From b3856beb16f53172aae3e0703744adee2b4c89f9 Mon Sep 17 00:00:00 2001
From: Laurence Field <laurence.field@cern.ch>
Date: Mon, 30 Sep 2024 11:16:50 +0200
Subject: [PATCH 01/15] Updated for el9

---
 Dockerfile | 34 ++--------------------------------
 1 file changed, 2 insertions(+), 32 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index f3dce95..b289e3d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,36 +1,7 @@
-FROM gitlab-registry.cern.ch/etf/docker/etf-exp:qa
-
-LABEL maintainer="Marian Babik <Marian.Babik@cern.ch>"
-LABEL description="WLCG ETF ALICE"
-LABEL version="1.0"
+FROM gitlab-registry.cern.ch/etf/docker/etf-condor:el9
 
 ENV NSTREAM_ENABLED=0
 
-# Middleware
-RUN yum -y install yum-priorities
-RUN rpm -ivh http://repository.egi.eu/sw/production/umd/4/centos7/x86_64/updates/umd-release-4.1.3-1.el7.centos.noarch.rpm
-RUN rpm -import http://repository.egi.eu/sw/production/umd/UMD-RPM-PGP-KEY
-RUN cd /etc/yum.repos.d; wget https://repo.data.kit.edu//data-kit-edu-centos7.repo
-#RUN cd /etc/yum.repos.d/ && wget https://research.cs.wisc.edu/htcondor/yum/repo.d/htcondor-stable-rhel7.repo
-#COPY ./config/htcondor_stable.repo /etc/yum.repos.d/htcondor-stable-rhel7.repo
-
-# Core
-RUN yum -y install voms voms-clients-java oidc-agent-cli
-
-# CONDOR
-RUN yum -y install --nogpgcheck condor condor-python 
-
-# CREAM
-# RUN yum -y install glite-ce-cream-cli python-suds openldap-clients python-ldap
-
-# ARC 
-# Take the pakcages from UMD due to a bug in v6.19.0
-#RUN rpm -ivh https://download.nordugrid.org/packages/nordugrid-release/releases/6/centos/el7/x86_64/nordugrid-release-6-1.el7.noarch.rpm
-RUN yum -y install nordugrid-arc-client nordugrid-arc-plugins-needed nordugrid-arc-plugins-globus
-
-# ETF Plugins
-RUN yum -y install python-jess python-nap nagios-plugins nagios-plugins-globus python-wnfm nagios-plugins-tokens
-
 # Streaming
 RUN mkdir -p /var/spool/nstream/outgoing && chmod 777 /var/spool/nstream/outgoing
 RUN mkdir /etc/stompclt
@@ -55,5 +26,4 @@ COPY ./config/alice_checks.cfg /etc/ncgx/conf.d/
 COPY ./config/ncgx.cfg /etc/ncgx/
 
 EXPOSE 80 443 6557
-COPY ./docker-entrypoint.sh /
-ENTRYPOINT /docker-entrypoint.sh
+ENTRYPOINT ["/usr/sbin/init"]
\ No newline at end of file
-- 
GitLab


From 56c6f954171884e0497725e6e73deb1b8eb8593f Mon Sep 17 00:00:00 2001
From: Laurence Field <laurence.field@cern.ch>
Date: Mon, 30 Sep 2024 11:30:06 +0200
Subject: [PATCH 02/15] Updated to build branches.

---
 .gitlab-ci.yml | 21 +++++++++++++--------
 1 file changed, 13 insertions(+), 8 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 92b198f..0ac8526 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,16 +1,21 @@
-variables:
-  DOCKER_VERSION: "17.05"
-
-build:etf_alice_qa:
+build:etf_alice:
   stage: build
   variables:
-    IMAGE_DESTINATION: gitlab-registry.cern.ch/$CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME/etf-alice:qa
+    IMAGE_DESTINATION: gitlab-registry.cern.ch/$CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME/etf-alice:
   image:
     # The kaniko debug image is recommended because it has a shell, and a shell is required for an image to be used with GitLab CI/CD.
     name: gcr.io/kaniko-project/executor:debug
     entrypoint: [""]
-  environment: master
+  environment: $CI_COMMIT_REF_NAME
   script:
+    # Determine the tag based on the branch name
+    - |
+      if [ "$CI_COMMIT_REF_NAME" == "master" ]; then
+        TAG="qa"
+      else
+        TAG="$CI_COMMIT_REF_NAME"
+      fi
+      IMAGE_DESTINATION="$IMAGE_DESTINATION$TAG"
     # Prepare Kaniko configuration file
     - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
     # Build and push the image from the Dockerfile at the root of the project.
@@ -18,12 +23,12 @@ build:etf_alice_qa:
     # Print the full registry path of the pushed image
     - echo "Image pushed successfully to ${IMAGE_DESTINATION}"
   only:
-    - master
+    - branches
 
 
 deploy:production:
   dependencies:
-    - build:etf_alice_qa
+    - build:etf_alice
   stage: deploy
   image:
     # Use the ':debug' image as it provides a shell, which is a requirement for GitLab CI
-- 
GitLab


