From 404d3acdfc5c796c1a038edfd27765987b0b5890 Mon Sep 17 00:00:00 2001
From: Brian Aydemir <baydemir@morgridge.org>
Date: Tue, 9 Jul 2024 08:31:37 -0500
Subject: [PATCH] Switch to using OSG's sssd image

---
 .github/workflows/build.yaml           |  2 --
 README.rst                             |  6 ------
 sssd/Dockerfile                        | 27 --------------------------
 sssd/etc/osg/image-init.d/sssd-init.sh | 15 --------------
 sssd/etc/supervisord.d/sssd.conf       |  3 ---
 5 files changed, 53 deletions(-)
 delete mode 100644 sssd/Dockerfile
 delete mode 100755 sssd/etc/osg/image-init.d/sssd-init.sh
 delete mode 100644 sssd/etc/supervisord.d/sssd.conf

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index cbfdfc7..7e776c8 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -17,7 +17,6 @@ on:
     - '[0-9]+.[0-9]+*'
     paths:
     - k8s-hub/**
-    - sssd/**
   workflow_dispatch: {}
 
 jobs:
@@ -28,7 +27,6 @@ jobs:
       matrix:
         image-name:
         - k8s-hub
-        # - sssd
 
     steps:
 
diff --git a/README.rst b/README.rst
index e2b51b1..793e185 100644
--- a/README.rst
+++ b/README.rst
@@ -18,14 +18,8 @@ Overview
   - Includes a custom version of the oauthenticator_ package.
   - Includes the osg-jupyterhub-hooks_ package.
 
-- `<sssd/>`_:
-
-  - An image for running sssd_.
-  - Requires configuration.
-
 .. _oauthenticator: https://github.com/brianaydemir/jupyterhub-oauthenticator/tree/15.1.0-osg
 .. _osg-jupyterhub-hooks: https://github.com/osg-htc/jupyterhub-hooks
-.. _sssd: https://sssd.io
 
 
 Development
diff --git a/sssd/Dockerfile b/sssd/Dockerfile
deleted file mode 100644
index 0c59b41..0000000
--- a/sssd/Dockerfile
+++ /dev/null
@@ -1,27 +0,0 @@
-# Run sssd via supervisord.
-#
-# Containers must populate /etc/sssd with configuration for the daemon.
-# Files must be readable only by root.
-
-FROM hub.opensciencegrid.org/opensciencegrid/software-base:3.6-el7-release
-
-# Reference: https://github.com/hadolint/hadolint/wiki/DL4006
-
-SHELL ["/bin/bash", "-o", "pipefail", "-c"]
-
-# In order to accommodate the sharing of sssd's "pipes" directory, we
-# create the sssd user and group with explicit IDs rather than allowing
-# packages to select arbitrary IDs.
-
-USER root
-WORKDIR /tmp
-RUN true \
-    && groupadd -r -g 996 sssd \
-    && useradd -r -g sssd -u 996 -d / -s /usr/sbin/nologin -c "System user for sssd" sssd \
-    #
-    && yum update -y \
-    && yum install -y sssd \
-    && yum clean all \
-    && rm -rf /var/cache/yum/
-
-COPY etc /etc/
diff --git a/sssd/etc/osg/image-init.d/sssd-init.sh b/sssd/etc/osg/image-init.d/sssd-init.sh
deleted file mode 100755
index 126ae89..0000000
--- a/sssd/etc/osg/image-init.d/sssd-init.sh
+++ /dev/null
@@ -1,15 +0,0 @@
-#!/bin/sh
-# Ensure that sssd's "pipes" directory has the required structure.
-
-set -eu
-
-_pipes_dir=/var/lib/sss/pipes/
-_private_pipes_dir=/var/lib/sss/pipes/private/
-
-mkdir -p           "${_pipes_dir}"
-chown sssd:sssd    "${_pipes_dir}"
-chmod u=rwx,go=rx  "${_pipes_dir}"
-
-mkdir -p           "${_private_pipes_dir}"
-chown root:root    "${_private_pipes_dir}"
-chmod u=rwx,go=    "${_private_pipes_dir}"
diff --git a/sssd/etc/supervisord.d/sssd.conf b/sssd/etc/supervisord.d/sssd.conf
deleted file mode 100644
index 4ed3e99..0000000
--- a/sssd/etc/supervisord.d/sssd.conf
+++ /dev/null
@@ -1,3 +0,0 @@
-[program:sssd]
-command=/usr/sbin/sssd --interactive --logger=files
-autorestart=true