From 5707e2c4e5473c1a2c609df3651924c644577dfc Mon Sep 17 00:00:00 2001 From: jasquat Date: Thu, 16 Feb 2023 07:39:40 -0500 Subject: [PATCH] pyl --- .../src/spiffworkflow_backend/__init__.py | 20 +++++-- .../spiffworkflow_backend/config/__init__.py | 15 +++-- .../spiffworkflow_backend/config/default.py | 52 ++++++++++++------ .../src/spiffworkflow_backend/config/demo.py | 3 +- .../src/spiffworkflow_backend/config/dev.py | 11 +++- .../config/local_development.py | 7 ++- .../src/spiffworkflow_backend/config/qa1.py | 11 +++- .../src/spiffworkflow_backend/config/qa2.py | 8 ++- .../config/sartography.py | 9 ++- .../spiffworkflow_backend/config/staging.py | 8 ++- .../config/terraform_deployed_environment.py | 17 ++++-- .../exceptions/api_error.py | 8 ++- .../routes/process_models_controller.py | 4 +- .../routes/service_tasks_controller.py | 4 +- .../src/spiffworkflow_backend/routes/user.py | 8 ++- .../services/authentication_service.py | 4 +- .../services/authorization_service.py | 4 +- .../services/git_service.py | 55 +++++++++++++------ .../services/process_instance_processor.py | 4 +- 19 files changed, 182 insertions(+), 70 deletions(-) diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/__init__.py b/spiffworkflow-backend/src/spiffworkflow_backend/__init__.py index 79c02b4b..92c11037 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/__init__.py +++ b/spiffworkflow-backend/src/spiffworkflow_backend/__init__.py @@ -153,7 +153,9 @@ def get_hacked_up_app_for_script() -> flask.app.Flask: f"{home}/projects/github/sartography/sample-process-models" ) if os.path.isdir(full_process_model_path): - os.environ["SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"] = full_process_model_path + os.environ["SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"] = ( + full_process_model_path + ) else: raise Exception(f"Could not find {full_process_model_path}") app = create_app() @@ -198,13 +200,21 @@ def configure_sentry(app: flask.app.Flask) -> None: return None return event - sentry_errors_sample_rate = app.config.get("SPIFFWORKFLOW_BACKEND_SENTRY_ERRORS_SAMPLE_RATE") + sentry_errors_sample_rate = app.config.get( + "SPIFFWORKFLOW_BACKEND_SENTRY_ERRORS_SAMPLE_RATE" + ) if sentry_errors_sample_rate is None: - raise Exception("SPIFFWORKFLOW_BACKEND_SENTRY_ERRORS_SAMPLE_RATE is not set somehow") + raise Exception( + "SPIFFWORKFLOW_BACKEND_SENTRY_ERRORS_SAMPLE_RATE is not set somehow" + ) - sentry_traces_sample_rate = app.config.get("SPIFFWORKFLOW_BACKEND_SENTRY_TRACES_SAMPLE_RATE") + sentry_traces_sample_rate = app.config.get( + "SPIFFWORKFLOW_BACKEND_SENTRY_TRACES_SAMPLE_RATE" + ) if sentry_traces_sample_rate is None: - raise Exception("SPIFFWORKFLOW_BACKEND_SENTRY_TRACES_SAMPLE_RATE is not set somehow") + raise Exception( + "SPIFFWORKFLOW_BACKEND_SENTRY_TRACES_SAMPLE_RATE is not set somehow" + ) # profiling doesn't work on windows, because of an issue like https://github.com/nvdv/vprof/issues/62 # but also we commented out profiling because it was causing segfaults (i guess it is marked experimental) diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/config/__init__.py b/spiffworkflow-backend/src/spiffworkflow_backend/config/__init__.py index 267c9c10..7ad2237f 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/config/__init__.py +++ b/spiffworkflow-backend/src/spiffworkflow_backend/config/__init__.py @@ -52,15 +52,20 @@ def load_config_file(app: Flask, env_config_module: str) -> None: def _set_up_tenant_specific_fields_as_list_of_strings(app: Flask) -> None: - tenant_specific_fields = app.config.get("SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS") + tenant_specific_fields = app.config.get( + "SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS" + ) if tenant_specific_fields is None or tenant_specific_fields == "": app.config["SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS"] = [] else: - app.config["SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS"] = tenant_specific_fields.split(",") + app.config["SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS"] = ( + tenant_specific_fields.split(",") + ) if len(app.config["SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS"]) > 3: raise ConfigurationError( - "SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS can have a maximum of 3 fields" + "SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS can have a" + " maximum of 3 fields" ) @@ -117,7 +122,9 @@ def setup_config(app: Flask) -> None: app.config.from_pyfile(os.path.join("config", "secrets.py"), silent=True) if app.config["SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"] is None: - raise ConfigurationError("SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR config must be set") + raise ConfigurationError( + "SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR config must be set" + ) app.config["PROCESS_UUID"] = uuid.uuid4() diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/config/default.py b/spiffworkflow-backend/src/spiffworkflow_backend/config/default.py index dd9ea4d0..469d4f76 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/config/default.py +++ b/spiffworkflow-backend/src/spiffworkflow_backend/config/default.py @@ -2,14 +2,18 @@ import re from os import environ -SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR = environ.get("SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR") +SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR = environ.get( + "SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR" +) cors_allow_all = "*" SPIFFWORKFLOW_BACKEND_CORS_ALLOW_ORIGINS = re.split( - r",\s*", environ.get("SPIFFWORKFLOW_BACKEND_CORS_ALLOW_ORIGINS", default=cors_allow_all) + r",\s*", + environ.get("SPIFFWORKFLOW_BACKEND_CORS_ALLOW_ORIGINS", default=cors_allow_all), ) SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER = ( - environ.get("SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER", default="false") == "true" + environ.get("SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER", default="false") + == "true" ) SPIFFWORKFLOW_BACKEND_SPIFFWORKFLOW_FRONTEND_URL = environ.get( "SPIFFWORKFLOW_BACKEND_SPIFFWORKFLOW_FRONTEND_URL", default="http://localhost:7001" @@ -23,23 +27,27 @@ SPIFFWORKFLOW_BACKEND_CONNECTOR_PROXY_URL = environ.get( ) # Open ID server +# use "http://localhost:7000/openid" for running with simple openid +# server hosted by spiffworkflow-backend SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL = environ.get( "SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL", - default="http://localhost:7002/realms/spiffworkflow" - # "SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL", default="http://localhost:7000/openid" + default="http://localhost:7002/realms/spiffworkflow", ) -# Replace above line with this to use the built-in Open ID Server. -# SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL = environ.get("SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL", default="http://localhost:7000/openid") -SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_ID = environ.get("SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_ID", default="spiffworkflow-backend") +SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_ID = environ.get( + "SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_ID", default="spiffworkflow-backend" +) SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_SECRET_KEY = environ.get( - "SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_SECRET_KEY", default="JXeQExm0JhQPLumgHtIIqf52bDalHz0q" + "SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_SECRET_KEY", + default="JXeQExm0JhQPLumgHtIIqf52bDalHz0q", ) # noqa: S105 # Tenant specific fields is a comma separated list of field names that we will convert to list of strings # and store in the user table's tenant_specific_field_n columns. You can have up to three items in this # comma-separated list. -SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS = environ.get("SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS") +SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS = environ.get( + "SPIFFWORKFLOW_BACKEND_OPEN_ID_TENANT_SPECIFIC_FIELDS" +) SPIFFWORKFLOW_BACKEND_LOG_TO_FILE = ( environ.get("SPIFFWORKFLOW_BACKEND_LOG_TO_FILE", default="false") == "true" @@ -50,7 +58,9 @@ SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = environ.get( ) # Sentry Configuration -SPIFFWORKFLOW_BACKEND_SENTRY_DSN = environ.get("SPIFFWORKFLOW_BACKEND_SENTRY_DSN", default="") +SPIFFWORKFLOW_BACKEND_SENTRY_DSN = environ.get( + "SPIFFWORKFLOW_BACKEND_SENTRY_DSN", default="" +) SPIFFWORKFLOW_BACKEND_SENTRY_ERRORS_SAMPLE_RATE = environ.get( "SPIFFWORKFLOW_BACKEND_SENTRY_ERRORS_SAMPLE_RATE", default="1" ) # send all errors @@ -64,13 +74,21 @@ SPIFFWORKFLOW_BACKEND_LOG_LEVEL = environ.get( # When a user clicks on the `Publish` button, this is the default branch this server merges into. # I.e., dev server could have `staging` here. Staging server might have `production` here. -SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO = environ.get("SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO") +SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO = environ.get( + "SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO" +) SPIFFWORKFLOW_BACKEND_GIT_BRANCH = environ.get("SPIFFWORKFLOW_BACKEND_GIT_BRANCH") SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING = environ.get("GIT_CLONE_URL") -SPIFFWORKFLOW_BACKEND_GIT_COMMIT_ON_SAVE = environ.get("SPIFFWORKFLOW_BACKEND_GIT_COMMIT_ON_SAVE", default="false") == "true" -SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY = environ.get("SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY") +SPIFFWORKFLOW_BACKEND_GIT_COMMIT_ON_SAVE = ( + environ.get("SPIFFWORKFLOW_BACKEND_GIT_COMMIT_ON_SAVE", default="false") == "true" +) +SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY = environ.get( + "SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY" +) SPIFFWORKFLOW_BACKEND_GIT_USERNAME = environ.get("SPIFFWORKFLOW_BACKEND_GIT_USERNAME") -SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL = environ.get("SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL") +SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL = environ.get( + "SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL" +) # Database Configuration SPIFFWORKFLOW_BACKEND_SPIFF_DATABASE_TYPE = environ.get( @@ -86,7 +104,9 @@ SPIFFWORKFLOW_BACKEND_SYSTEM_NOTIFICATION_PROCESS_MODEL_MESSAGE_ID = environ.get ) SPIFFWORKFLOW_BACKEND_ALLOW_CONFISCATING_LOCK_AFTER_SECONDS = int( - environ.get("SPIFFWORKFLOW_BACKEND_ALLOW_CONFISCATING_LOCK_AFTER_SECONDS", default="600") + environ.get( + "SPIFFWORKFLOW_BACKEND_ALLOW_CONFISCATING_LOCK_AFTER_SECONDS", default="600" + ) ) SPIFFWORKFLOW_BACKEND_DEFAULT_USER_GROUP = environ.get( diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/config/demo.py b/spiffworkflow-backend/src/spiffworkflow_backend/config/demo.py index c9694489..aec6a03b 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/config/demo.py +++ b/spiffworkflow-backend/src/spiffworkflow_backend/config/demo.py @@ -10,5 +10,6 @@ SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = environ.get( ) SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER = ( - environ.get("SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER", default="false") == "true" + environ.get("SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER", default="false") + == "true" ) diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/config/dev.py b/spiffworkflow-backend/src/spiffworkflow_backend/config/dev.py index 7b8104ec..7cc73bc8 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/config/dev.py +++ b/spiffworkflow-backend/src/spiffworkflow_backend/config/dev.py @@ -1,9 +1,14 @@ """Dev.""" from os import environ -SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO = environ.get("SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO", default="staging") -SPIFFWORKFLOW_BACKEND_GIT_USERNAME = environ.get("SPIFFWORKFLOW_BACKEND_GIT_USERNAME", default="sartography-automated-committer") +SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO = environ.get( + "SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO", default="staging" +) +SPIFFWORKFLOW_BACKEND_GIT_USERNAME = environ.get( + "SPIFFWORKFLOW_BACKEND_GIT_USERNAME", default="sartography-automated-committer" +) SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL = environ.get( - "SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL", default="sartography-automated-committer@users.noreply.github.com" + "SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL", + default="sartography-automated-committer@users.noreply.github.com", ) SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = "dev.yml" diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/config/local_development.py b/spiffworkflow-backend/src/spiffworkflow_backend/config/local_development.py index 633d5ef7..e9e674ef 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/config/local_development.py +++ b/spiffworkflow-backend/src/spiffworkflow_backend/config/local_development.py @@ -10,10 +10,13 @@ SPIFFWORKFLOW_BACKEND_LOG_LEVEL = environ.get( ) SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER = ( - environ.get("SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER", default="false") == "true" + environ.get("SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER", default="false") + == "true" ) SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING = environ.get( "GIT_CLONE_URL", default="https://github.com/sartography/sample-process-models.git" ) SPIFFWORKFLOW_BACKEND_GIT_USERNAME = "sartography-automated-committer" -SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL = f"{SPIFFWORKFLOW_BACKEND_GIT_USERNAME}@users.noreply.github.com" +SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL = ( + f"{SPIFFWORKFLOW_BACKEND_GIT_USERNAME}@users.noreply.github.com" +) diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/config/qa1.py b/spiffworkflow-backend/src/spiffworkflow_backend/config/qa1.py index 2e55e5c9..b1592d93 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/config/qa1.py +++ b/spiffworkflow-backend/src/spiffworkflow_backend/config/qa1.py @@ -1,10 +1,15 @@ """Qa1.""" from os import environ -SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO = environ.get("SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO", default="qa2") -SPIFFWORKFLOW_BACKEND_GIT_USERNAME = environ.get("SPIFFWORKFLOW_BACKEND_GIT_USERNAME", default="sartography-automated-committer") +SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO = environ.get( + "SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO", default="qa2" +) +SPIFFWORKFLOW_BACKEND_GIT_USERNAME = environ.get( + "SPIFFWORKFLOW_BACKEND_GIT_USERNAME", default="sartography-automated-committer" +) SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL = environ.get( - "SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL", default=f"{SPIFFWORKFLOW_BACKEND_GIT_USERNAME}@users.noreply.github.com" + "SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL", + default=f"{SPIFFWORKFLOW_BACKEND_GIT_USERNAME}@users.noreply.github.com", ) SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = environ.get( "SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME", default="qa1.yml" diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/config/qa2.py b/spiffworkflow-backend/src/spiffworkflow_backend/config/qa2.py index ed752821..310897a1 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/config/qa2.py +++ b/spiffworkflow-backend/src/spiffworkflow_backend/config/qa2.py @@ -5,6 +5,10 @@ SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = environ.get( "SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME", default="qa1.yml" ) SPIFFWORKFLOW_BACKEND_SPIFFWORKFLOW_FRONTEND_URL = "https://qa2.spiffworkflow.org" -SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL = "https://qa2.spiffworkflow.org/keycloak/realms/spiffworkflow" +SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL = ( + "https://qa2.spiffworkflow.org/keycloak/realms/spiffworkflow" +) SPIFFWORKFLOW_BACKEND_URL = "https://qa2.spiffworkflow.org/api" -SPIFFWORKFLOW_BACKEND_CONNECTOR_PROXY_URL = "https://qa2.spiffworkflow.org/connector-proxy" +SPIFFWORKFLOW_BACKEND_CONNECTOR_PROXY_URL = ( + "https://qa2.spiffworkflow.org/connector-proxy" +) diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/config/sartography.py b/spiffworkflow-backend/src/spiffworkflow_backend/config/sartography.py index dd6a307c..f384622e 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/config/sartography.py +++ b/spiffworkflow-backend/src/spiffworkflow_backend/config/sartography.py @@ -2,8 +2,13 @@ from os import environ environment_identifier_for_this_config_file_only = environ["SPIFFWORKFLOW_BACKEND_ENV"] -SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL = f"https://keycloak.{environment_identifier_for_this_config_file_only}.spiffworkflow.org/realms/sartography" -SPIFFWORKFLOW_BACKEND_GIT_BRANCH = environ.get("SPIFFWORKFLOW_BACKEND_GIT_BRANCH", default="main") +SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL = ( + f"https://keycloak.{environment_identifier_for_this_config_file_only}" + ".spiffworkflow.org/realms/sartography" +) +SPIFFWORKFLOW_BACKEND_GIT_BRANCH = environ.get( + "SPIFFWORKFLOW_BACKEND_GIT_BRANCH", default="main" +) SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING = environ.get( "GIT_CLONE_URL", default="https://github.com/sartography/sartography-process-models.git", diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/config/staging.py b/spiffworkflow-backend/src/spiffworkflow_backend/config/staging.py index bd77dcab..56b4a3ff 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/config/staging.py +++ b/spiffworkflow-backend/src/spiffworkflow_backend/config/staging.py @@ -1,7 +1,11 @@ """Staging.""" from os import environ -SPIFFWORKFLOW_BACKEND_GIT_BRANCH = environ.get("SPIFFWORKFLOW_BACKEND_GIT_BRANCH", default="staging") -SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO = environ.get("SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO", default="main") +SPIFFWORKFLOW_BACKEND_GIT_BRANCH = environ.get( + "SPIFFWORKFLOW_BACKEND_GIT_BRANCH", default="staging" +) +SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO = environ.get( + "SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO", default="main" +) SPIFFWORKFLOW_BACKEND_GIT_COMMIT_ON_SAVE = False SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = "staging.yml" diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/config/terraform_deployed_environment.py b/spiffworkflow-backend/src/spiffworkflow_backend/config/terraform_deployed_environment.py index 1c03676d..937d17af 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/config/terraform_deployed_environment.py +++ b/spiffworkflow-backend/src/spiffworkflow_backend/config/terraform_deployed_environment.py @@ -6,24 +6,33 @@ environment_identifier_for_this_config_file_only = environ["SPIFFWORKFLOW_BACKEN SPIFFWORKFLOW_BACKEND_GIT_COMMIT_ON_SAVE = True SPIFFWORKFLOW_BACKEND_GIT_USERNAME = "sartography-automated-committer" -SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL = f"{SPIFFWORKFLOW_BACKEND_GIT_USERNAME}@users.noreply.github.com" +SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL = ( + f"{SPIFFWORKFLOW_BACKEND_GIT_USERNAME}@users.noreply.github.com" +) SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME = environ.get( "SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME", default="terraform_deployed_environment.yml", ) SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER = ( - environ.get("SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER", default="false") == "true" + environ.get("SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER", default="false") + == "true" ) -SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL = f"https://keycloak.{environment_identifier_for_this_config_file_only}.spiffworkflow.org/realms/spiffworkflow" +SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL = ( + f"https://keycloak.{environment_identifier_for_this_config_file_only}" + ".spiffworkflow.org/realms/spiffworkflow" +) SPIFFWORKFLOW_BACKEND_SPIFFWORKFLOW_FRONTEND_URL = ( f"https://{environment_identifier_for_this_config_file_only}.spiffworkflow.org" ) SPIFFWORKFLOW_BACKEND_URL = ( f"https://api.{environment_identifier_for_this_config_file_only}.spiffworkflow.org" ) -SPIFFWORKFLOW_BACKEND_CONNECTOR_PROXY_URL = f"https://connector-proxy.{environment_identifier_for_this_config_file_only}.spiffworkflow.org" +SPIFFWORKFLOW_BACKEND_CONNECTOR_PROXY_URL = ( + f"https://connector-proxy.{environment_identifier_for_this_config_file_only}" + ".spiffworkflow.org" +) SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING = environ.get( "GIT_CLONE_URL", default="https://github.com/sartography/sample-process-models.git" ) diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/exceptions/api_error.py b/spiffworkflow-backend/src/spiffworkflow_backend/exceptions/api_error.py index de9956fc..5fff05c2 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/exceptions/api_error.py +++ b/spiffworkflow-backend/src/spiffworkflow_backend/exceptions/api_error.py @@ -206,8 +206,12 @@ def handle_exception(exception: Exception) -> flask.wrappers.Response: f" {exception.error_code}" ) - organization_slug = current_app.config.get("SPIFFWORKFLOW_BACKEND_SENTRY_ORGANIZATION_SLUG") - project_slug = current_app.config.get("SPIFFWORKFLOW_BACKEND_SENTRY_PROJECT_SLUG") + organization_slug = current_app.config.get( + "SPIFFWORKFLOW_BACKEND_SENTRY_ORGANIZATION_SLUG" + ) + project_slug = current_app.config.get( + "SPIFFWORKFLOW_BACKEND_SENTRY_PROJECT_SLUG" + ) if organization_slug and project_slug: sentry_link = ( f"https://sentry.io/{organization_slug}/{project_slug}/events/{id}" diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/routes/process_models_controller.py b/spiffworkflow-backend/src/spiffworkflow_backend/routes/process_models_controller.py index bdeccbd8..1e2a16a7 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/routes/process_models_controller.py +++ b/spiffworkflow-backend/src/spiffworkflow_backend/routes/process_models_controller.py @@ -225,7 +225,9 @@ def process_model_publish( ) -> flask.wrappers.Response: """Process_model_publish.""" if branch_to_update is None: - branch_to_update = current_app.config["SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO"] + branch_to_update = current_app.config[ + "SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO" + ] if branch_to_update is None: raise MissingGitConfigsError( "Missing config for SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO. " diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/routes/service_tasks_controller.py b/spiffworkflow-backend/src/spiffworkflow_backend/routes/service_tasks_controller.py index b8e0df25..ee1bd2c3 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/routes/service_tasks_controller.py +++ b/spiffworkflow-backend/src/spiffworkflow_backend/routes/service_tasks_controller.py @@ -27,7 +27,9 @@ def authentication_list() -> flask.wrappers.Response: available_authentications = ServiceTaskService.authentication_list() response_json = { "results": available_authentications, - "connector_proxy_base_url": current_app.config["SPIFFWORKFLOW_BACKEND_CONNECTOR_PROXY_URL"], + "connector_proxy_base_url": current_app.config[ + "SPIFFWORKFLOW_BACKEND_CONNECTOR_PROXY_URL" + ], "redirect_url": f"{current_app.config['SPIFFWORKFLOW_BACKEND_URL']}/v1.0/authentication_callback", } diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/routes/user.py b/spiffworkflow-backend/src/spiffworkflow_backend/routes/user.py index 2f48e873..6e7ac7e1 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/routes/user.py +++ b/spiffworkflow-backend/src/spiffworkflow_backend/routes/user.py @@ -186,7 +186,9 @@ def set_new_access_token_in_cookie( """ tld = current_app.config["THREAD_LOCAL_DATA"] domain_for_frontend_cookie: Optional[str] = re.sub( - r"^https?:\/\/", "", current_app.config["SPIFFWORKFLOW_BACKEND_SPIFFWORKFLOW_FRONTEND_URL"] + r"^https?:\/\/", + "", + current_app.config["SPIFFWORKFLOW_BACKEND_SPIFFWORKFLOW_FRONTEND_URL"], ) if domain_for_frontend_cookie and domain_for_frontend_cookie.startswith( "localhost" @@ -351,7 +353,9 @@ def logout(id_token: str, redirect_url: Optional[str]) -> Response: def logout_return() -> Response: """Logout_return.""" - frontend_url = str(current_app.config["SPIFFWORKFLOW_BACKEND_SPIFFWORKFLOW_FRONTEND_URL"]) + frontend_url = str( + current_app.config["SPIFFWORKFLOW_BACKEND_SPIFFWORKFLOW_FRONTEND_URL"] + ) return redirect(f"{frontend_url}/") diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/services/authentication_service.py b/spiffworkflow-backend/src/spiffworkflow_backend/services/authentication_service.py index 178c56fa..143bb765 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/services/authentication_service.py +++ b/spiffworkflow-backend/src/spiffworkflow_backend/services/authentication_service.py @@ -73,7 +73,9 @@ class AuthenticationService: @staticmethod def secret_key() -> str: """Returns the secret key from the config.""" - return current_app.config.get("SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_SECRET_KEY", "") + return current_app.config.get( + "SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_SECRET_KEY", "" + ) @classmethod def open_id_endpoint_for_name(cls, name: str) -> str: diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/services/authorization_service.py b/spiffworkflow-backend/src/spiffworkflow_backend/services/authorization_service.py index abd9c8d5..9db4c39c 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/services/authorization_service.py +++ b/spiffworkflow-backend/src/spiffworkflow_backend/services/authorization_service.py @@ -107,7 +107,9 @@ class AuthorizationService: ) received_sign = auth_header.split("sha256=")[-1].strip() - secret = current_app.config["SPIFFWORKFLOW_BACKEND_GITHUB_WEBHOOK_SECRET"].encode() + secret = current_app.config[ + "SPIFFWORKFLOW_BACKEND_GITHUB_WEBHOOK_SECRET" + ].encode() expected_sign = HMAC(key=secret, msg=request.data, digestmod=sha256).hexdigest() if not compare_digest(received_sign, expected_sign): raise TokenInvalidError( diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/services/git_service.py b/spiffworkflow-backend/src/spiffworkflow_backend/services/git_service.py index 2ddee7d6..37b04937 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/services/git_service.py +++ b/spiffworkflow-backend/src/spiffworkflow_backend/services/git_service.py @@ -37,7 +37,9 @@ class GitService: @classmethod def get_current_revision(cls) -> str: """Get_current_revision.""" - bpmn_spec_absolute_dir = current_app.config["SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"] + bpmn_spec_absolute_dir = current_app.config[ + "SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR" + ] # The value includes a carriage return character at the end, so we don't grab the last character with FileSystemService.cd(bpmn_spec_absolute_dir): return cls.run_shell_command_to_get_stdout( @@ -52,7 +54,9 @@ class GitService: file_name: Optional[str] = None, ) -> str: """Get_instance_file_contents_for_revision.""" - bpmn_spec_absolute_dir = current_app.config["SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"] + bpmn_spec_absolute_dir = current_app.config[ + "SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR" + ] process_model_relative_path = FileSystemService.process_model_relative_path( process_model ) @@ -81,17 +85,24 @@ class GitService: branch_name_to_use = current_app.config["SPIFFWORKFLOW_BACKEND_GIT_BRANCH"] repo_path_to_use = repo_path if repo_path is None: - repo_path_to_use = current_app.config["SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"] - if repo_path_to_use is None: - raise ConfigurationError("SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR config must be set") - if current_app.config["SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY"]: - os.environ["SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY"] = current_app.config[ - "SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY" + repo_path_to_use = current_app.config[ + "SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR" ] + if repo_path_to_use is None: + raise ConfigurationError( + "SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR config must be set" + ) + if current_app.config["SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY"]: + os.environ["SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY"] = ( + current_app.config["SPIFFWORKFLOW_BACKEND_GIT_SSH_PRIVATE_KEY"] + ) git_username = "" git_email = "" - if current_app.config["SPIFFWORKFLOW_BACKEND_GIT_USERNAME"] and current_app.config["SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL"]: + if ( + current_app.config["SPIFFWORKFLOW_BACKEND_GIT_USERNAME"] + and current_app.config["SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL"] + ): git_username = current_app.config["SPIFFWORKFLOW_BACKEND_GIT_USERNAME"] git_email = current_app.config["SPIFFWORKFLOW_BACKEND_GIT_USER_EMAIL"] shell_command_path = os.path.join( @@ -126,10 +137,13 @@ class GitService: "Missing config for SPIFFWORKFLOW_BACKEND_GIT_BRANCH_TO_PUBLISH_TO. " "This is required for publishing process models" ) - if current_app.config["SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING"] is None: + if ( + current_app.config["SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING"] + is None + ): raise MissingGitConfigsError( - "Missing config for SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING. " - "This is required for publishing process models" + "Missing config for SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING." + " This is required for publishing process models" ) @classmethod @@ -182,7 +196,10 @@ class GitService: ) clone_url = webhook["repository"]["clone_url"] - if clone_url != current_app.config["SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING"]: + if ( + clone_url + != current_app.config["SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING"] + ): raise GitCloneUrlMismatchError( "Configured clone url does not match clone url from webhook:" f" {clone_url}" @@ -195,8 +212,8 @@ class GitService: if current_app.config["SPIFFWORKFLOW_BACKEND_GIT_BRANCH"] is None: raise MissingGitConfigsError( - "Missing config for SPIFFWORKFLOW_BACKEND_GIT_BRANCH. This is required for updating the" - " repository as a result of the webhook" + "Missing config for SPIFFWORKFLOW_BACKEND_GIT_BRANCH. This is required" + " for updating the repository as a result of the webhook" ) ref = webhook["ref"] @@ -204,7 +221,9 @@ class GitService: if ref != f"refs/heads/{git_branch}": return False - with FileSystemService.cd(current_app.config["SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"]): + with FileSystemService.cd( + current_app.config["SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR"] + ): cls.run_shell_command(["git", "pull"]) return True @@ -223,7 +242,9 @@ class GitService: # we are adding a guid to this so the flake8 issue has been mitigated destination_process_root = f"/tmp/{clone_dir}" # noqa - git_clone_url = current_app.config["SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING"] + git_clone_url = current_app.config[ + "SPIFFWORKFLOW_BACKEND_GIT_CLONE_URL_FOR_PUBLISHING" + ] if git_clone_url.startswith("https://"): git_clone_url = git_clone_url.replace( "https://", diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/services/process_instance_processor.py b/spiffworkflow-backend/src/spiffworkflow_backend/services/process_instance_processor.py index cb2a076d..5aabe5ac 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/services/process_instance_processor.py +++ b/spiffworkflow-backend/src/spiffworkflow_backend/services/process_instance_processor.py @@ -1301,7 +1301,9 @@ class ProcessInstanceProcessor: current_time_in_seconds = round(time.time()) lock_expiry_in_seconds = ( current_time_in_seconds - - current_app.config["SPIFFWORKFLOW_BACKEND_ALLOW_CONFISCATING_LOCK_AFTER_SECONDS"] + - current_app.config[ + "SPIFFWORKFLOW_BACKEND_ALLOW_CONFISCATING_LOCK_AFTER_SECONDS" + ] ) query_text = text(