Use SG API key for creating session and remove login functionality #58
Conversation
…y module to login
… together and set basic published file type functionality
…te some other relevant fields on the version
|
Love these changes Fabia, I agree with the removal of an SG password and using the server SG API key for auth. |
yeah ideally with the SSO feature of Ayon https://community.ynput.io/t/sso-active-directory-integration/259/12 this would be consolidated. However, this is not an issue as long as whatever you pass as |
| @@ -141,3 +168,43 @@ def process(self, instance): | |||
| ) | |||
| instance.data["shotgridPublishedFile"] = sg_published_file | |||
|
|
|||
| def _find_published_file_type(self, instance, filepath, representation): | |||
There was a problem hiding this comment.
this function is a pretty simplistic way to set some types on the PublishedFiles of SG and it relies on setting these on your SG instance:
There was a problem hiding this comment.
Yeah this is great too, how would you select what SH publish type (representation) you're publishing too?
Do I need to make sure I name the SG and AYON representations exactly the same?
There was a problem hiding this comment.
atm I'm not making use of the Ayon family or representation name, I'm purely basing it off the extension of the file type and you don't have to do anything extra, just that this function detects all the file types you want to track
Summary field must be a dict. Human readable description of an event should go to description. Passing strings to summary causes 419 errors.
|
|
||
| if not sg_username or not sg_password: | ||
| return None | ||
| sg_username = os.getenv("AYON_SG_USERNAME") |
There was a problem hiding this comment.
Where do you normally define this environment variable, and what should happen if it's not set empty?
There was a problem hiding this comment.
on my case I'm actually just using $USER as all our artists machines have that defined so we don't need any extra user input to define their login for SG but that's why I left it open to discuss. We could potentially expose an option on the settings where admins can choose any existing env var to use as SG login and/or optionally expose the login menu so each user can set it themselves on the registry
|
Hey! Thanks for the contribution :D I just got around trying this, and I'm getting an error when trying to publish: Setting ERROR:pyblish.CollectShotgridSession:Failed to connect to Shotgrid.
Traceback (most recent call last):
File "/home/minkiu/.local/share/AYON/addons/shotgrid_0.2.10/ayon_shotgrid/plugins/publish/collect_shotgrid_session.py", line 30, in process
sg_session = shotgrid_module.create_shotgrid_session()
File "/home/minkiu/.local/share/AYON/addons/shotgrid_0.2.10/ayon_shotgrid/addon.py", line 46, in create_shotgrid_session
return credentials.create_sg_session(
File "/home/minkiu/.local/share/AYON/addons/shotgrid_0.2.10/ayon_shotgrid/lib/credentials.py", line 29, in create_sg_session
session.preferences_read()
File "/home/minkiu/.local/share/AYON/dependency_packages/ayon_2312081315_linux.zip/dependencies/shotgun_api3/shotgun.py", line 3262, in preferences_read
return self._call_rpc("preferences_read", {"prefs": prefs})
File "/home/minkiu/.local/share/AYON/dependency_packages/ayon_2312081315_linux.zip/dependencies/shotgun_api3/shotgun.py", line 3423, in _call_rpc
self._response_errors(response)
File "/home/minkiu/.local/share/AYON/dependency_packages/ayon_2312081315_linux.zip/dependencies/shotgun_api3/shotgun.py", line 3722, in _response_errors
raise AuthenticationFault(sg_response.get("message", "Unknown Authentication Error"))
shotgun_api3.shotgun.AuthenticationFault: Cannot 'sudo' - unknown or retired user: 'admin'
ERROR:pyblish.plugin:Traceback (most recent call last):
File "/home/minkiu/.local/share/AYON/addons/shotgrid_0.2.10/ayon_shotgrid/plugins/publish/collect_shotgrid_session.py", line 30, in process
sg_session = shotgrid_module.create_shotgrid_session()
File "/home/minkiu/.local/share/AYON/addons/shotgrid_0.2.10/ayon_shotgrid/addon.py", line 46, in create_shotgrid_session
return credentials.create_sg_session(
File "/home/minkiu/.local/share/AYON/addons/shotgrid_0.2.10/ayon_shotgrid/lib/credentials.py", line 29, in create_sg_session
session.preferences_read()
File "/home/minkiu/.local/share/AYON/dependency_packages/ayon_2312081315_linux.zip/dependencies/shotgun_api3/shotgun.py", line 3262, in preferences_read
return self._call_rpc("preferences_read", {"prefs": prefs})
File "/home/minkiu/.local/share/AYON/dependency_packages/ayon_2312081315_linux.zip/dependencies/shotgun_api3/shotgun.py", line 3423, in _call_rpc
self._response_errors(response)
File "/home/minkiu/.local/share/AYON/dependency_packages/ayon_2312081315_linux.zip/dependencies/shotgun_api3/shotgun.py", line 3722, in _response_errors
raise AuthenticationFault(sg_response.get("message", "Unknown Authentication Error"))
shotgun_api3.shotgun.AuthenticationFault: Cannot 'sudo' - unknown or retired user: 'admin'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/minkiu/.local/share/AYON/dependency_packages/ayon_2312081315_linux.zip/dependencies/pyblish/plugin.py", line 527, in __explicit_process
runner(*args)
File "/home/minkiu/.local/share/AYON/addons/shotgrid_0.2.10/ayon_shotgrid/plugins/publish/collect_shotgrid_session.py", line 34, in process
raise KnownPublishError(
openpype.pipeline.publish.publish_plugins.KnownPublishError: Could not connect to Shotgrid https://ynput.shotgrid.autodesk.com with user admin.
