From c64a181a49dcd14543a98b6034cffb62c07ca5e0 Mon Sep 17 00:00:00 2001 From: pedro Date: Tue, 12 Dec 2023 11:09:39 +0100 Subject: [PATCH] deployment for demo 12D (not tested) --- docker/idhub.Dockerfile | 5 ++++- docker/idhub.entrypoint.sh | 38 +++++++++++++++++++++++++++++++++++++- idhub_build_demo_12d.sh | 35 +++++++++++++++++++++++++++++++++++ 3 files changed, 76 insertions(+), 2 deletions(-) create mode 100755 idhub_build_demo_12d.sh diff --git a/docker/idhub.Dockerfile b/docker/idhub.Dockerfile index de6bddd..aa43271 100644 --- a/docker/idhub.Dockerfile +++ b/docker/idhub.Dockerfile @@ -4,7 +4,10 @@ RUN apt update && apt-get install -y \ python3-minimal \ python3-pip \ python3-dev \ - python-is-python3 + python-is-python3 \ + git \ + sqlite3 \ + jq WORKDIR /opt/idhub diff --git a/docker/idhub.entrypoint.sh b/docker/idhub.entrypoint.sh index 2e70c72..4cd7103 100755 --- a/docker/idhub.entrypoint.sh +++ b/docker/idhub.entrypoint.sh @@ -4,6 +4,40 @@ set -e set -u set -x +_set() { + key="${1}" + value="${2}" + response_uri="${3}" + sqlite3 db.sqlite3 "update oidc4vp_organization set ${key}='${value}' where response_uri='${response_uri}';" +} + +_get() { + sqlite3 -json db.sqlite3 "select * from oidc4vp_organization;" +} + +config_oidc4vp() { + # populate your config + R_URI_CLEAN="${RESPONSE_URI%/}" && R_URI_CLEAN="${R_URI_CLEAN#http*://}" + local file="$(echo ${R_URI_CLEAN} | sed 's!/!__!g')" + data="$(_get)" + echo "${data}" | jq --arg uri "${R_URI_CLEAN}" '{ ($uri): .}' > /sharedsecret/${file} + + echo wait the other idhubs to write, this is the only oportunity to sync with other idhubs in the docker compose + sleep 2 + # get other configs + for host in /sharedsecret/*; do + # we are flexible on querying for RESPONSE_URI: the first one based on regex + target_uri="$(cat "${host}" | jq -r 'keys[0]')" + filtered_data="$(cat "${host}" | jq --arg uri "${target_uri}" 'first(.[][] | select(.response_uri | test ($uri)))')" + client_id="$(echo "${filtered_data}" | jq -r '.client_id')" + client_secret="$(echo "${filtered_data}" | jq -r '.client_secret')" + response_uri="$(echo "${filtered_data}" | jq -r '.response_uri')" + + _set my_client_id ${client_id} ${response_uri} + _set my_client_secret ${client_secret} ${response_uri} + done +} + main() { idhub_dir='/opt/idhub' cd "${idhub_dir}" @@ -19,7 +53,7 @@ END exit 1 fi - # detect if existing deployment + # detect if existing deployment (TODO only works with sqlite) if [ -f "${idhub_dir}/db.sqlite3" ]; then echo "INFO: detected EXISTING deployment" ./manage.py makemigrations @@ -33,6 +67,8 @@ END if [ "${DEPLOYMENT}" = 'DEVELOPMENT' ]; then printf "This is DEVELOPMENT DEPLOYMENT: including demo hardcoded data\n creating initial Datas\n" >&2 ./manage.py initial_datas + + config_oidc4vp else printf "creating superuser \n user: ${DJANGO_SUPERUSER_USERNAME}\n password: ${DJANGO_SUPERUSER_PASSWORD}\n email: ${DJANGO_SUPERUSER_EMAIL}\n" >&2 ## thanks https://stackoverflow.com/questions/6244382/how-to-automate-createsuperuser-on-django/59467533#59467533 diff --git a/idhub_build_demo_12d.sh b/idhub_build_demo_12d.sh new file mode 100755 index 0000000..dc1a339 --- /dev/null +++ b/idhub_build_demo_12d.sh @@ -0,0 +1,35 @@ +#!/bin/sh + +set -e +set -u +# DEBUG +set -x + +# wallet and verifier idhub demo +main() { + deployment="${1:-}" + + # detach on production deployment + if [ "${deployment}" = 'prod' ]; then + detach='-d' + fi + + # force recreate + rm -rf ./idhub1 ./idhub2 + + # detect if is new + if [ ! -f "./idhub1" ] && [ ! -f "./idhub2" ]; then + echo 'Detected new deployment, recreating git repos idhub1 and idhub2' + cp -rp IdHub idhub1 + rm -f idhub1/db.sqlite3 + cp -rp IdHub idhub2 + rm -f idhub2/db.sqlite3 + fi + + idhub_dc_f='docker-compose_idhub-demo-12d.yml' + docker compose -f ${idhub_dc_f} down -v || true + make idhub_build \ + && docker compose -f ${idhub_dc_f} up ${detach:-} +} + +main "${@}"