Provide service urls via configuration files and/or environment variables

[amaltaro]

Impact of the new feature Across WMCore

Is your feature request related to a problem? Please describe. With the intent to reduce default urls/endpoints across WMCore, and expose less information to any potential "curious" persons around the globe. We would like to change how endpoints/urls are defined in the project such that it's always loaded from a configuration file and/or environment variable.

Describe the solution you'd like [this is likely going to be a META issue. To be revisited in the future] Adopt a configuration file - or environment variable definitions - for WMCore services, such that it can be used whenever urls/endpoints need to be defined and/or loaded within the code. This configuration file needs to be stored in a private repo (services_config) and/or encrypted.

With the adoption of such file, we need to revisit ALL of the WMCore code to adopt it and remove any url default values from the WMCore repository. In addition to the code base, this functionality needs to be provided for:

• WM central services
• WMAgent
• WMAgent docker image (one used for unit tests)
• WMCore Jenkins environment
• potentially CD pipeline (github actions)

Describe alternatives you've considered Stick to the usual code, but that one raises security concerns.

Additional context None

[vkuznet]

I found that we expose all CMS URLs in a public repository, e.g.

• https://github.com/dmwm/WMCore/blob/master/deploy/WMAgent.production
• https://github.com/dmwm/WMCore/blob/master/deploy/WMAgent.testbed
• https://github.com/dmwm/WMCore/blob/master/deploy/deploy-wmagent.sh
• https://github.com/dmwm/WMCore/blob/master/etc/WMAgentConfig.py

I suggest to eliminate this leak and keep configuration files in gitlab CERN repo.