Install OSG certificates in xrootd did finder container (#1130)

Author: ponyisi

did_finder_xrootd/Dockerfile

@@ -1,4 +1,4 @@
-FROM python:3.10
+FROM debian:trixie
 
 LABEL maintainer="Peter Onyisi <[email protected]>"
 
@@ -11,9 +11,8 @@ RUN useradd -g 0 -ms /bin/bash celery
 ENV  POETRY_VERSION=2.1.1
 
 RUN apt-get update && \
-    apt-get install cmake --no-install-recommends --assume-yes
+    apt-get install cmake osg-ca-certs python3-poetry python3-dev build-essential uuid-dev libssl-dev --no-install-recommends --assume-yes
 
-RUN pip install poetry==$POETRY_VERSION
 RUN mkdir -p /opt/servicex/pypoetry
 COPY pyproject.toml pyproject.toml
 COPY poetry.lock poetry.lock
@@ -39,6 +38,8 @@ ENV PYTHONUNBUFFERED=1
 ENV PYTHONPATH=/opt/servicex/src
 
 ENV BROKER_URL="amqp://guest:guest@localhost:5672//"
+ENV X509_USER_PROXY=/etc/grid-security-ro/x509up
+ENV X509_CERT_DIR=/etc/grid-security/certificates
 
 
 ENTRYPOINT [ "scripts/start_celery_worker.sh"]

did_finder_xrootd/poetry.lock

@@ -9,7 +9,7 @@ packages = [{include = "src/servicex_did_finder_xrootd"}]
 [tool.poetry.dependencies]
 python = ">=3.10,<4.0"
 servicex-did-finder-lib = "^3.0.0"
-xrootd = ">=5.6.9"
+xrootd = ">=5.8.3"
 
 [tool.poetry.group.test]
 optional = true

did_finder_xrootd/pyproject.toml

@@ -39,4 +39,17 @@ spec:
           - name: BROKER_URL
             value: amqp://user:{{ .Values.rabbitmq.auth.password }}@{{ .Release.Name }}-rabbitmq:5672/%2F
         {{- end }}
+        {{ if not .Values.noCerts}}
+        volumeMounts:
+          - name: x509-secret
+            mountPath: /etc/grid-security-ro
+            readOnly: true
+        {{- end }}
+      {{ if not .Values.noCerts}}
+      volumes:
+        - name: x509-secret
+          secret:
+            defaultMode: 292
+            secretName: x509-proxy
+      {{- end }}
 {{ end }}