kbase · bio-boris · Oct 31, 2022 · Oct 31, 2022 · Oct 31, 2022 · Oct 31, 2022
diff --git a/.github/workflows/manual-build.yml b/.github/workflows/manual-build.yml
@@ -0,0 +1,11 @@
+---
+name: Manual Build & Push
+on:
+ workflow_dispatch:
+jobs:
+  build-push:
+    uses: kbase/.github/.github/workflows/reusable_build-push.yml@main
+    with:
+      name: '${{ github.event.repository.name }}-develop'
+      tags: br-${{ github.ref_name }}
+    secrets: inherit
diff --git a/Dockerfile b/Dockerfile
@@ -1,41 +1,7 @@
-FROM htcondor/cm:9.11-el7
+FROM htcondor/cm:9.12.0-el7
+RUN useradd -m condor_pool && usermod -a -G condor condor_pool
 
-# These ARGs values are passed in via the docker build command
-ARG BUILD_DATE
-ARG VCS_REF
-ARG BRANCH=develop
-
-
-# Get commonly used utilities
-RUN yum -y install deltarpm
-RUN yum -y update && yum upgrade -y 
-RUN yum -y install epel-release wget which git deltarpm gcc libcgroup libcgroup-tools stress-ng
-
-# Install DOCKERIZE
-RUN curl -o /tmp/dockerize.tgz https://raw.githubusercontent.com/kbase/dockerize/dist/dockerize-linux-amd64-v0.5.0.tar.gz && \
-      cd /usr/bin && \
-      tar xvzf /tmp/dockerize.tgz && \
-      rm /tmp/dockerize.tgz
-
-#ADD DIRS
-RUN mkdir -p /var/run/condor && mkdir -p /var/log/condor && mkdir -p /var/lock/condor && mkdir -p /var/lib/condor/execute
-
-COPY deployment/conf /etc/condor/
-COPY deployment/bin/start-condor.sh /usr/sbin/start-condor.sh
-RUN adduser condor_pool
-RUN mkdir -p /usr/local/condor/run/condor /usr/local/condor/log/condor /usr/local/condor/lock/condor /usr/local/condor/lib/condor/spool /usr/local/condor/lib/condor/execute
-
-
-# The BUILD_DATE value seem to bust the docker cache when the timestamp changes, move to
-# the end
-LABEL org.label-schema.build-date=$BUILD_DATE \
-      org.label-schema.vcs-url="https://github.com/kbase/condor.git" \
-      org.label-schema.vcs-ref=$VCS_REF \
-      org.label-schema.schema-version="1.0.0-rc1" \
-      us.kbase.vcs-branch=$BRANCH \
-      maintainer="Steve Chan sychan@lbl.gov"
-
-ENTRYPOINT [ "/usr/bin/dockerize" ]
-CMD [ "-template", "/etc/condor/.templates/condor_config.local.templ:/etc/condor/condor_config.local", \
-      "-stdout", "/var/log/condor/SchedLog", \
-      "/usr/sbin/start-condor.sh" ]
+COPY pre-exec.sh /root/config/pre-exec.sh
+COPY health_check.sh /health_check.sh
+# See https://www-auth.cs.wisc.edu/lists/htcondor-users/2014-August/msg00044.shtml
+COPY kbase_central_manager.conf /etc/condor/condor_config.local
diff --git a/README.md b/README.md
@@ -1,9 +1,27 @@
-# condor
+# Condor Central Manager and Schedd
 
-KBase specific Condor scheduler image.
+KBase specific condor scheduler image.
 Based on the htcondor/cm:9.X images
 
-## Supported ENV Variables
+## New behavior
+* Copy credentials from environment into correct place as per the [docs](https://github.com/htcondor/htcondor/tree/main/build/docker/services#providing-additional-configuration)
+* Enabled the `SCHEDD` to run in the same container as the `COLLECTOR` 
+
+# Supported ENV Variables used by [pre-exec.sh](deployment/bin/pre-exec.sh)
+
+
+- `CONDOR_CONFIG_FILEPATH` - A path to a configfile to be copied into /etc/condor/condor_config.local 
+- `POOL_PASSWORD` - The password for the condor pool (to be deprecated by token) 
+- `JWT_TOKEN` - CM Token created by `condor_token_create -identity condor-central-manager`
+- `SCHEDD_HOST` - If Present, then `SCHEDD` added to `DAEMON_LIST`
+
+
+# ENV Vars used by [start.sh](https://github.com/htcondor/htcondor/blob/fa22cbcdc2c66c63d1f5a78a45606125aa44e165/build/docker/services-rhel/base/start.sh)
+
+* `CONDOR_SERVICE_HOST` "${CONDOR_SERVICE_HOST:-${CONDOR_HOST:-\$(FULL_HOSTNAME)}}" 
+* `CONDOR_HOST` "${CONDOR_SERVICE_HOST:-${CONDOR_HOST:-\$(FULL_HOSTNAME)}}" 
+* `NUM_CPU` "${NUM_CPUS:-1}" \
+* `MEMORY` "${MEMORY:-1024}" \
+* `RESERVED_DISK` "${RESERVED_DISK:-1024}" \
+* `USE_POOL_PASSWORD` "${USE_POOL_PASSWORD:-no}"
 
-- CONDOR_CONFIG_FILEPATH - A path to a configfile to be copied into /etc/condor/condor_config.local
-- POOL_PASSWORD - The password for the condor pool (to be deprecated by token)
diff --git a/deployment/bin/start-condor.sh b/deployment/bin/start-condor.sh
diff --git a/deployment/conf/.templates/condor_config.local.templ b/deployment/conf/.templates/condor_config.local.templ
diff --git a/deployment/conf/condor_config b/deployment/conf/condor_config
diff --git a/deployment/conf/condor_ssh_to_job_sshd_config_template b/deployment/conf/condor_ssh_to_job_sshd_config_template
diff --git a/deployment/conf/config.d/condor_config.docker_image b/deployment/conf/config.d/condor_config.docker_image
diff --git a/deployment/conf/config.d/shared_port.config b/deployment/conf/config.d/shared_port.config
diff --git a/generate_ids.sh b/generate_ids.sh
@@ -0,0 +1,11 @@
+#!/usr/bin/env bash
+# Example of how to generate ids using the autogenerated signing key
+UID_DOMAIN=condor.staging.kbase.us
+condor_token_create -identity kbase_workers@${UID_DOMAIN} -token kbase_workers
+condor_token_create -identity nersc_workers@${UID_DOMAIN} -token nersc_workers
+condor_token_create -identity rest_api@${UID_DOMAIN} -token rest_api
+condor_token_create -identity condor_stats@${UID_DOMAIN} -token condor_stats
+
+#Used in EE2 Submit
+condor_token_create -identity condor_pool@${UID_DOMAIN} -token condor_pool
+
diff --git a/health_check.sh b/health_check.sh
@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+# This can be run by postStart to see if required variables have been set
+
+: "${UID_DOMAIN:?Variable not set or empty}"
+: "${CONDOR_JWT_TOKEN:?Variable not set or empty}"
diff --git a/hooks/build b/hooks/build