sartography
/
spiffworkflow-backend
mirror of https://github.com/sartography/spiffworkflow-backend.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into cullerton

This commit is contained in:
mike cullerton 2022-08-02 16:26:31 -04:00
parent f8461a49d8 c2c5a665da
commit 188dfc1a74
6 changed files with 85 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
.github/workflows/tests.yml vendored
View File

@ -129,15 +129,6 @@ jobs:
key: ${{ steps.pre-commit-cache.outputs.result }}-${{ hashFiles('.pre-commit-config.yaml') }} key: ${{ steps.pre-commit-cache.outputs.result }}-${{ hashFiles('.pre-commit-config.yaml') }}
restore-keys: | restore-keys: |
${{ steps.pre-commit-cache.outputs.result }}- ${{ steps.pre-commit-cache.outputs.result }}-
# TODO: remove keycloak server when calls to keycloak are being mocked
- name: start_keycloak
run: ./bin/start_keycloak
if: matrix.session == 'tests'
- name: wait_for_keycloak
run: ./bin/wait_for_keycloak 5
if: matrix.session == 'tests'
- name: Setup Mysql - name: Setup Mysql
uses: mirromutth/mysql-action@v1.1 uses: mirromutth/mysql-action@v1.1
with: with:

14
bin/boot_in_docker_debug_mode Executable file
View File

@ -0,0 +1,14 @@
#!/usr/bin/env bash
function error_handler() {
>&2 echo "Exited with BAD EXIT CODE '${2}' in ${0} script at line: ${1}."
exit "$2"
}
trap 'error_handler ${LINENO} $?' ERR
set -o errtrace -o errexit -o nounset -o pipefail
if [[ ! -f /app/log/db_development.log ]]; then
touch /app/log/db_development.log
fi
tail -f /app/log/db_development.log

10
bin/build_and_run_with_docker_compose
View File

@ -12,13 +12,17 @@ if [[ -z "${BPMN_SPEC_ABSOLUTE_DIR:-}" ]]; then
export BPMN_SPEC_ABSOLUTE_DIR="$script_dir/../../sample-process-models" export BPMN_SPEC_ABSOLUTE_DIR="$script_dir/../../sample-process-models"
fi fi
if [[ -z "${SPIFFWORKFLOW_BACKEND_DOCKER_COMPOSE_PROFILE:-}" ]]; then
export SPIFFWORKFLOW_BACKEND_DOCKER_COMPOSE_PROFILE=run
fi
additional_args="" additional_args=""
if [[ "${RUN_WITH_DAEMON:-}" != "false" ]]; then if [[ "${RUN_WITH_DAEMON:-}" != "false" ]]; then
additional_args="${additional_args} -d" additional_args="${additional_args} -d"
fi fi
docker compose build docker compose --profile "$SPIFFWORKFLOW_BACKEND_DOCKER_COMPOSE_PROFILE" build
docker compose stop docker compose --profile "$SPIFFWORKFLOW_BACKEND_DOCKER_COMPOSE_PROFILE" stop
# i observed a case locally where the db had a stale sqlalchemy revision which # i observed a case locally where the db had a stale sqlalchemy revision which
# caused the backend to exit and when docker compose up was running with # caused the backend to exit and when docker compose up was running with
@ -29,4 +33,4 @@ docker compose stop
# bin/wait_for_server_to_be_up script. # bin/wait_for_server_to_be_up script.
docker volume rm spiffworkflow-backend_spiffworkflow_backend || echo 'docker volume not found' docker volume rm spiffworkflow-backend_spiffworkflow_backend || echo 'docker volume not found'
docker compose up --wait $additional_args docker compose --profile "$SPIFFWORKFLOW_BACKEND_DOCKER_COMPOSE_PROFILE" up --wait $additional_args

