This commit is contained in:
jasquat 2023-02-16 07:39:40 -05:00
parent 7689380411
commit 5707e2c4e5
19 changed files with 182 additions and 70 deletions

View File

@ -153,7 +153,9 @@ def get_hacked_up_app_for_script() -> flask.app.Flask:
f"{home}/projects/github/sartography/sample-process-models" f"{home}/projects/github/sartography/sample-process-models"
) )
if os.path.isdir(full_process_model_path): if os.path.isdir(full_process_model_path):
os.environ["SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"] = full_process_model_path os.environ["SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"] = (
full_process_model_path
)
else: else:
raise Exception(f"Could not find {full_process_model_path}") raise Exception(f"Could not find {full_process_model_path}")
app = create_app() app = create_app()
@ -198,13 +200,21 @@ def configure_sentry(app: flask.app.Flask) -> None:
return None return None
return event return event
sentry_errors_sample_rate = app.config.get("SPIFFWORKFLOW_BACKEND_SENTRY_ERRORS_SAMPLE_RATE") sentry_errors_sample_rate = app.config.get(
"SPIFFWORKFLOW_BACKEND_SENTRY_ERRORS_SAMPLE_RATE"
)
if sentry_errors_sample_rate is None: if sentry_errors_sample_rate is None:
raise Exception("SPIFFWORKFLOW_BACKEND_SENTRY_ERRORS_SAMPLE_RATE is not set somehow") raise Exception(
"SPIFFWORKFLOW_BACKEND_SENTRY_ERRORS_SAMPLE_RATE is not set somehow"
)
sentry_traces_sample_rate = app.config.get("SPIFFWORKFLOW_BACKEND_SENTRY_TRACES_SAMPLE_RATE") sentry_traces_sample_rate = app.config.get(
"SPIFFWORKFLOW_BACKEND_SENTRY_TRACES_SAMPLE_RATE"
)
if sentry_traces_sample_rate is None: if sentry_traces_sample_rate is None:
raise Exception("SPIFFWORKFLOW_BACKEND_SENTRY_TRACES_SAMPLE_RATE is not set somehow") raise Exception(
"SPIFFWORKFLOW_BACKEND_SENTRY_TRACES_SAMPLE_RATE is not set somehow"
)
# profiling doesn't work on windows, because of an issue like https://github.com/nvdv/vprof/issues/62 # profiling doesn't work on windows, because of an issue like https://github.com/nvdv/vprof/issues/62
# but also we commented out profiling because it was causing segfaults (i guess it is marked experimental) # but also we commented out profiling because it was causing segfaults (i guess it is marked experimental)

View File

@ -52,15 +52,20 @@ def load_config_file(app: Flask, env_config_module: str) -> None:
def _set_up_tenant_specific_fields_as_list_of_strings(app: Flask) -> None: def _set_up_tenant_specific_fields_as_list_of_strings(app: Flask) -> None:
tenant_specific_fields = app.config.get("SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS") tenant_specific_fields = app.config.get(
"SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS"
)
if tenant_specific_fields is None or tenant_specific_fields == "": if tenant_specific_fields is None or tenant_specific_fields == "":
app.config["SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS"] = [] app.config["SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS"] = []
else: else:
app.config["SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS"] = tenant_specific_fields.split(",") app.config["SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS"] = (
tenant_specific_fields.split(",")
)
if len(app.config["SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS"]) > 3: if len(app.config["SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS"]) > 3:
raise ConfigurationError( raise ConfigurationError(
"SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS can have a maximum of 3 fields" "SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS can have a"
" maximum of 3 fields"
) )
@ -117,7 +122,9 @@ def setup_config(app: Flask) -> None:
app.config.from_pyfile(os.path.join("config", "secrets.py"), silent=True) app.config.from_pyfile(os.path.join("config", "secrets.py"), silent=True)
if app.config["SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"] is None: if app.config["SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"] is None:
raise ConfigurationError("SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR config must be set") raise ConfigurationError(
"SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR config must be set"
)
app.config["PROCESS_UUID"] = uuid.uuid4() app.config["PROCESS_UUID"] = uuid.uuid4()

