Jobbergate Core Reference
jobbergate_core
Jobbergate-core contains key components that are shared among sub-projects.
AuthenticationError
Bases: Buzz
Base exception for errors related to authentication on Jobbergate.
JobbergateAuthHandler
dataclass
High-level class used to manage authentication to requests to the Jobbergate-API
After an instance of this class is created, it can be used to authenticate requests
from both requests
and httpx
packages by passing it to the auth
parameter on the request (see examples below).
It just works out of the box. Behind the scenes, this procedure calls the
:meth:JobbergateAuthHandler.acquire_access
method to load the available tokens from the cache directory,
it tries to refresh them if they are expired, or provides an URL to the user to login on the system.
Notice all steps above are also available individually as public methods, allowing a fine control for advanced users.
.. _requests: https://requests.readthedocs.io/en/latest/ .. _httpx: https://www.python-httpx.org/
Parameters:
Name | Type | Description | Default |
---|---|---|---|
cache_directory |
Path
|
Directory to be used for the caching tokens. |
required |
login_domain |
str
|
Domain used for the login. |
required |
login_audience |
str
|
Audience of the login. |
required |
login_client_id |
str
|
Client ID used for login. |
'default'
|
Note
These values depend on the identity provider used for authentication. Consult your system administrator or contact Omnivector support support@omnivector.solutions for further assistance.
Note
This class can interoperate with the tokens generated by the jobbergate-cli
package, as long
as they are stored in the same cache directory.
Examples:
The following example shows how to use the :meth:`JobbergateAuthHandler`
class to authenticate a request:
>>> from pathlib import Path
>>> import requests
>>> from jobbergate_core import JobbergateAuthHandler
>>> jobbergate_auth = JobbergateAuthHandler(
... cache_directory=Path("."),
... login_domain="http://keycloak.local:8080/realms/jobbergate-local",
... login_audience="https://local.omnivector.solutions",
... login_client_id="cli",
... )
>>> jobbergate_base_url = "http://localhost:8000/jobbergate"
>>> response = requests.get(
... f"{jobbergate_base_url}/applications",
... auth=jobbergate_auth # this is the important part
)
Login Here: http://keycloak.local:8080/realms/jobbergate-local/device?user_code=LMVJ-XOLG
>>> response.raise_for_status()
>>> print(f"response = {response.json()}")
__call__
This internal method allows the integration with the requests
library.
It is called automatically when the instance is passed to the auth
parameter,
see the examples in the class docstring.
It adds the Authorization
header to the request with the access token.
acquire_access
High-level method to acquire a valid access token.
This method will attempt, in order:
- Use the internal access token from the instance
- Load the tokens from the cache directory (see :meth:
JobbergateAuthHandler.load_from_cache
) - If the access token is unavailable or expired, refresh both tokens
using the refresh token grant type (see :meth:
JobbergateAuthHandler.refresh_tokens
) - If the refresh token is unavailable or expired, login to generate both tokens
(see :meth:
JobbergateAuthHandler.login
)
Returns:
Type | Description |
---|---|
str
|
The bearer access token. |
Raises:
Type | Description |
---|---|
AuthenticationError
|
If all of the steps above fail to acquire a valid access token. |
load_from_cache
Load the tokens that are available at the cache directory.
login
Login to Jobbergate.
An URL will be printed to the console, the user must open it in a browser and provide their access credentials.
After the login is completed, the tokens will be saved to the cache directory.
logout
Logout from Jobbergate by clearing the loaded tokens and their cache on the disk.
refresh_tokens
Refresh the tokens.
After the refresh operation is completed, the tokens will be saved to the cache directory.
Raises:
Type | Description |
---|---|
AuthenticationError
|
If the refresh token is missing or expired. |
TokenError
Bases: AuthenticationError
Exception for errors related to tokens on Jobbergate.
auth
Utilities for handling auth in Jobbergate.
AuthenticationError
Bases: Buzz
Base exception for errors related to authentication on Jobbergate.
JobbergateAuthHandler
dataclass
High-level class used to manage authentication to requests to the Jobbergate-API
After an instance of this class is created, it can be used to authenticate requests
from both requests
and httpx
packages by passing it to the auth
parameter on the request (see examples below).
It just works out of the box. Behind the scenes, this procedure calls the
:meth:JobbergateAuthHandler.acquire_access
method to load the available tokens from the cache directory,
it tries to refresh them if they are expired, or provides an URL to the user to login on the system.
Notice all steps above are also available individually as public methods, allowing a fine control for advanced users.
.. _requests: https://requests.readthedocs.io/en/latest/ .. _httpx: https://www.python-httpx.org/
Parameters:
Name | Type | Description | Default |
---|---|---|---|
cache_directory |
Path
|
Directory to be used for the caching tokens. |
required |
login_domain |
str
|
Domain used for the login. |
required |
login_audience |
str
|
Audience of the login. |
required |
login_client_id |
str
|
Client ID used for login. |
'default'
|
Note
These values depend on the identity provider used for authentication. Consult your system administrator or contact Omnivector support support@omnivector.solutions for further assistance.
