IQSS logo

IRC log for #dataverse, 2019-06-25

Connect via chat.dataverse.org to discuss Dataverse (dataverse.org, an open source web application for sharing, citing, analyzing, and preserving research data) with users and developers.

| Channels | #dataverse index | Today | | Search | Google Search | Plain-Text | plain, newest first | summary

All times shown according to UTC.

Time S Nick Message
03:45 jri joined #dataverse
07:13 jri joined #dataverse
07:48 poikilotherm joined #dataverse
09:30 arahmati joined #dataverse
09:31 arahmati ik wil graag meer informatie over functionaliteit, veiligheid en opslagcapaciteit van dataverse. thanks
10:40 pdurbin opslag
10:47 poikilotherm joined #dataverse
10:51 pdurbin veilig
10:52 poikilotherm Mornin pdurbin :-)
11:02 pdurbin poikilotherm: mornin! Did you see I gave you a shout out at https://scholar.harvard.edu/pdurbin/blog/2019/jupyter-notebooks-and-crazy-ideas-for-dataverse ? :)
11:02 pdurbin xarthisius: screenshots of launching a Jupyter Notebook from Dataverse using Whole Tale ^^
11:07 poikilotherm Shout? Nope
11:11 pdurbin A shout out. A mention.
11:11 pdurbin I guess it was more of a mention than a shout out. I *should* have given you a shout out.
11:15 pdurbin I did say to whoever would listen that we should have tried to figure out a way to fund your travel to #dataverse2019.
11:30 poikilotherm Ah I'm honored :-)
11:30 poikilotherm Thank you :-)
11:30 poikilotherm Nice mention in the who's who :-D
11:30 poikilotherm I like your idea about having a board for the installations
11:31 poikilotherm Thinking about using No. 4 I created for testing for FZJ...
11:31 poikilotherm Would that make sense?
11:33 pdurbin poikilotherm: yes! Did you see the tweet by Sebastian from QDR? Check this out: https://twitter.com/adam42smith/status/1143233533139390465
11:33 poikilotherm YEah, I saw it in my timeline
11:34 poikilotherm Now after reading your slides, it makes all sense :D
11:34 pdurbin This is why I transcribed my talk. :)
11:34 poikilotherm And I saw the chat logs, mentioning No 5
11:34 pdurbin Thanks for reading my blog post!
11:35 poikilotherm Your ideas are not as crazy as your title suggests...
11:37 pdurbin :)
11:37 pdurbin crazy is relative, I guess :)
11:37 poikilotherm visionary?
11:38 pdurbin signs of an addled brain?
11:38 pdurbin too much coffee?
11:39 poikilotherm You know what a crazy idea is? Trying to run Dataverse on the RPi4
11:41 pdurbin Heh. That was in the Nextcloud talk. The founder came!
11:43 poikilotherm Hey, read that on Twitter :-)
11:43 poikilotherm Another crazy german guy :-D
11:43 pdurbin Frank: https://groups.google.com/d/msg/dataverse-community/A5l4P9xKwYI/uOervjaZBgAJ
11:44 pdurbin nice guy
11:45 poikilotherm Phil, may I interrupt? My boss just send me an email about his need for an appropriate contact at IQSS regarding a possible hackothon/conference/whatever
11:45 poikilotherm Who should I name?
11:45 pdurbin Danny.
11:45 poikilotherm Alright!
11:46 pdurbin Rumor has it there will be a little Dataverse conference in January in Norway.
11:46 poikilotherm Oh nice
11:47 poikilotherm Norway is at least not as far away as US
11:47 poikilotherm But January... Meh, that going to be _COLD_
11:48 poikilotherm I just send my boss https://projects.iq.harvard.edu/dannybrooke
11:48 poikilotherm -d +t
11:49 pdurbin yeah, and dark. but visible northern lights
11:50 pdurbin sounds like it'll be a small meeting though
11:50 poikilotherm We'll see :-)
11:51 pdurbin !
11:51 pdurbin :)
11:52 poikilotherm Mind if I switch to another topic?
11:52 pdurbin go for it
11:53 poikilotherm We had a meeting with some people from our campus last Wednesday about the auth thing for our installation.
