Find a new way to distribute tnsnames.ora

[nikmagini]

CERN IT asked CMS to remove the oracle-env rpm package to avoid exposing the tnsnames.ora (DB connection parameters) so it will be removed from the comp repo in future releases.

PhEDEx depends on this package to distribute the tnsnames.ora to agents and website, so we need a different solution.

For the website/datasvc we can simply distribute the tnsnames.ora like other secrets (anyway Bruno will need some way to deploy it on cmsweb for other cmsweb services) so I don't expect that this will be an issue.

But for the site agents we will need another method. Maybe we could distribute tnsnames.ora through encrypted emails like DBParam - or we can simply maintain it in gitlab; anyway it's not super-sensitive information...

[nataliaratnikova]

We could instruct the sites to put tnsnames.ora next to DBParam file and set PHEDEX-level default to point TNS_ADMIN environment variable to DBParam parent dirirectory.

Also, we do not need to distribute the whole tnsname.ora file ( > 10K lines), we can leave only settings required for the PhEDEx related databases.

Maintaining this file in gitlab is a good idea, so we (the developers) can keep track of the (unlikely) changes.

[nataliaratnikova]

We could schedule PhEDEx release with this new feature by the time when the sites DBParams are regenerated and send DBParams along with the new tnsnames.ora file.

[nikmagini]

Good idea. Maybe ask to put it in $PHEDEX_CONFIG directory