View File

@ -2,14 +2,18 @@
import re import re
from os import environ from os import environ
SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR = environ.get("SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR") SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR = environ.get(
"SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"
)
cors_allow_all = "*" cors_allow_all = "*"
SPIFFWORKFLOW_BACKEND_CORS_ALLOW_ORIGINS = re.split( SPIFFWORKFLOW_BACKEND_CORS_ALLOW_ORIGINS = re.split(
r",\s*", environ.get("SPIFFWORKFLOW_BACKEND_CORS_ALLOW_ORIGINS", default=cors_allow_all) r",\s*",
environ.get("SPIFFWORKFLOW_BACKEND_CORS_ALLOW_ORIGINS", default=cors_allow_all),
) )
SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER = ( SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER = (
environ.get("SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER", default="false") == "true" environ.get("SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER", default="false")
== "true"
) )
SPIFFWORKFLOW_BACKEND_SPIFFWORKFLOW_FRONTEND_URL = environ.get( SPIFFWORKFLOW_BACKEND_SPIFFWORKFLOW_FRONTEND_URL = environ.get(
"SPIFFWORKFLOW_BACKEND_SPIFFWORKFLOW_FRONTEND_URL", default="http://localhost:7001" "SPIFFWORKFLOW_BACKEND_SPIFFWORKFLOW_FRONTEND_URL", default="http://localhost:7001"
@ -23,23 +27,27 @@ SPIFFWORKFLOW_BACKEND_CONNECTOR_PROXY_URL = environ.get(
) )
# Open ID server # Open ID server
# use "http://localhost:7000/openid" for running with simple openid
# server hosted by spiffworkflow-backend
SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL = environ.get( SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL = environ.get(
"SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL", "SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL",
default="http://localhost:7002/realms/spiffworkflow" default="http://localhost:7002/realms/spiffworkflow",
# "SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL", default="http://localhost:7000/openid"
) )
# Replace above line with this to use the built-in Open ID Server. SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_ID = environ.get(
# SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL = environ.get("SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL", default="http://localhost:7000/openid") "SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_ID", default="spiffworkflow-backend"
SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_ID = environ.get("SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_ID", default="spiffworkflow-backend") )
SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_SECRET_KEY = environ.get( SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_SECRET_KEY = environ.get(
"SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_SECRET_KEY", default="JXeQExm0JhQPLumgHtIIqf52bDalHz0q" "SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_SECRET_KEY",
default="JXeQExm0JhQPLumgHtIIqf52bDalHz0q",
) # noqa: S105 ) # noqa: S105
# Tenant specific fields is a comma separated list of field names that we will convert to list of strings # Tenant specific fields is a comma separated list of field names that we will convert to list of strings
# and store in the user table's tenant_specific_field_n columns. You can have up to three items in this # and store in the user table's tenant_specific_field_n columns. You can have up to three items in this
# comma-separated list. # comma-separated list.
SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS = environ.get("SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS") SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS = environ.get(
"SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS"
)
SPIFFWORKFLOW_BACKEND_LOG_TO_FILE = ( SPIFFWORKFLOW_BACKEND_LOG_TO_FILE = (
environ.get("SPIFFWORKFLOW_BACKEND_LOG_TO_FILE", default="false") == "true" environ.get("SPIFFWORKFLOW_BACKEND_LOG_TO_FILE", default="false") == "true"
@ -50,7 +58,9 @@ SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = environ.get(
) )
# Sentry Configuration # Sentry Configuration
SPIFFWORKFLOW_BACKEND_SENTRY_DSN = environ.get("SPIFFWORKFLOW_BACKEND_SENTRY_DSN", default="") SPIFFWORKFLOW_BACKEND_SENTRY_DSN = environ.get(
"SPIFFWORKFLOW_BACKEND_SENTRY_DSN", default=""
)
SPIFFWORKFLOW_BACKEND_SENTRY_ERRORS_SAMPLE_RATE = environ.get( SPIFFWORKFLOW_BACKEND_SENTRY_ERRORS_SAMPLE_RATE = environ.get(
"SPIFFWORKFLOW_BACKEND_SENTRY_ERRORS_SAMPLE_RATE", default="1" "SPIFFWORKFLOW_BACKEND_SENTRY_ERRORS_SAMPLE_RATE", default="1"
) # send all errors ) # send all errors
@ -64,13 +74,21 @@ SPIFFWORKFLOW_BACKEND_LOG_LEVEL = environ.get(
# When a user clicks on the `Publish` button, this is the default branch this server merges into. # When a user clicks on the `Publish` button, this is the default branch this server merges into.
# I.e., dev server could have `staging` here. Staging server might have `production` here. # I.e., dev server could have `staging` here. Staging server might have `production` here.
SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO = environ.get("SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO") SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO = environ.get(
"SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO"
)
SPIFFWORKFLOW_BACKEND_GIT_BRANCH = environ.get("SPIFFWORKFLOW_BACKEND_GIT_BRANCH") SPIFFWORKFLOW_BACKEND_GIT_BRANCH = environ.get("SPIFFWORKFLOW_BACKEND_GIT_BRANCH")
SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING = environ.get("GIT_CLONE_URL") SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING = environ.get("GIT_CLONE_URL")
SPIFFWORKFLOW_BACKEND_GIT_COMMIT_ON_SAVE = environ.get("SPIFFWORKFLOW_BACKEND_GIT_COMMIT_ON_SAVE", default="false") == "true" SPIFFWORKFLOW_BACKEND_GIT_COMMIT_ON_SAVE = (
SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY = environ.get("SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY") environ.get("SPIFFWORKFLOW_BACKEND_GIT_COMMIT_ON_SAVE", default="false") == "true"
)
SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY = environ.get(
"SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY"
)
SPIFFWORKFLOW_BACKEND_GIT_USERNAME = environ.get("SPIFFWORKFLOW_BACKEND_GIT_USERNAME") SPIFFWORKFLOW_BACKEND_GIT_USERNAME = environ.get("SPIFFWORKFLOW_BACKEND_GIT_USERNAME")
SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL = environ.get("SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL") SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL = environ.get(
"SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL"
)
# Database Configuration # Database Configuration
SPIFFWORKFLOW_BACKEND_SPIFF_DATABASE_TYPE = environ.get( SPIFFWORKFLOW_BACKEND_SPIFF_DATABASE_TYPE = environ.get(
@ -86,7 +104,9 @@ SPIFFWORKFLOW_BACKEND_SYSTEM_NOTIFICATION_PROCESS_MODEL_MESSAGE_ID = environ.get
) )
SPIFFWORKFLOW_BACKEND_ALLOW_CONFISCATING_LOCK_AFTER_SECONDS = int( SPIFFWORKFLOW_BACKEND_ALLOW_CONFISCATING_LOCK_AFTER_SECONDS = int(
environ.get("SPIFFWORKFLOW_BACKEND_ALLOW_CONFISCATING_LOCK_AFTER_SECONDS", default="600") environ.get(
"SPIFFWORKFLOW_BACKEND_ALLOW_CONFISCATING_LOCK_AFTER_SECONDS", default="600"
)
) )
SPIFFWORKFLOW_BACKEND_DEFAULT_USER_GROUP = environ.get( SPIFFWORKFLOW_BACKEND_DEFAULT_USER_GROUP = environ.get(

View File

@ -10,5 +10,6 @@ SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = environ.get(
) )
SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER = ( SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER = (
environ.get("SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER", default="false") == "true" environ.get("SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER", default="false")
== "true"
) )

View File

@ -1,9 +1,14 @@
"""Dev.""" """Dev."""
from os import environ from os import environ
SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO = environ.get("SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO", default="staging") SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO = environ.get(
SPIFFWORKFLOW_BACKEND_GIT_USERNAME = environ.get("SPIFFWORKFLOW_BACKEND_GIT_USERNAME", default="sartography-automated-committer") "SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO", default="staging"
)
SPIFFWORKFLOW_BACKEND_GIT_USERNAME = environ.get(
"SPIFFWORKFLOW_BACKEND_GIT_USERNAME", default="sartography-automated-committer"
)
SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL = environ.get( SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL = environ.get(
"SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL", default="sartography-automated-committer@users.noreply.github.com" "SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL",
default="sartography-automated-committer@users.noreply.github.com",
) )
SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = "dev.yml" SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = "dev.yml"

View File

@ -10,10 +10,13 @@ SPIFFWORKFLOW_BACKEND_LOG_LEVEL = environ.get(
) )
SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER = ( SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER = (
environ.get("SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER", default="false") == "true" environ.get("SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER", default="false")
== "true"
) )
SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING = environ.get( SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING = environ.get(
"GIT_CLONE_URL", default="https://github.com/sartography/sample-process-models.git" "GIT_CLONE_URL", default="https://github.com/sartography/sample-process-models.git"
) )
SPIFFWORKFLOW_BACKEND_GIT_USERNAME = "sartography-automated-committer" SPIFFWORKFLOW_BACKEND_GIT_USERNAME = "sartography-automated-committer"
SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL = f"{SPIFFWORKFLOW_BACKEND_GIT_USERNAME}@users.noreply.github.com" SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL = (
f"{SPIFFWORKFLOW_BACKEND_GIT_USERNAME}@users.noreply.github.com"
)

View File

@ -1,10 +1,15 @@
"""Qa1.""" """Qa1."""
from os import environ from os import environ
SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO = environ.get("SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO", default="qa2") SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO = environ.get(
SPIFFWORKFLOW_BACKEND_GIT_USERNAME = environ.get("SPIFFWORKFLOW_BACKEND_GIT_USERNAME", default="sartography-automated-committer") "SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO", default="qa2"
)
SPIFFWORKFLOW_BACKEND_GIT_USERNAME = environ.get(
"SPIFFWORKFLOW_BACKEND_GIT_USERNAME", default="sartography-automated-committer"
)
SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL = environ.get( SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL = environ.get(
"SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL", default=f"{SPIFFWORKFLOW_BACKEND_GIT_USERNAME}@users.noreply.github.com" "SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL",
default=f"{SPIFFWORKFLOW_BACKEND_GIT_USERNAME}@users.noreply.github.com",
) )
SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = environ.get( SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = environ.get(
"SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME", default="qa1.yml" "SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME", default="qa1.yml"

View File

@ -5,6 +5,10 @@ SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = environ.get(
"SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME", default="qa1.yml" "SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME", default="qa1.yml"
) )
SPIFFWORKFLOW_BACKEND_SPIFFWORKFLOW_FRONTEND_URL = "https://qa2.spiffworkflow.org" SPIFFWORKFLOW_BACKEND_SPIFFWORKFLOW_FRONTEND_URL = "https://qa2.spiffworkflow.org"
SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL = "https://qa2.spiffworkflow.org/keycloak/realms/spiffworkflow" SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL = (
"https://qa2.spiffworkflow.org/keycloak/realms/spiffworkflow"
)
SPIFFWORKFLOW_BACKEND_URL = "https://qa2.spiffworkflow.org/api" SPIFFWORKFLOW_BACKEND_URL = "https://qa2.spiffworkflow.org/api"
SPIFFWORKFLOW_BACKEND_CONNECTOR_PROXY_URL = "https://qa2.spiffworkflow.org/connector-proxy" SPIFFWORKFLOW_BACKEND_CONNECTOR_PROXY_URL = (
"https://qa2.spiffworkflow.org/connector-proxy"
)

View File

@ -2,8 +2,13 @@
from os import environ from os import environ
environment_identifier_for_this_config_file_only = environ["SPIFFWORKFLOW_BACKEND_ENV"] environment_identifier_for_this_config_file_only = environ["SPIFFWORKFLOW_BACKEND_ENV"]
SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL = f"https://keycloak.{environment_identifier_for_this_config_file_only}.spiffworkflow.org/realms/sartography" SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL = (
SPIFFWORKFLOW_BACKEND_GIT_BRANCH = environ.get("SPIFFWORKFLOW_BACKEND_GIT_BRANCH", default="main") f"https://keycloak.{environment_identifier_for_this_config_file_only}"
".spiffworkflow.org/realms/sartography"
)
SPIFFWORKFLOW_BACKEND_GIT_BRANCH = environ.get(
"SPIFFWORKFLOW_BACKEND_GIT_BRANCH", default="main"
)
SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING = environ.get( SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING = environ.get(
"GIT_CLONE_URL", "GIT_CLONE_URL",
default="https://github.com/sartography/sartography-process-models.git", default="https://github.com/sartography/sartography-process-models.git",

View File

@ -1,7 +1,11 @@
"""Staging.""" """Staging."""
from os import environ from os import environ
SPIFFWORKFLOW_BACKEND_GIT_BRANCH = environ.get("SPIFFWORKFLOW_BACKEND_GIT_BRANCH", default="staging") SPIFFWORKFLOW_BACKEND_GIT_BRANCH = environ.get(
SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO = environ.get("SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO", default="main") "SPIFFWORKFLOW_BACKEND_GIT_BRANCH", default="staging"
)
SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO = environ.get(
"SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO", default="main"
)
SPIFFWORKFLOW_BACKEND_GIT_COMMIT_ON_SAVE = False SPIFFWORKFLOW_BACKEND_GIT_COMMIT_ON_SAVE = False
SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = "staging.yml" SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = "staging.yml"

View File

@ -6,24 +6,33 @@ environment_identifier_for_this_config_file_only = environ["SPIFFWORKFLOW_BACKEN
SPIFFWORKFLOW_BACKEND_GIT_COMMIT_ON_SAVE = True SPIFFWORKFLOW_BACKEND_GIT_COMMIT_ON_SAVE = True
SPIFFWORKFLOW_BACKEND_GIT_USERNAME = "sartography-automated-committer" SPIFFWORKFLOW_BACKEND_GIT_USERNAME = "sartography-automated-committer"
SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL = f"{SPIFFWORKFLOW_BACKEND_GIT_USERNAME}@users.noreply.github.com" SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL = (
f"{SPIFFWORKFLOW_BACKEND_GIT_USERNAME}@users.noreply.github.com"
)
SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = environ.get( SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = environ.get(
"SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME", "SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME",
default="terraform_deployed_environment.yml", default="terraform_deployed_environment.yml",
) )
SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER = ( SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER = (
environ.get("SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER", default="false") == "true" environ.get("SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER", default="false")
== "true"
) )
SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL = f"https://keycloak.{environment_identifier_for_this_config_file_only}.spiffworkflow.org/realms/spiffworkflow" SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL = (
f"https://keycloak.{environment_identifier_for_this_config_file_only}"
".spiffworkflow.org/realms/spiffworkflow"
)
SPIFFWORKFLOW_BACKEND_SPIFFWORKFLOW_FRONTEND_URL = ( SPIFFWORKFLOW_BACKEND_SPIFFWORKFLOW_FRONTEND_URL = (
f"https://{environment_identifier_for_this_config_file_only}.spiffworkflow.org" f"https://{environment_identifier_for_this_config_file_only}.spiffworkflow.org"
) )
SPIFFWORKFLOW_BACKEND_URL = ( SPIFFWORKFLOW_BACKEND_URL = (
f"https://api.{environment_identifier_for_this_config_file_only}.spiffworkflow.org" f"https://api.{environment_identifier_for_this_config_file_only}.spiffworkflow.org"
) )
SPIFFWORKFLOW_BACKEND_CONNECTOR_PROXY_URL = f"https://connector-proxy.{environment_identifier_for_this_config_file_only}.spiffworkflow.org" SPIFFWORKFLOW_BACKEND_CONNECTOR_PROXY_URL = (
f"https://connector-proxy.{environment_identifier_for_this_config_file_only}"
".spiffworkflow.org"
)
SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING = environ.get( SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING = environ.get(
"GIT_CLONE_URL", default="https://github.com/sartography/sample-process-models.git" "GIT_CLONE_URL", default="https://github.com/sartography/sample-process-models.git"
) )

View File

@ -206,8 +206,12 @@ def handle_exception(exception: Exception) -> flask.wrappers.Response:
f" {exception.error_code}" f" {exception.error_code}"
) )
organization_slug = current_app.config.get("SPIFFWORKFLOW_BACKEND_SENTRY_ORGANIZATION_SLUG") organization_slug = current_app.config.get(
project_slug = current_app.config.get("SPIFFWORKFLOW_BACKEND_SENTRY_PROJECT_SLUG") "SPIFFWORKFLOW_BACKEND_SENTRY_ORGANIZATION_SLUG"
)
project_slug = current_app.config.get(
"SPIFFWORKFLOW_BACKEND_SENTRY_PROJECT_SLUG"
)
if organization_slug and project_slug: if organization_slug and project_slug:
sentry_link = ( sentry_link = (
f"https://sentry.io/{organization_slug}/{project_slug}/events/{id}" f"https://sentry.io/{organization_slug}/{project_slug}/events/{id}"

View File

@ -225,7 +225,9 @@ def process_model_publish(
) -> flask.wrappers.Response: ) -> flask.wrappers.Response:
"""Process_model_publish.""" """Process_model_publish."""
if branch_to_update is None: if branch_to_update is None:
branch_to_update = current_app.config["SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO"] branch_to_update = current_app.config[
"SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO"
]
if branch_to_update is None: if branch_to_update is None:
raise MissingGitConfigsError( raise MissingGitConfigsError(
"Missing config for SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO. " "Missing config for SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO. "

View File

@ -27,7 +27,9 @@ def authentication_list() -> flask.wrappers.Response:
available_authentications = ServiceTaskService.authentication_list() available_authentications = ServiceTaskService.authentication_list()
response_json = { response_json = {
"results": available_authentications, "results": available_authentications,
"connector_proxy_base_url": current_app.config["SPIFFWORKFLOW_BACKEND_CONNECTOR_PROXY_URL"], "connector_proxy_base_url": current_app.config[
"SPIFFWORKFLOW_BACKEND_CONNECTOR_PROXY_URL"
],
"redirect_url": f"{current_app.config['SPIFFWORKFLOW_BACKEND_URL']}/v1.0/authentication_callback", "redirect_url": f"{current_app.config['SPIFFWORKFLOW_BACKEND_URL']}/v1.0/authentication_callback",
} }

View File

@ -186,7 +186,9 @@ def set_new_access_token_in_cookie(
""" """
tld = current_app.config["THREAD_LOCAL_DATA"] tld = current_app.config["THREAD_LOCAL_DATA"]
domain_for_frontend_cookie: Optional[str] = re.sub( domain_for_frontend_cookie: Optional[str] = re.sub(
r"^https?:\/\/", "", current_app.config["SPIFFWORKFLOW_BACKEND_SPIFFWORKFLOW_FRONTEND_URL"] r"^https?:\/\/",
"",
current_app.config["SPIFFWORKFLOW_BACKEND_SPIFFWORKFLOW_FRONTEND_URL"],
) )
if domain_for_frontend_cookie and domain_for_frontend_cookie.startswith( if domain_for_frontend_cookie and domain_for_frontend_cookie.startswith(
"localhost" "localhost"
@ -351,7 +353,9 @@ def logout(id_token: str, redirect_url: Optional[str]) -> Response:
def logout_return() -> Response: def logout_return() -> Response:
"""Logout_return.""" """Logout_return."""
frontend_url = str(current_app.config["SPIFFWORKFLOW_BACKEND_SPIFFWORKFLOW_FRONTEND_URL"]) frontend_url = str(
current_app.config["SPIFFWORKFLOW_BACKEND_SPIFFWORKFLOW_FRONTEND_URL"]
)
return redirect(f"{frontend_url}/") return redirect(f"{frontend_url}/")