11:54 poikilotherm Looks like we were not able to convince them to use ORCID only
11:54 poikilotherm :-/
11:54 pdurbin ok
11:54 poikilotherm So, I need to get sth. together. And as always, I would like to do it right, hoping other might have a benefit, too
11:56 poikilotherm I thought about a bit back and forth, and try to get an issue togheter. But before I write that, I would like to share it here to see, if some people think this might be sth. to think of more...
11:56 poikilotherm +worth
11:57 poikilotherm Maybe this is also sth. for the community call, but I dunno when I can make it next time
11:58 poikilotherm Shall I continue?
11:58 poikilotherm (With details)
11:59 pdurbin Sorry, I was adding links to my blog post. Sure, please keep going. Are you thinking of adding a 6th auth option?
11:59 poikilotherm Not necessarily
12:00 poikilotherm Currently, there are already present: local, SAML and Oauth2
12:01 poikilotherm What I would like to see discussed is support for integration of an IDM
12:01 pdurbin IDM?
12:01 poikilotherm Mostly using it as an auth proxy
12:01 poikilotherm Identity Management System
12:02 poikilotherm Sth. easier to setup for different scenarios, but of course optional
12:02 pdurbin What's an open source example of an IDM I could install?
12:02 poikilotherm Integratable into other things, too, like integrations for Dataverse needing authn/z
12:03 poikilotherm Currently I am aware of Gluu, Unity IDM, Dex
12:03 poikilotherm FreeIPA
12:03 pdurbin Ok, I've heard of Gluu and FreeIPA. Actually I used FreeIPA back when it was Netscape Directory Server, if it's the one I'm thinking of.
12:04 poikilotherm Ideally, it shouldn't matter that much which one you choose, as there are some of those out in the wilds already
12:04 pdurbin I'm thinking of https://en.wikipedia.org/wiki/389_Directory_Server which is part of FreeIPA.
12:05 poikilotherm Yeah, most of the IDMs also have options to attach ldap directories
12:05 poikilotherm Those packages I mentioned are on different levels of what they provide, how they store things, etc
12:06 pdurbin sure
12:06 poikilotherm Dex is a very minimal thing, Unity IDM mostly targeted at proxying, Gluu and FreeIPA full blown stuff with directories etc
12:06 poikilotherm I came across Unity when I looked at B2ACCESS
12:07 poikilotherm https://www.unity-idm.eu/
12:07 poikilotherm https://eudat.eu/sites/default/files/b2access-oct2015.png
12:08 pdurbin oh good, it's open source: https://github.com/unity-idm/unity
12:08 poikilotherm Of course :-D
12:08 poikilotherm You asked me to provide examples of OSS IDMs ;-)
12:08 pdurbin nice diagram
12:09 pdurbin I'm a little confused though. You're shopping for an IDM? Most orgs already have one. Or several. :)
12:09 poikilotherm Disclaimer: b2access is a service run by FZJ being part of EUDAT/EOSC... However, the underlying tech is OSS
12:09 poikilotherm Yeah, we don't.
12:10 poikilotherm We have an Active Directory
12:10 poikilotherm But that does not count as an IDM to me ;-)
12:10 poikilotherm Also there is a SAML IdP
12:10 poikilotherm Based on AD
12:10 poikilotherm Still no IDM ;-)
12:10 pdurbin AD counts for a lot of orgs. :)
12:10 poikilotherm Yeah :-D
12:11 pdurbin and there's stuff about ADFS in the Dataverse guides
12:11 poikilotherm Shure.
12:11 poikilotherm This still needs Shibboleth
12:11 pdurbin yeah
12:11 poikilotherm SAML...
12:11 pdurbin yeah
12:12 poikilotherm What I like about the mentioned IDMs is the capability to be used with OAuth2/Open ID Connect AND saml etc
12:12 poikilotherm They are translators between those worlds
12:12 poikilotherm Kind of a single point of contact
12:13 poikilotherm But offering lots of options for authn/z
12:13 poikilotherm https://github.com/orgs/IQSS/projects/5
12:13 poikilotherm Ups
12:13 poikilotherm Wrong windows
12:13 poikilotherm -s
12:15 pdurbin Yeah, SAML is the main way to integrate with Dataverse. The OAuth providers are pull request based.
12:15 poikilotherm Yeah.
