build(docker): fix WLCG VOMS support (#29)

Fixes WLCG VOMS support files now that WLCG IAM instance is in production. Closes #28
reanahub · Jul 4, 2024 · 1fb9cf4 · 1fb9cf4
1 parent 6e12794
commit 1fb9cf4
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 17 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,32 +1,43 @@
-FROM docker.io/cern/cc7-base:20220601-1
+FROM docker.io/cern/cc7-base:20240611-1
 
 ARG DATE
 ARG VERSION
 
-LABEL org.opencontainers.image.created="${DATE}"
-LABEL org.opencontainers.image.authors='team@reanahub.io'
-LABEL org.opencontainers.image.url='https://github.com/reanahub/reana-auth-vomsproxy'
-LABEL org.opencontainers.image.documentation='https://github.com/reanahub/reana-auth-vomsproxy/blob/master/README.md'
-LABEL org.opencontainers.image.version="${VERSION}"
-LABEL org.opencontainers.image.vendor='reanahub'
-LABEL org.opencontainers.image.title='Image to either set up VOMS proxy or optionally create it'
-LABEL org.opencontainers.image.description='Requires either VOMS proxy file or a valid Grid certificate to create it'
-
 COPY ca.repo /etc/yum.repos.d/ca.repo
 COPY wlcg-centos7.repo /etc/yum.repos.d/wlcg-centos7.repo
 COPY RPM-GPG-KEY-wlcg /etc/pki/rpm-gpg/RPM-GPG-KEY-wlcg
 
 # hadolint ignore=DL3033
 RUN yum install -y \
-    wget libffi-devel openssl-devel \
-    python-pip gfal2-all gfal2-util \
-    CERN-CA-certs voms-clients-java \
-    ca-policy-egi-core wlcg-voms-cms \
-    wlcg-voms-atlas wlcg-voms-alice \
-    wlcg-voms-lhcb && \
+      CERN-CA-certs \
+      ca-policy-egi-core \
+      gfal2-all \
+      gfal2-util \
+      libffi-devel \
+      openssl-devel \
+      python-pip \
+      voms-clients-java \
+      wget \
+      wlcg-iam-lsc-alice \
+      wlcg-iam-lsc-atlas \
+      wlcg-iam-lsc-cms \
+      wlcg-iam-lsc-lhcb \
+      wlcg-iam-vomses-alice \
+      wlcg-iam-vomses-atlas \
+      wlcg-iam-vomses-cms \
+      wlcg-iam-vomses-lhcb && \
     yum clean all
 
 # Add support for ESCAPE VOMS
 RUN wget -q https://indigo-iam.github.io/escape-docs/voms-config/voms-escape.cloud.cnaf.infn.it.vomses -O /etc/vomses/voms-escape.cloud.cnaf.infn.it.vomses
 RUN mkdir -p /etc/grid-security/vomsdir/escape \
     && wget -q https://indigo-iam.github.io/escape-docs/voms-config/voms-escape.cloud.cnaf.infn.it.lsc -O /etc/grid-security/vomsdir/escape/voms-escape.cloud.cnaf.infn.it.lsc
+
+LABEL org.opencontainers.image.created="${DATE}"
+LABEL org.opencontainers.image.authors='team@reanahub.io'
+LABEL org.opencontainers.image.url='https://github.com/reanahub/reana-auth-vomsproxy'
+LABEL org.opencontainers.image.documentation='https://github.com/reanahub/reana-auth-vomsproxy/blob/master/README.md'
+LABEL org.opencontainers.image.version="${VERSION}"
+LABEL org.opencontainers.image.vendor='reanahub'
+LABEL org.opencontainers.image.title='Image to either set up VOMS proxy or optionally create it'
+LABEL org.opencontainers.image.description='Requires either VOMS proxy file or a valid Grid certificate to create it'
diff --git a/README.md b/README.md
@@ -40,7 +40,7 @@ Inside the container a VOMS proxy can be obtained by specifying the Virtual Orga
 for example via:
 
 ```console
-$ voms-proxy-init --voms cms
+[root@b4d354b65688 /]# voms-proxy-init --voms cms
 ```
 
 ## Configuration
@@ -58,6 +58,10 @@ credentials, this requires additional information and inputs:
 
 ## Changes
 
+### Version 1.2.1 (UNRELEASED)
+
+- Fixes WLCG VOMS support now that WLCG IAM instance is in production.
+
 ### Version 1.2.0 (2022-10-11)
 
 - Changes documentation to better expose two usage modes, the client-side and the