Merge branch 'main' into feature/message_fixes
This commit is contained in:
commit
50d3ee544b
|
@ -78,12 +78,12 @@ jobs:
|
|||
- { python: "3.11", os: "ubuntu-latest", session: "docs-build" }
|
||||
|
||||
env:
|
||||
NOXSESSION: ${{ matrix.session }}
|
||||
SPIFF_DATABASE_TYPE: ${{ matrix.database }}
|
||||
FORCE_COLOR: "1"
|
||||
PRE_COMMIT_COLOR: "always"
|
||||
DB_PASSWORD: password
|
||||
FLASK_SESSION_SECRET_KEY: super_secret_key
|
||||
FORCE_COLOR: "1"
|
||||
NOXSESSION: ${{ matrix.session }}
|
||||
PRE_COMMIT_COLOR: "always"
|
||||
SPIFFWORKFLOW_BACKEND_DATABASE_PASSWORD: password
|
||||
SPIFFWORKFLOW_BACKEND_DATABASE_TYPE: ${{ matrix.database }}
|
||||
|
||||
steps:
|
||||
- name: Check out the repository
|
||||
|
|
|
@ -56,7 +56,7 @@ jobs:
|
|||
path: pr/
|
||||
|
||||
cypress-run:
|
||||
runs-on: ubuntu-20.04
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
|
@ -88,7 +88,7 @@ jobs:
|
|||
working-directory: ./spiffworkflow-backend
|
||||
run: ./keycloak/bin/wait_for_keycloak 5
|
||||
- name: Cypress run
|
||||
uses: cypress-io/github-action@v4
|
||||
uses: cypress-io/github-action@v5
|
||||
with:
|
||||
working-directory: ./spiffworkflow-frontend
|
||||
browser: chrome
|
||||
|
@ -101,6 +101,7 @@ jobs:
|
|||
CYPRESS_RECORD_KEY: ${{ secrets.CYPRESS_RECORD_KEY }}
|
||||
# pass GitHub token to allow accurately detecting a build vs a re-run build
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
CYPRESS_SPIFFWORKFLOW_FRONTEND_AUTH_WITH_KEYCLOAK: "true"
|
||||
- name: get_backend_logs_from_docker_compose
|
||||
if: failure()
|
||||
working-directory: ./spiffworkflow-backend
|
||||
|
|
|
@ -115,3 +115,32 @@ jobs:
|
|||
push: true
|
||||
tags: ${{ steps.meta.outputs.tags }}
|
||||
labels: ${{ steps.meta.outputs.labels }}
|
||||
|
||||
quickstart-guide-test:
|
||||
runs-on: ubuntu-latest
|
||||
needs: [create_frontend_docker_container, create_backend_docker_container, create_demo-proxy]
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
- name: Setup Apps
|
||||
run: ./bin/run_arena_with_docker_compose
|
||||
- name: wait_for_backend
|
||||
working-directory: ./spiffworkflow-backend
|
||||
run: ./bin/wait_for_server_to_be_up 5 8000
|
||||
- name: wait_for_frontend
|
||||
working-directory: ./spiffworkflow-frontend
|
||||
run: ./bin/wait_for_frontend_to_be_up 5 8001
|
||||
- name: Cypress run
|
||||
uses: cypress-io/github-action@v5
|
||||
with:
|
||||
working-directory: ./spiffworkflow-frontend
|
||||
browser: chrome
|
||||
# just run one test to make sure we didn't completely break it
|
||||
spec: cypress/e2e/process_groups.cy.js
|
||||
env:
|
||||
# pass GitHub token to allow accurately detecting a build vs a re-run build
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
CYPRESS_SPIFFWORKFLOW_FRONTEND_AUTH_WITH_KEYCLOAK: "false"
|
||||
CYPRESS_SPIFFWORKFLOW_FRONTEND_USERNAME: "admin"
|
||||
CYPRESS_SPIFFWORKFLOW_FRONTEND_PASSWORD: "admin"
|
||||
SPIFFWORKFLOW_FRONTEND_PORT: 8001
|
||||
|
|
|
@ -0,0 +1,14 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
function error_handler() {
|
||||
>&2 echo "Exited with BAD EXIT CODE '${2}' in ${0} script at line: ${1}."
|
||||
exit "$2"
|
||||
}
|
||||
trap 'error_handler ${LINENO} $?' ERR
|
||||
set -o errtrace -o errexit -o nounset -o pipefail
|
||||
|
||||
mkdir -p spiffworkflow
|
||||
cd spiffworkflow
|
||||
wget https://raw.githubusercontent.com/sartography/spiff-arena/main/docker-compose.yml
|
||||
docker compose pull
|
||||
docker compose up -d
|
|
@ -7,9 +7,9 @@ services:
|
|||
condition: service_healthy
|
||||
environment:
|
||||
APPLICATION_ROOT: "/"
|
||||
PORT0: "${SPIFF_FRONTEND_PORT:-8001}"
|
||||
PORT0: "${SPIFFWORKFLOW_FRONTEND_PORT:-8001}"
|
||||
ports:
|
||||
- "${SPIFF_FRONTEND_PORT:-8001}:${SPIFF_FRONTEND_PORT:-8001}/tcp"
|
||||
- "${SPIFFWORKFLOW_FRONTEND_PORT:-8001}:${SPIFFWORKFLOW_FRONTEND_PORT:-8001}/tcp"
|
||||
|
||||
spiffworkflow-backend:
|
||||
container_name: spiffworkflow-backend
|
||||
|
@ -18,24 +18,25 @@ services:
|
|||
spiffworkflow-db:
|
||||
condition: service_healthy
|
||||
environment:
|
||||
APPLICATION_ROOT: "/"
|
||||
SPIFFWORKFLOW_BACKEND_APPLICATION_ROOT: "/"
|
||||
SPIFFWORKFLOW_BACKEND_ENV: "local_development"
|
||||
FLASK_DEBUG: "0"
|
||||
FLASK_SESSION_SECRET_KEY: "${FLASK_SESSION_SECRET_KEY:-super_secret_key}"
|
||||
OPEN_ID_SERVER_URL: "http://localhost:${SPIFF_BACKEND_PORT:-8000}/openid"
|
||||
SPIFFWORKFLOW_FRONTEND_URL: "http://localhost:${SPIFF_FRONTEND_PORT:-8001}"
|
||||
# WARNING: Frontend is a static site which assumes frontend port - 1 on localhost.
|
||||
SPIFFWORKFLOW_BACKEND_URL: "http://localhost:${SPIFF_BACKEND_PORT:-8000}"
|
||||
SPIFFWORKFLOW_BACKEND_PORT: "${SPIFF_BACKEND_PORT:-8000}"
|
||||
SPIFFWORKFLOW_BACKEND_UPGRADE_DB: "true"
|
||||
|
||||
SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR: "/app/process_models"
|
||||
SPIFFWORKFLOW_BACKEND_CONNECTOR_PROXY_URL: "http://spiffworkflow-connector:8004"
|
||||
SPIFFWORKFLOW_BACKEND_DATABASE_URI: "mysql+mysqlconnector://root:${SPIFF_MYSQL_PASS:-my-secret-pw}@spiffworkflow-db:${SPIFF_MYSQL_PORT:-8003}/spiffworkflow_backend_development"
|
||||
BPMN_SPEC_ABSOLUTE_DIR: "/app/process_models"
|
||||
SPIFFWORKFLOW_BACKEND_LOAD_FIXTURE_DATA: "false"
|
||||
SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_ID: "spiffworkflow-backend"
|
||||
SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_SECRET_KEY: "my_open_id_secret_key"
|
||||
SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL: "http://localhost:${SPIFF_BACKEND_PORT:-8000}/openid"
|
||||
SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME: "example.yml"
|
||||
RUN_BACKGROUND_SCHEDULER: "true"
|
||||
OPEN_ID_CLIENT_ID: "spiffworkflow-backend"
|
||||
OPEN_ID_CLIENT_SECRET_KEY: "my_open_id_secret_key"
|
||||
CONNECTOR_PROXY_URL: "http://spiffworkflow-connector:8004"
|
||||
SPIFFWORKFLOW_BACKEND_PORT: "${SPIFF_BACKEND_PORT:-8000}"
|
||||
SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER: "true"
|
||||
SPIFFWORKFLOW_BACKEND_UPGRADE_DB: "true"
|
||||
SPIFFWORKFLOW_BACKEND_URL_FOR_FRONTEND: "http://localhost:${SPIFFWORKFLOW_FRONTEND_PORT:-8001}"
|
||||
ports:
|
||||
- "${SPIFF_BACKEND_PORT:-8000}:${SPIFF_BACKEND_PORT:-8000}/tcp"
|
||||
volumes:
|
||||
|
|
|
@ -10,12 +10,12 @@ set -o errtrace -o errexit -o nounset -o pipefail
|
|||
# run migrations
|
||||
export FLASK_APP=/app/src/spiffworkflow_backend
|
||||
|
||||
if [[ "${WAIT_FOR_DB_TO_BE_READY:-}" == "true" ]]; then
|
||||
if [[ "${SPIFFWORKFLOW_BACKEND_WAIT_FOR_DB_TO_BE_READY:-}" == "true" ]]; then
|
||||
echo 'Waiting for db to be ready...'
|
||||
poetry run python ./bin/wait_for_db_to_be_ready.py
|
||||
fi
|
||||
|
||||
if [[ "${DOWNGRADE_DB:-}" == "true" ]]; then
|
||||
if [[ "${SPIFFWORKFLOW_BACKEND_DOWNGRADE_DB:-}" == "true" ]]; then
|
||||
echo 'Downgrading database...'
|
||||
poetry run flask db downgrade
|
||||
fi
|
||||
|
@ -40,8 +40,8 @@ fi
|
|||
|
||||
additional_args=""
|
||||
|
||||
if [[ "${APPLICATION_ROOT:-}" != "/" ]]; then
|
||||
additional_args="${additional_args} -e SCRIPT_NAME=${APPLICATION_ROOT}"
|
||||
if [[ "${SPIFFWORKFLOW_BACKEND_APPLICATION_ROOT:-}" != "/" ]]; then
|
||||
additional_args="${additional_args} -e SCRIPT_NAME=${SPIFFWORKFLOW_BACKEND_APPLICATION_ROOT}"
|
||||
fi
|
||||
|
||||
# HACK: if loading fixtures for acceptance tests when we do not need multiple workers
|
||||
|
@ -56,8 +56,8 @@ if [[ "${SPIFFWORKFLOW_BACKEND_RUN_DATA_SETUP:-}" != "false" ]]; then
|
|||
fi
|
||||
|
||||
# Assure that the the Process Models Directory is initialized as a git repo
|
||||
git init "${BPMN_SPEC_ABSOLUTE_DIR}"
|
||||
git config --global --add safe.directory "${BPMN_SPEC_ABSOLUTE_DIR}"
|
||||
git init "${SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR}"
|
||||
git config --global --add safe.directory "${SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR}"
|
||||
|
||||
export IS_GUNICORN="true"
|
||||
# THIS MUST BE THE LAST COMMAND!
|
||||
|
|
|
@ -7,8 +7,8 @@ function error_handler() {
|
|||
trap 'error_handler ${LINENO} $?' ERR
|
||||
set -o errtrace -o errexit -o nounset -o pipefail
|
||||
|
||||
BPMN_SPEC_ABSOLUTE_DIR=$(./bin/find_sample_process_models)
|
||||
export BPMN_SPEC_ABSOLUTE_DIR
|
||||
SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR=$(./bin/find_sample_process_models)
|
||||
export SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR
|
||||
|
||||
if [[ -z "${SPIFFWORKFLOW_BACKEND_DOCKER_COMPOSE_PROFILE:-}" ]]; then
|
||||
export SPIFFWORKFLOW_BACKEND_DOCKER_COMPOSE_PROFILE=run
|
||||
|
|
|
@ -31,16 +31,16 @@ if [[ -z "${SPIFFWORKFLOW_BACKEND_DOCKER_COMPOSE_PROFILE:-}" ]]; then
|
|||
export SPIFFWORKFLOW_BACKEND_DOCKER_COMPOSE_PROFILE=run
|
||||
fi
|
||||
|
||||
if [[ -z "${SPIFFWORKFLOW_FRONTEND_URL:-}" ]]; then
|
||||
export SPIFFWORKFLOW_FRONTEND_URL='http://167.172.242.138:7001'
|
||||
if [[ -z "${SPIFFWORKFLOW_BACKEND_URL_FOR_FRONTEND:-}" ]]; then
|
||||
export SPIFFWORKFLOW_BACKEND_URL_FOR_FRONTEND='http://167.172.242.138:7001'
|
||||
fi
|
||||
|
||||
if [[ -z "${SPIFFWORKFLOW_BACKEND_URL:-}" ]]; then
|
||||
export SPIFFWORKFLOW_BACKEND_URL='http://167.172.242.138:7000'
|
||||
fi
|
||||
|
||||
if [[ -z "${OPEN_ID_SERVER_URL:-}" ]]; then
|
||||
export OPEN_ID_SERVER_URL='http://167.172.242.138:7002'
|
||||
if [[ -z "${SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL:-}" ]]; then
|
||||
export SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL='http://167.172.242.138:7002'
|
||||
fi
|
||||
|
||||
git pull
|
||||
|
|
|
@ -7,19 +7,19 @@ function error_handler() {
|
|||
trap 'error_handler ${LINENO} $?' ERR
|
||||
set -o errtrace -o errexit -o nounset -o pipefail
|
||||
|
||||
if [[ -z "${BPMN_SPEC_ABSOLUTE_DIR:-}" ]]; then
|
||||
if [[ -z "${SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR:-}" ]]; then
|
||||
script_dir="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )"
|
||||
|
||||
BPMN_SPEC_ABSOLUTE_DIR="${script_dir}/../../../sample-process-models"
|
||||
if [[ ! -d "$BPMN_SPEC_ABSOLUTE_DIR" ]]; then
|
||||
BPMN_SPEC_ABSOLUTE_DIR="${script_dir}/../../sample-process-models"
|
||||
if [[ ! -d "$BPMN_SPEC_ABSOLUTE_DIR" ]]; then
|
||||
>&2 echo "ERROR: Could not find a location for the sample processes. Last tried: $BPMN_SPEC_ABSOLUTE_DIR"
|
||||
SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR="${script_dir}/../../../sample-process-models"
|
||||
if [[ ! -d "$SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR" ]]; then
|
||||
SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR="${script_dir}/../../sample-process-models"
|
||||
if [[ ! -d "$SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR" ]]; then
|
||||
>&2 echo "ERROR: Could not find a location for the sample processes. Last tried: $SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
pushd "$BPMN_SPEC_ABSOLUTE_DIR" >/dev/null 2>&1
|
||||
pushd "$SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR" >/dev/null 2>&1
|
||||
if [[ "$(git rev-parse --abbrev-ref HEAD)" == "main" ]]; then
|
||||
>&2 echo "ERROR: please do not use the main branch of sample-process-models. use dev"
|
||||
exit 1
|
||||
|
@ -27,4 +27,4 @@ if [[ -z "${BPMN_SPEC_ABSOLUTE_DIR:-}" ]]; then
|
|||
popd >/dev/null 2>&1
|
||||
fi
|
||||
|
||||
realpath "$BPMN_SPEC_ABSOLUTE_DIR"
|
||||
realpath "$SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"
|
||||
|
|
|
@ -9,8 +9,8 @@ from spiffworkflow_backend.models.process_instance import ProcessInstanceModel
|
|||
def main(process_instance_id: str):
|
||||
"""Main."""