12:16 poikilotherm I was thinking that it might offer a lot of new options for integrations, user management, authentication via different providers but same user, etc. when an IDM could be integrated with Dataverse. Again: as an option for larger use cases
12:17 poikilotherm Or where people need special handling of stuff etc
12:17 pdurbin Sure. Early on I investigated a few options. Before I went with mod_shib and shibd. I can go look up what I wrote back then if you're curious.
12:19 pdurbin "Dataverse Shibboleth/SAML Design Document" https://docs.google.com/document/d/1y2axfd_ScmXVICFlV8AuPDdp5xHwTag54pUpVefzs5g/edit?usp=sharing
12:19 poikilotherm Couldn't hurt to take a look :-D
12:19 pdurbin I looked at OpenAM, for example.
12:21 pdurbin I was pretty focused on SAML/Shibboleth back then. I wasn't thinking much about OAuth2.
12:22 pdurbin The GitHub issue is five years old: https://github.com/IQSS/dataverse/issues/791
12:23 poikilotherm Yeah, the world changed a bit since that time :-D
12:23 pdurbin yeah
12:24 pdurbin Have you looked at https://github.com/IQSS/dataverse/blob/v4.15/doc/Architecture/auth.md ?
12:26 poikilotherm Now I did :-D
12:27 poikilotherm I was thinking that IDMs should be fairly easy to integrate via OA2/OIDC already being present
12:27 pdurbin Michael Bar-Sinai made all those diagrams. He and I talked through all the auth stuff before we (mostly he) wrote the code.
12:28 poikilotherm (And about the docs: was this intentionally not part of the guides?)
12:28 pdurbin I think Michael prefers markdown to rst.
12:28 pdurbin might be nice to move it into the guides
12:28 patrick33 joined #dataverse
12:28 poikilotherm :-D
12:28 pdurbin hi there patrick33
12:29 poikilotherm Maybe there is a markdown parser for RSt?
12:29 poikilotherm ;-)
12:29 pdurbin maybe
12:29 pdurbin I've made peace with rst.
12:29 patrick33 Hi. I struggle to configure Shibboleth... After authenticating with my instution I'm redirected to a page "account information" with no information
12:30 patrick33 ling to Log In still appears...
12:30 poikilotherm https://www.sphinx-doc.org/en/master/usage/markdown.html
12:30 patrick33 On the Glassfish server I have an error "The SAML assertion "Shib-Identity-Provider" was null
12:31 patrick33 Any idea ?
12:31 pdurbin "Shib-Identity-Provider" is one of the required attributes: http://guides.dataverse.org/en/4.15/installation/shibboleth.html#shibboleth-attributes
12:32 pdurbin It should come across as something like "Identity Provider: https://idp.testshib.org/idp/shibboleth" ... that's from the https://dataverse.example.edu/Shibboleth.sso/Session eample at http://guides.dataverse.org/en/4.15/installation/shibboleth.html#exchange-metadata-with-your-identity-provider
12:33 pdurbin patrick33: maybe you can email your "/Shibboleth.sso/Session" output to support@dataverse.org . If that makes sense. It should have stuff like "givenName: Me Myself" in it.
12:34 patrick33 Here is the output:
12:35 patrick33 givenName: 1 value(s)
12:35 patrick33 I will send the full output by email
12:35 pdurbin perfect
12:35 pdurbin emailing that address will create a ticket number to track too
12:39 patrick33 Done !
12:40 pdurbin patrick33: thanks, I see it at https://help.hmdc.harvard.edu/Ticket/Display.html?id=277872
12:41 pdurbin and the screenshot is nice. thank you
12:42 pdurbin looks like you're using dataverse-ansible. good
12:44 pdurbin "Identity Provider" is in your Session output. Huh.
12:44 patrick33 yes. I used it to configure without SSL. Nevertheless, I used the templates to configure shibd ans ssl
12:44 patrick33 Seems like
12:45 patrick33 environment variables are not transmitted to Glassfish
12:45 pdurbin Was the shib user created? Do you see the user in the superuser dashboard?
12:46 patrick33 No. It isn't. Only the admin user
12:47 pdurbin That's what I figured. It sounds like you're seeing an error about a null required value in server.log. Null identity provider.
12:48 donsizemore joined #dataverse
12:48 patrick33 I don't find a mention af this user in the documentation.
