From a4251b1c7049bd0ea2f6f1344dcfe890f72558a1 Mon Sep 17 00:00:00 2001 From: Federico Stagni Date: Tue, 6 May 2025 17:26:18 +0200 Subject: [PATCH] test: using a proxy instead of the certificate --- .github/workflows/integration.yml | 229 ++++++++++++++++-------------- 1 file changed, 124 insertions(+), 105 deletions(-) diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml index a70d8529..60743625 100644 --- a/.github/workflows/integration.yml +++ b/.github/workflows/integration.yml @@ -25,20 +25,26 @@ jobs: - name: Test CernVM-FS run: ls /cvmfs/dirac.egi.eu - - name: Retrieve the secret and decode it to a file + - name: Tests env: HOSTCERT_BASE64: ${{ secrets.HOSTCERT_BASE64 }} HOSTKEY_BASE64: ${{ secrets.HOSTKEY_BASE64 }} run: | - cd Pilot - mkdir -p etc/grid-security - echo "$HOSTCERT_BASE64" | base64 --decode > etc/grid-security/hostcert.pem - echo "$HOSTKEY_BASE64" | base64 --decode > etc/grid-security/hostkey.pem - chmod 440 etc/grid-security/hostcert.pem - chmod 400 etc/grid-security/hostkey.pem - - name: tests - run: | - cd Pilot + mkdir -p ${GITHUB_WORKSPACE}/Client/etc/grid-security + cd ${GITHUB_WORKSPACE}/Client + echo "$HOSTCERT_BASE64" | base64 --decode > ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem + echo "$HOSTKEY_BASE64" | base64 --decode > ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem + chmod 440 ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem + chmod 400 ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem + curl -LO https://github.com/DIRACGrid/DIRACOS2/releases/latest/download/DIRACOS-Linux-$(uname -m).sh + bash DIRACOS-Linux-$(uname -m).sh + rm DIRACOS-Linux-$(uname -m).sh + source diracos/diracosrc + pip install DIRAC + pilot_proxy_file=$(mktemp) + dirac-configure --ConfigurationServer=https://lbcertifdirac70.cern.ch:9135/Configuration/Server --UseServerCertificate -o /DIRAC/Security/CertFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem -o /DIRAC/Security/KeyFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem + dirac-admin-get-proxy atsareg dteam_pilot -o /DIRAC/Security/UseServerCertificate=yes -o /DIRAC/Security/CertFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem -o /DIRAC/Security/KeyFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem --out $pilot_proxy_file + cd ${GITHUB_WORKSPACE}/Pilot cp ../tests/CI/${{ matrix.pilot_schema }} pilot.json sed -i "s/VAR_JENKINS_SITE/DIRAC.Jenkins.ch/g" pilot.json sed -i "s/VAR_JENKINS_CE/jenkins.cern.ch/g" pilot.json @@ -50,8 +56,7 @@ jobs: g_job="testintegrationworkflow${GITHUB_JOB//-/}" pilotUUID="${g_job//_/}""$(shuf -i 2000-65000 -n 1)" pilotUUID=$(echo $pilotUUID | rev | cut -c 1-32 | rev) - python dirac-pilot.py --modules https://github.com/DIRACGrid/DIRAC.git:::DIRAC:::${{ matrix.dirac_branch }} -M 1 -S DIRAC-Certification -N jenkins.cern.ch -Q jenkins-queue_not_important -n DIRAC.Jenkins.ch --cert --certLocation=${GITHUB_WORKSPACE}/Pilot/etc/grid-security --wnVO=${{ matrix.VO }} --pilotUUID="${pilotUUID}" --debug - + X509_USER_PROXY=$pilot_proxy_file python dirac-pilot.py --modules https://github.com/DIRACGrid/DIRAC.git:::DIRAC:::${{ matrix.dirac_branch }} -M 1 -S DIRAC-Certification -N jenkins.cern.ch -Q jenkins-queue_not_important -n DIRAC.Jenkins.ch --wnVO=${{ matrix.VO }} --pilotUUID="${pilotUUID}" --debug release_prod_pre-cvmfs: runs-on: ubuntu-latest @@ -72,30 +77,30 @@ jobs: - name: Test CernVM-FS run: ls /cvmfs/dirac.egi.eu - - name: Retrieve the secret and decode it to