|
||||
os.environ["SPIFFWORKFLOW_BACKEND_ENV"] = "local_development"
|
||||
if os.environ.get("BPMN_SPEC_ABSOLUTE_DIR") is None:
|
||||
os.environ["BPMN_SPEC_ABSOLUTE_DIR"] = "hey"
|
||||
if os.environ.get("SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR") is None:
|
||||
os.environ["SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"] = "hey"
|
||||
flask_env_key = "FLASK_SESSION_SECRET_KEY"
|
||||
os.environ[flask_env_key] = "whatevs"
|
||||
app = create_app()
|
||||
|
|
|
@ -21,8 +21,8 @@ if [[ -z "${5:-}" ]]; then
|
|||
exit 1
|
||||
fi
|
||||
|
||||
if [[ -z "$git_commit_password" && -z "${GIT_SSH_PRIVATE_KEY:-}" ]]; then
|
||||
>&2 echo "ERROR: A git password or GIT_SSH_PRIVATE_KEY must be provided"
|
||||
if [[ -z "$git_commit_password" && -z "${SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY:-}" ]]; then
|
||||
>&2 echo "ERROR: A git password or SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY must be provided"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
|
@ -43,10 +43,10 @@ function run() {
|
|||
git config --local user.name "$git_commit_username"
|
||||
git config --local user.email "$git_commit_email"
|
||||
|
||||
if [[ -n "${GIT_SSH_PRIVATE_KEY:-}" ]]; then
|
||||
if [[ -n "${SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY:-}" ]]; then
|
||||
tmpfile=$(mktemp /tmp/tmp_git.XXXXXX)
|
||||
chmod 600 "$tmpfile"
|
||||
echo "$GIT_SSH_PRIVATE_KEY" >"$tmpfile"
|
||||
echo "$SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY" >"$tmpfile"
|
||||
export GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i ${tmpfile} -F /dev/null"
|
||||
else
|
||||
PAT="${git_commit_username}:${git_commit_password}"
|
||||
|
@ -57,7 +57,7 @@ function run() {
|
|||
git commit -m "$git_commit_message"
|
||||
git push --set-upstream origin "$git_branch"
|
||||
|
||||
if [[ -z "${GIT_SSH_PRIVATE_KEY:-}" ]]; then
|
||||
if [[ -z "${SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY:-}" ]]; then
|
||||
git config --unset --local http.extraHeader
|
||||
fi
|
||||
fi
|
||||
|
|
|
@ -9,18 +9,18 @@ set -o errtrace -o errexit -o nounset -o pipefail
|
|||
|
||||
export FLASK_SESSION_SECRET_KEY="this_is_recreate_db_secret_key"
|
||||
|
||||
if [[ -z "${BPMN_SPEC_ABSOLUTE_DIR:-}" ]]; then
|
||||
if [[ -z "${SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR:-}" ]]; then
|
||||
script_dir="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )"
|
||||
|
||||
BPMN_SPEC_ABSOLUTE_DIR="${script_dir}/../../../sample-process-models"
|
||||
if [[ ! -d "$BPMN_SPEC_ABSOLUTE_DIR" ]]; then
|
||||
BPMN_SPEC_ABSOLUTE_DIR="${script_dir}/../../sample-process-models"
|
||||
if [[ ! -d "$BPMN_SPEC_ABSOLUTE_DIR" ]]; then
|
||||
>&2 echo "ERROR: Could not find a location for the sample processes. Last tried: $BPMN_SPEC_ABSOLUTE_DIR"
|
||||
SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR="${script_dir}/../../../sample-process-models"
|
||||
if [[ ! -d "$SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR" ]]; then
|
||||
SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR="${script_dir}/../../sample-process-models"
|
||||
if [[ ! -d "$SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR" ]]; then
|
||||
>&2 echo "ERROR: Could not find a location for the sample processes. Last tried: $SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
export BPMN_SPEC_ABSOLUTE_DIR
|
||||
export SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR
|
||||
fi
|
||||
|
||||
tasks=""
|
||||
|
@ -40,7 +40,7 @@ if [[ "${1:-}" == "clean" ]]; then
|
|||
|
||||
# TODO: check to see if the db already exists and we can connect to it. also actually clean it up.
|
||||
# start postgres in background with one db
|
||||
if [[ "${SPIFF_DATABASE_TYPE:-}" == "postgres" ]]; then
|
||||
if [[ "${SPIFFWORKFLOW_BACKEND_DATABASE_TYPE:-}" == "postgres" ]]; then
|
||||
if ! docker exec -it postgres-spiff psql -U spiffworkflow_backend spiffworkflow_backend_testing -c "select 1"; then
|
||||
docker run --name postgres-spiff -p 5432:5432 -e POSTGRES_PASSWORD=spiffworkflow_backend -e POSTGRES_USER=spiffworkflow_backend -e POSTGRES_DB=spiffworkflow_backend_testing -d postgres
|
||||
sleep 4 # classy
|
||||
|
|
|
@ -17,11 +17,11 @@ if [[ -z "${SPIFFWORKFLOW_BACKEND_ENV:-}" ]]; then
|
|||
export SPIFFWORKFLOW_BACKEND_ENV=local_development
|
||||
fi
|
||||
|
||||
BPMN_SPEC_ABSOLUTE_DIR=$(./bin/find_sample_process_models)
|
||||
export BPMN_SPEC_ABSOLUTE_DIR
|
||||
SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR=$(./bin/find_sample_process_models)
|
||||
export SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR
|
||||
|
||||
export FLASK_SESSION_SECRET_KEY=super_secret_key
|
||||
export APPLICATION_ROOT="/"
|
||||
export SPIFFWORKFLOW_BACKEND_APPLICATION_ROOT="/"
|
||||
|
||||
if [[ -n "${SPIFFWORKFLOW_BACKEND_LOAD_FIXTURE_DATA:-}" ]]; then
|
||||
./bin/boot_server_in_docker
|
||||
|
@ -29,13 +29,13 @@ else
|
|||
export FLASK_DEBUG=1
|
||||
|
||||
if [[ "${SPIFFWORKFLOW_BACKEND_RUN_DATA_SETUP:-}" != "false" ]]; then
|
||||
RUN_BACKGROUND_SCHEDULER=false SPIFFWORKFLOW_BACKEND_FAIL_ON_INVALID_PROCESS_MODELS=false poetry run python bin/save_all_bpmn.py
|
||||
SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER=false SPIFFWORKFLOW_BACKEND_FAIL_ON_INVALID_PROCESS_MODELS=false poetry run python bin/save_all_bpmn.py
|
||||
fi
|
||||
|
||||
if [[ -z "${RUN_BACKGROUND_SCHEDULER:-}" ]]; then
|
||||
RUN_BACKGROUND_SCHEDULER=true
|
||||
if [[ -z "${SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER:-}" ]]; then
|
||||
SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER=true
|
||||
fi
|
||||
|
||||
# this line blocks
|
||||
RUN_BACKGROUND_SCHEDULER="${RUN_BACKGROUND_SCHEDULER}" FLASK_APP=src/spiffworkflow_backend poetry run flask run -p 7000
|
||||
SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER="${SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER}" FLASK_APP=src/spiffworkflow_backend poetry run flask run -p 7000
|
||||
fi
|
||||
|
|
|
@ -11,8 +11,8 @@ from spiffworkflow_backend.services.secret_service import SecretService
|
|||
def main(env_file: str):
|
||||
"""Main."""
|
||||
os.environ["SPIFFWORKFLOW_BACKEND_ENV"] = "local_development"
|
||||
if os.environ.get("BPMN_SPEC_ABSOLUTE_DIR") is None:
|
||||
os.environ["BPMN_SPEC_ABSOLUTE_DIR"] = "hey"
|
||||
if os.environ.get("SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR") is None:
|
||||
os.environ["SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"] = "hey"
|
||||
flask_env_key = "FLASK_SESSION_SECRET_KEY"
|
||||
os.environ[flask_env_key] = "whatevs"
|
||||
app = create_app()
|
||||
|
|
|
@ -7,14 +7,12 @@ function error_handler() {
|
|||
trap 'error_handler ${LINENO} $?' ERR
|
||||
set -o errtrace -o errexit -o nounset -o pipefail
|
||||
|
||||
max_attempts="${1:-}"
|
||||
if [[ -z "$max_attempts" ]]; then
|
||||
max_attempts=100
|
||||
fi
|
||||
max_attempts="${1:-100}"
|
||||
port="${2:-7000}"
|
||||
|
||||
echo "waiting for backend to come up..."
|
||||
attempts=0
|
||||
while [[ "$(curl -s -o /dev/null -w '%{http_code}' http://localhost:7000/v1.0/status)" != "200" ]]; do
|
||||
while [[ "$(curl -s -o /dev/null -w '%{http_code}' "http://localhost:${port}/v1.0/status")" != "200" ]]; do
|
||||
if [[ "$attempts" -gt "$max_attempts" ]]; then
|
||||
>&2 echo "ERROR: Server not up after $max_attempts attempts. There is probably a problem"
|
||||
exit 1
|
||||
|
@ -22,3 +20,4 @@ while [[ "$(curl -s -o /dev/null -w '%{http_code}' http://localhost:7000/v1.0/st
|
|||
attempts=$(( attempts + 1 ))
|
||||
sleep 1
|
||||
done
|
||||
echo "backend up"
|
||||
|
|
|
@ -50,25 +50,25 @@ services:
|
|||
build:
|
||||
context: .
|
||||
environment:
|
||||
- APPLICATION_ROOT=/
|
||||
- SPIFFWORKFLOW_BACKEND_ENV=${SPIFFWORKFLOW_BACKEND_ENV:-local_development}
|
||||
- FLASK_DEBUG=0
|
||||
- FLASK_SESSION_SECRET_KEY=${FLASK_SESSION_SECRET_KEY:-super_secret_key}
|
||||
- OPEN_ID_SERVER_URL=${OPEN_ID_SERVER_URL:-http://localhost:7002/realms/spiffworkflow}
|
||||
- SPIFFWORKFLOW_FRONTEND_URL=${SPIFFWORKFLOW_FRONTEND_URL:-http://localhost:7001}
|
||||
- SPIFFWORKFLOW_BACKEND_URL=${SPIFFWORKFLOW_BACKEND_URL:-http://localhost:7000}
|
||||
- SPIFFWORKFLOW_BACKEND_PORT=7000
|
||||
- SPIFFWORKFLOW_BACKEND_UPGRADE_DB=true
|
||||
- SPIFFWORKFLOW_BACKEND_APPLICATION_ROOT=/
|
||||
- SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR=/app/process_models
|
||||
- SPIFFWORKFLOW_BACKEND_DATABASE_URI=mysql+mysqlconnector://root:${SPIFFWORKFLOW_BACKEND_MYSQL_ROOT_DATABASE:-my-secret-pw}@localhost:7003/${SPIFFWORKFLOW_BACKEND_DATABASE_NAME:-spiffworkflow_backend_development}
|
||||
- BPMN_SPEC_ABSOLUTE_DIR=/app/process_models
|
||||
- SPIFFWORKFLOW_BACKEND_ENV=${SPIFFWORKFLOW_BACKEND_ENV:-local_development}
|
||||
- SPIFFWORKFLOW_BACKEND_LOAD_FIXTURE_DATA=${SPIFFWORKFLOW_BACKEND_LOAD_FIXTURE_DATA:-false}
|
||||
- SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL=${SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL:-http://localhost:7002/realms/spiffworkflow}
|
||||
- SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME=${SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME:-acceptance_tests.yml}
|
||||
- RUN_BACKGROUND_SCHEDULER=true
|
||||
- SPIFFWORKFLOW_BACKEND_PORT=7000
|
||||
- SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER=true
|
||||
- SPIFFWORKFLOW_BACKEND_URL_FOR_FRONTEND=${SPIFFWORKFLOW_BACKEND_URL_FOR_FRONTEND:-http://localhost:7001}
|
||||
- SPIFFWORKFLOW_BACKEND_UPGRADE_DB=true
|
||||
- SPIFFWORKFLOW_BACKEND_URL=${SPIFFWORKFLOW_BACKEND_URL:-http://localhost:7000}
|
||||
ports:
|
||||
- "7000:7000"
|
||||
network_mode: host
|
||||
volumes:
|
||||
- ${BPMN_SPEC_ABSOLUTE_DIR:-../../sample-process-models}:/app/process_models
|
||||
- ${SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR:-../../sample-process-models}:/app/process_models
|
||||
- ./log:/app/log
|
||||
healthcheck:
|
||||
test: curl localhost:7000/v1.0/status --fail
|
||||
|
@ -82,7 +82,7 @@ services:
|
|||
profiles:
|
||||
- debug
|
||||
volumes:
|
||||
- ${BPMN_SPEC_ABSOLUTE_DIR:-../../sample-process-models}:/app/process_models
|
||||
- ${SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR:-../../sample-process-models}:/app/process_models
|
||||
- ./:/app
|
||||
command: /app/bin/boot_in_docker_debug_mode
|
||||
|
||||
|
|
|
@ -7,14 +7,12 @@ function error_handler() {
|
|||
trap 'error_handler ${LINENO} $?' ERR
|
||||
set -o errtrace -o errexit -o nounset -o pipefail
|
||||
|
||||
max_attempts="${1:-}"
|
||||
if [[ -z "$max_attempts" ]]; then
|
||||
max_attempts=100
|
||||
fi
|
||||
max_attempts="${1:-100}"
|
||||
port="${2:-7002}"
|
||||
|
||||
echo "waiting for backend to come up..."
|
||||
echo "waiting for keycloak to come up..."