12:49 pdurbin patrick33: if you want to try to hack on the code, here is where "Shib-Identity-Provider" is defined: https://github.com/IQSS/dataverse/blob/v4.15/src/main/java/edu/harvard/iq/dataverse/authorization/providers/shib/ShibUtil.java#L25
12:54 patrick33 Sorry, but I don't understand. Is it impossible to make it work without hacking the code ? How do other institution to connect to Shibboleth ?
12:56 pdurbin No, you shouldn't have to hack on the code. It should just work and does for dozens of installations. I'm just saying if you're a developer and want to troubleshoot, that's the code in question.
12:57 pdurbin I see you're running Dataverse 4.15 and I don't think we touched this code at all. I don't think anyone is running it in production yet. It was released recently.
12:57 pdurbin donsizemore: want to upgrade to Dataverse 4.15 and see if shib still works? :)
12:58 patrick33 Can you tell me more about rhe "shib" user ?
13:00 pdurbin patrick33: sure. You can tell if a user is shib or non-shib from the user dashboard or from http://phoenix.dataverse.org/schemaspy/latest/tables/authenticateduserlookup.html
13:02 patrick33 (unfortunately I'm not a developper)
13:04 pdurbin patrick33: I think I found some debugging you can try to turn up for me: https://github.com/IQSS/dataverse/blob/v4.15/src/main/java/edu/harvard/iq/dataverse/authorization/providers/shib/ShibUtil.java#L366
13:05 pdurbin Let's try something similar to http://guides.dataverse.org/en/4.15/developers/debugging.html#logging
13:06 pdurbin ./asadmin set-log-levels edu.harvard.iq.dataverse.authoriza​tion.providers.shib.ShibUtil=FINE
13:06 pdurbin I *think* that's right.
13:06 pdurbin The goal is to print out the attributes to server.log
13:06 patrick33 done: edu.harvard.iq.dataverse.api.Datasets package set with log level FINE.These logging levels are set for server. Command set-log-levels executed successfully.
13:07 patrick33 glassfish restarting
13:07 pdurbin cool
13:08 pdurbin is there now additional debugging output in server.log?
13:09 patrick33 No :-(
13:11 pdurbin Hmm, I hope I gave you the right package name.
13:11 pdurbin patrick33: oh, it looks like you set logging for "Datasets"
13:11 pdurbin I'd like you to set logging for ShibUtil.
13:11 pdurbin (and they're in different packages)
13:11 patrick33 Sorry. I made a mistake.
13:12 patrick33 (reused a command in history on a different package)
13:13 donsizemore @pdurbin i do want to upgrade to dataverse and i do want for shib to continue working =)
13:13 donsizemore @pdurbin though at the moment i only have two shib-enabled hosts and i need to keep them at parity
13:13 pdurbin donsizemore: I don't think we touched that code so please don't worry. :)
13:13 donsizemore @pdurbin wait. harvard isn't on 4.15 yet?
13:14 pdurbin nope, not even demo
13:14 pdurbin donsizemore: by the way, I gave you, Jon, and Thu-Mai shout outs in my blog post: https://groups.google.com/d/msg/dataverse-community/lktk-artKjQ/xzCpfGf7BwAJ :)
13:15 donsizemore @pdurbin i can upgrade our test host with thu-mai and jon's approval. we want to upgrade anyway, and we'll find out pretty quickly whether shib is happy?
13:16 pdurbin Might be a good data point. Longer term it would be great to be able to test this from Jenkins somehow.
13:16 pdurbin patrick33: any luck getting more output from ShibUtil?
13:16 donsizemore @pdurbin i could ask our identity management folks about setting up the jenkins server as an SP
13:19 patrick33 I get this message : Shibboleth dev mode has not been configured. Returning a sane default: PRODUCTION
13:19 pdurbin sounds like progress :)
13:19 donsizemore @pdurbin just asked permission to upgrade our test host, which we'll want to do anyway
13:21 pdurbin patrick33: but that's coming from https://github.com/IQSS/dataverse/blob/v4.15/src/main/java/edu/harvard/iq/dataverse/authorization/providers/shib/ShibServiceBean.java#L82 ... ShibServiceBean and I'd like you to get more output from ShibUtil please.