a file + - name: Tests env: HOSTCERT_BASE64: ${{ secrets.HOSTCERT_BASE64 }} HOSTKEY_BASE64: ${{ secrets.HOSTKEY_BASE64 }} - run: | - cd Pilot - mkdir -p etc/grid-security - echo "$HOSTCERT_BASE64" | base64 --decode > etc/grid-security/hostcert.pem - echo "$HOSTKEY_BASE64" | base64 --decode > etc/grid-security/hostkey.pem - chmod 440 etc/grid-security/hostcert.pem - chmod 400 etc/grid-security/hostkey.pem - - name: tests - env: X509_CERT_DIR: /cvmfs/grid.cern.ch/etc/grid-security/certificates X509_VOMS_DIR: /cvmfs/grid.cern.ch/etc/grid-security/vomsdir DIRAC_VOMSES: /cvmfs/grid.cern.ch/etc/grid-security/vomses run: | + mkdir -p ${GITHUB_WORKSPACE}/Client/etc/grid-security + cd ${GITHUB_WORKSPACE}/Client + echo "$HOSTCERT_BASE64" | base64 --decode > ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem + echo "$HOSTKEY_BASE64" | base64 --decode > ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem + chmod 440 ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem + chmod 400 ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem if [ "${{ matrix.dirac_version }}" == "prod" ]; then version=$(curl -s "https://api.github.com/repos/DIRACGrid/DIRAC/releases" | jq -r '.[].tag_name' | sort -V | grep -v 'a' | tail -n 1) else version=$(curl -s "https://api.github.com/repos/DIRACGrid/DIRAC/releases" | jq -r '.[].tag_name' | sort -V | grep 'a' | tail -n 1) fi - echo ${version} - cd Pilot + source /cvmfs/dirac.egi.eu/dirac/${version}/Linux-x86_64/diracosrc + pilot_proxy_file=$(mktemp) + dirac-configure --ConfigurationServer=https://lbcertifdirac70.cern.ch:9135/Configuration/Server --UseServerCertificate -o /DIRAC/Security/CertFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem -o /DIRAC/Security/KeyFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem --SkipCADownload -O config.cfg + dirac-admin-get-proxy atsareg dteam_pilot -o /DIRAC/Security/UseServerCertificate=yes -o /DIRAC/Security/CertFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem -o /DIRAC/Security/KeyFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem --out $pilot_proxy_file --cfg config.cfg + cd ${GITHUB_WORKSPACE}/Pilot cp ../tests/CI/${{ matrix.pilot_schema }} pilot.json sed -i "s/VAR_JENKINS_SITE/DIRAC.Jenkins.ch/g" pilot.json sed -i "s/VAR_JENKINS_CE/jenkins.cern.ch/g" pilot.json @@ -107,7 +112,7 @@ jobs: g_job="testintegrationworkflow${GITHUB_JOB//-/}" pilotUUID="${g_job//_/}""$(shuf -i 2000-65000 -n 1)" pilotUUID=$(echo $pilotUUID | rev | cut -c 1-32 | rev) - python dirac-pilot.py -M 1 -S DIRAC-Certification -N jenkins.cern.ch -Q jenkins-queue_not_important -n DIRAC.Jenkins.ch --architectureScript=dirac-platform --preinstalledEnvPrefix=/cvmfs/dirac.egi.eu/dirac --wnVO=dteam --cert --certLocation=${GITHUB_WORKSPACE}/Pilot/etc/grid-security --pilotUUID="${pilotUUID}" --debug + X509_USER_PROXY=$pilot_proxy_file python dirac-pilot.py -M 1 -S DIRAC-Certification -N jenkins.cern.ch -Q jenkins-queue_not_important -n DIRAC.Jenkins.ch --architectureScript=dirac-platform --preinstalledEnvPrefix=/cvmfs/dirac.egi.eu/dirac --wnVO=dteam --pilotUUID="${pilotUUID}" --debug release_prod-cvmfs_no_env_CEs: @@ -129,21 +134,23 @@ jobs: - name: Test CernVM-FS run: ls /cvmfs/dirac.egi.eu - - name: Retrieve the secret and decode it to a file + - name: Tests env: HOSTCERT_BASE64: ${{ secrets.HOSTCERT_BASE64 }} HOSTKEY_BASE64: ${{ secrets.HOSTKEY_BASE64 }} run: | - cd Pilot - mkdir -p etc/grid-security - echo "$HOSTCERT_BASE64" | base64 --decode > etc/grid-security/hostcert.pem - echo "$HOSTKEY_BASE64" | base64 --decode > etc/grid-security/hostkey.pem - chmod 440 etc/grid-security/hostcert.pem - chmod 400 etc/grid-security/hostkey.pem - - name: tests - run: | + mkdir -p ${GITHUB_WORKSPACE}/Client/etc/grid-security + cd ${GITHUB_WORKSPACE}/Client + echo "$HOSTCERT_BASE64" | base64 --decode > ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem + echo "$HOSTKEY_BASE64" | base64 --decode > ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem + chmod 440 ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem + chmod 400 ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem version=$(curl -s "https://api.github.com/repos/DIRACGrid/DIRAC/releases" | jq -r '.[].tag_name' | sort -V | grep 'a' | tail -n 1) - cd Pilot + source /cvmfs/dirac.egi.eu/dirac/${version}/Linux-x86_64/diracosrc + pilot_proxy_file=$(mktemp) + dirac-configure --ConfigurationServer=https://lbcertifdirac70.cern.ch:9135/Configuration/Server --UseServerCertificate -o /DIRAC/Security/CertFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem -o /DIRAC/Security/KeyFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem --SkipCADownload -O config.cfg + dirac-admin-get-proxy atsareg dteam_pilot -o /DIRAC/Security/UseServerCertificate=yes -o /DIRAC/Security/CertFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem -o /DIRAC/Security/KeyFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem --out $pilot_proxy_file --cfg config.cfg + cd ${GITHUB_WORKSPACE}/Pilot cp ../tests/CI/pilot_newSchema.json pilot.json sed -i "s/VAR_JENKINS_SITE/DIRAC.Jenkins.ch/g" pilot.json sed -i "s/VAR_JENKINS_CE/${{ matrix.ce }}/g" pilot.json @@ -155,7 +162,7 @@ jobs: g_job="testintegrationworkflow${GITHUB_JOB//-/}" pilotUUID="${g_job//_/}""$(shuf -i 2000-65000 -n 1)" pilotUUID=$(echo $pilotUUID | rev | cut -c 1-32 | rev) - python dirac-pilot.py -M 1 -S DIRAC-Certification -N ${{ matrix.ce }} -Q jenkins-queue_not_important -n DIRAC.Jenkins.ch --preinstalledEnvPrefix=/cvmfs/dirac.egi.eu/dirac --cert --certLocation=${GITHUB_WORKSPACE}/Pilot/etc/grid-security --wnVO=dteam -o cvmfsOnly --pilotUUID="${pilotUUID}" --debug + X509_USER_PROXY=$pilot_proxy_file python dirac-pilot.py -M 1 -S DIRAC-Certification -N ${{ matrix.ce }} -Q jenkins-queue_not_important -n DIRAC.Jenkins.ch --preinstalledEnvPrefix=/cvmfs/dirac.egi.eu/dirac --wnVO=dteam -o cvmfsOnly --pilotUUID="${pilotUUID}" --debug matching: @@ -174,20 +181,23 @@ jobs: - name: Test CernVM-FS run: ls /cvmfs/dirac.egi.eu - - name: Retrieve the secret and decode it to a file + - name: Tests env: HOSTCERT_BASE64: ${{ secrets.HOSTCERT_BASE64 }} HOSTKEY_BASE64: ${{ secrets.HOSTKEY_BASE64 }} run: | - cd Pilot - mkdir -p etc/grid-security - echo "$HOSTCERT_BASE64" | base64 --decode > etc/grid-security/hostcert.pem - echo "$HOSTKEY_BASE64" | base64 --decode > etc/grid-security/hostkey.pem - chmod 440 etc/grid-security/hostcert.pem - chmod 400 etc/grid-security/hostkey.pem - - name: tests - run: | - cd Pilot + mkdir -p ${GITHUB_WORKSPACE}/Client/etc/grid-security + cd ${GITHUB_WORKSPACE}/Client + echo "$HOSTCERT_BASE64" | base64 --decode > ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem + echo "$HOSTKEY_BASE64" | base64 --decode > ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem + chmod 440 ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem + chmod 400 ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem + version=$(curl -s "https://api.github.com/repos/DIRACGrid/DIRAC/releases" | jq -r '.