search

cylc / cylc-uiserver

A Jupyter Server extension that serves the cylc-ui web application for monitoring and controlling Cylc workflows.
https://cylc.org
GNU General Public License v3.0
15 stars 18 forks source link

UI Server Configuration does not seem to honour $CYLC_SITE_CONF_PATH environment variable #565

Open jarich opened 7 months ago

jarich commented 7 months ago

Description

The documentation suggests that the $CYLC_SITE_CONF_PATH environment variable can be set to advise Cylc UI Servers where to find the jupyter_config.py file. When running the Cylc Hub with sudospawner, setting the $CYLC_SITE_CONF_PATH in sudospawner-singleuser:

#!/bin/bash -l
export CYLC_SITE_CONF_PATH="/data/jupyterhub/config/"
# Delegate to the Cylc hub server
exec "$(dirname "$0")/cylc" "hubapp" $@

does not result in the jupyter_config.py in that directory being used.

Further, if the jupyter_config.py in the Cylc Hub's pre-packaged default location <CONDA_ENV>/site-packages/cylc/uiserver/jupyter_config.py is not readable by the workflow owner, no permissions are provided but no warning is raised either. This makes debugging site_authorization issues a little harder.

Reproducible Example

Spawn a UI server, after exporting CYLC_SITE_CONF_PATH to be a different directory, with an all-user readable jupyter_config.py that grants access to other users.

Make sure that the UI server's pre-packaged default location for jupyter_config.py is unreadable to non-owner users/and or does not grant any access to other users.

Attempt to connect to that UI server as another user. Note that access is not granted.

Expected Behaviour

Exporting CYLC_SITE_CONF_PATH before calling cylc hubapp would result in the jupyter_config.py file under that directory to be used.

If no jupyter_config.py files are found/readable, a warning is printed in addition to stating that users have no access.

wxtim commented 4 months ago

File Readable but not found

#!/bin/bash -l
export CYLC_SITE_CONF_PATH="/data/jupyterhub/config/"
# Delegate to the Cylc hub server
exec "$(dirname "$0")/cylc" "hubapp" $@

does not result in the jupyter_config.py in that directory being used.

I don't think I'd expect that to work - in the same way that ~/.cylc/global.cylc won't work - the pattern is location/app_name/config_file. _reference_

This only works for me if /data/jupyterhub/config/ contains a uiserver folder, but by putting print('HI') in my config I demonstrated that it does work.

File found but not readable

This isn't a Cylc feature, but a Jupyter Server feature, special handling of this behaviour is not reasonable. I think this ought to be a change in Jupyter server, assuming they are happy to have it.