From c3231909d121411a3b102ae3814874647a10a711 Mon Sep 17 00:00:00 2001
From: Laurence Field <laurence.field@cern.ch>
Date: Mon, 30 Sep 2024 11:32:47 +0200
Subject: [PATCH 03/15] Copied from CMS

---
 .gitlab-ci.yml | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 0ac8526..98e6358 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,7 +1,7 @@
 build:etf_alice:
   stage: build
   variables:
-    IMAGE_DESTINATION: gitlab-registry.cern.ch/$CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME/etf-alice:
+    IMAGE_DESTINATION: "gitlab-registry.cern.ch/$CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME/etf-alice:"
   image:
     # The kaniko debug image is recommended because it has a shell, and a shell is required for an image to be used with GitLab CI/CD.
     name: gcr.io/kaniko-project/executor:debug
@@ -25,7 +25,6 @@ build:etf_alice:
   only:
     - branches
 
-
 deploy:production:
   dependencies:
     - build:etf_alice
@@ -38,4 +37,4 @@ deploy:production:
   script:
     - crane auth login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY"
     - crane validate --remote "gitlab-registry.cern.ch/${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}/etf-alice:qa"
-    - crane tag "gitlab-registry.cern.ch/${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}/etf-alice:qa" prod
+    - crane tag "gitlab-registry.cern.ch/${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}/etf-alice:qa" prod
\ No newline at end of file
-- 
GitLab


From 86a3725b44abd80a3f7921e96acdaf294d30d037 Mon Sep 17 00:00:00 2001
From: Laurence Field <laurence.field@cern.ch>
Date: Mon, 30 Sep 2024 11:38:26 +0200
Subject: [PATCH 04/15] The stomp directory is already in the image

---
 Dockerfile | 2 --
 1 file changed, 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index b289e3d..f0baa05 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -3,8 +3,6 @@ FROM gitlab-registry.cern.ch/etf/docker/etf-condor:el9
 ENV NSTREAM_ENABLED=0
 
 # Streaming
-RUN mkdir -p /var/spool/nstream/outgoing && chmod 777 /var/spool/nstream/outgoing
-RUN mkdir /etc/stompclt
 COPY ./config/ocsp_handler.cfg /etc/nstream/
 
 # ARC config
-- 
GitLab


From c26fc4ef98763319d168c290067b099104de614d Mon Sep 17 00:00:00 2001
From: Laurence Field <laurence.field@cern.ch>
Date: Fri, 11 Oct 2024 16:43:02 +0200
Subject: [PATCH 05/15] Script to add keys

---
 config/add-keys.sh | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 config/add-keys.sh

diff --git a/config/add-keys.sh b/config/add-keys.sh
new file mode 100644
index 0000000..ca34378
--- /dev/null
+++ b/config/add-keys.sh
@@ -0,0 +1,4 @@
+#!/bin/bash
+
+oidc-add --pw-file=/opt/omd/sites/etf/.oidc-agent/etf_alice_ce.key etf_alice_ce
+/usr/lib64/nagios/plugins/refresh_token -t 7200 --token-config etf-alice --token-time 345600 --aud /var/lib/gridprobes/alice/scondor/
-- 
GitLab


From b72d7b7de4100273640f897b109553c1f842f2ae Mon Sep 17 00:00:00 2001
From: Laurence Field <laurence.field@cern.ch>
Date: Fri, 11 Oct 2024 16:44:26 +0200
Subject: [PATCH 06/15] Copy add-keys.sh script

---
 Dockerfile | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index f0baa05..9dae368 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -23,5 +23,7 @@ RUN mkdir -p /usr/libexec/grid-monitoring/probes/org.alice/wnjob
 COPY ./config/alice_checks.cfg /etc/ncgx/conf.d/
 COPY ./config/ncgx.cfg /etc/ncgx/
 
+COPY ./config/add-keys.sh /opt/omd/sites/etf/.oidc-agent/
+
 EXPOSE 80 443 6557
 ENTRYPOINT ["/usr/sbin/init"]
\ No newline at end of file
-- 
GitLab


