Migrate the OSPool token issuer to the OSG image build repo #83
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change | ||||||
|---|---|---|---|---|---|---|---|---|
| @@ -0,0 +1,99 @@ | ||||||||
| FROM hub.opensciencegrid.org/opensciencegrid/software-base:3.6-el8-release | ||||||||
|
|
||||||||
| RUN yum install -y curl java-11-openjdk java-11-openjdk-devel | ||||||||
|
There was a problem hiding this comment.
Suggested change
a good habit to be in, although the space used by tomcat probably dwarfs the space from not clearing the yum cache. |
||||||||
|
|
||||||||
| # Download and install tomcat | ||||||||
| RUN useradd -r -s /sbin/nologin tomcat ;\ | ||||||||
| mkdir -p /opt/tomcat ;\ | ||||||||
| curl -s -L https://archive.apache.org/dist/tomcat/tomcat-9/v9.0.69/bin/apache-tomcat-9.0.69.tar.gz | tar -zxf - -C /opt/tomcat --strip-components=1 ;\ | ||||||||
| chgrp -R tomcat /opt/tomcat/conf ;\ | ||||||||
| chmod g+rwx /opt/tomcat/conf ;\ | ||||||||
| chmod g+r /opt/tomcat/conf/* ;\ | ||||||||
| chown -R tomcat /opt/tomcat/logs/ /opt/tomcat/temp/ /opt/tomcat/webapps/ /opt/tomcat/work/ ;\ | ||||||||
| chgrp -R tomcat /opt/tomcat/bin /opt/tomcat/lib ;\ | ||||||||
| chmod g+rwx /opt/tomcat/bin ;\ | ||||||||
| chmod g+r /opt/tomcat/bin/* | ||||||||
|
|
||||||||
| ADD server.xml /opt/tomcat/conf/server.xml | ||||||||
| RUN chgrp -R tomcat /opt/tomcat/conf/server.xml ;\ | ||||||||
| chmod go+r /opt/tomcat/conf/server.xml | ||||||||
|
|
||||||||
| ARG TOMCAT_ADMIN_USERNAME=admin | ||||||||
| ARG TOMCAT_ADMIN_PASSWORD=password | ||||||||
| ADD tomcat-users.xml.tmpl /opt/tomcat/conf/tomcat-users.xml.tmpl | ||||||||
| RUN sed s+TOMCAT_ADMIN_USERNAME+${TOMCAT_ADMIN_USERNAME}+g /opt/tomcat/conf/tomcat-users.xml.tmpl | sed s+TOMCAT_ADMIN_PASSWORD+${TOMCAT_ADMIN_PASSWORD}+g > /opt/tomcat/conf/tomcat-users.xml ;\ | ||||||||
| chgrp tomcat /opt/tomcat/conf/tomcat-users.xml | ||||||||
|
|
||||||||
| ARG TOMCAT_ADMIN_IP=127.0.0.1 | ||||||||
|
Comment on lines
+21
to
+27
There was a problem hiding this comment. This hurts my eyes. Can you please add a comment to the file explaining why baking the admin credentials into the image like this is OK? |
||||||||
| ADD manager.xml.tmpl /opt/tomcat/conf/Catalina/localhost/manager.xml.tmpl | ||||||||
| RUN sed s+TOMCAT_ADMIN_IP+${TOMCAT_ADMIN_IP}+g /opt/tomcat/conf/Catalina/localhost/manager.xml.tmpl > /opt/tomcat/conf/Catalina/localhost/manager.xml ;\ | ||||||||
| chgrp -R tomcat /opt/tomcat/conf/Catalina | ||||||||
|
|
||||||||
| COPY --chown=tomcat:tomcat scitokens-server /opt | ||||||||
| #COPY target/oauth2.war /opt/tomcat/webapps/scitokens-server.war | ||||||||
| RUN \ | ||||||||
| curl -s -L https://github.com/ncsa/OA4MP/releases/download/v5.2.9.0/oauth2.war > /opt/tomcat/webapps/scitokens-server.war ;\ | ||||||||
| mkdir -p /opt/tomcat/webapps/scitokens-server ;\ | ||||||||
| cd /opt/tomcat/webapps/scitokens-server ;\ | ||||||||
| jar -xf ../scitokens-server.war ;\ | ||||||||
| chgrp -R tomcat /opt/tomcat/webapps/scitokens-server ;\ | ||||||||
| mkdir -p /opt/tomcat/var/storage/scitokens-server ;\ | ||||||||
| chown -R tomcat:tomcat /opt/tomcat/var/storage/scitokens-server ;\ | ||||||||
| rm -rf /opt/tomcat/webapps/ROOT /opt/tomcat/webapps/docs /opt/tomcat/webapps/examples /opt/tomcat/webapps/host-manager /opt/tomcat/webapps/manager | ||||||||
| COPY --chown=tomcat:tomcat scitokens-server/web.xml /opt/tomcat/webapps/scitokens-server/WEB-INF/web.xml | ||||||||
| RUN chmod 644 /opt/tomcat/webapps/scitokens-server/WEB-INF/web.xml | ||||||||
|
|
||||||||
| # need to put the java mail jar into the tomcat lib directory | ||||||||
| RUN curl -s -L https://github.com/javaee/javamail/releases/download/JAVAMAIL-1_6_2/javax.mail.jar > /opt/tomcat/lib/javax.mail.jar | ||||||||
|
|
||||||||
| # Make JWK a volume mount | ||||||||
| RUN mkdir -p /opt/scitokens-server/bin && mkdir -p /opt/scitokens-server/etc && mkdir -p /opt/scitokens-server/etc/templates && mkdir -p /opt/scitokens-server/lib && mkdir -p /opt/scitokens-server/log && mkdir -p /opt/scitokens-server/var/qdl/scitokens && mkdir -p /opt/scitokens-server/var/storage/file_store | ||||||||
|
|
||||||||
| # Make server configuration a volume mount | ||||||||
| ADD scitokens-server/etc/server-config.xml /opt/scitokens-server/etc/server-config.xml.tmpl | ||||||||
| ADD scitokens-server/etc/proxy-config.xml /opt/scitokens-server/etc/proxy-config.xml.tmpl | ||||||||
|
|
||||||||
| ADD scitokens-server/bin/scitokens-cli /opt/scitokens-server/bin/scitokens-cli | ||||||||
| #COPY target/oa2-cli.jar /opt/scitokens-server/lib/scitokens-cli.jar | ||||||||
| RUN \ | ||||||||
| curl -L -s https://github.com/ncsa/OA4MP/releases/download/v5.2.9.0/oa2-cli.jar >/opt/scitokens-server/lib/scitokens-cli.jar ;\ | ||||||||
| chmod +x /opt/scitokens-server/bin/scitokens-cli | ||||||||
|
|
||||||||
| ADD scitokens-server/etc/templates/client-template.xml /opt/scitokens-server/etc/templates/client-template.xml | ||||||||
| ADD scitokens-server/var/qdl/scitokens/ospool.qdl /opt/scitokens-server/var/qdl/scitokens/ospool.qdl | ||||||||
| ADD scitokens-server/var/qdl/scitokens/comanage.qdl /opt/scitokens-server/var/qdl/scitokens/comanage.qdl | ||||||||
| RUN chgrp tomcat /opt/scitokens-server/var/qdl/scitokens/{ospool,comanage}.qdl | ||||||||
| RUN ln -s /usr/lib64/libapr-1.so.0 /opt/tomcat/lib/libapr-1.so.0 | ||||||||
|
|
||||||||
| # QDL support 21-01-2021 | ||||||||
| RUN curl -L -s https://github.com/ncsa/OA4MP/releases/download/v5.2.9.0/oa2-qdl-installer.jar >/tmp/oa2-qdl-installer.jar ;\ | ||||||||
| java -jar /tmp/oa2-qdl-installer.jar -dir /opt/qdl | ||||||||
|
|
||||||||
| RUN mkdir -p /opt/qdl/var/scripts | ||||||||
|
|
||||||||
| ADD qdl/etc/qdl.properties /opt/qdl/etc/qdl.properties | ||||||||
| ADD qdl/etc/qdl-cfg.xml /opt/qdl/etc/qdl-cfg.xml | ||||||||
|
|
||||||||
| ADD qdl/var/scripts/boot.qdl /opt/qdl/var/scripts/boot.qdl | ||||||||
| RUN chmod +x /opt/qdl/var/scripts/boot.qdl | ||||||||
|
|
||||||||
| ADD qdl/bin/qdl /opt/qdl/bin/qdl | ||||||||
| RUN chmod +x /opt/qdl/bin/qdl | ||||||||
|
|
||||||||
| ADD qdl/bin/qdl-run /opt/qdl/bin/qdl-run | ||||||||
| RUN chmod +x /opt/qdl/bin/qdl-run | ||||||||
| # END QDL support | ||||||||
|
|
||||||||
| ENV JAVA_HOME=/usr/lib/jvm/jre | ||||||||
| ENV CATALINA_PID=/opt/tomcat/temp/tomcat.pid | ||||||||
| ENV CATALINA_HOME=/opt/tomcat | ||||||||
| ENV CATALINA_BASE=/opt/tomcat | ||||||||
| ENV CATALINA_OPTS="-Xms512M -Xmx1024M -server -XX:+UseParallelGC" | ||||||||
| ENV JAVA_OPTS="-Djava.awt.headless=true -Djava.security.egd=file:/dev/./urandom -Djava.library.path=/opt/tomcat/lib" | ||||||||
| ENV ST_HOME="/opt/scitokens-server" | ||||||||
| ENV QDL_HOME="/opt/qdl" | ||||||||
| ENV PATH="${ST_HOME}/bin:${QDL_HOME}/bin:${PATH}" | ||||||||
|
|
||||||||
| #RUN "${QDL_HOME}/var/scripts/boot.qdl" | ||||||||
| ADD start.sh /start.sh | ||||||||
| CMD ["/start.sh"] | ||||||||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| <Context privileged="true" antiResourceLocking="false" | ||
| docBase="${catalina.home}/webapps/manager"> | ||
| <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|TOMCAT_ADMIN_IP" /> | ||
| </Context> | ||
|
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| # The script to invoke the QDL interpreter. | ||
| CFG_FILE="$QDL_HOME/etc/qdl-cfg.xml" | ||
| CFG_NAME="oa2-dev" | ||
| QDL_JAR="$QDL_HOME/lib/qdl.jar" | ||
|
|
||
| cfgFile=${1:-$CFG_FILE} | ||
| cfgName=${2:-$CFG_NAME} | ||
|
|
||
| java -cp $QDL_JAR edu.uiuc.ncsa.qdl.workspace.QDLWorkspace -cfg $cfgFile -name $cfgName -home_dir $QDL_HOME |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| # The script to invoke the QDL interpreter. | ||
|
|
||
| CFG_FILE="$QDL_HOME/etc/qdl-cfg.xml" | ||
| CFG_NAME="run-it" | ||
| QDL_JAR="$QDL_HOME/lib/qdl.jar" | ||
|
|
||
| java -cp $QDL_JAR edu.uiuc.ncsa.qdl.workspace.QDLWorkspace -cfg $CFG_FILE -name $CFG_NAME -home_dir $QDL_HOME -run "$@" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,109 @@ | ||
| <config> | ||
| <qdl name="oa2-dev" | ||
| enabled="true" | ||
| server_mode="false" | ||
| numeric_digits="15" | ||
| compressOn="false" | ||
| script_path="vfs#/scripts/" | ||
| module_path="/opt/qdl/var/modules/"> | ||
| <workspace verbose="true" | ||
| echoModeOn="true" | ||
| autosaveOn="true" | ||
| editor_name="line" | ||
| use_editor="true" | ||
| save_dir="/opt/qdl/var/ws" | ||
| showBanner = "false" | ||
| autosaveInterval="300000" | ||
| prettyPrint="true"> | ||
| <home_dir>/opt/qdl</home_dir> | ||
| <env>etc/qdl.properties</env> | ||
| </workspace> | ||
|
|
||
| <editors> | ||
| <editor | ||
| name="nano" | ||
| exec="/bin/nano"/> | ||
| <editor | ||
| name="vi" | ||
| exec="/bin/vi"/> | ||
| </editors> | ||
| <logging | ||
| logFileName="/opt/qdl/log/qdl.log" | ||
| logName="qdl" | ||
| disableLog4j="true" | ||
| logSize="100000" | ||
| logFileCount="2" | ||
| debug="true"/> | ||
| <virtual_file_systems> | ||
| <vfs type="pass_through" | ||
| access="rw"> | ||
| <root_dir>/opt/scitokens-server/var/qdl</root_dir> | ||
| <scheme><![CDATA[vfs]]></scheme> | ||
| <mount_point>/scripts</mount_point> | ||
| </vfs> | ||
| </virtual_file_systems> | ||
| <modules> | ||
| <module type="java" | ||
| import_on_start="true"> | ||
| <class_name>edu.uiuc.ncsa.myproxy.oa4mp.qdl.OA2QDLLoader</class_name> | ||
| </module> | ||
| <module type="java" | ||
| import_on_start="true"> | ||
| <class_name>edu.uiuc.ncsa.oa2.qdl.QDLToolsLoader</class_name> | ||
| </module> | ||
| <module type="java" | ||
| import_on_start="false"> | ||
| <class_name>edu.uiuc.ncsa.oa2.qdl.storage.StoreAccessLoader</class_name> | ||
| </module> | ||
| <module type="qdl" | ||
| import_on_start="true"> | ||
| <path>/opt/qdl/etc/modules/math-x.mdl</path> | ||
| </module> | ||
| <module type="qdl" | ||
| import_on_start="true"> | ||
| <path>/opt/qdl/etc/modules/ext.mdl</path> | ||
| </module> | ||
| </modules> | ||
|
|
||
| </qdl> | ||
| <qdl name="run-it" | ||
| enabled="true" | ||
| server_mode="false"> | ||
| <workspace verbose="false" | ||
| echoModeOn="false" | ||
| prettyPrint="false"> | ||
| <home_dir>/opt/qdl</home_dir> | ||
| <env>etc/qdl.properties</env> | ||
| </workspace> | ||
|
|
||
| <logging | ||
| logFileName="/opt/qdl/log/qdl.log" | ||
| logName="qdl" | ||
| disableLog4j="true" | ||
| logSize="100000" | ||
| logFileCount="2" | ||
