So, this isn't polished yet, but I thought I'd push this up and have you guys take a look at it, and see what you think before I do any more work on it. All I wanted at this point was something that worked, and now want to get some other eyes on it to make sure this approach doesn't do anything crazy that you guys don't like.
The idea is that users might (well in my case users do) want to pull images from an https repository using an x509 proxy cert. To do this, we need some kind of delegation method, to get a credential on the service, and some method of copying the credential to the VMM. Originally, I planned on using the standard Globus delegation factory, but realized that this isn't included with Nimbus anymore, and probably wouldn't be portable when Nimbus moves away from WSRF. So I did the simplest thing I could think of, and just added a field to the optional XML file that workspace.sh uses. The idea is that users can just stuff their credential in there, and Nimbus can use it. The nimbus service then pushes this credential to the workspace control tmp directory.
There's also a new propagation adapter for https, which takes the --prop-extra-args parameter to get the filename of the credential it should use when pulling a file.
Implement simple proxy copying in service and client
Cleanup service changes for copying a proxy
Add https pulling with x509 credential to workspace control
Add persistance and clean up credential copying.
Also do some cleanup.
Change arguments to prop-extra-args to play nicely with other uses
Just in case someone else ever uses prop-extra-args for anything. Other
wc arguments seem to use the 'argument;argument;argument' format, so
repeat that here.
Refactor CustomizationNeed to FileCopyNeed.
This way it can also be used for files that need to be copied to the VMM
node at Propagate time (credentials).
This also means that files that are contexed in are copied at
propagation time, rather than start time, as in the past.
Fix restarting gzipped images.
Since the files will have been unzipped in a previous start attempt,
they will fail on a second attempt unless we check that they've already
Huh. This diff looks strange, but it's a pretty simple patch.
So this is a much cleaned up from when this pull was first asked for. It renames the CustomizationNeed to FileCopyNeed, as this is used for copying credentials now. This also happens at propagate time, rather than start time.
As before, comments are welcome.
Merged in cee6e2f