EIC code displayed by LXR master/​swf-monitor/​src/​swf_monitor_project/​settings.py	Source navigation Diff markup Identifier search General search
	Version: master test Revert   Change

File indexing completed on 2026-04-25 08:29:11

 """
 Django settings for swf_monitor_project project.
 
 Generated by 'django-admin startproject' using Django 4.2.23.
 
 For more information on this file, see
 https://docs.djangoproject.com/en/4.2/topics/settings/
 
 For the full list of settings and their values, see
 https://docs.djangoproject.com/en/4.2/ref/settings/
 """
 
 from pathlib import Path
 import os
 from decouple import config
 
 # Build paths inside the project like this: BASE_DIR / 'subdir'.
 BASE_DIR = Path(__file__).resolve().parent.parent
 
 # Rucio client reads these from os.environ directly, so bridge them from the
 # .env-loaded config. No-op if unset (e.g. in dev).
 for _k in ("X509_USER_PROXY", "RUCIO_ACCOUNT", "RUCIO_HOST", "RUCIO_AUTH_HOST"):
     _v = config(_k, default=None)
     if _v:
         os.environ[_k] = _v
 
 
 # Quick-start development settings - unsuitable for production
 # See https://docs.djangoproject.com/en/4.2/howto/deployment/checklist/
 
 # SECURITY WARNING: keep the secret key used in production secret!
 # SECRET_KEY = "django-insecure--np2=%3ftuxijbpmtb8nf0=ux$4_%e)ye&l829((8olx&8z2*d"
 SECRET_KEY = config("SECRET_KEY")
 
 # SECURITY WARNING: don't run with debug turned on in production!
 # Set DEBUG to False in production by setting the environment variable DEBUG=False
 DEBUG = config('DEBUG', default=True, cast=bool)
 
 # Define allowed hosts. 
 # IMPORTANT: Use SWF_ALLOWED_HOSTS environment variable to configure allowed hosts.
 # This is a comma-separated list of domain names/IP addresses that can serve this application.
 # Example: SWF_ALLOWED_HOSTS=swf-monitor.example.com,www.swf-monitor.example.com,10.0.0.1
 # 
 # Security Note: Never hardcode production hostnames in this file. Always use environment variables
 # to avoid exposing infrastructure details in the codebase.
 ALLOWED_HOSTS = []
 
 # Get allowed hosts from environment variable SWF_ALLOWED_HOSTS
 allowed_hosts_str = config('SWF_ALLOWED_HOSTS', default='')
 if allowed_hosts_str:
     ALLOWED_HOSTS = [host.strip() for host in allowed_hosts_str.split(',')]
 elif DEBUG:
     # Only use default localhost values in development when SWF_ALLOWED_HOSTS is not set
     ALLOWED_HOSTS = ['localhost', '127.0.0.1', 'testserver']
 else:
     # In production, SWF_ALLOWED_HOSTS must be set or Django will raise ImproperlyConfigured
     # This is a security feature to prevent the site from running with improper host validation
     pass
 
 
 # Application definition
 
 INSTALLED_APPS = [
     "daphne",  # Add daphne for ASGI server
     "channels",  # Add channels for WebSocket support
     # "mcp_app",  # Replaced by mcp_server (proper MCP spec implementation)
     "mcp_server",  # django-mcp-server for Model Context Protocol
     "oauth2_provider",  # OAuth2 authentication for MCP
     "django.contrib.admin",
     "django.contrib.auth",
     "django.contrib.contenttypes",
     "django.contrib.sessions",
     "django.contrib.messages",
     "django.contrib.staticfiles",
     "pcs",  # Physics Configuration System
     "monitor_app",  # Changed from "swf_monitor_project.monitor_app"
     "django_dbml",  # For schema diagram generation
     # Third-party apps
     "rest_framework",
     "drf_spectacular",
     "rest_framework.authtoken",
     "django_seed",
     "django_extensions",
 ]
 
