Improve IAMService user to CS conversion#8491
Improve IAMService user to CS conversion#8491maxnoe wants to merge 2 commits intoDIRACGrid:integrationfrom
Conversation
maxnoe
force-pushed
the
voms2cs-nested-groups
branch
3 times, most recently
from
2d5e13c to
b1fbfd8
Compare
|
@chaen the CI failure here seems unrelated to me |
|
@maxnoe is that ready to be reviewed now? |
|
I would be happy about a review, yes, but I left it on draft as I also wanted to test it in our integration test environment but didn't have a chance yet. |
|
I've just tried it against our prod server, and I see discrepencies, but I did not yet dig down in it |
There is an additional filter now to only create entries for groups that are actually voms roles. I would expect that you now get less roles attached to users, but the roles that are no longer attached do not correspond to real voms roles in the iam server. |
|
There's definitely something off with the logic as it starts adding people without a single |
ok, thanks, I will dig into that next week |
Where should this filtering happen? The Should |
maxnoe
force-pushed
the
voms2cs-nested-groups
branch
from
8e52b26 to
0bffc2e
Compare
- Handle nested groups - Filter groups by vo name - Filter groups by having voms.role label - Add tests
maxnoe
force-pushed
the
voms2cs-nested-groups
branch
from
0bffc2e to
9d725c9
Compare
|
oos sorry I pushed by mistake, I'll fix my mess |
chaen
force-pushed
the
voms2cs-nested-groups
branch
from
73737a6 to
9d725c9
Compare
3 participants
BEGINRELEASENOTES
*Core
FIX: Improve VOMS2CSAgent to handle nested groups and only sync groups that have the voms.role label
ENDRELEASENOTES
Closes #8487