- Indico style
- Indico style - inline minutes
- Indico style - numbered
- Indico style - numbered + minutes
- Indico Weeks View
Weekly meeting to discuss progress on EDLK JIRA issues: https://jira.skatelescope.org/issues/?filter=15115
Zoom room: https://skatelescope.zoom.us/j/97713259777?pwd=Q2EwSWZ3NkRaazFRSy9YT3Y5UmdJZz09
## RUCIO Scopes deletion campaign
Riccardo: many unused scopes deleted and lifetime added where missing, situation is now under control.
## MaxSpace configuration in CRIC
Riccardo: Some RSEs still need to fix their settings in CRIC.
Here's the list of RSEs that need to be checked:
ALPAMED-DPM
AWS_WEBDAV check values carefully
CNAF-STORM
INFN-ROMA1
JUPYTER-SCRATCH-EULAKE
PIC-DCACHE check values carefully
PIC-DCACHE-TAPE check values carefully
PIC-INJECT check values carefully
SARA-DCACHE
Rizart: AuthZ in CRIC grant access to all RSEs configration, so be careful as this will not likely be fixed before DAC21. Let me know if you have issues.
*ACTION*: RSE representatives should fix settings for the above RSEs.
## OIDC support in ESCAPE Rucio:
Rizart: some bugs in RUCIO on the handling of the OIDC redirection, mostly affecting the RUCIO WebUI and users that do not come with their own token. Should be fixed in the latest RUCIO release that will be deployed as soon as it is released for ESCAPE RUCIO (before DAC21).
### PIC-DCache
AuthN/Z status:
- X.509/VOMS GREEN
- OAuth GREEN
Agustin: recently updated the dCache version in order to support token-based authn/z.
### LAPP-WebDAV
AuthN/Z status:
- X.509/VOMS RED
- OAuth GREEN
Paul: limitation in apache server so that you can have only auth method for an endpoint, so enabling both X.509 and OIDC causes issues. Investigating the possibilty of using different, auth-method specific endpoints.
### LAPP-DCache
AuthN/Z status:
- X.509/VOMS GREEN
- OAuth RED
Action(Frederic): Fix Lapp-DCache configuration
### INFN-ROMA1
AuthN/Z status:
- X.509/VOMS Mostly GREEN
- OAuth RED
AlessandraD: We will look with Alessandro De Salvo in adapting DPM config to support token-based auth for INFN-ROMA e INFN-Napoli RSEs. Where can I find more documentation on how to configure support for token-based authZ?
Action(Andrea): Share pointers with AlessandraD
### INFN-NA
AuthN/Z status:
- X.509/VOMS Mostly GREEN
- OAuth RED
### IN2P3-CC-LSST-*
AuthN/Z status:
- X.509/VOMS GREEN
- OAuth GREEN
No representative.
### GSI-ROOT
AuthN/Z status:
- X.509/VOMS GREEN
- OAuth GREEN
### FAIR-ROOT
AuthN/Z status:
- X.509/VOMS GREEN
- OAuth GREEN
### EULAKE-*
AuthN/Z status:
- X.509/VOMS GREEN
- OAuth RED
Action(Rizart): Fix token-based authz config for EULAKE
### DESY-DCACHE, SARA-DCACHE
AuthN/Z status:
- X.509/VOMS GREEN
- OAuth ??
For unknown reason, DESY-DCACHE and SARA-DCACHE is not tested by the OAuth testsuite.
Action(Federica): understand why SARA-DCACHE and DESY-DCACHE are not tested
### CNAF-STORM
AuthN/Z status:
- X.509/VOMS GREEN
- OAuth GREEN
### ALPAMED-DPM
AuthN/Z status:
- X.509/VOMS GREENish
- OAuth RED
### SARA-SWIFT
AuthN/Z status:
- X.509/VOMS ??
- OAuth ??
Aleem: Signed URL issues. Upload works with rclone but not with rucio-upload
Rizart: some replication work with FTS, needs to be better understood
Action(Aleem/Rizart): understand sara-swift RUCIO issues