DPP/DLT functionality #36
|
@ -246,3 +246,4 @@ COMMIT = config('COMMIT', default='')
|
||||||
TOKEN_DLT = config("TOKEN_DLT", default=None)
|
TOKEN_DLT = config("TOKEN_DLT", default=None)
|
||||||
API_DLT = config("API_DLT", default=None)
|
API_DLT = config("API_DLT", default=None)
|
||||||
API_RESOLVER = config("API_RESOLVER", default=None)
|
API_RESOLVER = config("API_RESOLVER", default=None)
|
||||||
|
ID_FEDERATED = config("ID_FEDERATED", default=None)
|
||||||
|
|
|
@ -8,8 +8,13 @@ RUN apt update && \
|
||||||
sqlite3 \
|
sqlite3 \
|
||||||
jq \
|
jq \
|
||||||
time \
|
time \
|
||||||
|
vim \
|
||||||
&& rm -rf /var/lib/apt/lists/*
|
&& rm -rf /var/lib/apt/lists/*
|
||||||
|
|
||||||
|
# TODO I don't like this, but the whole ereuse-dpp works with user 1000 because of the volume mapping
|
||||||
|
# thanks https://stackoverflow.com/questions/70520205/docker-non-root-user-best-practices-for-python-images
|
||||||
|
RUN adduser --home /opt/devicehub-django -u 1000 app
|
||||||
|
|
||||||
WORKDIR /opt/devicehub-django
|
WORKDIR /opt/devicehub-django
|
||||||
|
|
||||||
# reduce size (python specifics) -> src https://stackoverflow.com/questions/74616667/removing-pip-cache-after-installing-dependencies-in-docker-image
|
# reduce size (python specifics) -> src https://stackoverflow.com/questions/74616667/removing-pip-cache-after-installing-dependencies-in-docker-image
|
||||||
|
@ -37,9 +42,7 @@ ENV PYTHONPATH="${PYTHONPATH}:/usr/lib/python3/dist-packages"
|
||||||
|
|
||||||
COPY docker/devicehub-django.entrypoint.sh /
|
COPY docker/devicehub-django.entrypoint.sh /
|
||||||
|
|
||||||
# TODO I don't like this, but the whole ereuse-dpp works with user 1000 because of the volume mapping
|
RUN chown -R app:app /opt/devicehub-django
|
||||||
# thanks https://stackoverflow.com/questions/70520205/docker-non-root-user-best-practices-for-python-images
|
|
||||||
RUN adduser --system --no-create-home app
|
|
||||||
USER app
|
|
||||||
|
|
||||||
|
USER app
|
||||||
ENTRYPOINT sh /devicehub-django.entrypoint.sh
|
ENTRYPOINT sh /devicehub-django.entrypoint.sh
|
||||||
|
|
|
@ -35,24 +35,21 @@ gen_env_vars() {
|
||||||
PREDEFINED_TOKEN="${PREDEFINED_TOKEN:-}"
|
PREDEFINED_TOKEN="${PREDEFINED_TOKEN:-}"
|
||||||
# specific dpp env vars
|
# specific dpp env vars
|
||||||
if [ "${DPP_MODULE}" = 'y' ]; then
|
if [ "${DPP_MODULE}" = 'y' ]; then
|
||||||
# docker situation
|
# fill env vars in this docker entrypoint
|
||||||
if [ -d "${DPP_SHARED:-}" ]; then
|
wait_for_dpp_shared
|
||||||
wait_for_dpp_shared
|
export API_DLT='http://api_connector:3010'
|
||||||
export API_DLT='http://api_connector:3010'
|
export API_DLT_TOKEN="$(cat "/shared/${OPERATOR_TOKEN_FILE}")"
|
||||||
export API_DLT_TOKEN="$(cat "/shared/${OPERATOR_TOKEN_FILE}")"
|
export API_RESOLVER='http://id_index_api:3012'
|
||||||
export API_RESOLVER='http://id_index_api:3012'
|
# TODO hardcoded
|
||||||
# TODO hardcoded
|
export ID_FEDERATED='DH1'
|
||||||
export ID_FEDERATED='DH1'
|
# propagate to .env
|
||||||
# .env situation
|
dpp_env_vars="$(cat <<END
|
||||||
else
|
API_DLT=${API_DLT}
|
||||||
dpp_env_vars="$(cat <<END
|
API_DLT_TOKEN=${API_DLT_TOKEN}
|
||||||
API_DLT='${API_DLT}'
|
API_RESOLVER=${API_RESOLVER}
|
||||||
API_DLT_TOKEN='${API_DLT_TOKEN}'
|
ID_FEDERATED=${ID_FEDERATED}
|
||||||
API_RESOLVER='${API_RESOLVER}'
|
|
||||||
ID_FEDERATED='${ID_FEDERATED}'
|
|
||||||
END
|
END
|
||||||
)"
|
)"
|
||||||
fi
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# generate config using env vars from docker
|
# generate config using env vars from docker
|
||||||
|
@ -123,7 +120,8 @@ END
|
||||||
}
|
}
|
||||||
|
|
||||||
config_phase() {
|
config_phase() {
|
||||||
init_flagfile='/already_configured'
|
# TODO review this flag file
|
||||||
|
init_flagfile="${program_dir}/already_configured"
|
||||||
if [ ! -f "${init_flagfile}" ]; then
|
if [ ! -f "${init_flagfile}" ]; then
|
||||||
|
|
||||||
# non DL user (only for the inventory)
|
# non DL user (only for the inventory)
|
||||||
|
@ -158,7 +156,7 @@ check_app_is_there() {
|
||||||
|
|
||||||
deploy() {
|
deploy() {
|
||||||
# TODO this is weird, find better workaround
|
# TODO this is weird, find better workaround
|
||||||
git config --global --add safe.directory /opt/devicehub-django
|
git config --global --add safe.directory "${program_dir}"
|
||||||
export COMMIT=$(git log --format="%H %ad" --date=iso -n 1)
|
export COMMIT=$(git log --format="%H %ad" --date=iso -n 1)
|
||||||
|
|
||||||
if [ "${DEBUG:-}" = 'true' ]; then
|
if [ "${DEBUG:-}" = 'true' ]; then
|
||||||
|
|
|
@ -37,7 +37,8 @@ def connect_api(user):
|
||||||
return
|
return
|
||||||
|
|
||||||
api_dlt = settings.API_DLT
|
api_dlt = settings.API_DLT
|
||||||
token_dlt = json.loads(dp).get("token_dlt")
|
token_dlt = dp.api_keys_dlt
|
||||||
|
|
||||||
if not api_dlt or not token_dlt:
|
if not api_dlt or not token_dlt:
|
||||||
logger.error("NOT POSSIBLE CONNECT WITH API DLT!!!")
|
logger.error("NOT POSSIBLE CONNECT WITH API DLT!!!")
|
||||||
return
|
return
|
||||||
|
|
|
@ -42,8 +42,8 @@ class Command(BaseCommand):
|
||||||
data_eth = json.dumps(api_token)
|
data_eth = json.dumps(api_token)
|
||||||
# TODO encrypt in the future
|
# TODO encrypt in the future
|
||||||
# api_keys_dlt = encrypt(password, data_eth)
|
# api_keys_dlt = encrypt(password, data_eth)
|
||||||
api_keys_dlt = data_eth
|
api_keys_dlt = data_eth.strip('"').strip("'")
|
||||||
|
|
||||||
user = User.objects.filter(email=email).first()
|
user = User.objects.filter(email=email).first()
|
||||||
|
|
||||||
if not user:
|
if not user:
|
||||||
|
|
Loading…
Reference in a new issue