GitLab CI for CMS: Glossary

Key Points

Setting up an environment using CVMFS in GitLab CI (e.g. to run CMSSW)
  • Special GitLab CVMFS runners are required to run CI jobs that need CVMFS, e.g. to run CMSSW.

  • The setup script sets aliases, which are not expanded by default.

  • If the setup script tries to access unset variables, then that can cause the CI to fail when using strict shell scripting checks.

Compiling a CMSSW package
  • For code to be compiled in CMSSW, it needs to reside within the work area’s src directory.

  • The code needs to be copied manually using the CI script.

  • When using commands such as git cms-addpkg, the git configuration needs to be adjusted/set first.

Obtaining a grid proxy
  • Special care is needed when adding secrets in GitLab

  • Passwords and certificates should always be set to Protected state

  • Certificates need to be base64-encoded for use as secrets

CAT services for GitLab CI
  • To use CAT services your project needs to reside into cms-analysis.

  • You won’t need to expose any personal credentials.

  • It is easy to host your analysis code in cms-analysis.

Running a CMSSW job
  • A special CMSSW image is required to successfully run CMSSW jobs

  • Running on CMS data requires a grid proxy, or the files to be stored in the CAT managed area

  • Several ways are available to access CMS specific files

  • CAT provides services that avoid the danger of leaking credentials

  • The use of artifacts allows passing results of one step to the other

  • Since artifacts are write-protected, the directory needs to be copied before running CMSSW

Glossary

FIXME