|
||||
attempts=0
|
||||
while [[ "$(curl -s -o /dev/null -w '%{http_code}' http://localhost:7002/realms/master/.well-known/openid-configuration)" != "200" ]]; do
|
||||
while [[ "$(curl -s -o /dev/null -w '%{http_code}' "http://localhost:${port}/realms/master/.well-known/openid-configuration")" != "200" ]]; do
|
||||
if [[ "$attempts" -gt "$max_attempts" ]]; then
|
||||
>&2 echo "ERROR: Server not up after $max_attempts attempts. There is probably a problem"
|
||||
exit 1
|
||||
|
@ -22,3 +20,4 @@ while [[ "$(curl -s -o /dev/null -w '%{http_code}' http://localhost:7002/realms/
|
|||
attempts=$(( attempts + 1 ))
|
||||
sleep 1
|
||||
done
|
||||
echo "keycloak up"
|
||||
|
|
|
@ -396,7 +396,7 @@
|
|||
"otpPolicyLookAheadWindow" : 1,
|
||||
"otpPolicyPeriod" : 30,
|
||||
"otpPolicyCodeReusable" : false,
|
||||
"otpSupportedApplications" : [ "totpAppFreeOTPName", "totpAppGoogleName" ],
|
||||
"otpSupportedApplications" : [ "totpAppGoogleName", "totpAppFreeOTPName" ],
|
||||
"webAuthnPolicyRpEntityName" : "keycloak",
|
||||
"webAuthnPolicySignatureAlgorithms" : [ "ES256" ],
|
||||
"webAuthnPolicyRpId" : "",
|
||||
|
@ -970,6 +970,29 @@
|
|||
"realmRoles" : [ "default-roles-spiffworkflow" ],
|
||||
"notBefore" : 0,
|
||||
"groups" : [ ]
|
||||
}, {
|
||||
"id" : "6c8829ab-d37c-4638-99b0-c83e732dc02f",
|
||||
"createdTimestamp" : 1676566095383,
|
||||
"username" : "infra3.sme",
|
||||
"enabled" : true,
|
||||
"totp" : false,
|
||||
"emailVerified" : false,
|
||||
"email" : "infra3.sme@status.im",
|
||||
"attributes" : {
|
||||
"spiffworkflow-employeeid" : [ "167" ]
|
||||
},
|
||||
"credentials" : [ {
|
||||
"id" : "06476e91-a1db-4f9c-848b-f9ba120a200e",
|
||||
"type" : "password",
|
||||
"createdDate" : 1676566095417,
|
||||
"secretData" : "{\"value\":\"00UdICckafKEytSulbqdURfya9ZO4UlmAlQQ6R/he44Jv0wkYGIk/vadNE5ACgmIBunoj6jANVbu87ZWNxp1Dw==\",\"salt\":\"etUtwyB9nvChOvyw1P0xkA==\",\"additionalParameters\":{}}",
|
||||
"credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}"
|
||||
} ],
|
||||
"disableableCredentialTypes" : [ ],
|
||||
"requiredActions" : [ ],
|
||||
"realmRoles" : [ "default-roles-spiffworkflow" ],
|
||||
"notBefore" : 0,
|
||||
"groups" : [ ]
|
||||
}, {
|
||||
"id" : "b8d0d90e-9a7e-446c-9984-082cb315af8f",
|
||||
"createdTimestamp" : 1675718484095,
|
||||
|
@ -1202,6 +1225,52 @@
|
|||
"realmRoles" : [ "default-roles-spiffworkflow" ],
|
||||
"notBefore" : 0,
|
||||
"groups" : [ ]
|
||||
}, {
|
||||
"id" : "8763cdfb-46d4-4585-a17f-57acc1e44646",
|
||||
"createdTimestamp" : 1676566095195,
|
||||
"username" : "legal2.sme",
|
||||
"enabled" : true,
|
||||
"totp" : false,
|
||||
"emailVerified" : false,
|
||||
"email" : "legal2.sme@status.im",
|
||||
"attributes" : {
|
||||
"spiffworkflow-employeeid" : [ "165" ]
|
||||
},
|
||||
"credentials" : [ {
|
||||
"id" : "9322a6c5-0c19-48ee-aa92-c28eae605e95",
|
||||
"type" : "password",
|
||||
"createdDate" : 1676566095260,
|
||||
"secretData" : "{\"value\":\"yfqeGYoyN5ZZM7SoAbVvDCM/J3fwhS17A1/L1GkLZoB3+844lK5g7iWJjrnrmBpzNAPjKKDx0aTGdEWetxt9Qg==\",\"salt\":\"zvh/FXb9F/wdWUupHwNFjw==\",\"additionalParameters\":{}}",
|
||||
"credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}"
|
||||
} ],
|
||||
"disableableCredentialTypes" : [ ],
|
||||
"requiredActions" : [ ],
|
||||
"realmRoles" : [ "default-roles-spiffworkflow" ],
|
||||
"notBefore" : 0,
|
||||
"groups" : [ ]
|
||||
}, {
|
||||
"id" : "adba601b-d3c0-43fc-ae7e-cb6120ab342d",
|
||||
"createdTimestamp" : 1676566095313,
|
||||
"username" : "legal3.sme",
|
||||
"enabled" : true,
|
||||
"totp" : false,
|
||||
"emailVerified" : false,
|
||||
"email" : "legal3.sme@status.im",
|
||||
"attributes" : {
|
||||
"spiffworkflow-employeeid" : [ "166" ]
|
||||
},
|
||||
"credentials" : [ {
|
||||
"id" : "d1bb52f8-92b1-4873-a356-e9dc9739e1e6",
|
||||
"type" : "password",
|
||||
"createdDate" : 1676566095348,
|
||||
"secretData" : "{\"value\":\"END4w4oxI1H5C5l4dqeYqrClb0y+vx3tuI484ELpqouEIol5P/piTiv8Q5/ECbb3jj8opjUFZZfvc12VIukCWw==\",\"salt\":\"e0EvbNYHC9jdqPkX3AneYw==\",\"additionalParameters\":{}}",
|
||||
"credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}"
|
||||
} ],
|
||||
"disableableCredentialTypes" : [ ],
|
||||
"requiredActions" : [ ],
|
||||
"realmRoles" : [ "default-roles-spiffworkflow" ],
|
||||
"notBefore" : 0,
|
||||
"groups" : [ ]
|
||||
}, {
|
||||
"id" : "588e69b9-7534-4073-861d-500475b12b24",
|
||||
"createdTimestamp" : 1675718484566,
|
||||
|
@ -1357,6 +1426,52 @@
|
|||
"realmRoles" : [ "default-roles-spiffworkflow" ],
|
||||
"notBefore" : 0,
|
||||
"groups" : [ ]
|
||||
}, {
|
||||
"id" : "2a5d7caa-2c3e-4404-a133-ec220c0307db",
|
||||
"createdTimestamp" : 1676566095780,
|
||||
"username" : "peopleops.partner2.sme",
|
||||
"enabled" : true,
|
||||
"totp" : false,
|
||||
"emailVerified" : false,
|
||||
"email" : "peopleops.partner2.sme@status.im",
|
||||
"attributes" : {
|
||||
"spiffworkflow-employeeid" : [ "173" ]
|
||||
},
|
||||
"credentials" : [ {
|
||||
"id" : "64fc835c-b693-4fed-ab9f-952cbaadbbfd",
|
||||
"type" : "password",
|
||||
"createdDate" : 1676566095815,
|
||||
"secretData" : "{\"value\":\"w5nUlwlH1Z46WGhfejPIiRW6OkE9bcjHNCVySUDzMIpkbCm3f78XfuvdGSDeCpJ/FQCJuFo5ciDJ7ExXLyLfnQ==\",\"salt\":\"nz1xSxci+NFsyPZPhFDtZQ==\",\"additionalParameters\":{}}",
|
||||
"credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}"
|
||||
} ],
|
||||
"disableableCredentialTypes" : [ ],
|
||||
"requiredActions" : [ ],
|
||||
"realmRoles" : [ "default-roles-spiffworkflow" ],
|
||||
"notBefore" : 0,
|
||||
"groups" : [ ]
|
||||
}, {
|
||||
"id" : "2df3aa5e-5e5b-4c4a-b9bc-3a916c651632",
|
||||
"createdTimestamp" : 1676566095846,
|
||||
"username" : "peopleops.partner3.sme",
|
||||
"enabled" : true,
|
||||
"totp" : false,
|
||||
"emailVerified" : false,
|
||||
"email" : "peopleops.partner3.sme@status.im",
|
||||
"attributes" : {
|
||||
"spiffworkflow-employeeid" : [ "174" ]
|
||||
},
|
||||
"credentials" : [ {
|
||||
"id" : "efaaec98-45c7-45cc-b4a4-32708882b72f",
|
||||
"type" : "password",
|
||||
"createdDate" : 1676566095880,
|
||||
"secretData" : "{\"value\":\"B9M+AGxXUX4/+ce0y6AgFBm4F7phl5+6zToumcfheXglqcag2jr7iqLTtvwVkz3w8x7rmxUrzs7rkJPhK+/Jpg==\",\"salt\":\"rLFkhDJLxRuCNw7PNswlSQ==\",\"additionalParameters\":{}}",
|
||||
"credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}"
|
||||
} ],
|
||||
"disableableCredentialTypes" : [ ],
|
||||
"requiredActions" : [ ],
|
||||
"realmRoles" : [ "default-roles-spiffworkflow" ],
|
||||
"notBefore" : 0,
|
||||
"groups" : [ ]
|
||||
}, {
|
||||
"id" : "dbf941e7-0b45-4bc6-ae9e-d7153d32ce47",
|
||||
"createdTimestamp" : 1676302143401,
|
||||
|
@ -1519,21 +1634,67 @@
|
|||
"notBefore" : 0,
|
||||
"groups" : [ ]
|
||||
}, {
|
||||
"id" : "d0355a9b-43d2-4111-b294-07c4dfa261b1",
|
||||
"createdTimestamp" : 1676302144418,
|
||||
"username" : "ppg.ba.sme1",
|
||||
"id" : "2cc27223-369b-4abb-b7b3-7c3668bb4695",
|
||||
"createdTimestamp" : 1676566095589,
|
||||
"username" : "ppg.ba1.sme",
|
||||
"enabled" : true,
|
||||
"totp" : false,
|
||||
"emailVerified" : false,
|
||||
"email" : "ppg.ba.sme1@status.im",
|
||||
"email" : "ppg.ba1.sme@status.im",
|
||||
"attributes" : {
|
||||
"spiffworkflow-employeeid" : [ "139" ]
|
||||
"spiffworkflow-employeeid" : [ "170" ]
|
||||
},
|
||||
"credentials" : [ {
|
||||
"id" : "cca986d0-d323-4c62-8752-989f4fc7551e",
|
||||
"id" : "80015df9-1c37-4c2c-9862-e4c5bf3c7fe1",
|
||||
"type" : "password",
|
||||
"createdDate" : 1676302144451,
|
||||
"secretData" : "{\"value\":\"WcgfAuHzOZIaE5n1+cNRqkHfur2P9HQg5sn+xoucHSGyu0ibXd19LK+x6ITyoG153VEhws6PvPIB195MlSxOsw==\",\"salt\":\"lChW81Tfy5VZruOu/x0RZA==\",\"additionalParameters\":{}}",
|
||||
"createdDate" : 1676566095623,
|
||||
"secretData" : "{\"value\":\"aHhv9WD2OpLT99Pt8adXov9qlO+mHdZc/YnLcwmg/FN1GZ5s1ExKD+PgiJnbUMyiIrEoTaMImRlG0+CaXNB8pA==\",\"salt\":\"WG3QARMAE6XD4CYMq/vVog==\",\"additionalParameters\":{}}",
|
||||
"credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}"
|
||||
} ],
|
||||
"disableableCredentialTypes" : [ ],
|
||||
"requiredActions" : [ ],
|
||||
"realmRoles" : [ "default-roles-spiffworkflow" ],
|
||||
"notBefore" : 0,
|
||||
"groups" : [ ]
|
||||
}, {
|
||||
"id" : "ccdd9a3c-2df1-4b01-8cd0-f983e2975044",
|
||||
"createdTimestamp" : 1676566095652,
|
||||
"username" : "ppg.ba2.sme",
|
||||
"enabled" : true,
|
||||
"totp" : false,
|
||||
"emailVerified" : false,
|
||||
"email" : "ppg.ba2.sme@status.im",
|
||||
"attributes" : {
|
||||
"spiffworkflow-employeeid" : [ "171" ]
|
||||
},
|
||||
"credentials" : [ {
|
||||
"id" : "1a1b635b-78a0-4e1b-be27-54fa8e5bf46e",
|
||||
"type" : "password",
|
||||
"createdDate" : 1676566095686,
|
||||
"secretData" : "{\"value\":\"lvIpCEkCU7VjWkc5HVjIpbEX3m2y0qRAm6vpUOF6jsC3kPOU32kGTpXtoAXRMQYqzwwrZPezkWiBWSc9tZQZmw==\",\"salt\":\"4vtZJjWkwRZZpQHL0y2cFQ==\",\"additionalParameters\":{}}",
|
||||
"credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}"
|
||||
} ],
|
||||
"disableableCredentialTypes" : [ ],
|
||||
"requiredActions" : [ ],
|
||||
"realmRoles" : [ "default-roles-spiffworkflow" ],
|
||||
"notBefore" : 0,
|
||||
"groups" : [ ]
|
||||
}, {
|
||||
"id" : "6d570a0f-66dc-4059-a9b5-17bcfaf92c25",
|
||||
"createdTimestamp" : 1676566095715,
|
||||
"username" : "ppg.ba3.sme",
|
||||
"enabled" : true,
|
||||
"totp" : false,
|
||||
"emailVerified" : false,
|
||||
"email" : "ppg.ba3.sme@status.im",
|
||||
"attributes" : {
|
||||
"spiffworkflow-employeeid" : [ "172" ]
|
||||
},
|
||||
"credentials" : [ {
|
||||
"id" : "81737a3e-74be-48e7-8540-47df7189f6b8",
|
||||
"type" : "password",
|
||||
"createdDate" : 1676566095750,
|
||||
"secretData" : "{\"value\":\"92827vUG05pG+5KqIU0x3YP8KzAygyflfN7ClS+87JOuSvQjElY8yaLtUNftZn2nr2EK/ud1HHfVPdjNHqv3lQ==\",\"salt\":\"ggPrdGdcE+U8spc6rzMAow==\",\"additionalParameters\":{}}",
|
||||
"credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}"
|
||||
} ],
|
||||
"disableableCredentialTypes" : [ ],
|
||||
|
@ -1633,6 +1794,52 @@
|
|||
"realmRoles" : [ "default-roles-spiffworkflow" ],
|
||||
"notBefore" : 0,
|
||||
"groups" : [ ]
|
||||
}, {
|
||||
"id" : "7cf99174-49f1-4036-9eff-f7ba111a691f",
|
||||
"createdTimestamp" : 1676566095455,
|
||||
"username" : "security2.sme",
|
||||
"enabled" : true,
|
||||
"totp" : false,
|
||||
"emailVerified" : false,
|
||||
"email" : "security2.sme@status.im",
|
||||
"attributes" : {
|
||||
"spiffworkflow-employeeid" : [ "168" ]
|
||||
},
|
||||
"credentials" : [ {
|
||||
"id" : "2402ab6b-c06f-4db6-a2ab-e2a0d63c7082",
|
||||
"type" : "password",
|
||||
"createdDate" : 1676566095491,
|
||||
"secretData" : "{\"value\":\"SKxvUtsnbbqUMfcNnIU9YnrsrfCE7MH801Mf50pL9rj5/k+ZIrB2nDowGVjip0wdIgiYZbdT7mwHjmc2KBrmoQ==\",\"salt\":\"Ww6KCOsMjQmMkEAP0Pabfg==\",\"additionalParameters\":{}}",
|
||||
"credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}"
|
||||
} ],
|
||||
"disableableCredentialTypes" : [ ],
|
||||
"requiredActions" : [ ],
|
||||
"realmRoles" : [ "default-roles-spiffworkflow" ],
|
||||
"notBefore" : 0,
|
||||
"groups" : [ ]
|
||||
}, {
|
||||
"id" : "01daff17-0ead-4ca1-ae90-9da59ac2878d",
|
||||
"createdTimestamp" : 1676566095522,
|
||||
"username" : "security3.sme",
|
||||
"enabled" : true,
|
||||
"totp" : false,
|
||||
"emailVerified" : false,
|
||||
"email" : "security3.sme@status.im",
|
||||
"attributes" : {
|
||||
"spiffworkflow-employeeid" : [ "169" ]
|
||||
},
|
||||
"credentials" : [ {
|
||||
"id" : "99ccf7fb-a8a5-44c1-82a8-074af6f1a21d",
|
||||
"type" : "password",
|
||||
"createdDate" : 1676566095557,
