rubenperezm
commented
2 months ago I am able to connect to the ESCAPE VO, if you want we can try in CMS now (sorry for the multiple commits, I was not familiar with commitlint).
$ docker run -i -t -v $HOME/foo:/home/user/.globus ghcr.io/rubenperezm/reana-auth-vomsproxy:dev
[root@d951d9b90dc3 /]# voms-proxy-init --out /tmp/x509up_u0 --voms escape --cert /home/user/.globus/usercert.pem --key /home/user/.globus/userkey.pem
Contacting voms-escape.cloud.cnaf.infn.it:15000 [/DC=org/DC=terena/DC=tcs/C=IT/ST=Roma/O=Istituto Nazionale di Fisica Nucleare/CN=voms-escape.cloud.cnaf.infn.it] "escape"...
Remote VOMS server contacted succesfully.
Created proxy in /tmp/x509up_u0.
Your proxy is valid until Thu Aug 29 21:45:41 CEST 2024
tiborsimko
Current status
The
reana-auth-vomsproxycomponent is based on CC7, seeDockerfile.Recently, with the switch of WLCG IAM from CC7 to Alma9, the packages were updated, see #29, however the base image stayed on CC7.
This is not ideal due to CC7 reaching its end-of-life, see https://linux.web.cern.ch/#cc7-rhel7-have-reached-end-of-life
Desiderata
The goal of this issue is to update the base image of the
reana-auth-vomsproxycomponent from CC7 to Alma9 or to Ubuntu 24.04.The task will require to amend the
Dockerfile'sFROMclause, to identify which new system dependencies to install to have the new WLCG package stack (one could get inspiration from packages installed on LXPLUS), and then to test the new configuration with various VOs, such as CMS (that I can help with) and ESCAPE.See also for example what (minimal) changes were necessary for
reana-auth-krb5'sDockerfileat https://github.com/reanahub/reana-auth-krb5/pull/20/files#diff-dd2c0eb6ea5cfc6c4bd4eac30934e2d5746747af48fef6da689e85b752f39557.