From b71ad08633b31e24de3c88957bc920665f728899 Mon Sep 17 00:00:00 2001
From: Laurence Field <laurence.field@cern.ch>
Date: Fri, 11 Oct 2024 21:54:31 +0200
Subject: [PATCH 07/15] Adding copy

---
 config/add-keys.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/config/add-keys.sh b/config/add-keys.sh
index ca34378..79429e5 100644
--- a/config/add-keys.sh
+++ b/config/add-keys.sh
@@ -1,4 +1,5 @@
 #!/bin/bash
 
+cp -f /etc/grid-security/tokens/* /opt/omd/sites/etf/.oidc-agent/
 oidc-add --pw-file=/opt/omd/sites/etf/.oidc-agent/etf_alice_ce.key etf_alice_ce
 /usr/lib64/nagios/plugins/refresh_token -t 7200 --token-config etf-alice --token-time 345600 --aud /var/lib/gridprobes/alice/scondor/
-- 
GitLab


From c6570df7c547f18f83c8ad514acbdaba289b70d0 Mon Sep 17 00:00:00 2001
From: Laurence Field <lfield@aiadm81.cern.ch>
Date: Fri, 11 Oct 2024 22:18:45 +0200
Subject: [PATCH 08/15] Add execute permissions

---
 config/add-keys.sh | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 mode change 100644 => 100755 config/add-keys.sh

diff --git a/config/add-keys.sh b/config/add-keys.sh
old mode 100644
new mode 100755
-- 
GitLab


From 2bce8e1149538d2e87cff2d08b0405ee360d1b70 Mon Sep 17 00:00:00 2001
From: Laurence Field <laurence.field@cern.ch>
Date: Fri, 11 Oct 2024 22:48:10 +0200
Subject: [PATCH 09/15] Adding sourcing of the agent env

---
 config/add-keys.sh | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/config/add-keys.sh b/config/add-keys.sh
index 79429e5..324b5f7 100755
--- a/config/add-keys.sh
+++ b/config/add-keys.sh
@@ -1,5 +1,6 @@
 #!/bin/bash
-
+source /opt/omd/sites/etf/.oidc-agent/oidc-env.sh
 cp -f /etc/grid-security/tokens/* /opt/omd/sites/etf/.oidc-agent/
-oidc-add --pw-file=/opt/omd/sites/etf/.oidc-agent/etf_alice_ce.key etf_alice_ce
+/usr/bin/oidc-add --pw-file=/opt/omd/sites/etf/.oidc-agent/etf_alice_ce.key etf_alice_ce
 /usr/lib64/nagios/plugins/refresh_token -t 7200 --token-config etf-alice --token-time 345600 --aud /var/lib/gridprobes/alice/scondor/
+
-- 
GitLab


From a1f3ad9f1a819a4cd37e9263e66e02d6e0fc7910 Mon Sep 17 00:00:00 2001
From: Laurence Field <laurence.field@cern.ch>
Date: Mon, 14 Oct 2024 11:35:51 +0200
Subject: [PATCH 10/15] Added arc install

---
 Dockerfile | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index 9dae368..e2efb7b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -5,6 +5,10 @@ ENV NSTREAM_ENABLED=0
 # Streaming
 COPY ./config/ocsp_handler.cfg /etc/nstream/
 
+# ARC
+RUN yum -y install https://download.nordugrid.org/packages/nordugrid-release/releases/6.1/rocky/9/x86_64/nordugrid-release-6.1-1.el9.noarch.rpm
+RUN yum -y install nordugrid-arc-client nordugrid-arc-plugins-needed nordugrid-arc-plugins-globus
+
 # ARC config
 RUN mkdir /opt/omd/sites/$CHECK_MK_SITE/.arc
 COPY ./config/client.conf /opt/omd/sites/$CHECK_MK_SITE/.arc/
-- 
GitLab


From d790a67bc85389e3730362aaa51b4eb3769a5fac Mon Sep 17 00:00:00 2001
From: Laurence Field <laurence.field@cern.ch>
Date: Tue, 15 Oct 2024 14:40:14 +0200
Subject: [PATCH 11/15] ARC7 installed in the base image

---
 Dockerfile | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index e2efb7b..9dae368 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -5,10 +5,6 @@ ENV NSTREAM_ENABLED=0
 # Streaming
 COPY ./config/ocsp_handler.cfg /etc/nstream/
 
-# ARC
-RUN yum -y install https://download.nordugrid.org/packages/nordugrid-release/releases/6.1/rocky/9/x86_64/nordugrid-release-6.1-1.el9.noarch.rpm
-RUN yum -y install nordugrid-arc-client nordugrid-arc-plugins-needed nordugrid-arc-plugins-globus
-
 # ARC config
 RUN mkdir /opt/omd/sites/$CHECK_MK_SITE/.arc
 COPY ./config/client.conf /opt/omd/sites/$CHECK_MK_SITE/.arc/
-- 
GitLab