| debug="false"/> | ||
| <modules> | ||
| <module type="java" | ||
| import_on_start="true"> | ||
| <class_name>edu.uiuc.ncsa.myproxy.oa4mp.qdl.OA2QDLLoader</class_name> | ||
| </module> | ||
| <module type="java" | ||
| import_on_start="true"> | ||
| <class_name>edu.uiuc.ncsa.oa2.qdl.QDLToolsLoader</class_name> | ||
| </module> | ||
| <module type="java" | ||
| import_on_start="false"> | ||
| <class_name>edu.uiuc.ncsa.oa2.qdl.storage.StoreAccessLoader</class_name> | ||
| </module> | ||
| <module type="qdl" | ||
| import_on_start="true"> | ||
| <path>/opt/qdl/etc/modules/math-x.mdl</path> | ||
| </module> | ||
| <module type="qdl" | ||
| import_on_start="true"> | ||
| <path>/opt/qdl/etc/modules/ext.mdl</path> | ||
| </module> | ||
| </modules> | ||
| </qdl> | ||
| </config> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,2 @@ | ||
| #Environment saved to "/opt/qdl/etc/qdl.properties" | ||
| #Basic properties file. This can be empty |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| include /opt/qdl/etc/qdl.nanorc-2.3.1 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,59 @@ | ||
| #! /usr/bin/env qdl-run | ||
|
|
||
| /* | ||
| Boot script in QDL to set up a new OA4MP issuer install. This is run exactly | ||
| once before the system is started the first time. This will read in all the | ||
| template files for clients in ${ST_HOME}/etc/templates and ingest them into | ||
| OA4MP's client store. | ||
| */ | ||
|
|
||
| assert[is_defined(os_env().'ST_HOME')]['Environment variable ST_HOME is not defined. Exiting...']; | ||
|
|
||
| st_home := os_env().'ST_HOME'; // get the scitokens home directory from the environment | ||
| // normalize the path. If it ends in a /, drop it for later use in strings. | ||
| st_home := '.*/' =~ st_home?substring(st_home,0,size(st_home)-1):st_home; | ||
| template_dir := st_home + '/etc/templates'; | ||
| /* | ||
| Set up access to the client store using the current server configuration. | ||
| */ | ||
| module_import('oa2:/qdl/store', 'clients'); | ||
| clients#init(st_home+'/etc/server-config.xml', 'scitokens-server', 'client'); | ||
|
|
||
|
|
||
| files. := dir(template_dir); | ||
| if[ | ||
| size(files.) == 0 | ||
| ][ | ||
| say('(no templates.)'); | ||
| return(); | ||
| ]; | ||
|
|
||
| files. := ~mask(files., '.*xml' =~ files.); // regex match on those that end in .xml | ||
| say('processing ' + size(files.) + ' templates from ' + template_dir); | ||
|
|
||
| while[ | ||
| for_next(t, files.) | ||
| ][ | ||
| template. := clients#from_xml(file_read(template_dir + '/' + t)); | ||
| if[ | ||
| !is_defined(template.'client_id') | ||
| ][ | ||
| say('warning -- file "' + t + '" is not a client template. skipping'); | ||
| ]else[ | ||
| // At this point we don't want to just overwrite an existing template since | ||
| // there may be customizations that the admin has added. | ||
| if[ | ||
| size(clients#read(template.'client_id')) == 0 | ||
| ][ | ||
| clients#save(template.); | ||
| ]else[ | ||
| say('Warning, but "' + t + '" already exists in the store. Update it manually. Skipping'); | ||
| ]; | ||
| ]; | ||
| ]; // end while | ||
|
|
||
| say('done!'); | ||
|
|
||
|
|
||
|
|
||
|
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change | ||||||
|---|---|---|---|---|---|---|---|---|
| @@ -0,0 +1 @@ | ||||||||
| java -jar /opt/scitokens-server/lib/jwt.jar -batch create_keys -single -o | ||||||||
|
There was a problem hiding this comment.