Note
This class can interoperate with the tokens generated by the jobbergate-cli
package, as long
as they are stored in the same cache directory.
Examples:
The following example shows how to use the :meth:`JobbergateAuthHandler`
class to authenticate a request:
>>> from pathlib import Path
>>> import requests
>>> from jobbergate_core import JobbergateAuthHandler
>>> jobbergate_auth = JobbergateAuthHandler(
... cache_directory=Path("."),
... login_domain="http://keycloak.local:8080/realms/jobbergate-local",
... login_audience="https://local.omnivector.solutions",
... login_client_id="cli",
... )
>>> jobbergate_base_url = "http://localhost:8000/jobbergate"
>>> response = requests.get(
... f"{jobbergate_base_url}/applications",
... auth=jobbergate_auth # this is the important part
)
Login Here: http://keycloak.local:8080/realms/jobbergate-local/device?user_code=LMVJ-XOLG
>>> response.raise_for_status()
>>> print(f"response = {response.json()}")
__call__
This internal method allows the integration with the requests
library.
It is called automatically when the instance is passed to the auth
parameter,
see the examples in the class docstring.
It adds the Authorization
header to the request with the access token.
acquire_access
High-level method to acquire a valid access token.
This method will attempt, in order:
- Use the internal access token from the instance
- Load the tokens from the cache directory (see :meth:
JobbergateAuthHandler.load_from_cache
) - If the access token is unavailable or expired, refresh both tokens
using the refresh token grant type (see :meth:
JobbergateAuthHandler.refresh_tokens
) - If the refresh token is unavailable or expired, login to generate both tokens
(see :meth:
JobbergateAuthHandler.login
)
Returns:
Type | Description |
---|---|
str
|
The bearer access token. |
Raises:
Type | Description |
---|---|
AuthenticationError
|
If all of the steps above fail to acquire a valid access token. |
load_from_cache
Load the tokens that are available at the cache directory.
login
Login to Jobbergate.
An URL will be printed to the console, the user must open it in a browser and provide their access credentials.
After the login is completed, the tokens will be saved to the cache directory.
logout
Logout from Jobbergate by clearing the loaded tokens and their cache on the disk.
refresh_tokens
Refresh the tokens.
After the refresh operation is completed, the tokens will be saved to the cache directory.
Raises:
Type | Description |
---|---|
AuthenticationError
|
If the refresh token is missing or expired. |
Token
dataclass
Low-level class used to handling tokens.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
cache_directory |
Path
|
The directory used for cache. |
required |
label |
str
|
The type of token. |
required |
content |
str
|
The content of the token (default is |
''
|
Attributes:
Name | Type | Description |
---|---|---|
file_path |
Path
|
The path to the file associated with the token.
It is computed as |
data |
Dict[str, Any]
|
Metadata decoded from the token's content are available in this dictionary. Expiration date and permissions are some examples of data that can be found. |
clear_cache
Clear the token from cache by removing the file associated with it.
is_expired
Check if the token is expired.
Returns:
Type | Description |
---|---|
bool
|
True if the token is expired, False otherwise. |
Raises:
Type | Description |
---|---|
TokenError
|
If the expiration date is not found. |
load_from_cache
Load the token from the cache directory.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
cache_directory |
The path to the cache directory. |
required | |
label |
The type of token. |
required |
Returns:
Type | Description |
---|---|
Token
|
A new token with the content replaced. |
replace
Create a new instance of the token with the changes applied.
Other Parameters:
Name | Type | Description |
---|---|---|
content |
The content of the token. |
|
cache_directory |
The directory containing the cache. |
|
label |
The type of token. |
save_to_cache
Save the token to the cache file associated with it.
Raises:
Type | Description |
---|---|
TokenError
|
If the parent directory does not exist. |
TokenError
|
If there is an unknown error while saving the token. |
TokenError
Bases: AuthenticationError
Exception for errors related to tokens on Jobbergate.
TokenType
Bases: str
, Enum
The types of tokens available in the system are access
and refresh
.
exceptions
AuthenticationError
Bases: Buzz
Base exception for errors related to authentication on Jobbergate.
TokenError
Bases: AuthenticationError
Exception for errors related to tokens on Jobbergate.
handler
Utilities for handling authentication in the Jobbergate system.
JobbergateAuthHandler
dataclass
High-level class used to manage authentication to requests to the Jobbergate-API
After an instance of this class is created, it can be used to authenticate requests
from both requests
and httpx
packages by passing it to the auth
parameter on the request (see examples below).
It just works out of the box. Behind the scenes, this procedure calls the
:meth:JobbergateAuthHandler.acquire_access
method to load the available tokens from the cache directory,
it tries to refresh them if they are expired, or provides an URL to the user to login on the system.
Notice all steps above are also available individually as public methods, allowing a fine control for advanced users.