Traceback (most recent call last):
File "/home/minkiu/.local/share/AYON/addons/shotgrid_0.2.10/ayon_shotgrid/plugins/publish/collect_shotgrid_session.py", line 30, in process
sg_session = shotgrid_module.create_shotgrid_session()
File "/home/minkiu/.local/share/AYON/addons/shotgrid_0.2.10/ayon_shotgrid/addon.py", line 46, in create_shotgrid_session
return credentials.create_sg_session(
File "/home/minkiu/.local/share/AYON/addons/shotgrid_0.2.10/ayon_shotgrid/lib/credentials.py", line 29, in create_sg_session
session.preferences_read()
File "/home/minkiu/.local/share/AYON/dependency_packages/ayon_2312081315_linux.zip/dependencies/shotgun_api3/shotgun.py", line 3262, in preferences_read
return self._call_rpc("preferences_read", {"prefs": prefs})
File "/home/minkiu/.local/share/AYON/dependency_packages/ayon_2312081315_linux.zip/dependencies/shotgun_api3/shotgun.py", line 3423, in _call_rpc
self._response_errors(response)
File "/home/minkiu/.local/share/AYON/dependency_packages/ayon_2312081315_linux.zip/dependencies/shotgun_api3/shotgun.py", line 3722, in _response_errors
raise AuthenticationFault(sg_response.get("message", "Unknown Authentication Error"))
shotgun_api3.shotgun.AuthenticationFault: Cannot 'sudo' - unknown or retired user: 'admin'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/minkiu/.local/share/AYON/dependency_packages/ayon_2312081315_linux.zip/dependencies/pyblish/plugin.py", line 527, in __explicit_process
runner(*args)
File "/home/minkiu/.local/share/AYON/addons/shotgrid_0.2.10/ayon_shotgrid/plugins/publish/collect_shotgrid_session.py", line 34, in process
raise KnownPublishError(
openpype.pipeline.publish.publish_plugins.KnownPublishError: Could not connect to Shotgrid https://ynput.shotgrid.autodesk.com with user admin.And when setting it to ERROR:pyblish.plugin:Traceback (most recent call last):
File "/home/minkiu/.local/share/AYON/dependency_packages/ayon_2312081315_linux.zip/dependencies/pyblish/plugin.py", line 527, in __explicit_process
runner(*args)
File "/home/minkiu/.local/share/AYON/addons/shotgrid_0.2.10/ayon_shotgrid/plugins/publish/validate_shotgrid_user.py", line 33, in process
admin = sg_user["permission_rule_set"]["name"] == "Admin"
TypeError: 'NoneType' object is not subscriptable
Traceback (most recent call last):
File "/home/minkiu/.local/share/AYON/dependency_packages/ayon_2312081315_linux.zip/dependencies/pyblish/plugin.py", line 527, in __explicit_process
runner(*args)
File "/home/minkiu/.local/share/AYON/addons/shotgrid_0.2.10/ayon_shotgrid/plugins/publish/validate_shotgrid_user.py", line 33, in process
admin = sg_user["permission_rule_set"]["name"] == "Admin"
TypeError: 'NoneType' object is not subscriptableUnsure if it's cause it's "Admin", but at the moment we don't have more seats in SG. |
And are you sure you have an |
Sorry for the late reply, |
|
Thanks for your contribution! Merging. |
|
Not sure why the login functionality was removed. This is not working and breaking the addon completely . . . |
it works for us while the login functionality didn't. You just need to provide a way to fill up the user env var, either automatically through the Ayon login logic or on the general environments. Or if you'd rather bring that login dialog back, it should be just another optional way to provide the user login |
|
there is no mention of any user env in the Readme file. good to hear it is working for you, but everyone else needs to dig through the code to figure out how to log in to Shotgrid and why it is not working. |
really the same counter argument with the prior iteration with the login -> no readme and not working haha I think we just need to put some more hands on this codebase and give it some love for the rest, as it is it's not in a state of plug and play and have fun, it's never been for SG <-> OP/Ayon |
|
I am considering the feasibility of reinstating the original functionality that was removed in this pull request, within the context of the addon studio settings. My recommendation would be to have both options available, but with the environment variable workflow being the default. However, if anyone wishes to utilize the logging functionality from AY Desktop tray menu, they could easily activate it. |
|
The question is what is the SG user good for actually, if all interaction is happening using sg_script API key. Why is it different from ftrack integration? How do we deal with different user permissions in Ayon? Does it mean a user with limited permissions in Ayon has unlimited access to SG? etc.. |
How is the ftrack integration? A user with limited permissions in Ayon won't really have unlimited access to SG as the frontend is blocking him from accessing any of the projects he doesn't have access. Of course a technical artist could always figure out the API to grab the session and do queries or publishes to any project with the API key but I wouldn't worry about that, it's really the same paradigm as in Ayon once you know about the API key |
This removes the need for logging in to SG through the Tray and just make use of the API key +
sudo_as_loginto integrate into SG. We are already doing extra validations of the user if it exists in SG to also need them to type yet another password... which in some studios might have the 2FA authentication and make this even more complicated. Unless we can enable SSO authentication across Ayon and SG I don't see any value for us on enabling this. On our use case I make use ofos.getenv("USER")instead ofAYON_SG_USERbut on this case we might need them to be able to type what's their SG user if for any reason that differs from the Ayon username.On the other hand, I bring here some of the changes that we have done on the OP shotgrid module to make it work better for our needs: