From 875b11199d54142c5de8fa87b0744210d2ac3129 Mon Sep 17 00:00:00 2001
From: Federico Stagni <federico.stagni@cern.ch>
Date: Tue, 31 Oct 2023 17:26:06 +0100
Subject: [PATCH] fix: sets the security env variables as first

---
 Pilot/pilotCommands.py | 86 +++++++++++++++++++++---------------------
 1 file changed, 44 insertions(+), 42 deletions(-)

diff --git a/Pilot/pilotCommands.py b/Pilot/pilotCommands.py
index 2a63bc49..830fb9fd 100644
--- a/Pilot/pilotCommands.py
+++ b/Pilot/pilotCommands.py
@@ -206,6 +206,48 @@ def execute(self):
             )
             self.exitWithError(1)
 
+        # If DIRAC (or its extension) is installed in CVMFS:
+        if self.pp.preinstalledEnv:
+            self.__checkSecurityDir("X509_CERT_DIR", "certificates")
+            self.__checkSecurityDir("X509_VOMS_DIR", "vomsdir")
+            self.__checkSecurityDir("X509_VOMSES", "vomses")
+            # This is needed for the integration tests
+            self.pp.installEnv["DIRAC_VOMSES"] = self.pp.installEnv["X509_VOMSES"]
+            os.environ["DIRAC_VOMSES"] = os.environ["X509_VOMSES"]
+
+
+    def __checkSecurityDir(self, envName, dirName):
+
+        if envName in os.environ and safe_listdir(os.environ[envName]):
+            self.log.debug(
+                "%s is set in the host environment as %s, aligning installEnv to it"
+                % (envName, os.environ[envName])
+            )               
+            self.pp.installEnv[envName] = os.environ[envName]
+        else:
+            self.log.debug("%s is not set in the host environment" % envName)
+            # try and find it
+            for candidate in self.pp.CVMFS_locations:
+                candidateDir = os.path.join(candidate,
+                                            'etc/grid-security',
+                                            dirName)
+                self.log.debug(
+                    "Candidate directory for %s is %s"
+                    % (envName, candidateDir)
+                )
+                if safe_listdir(candidateDir):
+
+                    self.log.debug("Setting %s=%s" % (envName, candidateDir))
+                    self.pp.installEnv[envName] = candidateDir
+                    os.environ[envName] = candidateDir
+                    break
+                self.log.debug("%s not found or not a directory" % candidateDir)
+
+        if envName not in self.pp.installEnv:
+            self.log.error("Could not find/set %s" % envName)
+            sys.exit(1)
+
+
 class InstallDIRAC(CommandBase):
     """ Source from CVMFS, or install locally
     """
@@ -525,7 +567,7 @@ class ConfigureBasics(CommandBase):
 
     It calls dirac-configure to:
 
-        * download, by default, the CAs
+        * (maybe) download the CAs
         * creates a standard or custom (defined by self.pp.localConfigFile) cfg file
           (by default 'pilot.cfg') to be used where all the pilot configuration is to be set, e.g.:
         * adds to it basic info like the version
@@ -604,37 +646,6 @@ def _getBasicsCFG(self):
         if self.pp.wnVO:
             self.cfg.append('-o "/Resources/Computing/CEDefaults/VirtualOrganization=%s"' % self.pp.wnVO)
 
-    def __checkSecurityDir(self, envName, dirName):
-
-        if envName in os.environ and safe_listdir(os.environ[envName]):
-            self.log.debug(
-                "%s is set in the host environment as %s, aligning installEnv to it"
-                % (envName, os.environ[envName])
-            )               
-            self.pp.installEnv[envName] = os.environ[envName]
-        else:
-            self.log.debug("%s is not set in the host environment" % envName)
-            # try and find it
-            for candidate in self.pp.CVMFS_locations:
-                candidateDir = os.path.join(candidate,
-                                            'etc/grid-security',
-                                            dirName)
-                self.log.debug(
-                    "Candidate directory for %s is %s"
-                    % (envName, candidateDir)
-                )
-                if safe_listdir(candidateDir):
-
-                    self.log.debug("Setting %s=%s" % (envName, candidateDir))
-                    self.pp.installEnv[envName] = candidateDir
-                    os.environ[envName] = candidateDir
-                    break
-                self.log.debug("%s not found or not a directory" % candidateDir)
-
-        if envName not in self.pp.installEnv:
-            self.log.error("Could not find/set %s" % envName)
-            sys.exit(1)
-
     def _getSecurityCFG(self):
         """ Sets security-related env variables, if needed
         """
@@ -644,17 +655,8 @@ def _getSecurityCFG(self):
             self.cfg.append("-o /DIRAC/Security/CertFile=%s/hostcert.pem" % self.pp.certsLocation)
             self.cfg.append("-o /DIRAC/Security/KeyFile=%s/hostkey.pem" % self.pp.certsLocation)
 
-        # If DIRAC (or its extension) is installed in CVMFS:
+        # If DIRAC (or its extension) is installed in CVMFS do not download VOMS and CAs
         if self.pp.preinstalledEnv:
-
-            self.__checkSecurityDir("X509_CERT_DIR", "certificates")
-            self.__checkSecurityDir("X509_VOMS_DIR", "vomsdir")
-            self.__checkSecurityDir("X509_VOMSES", "vomses")
-            # This is needed for the integration tests
-            self.pp.installEnv["DIRAC_VOMSES"] = self.pp.installEnv["X509_VOMSES"]
-            os.environ["DIRAC_VOMSES"] = os.environ["X509_VOMSES"]
-
-            # In any case do not download VOMS and CAs
             self.cfg.append("-DMH")