[].tag_name' | sort -V | grep 'a' | tail -n 1) + source /cvmfs/dirac.egi.eu/dirac/${version}/Linux-x86_64/diracosrc + pilot_proxy_file=$(mktemp) + dirac-configure --ConfigurationServer=https://lbcertifdirac70.cern.ch:9135/Configuration/Server --UseServerCertificate -o /DIRAC/Security/CertFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem -o /DIRAC/Security/KeyFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem --SkipCADownload -O config.cfg + dirac-admin-get-proxy atsareg dteam_pilot -o /DIRAC/Security/UseServerCertificate=yes -o /DIRAC/Security/CertFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem -o /DIRAC/Security/KeyFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem --out $pilot_proxy_file --cfg config.cfg + cd ${GITHUB_WORKSPACE}/Pilot cp ../tests/CI/${{ matrix.pilot_schema }} pilot.json sed -i "s/VAR_JENKINS_SITE/DIRAC.Jenkins.ch/g" pilot.json sed -i "s/VAR_JENKINS_CE/jenkins-full.cern.ch/g" pilot.json @@ -199,7 +209,7 @@ jobs: g_job="testintegrationworkflow${GITHUB_JOB//-/}" pilotUUID="${g_job//_/}""$(shuf -i 2000-65000 -n 1)" pilotUUID=$(echo $pilotUUID | rev | cut -c 1-32 | rev) - python dirac-pilot.py --modules https://github.com/DIRACGrid/DIRAC.git:::DIRAC:::integration -M 1 -S DIRAC-Certification -N jenkins-full.cern.ch -Q jenkins-queue_not_important -n DIRAC.Jenkins.ch --wnVO=dteam --cert --certLocation=${GITHUB_WORKSPACE}/Pilot/etc/grid-security --pilotUUID="${pilotUUID}" --debug + X509_USER_PROXY=$pilot_proxy_file python dirac-pilot.py --modules https://github.com/DIRACGrid/DIRAC.git:::DIRAC:::integration -M 1 -N jenkins-full.cern.ch -Q jenkins-queue_not_important -n DIRAC.Jenkins.ch --wnVO=dteam --pilotUUID="${pilotUUID}" --debug release_prod_pre-cvmfs_matching: @@ -221,26 +231,28 @@ jobs: - name: Test CernVM-FS run: ls /cvmfs/dirac.egi.eu - - name: Retrieve the secret and decode it to a file + - name: Tests env: HOSTCERT_BASE64: ${{ secrets.HOSTCERT_BASE64 }} HOSTKEY_BASE64: ${{ secrets.HOSTKEY_BASE64 }} run: | - cd Pilot - mkdir -p etc/grid-security - echo "$HOSTCERT_BASE64" | base64 --decode > etc/grid-security/hostcert.pem - echo "$HOSTKEY_BASE64" | base64 --decode > etc/grid-security/hostkey.pem - chmod 440 etc/grid-security/hostcert.pem - chmod 400 etc/grid-security/hostkey.pem - - name: tests - run: | + mkdir -p ${GITHUB_WORKSPACE}/Client/etc/grid-security + cd ${GITHUB_WORKSPACE}/Client + echo "$HOSTCERT_BASE64" | base64 --decode > ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem + echo "$HOSTKEY_BASE64" | base64 --decode > ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem + chmod 440 ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem + chmod 400 ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem + cd ${GITHUB_WORKSPACE}/Pilot if [ "${{ matrix.dirac_version }}" == "prod" ]; then version=$(curl -s "https://api.github.com/repos/DIRACGrid/DIRAC/releases" | jq -r '.[].tag_name' | sort -V | grep -v 'a' | tail -n 1) else version=$(curl -s "https://api.github.com/repos/DIRACGrid/DIRAC/releases" | jq -r '.