 MIDDLEWARE = [
     "django.middleware.security.SecurityMiddleware",
     "whitenoise.middleware.WhiteNoiseMiddleware",
     "django.contrib.sessions.middleware.SessionMiddleware",
     "django.middleware.common.CommonMiddleware",
     "django.middleware.csrf.CsrfViewMiddleware",
     "monitor_app.middleware.MCPAuthMiddleware",  # Auth0 OAuth for MCP
     "django.contrib.auth.middleware.AuthenticationMiddleware",
     "monitor_app.middleware.TunnelAuthMiddleware",
     "django.contrib.messages.middleware.MessageMiddleware",
     "django.middleware.clickjacking.XFrameOptionsMiddleware",
 ]
 
 ROOT_URLCONF = "swf_monitor_project.urls"
 
 TEMPLATES = [
     {
         "BACKEND": "django.template.backends.django.DjangoTemplates",
         "DIRS": [os.path.join(BASE_DIR, 'templates')],
         "APP_DIRS": True,
         "OPTIONS": {
             "context_processors": [
                 "django.template.context_processors.debug",
                 "django.template.context_processors.request",
                 "django.contrib.auth.context_processors.auth",
                 "django.contrib.messages.context_processors.messages",
                 "monitor_app.middleware.tunnel_context",
             ],
         },
     },
 ]
 
 WSGI_APPLICATION = "swf_monitor_project.wsgi.application"
 ASGI_APPLICATION = "swf_monitor_project.asgi.application"  # Added ASGI application
 
 
 # Database
 # https://docs.djangoproject.com/en/5.0/ref/settings/#databases
 
 DATABASES = {
     "default": {
         "ENGINE": "django.db.backends.postgresql",
         "NAME": config("DB_NAME", default="swfdb"),
         "USER": config("DB_USER", default="admin"),
         "PASSWORD": config("DB_PASSWORD", default="dummy"),
         "HOST": config("DB_HOST", default="localhost"),
         "PORT": config("DB_PORT", default="5432"),
     },
     "panda": {
         "ENGINE": "django.db.backends.postgresql",
         "NAME": config("PANDA_DB_NAME", default="panda_db"),
         "USER": config("PANDA_DB_USER", default="panda"),
         "PASSWORD": config("PANDA_DB_PASSWORD", default="dummy"),
         "HOST": config("PANDA_DB_HOST", default="pandadb01.sdcc.bnl.gov"),
         "PORT": config("PANDA_DB_PORT", default="5432"),
     },
     "idds": {
         "ENGINE": "django.db.backends.postgresql",
         "NAME": config("IDDS_DB_NAME", default="idds_db"),
         "USER": config("IDDS_DB_USER", default="idds"),
         "PASSWORD": config("IDDS_DB_PASSWORD", default="dummy"),
         "HOST": config("IDDS_DB_HOST", default="pandadb01.sdcc.bnl.gov"),
         "PORT": config("IDDS_DB_PORT", default="5432"),
         "OPTIONS": {
             "options": f"-c search_path={config('IDDS_DB_SCHEMA', default='doma_idds')}"
         },
     }
 }
 
 
 # Password validation
 # https://docs.djangoproject.com/en/4.2/ref/settings/#auth-password-validators
 
 AUTH_PASSWORD_VALIDATORS = [
     {
         "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator",
     },
     {
         "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",
     },
     {
         "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",
     },
     {
         "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator",
     },
 ]
 
 
 # Internationalization
 # https://docs.djangoproject.com/en/4.2/topics/i18n/
 
 LANGUAGE_CODE = "en-us"
 
 TIME_ZONE = config('DISPLAY_TIMEZONE', default='America/New_York')
 
 USE_I18N = True
 
 USE_TZ = True
 
 
 # Subpath deployment configuration
 # For production deployments served under a subpath (e.g., /swf-monitor/)
 DEPLOYMENT_SUBPATH = config('SWF_DEPLOYMENT_SUBPATH', default='')
 
 if DEPLOYMENT_SUBPATH:
     # Production subpath deployment
     FORCE_SCRIPT_NAME = DEPLOYMENT_SUBPATH
     STATIC_URL = config('SWF_STATIC_URL_BASE', default=f'{DEPLOYMENT_SUBPATH}/static/')
     LOGIN_REDIRECT_URL = config('SWF_LOGIN_REDIRECT', default=f'{DEPLOYMENT_SUBPATH}/prod/')
     LOGOUT_REDIRECT_URL = config('SWF_LOGOUT_REDIRECT', default=DEPLOYMENT_SUBPATH + '/prod/')
 else:
     # Development defaults (no subpath)
     STATIC_URL = "static/"
     LOGIN_REDIRECT_URL = '/prod/'
     LOGOUT_REDIRECT_URL = '/prod/'
 
 # Static files (CSS, JavaScript, Images)
 # https://docs.djangoproject.com/en/4.2/howto/static-files/
 
 STATICFILES_DIRS = [os.path.join(BASE_DIR, 'static')]
 STATIC_ROOT = os.path.join(BASE_DIR, 'staticfiles')
 
 # WhiteNoise configuration
 STATICFILES_STORAGE = "whitenoise.storage.CompressedManifestStaticFilesStorage"
 
 LOGIN_URL = 'login'
 
 
 # Default primary key field type
 # https://docs.djangoproject.com/en/4.2/ref/settings/#default-auto-field
 
 DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
 
 
 # Django REST framework settings
 REST_FRAMEWORK = {
     # Use Django's standard `django.contrib.auth` permissions,
     # or allow read-only access for unauthenticated users.
     "DEFAULT_PERMISSION_CLASSES": [
         "rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly"
     ],
     "DEFAULT_SCHEMA_CLASS": "drf_spectacular.openapi.AutoSchema",
     "DEFAULT_RENDERER_CLASSES": [
         "rest_framework.renderers.JSONRenderer",
         "rest_framework.renderers.BrowsableAPIRenderer",
     ],
 }
 
 SPECTACULAR_SETTINGS = {
     "TITLE": "SWF Monitor API",
     "DESCRIPTION": "API for the ePIC Streaming Workflow Testbed Monitor",
     "VERSION": "1.0.0",
     "SERVE_INCLUDE_SCHEMA": False,
     # OTHER SETTINGS
 }
 
 # OAuth2 Provider settings for MCP authentication
 OAUTH2_PROVIDER = {
     "SCOPES": {
         "read": "Read access to MCP tools",
         "write": "Write access to MCP tools",
     },
     "ACCESS_TOKEN_EXPIRE_SECONDS": 3600,
 }
 
 # Auth0 OAuth 2.1 Configuration (for Claude.ai MCP integration)
 # Leave empty to disable OAuth and allow direct MCP access
 AUTH0_DOMAIN = config("AUTH0_DOMAIN", default="")
 AUTH0_CLIENT_ID = config("AUTH0_CLIENT_ID", default="")
 AUTH0_CLIENT_SECRET = config("AUTH0_CLIENT_SECRET", default="")
 AUTH0_API_IDENTIFIER = config("AUTH0_API_IDENTIFIER", default="")
 AUTH0_ALGORITHMS = ["RS256"]
 
 # Django MCP Server configuration
 DJANGO_MCP_GLOBAL_SERVER_CONFIG = {
     "name": "swf-testbed",
     "instructions": """Streaming workflow orchestration testbed for the ePIC experiment at the Electron Ion Collider.
 