13:21 pdurbin donsizemore: great
13:23 patrick33 Ouch ! This has a side effect !
13:24 patrick33 When I select my institution on the login page, It proposes me to create an account for Alejandro Verkroost
13:24 patrick33 is it hardcoded ?
13:27 pdurbin no... nothing is hard coded... that's really weird
13:27 pdurbin there shouldn't be any side effect
13:32 patrick33 How to send you the output of server.log because I have no account on help.hmdc.harvard.edu  to update the case
13:40 pdurbin_m joined #dataverse
13:41 pdurbin_m patrick33: please just email the same address. someone will merge the tickets
13:51 patrick33 Is it possible to downgrade just by undeploying dataverse on glassfish ?
13:58 pdurbin_m joined #dataverse
13:58 poikilotherm patrick33: most likely the answer is "no", because of the database migrations.
13:58 pdurbin_m patrick33: no. The database schema is always changing.
13:59 poikilotherm What pdurbin_m says
13:59 pdurbin_m poikilotherm: what you say. I'm at the gym. :)
14:00 * poikilotherm sees pdurbin doing one handed push ups - one hand on the floor, one typing on the phone
14:00 poikilotherm Go Phil, go! :-D
14:01 pdurbin_m heh
14:03 poikilotherm Answers are going to take long. One char per push up. Thats already 55 pushups for your last answer... :-D
14:06 pdurbin_m :)
14:06 patrick33 Thank you for your help. I guess the problem comes from the demo status of 4.15. I will snapshot the server and reinstall from scratch with 4.14
14:10 pdurbin_m patrick33: fingers crossed
14:10 pdurbin_m again, I don't think we touched the shib code in 4.15
14:10 pdurbin_m donsizemore: you'll let us know if we broke something :)
14:11 patrick33 Each time I refresh the screen, I get another user name to create... I saw smthg in the log about a test idp
14:12 xarthisius pdurbin_m: nice transcript! Thanks for using WT for you live demo! :)
14:12 poikilotherm patrick33 what IdP are you using?
14:12 poikilotherm How did you configure your Shib?
14:13 poikilotherm Are you using some kind of federation like eduGain/Incommon or other AAI?
14:13 patrick33 https://idp.uclouvain.be/idp/shibboleth
14:14 poikilotherm Greetings from Jülich, DE to Louvain :-)
14:14 patrick33 Greetings !
14:15 poikilotherm Ok, thanks for the metadata. Are you sure you used that in your SP config?
14:15 pdurbin_m xarthisius: if you listen to the audio you'll hear enthusiast applause :)
14:16 patrick33 Yes. It is in the output of Shibboleth.sso/Session
14:16 patrick33 And we see the exchange of information on the idp server
14:17 poikilotherm Ok, good to know.
14:17 patrick33 From the idp server, everything worked fine
14:17 poikilotherm Could you try to configure your SP to use some test IdP?
14:17 poikilotherm So we can see if this is reproducible
14:17 patrick33 I could do that tommorrow because I rebuilded already the sp
14:18 patrick33 I see strange things in the server.log
14:19 patrick33 Couldn't find an affiliation from  https://idp.lemon.com/idp/shibboleth|#]
14:20 patrick33 Couldn't find an affiliation from  https://idp.1231.com/idp/shibboleth|#
14:20 poikilotherm You might try with https://samltest.id or similar
14:20 patrick33 no user found using sadie.white@example.com|#]
14:21 poikilotherm WTF?
14:21 patrick33 I never configured those idp's
14:21 poikilotherm There is definitly sth. wrong...
14:22 poikilotherm When you configured your Shib with exactly one IdP, it should not talk to others
14:22 patrick33 [#|2019-06-25T15:22:52.456+0200|INFO|glassfish 4.1|edu.harvard.iq.dataverse.authorizat​ion.AuthenticationServiceBean|_ThreadID​=47;_ThreadName=jk-connector(1);_TimeMi​llis=1561468972456;_LevelValue=800;|   no user found using alejandro.verkroost@example.com|#]
14:22 patrick33 Yes. We always use the same shibboleth2 for all the servers of the university.
14:22 poikilotherm Could you please monitor your access log to see where those requests are coming from?
14:22 patrick33 *shibboleth2.xml
14:23 poikilotherm Is your installation public already?
