From 41cce00f22cae72fdf054434ce10067e3f411776 Mon Sep 17 00:00:00 2001 From: Bret Mogilefsky Date: Fri, 8 Mar 2024 11:48:34 -0800 Subject: [PATCH] Switch from buildpack to image, set required variables We're not tackling how to parse postgres service details out of VCAP_SERVICES just yet, sticking with sqlite for now. --- .gitignore | 3 +- manifest.yml | 88 +++++++++++++++++++++------------- spiffworkflow-backend/.profile | 5 -- vars.yml => vars.yml-template | 7 ++- 4 files changed, 63 insertions(+), 40 deletions(-) delete mode 100644 spiffworkflow-backend/.profile rename vars.yml => vars.yml-template (62%) diff --git a/.gitignore b/.gitignore index 3798bef846..7eff605c02 100644 --- a/.gitignore +++ b/.gitignore @@ -9,4 +9,5 @@ UNKNOWN.egg-info/ process_models/ .ipynb_checkpoints .env* -.cache \ No newline at end of file +.cache +vars.yml diff --git a/manifest.yml b/manifest.yml index 2f65c7b93c..8716a77835 100644 --- a/manifest.yml +++ b/manifest.yml @@ -1,6 +1,5 @@ --- defaults: &defaults - random-route: true services: - ((db-instance)) disk_quota: 3G @@ -12,15 +11,26 @@ applications: ################################ - name: spiffworkflow-frontend <<: *defaults + routes: + - route: spiffworkflow-((randomish-route)).app.cloud.gov docker: image: ((frontend-image)) env: APPLICATION_ROOT: "/" - - # Look for the backend on subpath "/api" of the app... I think. + PORT0: "8080" SPIFFWORKFLOW_FRONTEND_RUNTIME_CONFIG_APP_ROUTING_STRATEGY: "path_based" - + SPIFFWORKFLOW_FRONTEND_RUNTIME_CONFIG_BACKEND_BASE_URL: "https://spiffworkflow-((randomish-route)).app.cloud.gov/api" + BACKEND_BASE_URL: "https://spiffworkflow-((randomish-route)).app.cloud.gov/api" # We may need to set BACKEND_URL; see spiffworkflow-frontend/src/config/tsx:15-72 + + # WHERE WE STOPPED: + # spiffworkflow-backend/src/spiffworkflow_backend/routes/authentication_controller.py#L111-L112 + # We are hitting: https://spiffworkflow-flamingo-stardust.app.cloud.gov/api/v1.0/login?redirect_url=https://spiffworkflow-flamingo-stardust.app.cloud.gov/&authentication_identifier=default + # We are seeing: { + # "error_code": "internal_server_error", + # "message": "InvalidRedirectUrlError: Invalid redirect url was given: 'https://spiffworkflow-flamingo-stardust.app.cloud.gov/'. It must match the domain the frontend is running on.", + # "status_code": 500 + # } # Other vars this image understands: # CYPRESS_RECORD_KEY @@ -35,43 +45,57 @@ applications: - name: spiffworkflow-backend <<: *defaults - command: DATABASE_URL="$(echo $VCAP_SERVICES | jq --raw-output --arg service_name "((db-instance))" ".[][] | select(.name == \$service_name) | .credentials.uri")?sslmode=require" /app/bin/boot_server_in_docker disk_quota: 3G + health_check_type: process + routes: + - route: spiffworkflow-((randomish-route)).app.cloud.gov/api # With buildpack: - path: spiffworkflow-backend - buildpacks: - - python_buildpack + # path: spiffworkflow-backend + # buildpacks: + # - python_buildpack + # command: DATABASE_URL="$(echo $VCAP_SERVICES | jq --raw-output --arg service_name "((db-instance))" ".[][] | select(.name == \$service_name) | .credentials.uri")?sslmode=require" bin/boot_server_in_docker # With Docker: - # docker: - # image: ((backend-image)) + docker: + image: ((backend-image)) + command: /app/bin/boot_server_in_docker + # command: sleep 6000 env: - APPLICATION_ROOT: "/" - SPIFFWORKFLOW_BACKEND_DATABASE_TYPE: "postgres" - + # All of the configuration variables are documented here: + # https://github.com/sartography/spiff-arena/blob/main/spiffworkflow-backend/src/spiffworkflow_backend/config/default.py + ### Requires VCAP env vars -# SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME=example.yml SPIFFWORKFLOW_BACKEND_DATABASE_TYPE=sqlite SPIFFWORKFLOW_BACKEND_ENV=local_docker SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER_IN_CREATE_APP=true FLASK_DEBUG=0 FLASK_SESSION_SECRET_KEY=HEY SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR="${HOME}/projects/github/sartography/sample-process-models/" ./bin/boot_server_in_docker + # VCAP_SERVICES + SPIFFWORKFLOW_BACKEND_DATABASE_URI: "sqlite:///db.sqlite3" + + # Hardcoded + FLASK_DEBUG: "0" + APPLICATION_ROOT: "/" + SPIFFWORKFLOW_BACKEND_APPLICATION_ROOT: "/api" + SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR: "/app/process_models" + # spiffworkflow_backend.config.ConfigurationError: SPIFFWORKFLOW_BACKEND_URL_FOR_FRONTEND and SPIFFWORKFLOW_BACKEND_URL are incompatible. We need backend to set cookies for frontend, so they need to be on the same domain. A common setup is to have frontend on example.com and backend on api.example.com. If you do not need this functionality, you can avoid this check by setting environment variable SPIFFWORKFLOW_BACKEND_CHECK_FRONTEND_AND_BACKEND_URL_COMPATIBILITY=false + SPIFFWORKFLOW_BACKEND_CHECK_FRONTEND_AND_BACKEND_URL_COMPATIBILITY: "false" + SPIFFWORKFLOW_BACKEND_ENV: "local_docker" + SPIFFWORKFLOW_BACKEND_DATABASE_TYPE: "sqlite" + SPIFFWORKFLOW_BACKEND_LOAD_FIXTURE_DATA: "false" + SPIFFWORKFLOW_BACKEND_LOG_LEVEL: "DEBUG" + SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_ID: "spiffworkflow-backend" + SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME: "example.yml" + SPIFFWORKFLOW_BACKEND_PORT: "8080" + SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER_IN_CREATE_APP: "true" + SPIFFWORKFLOW_BACKEND_UPGRADE_DB: "true" + + # vars.yml (or CLI) + FLASK_SESSION_SECRET_KEY: ((flask-session-key)) + SPIFFWORKFLOW_BACKEND_OPEN_ID_CLIENT_SECRET_KEY: "((openid-secret))" + SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL: "https://spiffworkflow-((randomish-route)).app.cloud.gov/api/openid" + SPIFFWORKFLOW_BACKEND_URL: "https://spiffworkflow-((randomish-route)).app.cloud.gov/api" + SPIFFWORKFLOW_BACKEND_URL_FOR_FRONTEND: "https://spiffworkflow-((randomish-route)).app.cloud.gov/api" + SPIFFWORKFLOW_BACKEND_CONNECTOR_PROXY_URL: "https://spiffworkflow-connector-((randomish-route)).app.cloud.gov" - # environment: - # - FLASK_DEBUG=0 - # - FLASK_SESSION_SECRET_KEY=${FLASK_SESSION_SECRET_KEY:-e7711a3ba96c46c68e084a86952de16f} - # - SPIFFWORKFLOW_BACKEND_APPLICATION_ROOT=/ - # - SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR=/app/process_models # - SPIFFWORKFLOW_BACKEND_DATABASE_URI=mysql+mysqldb://root:${SPIFFWORKFLOW_BACKEND_MYSQL_ROOT_DATABASE:-my-secret-pw}@127.0.0.1:7003/${SPIFFWORKFLOW_BACKEND_DATABASE_NAME:-spiffworkflow_backend_development} - # - SPIFFWORKFLOW_BACKEND_ENV=${SPIFFWORKFLOW_BACKEND_ENV:-local_development} - # - SPIFFWORKFLOW_BACKEND_LOAD_FIXTURE_DATA=${SPIFFWORKFLOW_BACKEND_LOAD_FIXTURE_DATA:-false} - # - SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL=${SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL:-http://localhost:7002/realms/spiffworkflow} - # - SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME=${SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME:-acceptance_tests.yml} - # - SPIFFWORKFLOW_BACKEND_PORT=7000 - # # the background scheduler picks up process instances that we set in a certain state and then runs them like running not_started instances - # # that are required for the process instance filter test. So for now do not run it. we may want to find another way around in the future - # - SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER_IN_CREATE_APP=false - # - SPIFFWORKFLOW_BACKEND_URL_FOR_FRONTEND=${SPIFFWORKFLOW_BACKEND_URL_FOR_FRONTEND:-http://localhost:7001} - # - SPIFFWORKFLOW_BACKEND_UPGRADE_DB=true - # - SPIFFWORKFLOW_BACKEND_URL=${SPIFFWORKFLOW_BACKEND_URL:-http://localhost:7000} + # - SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL=http://localhost:7002/realms/spiffworkflow - # All of the configuration variables are documented here: - # https://github.com/sartography/spiff-arena/blob/main/spiffworkflow-backend/src/spiffworkflow_backend/config/default.py \ No newline at end of file diff --git a/spiffworkflow-backend/.profile b/spiffworkflow-backend/.profile deleted file mode 100644 index ffbfc8a559..0000000000 --- a/spiffworkflow-backend/.profile +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -export POETRY_HOME=poetry -python3 -m venv $POETRY_HOME -$POETRY_HOME/bin/pip install poetry==1.2.0 -export PATH=${PATH}:$POETRY_HOME/bin diff --git a/vars.yml b/vars.yml-template similarity index 62% rename from vars.yml rename to vars.yml-template index f2a45fd503..8fd7317970 100644 --- a/vars.yml +++ b/vars.yml-template @@ -1,4 +1,7 @@ -frontend-image: ghcr.io/gsa-tts/spiffworkflow-frontend:deploy-to-cloud-gov-latest backend-image: ghcr.io/gsa-tts/spiffworkflow-backend:deploy-to-cloud-gov-latest +frontend-image: ghcr.io/gsa-tts/spiffworkflow-frontend:deploy-to-cloud-gov-latest + db-instance: spiffworkflow-db -flask-testing-key: 66eef9e98a3f4e6f85258154e4a1bdce +flask-session-key: 66eef9e98a3f4e6f85258154e4a1bdce +openid-secret: flarblegarble +randomish-route: flamingo-stardust