From 24ba222a8b1597305b725827029fa2a366078f4b Mon Sep 17 00:00:00 2001
From: Laurence Field <laurence.field@cern.ch>
Date: Wed, 16 Oct 2024 14:32:43 +0200
Subject: [PATCH 12/15] Change image name

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 9dae368..f31e777 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM gitlab-registry.cern.ch/etf/docker/etf-condor:el9
+FROM gitlab-registry.cern.ch/etf/docker/etf-base:el9
 
 ENV NSTREAM_ENABLED=0
 
-- 
GitLab


From d60fa702dbaa36115d14090ccb7e490c273ba38a Mon Sep 17 00:00:00 2001
From: Laurence Field <laurence.field@cern.ch>
Date: Wed, 16 Oct 2024 22:47:22 +0200
Subject: [PATCH 13/15] The http check should accept xml

---
 config/alice_checks.cfg | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/alice_checks.cfg b/config/alice_checks.cfg
index 23872b2..6df3829 100644
--- a/config/alice_checks.cfg
+++ b/config/alice_checks.cfg
@@ -24,6 +24,6 @@ metrics = {
 }
 
 checks = [
-   [ 'localhost', "Alice VO feed", {"args" : {"-u" : "/api/wlcg/vofeed/alice/", "-H" : "wlcg-cric.cern.ch", "-t" : 60, "--onredirect" : "follow"}} ],
+   [ 'localhost', "Alice VO feed", {"args" : {"-u" : "/api/wlcg/vofeed/alice/", "-H" : "wlcg-cric.cern.ch", "-t" : 60, "--onredirect" : "follow", "-k" : "Accept: application/xml"}} ],
    [ 'localhost', "ETF Livestatus Stats", {"extends": "check_live", "args": {"--pattern": "org.sam", "--delay-crit": 310}} ],
 ]
\ No newline at end of file
-- 
GitLab


From 608edd650f1d9cd49eb0f6918e7716989f3860b5 Mon Sep 17 00:00:00 2001
From: Laurence Field <laurence.field@cern.ch>
Date: Wed, 16 Oct 2024 23:48:42 +0200
Subject: [PATCH 14/15] Needs more quotes

---
 config/alice_checks.cfg | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/alice_checks.cfg b/config/alice_checks.cfg
index 6df3829..8ab8c03 100644
--- a/config/alice_checks.cfg
+++ b/config/alice_checks.cfg
@@ -24,6 +24,6 @@ metrics = {
 }
 
 checks = [
-   [ 'localhost', "Alice VO feed", {"args" : {"-u" : "/api/wlcg/vofeed/alice/", "-H" : "wlcg-cric.cern.ch", "-t" : 60, "--onredirect" : "follow", "-k" : "Accept: application/xml"}} ],
+   [ 'localhost', "Alice VO feed", {"args" : {"-u" : "/api/wlcg/vofeed/alice/", "-H" : "wlcg-cric.cern.ch", "-t" : 60, "--onredirect" : "follow", "-k" : "'Accept: application/xml'"}} ],
    [ 'localhost', "ETF Livestatus Stats", {"extends": "check_live", "args": {"--pattern": "org.sam", "--delay-crit": 310}} ],
 ]
\ No newline at end of file
-- 
GitLab


From b7725abeb1b4e8f90c62cdcf4318b4e15a67f548 Mon Sep 17 00:00:00 2001
From: Laurence Field <laurence.field@cern.ch>
Date: Wed, 30 Oct 2024 14:47:05 +0100
Subject: [PATCH 15/15] Added hack for testing K8s

---
 config/add-keys.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/config/add-keys.sh b/config/add-keys.sh
index 324b5f7..c0b8c64 100755
--- a/config/add-keys.sh
+++ b/config/add-keys.sh
@@ -1,6 +1,7 @@
 #!/bin/bash
 source /opt/omd/sites/etf/.oidc-agent/oidc-env.sh
 cp -f /etc/grid-security/tokens/* /opt/omd/sites/etf/.oidc-agent/
+cp /opt/omd/sites/etf/.oidc-agent/etf_alice_ce{.K8s,}
 /usr/bin/oidc-add --pw-file=/opt/omd/sites/etf/.oidc-agent/etf_alice_ce.key etf_alice_ce
 /usr/lib64/nagios/plugins/refresh_token -t 7200 --token-config etf-alice --token-time 345600 --aud /var/lib/gridprobes/alice/scondor/
 
-- 
GitLab