View File

@ -73,7 +73,9 @@ class AuthenticationService:
@staticmethod @staticmethod
def secret_key() -> str: def secret_key() -> str:
"""Returns the secret key from the config.""" """Returns the secret key from the config."""
return current_app.config.get("SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_SECRET_KEY", "") return current_app.config.get(
"SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_SECRET_KEY", ""
)
@classmethod @classmethod
def open_id_endpoint_for_name(cls, name: str) -> str: def open_id_endpoint_for_name(cls, name: str) -> str:

View File

@ -107,7 +107,9 @@ class AuthorizationService:
) )
received_sign = auth_header.split("sha256=")[-1].strip() received_sign = auth_header.split("sha256=")[-1].strip()
secret = current_app.config["SPIFFWORKFLOW_BACKEND_GITHUB_WEBHOOK_SECRET"].encode() secret = current_app.config[
"SPIFFWORKFLOW_BACKEND_GITHUB_WEBHOOK_SECRET"
].encode()
expected_sign = HMAC(key=secret, msg=request.data, digestmod=sha256).hexdigest() expected_sign = HMAC(key=secret, msg=request.data, digestmod=sha256).hexdigest()
if not compare_digest(received_sign, expected_sign): if not compare_digest(received_sign, expected_sign):
raise TokenInvalidError( raise TokenInvalidError(

View File

@ -37,7 +37,9 @@ class GitService:
@classmethod @classmethod
def get_current_revision(cls) -> str: def get_current_revision(cls) -> str:
"""Get_current_revision.""" """Get_current_revision."""
bpmn_spec_absolute_dir = current_app.config["SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"] bpmn_spec_absolute_dir = current_app.config[
"SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"
]
# The value includes a carriage return character at the end, so we don't grab the last character # The value includes a carriage return character at the end, so we don't grab the last character
with FileSystemService.cd(bpmn_spec_absolute_dir): with FileSystemService.cd(bpmn_spec_absolute_dir):
return cls.run_shell_command_to_get_stdout( return cls.run_shell_command_to_get_stdout(
@ -52,7 +54,9 @@ class GitService:
file_name: Optional[str] = None, file_name: Optional[str] = None,
) -> str: ) -> str:
"""Get_instance_file_contents_for_revision.""" """Get_instance_file_contents_for_revision."""
bpmn_spec_absolute_dir = current_app.config["SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"] bpmn_spec_absolute_dir = current_app.config[
"SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"
]
process_model_relative_path = FileSystemService.process_model_relative_path( process_model_relative_path = FileSystemService.process_model_relative_path(
process_model process_model
) )
@ -81,17 +85,24 @@ class GitService:
branch_name_to_use = current_app.config["SPIFFWORKFLOW_BACKEND_GIT_BRANCH"] branch_name_to_use = current_app.config["SPIFFWORKFLOW_BACKEND_GIT_BRANCH"]
repo_path_to_use = repo_path repo_path_to_use = repo_path
if repo_path is None: if repo_path is None:
repo_path_to_use = current_app.config["SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"] repo_path_to_use = current_app.config[
if repo_path_to_use is None: "SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"
raise ConfigurationError("SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR config must be set")
if current_app.config["SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY"]:
os.environ["SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY"] = current_app.config[
"SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY"
] ]
if repo_path_to_use is None:
raise ConfigurationError(
"SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR config must be set"
)
if current_app.config["SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY"]:
os.environ["SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY"] = (
current_app.config["SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY"]
)
git_username = "" git_username = ""
git_email = "" git_email = ""
if current_app.config["SPIFFWORKFLOW_BACKEND_GIT_USERNAME"] and current_app.config["SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL"]: if (
current_app.config["SPIFFWORKFLOW_BACKEND_GIT_USERNAME"]
and current_app.config["SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL"]
):
git_username = current_app.config["SPIFFWORKFLOW_BACKEND_GIT_USERNAME"] git_username = current_app.config["SPIFFWORKFLOW_BACKEND_GIT_USERNAME"]
git_email = current_app.config["SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL"] git_email = current_app.config["SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL"]
shell_command_path = os.path.join( shell_command_path = os.path.join(
@ -126,10 +137,13 @@ class GitService:
"Missing config for SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO. " "Missing config for SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO. "
"This is required for publishing process models" "This is required for publishing process models"
) )
if current_app.config["SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING"] is None: if (
current_app.config["SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING"]
is None
):
raise MissingGitConfigsError( raise MissingGitConfigsError(
"Missing config for SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING. " "Missing config for SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING."
"This is required for publishing process models" " This is required for publishing process models"
) )
@classmethod @classmethod
@ -182,7 +196,10 @@ class GitService:
) )
clone_url = webhook["repository"]["clone_url"] clone_url = webhook["repository"]["clone_url"]
if clone_url != current_app.config["SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING"]: if (
clone_url
!= current_app.config["SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING"]
):
raise GitCloneUrlMismatchError( raise GitCloneUrlMismatchError(
"Configured clone url does not match clone url from webhook:" "Configured clone url does not match clone url from webhook:"
f" {clone_url}" f" {clone_url}"
@ -195,8 +212,8 @@ class GitService:
if current_app.config["SPIFFWORKFLOW_BACKEND_GIT_BRANCH"] is None: if current_app.config["SPIFFWORKFLOW_BACKEND_GIT_BRANCH"] is None:
raise MissingGitConfigsError( raise MissingGitConfigsError(
"Missing config for SPIFFWORKFLOW_BACKEND_GIT_BRANCH. This is required for updating the" "Missing config for SPIFFWORKFLOW_BACKEND_GIT_BRANCH. This is required"
" repository as a result of the webhook" " for updating the repository as a result of the webhook"
) )
ref = webhook["ref"] ref = webhook["ref"]
@ -204,7 +221,9 @@ class GitService:
if ref != f"refs/heads/{git_branch}": if ref != f"refs/heads/{git_branch}":
return False return False
with FileSystemService.cd(current_app.config["SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"]): with FileSystemService.cd(
current_app.config["SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"]
):
cls.run_shell_command(["git", "pull"]) cls.run_shell_command(["git", "pull"])
return True return True
@ -223,7 +242,9 @@ class GitService:
# we are adding a guid to this so the flake8 issue has been mitigated # we are adding a guid to this so the flake8 issue has been mitigated
destination_process_root = f"/tmp/{clone_dir}" # noqa destination_process_root = f"/tmp/{clone_dir}" # noqa
git_clone_url = current_app.config["SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING"] git_clone_url = current_app.config[
"SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING"
]
if git_clone_url.startswith("https://"): if git_clone_url.startswith("https://"):
git_clone_url = git_clone_url.replace( git_clone_url = git_clone_url.replace(
"https://", "https://",

View File

@ -1301,7 +1301,9 @@ class ProcessInstanceProcessor:
current_time_in_seconds = round(time.time()) current_time_in_seconds = round(time.time())
lock_expiry_in_seconds = ( lock_expiry_in_seconds = (
current_time_in_seconds current_time_in_seconds
- current_app.config["SPIFFWORKFLOW_BACKEND_ALLOW_CONFISCATING_LOCK_AFTER_SECONDS"] - current_app.config[
"SPIFFWORKFLOW_BACKEND_ALLOW_CONFISCATING_LOCK_AFTER_SECONDS"
]
) )
query_text = text( query_text = text(