pchengi
commented
5 years ago Thanks for this, @alaniwi . Yes, the idea is to use the latest copies at installation time, from github. Will implement this for 2.8.
Open alaniwi opened 5 years ago
pchengi
commented
5 years ago Thanks for this, @alaniwi . Yes, the idea is to use the latest copies at installation time, from github. Will implement this for 2.8.
sashakames
commented
5 years ago This needs implementation in 3.0 as well
It seems that the installer is creating out of date config files on freshly installed nodes. The cause of this appears to be that the
esg-securityscript extracts them from the.jarfile, and that these copies are out of date.Attached is an example of the
esgf_idp_static.xmlfile extracted fromesgf-security-2.7.18.jar(here renamed with trailing.txtto work around restrictions on attachment types). Compare with the current version at https://github.com/ESGF/config/blob/1c4f6903dc6a7e09a9949f9569d0a6400cadf753/esgf-prod/esgf_idp_static.xmlesgf_idp_static.xml.txt
The build process for the jar file needs to be fixed, so as to download the latest versions from the
configrepo when the jar is built.Alternatively (and possibly better), the installer needs to fetch the latest copies from github at install time. For this reason I am creating this ticket under "installer" rather than "security" component, although if this approach is adopted it would also seem better to remove the copies from the
.jarfile entirely.