Commit 1e867920 authored by MUSSET Paul's avatar MUSSET Paul
Browse files

Merge branch 'separated_docker_file' into 'master'

Add CI

See merge request !5
parents 3d676403 6bc9370d
Pipeline #71788 passed with stages
in 3 minutes and 54 seconds
stages:
- build:docker_base
- build:docker_standalone
.build:
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
variables:
TAG: ""
DIRECTORY: ""
IMAGE_NAME: ""
script:
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
- /kaniko/executor --context $CI_PROJECT_DIR --context-sub-path "$DIRECTORY" --dockerfile "$CI_PROJECT_DIR/$DIRECTORY/Dockerfile" --destination "$CI_REGISTRY_IMAGE/$IMAGE_NAME" --build-arg "tag=$TAG" --skip-unused-stages
build-standalone-base:
extends: .build
stage: build:docker_base
variables:
TAG: ${CI_COMMIT_REF_SLUG}
DIRECTORY: xcache-standalone/base/dockerfile/
IMAGE_NAME: standalone/base:${CI_COMMIT_REF_SLUG}
build-standalone-token:
extends: .build
stage: build:docker_standalone
needs:
- build-standalone-base
variables:
TAG: ${CI_COMMIT_REF_SLUG}
DIRECTORY: xcache-standalone/token/dockerfile/
IMAGE_NAME: standalone/token:${CI_COMMIT_REF_SLUG}
all.export /
# remote data source
pss.origin root://<root_endoint>
# proxy plugin
ofs.osslib libXrdPss.so
# Proxy File Cache aka XCache
pss.cachelib libXrdFileCache.so
# where data is stored localy
oss.localroot /mnt/xcache
# file cache log level
pfc.trace dump
# add http support
if exec xrootd
xrd.protocol http libXrdHttp.so
fi
FROM centos:7
RUN yum install --nogpg -y epel-release\
&& yum install --nogpg -y xrootd-server
# Have the same gid for xrootd group on container and host for xrootd to be able to access volume
RUN groupmod -g 9999 xrootd
# Config directory
RUN mkdir -p /etc/xrootd\
&& chown xrootd:xrootd /etc/xrootd
# Directory to mount the data storage. need to have same gid on host and container
RUN mkdir -p /mnt/xcache\
&& chown xrootd:xrootd /mnt/xcache\
&& chmod g+w /mnt/xcache
FROM centos:7
ARG tag=latest
# Build sci-token rpm for token image
FROM centos:7 AS sci-token-build
RUN yum install -y epel-release\
&& yum install -y xrootd-server
RUN yum install --nogpg -y epel-release\
&& yum install --nogpg -y\
cmake\
gcc-c++\
git\
make\
rpm-build\
scitokens-cpp-devel\
xrootd-server-devel\
&& git clone https://github.com/scitokens/xrootd-scitokens\
&& mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
# Have the same gid for xrootd group on container and host for xrootd to be able to access volume
RUN groupmod -g 9999 xrootd
WORKDIR xrootd-scitokens
# Config directory
RUN mkdir -p /etc/xrootd\
&& chown xrootd:xrootd /etc/xrootd
ENV CXXFLAGS=-Wno-error CFLAGS=-Wno-error
# Directory to mount the data storage. need to have same gid on host and container
RUN mkdir -p /mnt/xcache\
&& chown xrootd:xrootd /mnt/xcache\
&& chmod g+w /mnt/xcache
RUN git archive v1.2.0 --prefix=xrootd-scitokens-1.2.0/ | gzip -7 > ~/rpmbuild/SOURCES/xrootd-scitokens-1.2.0.tar.gz\
&& rpmbuild -ba rpm/xrootd-scitokens.spec
FROM gitlab-registry.in2p3.fr/cc-escape/xcache-config/standalone/base:$tag
# For now checking crl is disabled in xcache config file
# Might have to be later to be put in a volume. with a container spawning every n hours doing the fetch crl
# install ca certificates
ADD http://repository.egi.eu/sw/production/cas/1/current/repo-files/EGI-trustanchors.repo\
/etc/yum.repos.d/EGI-trustanchors.repo
RUN yum install -y ca-policy-lcg
RUN yum install --nogpg -y ca-policy-lcg
# Server certificates directory
RUN mkdir /etc/grid-security/xrd/\
&& chown xrootd:xrootd /etc/grid-security/xrd/
# Scitokens library
RUN yum install -y https://repo.opensciencegrid.org/osg/3.5/osg-3.5-el7-release-latest.rpm\
&& yum install -y xrootd-scitokens
COPY --from=sci-token-build /root/rpmbuild/RPMS/x86_64/xrootd-scitokens-1.2.0-1.el7.x86_64.rpm .
RUN yum install --nogpg -y xrootd-scitokens-1.2.0-1.el7.x86_64.rpm
# HTTP xroot client library
RUN yum install -y xrdcl-http\
RUN yum install --nogpg -y xrdcl-http\
&& rm -rf /etc/xrootd
# problem with xrdcl-http not looking /etc/grid-security
RUN cp /etc/grid-security/certificates/*.pem /etc/pki/ca-trust/source/anchors/\
&& update-ca-trust extract
USER xrootd:xrootd
CMD ["xrootd","-c","/etc/xrootd/xcache-config.cfg","-n","xcache"]
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment