tidy

broadinstitute · Oct 19, 2023 · 8d3a2e7 · 8d3a2e7
1 parent aa1bc52
commit 8d3a2e7
Show file tree

Hide file tree

Showing 2 changed files with 38 additions and 44 deletions.
diff --git a/filesystems/blob/src/main/scala/cromwell/filesystems/blob/BlobPathBuilder.scala b/filesystems/blob/src/main/scala/cromwell/filesystems/blob/BlobPathBuilder.scala
@@ -193,29 +193,23 @@ case class BlobPath private[blob](pathString: String, endpoint: EndpointURL, con
     if(container.value.startsWith("sc-")) Try(UUID.fromString(container.value.substring(3))) else Failure(new Exception("Could not parse workspace ID from storage container"))
   }
 
-  def containerWSMResourceId: Try[UUID] = {
-    val wsmGenerator: Option[WSMBlobSasTokenGenerator] = fsm.blobTokenGenerator match {
-      case wsmGenerator: WSMBlobSasTokenGenerator => Option(wsmGenerator)
-      case _: Any => None
+  private def getWSMTokenGenerator: Try[WSMBlobSasTokenGenerator] = {
+    fsm.blobTokenGenerator match {
+      case wsmGenerator: WSMBlobSasTokenGenerator => Try(wsmGenerator)
+      case _: Any => Failure(new NoSuchElementException("This blob file does not have an associated WSMBlobSasTokenGenerator"))
     }
-    val workspaceId: Try[UUID] = parseTerraWorkspaceIdFromPath
-    val wsmAuth: Try[String] = wsmGenerator.get.getWsmAuth
-
-    Try(wsmGenerator.get.getContainerResourceId(workspaceId.get, container, wsmAuth.get)).flatten
+  }
+  def containerWSMResourceId: Try[UUID] = {
+    for {
+      generator <- getWSMTokenGenerator
+      workspaceId <- parseTerraWorkspaceIdFromPath
+      wsmAuth <- generator.getWsmAuth
+      resourceId <- generator.getContainerResourceId(workspaceId, container, wsmAuth)
+    } yield resourceId
   }
 
   def wsmEndpoint: Try[String] = {
-    val wsmGenerator: Option[WSMBlobSasTokenGenerator] = fsm.blobTokenGenerator match {
-      case wsmGenerator: WSMBlobSasTokenGenerator => Option(wsmGenerator)
-      case _: Any => None
-    }
-    val maybeEndpoint = wsmGenerator.map{generator =>
-      generator.wsmClientProvider.getBaseWorkspaceManagerUrl
-    }
-    maybeEndpoint match {
-      case endpoint: Some[String] => Try(endpoint.value)
-      case _ => Failure(new NoSuchElementException("Could not determine WSM API endpoint."))
-    }
+    getWSMTokenGenerator.map(generator => generator.wsmClientProvider.getBaseWorkspaceManagerUrl)
   }
 
   override def getSymlinkSafePath(options: LinkOption*): Path  = toAbsolutePath

diff --git a/...kends/tes/src/main/scala/cromwell/backend/impl/tes/TesAsyncBackendJobExecutionActor.scala b/...kends/tes/src/main/scala/cromwell/backend/impl/tes/TesAsyncBackendJobExecutionActor.scala
@@ -70,39 +70,39 @@ object TesAsyncBackendJobExecutionActor {
   }
 
   /* Under certain situations (and only on Terra), we want the VM running a TES task to have the ability to acquire a
-   * fresh SaS token for itself. In order to be able to do this, we must provide the task execution script with a
-   * WSM endpoint, WorkspaceID, and container resource ID. The task VM will use the user assigned managed identity that
-   * it is running as in order to authenticate.
+   * fresh sas token for itself. In order to be able to do this, we provide it with a precomputed endpoint it can use.
+   * This endpoint will contain the WSM root, WorkspaceID, and container resource ID.
+   * The task VM will use the user assigned managed identity that it is running as in order to authenticate.
    */
-  def getLocalizedSasTokenParams(taskInputs: List[Input], pathGetter: String => Try[Path]): Option[LocalizedSasTokenParams] = {
+  def getLocalizedSasTokenParams(taskInputs: List[Input], pathGetter: String => Try[Path]): Option[String] = {
     val shouldLocalizeSas = true //TODO: Make this a Workflow Option or come from the WDL
-    if (!shouldLocalizeSas || taskInputs.isEmpty) return None
+    if (!shouldLocalizeSas) return None
 
-    val templateInput = taskInputs.head
-    val templateValidatedBlob = BlobPathBuilder.validateBlobPath(templateInput.url.getOrElse("NotValid"))
-    if(templateValidatedBlob.equals("")) return None
+    val blobFiles = taskInputs.collect{ //Collect all inputs with URLs defined as (in)valid blob paths
+      case input if input.url.isDefined => BlobPathBuilder.validateBlobPath(input.url.get)
+    }.collect{ //Collect only the valid blob paths
+      case valid: BlobPathBuilder.ValidBlobPath => valid
+    }
 
-    val blobFiles: List[ValidBlobPath] = taskInputs.map {
-      input => BlobPathBuilder.validateBlobPath(input.url.getOrElse("NotValid"))
-    }.collect {
-      case c: BlobPathBuilder.ValidBlobPath => c
+    if(blobFiles.isEmpty) return None
+    //We use the first blob file in the list as a template for determining the localized sas params
+    val blobPath: Try[BlobPath] = pathGetter(blobFiles.head.toUrl).getOrElse(None) match {
+      case blob: BlobPath => Try(blob)
+      case _: Any => Failure(new UnsupportedOperationException("Could not convert path into Blob path"))
     }
 
-    val templateBlobFile = blobFiles.head
-    val url = templateBlobFile.toUrl
-    val initialPath: Try[Path] = pathGetter(url)
-    val blobPath: Option[BlobPath] = initialPath.get match {
-      case blob: BlobPath => Option(blob)
+    val sasTokenEndpoint = for {
+      blob <- blobPath
+      wsmEndpoint <- blob.wsmEndpoint
+      workspaceId <- blob.parseTerraWorkspaceIdFromPath
+      containerResourceId <- blob.containerWSMResourceId
+      endpoint = s"$wsmEndpoint/$workspaceId/resources/controlled/azure/storageContainer/$containerResourceId/getSasToken"
+    } yield endpoint
+
+    sasTokenEndpoint match {
+      case good: Success[String] => Some(good.value)
       case _: Any => None
     }
-
-    val uuid: Try[UUID] = blobPath.get.containerWSMResourceId
-    if(!uuid.isSuccess) return None
-    val container = templateBlobFile.container
-    val maybeWorkspaceId = blobPath
-    val tryWsm = blobPath.get.wsmEndpoint
-    val wsmEndpoint = tryWsm.getOrElse("invalid")
-    maybeWorkspaceId.map(workspaceId => LocalizedSasTokenParams(wsmEndpoint, container.value, blobPath.get.containerWSMResourceId.get.toString))
   }
 }