[].tag_name' | sort -V | grep 'a' | tail -n 1) fi - echo ${version} - cd Pilot + source /cvmfs/dirac.egi.eu/dirac/${version}/Linux-x86_64/diracosrc + pilot_proxy_file=$(mktemp) + dirac-configure --ConfigurationServer=https://lbcertifdirac70.cern.ch:9135/Configuration/Server --UseServerCertificate -o /DIRAC/Security/CertFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem -o /DIRAC/Security/KeyFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem --SkipCADownload -O config.cfg + dirac-admin-get-proxy atsareg dteam_pilot -o /DIRAC/Security/UseServerCertificate=yes -o /DIRAC/Security/CertFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem -o /DIRAC/Security/KeyFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem --out $pilot_proxy_file --cfg config.cfg + cd ${GITHUB_WORKSPACE}/Pilot cp ../tests/CI/pilot_newSchema.json pilot.json sed -i "s/VAR_JENKINS_SITE/DIRAC.Jenkins.ch/g" pilot.json sed -i "s/VAR_JENKINS_CE/jenkins-full.cern.ch/g" pilot.json @@ -252,7 +264,7 @@ jobs: g_job="testintegrationworkflow${GITHUB_JOB//-/}" pilotUUID="${g_job//_/}""$(shuf -i 2000-65000 -n 1)" pilotUUID=$(echo $pilotUUID | rev | cut -c 1-32 | rev) - python dirac-pilot.py -M 1 -S DIRAC-Certification -N jenkins-full.cern.ch -Q jenkins-queue_not_important -n DIRAC.Jenkins.ch --preinstalledEnvPrefix=/cvmfs/dirac.egi.eu/dirac --cert --certLocation=${GITHUB_WORKSPACE}/Pilot/etc/grid-security --wnVO=${{ matrix.VO }} -o cvmfsOnly --pilotUUID="${pilotUUID}" --debug + X509_USER_PROXY=$pilot_proxy_file python dirac-pilot.py -M 1 -S DIRAC-Certification -N jenkins-full.cern.ch -Q jenkins-queue_not_important -n DIRAC.Jenkins.ch --preinstalledEnvPrefix=/cvmfs/dirac.egi.eu/dirac --wnVO=${{ matrix.VO }} -o cvmfsOnly --pilotUUID="${pilotUUID}" --debug release_prod-cvmfs_matching_CEs: @@ -274,22 +286,23 @@ jobs: - name: Test CernVM-FS run: ls /cvmfs/dirac.egi.eu - - name: Retrieve the secret and decode it to a file + - name: Tests env: HOSTCERT_BASE64: ${{ secrets.HOSTCERT_BASE64 }} HOSTKEY_BASE64: ${{ secrets.HOSTKEY_BASE64 }} run: | - cd Pilot - mkdir -p etc/grid-security - echo "$HOSTCERT_BASE64" | base64 --decode > etc/grid-security/hostcert.pem - echo "$HOSTKEY_BASE64" | base64 --decode > etc/grid-security/hostkey.pem - chmod 440 etc/grid-security/hostcert.pem - chmod 400 etc/grid-security/hostkey.pem - - name: tests - run: | + mkdir -p ${GITHUB_WORKSPACE}/Client/etc/grid-security + cd ${GITHUB_WORKSPACE}/Client + echo "$HOSTCERT_BASE64" | base64 --decode > ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem + echo "$HOSTKEY_BASE64" | base64 --decode > ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem + chmod 440 ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem + chmod 400 ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem version=$(curl -s "https://api.github.com/repos/DIRACGrid/DIRAC/releases" | jq -r '.[].tag_name' | sort -V | grep 'a' | tail -n 1) - echo ${version} - cd Pilot + source /cvmfs/dirac.egi.eu/dirac/${version}/Linux-x86_64/diracosrc + pilot_proxy_file=$(mktemp) + dirac-configure --ConfigurationServer=https://lbcertifdirac70.cern.ch:9135/Configuration/Server --UseServerCertificate -o /DIRAC/Security/CertFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem -o /DIRAC/Security/KeyFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem --SkipCADownload -O config.cfg + dirac-admin-get-proxy atsareg dteam_pilot -o /DIRAC/Security/UseServerCertificate=yes -o /DIRAC/Security/CertFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem -o /DIRAC/Security/KeyFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem --out $pilot_proxy_file --cfg config.cfg + cd ${GITHUB_WORKSPACE}/Pilot cp ../tests/CI/pilot_newSchema.json pilot.json sed -i "s/VAR_JENKINS_SITE/DIRAC.Jenkins.ch/g" pilot.json sed -i "s/VAR_JENKINS_CE/${{ matrix.ce }}/g" pilot.json @@ -301,7 +314,7 @@ jobs: g_job="testintegrationworkflow${GITHUB_JOB//-/}" pilotUUID="${g_job//_/}""$(shuf -i 2000-65000 -n 1)" pilotUUID=$(echo $pilotUUID | rev | cut -c 1-32 | rev) - python dirac-pilot.py -M 1 -S DIRAC-Certification -N ${{ matrix.ce }} -Q jenkins-queue_not_important -n DIRAC.Jenkins.ch --preinstalledEnvPrefix=/cvmfs/dirac.egi.eu/dirac --StopAfterFailedMatches=1 --cert --certLocation=${GITHUB_WORKSPACE}/Pilot/etc/grid-security --wnVO=dteam -o cvmfsOnly --pilotUUID="${pilotUUID}" --debug + X509_USER_PROXY=$pilot_proxy_file python dirac-pilot.py -M 1 -N ${{ matrix.ce }} -Q jenkins-queue_not_important -n DIRAC.Jenkins.ch --preinstalledEnvPrefix=/cvmfs/dirac.egi.eu/dirac --StopAfterFailedMatches=1 --wnVO=dteam -o cvmfsOnly --pilotUUID="${pilotUUID}" --debug ################################## @@ -330,25 +343,26 @@ jobs: - name: Test CernVM-FS run: ls /cvmfs/lhcb.cern.ch - - name: Retrieve the secret and decode it to a file + - name: Tests env: HOSTCERT_BASE64: ${{ secrets.HOSTCERT_BASE64 }} HOSTKEY_BASE64: ${{ secrets.HOSTKEY_BASE64 }} - run: | - cd Pilot - mkdir -p etc/grid-security/ - echo "$HOSTCERT_BASE64" | base64 --decode > etc/grid-security/hostcert.pem - echo "$HOSTKEY_BASE64" | base64 --decode > etc/grid-security/hostkey.pem - chmod 440 etc/grid-security/hostcert.pem - chmod 400 etc/grid-security/hostkey.pem - - name: tests - env: X509_CERT_DIR: /cvmfs/lhcb.cern.ch/etc/grid-security/certificates X509_VOMS_DIR: /cvmfs/lhcb.cern.ch/etc/grid-security/vomsdir DIRAC_VOMSES: /cvmfs/lhcb.cern.ch/etc/grid-security/vomses run: | + mkdir -p ${GITHUB_WORKSPACE}/Client/etc/grid-security + cd ${GITHUB_WORKSPACE}/Client + echo "$HOSTCERT_BASE64" | base64 --decode > ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem + echo "$HOSTKEY_BASE64" | base64 --decode > ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem + chmod 440 ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem + chmod 400 ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem version=$(echo $(curl -s "https://gitlab.cern.ch/api/v4/projects/3588/releases") | jq -r '.[].name' | sort -V | grep -v 'a' | tail -n 1) - cd Pilot + source /cvmfs/lhcb.cern.ch/lhcbdirac/${version}/Linux-x86_64/diracosrc + pilot_proxy_file=$(mktemp) + dirac-configure --ConfigurationServer=https://lbcertifdirac70.cern.ch:9135/Configuration/Server --UseServerCertificate -o /DIRAC/Security/CertFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem -o /DIRAC/Security/KeyFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem --SkipCADownload -O config.cfg + X509_CERT_DIR="/cvmfs/lhcb.cern.ch/etc/grid-security/certificates" X509_VOMS_DIR="/cvmfs/lhcb.cern.ch/etc/grid-security/vomsdir" DIRAC_VOMSES="/cvmfs/lhcb.cern.ch/etc/grid-security/vomses" dirac-admin-get-proxy atsareg dteam_pilot -o /DIRAC/Security/UseServerCertificate=yes -o /DIRAC/Security/CertFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem -o /DIRAC/Security/KeyFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem --out $pilot_proxy_file --cfg config.cfg + cd ${GITHUB_WORKSPACE}/Pilot export VO_LHCB_SW_DIR=${GITHUB_WORKSPACE}/Pilot curl https://gitlab.cern.ch/lhcb-dirac/LHCbPilot/-/raw/${{ matrix.pilot_version }}/LHCbPilot/LHCbPilotCommands.py -o LHCbPilotCommands.py cp ../tests/CI/${{ matrix.pilot_schema }} pilot.json @@ -362,7 +376,7 @@ jobs: g_job="testintegrationworkflow${GITHUB_JOB//-/}" pilotUUID="${g_job//_/}""$(shuf -i 2000-65000 -n 1)" pilotUUID=$(echo $pilotUUID | rev | cut -c 1-32 | rev) - python dirac-pilot.py -M 1 -S