|
||||
"secretData" : "{\"value\":\"LBBgnnqfxU+NqlT33rPCk2IyDrQQs9wdTG0syZ2GyovKe3iwBmarBio+0kSKiWWZQmF085ZO3jeR82hc1TDv3A==\",\"salt\":\"T6qwoJLQaXdaPBZZvhVCvw==\",\"additionalParameters\":{}}",
|
||||
"credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}"
|
||||
} ],
|
||||
"disableableCredentialTypes" : [ ],
|
||||
"requiredActions" : [ ],
|
||||
"realmRoles" : [ "default-roles-spiffworkflow" ],
|
||||
"notBefore" : 0,
|
||||
"groups" : [ ]
|
||||
}, {
|
||||
"id" : "b768e3ef-f905-4493-976c-bc3408c04bec",
|
||||
"createdTimestamp" : 1675447832524,
|
||||
|
@ -2968,7 +3175,7 @@
|
|||
"subType" : "authenticated",
|
||||
"subComponents" : { },
|
||||
"config" : {
|
||||
"allowed-protocol-mapper-types" : [ "oidc-usermodel-attribute-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-property-mapper", "saml-user-property-mapper", "saml-user-attribute-mapper", "oidc-address-mapper", "oidc-full-name-mapper", "saml-role-list-mapper" ]
|
||||
"allowed-protocol-mapper-types" : [ "oidc-usermodel-attribute-mapper", "oidc-address-mapper", "oidc-full-name-mapper", "saml-user-property-mapper", "saml-user-attribute-mapper", "oidc-usermodel-property-mapper", "saml-role-list-mapper", "oidc-sha256-pairwise-sub-mapper" ]
|
||||
}
|
||||
}, {
|
||||
"id" : "d68e938d-dde6-47d9-bdc8-8e8523eb08cd",
|
||||
|
@ -2986,7 +3193,7 @@
|
|||
"subType" : "anonymous",
|
||||
"subComponents" : { },
|
||||
"config" : {
|
||||
"allowed-protocol-mapper-types" : [ "saml-role-list-mapper", "oidc-usermodel-attribute-mapper", "saml-user-attribute-mapper", "saml-user-property-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-property-mapper", "oidc-full-name-mapper", "oidc-address-mapper" ]
|
||||
"allowed-protocol-mapper-types" : [ "oidc-usermodel-attribute-mapper", "saml-user-attribute-mapper", "oidc-address-mapper", "saml-user-property-mapper", "oidc-sha256-pairwise-sub-mapper", "saml-role-list-mapper", "oidc-usermodel-property-mapper", "oidc-full-name-mapper" ]
|
||||
}
|
||||
}, {
|
||||
"id" : "3854361d-3fe5-47fb-9417-a99592e3dc5c",
|
||||
|
@ -3076,7 +3283,7 @@
|
|||
"internationalizationEnabled" : false,
|
||||
"supportedLocales" : [ ],
|
||||
"authenticationFlows" : [ {
|
||||
"id" : "b575ba3a-ceeb-4fcc-8921-906f534107e1",
|
||||
"id" : "01b4b17c-bb82-41c3-b5b5-b9aadd21cb23",
|
||||
"alias" : "Account verification options",
|
||||
"description" : "Method with which to verity the existing account",
|
||||
"providerId" : "basic-flow",
|
||||
|
@ -3098,7 +3305,7 @@
|
|||
"userSetupAllowed" : false
|
||||
} ]
|
||||
}, {
|
||||
"id" : "2c8efabb-b397-4bb5-9c62-c7528d755e29",
|
||||
"id" : "57574e2d-3c3d-4286-9fd1-d7f4ab86c6c1",
|
||||
"alias" : "Authentication Options",
|
||||
"description" : "Authentication options.",
|
||||
"providerId" : "basic-flow",
|
||||
|
@ -3127,7 +3334,7 @@
|
|||
"userSetupAllowed" : false
|
||||
} ]
|
||||
}, {
|
||||
"id" : "7838ba09-a8a1-4478-bacb-c20abaff7d05",
|
||||
"id" : "1eb0e67c-2856-475e-8563-5eca431fd9d0",
|
||||
"alias" : "Browser - Conditional OTP",
|
||||
"description" : "Flow to determine if the OTP is required for the authentication",
|
||||
"providerId" : "basic-flow",
|
||||
|
@ -3149,7 +3356,7 @@
|
|||
"userSetupAllowed" : false
|
||||
} ]
|
||||
}, {
|
||||
"id" : "be4254ab-bdb7-4cca-8fa4-14956f460620",
|
||||
"id" : "ff023867-aad5-4d19-a7da-60904727cd77",
|
||||
"alias" : "Direct Grant - Conditional OTP",
|
||||
"description" : "Flow to determine if the OTP is required for the authentication",
|
||||
"providerId" : "basic-flow",
|
||||
|
@ -3171,7 +3378,7 @@
|
|||
"userSetupAllowed" : false
|
||||
} ]
|
||||
}, {
|
||||
"id" : "3dc1581f-38dc-48d1-9e73-7aa45b38eae8",
|
||||
"id" : "c4f2f1e4-a32c-4559-9fe3-f88cc6cb63da",
|
||||
"alias" : "First broker login - Conditional OTP",
|
||||
"description" : "Flow to determine if the OTP is required for the authentication",
|
||||
"providerId" : "basic-flow",
|
||||
|
@ -3193,7 +3400,7 @@
|
|||
"userSetupAllowed" : false
|
||||
} ]
|
||||
}, {
|
||||
"id" : "8b280bec-2423-4590-bc28-8873e4f9c2e8",
|
||||
"id" : "bfb28a5f-98d9-4ce0-ae8d-75a7ba1ad331",
|
||||
"alias" : "Handle Existing Account",
|
||||
"description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider",
|
||||
"providerId" : "basic-flow",
|
||||
|
@ -3215,7 +3422,7 @@
|
|||
"userSetupAllowed" : false
|
||||
} ]
|
||||
}, {
|
||||
"id" : "8bc16848-7275-42a7-aaa4-30693d379600",
|
||||
"id" : "8b2075bd-9ad7-44c3-9a06-bc60a13beb7a",
|
||||
"alias" : "Reset - Conditional OTP",
|
||||
"description" : "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.",
|
||||
"providerId" : "basic-flow",
|
||||
|
@ -3237,7 +3444,7 @@
|
|||
"userSetupAllowed" : false
|
||||
} ]
|
||||
}, {
|
||||
"id" : "727a7c7e-aceb-420a-be17-7e1aa1a19ef0",
|
||||
"id" : "1fdcbed7-e44b-4473-ab7b-25037309660b",
|
||||
"alias" : "User creation or linking",
|
||||
"description" : "Flow for the existing/non-existing user alternatives",
|
||||
"providerId" : "basic-flow",
|
||||
|
@ -3260,7 +3467,7 @@
|
|||
"userSetupAllowed" : false
|
||||
} ]
|
||||
}, {
|
||||
"id" : "db654134-730a-4e50-841e-5ff9e206625f",
|
||||
"id" : "2f6e9208-b0e6-4941-9bd5-8f83ebc25b6c",
|
||||
"alias" : "Verify Existing Account by Re-authentication",
|
||||
"description" : "Reauthentication of existing account",
|
||||
"providerId" : "basic-flow",
|
||||
|
@ -3282,7 +3489,7 @@
|
|||
"userSetupAllowed" : false
|
||||
} ]
|
||||
}, {
|
||||
"id" : "06ced0a0-aec5-43dd-8b39-7d7ea7a5faf8",
|
||||
"id" : "f059067e-d626-4be3-868f-4c8780318497",
|
||||
"alias" : "browser",
|
||||
"description" : "browser based authentication",
|
||||
"providerId" : "basic-flow",
|
||||
|
@ -3318,7 +3525,7 @@
|
|||
"userSetupAllowed" : false
|
||||
} ]
|
||||
}, {
|
||||
"id" : "0f8f80e3-56eb-49a1-8b7d-e22242699b78",
|
||||
"id" : "c35098b5-3785-4f52-90e3-39b8f3841f0c",
|
||||
"alias" : "clients",
|
||||
"description" : "Base authentication for clients",
|
||||
"providerId" : "client-flow",
|
||||
|
@ -3354,7 +3561,7 @@
|
|||
"userSetupAllowed" : false
|
||||
} ]
|
||||
}, {
|
||||
"id" : "a67ef3ee-332a-4f40-b2dc-69a3d7967808",
|
||||
"id" : "c78934b6-5386-49e7-89e8-9efe1088f5b2",
|
||||
"alias" : "direct grant",
|
||||
"description" : "OpenID Connect Resource Owner Grant",
|
||||
"providerId" : "basic-flow",
|
||||
|
@ -3383,7 +3590,7 @@
|
|||
"userSetupAllowed" : false
|
||||
} ]
|
||||
}, {
|
||||
"id" : "e2e2fffa-81d3-4a4d-adb2-a0154e2f86cd",
|
||||
"id" : "7a08791f-0c8b-4e11-a588-f5856b75337b",
|
||||
"alias" : "docker auth",
|
||||
"description" : "Used by Docker clients to authenticate against the IDP",
|
||||
"providerId" : "basic-flow",
|
||||
|
@ -3398,7 +3605,7 @@
|
|||
"userSetupAllowed" : false
|
||||
} ]
|
||||
}, {
|
||||
"id" : "fc418578-3c89-4f68-ad8f-825929669979",
|
||||
"id" : "11e93dce-9673-4c99-ae7a-0edaf1c9b7e4",
|
||||
"alias" : "first broker login",
|
||||
"description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
|
||||
"providerId" : "basic-flow",
|
||||
|
@ -3421,7 +3628,7 @@
|
|||
"userSetupAllowed" : false
|
||||
} ]
|
||||
}, {
|
||||
"id" : "31a9e34e-c499-4842-a085-a7ea0a4cab78",
|
||||
"id" : "dbb50df7-ec6e-4a34-97f5-b484f1d8a76c",
|
||||
"alias" : "forms",
|
||||
"description" : "Username, password, otp and other auth forms.",
|
||||
"providerId" : "basic-flow",
|
||||
|
@ -3443,7 +3650,7 @@
|
|||
"userSetupAllowed" : false
|
||||
} ]
|
||||
}, {
|
||||
"id" : "ec66a031-7712-438a-91e7-564736cb3f75",
|
||||
"id" : "d7a3dff9-249b-4811-9f36-b78119a4ce3f",
|
||||
"alias" : "http challenge",
|
||||
"description" : "An authentication flow based on challenge-response HTTP Authentication Schemes",
|
||||
"providerId" : "basic-flow",
|
||||
|
@ -3465,7 +3672,7 @@
|
|||
"userSetupAllowed" : false
|
||||
} ]
|
||||
}, {
|
||||
"id" : "013a75a6-ae0d-459e-80eb-1681957b769b",
|
||||
"id" : "ed4891ad-657c-45ac-9388-6c50d191124d",
|
||||
"alias" : "registration",
|
||||
"description" : "registration flow",
|
||||
"providerId" : "basic-flow",
|
||||
|
@ -3481,7 +3688,7 @@
|
|||
"userSetupAllowed" : false
|
||||
} ]
|
||||
}, {
|
||||
"id" : "e011c6be-e1d0-4f94-80b1-2e2b2eb61832",
|
||||
"id" : "f7c308b0-58de-4ed2-bf69-394144698e5a",
|
||||
"alias" : "registration form",
|
||||
"description" : "registration form",
|
||||
"providerId" : "form-flow",
|
||||
|
@ -3517,7 +3724,7 @@
|
|||
"userSetupAllowed" : false
|
||||
} ]
|
||||
}, {
|
||||
"id" : "4f7c3405-ce05-4799-a001-cb6404c72625",
|
||||
"id" : "3fb75774-a3a5-4e01-bc4a-4e564451601d",
|
||||
"alias" : "reset credentials",
|
||||
"description" : "Reset credentials for a user if they forgot their password or something",
|
||||
"providerId" : "basic-flow",
|
||||
|
@ -3553,7 +3760,7 @@
|
|||
"userSetupAllowed" : false
|
||||
} ]
|
||||
}, {
|
||||
"id" : "7bde2ab3-96b9-4323-be48-dfae94c84df1",
|
||||
"id" : "822d5c02-9ab3-4a9b-8fa4-1f020c5ffe08",
|
||||
"alias" : "saml ecp",
|
||||
"description" : "SAML ECP Profile Authentication Flow",
|
||||
"providerId" : "basic-flow",
|
||||
|
@ -3569,13 +3776,13 @@
|
|||
} ]
|
||||
} ],
|
||||
"authenticatorConfig" : [ {
|
||||
"id" : "82c6898c-ff7c-442a-9ae1-8e1972634e01",
|
||||
"id" : "0e613377-2aaa-4fed-bb7d-4dea69d5c340",
|
||||
"alias" : "create unique user config",
|
||||
"config" : {
|
||||
"require.password.update.after.registration" : "false"
|
||||
}
|
||||
}, {
|
||||
"id" : "5cfbdf35-1766-4eb3-a404-3560ae3f4cac",
|
||||
"id" : "ac6b9188-f0ec-48ec-852a-8e3b331b33a6",
|
||||
"alias" : "review profile config",
|
||||
"config" : {
|
||||
"update.profile.on.first.login" : "missing"
|
||||
|
|
|
@ -2,12 +2,12 @@ email,spiffworkflow-employeeid
|
|||
# admin@spiffworkflow.org
|
||||
amir@status.im
|
||||
app.program.lead@status.im,121
|
||||
core@status.im,113
|
||||
core1.contributor@status.im,155
|
||||
core2.contributor@status.im,156
|
||||
core3.contributor@status.im,157
|
||||
core4.contributor@status.im,158
|
||||
core5.contributor@status.im,159
|
||||
core@status.im,113
|
||||
dao.project.lead@status.im
|
||||
desktop.program.lead@status.im
|
||||
desktop.project.lead@status.im
|
||||
|
@ -19,26 +19,35 @@ infra.project-lead@status.im,130
|
|||
infra.sme@status.im,119
|
||||
infra1.sme@status.im,131
|
||||
infra2.sme@status.im,132
|
||||
infra3.sme@status.im,167
|
||||
jakub@status.im
|
||||
jarrad@status.im
|
||||
lead@status.im,114
|
||||
legal.project-lead@status.im,133
|
||||
legal.sme@status.im,125
|
||||
legal1.sme@status.im,134
|
||||
legal2.sme@status.im,165
|
||||
legal3.sme@status.im,166
|
||||
manuchehr@status.im,110
|
||||
peopleops.project-lead@status.im,147
|
||||
peopleops.partner.sme@status.im,148
|
||||
peopleops.partner1.sme@status.im,149
|
||||
peopleops.partner2.sme@status.im,173
|
||||
peopleops.partner3.sme@status.im,174
|
||||
peopleops.partner@status.im,150
|
||||
peopleops.project-lead@status.im,147
|
||||
peopleops.talent.sme@status.im,143
|
||||
peopleops.talent1.sme@status.im,142
|
||||
peopleops.talent@status.im,141
|
||||
ppg.ba.project-lead@status.im,137
|
||||
ppg.ba.sme1@status.im,139
|
||||
ppg.ba.sme@status.im,138
|
||||
ppg.ba1.sme@status.im,170
|
||||
ppg.ba2.sme@status.im,171
|
||||
ppg.ba3.sme@status.im,172
|
||||
ppg.ba@status.im,127
|
||||
sasha@status.im,112
|
||||
security.project-lead@status.im,151
|
||||
security.sme@status.im,123
|
||||
security1.sme@status.im,135
|
||||
security2.sme@status.im,168
|
||||
security3.sme@status.im,169
|
||||
services.lead@status.im,122
|
||||
|
|
|
@ -115,7 +115,7 @@ def create_app() -> flask.app.Flask:
|
|||
# need to continually keep asking for the same path.
|
||||
origins_re = [
|
||||
r"^https?:\/\/%s(.*)" % o.replace(".", r"\.")
|
||||
for o in app.config["CORS_ALLOW_ORIGINS"]
|
||||
for o in app.config["SPIFFWORKFLOW_BACKEND_CORS_ALLOW_ORIGINS"]
|
||||
]
|
||||
CORS(app, origins=origins_re, max_age=3600, supports_credentials=True)
|
||||
|
||||
|
@ -128,7 +128,7 @@ def create_app() -> flask.app.Flask:
|
|||
|
||||
# do not start the scheduler twice in flask debug mode
|
||||
if (
|
||||
app.config["RUN_BACKGROUND_SCHEDULER"]
|
||||
app.config["SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER"]
|
||||
and os.environ.get("WERKZEUG_RUN_MAIN") != "true"
|
||||
):
|
||||
start_scheduler(app)
|
||||
|
@ -147,13 +147,15 @@ def get_hacked_up_app_for_script() -> flask.app.Flask:
|
|||
os.environ["SPIFFWORKFLOW_BACKEND_ENV"] = "local_development"
|
||||
flask_env_key = "FLASK_SESSION_SECRET_KEY"
|
||||
os.environ[flask_env_key] = "whatevs"
|
||||
if "BPMN_SPEC_ABSOLUTE_DIR" not in os.environ:
|
||||
if "SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR" not in os.environ:
|
||||
home = os.environ["HOME"]
|
||||
full_process_model_path = (
|
||||
f"{home}/projects/github/sartography/sample-process-models"
|
||||
)
|
||||
if os.path.isdir(full_process_model_path):
|
||||
os.environ["BPMN_SPEC_ABSOLUTE_DIR"] = full_process_model_path
|
||||
os.environ["SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"] = (
|
||||
full_process_model_path
|
||||
)
|
||||
else:
|
||||
raise Exception(f"Could not find {full_process_model_path}")
|
||||
app = create_app()
|
||||
|
@ -198,20 +200,28 @@ def configure_sentry(app: flask.app.Flask) -> None:
|
|||
return None
|
||||
return event
|
||||
|
||||
sentry_errors_sample_rate = app.config.get("SENTRY_ERRORS_SAMPLE_RATE")
|
||||
sentry_errors_sample_rate = app.config.get(
|
||||
"SPIFFWORKFLOW_BACKEND_SENTRY_ERRORS_SAMPLE_RATE"
|
||||
)
|
||||
if sentry_errors_sample_rate is None:
|
||||
raise Exception("SENTRY_ERRORS_SAMPLE_RATE is not set somehow")
|
||||
raise Exception(
|
||||
"SPIFFWORKFLOW_BACKEND_SENTRY_ERRORS_SAMPLE_RATE is not set somehow"
|
||||
)
|
||||
|
||||
sentry_traces_sample_rate = app.config.get("SENTRY_TRACES_SAMPLE_RATE")
|
||||
sentry_traces_sample_rate = app.config.get(
|
||||
"SPIFFWORKFLOW_BACKEND_SENTRY_TRACES_SAMPLE_RATE"
|
||||
)
|
||||
if sentry_traces_sample_rate is None:
|
||||
raise Exception("SENTRY_TRACES_SAMPLE_RATE is not set somehow")
|
||||
raise Exception(
|
||||
"SPIFFWORKFLOW_BACKEND_SENTRY_TRACES_SAMPLE_RATE is not set somehow"
|
||||
)
|
||||
|
||||
# profiling doesn't work on windows, because of an issue like https://github.com/nvdv/vprof/issues/62
|
||||
# but also we commented out profiling because it was causing segfaults (i guess it is marked experimental)
|
||||
# profiles_sample_rate = 0 if sys.platform.startswith("win") else 1
|
||||
|
||||
sentry_sdk.init(
|
||||
dsn=app.config.get("SENTRY_DSN"),
|
||||
dsn=app.config.get("SPIFFWORKFLOW_BACKEND_SENTRY_DSN"),
|
||||
integrations=[
|
||||
FlaskIntegration(),
|
||||
],
|
||||
|
|
|
@ -17,17 +17,17 @@ def setup_database_uri(app: Flask) -> None:
|
|||
"""Setup_database_uri."""
|
||||
if app.config.get("SPIFFWORKFLOW_BACKEND_DATABASE_URI") is None:
|
||||
database_name = f"spiffworkflow_backend_{app.config['ENV_IDENTIFIER']}"
|
||||
if app.config.get("SPIFF_DATABASE_TYPE") == "sqlite":
|
||||
if app.config.get("SPIFFWORKFLOW_BACKEND_DATABASE_TYPE") == "sqlite":
|
||||
app.config["SQLALCHEMY_DATABASE_URI"] = (
|
||||
f"sqlite:///{app.instance_path}/db_{app.config['ENV_IDENTIFIER']}.sqlite3"
|
||||
)
|
||||
elif app.config.get("SPIFF_DATABASE_TYPE") == "postgres":
|
||||
elif app.config.get("SPIFFWORKFLOW_BACKEND_DATABASE_TYPE") == "postgres":
|
||||
app.config["SQLALCHEMY_DATABASE_URI"] = (
|
||||
f"postgresql://spiffworkflow_backend:spiffworkflow_backend@localhost:5432/{database_name}"
|
||||
)
|
||||
else:
|
||||
# use pswd to trick flake8 with hardcoded passwords
|
||||
db_pswd = os.environ.get("DB_PASSWORD")
|
||||
db_pswd = app.config.get("SPIFFWORKFLOW_BACKEND_DATABASE_PASSWORD")
|
||||
if db_pswd is None:
|
||||
db_pswd = ""
|
||||
app.config["SQLALCHEMY_DATABASE_URI"] = (
|
||||
|
@ -45,22 +45,30 @@ def load_config_file(app: Flask, env_config_module: str) -> None:
|
|||
app.config.from_object(env_config_module)
|
||||
print(f"loaded config: {env_config_module}")
|
||||
except ImportStringError as exception:
|
||||
if os.environ.get("TERRAFORM_DEPLOYED_ENVIRONMENT") != "true":
|
||||
if (
|
||||
os.environ.get("SPIFFWORKFLOW_BACKEND_TERRAFORM_DEPLOYED_ENVIRONMENT")
|
||||
!= "true"
|
||||
):
|
||||
raise ModuleNotFoundError(
|
||||
f"Cannot find config module: {env_config_module}"
|
||||
) from exception
|
||||
|
||||
|
||||
def _set_up_tenant_specific_fields_as_list_of_strings(app: Flask) -> None:
|
||||
tenant_specific_fields = app.config.get("OPEN_ID_TENANT_SPECIFIC_FIELDS")
|
||||
tenant_specific_fields = app.config.get(
|
||||
"SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS"
|
||||
)
|
||||
|
||||
if tenant_specific_fields is None or tenant_specific_fields == "":
|
||||
app.config["OPEN_ID_TENANT_SPECIFIC_FIELDS"] = []
|
||||
app.config["SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS"] = []
|
||||
else:
|
||||
app.config["OPEN_ID_TENANT_SPECIFIC_FIELDS"] = tenant_specific_fields.split(",")
|
||||
if len(app.config["OPEN_ID_TENANT_SPECIFIC_FIELDS"]) > 3:
|
||||
app.config["SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS"] = (
|
||||
tenant_specific_fields.split(",")
|
||||
)
|
||||
if len(app.config["SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS"]) > 3:
|
||||
raise ConfigurationError(
|
||||
"OPEN_ID_TENANT_SPECIFIC_FIELDS can have a maximum of 3 fields"
|
||||
"SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS can have a"
|
||||
" maximum of 3 fields"
|
||||
)
|
||||
|
||||
|
||||
|
@ -80,7 +88,7 @@ def setup_config(app: Flask) -> None:
|
|||
|
||||
env_config_prefix = "spiffworkflow_backend.config."
|
||||
if (
|
||||
os.environ.get("TERRAFORM_DEPLOYED_ENVIRONMENT") == "true"
|
||||
os.environ.get("SPIFFWORKFLOW_BACKEND_TERRAFORM_DEPLOYED_ENVIRONMENT") == "true"
|
||||
and os.environ.get("SPIFFWORKFLOW_BACKEND_ENV") is not None
|
||||
):
|
||||
load_config_file(app, f"{env_config_prefix}terraform_deployed_environment")
|
||||
|
@ -116,8 +124,10 @@ def setup_config(app: Flask) -> None:
|
|||
# src/spiffworkflow_backend/config/secrets.py
|
||||
app.config.from_pyfile(os.path.join("config", "secrets.py"), silent=True)
|
||||
|
||||
if app.config["BPMN_SPEC_ABSOLUTE_DIR"] is None:
|
||||
raise ConfigurationError("BPMN_SPEC_ABSOLUTE_DIR config must be set")
|
||||
if app.config["SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"] is None:
|
||||
raise ConfigurationError(
|
||||
"SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR config must be set"
|
||||
)
|
||||
|
||||
app.config["PROCESS_UUID"] = uuid.uuid4()
|
||||
|
||||
|
|
|
@ -2,44 +2,52 @@
|
|||
import re
|
||||
from os import environ
|
||||
|
||||
BPMN_SPEC_ABSOLUTE_DIR = environ.get("BPMN_SPEC_ABSOLUTE_DIR")
|
||||
SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"
|
||||
)
|
||||
cors_allow_all = "*"
|
||||
CORS_ALLOW_ORIGINS = re.split(
|
||||
r",\s*", environ.get("CORS_ALLOW_ORIGINS", default=cors_allow_all)
|
||||
SPIFFWORKFLOW_BACKEND_CORS_ALLOW_ORIGINS = re.split(
|
||||
r",\s*",
|
||||
environ.get("SPIFFWORKFLOW_BACKEND_CORS_ALLOW_ORIGINS", default=cors_allow_all),
|
||||
)
|
||||
|
||||
RUN_BACKGROUND_SCHEDULER = (
|
||||
environ.get("RUN_BACKGROUND_SCHEDULER", default="false") == "true"
|
||||
SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER = (
|
||||
environ.get("SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER", default="false")
|
||||
== "true"
|
||||
)
|
||||
SPIFFWORKFLOW_FRONTEND_URL = environ.get(
|
||||
"SPIFFWORKFLOW_FRONTEND_URL", default="http://localhost:7001"
|
||||
SPIFFWORKFLOW_BACKEND_URL_FOR_FRONTEND = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_URL_FOR_FRONTEND", default="http://localhost:7001"
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_URL = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_URL", default="http://localhost:7000"
|
||||
)
|
||||
# service task connector proxy
|
||||
CONNECTOR_PROXY_URL = environ.get(
|
||||
"CONNECTOR_PROXY_URL", default="http://localhost:7004"
|
||||
SPIFFWORKFLOW_BACKEND_CONNECTOR_PROXY_URL = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_CONNECTOR_PROXY_URL", default="http://localhost:7004"
|
||||
)
|
||||
|
||||
# Open ID server
|
||||
OPEN_ID_SERVER_URL = environ.get(
|
||||
"OPEN_ID_SERVER_URL",
|
||||
default="http://localhost:7002/realms/spiffworkflow"
|
||||
# "OPEN_ID_SERVER_URL", default="http://localhost:7000/openid"
|
||||
# use "http://localhost:7000/openid" for running with simple openid
|
||||
# server hosted by spiffworkflow-backend
|
||||
SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL",
|
||||
default="http://localhost:7002/realms/spiffworkflow",
|
||||
)