 KEY CONCEPTS:
 - Namespaces: Isolation boundaries for different users' workflow runs (e.g., 'torre1', 'wenauseic')
 - Runs: Data-taking periods identified by run_number, containing multiple STF files
 - STF files: Super Time Frame files - primary data units from the detector DAQ system
 - TF slices: Small processing units (~15 per STF) for fast monitoring workflow
 - Agents: Processes that execute workflows (daq_simulator, data_agent, processing_agent, etc.)
 - Workflow executions: Instances of running workflows, tracked by execution_id
 
 COMMON QUERIES:
 - What's running now? → swf_list_workflow_executions(currently_running=True)
 - Any errors? → swf_list_logs(level='ERROR')
 - System health? → swf_get_system_state()
 - Activity in a namespace? → swf_get_namespace(namespace='name')
 - Failed workflows? → swf_list_workflow_executions(status='failed')
 - Send announcement/test message? → swf_send_message(message='...', message_type='announcement')
 - What's PanDA doing? → panda_get_activity() — compact overview, no individual records
 - PanDA task overview? → panda_list_tasks(days=7)
 - Failed PanDA tasks? → panda_list_tasks(status='failed')
 - EIC experiment tasks? → panda_list_tasks(workinggroup='EIC')
 - Production tasks? → panda_list_tasks(processingtype='epicproduction')
 - Top errors? → panda_error_summary(days=7)
 - Errors for a user? → panda_error_summary(username='someone')
 - Deep dive on a failed job? → panda_study_job(pandaid=130497)
 - EIC queues? → panda_list_queues(vo='eic')
 - Queue config? → panda_get_queue(panda_queue='NERSC_Perlmutter_epic')
 - Core-hours this month? → panda_resource_usage(days=30)
 - Core-hours on Perlmutter? → panda_resource_usage(days=30, site='NERSC_Perlmutter%')
 - What is PCS? → PCS = Physics Configuration System, manages configuration of production tasks based on physics inputs
 - List physics tags? → pcs_list_tags(tag_type='p')
 - What is tag p1001? → pcs_get_tag(tag_label='p1001')
 - Reco tags? → pcs_list_tags(tag_type='r')
 - Photoproduction tags? → pcs_search_tags(query='photoproduction')
 - DIS tags? → pcs_list_tags(tag_type='p', category='DIS')
 - Tags using pythia8? → pcs_search_tags(query='pythia8')
 
 PCS (Physics Configuration System):
 PCS manages the configuration of production tasks based on physics inputs for ePIC Monte Carlo simulation campaigns. Configurations are
 organized as tags — named parameter sets for each pipeline stage:
 - Physics tags (p): process, beam energies, species, Q2 range (e.g. p1001 = DIS NC 10x100 ep)
 - EvGen tags (e): event generator and version (e.g. e1 = pythia8 8.310)
 - Simu tags (s): detector simulation config (e.g. s1 = npsim 26.02.0)
 - Reco tags (r): reconstruction config (e.g. r1 = eicrecon 26.02.0)
 Physics tags are grouped by category: DIS (p1xxx), DVCS (p2xxx), SIDIS (p3xxx), EXCLUSIVE (p4xxx).
 Tags are draft (editable) or locked (immutable, for production use).
 
 AFTER swf_start_workflow — ACTIVELY POLL, DO NOT SLEEP:
 Poll swf_get_workflow_monitor(execution_id) every 10-15s until completion.
 Report progress to user as it evolves. Check swf_list_logs(level='ERROR') after.
 
 FILTERING:
 - All list tools support start_time/end_time parameters (ISO datetime strings)
 - Status filters are case-insensitive
 - Context cascades: run_number → stf_filename → tf_filename
 
 Use swf_list_available_tools() to see all available tools with descriptions.""",
 }
 
 # MCP endpoint path (empty string since we mount at /mcp/ in urls.py)
 DJANGO_MCP_ENDPOINT = ""
 
 # MCP authentication - start with no auth for development, enable OAuth2 for production
 # DJANGO_MCP_AUTHENTICATION_CLASSES = [
 #     "oauth2_provider.contrib.rest_framework.OAuth2Authentication",
 # ]
 