Suggested change
|
||||||||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change | ||||||
|---|---|---|---|---|---|---|---|---|
| @@ -0,0 +1,37 @@ | ||||||||
| # Run the OA4MP command processor. This will allow you to edit, create or remove | ||||||||
|
There was a problem hiding this comment.
Suggested change
|
||||||||
| # clients, approvals, users and archived users. You can also reset the counter and do copy | ||||||||
| # operations from one store to another | ||||||||
| # | ||||||||
| # The next 5 entries completely determine how this operates. Change these to whatever you want if | ||||||||
| # different from the standard install. | ||||||||
|
|
||||||||
| OA2_ROOT=/opt/scitokens-server | ||||||||
| DEFAULT_CONFIG=$OA2_ROOT/etc/server-config.xml | ||||||||
| DEFAULT_TARGET=scitokens-server | ||||||||
| oa2jar=$OA2_ROOT/lib/scitokens-cli.jar | ||||||||
| logFile=$OA2_ROOT/var/log/scitokens--cli.log | ||||||||
| DEFAULT_ENV=$OA2_ROOT/etc/cli.properties | ||||||||
|
|
||||||||
| # End of user serviceable parts. | ||||||||
|
|
||||||||
| if [[ "$1" = "--help" || $# -gt 2 ]];then | ||||||||
| echo "scitokens-server-cli [configName configFile environment"] | ||||||||
| echo "Start the OA4MP for OAuth2 command line admin tool with the" | ||||||||
| echo "given configuration name in the given configuration file (full path)." | ||||||||
| echo "No arguments means to use the config named '$DEFAULT_TARGET' in the file '$DEFAULT_CONFIG'" | ||||||||
| echo "and to try and load the '$DEFAULT_ENV' as the environment." | ||||||||
| echo "One argument is assumed to be the configuration name in the default config file." | ||||||||
| exit 1 | ||||||||
| fi | ||||||||
|
|
||||||||
| target=${1:-$DEFAULT_TARGET} | ||||||||
| adminCfg=${2:-$DEFAULT_CONFIG} | ||||||||
| env=${3:-$DEFAULT_ENV} | ||||||||
|
|
||||||||
| java -jar $oa2jar -cfg $adminCfg -name $target -log $logFile -v -set_env $env | ||||||||
|
|
||||||||
| if [ $? != 0 ]; then | ||||||||
| exit 1 | ||||||||
| fi | ||||||||
|
|
||||||||
| exit 0 | ||||||||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| <config> | ||
| <client name="proxy-client"> | ||
| <logging | ||
| logFileName="/tmp/oa4mp-oauth2-fs-client.xml" | ||
| logName="oa4mp" | ||
| logSize="100000" | ||
| logFileCount="2" | ||
| debug="true"/> | ||
| <id>{CLIENT_ID}</id> | ||
| <secret>{CLIENT_SECRET}</secret> | ||
| <callbackUri>https://{HOSTNAME}/scitokens-server/ready</callbackUri> | ||
| <serviceUri>https://cilogon.org/oauth2</serviceUri> | ||
| <authorizeUri>https://cilogon.org/authorize</authorizeUri> | ||
| <wellKnownUri>https://cilogon.org/oauth2/.well-known/openid-configuration</wellKnownUri> | ||
| <scopes> | ||
| <scope>email</scope> | ||
| <scope>openid</scope> | ||
| <scope>profile</scope> | ||
| <scope>org.cilogon.userinfo</scope> | ||
| </scopes> | ||
| <memoryStore><assetStore/></memoryStore> | ||
| </client> | ||
|
|
||
| </config> |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you try Alma 8? We're eventually going to replace the CentOS Stream 8-based software-base with Alma 8-based (as per SOFTWARE-5307) so it would be nice if we had one less thing to test before we transitioned.