4
bin/deploy
View File

@ -27,6 +27,10 @@ if [[ -z "${SPIFFWORKFLOW_BACKEND_DATABASE_DOCKER_RESTART_POLICY:-}" ]]; then
export SPIFFWORKFLOW_BACKEND_DATABASE_DOCKER_RESTART_POLICY=always export SPIFFWORKFLOW_BACKEND_DATABASE_DOCKER_RESTART_POLICY=always
fi fi
if [[ -z "${SPIFFWORKFLOW_BACKEND_DOCKER_COMPOSE_PROFILE:-}" ]]; then
export SPIFFWORKFLOW_BACKEND_DOCKER_COMPOSE_PROFILE=run
fi
git pull git pull
./bin/build_and_run_with_docker_compose ./bin/build_and_run_with_docker_compose
./bin/wait_for_server_to_be_up ./bin/wait_for_server_to_be_up

16
bin/start_keycloak
View File

@ -6,10 +6,22 @@ function error_handler() {
} }
trap 'error_handler ${LINENO} $?' ERR trap 'error_handler ${LINENO} $?' ERR
set -o errtrace -o errexit -o nounset -o pipefail set -o errtrace -o errexit -o nounset -o pipefail
set -x
if ! grep -qE '\<spiffworkflow\>' <<<"$(docker network ls)" ; then
docker network create spiffworkflow
fi
docker rm keycloak 2>/dev/null || echo 'no keycloak container found' docker rm keycloak 2>/dev/null || echo 'no keycloak container found'
docker run -p 7002:8080 -d --name keycloak -e KEYCLOAK_LOGLEVEL=ALL -e ROOT_LOGLEVEL=ALL -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin quay.io/keycloak/keycloak:18.0.2 start-dev -Dkeycloak.profile.feature.token_exchange=enabled -Dkeycloak.profile.feature.admin_fine_grained_authz=enabled docker run \
-p 7002:8080 \
-d \
--network=spiffworkflow \
--name keycloak \
-e KEYCLOAK_LOGLEVEL=ALL \
-e ROOT_LOGLEVEL=ALL \
-e KEYCLOAK_ADMIN=admin \
-e KEYCLOAK_ADMIN_PASSWORD=admin quay.io/keycloak/keycloak:18.0.2 start-dev \
-Dkeycloak.profile.feature.token_exchange=enabled \
-Dkeycloak.profile.feature.admin_fine_grained_authz=enabled
docker cp bin/finance-realm.json keycloak:/tmp docker cp bin/finance-realm.json keycloak:/tmp
docker cp bin/spiffworkflow-realm.json keycloak:/tmp docker cp bin/spiffworkflow-realm.json keycloak:/tmp

