allow overriding docker-compose configs with env vars w/ burnettk

bin/boot_server_in_docker

@@ -15,12 +15,12 @@ if [ "${DOWNGRADE_DB:-}" = "true" ]; then
   poetry run flask db downgrade
 fi
 
-if [ "${UPGRADE_DB:-}" = "true" ]; then
+if [[ "${SPIFFWORKFLOW_BACKEND_UPGRADE_DB:-}" == "true" ]]; then
   echo 'Upgrading database...'
   poetry run flask db upgrade
 fi
 
-port="${PORT0:-}"
+port="${SPIFFWORKFLOW_BACKEND_PORT:-}"
 if [[ -z "$port" ]]; then
   port=7000
 fi
@@ -32,4 +32,4 @@ if [[ "${APPLICATION_ROOT:-}" != "/" ]]; then
 fi
 
 # THIS MUST BE THE LAST COMMAND!
-exec poetry run gunicorn ${additional_args} --bind "0.0.0.0:$PORT0" --workers=3 --timeout 90 --log-level debug wsgi:app
+exec poetry run gunicorn ${additional_args} --bind "0.0.0.0:$SPIFFWORKFLOW_BACKEND_PORT" --workers=3 --timeout 90 --log-level debug wsgi:app

bin/deploy

@@ -7,6 +7,26 @@ function error_handler() {
 trap 'error_handler ${LINENO} $?' ERR
 set -o errtrace -o errexit -o nounset -o pipefail
 
+if [[ -z "${FLASK_ENV:-}" ]]; then
+  export FLASK_ENV=staging
+fi
+
+if [[ -z "${FLASK_SESSION_SECRET_KEY:-}" ]]; then
+  export FLASK_SESSION_SECRET_KEY=staging_super_secret_key_dont_tell_anyone
+fi
+
+if [[ -z "${SPIFFWORKFLOW_BACKEND_MYSQL_ROOT_PASSWORD:-}" ]]; then
+  export SPIFFWORKFLOW_BACKEND_MYSQL_ROOT_PASSWORD=St4g3Th1515
+fi
+
+if [[ -z "${SPIFFWORKFLOW_BACKEND_DATABASE_NAME:-}" ]]; then
+  export SPIFFWORKFLOW_BACKEND_DATABASE_NAME=spiffworkflow_backend_staging
+fi
+
+if [[ -z "${SPIFFWORKFLOW_BACKEND_DATABASE_DOCKER_RESTART_POLICY:-}" ]]; then
+  export SPIFFWORKFLOW_BACKEND_DATABASE_DOCKER_RESTART_POLICY=always
+fi
+
 git pull
 ./bin/docker_restart
 ./bin/wait_for_server_to_be_up

docker-compose.yml

@@ -5,16 +5,16 @@ services:
     image: mysql:8.0.29
     cap_add:
       - SYS_NICE
-    restart: always
+    restart: "${SPIFFWORKFLOW_BACKEND_DATABASE_DOCKER_RESTART_POLICY:-no}"
     environment:
-      - MYSQL_DATABASE=spiffworkflow_backend_staging
+      - MYSQL_DATABASE=${SPIFFWORKFLOW_BACKEND_DATABASE_NAME:-spiffworkflow_backend_development}
-      - MYSQL_ROOT_PASSWORD=St4g3Th1515
+      - MYSQL_ROOT_PASSWORD=${SPIFFWORKFLOW_BACKEND_MYSQL_ROOT_DATABASE:-my-secret-pw}
     ports:
       - "3306"
     volumes:
       - spiffworkflow_backend:/var/lib/mysql
     healthcheck:
-      test: mysql --user=root --password=St4g3Th1515 -e 'select 1' spiffworkflow_backend_staging
+      test: mysql --user=root --password=${SPIFFWORKFLOW_BACKEND_MYSQL_ROOT_DATABASE:-my-secret-pw} -e 'select 1' ${SPIFFWORKFLOW_BACKEND_DATABASE_NAME:-spiffworkflow_backend_development}
 