 # ActiveMQ Settings
 ACTIVEMQ_HOST = config('ACTIVEMQ_HOST', default='localhost')
 ACTIVEMQ_PORT = config('ACTIVEMQ_PORT', default=61612, cast=int)
 ACTIVEMQ_USER = config('ACTIVEMQ_USER', default='admin')
 ACTIVEMQ_PASSWORD = config('ACTIVEMQ_PASSWORD', default='admin')
 ACTIVEMQ_HEARTBEAT_TOPIC = config('ACTIVEMQ_HEARTBEAT_TOPIC', default='/topic/heartbeat') # Updated to working topic
 ACTIVEMQ_USE_SSL = config('ACTIVEMQ_USE_SSL', default=False, cast=bool)
 ACTIVEMQ_SSL_CERT_FILE = config('ACTIVEMQ_SSL_CERT_FILE', default='')
 ACTIVEMQ_SSL_KEY_FILE = config('ACTIVEMQ_SSL_KEY_FILE', default='')
 ACTIVEMQ_SSL_CA_CERTS = config('ACTIVEMQ_SSL_CA_CERTS', default='')
 
 # Channel layer settings
 # Use Redis in production if REDIS_URL is set; otherwise fall back to in-memory (single process only)
 REDIS_URL = config('REDIS_URL', default='')
 if REDIS_URL:
     CHANNEL_LAYERS = {
         "default": {
             "BACKEND": "channels_redis.core.RedisChannelLayer",
             "CONFIG": {
                 "hosts": [REDIS_URL],
             },
         }
     }
 else:
     CHANNEL_LAYERS = {
         "default": {
             "BACKEND": "channels.layers.InMemoryChannelLayer"
         }
     }
 
 # SSE relay group name
 SSE_CHANNEL_GROUP = config('SSE_CHANNEL_GROUP', default='workflow_events')
 
 # Basic Logging Configuration
 # Set DJANGO_LOGGING_MODE='none' to disable all logging configuration (useful for schema generation, etc.)
 LOGGING_MODE = os.getenv('DJANGO_LOGGING_MODE', 'normal')
 
 if LOGGING_MODE == 'none':
     # Minimal logging configuration with no external dependencies
     LOGGING = {
         'version': 1,
         'disable_existing_loggers': False,
         'handlers': {
             'null': {
                 'class': 'logging.NullHandler',
             },
         },
         'root': {
             'handlers': ['null'],
         },
     }
 else:
     # Normal logging configuration
     LOGGING = {
         'version': 1,
         'disable_existing_loggers': False,
         'formatters': {
             'json': {
                 '()': 'pythonjsonlogger.json.JsonFormatter',
                 'format': '%(asctime)s %(name)s %(levelname)s %(module)s %(funcName)s %(lineno)d %(message)s',
                 'rename_fields': {
                     'funcName': 'funcname'
                 }
             },
         },
         'handlers': {
             'console': {
                 'class': 'logging.StreamHandler',
                 'formatter': 'json',
             },
             'rest': {
                 'class': 'swf_common_lib.logging_utils.RestLogHandler',
                 'url': 'http://localhost:8002/api/logs/',
                 'formatter': 'json',
             },
             'db': {
                 'class': 'monitor_app.db_log_handler.DbLogHandler',
                 'level': 'INFO',
             },
         },
         'root': {
             'handlers': ['console'],
             'level': 'INFO',
         },
         'loggers': {
             'django': {
                 'handlers': ['console'],
                 'level': os.getenv('DJANGO_LOG_LEVEL', 'INFO'),
                 'propagate': False,
             },
             'monitor_app': {
                 'handlers': ['db', 'console'],
                 'level': 'INFO',
                 'propagate': False,
             },
         },
     }

This page was automatically generated by the 2.3.7 LXR engine. The LXR team