DIRAC-Certification -N jenkins-lhcb.cern.ch -Q jenkins-queue_not_important -n DIRAC.Jenkins.ch -e LHCb -l LHCb -E LHCbPilot --architectureScript=dirac-architecture --cert --certLocation=${GITHUB_WORKSPACE}/Pilot/etc/grid-security --wnVO=LHCb -o lbRunOnly --pilotUUID="${pilotUUID}" --debug + X509_USER_PROXY=$pilot_proxy_file python dirac-pilot.py -M 1 -N jenkins-lhcb.cern.ch -Q jenkins-queue_not_important -n DIRAC.Jenkins.ch -e LHCb -l LHCb -E LHCbPilot --architectureScript=dirac-architecture --wnVO=LHCb -o lbRunOnly --pilotUUID="${pilotUUID}" --debug ext-lhcb_integration_dirac_installer_no_env: runs-on: ubuntu-latest @@ -383,21 +397,24 @@ jobs: - name: Test CernVM-FS run: ls /cvmfs/lhcb.cern.ch - - name: Retrieve the secret and decode it to a file + - name: Tests env: HOSTCERT_BASE64: ${{ secrets.HOSTCERT_BASE64 }} HOSTKEY_BASE64: ${{ secrets.HOSTKEY_BASE64 }} run: | - cd Pilot - mkdir -p etc/grid-security/ - echo "$HOSTCERT_BASE64" | base64 --decode > etc/grid-security/hostcert.pem - echo "$HOSTKEY_BASE64" | base64 --decode > etc/grid-security/hostkey.pem - chmod 440 etc/grid-security/hostcert.pem - chmod 400 etc/grid-security/hostkey.pem - - name: tests - run: | + mkdir -p ${GITHUB_WORKSPACE}/Client/etc/grid-security + cd ${GITHUB_WORKSPACE}/Client + echo "$HOSTCERT_BASE64" | base64 --decode > ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem + echo "$HOSTKEY_BASE64" | base64 --decode > ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem + chmod 440 ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem + chmod 400 ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem version=$(echo $(curl -s "https://gitlab.cern.ch/api/v4/projects/3588/releases") | jq -r '.[].name' | sort -V | grep -v 'a' | tail -n 1) - cd Pilot + source /cvmfs/lhcb.cern.ch/lhcbdirac/${version}/Linux-x86_64/diracosrc + pilot_proxy_file=$(mktemp) + dirac-configure --ConfigurationServer=https://lbcertifdirac70.cern.ch:9135/Configuration/Server --UseServerCertificate -o /DIRAC/Security/CertFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem -o /DIRAC/Security/KeyFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem --SkipCADownload -O config.cfg + dirac-admin-get-proxy atsareg dteam_pilot -o /DIRAC/Security/UseServerCertificate=yes -o /DIRAC/Security/CertFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem -o /DIRAC/Security/KeyFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem --out $pilot_proxy_file --cfg config.cfg + X509_CERT_DIR="/cvmfs/lhcb.cern.ch/etc/grid-security/certificates" X509_VOMS_DIR="/cvmfs/lhcb.cern.ch/etc/grid-security/vomsdir" DIRAC_VOMSES="/cvmfs/lhcb.cern.ch/etc/grid-security/vomses" dirac-admin-get-proxy atsareg dteam_pilot -o /DIRAC/Security/UseServerCertificate=yes -o /DIRAC/Security/CertFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem -o /DIRAC/Security/KeyFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem --out $pilot_proxy_file --cfg config.cfg + cd ${GITHUB_WORKSPACE}/Pilot curl https://lhcbdirac.s3.cern.ch/Pilot3/LHCbPilotCommands.py -o LHCbPilotCommands.py cp ../tests/CI/${{ matrix.pilot_schema }} pilot.json sed -i "s/VAR_JENKINS_SITE/DIRAC.Jenkins.ch/g" pilot.json @@ -410,7 +427,7 @@ jobs: g_job="testintegrationworkflow${GITHUB_JOB//-/}" pilotUUID="${g_job//_/}""$(shuf -i 2000-65000 -n 1)" pilotUUID=$(echo $pilotUUID | rev | cut -c 1-32 | rev) - python dirac-pilot.py -M 1 -S DIRAC-Certification -N ${{ matrix.ce }} -Q jenkins-queue_not_important -n DIRAC.Jenkins.ch -e