|
||||
|
||||
# Replace above line with this to use the built-in Open ID Server.
|
||||
# OPEN_ID_SERVER_URL = environ.get("OPEN_ID_SERVER_URL", default="http://localhost:7000/openid")
|
||||
OPEN_ID_CLIENT_ID = environ.get("OPEN_ID_CLIENT_ID", default="spiffworkflow-backend")
|
||||
OPEN_ID_CLIENT_SECRET_KEY = environ.get(
|
||||
"OPEN_ID_CLIENT_SECRET_KEY", default="JXeQExm0JhQPLumgHtIIqf52bDalHz0q"
|
||||
SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_ID = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_ID", default="spiffworkflow-backend"
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_SECRET_KEY = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_SECRET_KEY",
|
||||
default="JXeQExm0JhQPLumgHtIIqf52bDalHz0q",
|
||||
) # noqa: S105
|
||||
|
||||
# Tenant specific fields is a comma separated list of field names that we will convert to list of strings
|
||||
# and store in the user table's tenant_specific_field_n columns. You can have up to three items in this
|
||||
# comma-separated list.
|
||||
OPEN_ID_TENANT_SPECIFIC_FIELDS = environ.get("OPEN_ID_TENANT_SPECIFIC_FIELDS")
|
||||
SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS"
|
||||
)
|
||||
|
||||
SPIFFWORKFLOW_BACKEND_LOG_TO_FILE = (
|
||||
environ.get("SPIFFWORKFLOW_BACKEND_LOG_TO_FILE", default="false") == "true"
|
||||
|
@ -50,13 +58,21 @@ SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = environ.get(
|
|||
)
|
||||
|
||||
# Sentry Configuration
|
||||
SENTRY_DSN = environ.get("SENTRY_DSN", default="")
|
||||
SENTRY_ERRORS_SAMPLE_RATE = environ.get(
|
||||
"SENTRY_ERRORS_SAMPLE_RATE", default="1"
|
||||
SPIFFWORKFLOW_BACKEND_SENTRY_DSN = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_SENTRY_DSN", default=""
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_SENTRY_ERRORS_SAMPLE_RATE = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_SENTRY_ERRORS_SAMPLE_RATE", default="1"
|
||||
) # send all errors
|
||||
SENTRY_TRACES_SAMPLE_RATE = environ.get(
|
||||
"SENTRY_TRACES_SAMPLE_RATE", default="0.01"
|
||||
SPIFFWORKFLOW_BACKEND_SENTRY_TRACES_SAMPLE_RATE = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_SENTRY_TRACES_SAMPLE_RATE", default="0.01"
|
||||
) # send 1% of traces
|
||||
SPIFFWORKFLOW_BACKEND_SENTRY_ORGANIZATION_SLUG = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_SENTRY_ORGANIZATION_SLUG", default=None
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_SENTRY_PROJECT_SLUG = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_SENTRY_PROJECT_SLUG", default=None
|
||||
)
|
||||
|
||||
SPIFFWORKFLOW_BACKEND_LOG_LEVEL = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_LOG_LEVEL", default="info"
|
||||
|
@ -64,31 +80,63 @@ SPIFFWORKFLOW_BACKEND_LOG_LEVEL = environ.get(
|
|||
|
||||
# When a user clicks on the `Publish` button, this is the default branch this server merges into.
|
||||
# I.e., dev server could have `staging` here. Staging server might have `production` here.
|
||||
GIT_BRANCH_TO_PUBLISH_TO = environ.get("GIT_BRANCH_TO_PUBLISH_TO")
|
||||
GIT_BRANCH = environ.get("GIT_BRANCH")
|
||||
GIT_CLONE_URL_FOR_PUBLISHING = environ.get("GIT_CLONE_URL")
|
||||
GIT_COMMIT_ON_SAVE = environ.get("GIT_COMMIT_ON_SAVE", default="false") == "true"
|
||||
GIT_SSH_PRIVATE_KEY = environ.get("GIT_SSH_PRIVATE_KEY")
|
||||
GIT_USERNAME = environ.get("GIT_USERNAME")
|
||||
GIT_USER_EMAIL = environ.get("GIT_USER_EMAIL")
|
||||
SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_TARGET_BRANCH = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_TARGET_BRANCH"
|
||||
)
|
||||
# This is the branch that the app automatically commits to every time the user clicks the save button
|
||||
# or otherwise changes a process model.
|
||||
# If publishing is enabled, the contents of this "staging area" / "scratch pad" / WIP spot will be used
|
||||
# as the relevant contents for process model that the user wants to publish.
|
||||
SPIFFWORKFLOW_BACKEND_GIT_SOURCE_BRANCH = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_GIT_SOURCE_BRANCH"
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_CLONE_URL = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_CLONE_URL"
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_GIT_COMMIT_ON_SAVE = (
|
||||
environ.get("SPIFFWORKFLOW_BACKEND_GIT_COMMIT_ON_SAVE", default="false") == "true"
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY"
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_GIT_USERNAME = environ.get("SPIFFWORKFLOW_BACKEND_GIT_USERNAME")
|
||||
SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL"
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_GITHUB_WEBHOOK_SECRET = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_GITHUB_WEBHOOK_SECRET", default=None
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY", default=None
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_GIT_USER_PASSWORD = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_GIT_USER_PASSWORD", default=None
|
||||
)
|
||||
|
||||
# Database Configuration
|
||||
SPIFF_DATABASE_TYPE = environ.get(
|
||||
"SPIFF_DATABASE_TYPE", default="mysql"
|
||||
SPIFFWORKFLOW_BACKEND_DATABASE_TYPE = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_DATABASE_TYPE", default="mysql"
|
||||
) # can also be sqlite, postgres
|
||||
# Overide above with specific sqlalchymy connection string.
|
||||
SPIFFWORKFLOW_BACKEND_DATABASE_URI = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_DATABASE_URI", default=None
|
||||
)
|
||||
SYSTEM_NOTIFICATION_PROCESS_MODEL_MESSAGE_ID = environ.get(
|
||||
"SYSTEM_NOTIFICATION_PROCESS_MODEL_MESSAGE_ID",
|
||||
SPIFFWORKFLOW_BACKEND_SYSTEM_NOTIFICATION_PROCESS_MODEL_MESSAGE_ID = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_SYSTEM_NOTIFICATION_PROCESS_MODEL_MESSAGE_ID",
|
||||
default="Message_SystemMessageNotification",
|
||||
)
|
||||
|
||||
ALLOW_CONFISCATING_LOCK_AFTER_SECONDS = int(
|
||||
environ.get("ALLOW_CONFISCATING_LOCK_AFTER_SECONDS", default="600")
|
||||
SPIFFWORKFLOW_BACKEND_ALLOW_CONFISCATING_LOCK_AFTER_SECONDS = int(
|
||||
environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_ALLOW_CONFISCATING_LOCK_AFTER_SECONDS", default="600"
|
||||
)
|
||||
)
|
||||
|
||||
SPIFFWORKFLOW_BACKEND_DEFAULT_USER_GROUP = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_DEFAULT_USER_GROUP", default="everybody"
|
||||
)
|
||||
|
||||
# this is only used in CI. use SPIFFWORKFLOW_BACKEND_DATABASE_URI instead for real configuration
|
||||
SPIFFWORKFLOW_BACKEND_DATABASE_PASSWORD = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_DATABASE_PASSWORD", default=None
|
||||
)
|
||||
|
|
|
@ -1,14 +1,15 @@
|
|||
"""Demo environment."""
|
||||
from os import environ
|
||||
|
||||
GIT_COMMIT_ON_SAVE = True
|
||||
GIT_USERNAME = "demo"
|
||||
GIT_USER_EMAIL = "demo@example.com"
|
||||
SPIFFWORKFLOW_BACKEND_GIT_COMMIT_ON_SAVE = True
|
||||
SPIFFWORKFLOW_BACKEND_GIT_USERNAME = "demo"
|
||||
SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL = "demo@example.com"
|
||||
SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME",
|
||||
default="terraform_deployed_environment.yml",
|
||||
)
|
||||
|
||||
RUN_BACKGROUND_SCHEDULER = (
|
||||
environ.get("RUN_BACKGROUND_SCHEDULER", default="false") == "true"
|
||||
SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER = (
|
||||
environ.get("SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER", default="false")
|
||||
== "true"
|
||||
)
|
||||
|
|
|
@ -1,9 +1,14 @@
|
|||
"""Dev."""
|
||||
from os import environ
|
||||
|
||||
GIT_BRANCH_TO_PUBLISH_TO = environ.get("GIT_BRANCH_TO_PUBLISH_TO", default="staging")
|
||||
GIT_USERNAME = environ.get("GIT_USERNAME", default="sartography-automated-committer")
|
||||
GIT_USER_EMAIL = environ.get(
|
||||
"GIT_USER_EMAIL", default="sartography-automated-committer@users.noreply.github.com"
|
||||
SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_TARGET_BRANCH = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_TARGET_BRANCH", default="staging"
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_GIT_USERNAME = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_GIT_USERNAME", default="sartography-automated-committer"
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL",
|
||||
default="sartography-automated-committer@users.noreply.github.com",
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = "dev.yml"
|
||||
|
|
|
@ -9,11 +9,15 @@ SPIFFWORKFLOW_BACKEND_LOG_LEVEL = environ.get(
|
|||
"SPIFFWORKFLOW_BACKEND_LOG_LEVEL", default="debug"
|
||||
)
|
||||
|
||||
RUN_BACKGROUND_SCHEDULER = (
|
||||
environ.get("RUN_BACKGROUND_SCHEDULER", default="false") == "true"
|
||||
SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER = (
|
||||
environ.get("SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER", default="false")
|
||||
== "true"
|
||||
)
|
||||
GIT_CLONE_URL_FOR_PUBLISHING = environ.get(
|
||||
"GIT_CLONE_URL", default="https://github.com/sartography/sample-process-models.git"
|
||||
SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_CLONE_URL = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_CLONE_URL",
|
||||
default="https://github.com/sartography/sample-process-models.git",
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_GIT_USERNAME = "sartography-automated-committer"
|
||||
SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL = (
|
||||
f"{SPIFFWORKFLOW_BACKEND_GIT_USERNAME}@users.noreply.github.com"
|
||||
)
|
||||
GIT_USERNAME = "sartography-automated-committer"
|
||||
GIT_USER_EMAIL = f"{GIT_USERNAME}@users.noreply.github.com"
|
||||
|
|
|
@ -1,10 +1,15 @@
|
|||
"""Qa1."""
|
||||
from os import environ
|
||||
|
||||
GIT_BRANCH_TO_PUBLISH_TO = environ.get("GIT_BRANCH_TO_PUBLISH_TO", default="qa2")
|
||||
GIT_USERNAME = environ.get("GIT_USERNAME", default="sartography-automated-committer")
|
||||
GIT_USER_EMAIL = environ.get(
|
||||
"GIT_USER_EMAIL", default=f"{GIT_USERNAME}@users.noreply.github.com"
|
||||
SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_TARGET_BRANCH = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_TARGET_BRANCH", default="qa2"
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_GIT_USERNAME = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_GIT_USERNAME", default="sartography-automated-committer"
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL",
|
||||
default=f"{SPIFFWORKFLOW_BACKEND_GIT_USERNAME}@users.noreply.github.com",
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME", default="qa1.yml"
|
||||
|
|
|
@ -4,7 +4,11 @@ from os import environ
|
|||
SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME", default="qa1.yml"
|
||||
)
|
||||
SPIFFWORKFLOW_FRONTEND_URL = "https://qa2.spiffworkflow.org"
|
||||
OPEN_ID_SERVER_URL = "https://qa2.spiffworkflow.org/keycloak/realms/spiffworkflow"
|
||||
SPIFFWORKFLOW_BACKEND_URL_FOR_FRONTEND = "https://qa2.spiffworkflow.org"
|
||||
SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL = (
|
||||
"https://qa2.spiffworkflow.org/keycloak/realms/spiffworkflow"
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_URL = "https://qa2.spiffworkflow.org/api"
|
||||
CONNECTOR_PROXY_URL = "https://qa2.spiffworkflow.org/connector-proxy"
|
||||
SPIFFWORKFLOW_BACKEND_CONNECTOR_PROXY_URL = (
|
||||
"https://qa2.spiffworkflow.org/connector-proxy"
|
||||
)
|
||||
|
|
|
@ -2,9 +2,14 @@
|
|||
from os import environ
|
||||
|
||||
environment_identifier_for_this_config_file_only = environ["SPIFFWORKFLOW_BACKEND_ENV"]
|
||||
OPEN_ID_SERVER_URL = f"https://keycloak.{environment_identifier_for_this_config_file_only}.spiffworkflow.org/realms/sartography"
|
||||
GIT_BRANCH = environ.get("GIT_BRANCH", default="main")
|
||||
GIT_CLONE_URL_FOR_PUBLISHING = environ.get(
|
||||
"GIT_CLONE_URL",
|
||||
SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL = (
|
||||
f"https://keycloak.{environment_identifier_for_this_config_file_only}"
|
||||
".spiffworkflow.org/realms/sartography"
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_GIT_SOURCE_BRANCH = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_GIT_SOURCE_BRANCH", default="main"
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_CLONE_URL = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_CLONE_URL",
|
||||
default="https://github.com/sartography/sartography-process-models.git",
|
||||
)
|
||||
|
|
|
@ -1,7 +1,11 @@
|
|||
"""Staging."""
