Important
This repository has been migrated to the PPD Technical Support team inside the CERN GitLab instance: pdmv-http-client. Please open and follow issues directly there, do not open or follow them here!
Note
The latest version of this project is now available at PyPI 🎉, check there more details about how to use it: pdmv-http-client
Repository for using McM scripts and example scripts
Create an isolated virtual environment using a Python version >= 3.9 via:
python3.9 -m venv venv && source ./venv/bin/activate
If you want to set up a development environment to contribute to this project:
Install uv and the required dependencies.
pip install uv
Set the current venv to use with uv:
export UV_PROJECT_ENVIRONMENT="${VIRTUAL_ENV}"
Install the packages via: uv sync
Run the test suite via:
uv run pytest -s -vv
Important
Make sure your execution environment has a valid Kerberos ticket to consume CERN services!
If you just want to use this package in your own project, install it via:
pip install git+https://github.com/cms-PdmV/mcm_scripts.git
Make sure to remove the sys.path.append(...) statements to avoid overloading old versions from AFS.
- Link to McM: https://cms-pdmv-prod.web.cern.ch/mcm/
- McM Rest API: https://cms-pdmv-prod.web.cern.ch/mcm/restapi
- Public APIs do not require SSO credentials. Index of public API: https://cms-pdmv-prod.web.cern.ch/mcm/public/restapi/
McM supports two authentication mechanisms: Session cookies and ID tokens
- Use
auth-get-sso-cookiecommand line tool to generate it:auth-get-sso-cookie --url https://cms-pdmv-dev.web.cern.ch/mcm/ -o dev-cookie.txtauth-get-sso-cookie --url https://cms-pdmv-prod.web.cern.ch/mcm/ -o prod-cookie.txt
auth-get-sso-cookieis already available in lxplus nodes- It expires after ~10 hours, so be sure to regenerate it
- Dev cookie is valid only for the development environment and the production cookie is valid only for the production environment
- This method doesn't work if 2FA is enabled. If you are using it, please use the following alternative instead of this package.
- Configure the McM SDK to request and send ID tokens to authenticate your actions. To achieve this, instantiate it like the following:
McM(id='oidc') - Instead of requesting a session cookie, this configuration will start an authentication flow using Device Authorization Grant to request an ID token. Therefore, it requires human intervention to complete the authentication flow using a browser.
If you want to know more details about how it works, check the code available in rest.py module and its unit tests rest_test.py
- If you want to use priority-changing scripts or do anything else related to cmsweb, you'll have to use voms-proxy:
voms-proxy-init -voms cmsexport X509_USER_PROXY=$(voms-proxy-info --path)