rucio: integrate sidecar container

[kounelisagis]

Closes reanahub/reana-auth-rucio#1

[tiborsimko]

Please rebase against latest master, the branch should be based off #370 otherwise VOMS support won't contain changed needed for ESCAPE.

Also, the CI is not passing due to code formatting cosmetics. We are using black, you can run it locally, the following changes are needed to make the PR pass:

diff --git a/reana_job_controller/kubernetes_job_manager.py b/reana_job_controller/kubernetes_job_manager.py
index f7d47e1..95f412b 100644
--- a/reana_job_controller/kubernetes_job_manager.py
+++ b/reana_job_controller/kubernetes_job_manager.py
@@ -446,12 +446,12 @@ class KubernetesJobManager(JobManager):

         rucio_config_file_path = os.path.join(
             current_app.config["RUCIO_CACHE_LOCATION"],
-            'rucio.cfg',
+            "rucio.cfg",
         )

         cern_bundle_path = os.path.join(
             current_app.config["RUCIO_CACHE_LOCATION"],
-            'CERN-bundle.pem',
+            "CERN-bundle.pem",
         )

         rucio_account = os.environ.get("RUCIO_USERNAME")
@@ -471,7 +471,7 @@ class KubernetesJobManager(JobManager):
                     voms_proxy_vo=voms_proxy_vo,
                     cern_bundle_path=cern_bundle_path,
                     rucio_config_file_path=rucio_config_file_path,
-                )
+                ),
             ],
             "name": "reana-auth-rucio",
             "imagePullPolicy": "IfNotPresent",

[tiborsimko]

Can you please move this hardcoded string into config.py where we generally assemble all these "magic constants"?

Also, instead of the latest tag, please use the tentative 1.0.0 release tag already. (And for local testing we can simply re-tag it manually on our laptops for development purposes.) In this way the branch will be ready for merge.
We don't use latest officially anywhere, because it is a moving target, not identifying individual versions enough. See also https://vsupalov.com/docker-latest-tag/

If something is static and will never change, we can keep it hard-coded here. If something may change in the future, such as sidecar image version, we should definitely move it to config.py. See the VOMS proxy sidecar "magic constants" for illustration:

VOMSPROXY_CONTAINER_IMAGE = os.getenv(
    "VOMSPROXY_CONTAINER_IMAGE", "reanahub/reana-auth-vomsproxy:1.1.0"
)
"""Default docker image of VOMSPROXY sidecar container."""

VOMSPROXY_CONTAINER_NAME = "voms-proxy"
"""Name of VOMSPROXY sidecar container."""

VOMSPROXY_CERT_CACHE_LOCATION = "/vomsproxy_cache/"
"""Directory of voms-proxy certificate cache.

This directory is shared between job & VOMSPROXY container."""

VOMSPROXY_CERT_CACHE_FILENAME = "x509up_proxy"
"""Name of the voms-proxy certificate cache file."""