code of voms-proxy-info for any arbitrary file"""
+        """Run voms-proxy-info on a arbritary file. Returns stdout, stderr, and return code of voms-proxy-info
+        for any arbitrary file"""
         cmd = ["voms-proxy-info", "-file", filename] + list(opts)
         return _run_command(cmd)
 
+    @classmethod
+    def timeleft_from_file(cls, filename):
+        """Safely return the remaining lifetime of the proxy in the arbitrary file, in seconds
+        (returns 0 if unexpected stdout)"""
+        return _safe_int(cls.voms_proxy_info(filename, "-timeleft")[0])
+
 
 class VO:
     """Class for holding information related to VOMS attributes"""
@@ -292,7 +302,7 @@ def has_time_left(time_remaining):
             else:
                 vo_attr.cert = proxy_config["vo_cert"]
                 vo_attr.key = proxy_config["vo_key"]
-                if _safe_int(Proxy.voms_proxy_info(vo_attr.cert, "-timeleft")[0]) <= 0:
+                if Proxy.timeleft_from_file(vo_attr.cert) <= 0:
                     retcode = 1
                     print(
                         f"ERROR: Failed to renew proxy {proxy.output}: "