adding ctafrontend image build

.gitlab-ci.yml

 stages:
   - build:srpm
   - build:rpm
+  - build:dockerimage
 
 cta_srpm:
   stage: build:srpm
@@ -40,3 +41,13 @@ cta_rpm:
 
   tags:
     - docker
+
+
+ctafrontend_docker:
+  stage: build:dockerimage
+  tags:
+    - docker-image-build
+  script: "" # unused but this line is required by GitLab CI
+  variables:
+    TO: gitlab-registry.cern.ch/cta/cta-orchestration
+    CONTEXT_DIR: continuousintegration/docker/ctafrontend/cc7

continuousintegration/docker/ctafrontend/README.md

+# `ctafrontend` docker image repository
+  - This is the repository for CERN Tape Archive frontend docker image.
+
+
+## Aim
+
+The aim of this project is to provide a CTA frontend through Docker® containers.
+
+## Components
+
+* Dockerfile      - The file describing how to build the Docker image for building CASTOR, in turn.
+* etc/yum.repos.d - directory containing yum repos for installing necessary packages.
+* etc/xrootd      - directory containing static configuration files for xrootd 
+* run.sh          - The main script to setup runtime environment.
+
+## Setup
+
+In order to be able to use the container, you should have Docker installed on your machine. You can get more information on how to setup Docker [here](https://docs.docker.com/linux/).
+
+The base image used is CERN CentOS 7 (gitlab-registry.cern.ch/linuxsupport/cc7-base).
+
+## Build image
+
+In order to build the image, after making sure that the Docker daemon is running, run from the repository directory:
+
+```bash
+docker build --force-rm -t ctafrontend-cc7 cc7/
+```
+
+After the image has finished building successfully, run the following command:
+
+```bash
+# Run CTA fronted with prepared object store and catalogue DB. 
+# All logs will be passed back to the docker host through /dev/log socket. 
+# Shared path must be passed inside to the container.
+# A host name have to be used for the container  to run xrootd.
+#
+# @param objectstore  CTA object store directory path name.
+# @param catdb        CTA catalogue DB setup.
+#
+
+docker run -h ctasystestf.cern.ch -it -e objectstore="/shared/jobStoreVFS1FlpYW" -e catdb="sqlite:/shared/sqliteDb/db" -v /dev/log:/dev/log -v /opt/cta/docker:/shared ctafrontend-cc7
+```
+

continuousintegration/docker/ctafrontend/cc7/Dockerfile

+# ******************************************************************************
+#
+# The CERN Tape Archive (CTA) project
+# Copyright (C) 2015  CERN
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+# ****************************************************************************/
+
+# CTA frontend
+
+FROM gitlab-registry.cern.ch/linuxsupport/cc7-base
+
+
+# Manage repos
+ADD ./etc/yum.repos.d/* /etc/yum.repos.d/
+RUN yum install -y yum-plugin-priorities epel-release
+
+# Install needed packages
+RUN yum -y install cta-frontend cta-debuginfo cgdb less psmisc lynx strace ltrace
+RUN yum clean all
+
+# Static configuration files
+ADD ./etc/xrootd/xrootd-cta.cfg /etc/xrootd/xrootd-cta.cfg
+
+# Docker image run setup
+ADD ./run.sh /
+ENTRYPOINT ["/run.sh"]

continuousintegration/docker/ctafrontend/cc7/etc/xrootd/xrootd-cta.cfg

+# Load the plugin XrdCtaOfs
+xrootd.fslib libXrdCtaOfs.so
+
+# Use the security module
+xrootd.seclib libXrdSec.so
+
+# Protocol specification
+# The xroot server process needs to be able to read the keytab file
+#sec.protocol krb5 /etc/krb5.keytab.cta host/<host>@CERN.CH
+#sec.protocol sss -s /var/spool/xrootd/.xrd/sss.keytab -c /tmp/sss.keytab
+sec.protocol unix
+
+# Only Kerberos 5 and sss are allowed
+#sec.protbind * only sss
+sec.protbind 172.17.0* only unix
+
+# Allow copying from absolute paths
+all.export /
+
+# Turn off asynchronous i/o
+xrootd.async off
+
+# Use a port other than 1094, already used by EOS xroot server
+xrd.port 10955
+

continuousintegration/docker/ctafrontend/cc7/etc/yum.repos.d/centos-cernonly.repo

+[centos-cernonly]
+name=CentOS-7 - CERN Only [20161019]
+baseurl=http://linuxsoft.cern.ch/internal/yumsnapshot/20161019/cern/centos/7/cernonly/x86_64
+enabled=1
+gpgcheck=0
+priority=10
+

continuousintegration/docker/ctafrontend/cc7/etc/yum.repos.d/ceph.repo

+[ceph]
+gpgcheck=0
+name=Ceph repository
+enabled=1
+priority=3
+baseurl=http://linuxsoft.cern.ch/mirror/download.ceph.com/rpm-jewel/el7/x86_64/

continuousintegration/docker/ctafrontend/cc7/etc/yum.repos.d/cta.repo

+[cta-master]
+name=CTA master
+baseurl=http://dss-ci-repo.web.cern.ch/dss-ci-repo/cta/master/cc-7/x86_64/
+gpgcheck=0
+enabled=1
+

continuousintegration/docker/ctafrontend/cc7/run.sh

+#!/bin/sh 
+
+echo "ObjectStore BackendPath $objectstore" > /etc/cta/cta-frontend.conf
+echo "Catalogue NumberOfConnections 1" >>/etc/cta/cta-frontend.conf
+
+echo ${catdb} >/etc/cta/cta_catalogue_db.conf
+
+useradd cta
+# disable kerberos5 check for the admin privileges
+  sed -i -e "s/krb5/unix/" /usr/lib64/libXrdCtaOfs.so
+runuser --shell='/bin/bash' --session-command='cd ~cta; xrootd -n cta -c /etc/xrootd/xrootd-cta.cfg -I v4' cta&
+/bin/bash