14:25 donsizemore @patrick33 any chance I can see your (redacted) shibboleth2.xml? dls@email.unc.edu
14:26 patrick33 I should ask the shibboleth administrator
14:26 patrick33 It's public.
14:27 poikilotherm Are you re-using a Shibd for your SP already in use for other things?
14:27 poikilotherm Or is this a single purpose "apache proxy + shibd only for Dataverse" setup?
14:28 patrick33 We have several implementations of apache in front of a glassfish or tomcat. It works ok.
14:29 patrick33 but the server with problems is dedicated to dataverse. So shibd is only used for dataverse
14:29 poikilotherm Err. Ok. This makes troubleshooting more like a P&P adventure.
14:30 poikilotherm Hmm.
14:31 poikilotherm To ensure I got it right
14:31 poikilotherm You have a apache reverse proxy with mod_shib and a shibd which is solely in use for Dataverse?
14:31 poikilotherm It does not see traffic for other sites
14:32 poikilotherm And you are sure there is no public access from users, bots, scripts whatever except for your own request you are doing by yourself
14:32 patrick33 all the requests are from our network (in fact, the dataverse instance cannot be joigned from outside his network before the installation is finished)
14:34 patrick33 I must go. Thanks again for your help. Stay tuned tomorrow. Regards. Patrick
14:34 poikilotherm Ok cu
14:35 poikilotherm I'll be around at 9:00 European Summer time
14:35 poikilotherm (CEST)
14:48 pdurbin ah summer time
14:48 pdurbin xarthisius: I might have a favor to ask. Or at least an idea for you. :)
14:51 donsizemore mmm, European Summer time.
14:52 pdurbin donsizemore: I minted a cert and emailed it to Slava, by the way
14:57 pdurbin "setting returned: RANDOM"
14:57 pdurbin definitely something weird going on in Patrick's config
14:59 pdurbin I wonder if he was playing with ":DebugShibAccountType" http://guides.dataverse.org/en/4.15/developers/remote-users.html
15:02 pdurbin because when you use RANDOM like that, users are pulled from https://randomuser.me
15:03 pdurbin via its API: https://github.com/IQSS/dataverse/blob/v4.15/src/main/java/edu/harvard/iq/dataverse/authorization/AuthTestDataServiceBean.java#L31
16:19 jri joined #dataverse
17:15 donsizemore @pdurbin this RANDOM settings seems very useful for april 1st
17:16 pdurbin heh
17:21 pdurbin donsizemore: should we talk a little more about https://github.com/IQSS/dataverse-ansible/pull/76 ?
17:23 donsizemore @pdurbin i think we'd want to keep -b and -K with explanation, and tag -e as optional, with explanation. maybe a bulleted list of suggested options?
17:23 donsizemore @pdurbin i can work on that if you'd like
17:24 pdurbin Hmm. How about two versions. A quick start for newbies like me and a later section than explains what -b and -K do. Also, I'm trying without "export ANSIBLE_ROLES_PATH=." and it seems like the quickstart doesn't need that line.
17:25 donsizemore @pdurbin that and the export-local dealy could become optional depending on need
17:26 pdurbin Do you mean "--connection=local"? I seem to need that or I get errors.
17:27 donsizemore @pdurbin you and dunlap ran into that, if i've used it recently i don't remember it. but i'm happy to take a whack at README.md if you'd like
17:28 pdurbin Well, I'm happy with my version. It works. I guess what I'm suggesting is that my version could be the quickstart at the top. And you could put whatever advanced stuff under it. In a different section.
17:28 pdurbin Maybe we keep the "Usage" heading as yours. I could add a "Quickstart" heading above it.
17:28 donsizemore makes perfect sense
17:29 pdurbin Ok, I'll make a new pull request.
17:39 pdurbin done
17:52 donsizemore approved =) i'll add in an explanatory table or something
17:53 pdurbin awesome. thanks. next question. should able to run my ansible-playbook command over and over or will it break something. what's that fancy word?
17:53 pdurbin Is dataverse-ansible idempotent?
