diff --git a/cloud-info/Dockerfile b/cloud-info/Dockerfile index 1bea3bd..1a0dc22 100644 --- a/cloud-info/Dockerfile +++ b/cloud-info/Dockerfile @@ -10,13 +10,18 @@ RUN curl -s https://dist.eugridpma.info/distribution/igtf/current/GPG-KEY-EUGrid && apt-get install -y ca-policy-egi-core \ && rm -rf /var/lib/apt/lists/* +# Fedcloud client is pinning dependencies strictly so it does not play +# very well with the rest of the available venv. Installing on its own +RUN python -m venv /fedcloud && \ + /fedcloud/bin/pip install --no-cache-dir fedcloudclient + WORKDIR /cloud-info +COPY requirements.txt . + RUN python -m venv /cloud-info/venv ENV PATH="/cloud-info/venv/bin:$PATH" -COPY requirements.txt . - RUN pip install --no-cache-dir -r requirements.txt \ && cat /etc/grid-security/certificates/*.pem >> "$(python -m requests.certs)" @@ -37,7 +42,6 @@ RUN apt-get update \ jq rclone \ && rm -rf /var/lib/apt/lists/* - RUN mkdir /cloud-info \ && groupadd -g 1999 python \ && useradd -r -u 1999 -g python python \ @@ -47,6 +51,7 @@ WORKDIR /cloud-info # All the python code from the build image above COPY --chown=python:python --from=build /cloud-info/venv ./venv +COPY --chown=python:python --from=build /fedcloud /fedcloud # Add the scripts that call the cloud-info-provider as needed for the site # these create the configuration for the site by discovering the available # projects for the credentials and will send the output to the AMS queue and diff --git a/cloud-info/ams-wrapper.sh b/cloud-info/ams-wrapper.sh index 36e8596..36693e9 100755 --- a/cloud-info/ams-wrapper.sh +++ b/cloud-info/ams-wrapper.sh @@ -96,16 +96,17 @@ if test -s cloud-info.json; then OIDC_ACCESS_TOKEN=$(yq -r '.checkin.access_token' <"$ACCESS_TOKEN_FILE") export OIDC_ACCESS_TOKEN export EGI_VO="$SWIFT_VO_NAME" - SWIFT_URL=$(fedcloud openstack \ + SWIFT_URL=$(/fedcloud/bin/fedcloud openstack \ --site "$SWIFT_SITE_NAME" \ catalog show swift -f json | jq -r '(.endpoints[] | select(.interface=="public")).url') export RCLONE_CONFIG_REMOTE_TYPE="swift" export RCLONE_CONFIG_REMOTE_ENV_AUTH="false" export RCLONE_CONFIG_REMOTE_STORAGE_URL="$SWIFT_URL" - eval "$(fedcloud site env --site "$SWIFT_SITE_NAME")" + eval "$(/fedcloud/bin/fedcloud site env --site "$SWIFT_SITE_NAME")" export RCLONE_CONFIG_REMOTE_AUTH_URL="$OS_AUTH_URL" - OS_AUTH_TOKEN=$(fedcloud openstack --site "$SWIFT_SITE_NAME" token issue -c id -f value) + OS_AUTH_TOKEN=$(/fedcloud/bin/fedcloud openstack \ + --site "$SWIFT_SITE_NAME" token issue -c id -f value) export RCLONE_CONFIG_REMOTE_AUTH_TOKEN="$OS_AUTH_TOKEN" rclone mkdir "remote:$SWIFT_CONTAINER_NAME" rclone copy cloud-info.json "remote:$SWIFT_CONTAINER_NAME/$SITE_NAME"