deployment for early pilots (first on test pilot)

- includes idhub entrypoint relevant refactor
- prepare env vars for test pilot
This commit is contained in:
pedro 2024-02-02 19:36:57 +01:00
parent b268099193
commit 35b8a294a4
3 changed files with 67 additions and 39 deletions

View file

@ -9,7 +9,7 @@
MUSICIAN_SECRET_KEY='changeme_v9&&N$Lt9t*5EGwm0w' MUSICIAN_SECRET_KEY='changeme_v9&&N$Lt9t*5EGwm0w'
# specially useful if you want to deploy in a specific domain # specially useful if you want to deploy in a specific domain
MUSICIAN_API_BASE_URL='https://orchestra.example.org' MUSICIAN_API_BASE_URL='https://orchestra.example.org'
MUSICIAN_ALLOWED_HOSTS='musician.example.org' MUSICIAN_ALLOWED_HOSTS='127.0.0.1,localhost,musician.example.org'
MUSICIAN_DOMAIN='musician.example.org' MUSICIAN_DOMAIN='musician.example.org'
# DEVICEHUB # DEVICEHUB
@ -93,6 +93,9 @@ IDHUB_EMAIL='admin@example.org'
# by default it is set to 'y' to facilitate idhub dev when outside docker # by default it is set to 'y' to facilitate idhub dev when outside docker
IDHUB_SYNC_ORG_DEV='n' IDHUB_SYNC_ORG_DEV='n'
IDHUB_PILOT_TEST__IDHUB_DEPLOYMENT='PILOTS_EARLY'
IDHUB_PILOT_TEST__ADMIN_EMAIL='idhub_admin@example.com'
# AUTHENTIK aka goauthentik # AUTHENTIK aka goauthentik
#### ####

View file

@ -5,7 +5,8 @@ services:
init: true init: true
image: dkr-dsg.ac.upc.edu/trustchain-oc1-orchestral/idhub:latest image: dkr-dsg.ac.upc.edu/trustchain-oc1-orchestral/idhub:latest
environment: environment:
- DEPLOYMENT=${IDHUB_DEPLOYMENT} - DEPLOYMENT=${IDHUB_PILOT_TEST__IDHUB_DEPLOYMENT}
- ADMIN_EMAIL=${IDHUB_PILOT_TEST__ADMIN_EMAIL}
- SECRET_KEY=${IDHUB_SECRET_KEY:-publicsecretisnotsecureVtmKBfxpVV47PpBCF2Nzz2H6qnbd} - SECRET_KEY=${IDHUB_SECRET_KEY:-publicsecretisnotsecureVtmKBfxpVV47PpBCF2Nzz2H6qnbd}
- ALLOWED_HOSTS=${IDHUB_ALLOWED_HOSTS:-*} - ALLOWED_HOSTS=${IDHUB_ALLOWED_HOSTS:-*}
- STATIC_ROOT=${IDHUB_STATIC_ROOT:-/static/} - STATIC_ROOT=${IDHUB_STATIC_ROOT:-/static/}

View file

@ -4,6 +4,64 @@ set -e
set -u set -u
set -x set -x
usage() {
cat <<END
ERROR: you need to map your idhub git repo volume to docker, suggested volume mapping is:
volumes:
- ./IdHub:/opt/idhub
END
exit 1
}
inject_env_vars() {
# related https://www.kenmuse.com/blog/avoiding-dubious-ownership-in-dev-containers/
git config --global --add safe.directory "${idhub_dir}"
export GIT_COMMIT="$(git log --pretty=format:'%h' -n 1)"
# enable dev flags when DEVELOPMENT deployment
case "${DEPLOYMENT}" in
DEVELOPMENT)
export DEBUG=True
export DEVELOPMENT=True
;;
PILOTS_EARLY)
export DEBUG=True
export DEVELOPMENT=False
;;
esac
}
deployment_strategy() {
# detect if existing deployment (TODO only works with sqlite)
if [ -f "${idhub_dir}/db.sqlite3" ]; then
echo "INFO: detected EXISTING deployment"
./manage.py makemigrations
./manage.py migrate
else
# move the migrate thing in docker entrypoint
# inspired by https://medium.com/analytics-vidhya/django-with-docker-and-docker-compose-python-part-2-8415976470cc
echo "INFO detected NEW deployment"
./manage.py migrate
case "${DEPLOYMENT}" in
DEVELOPMENT|PILOTS_EARLY)
printf "This is DEVELOPMENT/PILOTS_EARLY DEPLOYMENT: including demo hardcoded data\n creating initial Datas\n" >&2
./manage.py initial_datas
if [ "${RESPONSE_URI:-}" ]; then
config_oidc4vp
fi
;;
PROD)
printf "creating superuser \n user: ${DJANGO_SUPERUSER_USERNAME}\n password: ${DJANGO_SUPERUSER_PASSWORD}\n email: ${DJANGO_SUPERUSER_EMAIL}\n" >&2
## thanks https://stackoverflow.com/questions/6244382/how-to-automate-createsuperuser-on-django/59467533#59467533
./manage.py createsuperuser --no-input
esac
fi
}
_set() { _set() {
key="${1}" key="${1}"
value="${2}" value="${2}"
@ -45,46 +103,12 @@ main() {
cd "${idhub_dir}" cd "${idhub_dir}"
if [ ! -f "./manage.py" ]; then if [ ! -f "./manage.py" ]; then
cat <<END usage
ERROR: you need to map your idhub git repo volume to docker, suggested volume mapping is:
volumes:
- ./IdHub:/opt/idhub
END
exit 1
fi fi
# detect if existing deployment (TODO only works with sqlite) deployment_strategy
if [ -f "${idhub_dir}/db.sqlite3" ]; then
echo "INFO: detected EXISTING deployment"
./manage.py makemigrations
./manage.py migrate
else
# move the migrate thing in docker entrypoint
# inspired by https://medium.com/analytics-vidhya/django-with-docker-and-docker-compose-python-part-2-8415976470cc
echo "INFO detected NEW deployment"
./manage.py migrate
if [ "${DEPLOYMENT}" = 'DEVELOPMENT' ]; then inject_env_vars
printf "This is DEVELOPMENT DEPLOYMENT: including demo hardcoded data\n creating initial Datas\n" >&2
./manage.py initial_datas
if [ "${RESPONSE_URI:-}" ]; then
config_oidc4vp
fi
else
printf "creating superuser \n user: ${DJANGO_SUPERUSER_USERNAME}\n password: ${DJANGO_SUPERUSER_PASSWORD}\n email: ${DJANGO_SUPERUSER_EMAIL}\n" >&2
## thanks https://stackoverflow.com/questions/6244382/how-to-automate-createsuperuser-on-django/59467533#59467533
./manage.py createsuperuser --no-input
fi
fi
# enable dev flags when DEVELOPMENT deployment
if [ "${DEPLOYMENT}" = 'DEVELOPMENT' ]; then
export DEBUG=True
export DEVELOPMENT=True
fi
#./manage.py collectstatic #./manage.py collectstatic