17:54 donsizemore no. dataverse-ansible is merely a wrapper for the dataverse installer, which is itself not idempotent
17:54 pdurbin ok, that's what I figured, thanks
17:55 donsizemore we can start dropping in semaphores to make it idempotent, but the dataverse installer itself insists on postgres-admin and a squeaky-clean DB
17:56 donsizemore i think we'd be opening up a ton of failure points with low potential gain given the heterogenous nature of even dataverse upgrades
17:56 pdurbin yeah
17:57 donsizemore yes, ansible roles /should/ be idempotent. but many open source programs also aim for full POSIX compliance...
17:58 pdurbin :)
17:59 pdurbin How to do you feel about a config option that runs this? curl -X PUT -d true http://localhost:8080/api/admin/settings/:AllowApiTokenLookupViaApi
18:01 donsizemore fine by me. easy switch to add
18:02 donsizemore i meant to check on the status of the api_test_suite in dataverse-ansible, but i remember wanting to get it working *outside* of ansible first...
18:05 pdurbin I just opened an issue for that api token thing: https://github.com/IQSS/dataverse-ansible/issues/80
18:06 pdurbin yeah, let's circle back to the test suite. phoenix found a bug yesterday so even though he wants to retire I won't let him, yet
18:06 donsizemore writing my README explanation, then apitokenlookup, then back to test suite =)
18:07 pdurbin awesome :)
18:07 pdurbin see, I don't even need a board, you're so fast :)
18:07 donsizemore you can drag stuff onto project 5
18:08 pdurbin :)
18:09 pdurbin good progress on payara 5 yesterday
18:24 jturitto joined #dataverse
18:24 jturitto left #dataverse
18:30 donsizemore @pdurbin so, the role already pulls and sets the root user's api token for its sample data run. this API token lookup is just a standalone setting you want turned on via group_var switch?
18:31 pdurbin yep, exactly
18:31 pdurbin We built this for OSF originally.
18:32 pdurbin They wanted a way to get a user's API token based on a username and password.
18:32 pdurbin Maybe we shouldn't have added it, but we did.
18:32 pdurbin At least it's off by default. :)
18:35 donsizemore so, what's the relation of your script to the setting? (all ansible will do is set this to true, yes?)
18:36 pdurbin I'm creating sample data using pyDataverse. Like my Open Source at Harvard dataset. To create anything I need an API token.
18:37 pdurbin And I'm not on the server running Dataverse.
18:39 donsizemore testing now
18:45 pdurbin cool
18:45 pdurbin I think I'll try to rewrite my scripty from bash to pyDataverse
18:45 pdurbin there's a nice generic "get_request" function
18:56 pdurbin I'm using it here: https://github.com/IQSS/dataverse-sample-data/commit/4c85a6a
18:57 donsizemore you gots two pull requests
18:58 pdurbin Looking. Why did you add an "@" before "dataverse/defaults/main.yml"?
19:04 donsizemore doesn't it require the @ to read in JSON/YAML?
19:04 donsizemore you can pass key-values at the CLI, but to read in a file you need the @
19:11 pdurbin It works fine without the @.
19:12 donsizemore ah, ok.
19:12 pdurbin so can we take it out? :)
19:13 donsizemore as long as it works
19:16 pdurbin trying it again now with no @ on 80_allow_api_token_lookup and allow_lookup set to true
19:26 pdurbin seems to work fine with no @
19:35 donsizemore bah. stupid table!
19:35 pdurbin heh
19:36 donsizemore i'll fix both
19:36 pdurbin thanks
19:36 pdurbin I merged the api token one. Thanks!
19:42 sachaj joined #dataverse
19:47 pdurbin sachaj: hi! I gotta run but maybe you met donsizemore last week.
20:26 sachaj hi phil, i only just briefly met don as I was leaving. just testing out the chat room here.
20:32 pdurbin_m joined #dataverse
20:33 pdurbin_m sachaj: this chat room has issues: https://github.com/IQSS/chat.dataverse.org/issues :)
20:52 pdurbin but I hope you enjoy it :)
20:54 donsizemore oh... duh. @pdurbin i had RST in mind instead of MD. hence the table silliness
20:54 pdurbin ah
20:54 pdurbin I hate messing with tables in both rst and markdown.

| Channels | #dataverse index | Today | | Search | Google Search | Plain-Text | plain, newest first | summary

Connect via chat.dataverse.org to discuss Dataverse (dataverse.org, an open source web application for sharing, citing, analyzing, and preserving research data) with users and developers.