   spiffworkflow-backend:
     container_name: spiffworkflow-backend
@@ -27,14 +27,11 @@ services:
       context: .
     environment:
       - APPLICATION_ROOT=/
-      - FLASK_ENV=staging
+      - FLASK_ENV=${FLASK_ENV:-development}
-      - FLASK_SESSION_SECRET_KEY=super_secret_key
+      - FLASK_SESSION_SECRET_KEY=${FLASK_SESSION_SECRET_KEY:-super_secret_key}
-      - DEVELOPMENT=true
+      - SPIFFWORKFLOW_BACKEND_PORT=7000
-      - LDAP_URL=mock
+      - SPIFFWORKFLOW_BACKEND_UPGRADE_DB=true
-      - PORT0=7000
+      - SPIFFWORKFLOW_BACKEND_DATABASE_URI=mysql+mysqlconnector://root:${SPIFFWORKFLOW_BACKEND_MYSQL_ROOT_DATABASE:-my-secret-pw}@db/${SPIFFWORKFLOW_BACKEND_DATABASE_NAME:-spiffworkflow_backend_development}
-      - PRODUCTION=false
-      - UPGRADE_DB=true
-      - DATABASE_URI=mysql+mysqlconnector://root:St4g3Th1515@db/spiffworkflow_backend_staging
       - BPMN_SPEC_ABSOLUTE_DIR=/app/process_models
     ports:
       - "7000:7000"

src/spiffworkflow_backend/config/__init__.py

@@ -21,7 +21,7 @@ def setup_logger_for_sql_statements(app: Flask) -> None:
 
 def setup_database_uri(app: Flask) -> None:
     """Setup_database_uri."""
-    if os.environ.get("DATABASE_URI") is None:
+    if os.environ.get("SPIFFWORKFLOW_BACKEND_DATABASE_URI") is None:
         if os.environ.get("SPIFF_DATABASE_TYPE") == "sqlite":
             app.config[
                 "SQLALCHEMY_DATABASE_URI"
@@ -39,7 +39,7 @@ def setup_database_uri(app: Flask) -> None:
                 "SQLALCHEMY_DATABASE_URI"
             ] = f"mysql+mysqlconnector://root:{db_pswd}@localhost/spiffworkflow_backend_{app.env}"
     else:
-        app.config["SQLALCHEMY_DATABASE_URI"] = os.environ.get("DATABASE_URI")
+        app.config["SQLALCHEMY_DATABASE_URI"] = os.environ.get("SPIFFWORKFLOW_BACKEND_DATABASE_URI")
 
 
 def setup_config(app: Flask) -> None:

src/spiffworkflow_backend/routes/user.py

@@ -50,28 +50,6 @@ def verify_token(token: Optional[str] = None) -> Dict[str, Optional[str]]:
         else:
             raise failure_error
 
-    # If there's no token and we're in production, get the user from the SSO headers and return their token
-    elif _is_production():
-        uid = "TEST_UID"
-
-        if uid is not None:
-            db_user = UserModel.query.filter_by(uid=uid).first()
-
-            # If the user is valid, store the user and token for this session
-            if db_user is not None:
-                g.user = db_user
-                token_from_user = g.user.encode_auth_token()
-                g.token = token_from_user
-                token_info = UserModel.decode_auth_token(token_from_user)
-                return token_info
-
-            else:
-                raise ApiError(
-                    "no_user",
-                    "User not found. Please login via the frontend app before accessing this feature.",
-                    status_code=403,
-                )
-
     else:
         # Fall back to a default user if this is not production.
         g.user = UserModel.query.first()
@@ -83,8 +61,3 @@ def verify_token(token: Optional[str] = None) -> Dict[str, Optional[str]]:
         token_from_user = g.user.encode_auth_token()
         token_info = UserModel.decode_auth_token(token_from_user)
         return token_info
-
-
-def _is_production() -> bool:
-    """_is_production."""
-    return "PRODUCTION" in current_app.config and current_app.config["PRODUCTION"]