LHCb -l LHCb -E LHCbPilot --preinstalledEnvPrefix=/cvmfs/lhcb.cern.ch/lhcbdirac/ --cert --certLocation=${GITHUB_WORKSPACE}/Pilot/etc/grid-security --wnVO=LHCb -o cvmfsOnly --pilotUUID="${pilotUUID}" --debug + X509_USER_PROXY=$pilot_proxy_file python dirac-pilot.py -M 1 -N ${{ matrix.ce }} -Q jenkins-queue_not_important -n DIRAC.Jenkins.ch -e LHCb -l LHCb -E LHCbPilot --preinstalledEnvPrefix=/cvmfs/lhcb.cern.ch/lhcbdirac/ --wnVO=LHCb -o cvmfsOnly --pilotUUID="${pilotUUID}" --debug ext-lhcb_integration_no_env: runs-on: ubuntu-latest @@ -431,21 +448,23 @@ jobs: - name: Test CernVM-FS run: ls /cvmfs/lhcb.cern.ch - - name: Retrieve the secret and decode it to a file + - name: tests env: HOSTCERT_BASE64: ${{ secrets.HOSTCERT_BASE64 }} HOSTKEY_BASE64: ${{ secrets.HOSTKEY_BASE64 }} run: | - cd Pilot - mkdir -p etc/grid-security/ - echo "$HOSTCERT_BASE64" | base64 --decode > etc/grid-security/hostcert.pem - echo "$HOSTKEY_BASE64" | base64 --decode > etc/grid-security/hostkey.pem - chmod 440 etc/grid-security/hostcert.pem - chmod 400 etc/grid-security/hostkey.pem - - name: tests - run: | + mkdir -p ${GITHUB_WORKSPACE}/Client/etc/grid-security + cd ${GITHUB_WORKSPACE}/Client + echo "$HOSTCERT_BASE64" | base64 --decode > ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem + echo "$HOSTKEY_BASE64" | base64 --decode > ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem + chmod 440 ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem + chmod 400 ${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem version=$(echo $(curl -s "https://gitlab.cern.ch/api/v4/projects/3588/releases") | jq -r '.[].name' | sort -V | grep -v 'a' | tail -n 1) - cd Pilot + source /cvmfs/lhcb.cern.ch/lhcbdirac/${version}/Linux-x86_64/diracosrc + pilot_proxy_file=$(mktemp) + dirac-configure --ConfigurationServer=https://lbcertifdirac70.cern.ch:9135/Configuration/Server --UseServerCertificate -o /DIRAC/Security/CertFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem -o /DIRAC/Security/KeyFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem --SkipCADownload -O config.cfg + dirac-admin-get-proxy atsareg dteam_pilot -o /DIRAC/Security/UseServerCertificate=yes -o /DIRAC/Security/CertFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostcert.pem -o /DIRAC/Security/KeyFile=${GITHUB_WORKSPACE}/Client/etc/grid-security/hostkey.pem --out $pilot_proxy_file --cfg config.cfg + cd ${GITHUB_WORKSPACE}/Pilot curl https://gitlab.cern.ch/lhcb-dirac/LHCbPilot/-/raw/${{ matrix.pilot_version }}/LHCbPilot/LHCbPilotCommands.py -o LHCbPilotCommands.py cp ../tests/CI/${{ matrix.pilot_schema }} pilot.json sed -i "s/VAR_JENKINS_SITE/DIRAC.Jenkins.ch/g" pilot.json @@ -458,4 +477,4 @@ jobs: g_job="testintegrationworkflow${GITHUB_JOB//-/}" pilotUUID="${g_job//_/}""$(shuf -i 2000-65000 -n 1)" pilotUUID=$(echo $pilotUUID | rev | cut -c 1-32 | rev) - python dirac-pilot.py -M 1 -S DIRAC-Certification -N jenkins-lhcb.cern.ch -Q jenkins-queue_not_important -n DIRAC.Jenkins.ch -e LHCb -l LHCb -E LHCbPilot --preinstalledEnvPrefix=/cvmfs/lhcb.cern.ch/lhcbdirac/ --cert --certLocation=${GITHUB_WORKSPACE}/Pilot/etc/grid-security --wnVO=LHCb -o cvmfsOnly --pilotUUID="${pilotUUID}" --debug + X509_USER_PROXY=$pilot_proxy_file python dirac-pilot.py -M 1 -N jenkins-lhcb.cern.ch -Q jenkins-queue_not_important -n DIRAC.Jenkins.ch -e LHCb -l LHCb -E LHCbPilot --preinstalledEnvPrefix=/cvmfs/lhcb.cern.ch/lhcbdirac/ --wnVO=LHCb -o cvmfsOnly --pilotUUID="${pilotUUID}" --debug