|
||||
from os import environ
|
||||
|
||||
GIT_BRANCH = environ.get("GIT_BRANCH", default="staging")
|
||||
GIT_BRANCH_TO_PUBLISH_TO = environ.get("GIT_BRANCH_TO_PUBLISH_TO", default="main")
|
||||
GIT_COMMIT_ON_SAVE = False
|
||||
SPIFFWORKFLOW_BACKEND_GIT_SOURCE_BRANCH = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_GIT_SOURCE_BRANCH", default="staging"
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_TARGET_BRANCH = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_TARGET_BRANCH", default="main"
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_GIT_COMMIT_ON_SAVE = False
|
||||
SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = "staging.yml"
|
||||
|
|
|
@ -4,26 +4,36 @@ from os import environ
|
|||
# default.py already ensured that this key existed as was not None
|
||||
environment_identifier_for_this_config_file_only = environ["SPIFFWORKFLOW_BACKEND_ENV"]
|
||||
|
||||
GIT_COMMIT_ON_SAVE = True
|
||||
GIT_USERNAME = "sartography-automated-committer"
|
||||
GIT_USER_EMAIL = f"{GIT_USERNAME}@users.noreply.github.com"
|
||||
SPIFFWORKFLOW_BACKEND_GIT_COMMIT_ON_SAVE = True
|
||||
SPIFFWORKFLOW_BACKEND_GIT_USERNAME = "sartography-automated-committer"
|
||||
SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL = (
|
||||
f"{SPIFFWORKFLOW_BACKEND_GIT_USERNAME}@users.noreply.github.com"
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME",
|
||||
default="terraform_deployed_environment.yml",
|
||||
)
|
||||
|
||||
RUN_BACKGROUND_SCHEDULER = (
|
||||
environ.get("RUN_BACKGROUND_SCHEDULER", default="false") == "true"
|
||||
SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER = (
|
||||
environ.get("SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER", default="false")
|
||||
== "true"
|
||||
)
|
||||
|
||||
OPEN_ID_SERVER_URL = f"https://keycloak.{environment_identifier_for_this_config_file_only}.spiffworkflow.org/realms/spiffworkflow"
|
||||
SPIFFWORKFLOW_FRONTEND_URL = (
|
||||
SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL = (
|
||||
f"https://keycloak.{environment_identifier_for_this_config_file_only}"
|
||||
".spiffworkflow.org/realms/spiffworkflow"
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_URL_FOR_FRONTEND = (
|
||||
f"https://{environment_identifier_for_this_config_file_only}.spiffworkflow.org"
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_URL = (
|
||||
f"https://api.{environment_identifier_for_this_config_file_only}.spiffworkflow.org"
|
||||
)
|
||||
CONNECTOR_PROXY_URL = f"https://connector-proxy.{environment_identifier_for_this_config_file_only}.spiffworkflow.org"
|
||||
GIT_CLONE_URL_FOR_PUBLISHING = environ.get(
|
||||
"GIT_CLONE_URL", default="https://github.com/sartography/sample-process-models.git"
|
||||
SPIFFWORKFLOW_BACKEND_CONNECTOR_PROXY_URL = (
|
||||
f"https://connector-proxy.{environment_identifier_for_this_config_file_only}"
|
||||
".spiffworkflow.org"
|
||||
)
|
||||
SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_CLONE_URL = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_CLONE_URL",
|
||||
default="https://github.com/sartography/sample-process-models.git",
|
||||
)
|
||||
|
|
|
@ -15,11 +15,11 @@ SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = environ.get(
|
|||
SPIFFWORKFLOW_BACKEND_LOG_LEVEL = environ.get(
|
||||
"SPIFFWORKFLOW_BACKEND_LOG_LEVEL", default="debug"
|
||||
)
|
||||
GIT_COMMIT_ON_SAVE = False
|
||||
SPIFFWORKFLOW_BACKEND_GIT_COMMIT_ON_SAVE = False
|
||||
|
||||
# NOTE: set this here since nox shoves tests and src code to
|
||||
# different places and this allows us to know exactly where we are at the start
|
||||
BPMN_SPEC_ABSOLUTE_DIR = os.path.join(
|
||||
SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR = os.path.join(
|
||||
os.path.dirname(__file__),
|
||||
"..",
|
||||
"..",
|
||||
|
|
|
@ -206,8 +206,12 @@ def handle_exception(exception: Exception) -> flask.wrappers.Response:
|
|||
f" {exception.error_code}"
|
||||
)
|
||||
|
||||
organization_slug = current_app.config.get("SENTRY_ORGANIZATION_SLUG")
|
||||
project_slug = current_app.config.get("SENTRY_PROJECT_SLUG")
|
||||
organization_slug = current_app.config.get(
|
||||
"SPIFFWORKFLOW_BACKEND_SENTRY_ORGANIZATION_SLUG"
|
||||
)
|
||||
project_slug = current_app.config.get(
|
||||
"SPIFFWORKFLOW_BACKEND_SENTRY_PROJECT_SLUG"
|
||||
)
|
||||
if organization_slug and project_slug:
|
||||
sentry_link = (
|
||||
f"https://sentry.io/{organization_slug}/{project_slug}/events/{id}"
|
||||
|
|
|
@ -15,16 +15,16 @@
|
|||
<form id="login" method="post" action="{{ url_for('openid.form_submit') }}">
|
||||
<p><b>Important:</b> This login form is for demonstration purposes only. In production systems you should
|
||||
be using a real Open ID System.</p>
|
||||
<input type="text" class="cds--text-input" name="Uname" id="Uname" placeholder="Username">
|
||||
<input type="text" class="cds--text-input" name="Uname" id="username" placeholder="Username">
|
||||
<br><br>
|
||||
<input type="Password" class="cds--text-input" name="Pass" id="Pass" placeholder="Password">
|
||||
<input type="Password" class="cds--text-input" name="Pass" id="password" placeholder="Password">
|
||||
<br><br>
|
||||
<input type="hidden" name="state" value="{{state}}"/>
|
||||
<input type="hidden" name="response_type" value="{{response_type}}"/>
|
||||
<input type="hidden" name="client_id" value="{{client_id}}"/>
|
||||
<input type="hidden" name="scope" value="{{scope}}"/>
|
||||
<input type="hidden" name="redirect_uri" value="{{redirect_uri}}"/>
|
||||
<input type="submit" name="log" class="cds--btn cds--btn--primary" value="Log In">
|
||||
<input type="submit" name="log" class="cds--btn cds--btn--primary" id="spiff-login-button" value="Log In">
|
||||
<br><br>
|
||||
<!-- should maybe add this stuff in eventually, but this is just for testing.
|
||||
<input type="checkbox" id="check">
|
||||
|
|
|
@ -305,7 +305,7 @@ def manual_complete_task(
|
|||
|
||||
def _commit_and_push_to_git(message: str) -> None:
|
||||
"""Commit_and_push_to_git."""
|
||||
if current_app.config["GIT_COMMIT_ON_SAVE"]:
|
||||
if current_app.config["SPIFFWORKFLOW_BACKEND_GIT_COMMIT_ON_SAVE"]:
|
||||
git_output = GitService.commit(message=message)
|
||||
current_app.logger.info(f"git output: {git_output}")
|
||||
else:
|
||||
|
|
|
@ -136,7 +136,7 @@ def process_instance_run(
|
|||
finally:
|
||||
processor.unlock_process_instance("Web")
|
||||
|
||||
if not current_app.config["RUN_BACKGROUND_SCHEDULER"]:
|
||||
if not current_app.config["SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER"]:
|
||||
MessageService.process_message_instances()
|
||||
|
||||
process_instance_api = ProcessInstanceService.processor_to_process_instance_api(
|
||||
|
|
|
@ -225,10 +225,12 @@ def process_model_publish(
|
|||
) -> flask.wrappers.Response:
|
||||
"""Process_model_publish."""
|
||||
if branch_to_update is None:
|
||||
branch_to_update = current_app.config["GIT_BRANCH_TO_PUBLISH_TO"]
|
||||
branch_to_update = current_app.config[
|
||||
"SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_TARGET_BRANCH"
|
||||
]
|
||||
if branch_to_update is None:
|
||||
raise MissingGitConfigsError(
|
||||
"Missing config for GIT_BRANCH_TO_PUBLISH_TO. "
|
||||
"Missing config for SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_TARGET_BRANCH. "
|
||||
"This is required for publishing process models"
|
||||
)
|
||||
process_model_identifier = _un_modify_modified_process_model_id(
|
||||
|
|
|
@ -27,7 +27,9 @@ def authentication_list() -> flask.wrappers.Response:
|
|||
available_authentications = ServiceTaskService.authentication_list()
|
||||
response_json = {
|
||||
"results": available_authentications,
|
||||
"connector_proxy_base_url": current_app.config["CONNECTOR_PROXY_URL"],
|
||||
"connector_proxy_base_url": current_app.config[
|
||||
"SPIFFWORKFLOW_BACKEND_CONNECTOR_PROXY_URL"
|
||||
],
|
||||
"redirect_url": f"{current_app.config['SPIFFWORKFLOW_BACKEND_URL']}/v1.0/authentication_callback",
|
||||
}
|
||||
|
||||
|
@ -45,5 +47,5 @@ def authentication_callback(
|
|||
f"{service}/{auth_method}", response, g.user.id, create_if_not_exists=True
|
||||
)
|
||||
return redirect(
|
||||
f"{current_app.config['SPIFFWORKFLOW_FRONTEND_URL']}/admin/configuration"
|
||||
f"{current_app.config['SPIFFWORKFLOW_BACKEND_URL_FOR_FRONTEND']}/admin/configuration"
|
||||
)
|
||||
|
|
|
@ -674,7 +674,7 @@ def _get_potential_owner_usernames(assigned_user: AliasedClass) -> Any:
|
|||
potential_owner_usernames_from_group_concat_or_similar = func.group_concat(
|
||||
assigned_user.username.distinct()
|
||||
).label("potential_owner_usernames")
|
||||
db_type = current_app.config.get("SPIFF_DATABASE_TYPE")
|
||||
db_type = current_app.config.get("SPIFFWORKFLOW_BACKEND_DATABASE_TYPE")
|
||||
|
||||
if db_type == "postgres":
|
||||
potential_owner_usernames_from_group_concat_or_similar = func.string_agg(
|
||||
|
|
|
@ -186,7 +186,9 @@ def set_new_access_token_in_cookie(
|
|||
"""
|
||||
tld = current_app.config["THREAD_LOCAL_DATA"]
|
||||
domain_for_frontend_cookie: Optional[str] = re.sub(
|
||||
r"^https?:\/\/", "", current_app.config["SPIFFWORKFLOW_FRONTEND_URL"]
|
||||
r"^https?:\/\/",
|
||||
"",
|
||||
current_app.config["SPIFFWORKFLOW_BACKEND_URL_FOR_FRONTEND"],
|
||||
)
|
||||
if domain_for_frontend_cookie and domain_for_frontend_cookie.startswith(
|
||||
"localhost"
|
||||
|
@ -351,7 +353,7 @@ def logout(id_token: str, redirect_url: Optional[str]) -> Response:
|
|||
|
||||
def logout_return() -> Response:
|
||||
"""Logout_return."""
|
||||
frontend_url = str(current_app.config["SPIFFWORKFLOW_FRONTEND_URL"])
|
||||
frontend_url = str(current_app.config["SPIFFWORKFLOW_BACKEND_URL_FOR_FRONTEND"])
|
||||
return redirect(f"{frontend_url}/")
|
||||
|
||||
|
||||
|
|
|
@ -28,4 +28,4 @@ class GetFrontendUrl(Script):
|
|||
**kwargs: Any
|
||||
) -> Any:
|
||||
"""Run."""
|
||||
return current_app.config["SPIFFWORKFLOW_FRONTEND_URL"]
|
||||
return current_app.config["SPIFFWORKFLOW_BACKEND_URL_FOR_FRONTEND"]
|
||||
|
|
|
@ -63,17 +63,19 @@ class AuthenticationService:
|
|||
@staticmethod
|
||||
def client_id() -> str:
|
||||
"""Returns the client id from the config."""
|
||||
return current_app.config.get("OPEN_ID_CLIENT_ID", "")
|
||||
return current_app.config.get("SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_ID", "")
|
||||
|
||||
@staticmethod
|
||||
def server_url() -> str:
|
||||
"""Returns the server url from the config."""
|
||||
return current_app.config.get("OPEN_ID_SERVER_URL", "")
|
||||
return current_app.config.get("SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL", "")
|
||||
|
||||
@staticmethod
|
||||
def secret_key() -> str:
|
||||
"""Returns the secret key from the config."""
|
||||
return current_app.config.get("OPEN_ID_CLIENT_SECRET_KEY", "")
|
||||
return current_app.config.get(
|
||||
"SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_SECRET_KEY", ""
|
||||
)
|
||||
|
||||
@classmethod
|
||||
def open_id_endpoint_for_name(cls, name: str) -> str:
|
||||
|
|
|
@ -107,7 +107,9 @@ class AuthorizationService:
|
|||
)
|
||||
|
||||
received_sign = auth_header.split("sha256=")[-1].strip()
|
||||
secret = current_app.config["GITHUB_WEBHOOK_SECRET"].encode()
|
||||
secret = current_app.config[
|
||||
"SPIFFWORKFLOW_BACKEND_GITHUB_WEBHOOK_SECRET"
|
||||
].encode()
|
||||
expected_sign = HMAC(key=secret, msg=request.data, digestmod=sha256).hexdigest()
|
||||
if not compare_digest(received_sign, expected_sign):
|
||||
raise TokenInvalidError(
|
||||
|
@ -504,7 +506,7 @@ class AuthorizationService:
|
|||
user_attributes["service_id"] = user_info["sub"]
|
||||
|
||||
for field_index, tenant_specific_field in enumerate(
|
||||
current_app.config["OPEN_ID_TENANT_SPECIFIC_FIELDS"]
|
||||
current_app.config["SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS"]
|
||||
):
|
||||
if tenant_specific_field in user_info:
|
||||
field_number = field_index + 1
|
||||
|
|
|
@ -81,7 +81,7 @@ class ErrorHandlingService:
|
|||
)
|
||||
message_payload = {"message_text": message_text, "recipients": recipients}
|
||||
message_identifier = current_app.config[
|
||||
"SYSTEM_NOTIFICATION_PROCESS_MODEL_MESSAGE_ID"
|
||||
"SPIFFWORKFLOW_BACKEND_SYSTEM_NOTIFICATION_PROCESS_MODEL_MESSAGE_ID"
|
||||
]
|
||||
message_model = MessageModel.query.filter_by(
|
||||
identifier=message_identifier
|
||||
|
|
|
@ -40,7 +40,7 @@ class FileSystemService:
|
|||
@staticmethod
|
||||
def root_path() -> str:
|
||||
"""Root_path."""
|
||||
dir_name = current_app.config["BPMN_SPEC_ABSOLUTE_DIR"]
|
||||
dir_name = current_app.config["SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"]
|
||||
# ensure this is a string - thanks mypy...
|
||||
return os.path.abspath(os.path.join(dir_name, ""))
|
||||
|
||||
|
@ -66,7 +66,7 @@ class FileSystemService:
|
|||
|
||||
@staticmethod
|
||||
def process_model_relative_path(spec: ProcessModelInfo) -> str:
|
||||
"""Get the file path to a process model relative to BPMN_SPEC_ABSOLUTE_DIR.
|
||||
"""Get the file path to a process model relative to SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR.