.. _requests: https://requests.readthedocs.io/en/latest/ .. _httpx: https://www.python-httpx.org/
Parameters:
Name | Type | Description | Default |
---|---|---|---|
cache_directory |
Path
|
Directory to be used for the caching tokens. |
required |
login_domain |
str
|
Domain used for the login. |
required |
login_audience |
str
|
Audience of the login. |
required |
login_client_id |
str
|
Client ID used for login. |
'default'
|
Note
These values depend on the identity provider used for authentication. Consult your system administrator or contact Omnivector support support@omnivector.solutions for further assistance.
Note
This class can interoperate with the tokens generated by the jobbergate-cli
package, as long
as they are stored in the same cache directory.
Examples:
The following example shows how to use the :meth:`JobbergateAuthHandler`
class to authenticate a request:
>>> from pathlib import Path
>>> import requests
>>> from jobbergate_core import JobbergateAuthHandler
>>> jobbergate_auth = JobbergateAuthHandler(
... cache_directory=Path("."),
... login_domain="http://keycloak.local:8080/realms/jobbergate-local",
... login_audience="https://local.omnivector.solutions",
... login_client_id="cli",
... )
>>> jobbergate_base_url = "http://localhost:8000/jobbergate"
>>> response = requests.get(
... f"{jobbergate_base_url}/applications",
... auth=jobbergate_auth # this is the important part
)
Login Here: http://keycloak.local:8080/realms/jobbergate-local/device?user_code=LMVJ-XOLG
>>> response.raise_for_status()
>>> print(f"response = {response.json()}")
This internal method allows the integration with the requests
library.
It is called automatically when the instance is passed to the auth
parameter,
see the examples in the class docstring.
It adds the Authorization
header to the request with the access token.
High-level method to acquire a valid access token.
This method will attempt, in order:
- Use the internal access token from the instance
- Load the tokens from the cache directory (see :meth:
JobbergateAuthHandler.load_from_cache
) - If the access token is unavailable or expired, refresh both tokens
using the refresh token grant type (see :meth:
JobbergateAuthHandler.refresh_tokens
) - If the refresh token is unavailable or expired, login to generate both tokens
(see :meth:
JobbergateAuthHandler.login
)
Returns:
Type | Description |
---|---|
str
|
The bearer access token. |
Raises:
Type | Description |
---|---|
AuthenticationError
|
If all of the steps above fail to acquire a valid access token. |
Load the tokens that are available at the cache directory.
Login to Jobbergate.
An URL will be printed to the console, the user must open it in a browser and provide their access credentials.
After the login is completed, the tokens will be saved to the cache directory.
Logout from Jobbergate by clearing the loaded tokens and their cache on the disk.
Refresh the tokens.
After the refresh operation is completed, the tokens will be saved to the cache directory.
Raises:
Type | Description |
---|---|
AuthenticationError
|
If the refresh token is missing or expired. |
token
Utilities for handling tokens on Jobbergate.
Token
dataclass
Low-level class used to handling tokens.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
cache_directory |
Path
|
The directory used for cache. |
required |
label |
str
|
The type of token. |
required |
content |
str
|
The content of the token (default is |
''
|
Attributes:
Name | Type | Description |
---|---|---|
file_path |
Path
|
The path to the file associated with the token.
It is computed as |
data |
Dict[str, Any]
|
Metadata decoded from the token's content are available in this dictionary. Expiration date and permissions are some examples of data that can be found. |
Clear the token from cache by removing the file associated with it.
Check if the token is expired.
Returns:
Type | Description |
---|---|
bool
|
True if the token is expired, False otherwise. |
Raises:
Type | Description |
---|---|
TokenError
|
If the expiration date is not found. |
Load the token from the cache directory.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
cache_directory |
The path to the cache directory. |
required | |
label |
The type of token. |
required |
Returns:
Type | Description |
---|---|
Token
|
A new token with the content replaced. |
Create a new instance of the token with the changes applied.
Other Parameters:
Name | Type | Description |
---|---|---|
content |
The content of the token. |
|
cache_directory |
The directory containing the cache. |
|
label |
The type of token. |
Save the token to the cache file associated with it.
Raises:
Type | Description |
---|---|
TokenError
|
If the parent directory does not exist. |
TokenError
|
If there is an unknown error while saving the token. |
TokenType
Bases: str
, Enum
The types of tokens available in the system are access
and refresh
.
tools
sbatch
InfoHandler
dataclass
SubmissionHandler
dataclass
Submits sbatch jobs to the cluster.
inject_sbatch_params
inject_sbatch_params(
job_script_data_as_string: str,
sbatch_params: list[str],
header: str | None = None,
) -> str
Injects sbatch parameters into a job script.
This function takes a job script as a string, a list of sbatch parameters, and an optional header.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
job_script_data_as_string |
str
|
The job script as a string. |
required |
sbatch_params |
list[str]
|
A list of sbatch parameters to be inserted. |
required |
header |
str | None
|
A comment to be inserted before the parameters (i.e., "Injected at runtime by Jobbergate"). |
None
|
Returns:
Type | Description |
---|---|
str
|
The job script with the sbatch parameters inserted. |
version
Provide the version of the package.