51
docker-compose.yml
View File

@ -1,3 +1,21 @@
# Why we are running with network_mode: host
# Wow this has been awful. We run three things in docker: mysql, keycloak, and the backend server.
# The backend-server needs to talk to the other two.
#
# In order to talk to keycloak, it needs to go through localhost so that it can communicate with
# keycloak using the same url as the frontend so that tokens can be properly validated.
# If the domains are different, keycloak invalidates the token. There may be a way to change
# this but I didn't find it.
#
# In order for the backend server to talk to the mysql server, they need to be on the same network.
# I tried splitting it out where the mysql runs on a custom network and the backend runs on both
# the custom network AND with localhost. Nothing I tried worked and googling didn't help. They
# only ever mentioned one thing or using host.docker.internal which would cause the domains to
# be different.
#
# So instead we are running with both the mysql server and the backend server in host netowrk mode.
# There may be a better way to do this but if it works, then it works.
version: "3.8" version: "3.8"
services: services:
db: db:
@ -10,8 +28,10 @@ services:
environment: environment:
- MYSQL_DATABASE=${SPIFFWORKFLOW_BACKEND_DATABASE_NAME:-spiffworkflow_backend_development} - MYSQL_DATABASE=${SPIFFWORKFLOW_BACKEND_DATABASE_NAME:-spiffworkflow_backend_development}
- MYSQL_ROOT_PASSWORD=${SPIFFWORKFLOW_BACKEND_MYSQL_ROOT_DATABASE:-my-secret-pw} - MYSQL_ROOT_PASSWORD=${SPIFFWORKFLOW_BACKEND_MYSQL_ROOT_DATABASE:-my-secret-pw}
- MYSQL_TCP_PORT=7003
network_mode: host
ports: ports:
- "3306" - "7003"
volumes: volumes:
- spiffworkflow_backend:/var/lib/mysql - spiffworkflow_backend:/var/lib/mysql
healthcheck: healthcheck:
@ -20,13 +40,13 @@ services:
timeout: 5s timeout: 5s
retries: 10 retries: 10
spiffworkflow-backend: spiffworkflow-backend: &spiffworkflow-backend
container_name: spiffworkflow-backend container_name: spiffworkflow-backend
# command: tail -f /etc/hostname profiles:
- run
depends_on: depends_on:
db: db:
condition: service_healthy condition: service_healthy
# image: sartography/cr-connect-workflow:dev
build: build:
context: . context: .
environment: environment:
@ -36,11 +56,12 @@ services:
- FLASK_SESSION_SECRET_KEY=${FLASK_SESSION_SECRET_KEY:-super_secret_key} - FLASK_SESSION_SECRET_KEY=${FLASK_SESSION_SECRET_KEY:-super_secret_key}
- SPIFFWORKFLOW_BACKEND_PORT=7000 - SPIFFWORKFLOW_BACKEND_PORT=7000
- SPIFFWORKFLOW_BACKEND_UPGRADE_DB=true - SPIFFWORKFLOW_BACKEND_UPGRADE_DB=true
- SPIFFWORKFLOW_BACKEND_DATABASE_URI=mysql+mysqlconnector://root:${SPIFFWORKFLOW_BACKEND_MYSQL_ROOT_DATABASE:-my-secret-pw}@db/${SPIFFWORKFLOW_BACKEND_DATABASE_NAME:-spiffworkflow_backend_development} - SPIFFWORKFLOW_BACKEND_DATABASE_URI=mysql+mysqlconnector://root:${SPIFFWORKFLOW_BACKEND_MYSQL_ROOT_DATABASE:-my-secret-pw}@localhost:7003/${SPIFFWORKFLOW_BACKEND_DATABASE_NAME:-spiffworkflow_backend_development}
- BPMN_SPEC_ABSOLUTE_DIR=/app/process_models - BPMN_SPEC_ABSOLUTE_DIR=/app/process_models
- SPIFFWORKFLOW_BACKEND_LOAD_FIXTURE_DATA=${SPIFFWORKFLOW_BACKEND_LOAD_FIXTURE_DATA:-false} - SPIFFWORKFLOW_BACKEND_LOAD_FIXTURE_DATA=${SPIFFWORKFLOW_BACKEND_LOAD_FIXTURE_DATA:-false}
ports: ports:
- "7000:7000" - "7000:7000"
network_mode: host
volumes: volumes:
- ${BPMN_SPEC_ABSOLUTE_DIR:-./../sample-process-models}:/app/process_models - ${BPMN_SPEC_ABSOLUTE_DIR:-./../sample-process-models}:/app/process_models
- ./log:/app/log - ./log:/app/log
@ -50,6 +71,26 @@ services:
timeout: 5s timeout: 5s
retries: 20 retries: 20
spiffworkflow-backend-local-debug:
<<: *spiffworkflow-backend
container_name: spiffworkflow-backend-local-debug
profiles:
- debug
volumes:
- ${BPMN_SPEC_ABSOLUTE_DIR:-./../sample-process-models}:/app/process_models
- ./:/app
command: /app/bin/boot_in_docker_debug_mode
# the docs say we can disable healthchecks with disable: true
# but it returns a bad exit code so setup one that doesn't matter
# since there is nothing to healthcheck in this case
# https://docs.docker.com/compose/compose-file/compose-file-v3/#healthcheck
healthcheck:
test: cat /etc/hosts
interval: 10s
timeout: 5s
retries: 20
volumes: volumes:
spiffworkflow_backend: spiffworkflow_backend:
driver: local driver: local