Automated Tests‎ > ‎

GridshibCA Buildbot Deployment

Buildbot Accounts

  • buildmaster: Drives the tests.
    • buildbot process runs under this account started by /etc/init.d/buildbot
    • ~buildmaster/Buildbot/master.cfg is the master configuration file. This contains a list of buildslaves to use to drive tests (currently only localhost). It includes ~buildmaster/Buildbot/gridshib-ca-buildbot.cfg and ~buildmaster/Buildbot/gridshib-buildbot.cfg
    • ~buildmaster/Buildbot/gridshib-ca-buildbot.cfg is the configuration for gridshib-ca tests. This file should be a copy of gridshib-ca/buildbot/gridshib-ca-buildbot.cfg from cvs.
    • ~buildmaster/Buildbot/gridshib-buildbot.cfg is the configuration for gridshib tests other than gridshib-ca tests. It currently is not tracked in version control (but probably should be).
  • buildslave: Account in which tests run. Builds can be found in ~buildslave/Buildbot/
    • ~buildslave/.gridshib-buildbotrc contains configuration read by buildbot/gridshib-ca-test.sh which is specific to this host. It is source by gridshib-ca-test.sh when it runs.
    • The buildslave  account could be on a different host or additional buildslaves could be added on other hosts.

MyProxy Deployment

MyProxy is used for testing the MyProxy-backed GridShib-CA tests. Globus is deployed in /usr/local/globus (this directory is actually a symlink to a version-specific deployment directory). The myproxy-server daemon is run from this directory and should be automatically started by /etc/init.d/myproxy.

A SimpleCA is deployed in /root/.globus/simpleCA/ with a password on its private key of "buildbot". This is the CA credentials also used by the MyProxy CA.

MyProxy client credentials are in ~buildslave/.globus with a distinguished name of /O=Grid/OU=GlobusTest/OU=simpleCA-buildbot.ncsa.uiuc.edu/OU=ncsa.uiuc.edu/CN=BuildSlave. The private key for these credentials is not encrypted.

The myproxy-mapappl.pl script used by the MyProxy CA is installed in /usr/local/bin. This script is configured to allow any requested DN (i.e. the namespace is "/").

Comments