|
||||
|
||||
If the full path is /path/to/process-group-a/group-b/process-model-a, it will return:
|
||||
process-group-a/group-b/process-model-a
|
||||
|
|
|
@ -37,7 +37,9 @@ class GitService:
|
|||
@classmethod
|
||||
def get_current_revision(cls) -> str:
|
||||
"""Get_current_revision."""
|
||||
bpmn_spec_absolute_dir = current_app.config["BPMN_SPEC_ABSOLUTE_DIR"]
|
||||
bpmn_spec_absolute_dir = current_app.config[
|
||||
"SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"
|
||||
]
|
||||
# The value includes a carriage return character at the end, so we don't grab the last character
|
||||
with FileSystemService.cd(bpmn_spec_absolute_dir):
|
||||
return cls.run_shell_command_to_get_stdout(
|
||||
|
@ -52,7 +54,9 @@ class GitService:
|
|||
file_name: Optional[str] = None,
|
||||
) -> str:
|
||||
"""Get_instance_file_contents_for_revision."""
|
||||
bpmn_spec_absolute_dir = current_app.config["BPMN_SPEC_ABSOLUTE_DIR"]
|
||||
bpmn_spec_absolute_dir = current_app.config[
|
||||
"SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"
|
||||
]
|
||||
process_model_relative_path = FileSystemService.process_model_relative_path(
|
||||
process_model
|
||||
)
|
||||
|
@ -78,22 +82,31 @@ class GitService:
|
|||
cls.check_for_basic_configs()
|
||||
branch_name_to_use = branch_name
|
||||
if branch_name_to_use is None:
|
||||
branch_name_to_use = current_app.config["GIT_BRANCH"]
|
||||
branch_name_to_use = current_app.config[
|
||||
"SPIFFWORKFLOW_BACKEND_GIT_SOURCE_BRANCH"
|
||||
]
|
||||
repo_path_to_use = repo_path
|
||||
if repo_path is None:
|
||||
repo_path_to_use = current_app.config["BPMN_SPEC_ABSOLUTE_DIR"]
|
||||
if repo_path_to_use is None:
|
||||
raise ConfigurationError("BPMN_SPEC_ABSOLUTE_DIR config must be set")
|
||||
if current_app.config["GIT_SSH_PRIVATE_KEY"]:
|
||||
os.environ["GIT_SSH_PRIVATE_KEY"] = current_app.config[
|
||||
"GIT_SSH_PRIVATE_KEY"
|
||||
repo_path_to_use = current_app.config[
|
||||
"SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"
|
||||
]
|
||||
if repo_path_to_use is None:
|
||||
raise ConfigurationError(
|
||||
"SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR config must be set"
|
||||
)
|
||||
if current_app.config["SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY"]:
|
||||
os.environ["SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY"] = (
|
||||
current_app.config["SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY"]
|
||||
)
|
||||
|
||||
git_username = ""
|
||||
git_email = ""
|
||||
if current_app.config["GIT_USERNAME"] and current_app.config["GIT_USER_EMAIL"]:
|
||||
git_username = current_app.config["GIT_USERNAME"]
|
||||
git_email = current_app.config["GIT_USER_EMAIL"]
|
||||
if (
|
||||
current_app.config["SPIFFWORKFLOW_BACKEND_GIT_USERNAME"]
|
||||
and current_app.config["SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL"]
|
||||
):
|
||||
git_username = current_app.config["SPIFFWORKFLOW_BACKEND_GIT_USERNAME"]
|
||||
git_email = current_app.config["SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL"]
|
||||
shell_command_path = os.path.join(
|
||||
current_app.root_path, "..", "..", "bin", "git_commit_bpmn_models_repo"
|
||||
)
|
||||
|
@ -104,16 +117,16 @@ class GitService:
|
|||
branch_name_to_use,
|
||||
git_username,
|
||||
git_email,
|
||||
current_app.config["GIT_USER_PASSWORD"],
|
||||
current_app.config["SPIFFWORKFLOW_BACKEND_GIT_USER_PASSWORD"],
|
||||
]
|
||||
return cls.run_shell_command_to_get_stdout(shell_command)
|
||||
|
||||
@classmethod
|
||||
def check_for_basic_configs(cls) -> None:
|
||||
"""Check_for_basic_configs."""
|
||||
if current_app.config["GIT_BRANCH"] is None:
|
||||
if current_app.config["SPIFFWORKFLOW_BACKEND_GIT_SOURCE_BRANCH"] is None:
|
||||
raise MissingGitConfigsError(
|
||||
"Missing config for GIT_BRANCH. "
|
||||
"Missing config for SPIFFWORKFLOW_BACKEND_GIT_SOURCE_BRANCH. "
|
||||
"This is required for publishing process models"
|
||||
)
|
||||
|
||||
|
@ -121,15 +134,18 @@ class GitService:
|
|||
def check_for_publish_configs(cls) -> None:
|
||||
"""Check_for_configs."""
|
||||
cls.check_for_basic_configs()
|
||||
if current_app.config["GIT_BRANCH_TO_PUBLISH_TO"] is None:
|
||||
if (
|
||||
current_app.config["SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_TARGET_BRANCH"]
|
||||
is None
|
||||
):
|
||||
raise MissingGitConfigsError(
|
||||
"Missing config for GIT_BRANCH_TO_PUBLISH_TO. "
|
||||
"Missing config for SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_TARGET_BRANCH. "
|
||||
"This is required for publishing process models"
|
||||
)
|
||||
if current_app.config["GIT_CLONE_URL_FOR_PUBLISHING"] is None:
|
||||
if current_app.config["SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_CLONE_URL"] is None:
|
||||
raise MissingGitConfigsError(
|
||||
"Missing config for GIT_CLONE_URL_FOR_PUBLISHING. "
|
||||
"This is required for publishing process models"
|
||||
"Missing config for SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_CLONE_URL."
|
||||
" This is required for publishing process models"
|
||||
)
|
||||
|
||||
@classmethod
|
||||
|
@ -182,7 +198,10 @@ class GitService:
|
|||
)
|
||||
|
||||
clone_url = webhook["repository"]["clone_url"]
|
||||
if clone_url != current_app.config["GIT_CLONE_URL_FOR_PUBLISHING"]:
|
||||
if (
|
||||
clone_url
|
||||
!= current_app.config["SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_CLONE_URL"]
|
||||
):
|
||||
raise GitCloneUrlMismatchError(
|
||||
"Configured clone url does not match clone url from webhook:"
|
||||
f" {clone_url}"
|
||||
|
@ -193,18 +212,20 @@ class GitService:
|
|||
f"Could not find the 'ref' arg in the webhook boy: {webhook}"
|
||||
)
|
||||
|
||||
if current_app.config["GIT_BRANCH"] is None:
|
||||
if current_app.config["SPIFFWORKFLOW_BACKEND_GIT_SOURCE_BRANCH"] is None:
|
||||
raise MissingGitConfigsError(
|
||||
"Missing config for GIT_BRANCH. This is required for updating the"
|
||||
" repository as a result of the webhook"
|
||||
"Missing config for SPIFFWORKFLOW_BACKEND_GIT_SOURCE_BRANCH. This is"
|
||||
" required for updating the repository as a result of the webhook"
|
||||
)
|
||||
|
||||
ref = webhook["ref"]
|
||||
git_branch = current_app.config["GIT_BRANCH"]
|
||||
git_branch = current_app.config["SPIFFWORKFLOW_BACKEND_GIT_SOURCE_BRANCH"]
|
||||
if ref != f"refs/heads/{git_branch}":
|
||||
return False
|
||||
|
||||
with FileSystemService.cd(current_app.config["BPMN_SPEC_ABSOLUTE_DIR"]):
|
||||
with FileSystemService.cd(
|
||||
current_app.config["SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"]
|
||||
):
|
||||
cls.run_shell_command(["git", "pull"])
|
||||
return True
|
||||
|
||||
|
@ -223,11 +244,13 @@ class GitService:
|
|||
# we are adding a guid to this so the flake8 issue has been mitigated
|
||||
destination_process_root = f"/tmp/{clone_dir}" # noqa
|
||||
|
||||
git_clone_url = current_app.config["GIT_CLONE_URL_FOR_PUBLISHING"]
|
||||
git_clone_url = current_app.config[
|
||||
"SPIFFWORKFLOW_BACKEND_GIT_PUBLISH_CLONE_URL"
|
||||
]
|
||||
if git_clone_url.startswith("https://"):
|
||||
git_clone_url = git_clone_url.replace(
|
||||
"https://",
|
||||
f"https://{current_app.config['GIT_USERNAME']}:{current_app.config['GIT_USER_PASSWORD']}@",
|
||||
f"https://{current_app.config['SPIFFWORKFLOW_BACKEND_GIT_USERNAME']}:{current_app.config['SPIFFWORKFLOW_BACKEND_GIT_USER_PASSWORD']}@",
|
||||
)
|
||||
cmd = ["git", "clone", git_clone_url, destination_process_root]
|
||||
|
||||
|
|
|
@ -1298,7 +1298,9 @@ class ProcessInstanceProcessor:
|
|||
current_time_in_seconds = round(time.time())
|
||||
lock_expiry_in_seconds = (
|
||||
current_time_in_seconds
|
||||
- current_app.config["ALLOW_CONFISCATING_LOCK_AFTER_SECONDS"]
|
||||
- current_app.config[
|
||||
"SPIFFWORKFLOW_BACKEND_ALLOW_CONFISCATING_LOCK_AFTER_SECONDS"
|
||||
]
|
||||
)
|
||||
|
||||
query_text = text(
|
||||
|
|
|
@ -18,7 +18,7 @@ class ConnectorProxyError(Exception):
|
|||
|
||||
def connector_proxy_url() -> Any:
|
||||
"""Returns the connector proxy url."""
|
||||
return current_app.config["CONNECTOR_PROXY_URL"]
|
||||
return current_app.config["SPIFFWORKFLOW_BACKEND_CONNECTOR_PROXY_URL"]
|
||||
|
||||
|
||||
class ServiceTaskDelegate:
|
||||
|
|
|
@ -7,14 +7,12 @@ function error_handler() {
|
|||
trap 'error_handler ${LINENO} $?' ERR
|
||||
set -o errtrace -o errexit -o nounset -o pipefail
|
||||
|
||||
max_attempts="${1:-}"
|
||||
if [[ -z "$max_attempts" ]]; then
|
||||
max_attempts=100
|
||||
fi
|
||||
max_attempts="${1:-100}"
|
||||
port="${2:-7001}"
|
||||
|
||||
echo "waiting for backend to come up..."
|
||||
echo "waiting for frontend to come up..."
|
||||
attempts=0
|
||||
while [[ "$(curl -s -o /dev/null -w '%{http_code}' http://localhost:7001)" != "200" ]]; do
|
||||
while [[ "$(curl -s -o /dev/null -w '%{http_code}' "http://localhost:${port}")" != "200" ]]; do
|
||||
if [[ "$attempts" -gt "$max_attempts" ]]; then
|
||||
>&2 echo "ERROR: Server not up after $max_attempts attempts. There is probably a problem"
|
||||
exit 1
|
||||
|
@ -22,3 +20,4 @@ while [[ "$(curl -s -o /dev/null -w '%{http_code}' http://localhost:7001)" != "2
|
|||
attempts=$(( attempts + 1 ))
|
||||
sleep 1
|
||||
done
|
||||
echo "frontend up"
|
||||
|
|
|
@ -30,7 +30,7 @@ const cypressConfig = {
|
|||
videoUploadOnPasses: false,
|
||||
chromeWebSecurity: false,
|
||||
e2e: {
|
||||
baseUrl: 'http://localhost:7001',
|
||||
baseUrl: `http://localhost:${process.env.SPIFFWORKFLOW_FRONTEND_PORT || 7001}`,
|
||||
setupNodeEvents(on, config) {
|
||||
deleteVideosOnSuccess(on)
|
||||
require('@cypress/grep/src/plugin')(config);
|
||||
|
|
|
@ -33,7 +33,7 @@ describe('process-groups', () => {
|
|||
cy.contains(newGroupDisplayName).should('not.exist');
|
||||
|
||||
// meaning the process group list page is loaded, so we can sign out safely without worrying about ajax requests failing
|
||||
cy.get('.tile-process-group-content-container').should('exist');
|
||||
cy.getBySel('process-groups-loaded').should('exist');
|
||||
});
|
||||
|
||||
// process groups no longer has pagination post-tiles
|
||||
|
|
|
@ -43,17 +43,27 @@ Cypress.Commands.add('navigateToAdmin', () => {
|
|||
|
||||
Cypress.Commands.add('login', (selector, ...args) => {
|
||||
cy.visit('/admin');
|
||||
cy.get('#username').type('ciadmin1');
|
||||
cy.get('#password').type('ciadmin1');
|
||||
cy.get('#kc-login').click();
|
||||
const username = Cypress.env('SPIFFWORKFLOW_FRONTEND_USERNAME') || 'ciadmin1';
|
||||
const password = Cypress.env('SPIFFWORKFLOW_FRONTEND_PASSWORD') || 'ciadmin1';
|
||||
cy.get('#username').type(username);
|
||||
cy.get('#password').type(password);
|
||||
if (Cypress.env('SPIFFWORKFLOW_FRONTEND_AUTH_WITH_KEYCLOAK') === true) {
|
||||
cy.get('#kc-login').click();
|
||||
} else {
|
||||
cy.get('#spiff-login-button').click();
|
||||
}
|
||||
});
|
||||
|
||||
Cypress.Commands.add('logout', (selector, ...args) => {
|
||||
cy.getBySel('logout-button').click();
|
||||
|
||||
// otherwise we can click logout, quickly load the next page, and the javascript
|
||||
// doesn't have time to actually sign you out
|
||||
cy.contains('Sign in to your account');
|
||||
if (Cypress.env('SPIFFWORKFLOW_FRONTEND_AUTH_WITH_KEYCLOAK') === true) {
|
||||
// otherwise we can click logout, quickly load the next page, and the javascript
|
||||
// doesn't have time to actually sign you out
|
||||
cy.contains('Sign in to your account');
|
||||
} else {
|
||||
cy.get('#spiff-login-button').should('exist');
|
||||
}
|
||||
});
|
||||
|
||||
Cypress.Commands.add('createGroup', (groupId, groupDisplayName) => {
|
||||
|
|
|
@ -94,7 +94,13 @@ export default function ProcessGroupListTiles({
|
|||
};
|
||||
|
||||
if (processGroups) {
|
||||
return <>{processGroupArea()}</>;
|
||||
return (
|
||||
<>
|
||||
{/* so we can check if the groups have loaded in cypress tests */}
|
||||
<div data-qa="process-groups-loaded" hidden />
|
||||
{processGroupArea()}
|
||||
</>
|
||||
);
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue