Merge pull request #153 from mjanez/ckan-2.10.5

Improve ckan-2.10.5 image

.env.example

@@ -101,7 +101,7 @@ TEST_CKAN_DATASTORE_READ_URL=postgresql://${DATASTORE_READONLY_USER}:${DATASTORE
 # CKAN core
 ## If use docker-compose.ghcr.yml only "*.*.*" versions available in: https://github.com/mjanez/ckan-docker/pkgs/container/ckan-docker
 CKAN_VERSION=2.10.5
-CKAN_SITE_ID=default
+CKAN__SITE_ID=default
 # CKAN_SITE_URL = http:/ or https:/ + PROXY_SERVER_NAME. Optionally the APACHE_HOST_PORT if different from 80 
 CKAN_SITE_URL=${PROXY_SERVER_URL}
 CKAN__ROOT_PATH=${PROXY_CKAN_LOCATION}/{{LANG}}
@@ -121,16 +121,22 @@ CKAN___API_TOKEN__JWT__ENCODE__SECRET=string:CHANGE_ME
 CKAN___API_TOKEN__JWT__DECODE__SECRET=string:CHANGE_ME
 CKAN_SYSADMIN_NAME=ckan_admin
 CKAN_SYSADMIN_PASSWORD=test1234
-CKAN_SYSADMIN_EMAIL=your_emai@${PROXY_SERVER_NAME}
+CKAN_SYSADMIN_EMAIL=[email protected]
 CKAN_STORAGE_PATH=/var/lib/ckan
 CKAN_LOGS_PATH=/var/log
 # SMTP settings
-CKAN__SMTP_ENABLED=False
-CKAN_SMTP_SERVER=smtp.corporateict.domain:25
-CKAN_SMTP_STARTTLS=True
-CKAN_SMTP_USER=user
-CKAN_SMTP_PASSWORD=pass
-CKAN_SMTP_MAIL_FROM=ckan@${PROXY_SERVER_NAME}
+CKAN__ACTIVITY_STREAMS_EMAIL_NOTIFICATIONS=True
+CKAN___SMTP__ENABLED=True
+CKAN___SMTP__SERVER=mailserver:25
+CKAN___SMTP__STARTTLS=False
+CKAN___SMTP__USER=user
+CKAN___SMTP__PASSWORD=password
+CKAN___SMTP__MAIL_FROM=ckan@${PROXY_SERVER_NAME}
+CKAN___SMTP__REPLY_TO=ckan@${PROXY_SERVER_NAME}
+#WARNING: Using email_to or error_email_from generate errors: https://github.com/ckan/ckan/issues/7802
+CKAN___EMAIL_TO=''
+CKAN___ERROR_EMAIL_FROM=''
+
 ## Customize which text formats the text_view plugin will show
 CKAN__PREVIEW__JSON_FORMATS="json jsonld"
 # html htm rdf+xml owl+xml xml n3 n-triples turtle plain atom csv tsv rss txt json
@@ -146,7 +152,7 @@ CKAN__CORS__ORIGIN_WHITELIST=""
 CKAN__AUTH__ALLOW_DATASET_COLLABORATORS=False
 CKAN__AUTH__ALLOW_ADMIN_COLLABORATORS=False
 # Default number of facets shown in search results. Default 10.
-SEARCH__FACETS__DEFAULT=4
+CKAN___SEARCH__FACETS__DEFAULT=4
 # Enable or disable the DataStore SQL search backend. Default is False.
 CKAN__DATASTORE__SQLSEARCH__ENABLED=True
 
@@ -165,7 +171,7 @@ CKAN__LOCALE_ORDER="en es pt_BR ja it cs_CZ ca fr el sv sr sr@latin no sk fi ru
 CKAN__LOCALES_OFFERED="en es pt_BR ja it cs_CZ ca fr el sv sr sr@latin no sk fi ru de pl nl bg ko_KR hu sa sl lv"
 
 # Extensions
-CKAN__PLUGINS="activity stats image_view video_view audio_view webpage_view text_view datatables_view resourcedictionary datastore xloader spatial_metadata spatial_query spatial_harvest_metadata_api csw_harvester waf_harvester doc_harvester resource_proxy geo_view geojson_view wmts_view shp_view dcat dcat_rdf_harvester dcat_json_harvester dcat_json_interface schemingdcat schemingdcat_datasets schemingdcat_groups schemingdcat_organizations schemingdcat_ckan_harvester schemingdcat_xls_harvester harvest pdf_view pages fluent envvars"
+CKAN__PLUGINS="activity stats image_view video_view audio_view webpage_view text_view datatables_view resourcedictionary datastore xloader spatial_metadata spatial_query spatial_harvest_metadata_api csw_harvester waf_harvester doc_harvester resource_proxy geo_view geojson_view wmts_view shp_view dcat dcat_rdf_harvester dcat_json_harvester dcat_json_interface schemingdcat schemingdcat_datasets schemingdcat_groups schemingdcat_organizations schemingdcat_ckan_harvester schemingdcat_xls_harvester schemingdcat_postgres_harvester schemingdcat_open_data_statistics harvest pdf_view pages fluent openapi envvars"
 
 # ckanext-harvest
 CKAN__HARVEST__MQ__TYPE=redis
@@ -175,8 +181,8 @@ CKAN__HARVEST__MQ__REDIS_DB=${REDIS_CKAN_DATABASE}
 # Clean-up mechanism for the harvest log table. The default is 30 days.
 CKAN__HARVEST__LOG_TIMEFRAME=40
 
-# ckanext-xloader
-CKANEXT__XLOADER__JOBS__DB_URI=postgresql://${CKAN_DB_USER}:${CKAN_DB_PASSWORD}@${POSTGRES_HOST}/${CKAN_DB}
+# ckanext-xloader ckanext.xloader.jobs_db.uri
+CKANEXT__XLOADER__JOBS_DB__URI=postgresql://${CKAN_DB_USER}:${CKAN_DB_PASSWORD}@${POSTGRES_HOST}/${CKAN_DB}
 
 # ckanext-dcat
 CKANEXT__DCAT__BASE_URI=${CKAN_URL}
@@ -200,25 +206,25 @@ CKANEXT__GEOVIEW__SHP_VIEWER__ENCODING=UTF-8
 
 # ckanext-schemingdcat
 ## CSW Endpoint for spatial metadata
-CKANEXT__SCHEMINGDCAT_GEOMETADATA_BASE_URI=${PYCSW_URL}
+CKANEXT__SCHEMINGDCAT__GEOMETADATA_BASE_URI=${PYCSW_URL}
 ## Scheming: setup_scheming.sh
-CKANEXT__SCHEMINGDCAT_DATASET_SCHEMA="ckanext.schemingdcat:schemas/geodcat_ap/eu_geodcat_ap_full.yaml"
-CKANEXT__SCHEMINGDCAT_GROUP_SCHEMAS="ckanext.schemingdcat:schemas/geodcat_ap/eu_geodcat_ap_group.json"
-CKANEXT__SCHEMINGDCAT_ORGANIZATION_SCHEMAS="ckanext.schemingdcat:schemas/geodcat_ap/eu_geodcat_ap_org.json"
-CKANEXT__SCHEMINGDCAT_PRESETS="ckanext.schemingdcat:schemas/default_presets.json ckanext.fluent:presets.json"
+CKAN___SCHEMING__DATASET_SCHEMAS="ckanext.schemingdcat:schemas/geodcat_ap/eu_geodcat_ap_full.yaml"
+CKAN___SCHEMING__GROUP_SCHEMAS="ckanext.schemingdcat:schemas/geodcat_ap/eu_geodcat_ap_group.json"
+CKAN___SCHEMING__ORGANIZATION_SCHEMAS="ckanext.schemingdcat:schemas/geodcat_ap/eu_geodcat_ap_org.json"
+CKAN___SCHEMING__PRESETS="ckanext.schemingdcat:schemas/default_presets.json ckanext.fluent:presets.json"
 ## Facets: setup_scheming.sh
-CKANEXT__SCHEMINGDCAT_FACET_LIST="dataset_scope theme groups theme_eu language dcat_type groups publisher_name publisher_type spatial_uri owner_org res_format frequency tags tag_uri conforms_to"
-CKANEXT__SCHEMINGDCAT_ORGANIZATION_CUSTOM_FACETS=True
-CKANEXT__SCHEMINGDCAT_GROUP_CUSTOM_FACETS=True
-CKANEXT__SCHEMINGDCAT_DEFAULT_PACKAGE_ITEM_ICON="theme"
-CKANEXT__SCHEMINGDCAT_DEFAULT_PACKAGE_ITEM_SHOW_SPATIAL=True
-CKANEXT__SCHEMINGDCAT_SHOW_METADATA_TEMPLATES_TOOLBAR=False
-CKANEXT__METADATA_TEMPLATES_SEARCH_IDENTIFIER="schemingdcat_xls-template"
-CKANEXT__SCHEMINGDCAT_ENDPOINTS_YAML="endpoints.yaml"
+CKANEXT__SCHEMINGDCAT__FACET_LIST="dataset_scope hvd_category theme groups theme_eu language dcat_type groups publisher_name publisher_type spatial_uri owner_org res_format frequency tags tag_uri conforms_to"
+CKANEXT__SCHEMINGDCAT__DEFAULT_PACKAGE_ITEM_ICON="theme"
+CKANEXT__SCHEMINGDCAT__DEFAULT_PACKAGE_ITEM_SHOW_SPATIAL=True
+CKANEXT__SCHEMINGDCAT__SHOW_METADATA_TEMPLATES_TOOLBAR=False
+CKANEXT__SCHEMINGDCAT__METADATA_TEMPLATES_SEARCH_IDENTIFIER="schemingdcat_xls-template"
+CKANEXT__SCHEMINGDCAT__ENDPOINTS_YAML="endpoints.yaml"
 CKANEXT__SCHEMINGDCAT__SOCIAL_GITHUB="https://github.com/mjanez/ckanext-schemingdcat"
 CKANEXT__SCHEMINGDCAT__SOCIAL_X="https://x.com/ckanproject"
 CKANEXT__SCHEMINGDCAT__SOCIAL_LINKEDIN="https://www.linkedin.com/company/ckanproject"
-
+CKANEXT__SCHEMINGDCAT__OPEN_DATA_STATISTICS=True
+CKANEXT__SCHEMINGDCAT__OPEN_DATA_STATISTICS_THEMES=True
+CKANEXT__OPENAPI__ENDPOINTS='[{"url":"https://raw.githubusercontent.com/mjanez/ckanext-openapi/refs/heads/develop/ckanext/openapi/public/static/openapi/datastore.yaml","name":"datastore","title":{"en":"CKAN - Datastore API","es":"Portal de datos abiertos de CKAN - API Datastore"},"description":{"en":"This API provides live access to the Datastore portion of the CKAN Open Data Portal.","es":"Esta API proporciona acceso en tiempo real a la parte de Datastore del Portal de Datos Abiertos CKAN."}},{"url":"https://raw.githubusercontent.com/mjanez/ckanext-openapi/refs/heads/develop/ckanext/openapi/public/static/openapi/ckan.yaml","name":"ckan","title":{"en":"CKAN Open Data Portal - CKAN API (ES)","es":"Portal de datos abiertos de CKAN - API CKAN"},"description":{"en":"This API provides live access to the CKAN portion of the CKAN Open Data Portal.","es":"Esta API proporciona acceso en tiempo real a la parte de CKAN del Portal de Datos Abiertos CKAN."}}]'
 # ckanext-pages
 CKANEXT__PAGES__ALOW_HTML=False
 CKANEXT__PAGES__ORGANIZATION=True

.github/workflows/docker-build.yml

@@ -81,7 +81,7 @@ jobs:
           no-fail: true
 
       - name: Run Trivy container image vulnerability scanner
-        uses: aquasecurity/trivy-action@0.24.0
+        uses: aquasecurity/trivy-action@0.28.0
         with:
           image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }}
           format: sarif

.github/workflows/docker-manual.yml

@@ -71,7 +71,7 @@ jobs:
           no-fail: true
 
       - name: Run Trivy container image vulnerability scanner
-        uses: aquasecurity/trivy-action@0.24.0
+        uses: aquasecurity/trivy-action@0.28.0
         with:
           image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }}
           format: sarif

.github/workflows/docker-master.yml

@@ -69,16 +69,3 @@ jobs:
         with:
           dockerfile: ${{ env.CONTEXT }}${{ env.DOCKERFILE_PATH }}/${{ env.DOCKERFILE }}
           no-fail: true
-
-      - name: Run Trivy container image vulnerability scanner
-        uses: aquasecurity/[email protected]
-        with:
-          image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }}
-          format: sarif
-          output: trivy-results.sarif
-
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v3
-        if: always()
-        with:
-          sarif_file: trivy-results.sarif

.gitignore

@@ -31,3 +31,11 @@ samples/api/*
 
 # docker compose files
 docker-compose.local-*.yml
+
+# CKANAPI scripts
+doc/scripts/ckanapi/*_ckanapi.py
+!doc/scripts/ckanapi/*sample_ckan_api.py
+doc/scripts/ckanapi/sites.yml
+sites.yml
+venv
+env