deployment for early pilots (first on test pilot)

- includes idhub entrypoint relevant refactor - prepare env vars for test pilot
2024-02-02 19:36:57 +01:00 · 2024-02-02 19:36:57 +01:00 · 35b8a294a4
parent b268099193
commit 35b8a294a4
3 changed files with 67 additions and 39 deletions
--- a/.env.example
+++ b/.env.example
@ -9,7 +9,7 @@
 MUSICIAN_SECRET_KEY='changeme_v9&&N$Lt9t*5EGwm0w'
 # specially useful if you want to deploy in a specific domain
 MUSICIAN_API_BASE_URL='https://orchestra.example.org'
-MUSICIAN_ALLOWED_HOSTS='musician.example.org'
+MUSICIAN_ALLOWED_HOSTS='127.0.0.1,localhost,musician.example.org'
 MUSICIAN_DOMAIN='musician.example.org'

 # DEVICEHUB
@ -93,6 +93,9 @@ IDHUB_EMAIL='admin@example.org'
 #   by default it is set to 'y' to facilitate idhub dev when outside docker
 IDHUB_SYNC_ORG_DEV='n'

+IDHUB_PILOT_TEST__IDHUB_DEPLOYMENT='PILOTS_EARLY'
+IDHUB_PILOT_TEST__ADMIN_EMAIL='idhub_admin@example.com'
+
 # AUTHENTIK aka goauthentik
 ####

--- a/docker-compose__pilot-test.yml
+++ b/docker-compose__pilot-test.yml
@ -5,7 +5,8 @@ services:
    init: true
    image: dkr-dsg.ac.upc.edu/trustchain-oc1-orchestral/idhub:latest
    environment:
-      - DEPLOYMENT=${IDHUB_DEPLOYMENT}
+      - DEPLOYMENT=${IDHUB_PILOT_TEST__IDHUB_DEPLOYMENT}
+      - ADMIN_EMAIL=${IDHUB_PILOT_TEST__ADMIN_EMAIL}
      - SECRET_KEY=${IDHUB_SECRET_KEY:-publicsecretisnotsecureVtmKBfxpVV47PpBCF2Nzz2H6qnbd}
      - ALLOWED_HOSTS=${IDHUB_ALLOWED_HOSTS:-*}
      - STATIC_ROOT=${IDHUB_STATIC_ROOT:-/static/}
--- a/docker/idhub.entrypoint.sh
+++ b/docker/idhub.entrypoint.sh
@ -4,6 +4,64 @@ set -e
 set -u
 set -x

+
+usage() {
+                cat <<END
+ERROR: you need to map your idhub git repo volume to docker, suggested volume mapping is:
+
+    volumes:
+      - ./IdHub:/opt/idhub
+END
+                exit 1
+}
+
+inject_env_vars() {
+        # related https://www.kenmuse.com/blog/avoiding-dubious-ownership-in-dev-containers/
+        git config --global --add safe.directory "${idhub_dir}"
+        export GIT_COMMIT="$(git log --pretty=format:'%h' -n 1)"
+
+        # enable dev flags when DEVELOPMENT deployment
+        case "${DEPLOYMENT}" in
+                DEVELOPMENT)
+                        export DEBUG=True
+                        export DEVELOPMENT=True
+                        ;;
+                PILOTS_EARLY)
+                        export DEBUG=True
+                        export DEVELOPMENT=False
+                        ;;
+        esac
+}
+
+deployment_strategy() {
+        # detect if existing deployment (TODO only works with sqlite)
+        if [ -f "${idhub_dir}/db.sqlite3" ]; then
+                echo "INFO: detected EXISTING deployment"
+                ./manage.py makemigrations
+                ./manage.py migrate
+        else
+                # move the migrate thing in docker entrypoint
+                #   inspired by https://medium.com/analytics-vidhya/django-with-docker-and-docker-compose-python-part-2-8415976470cc
+                echo "INFO detected NEW deployment"
+                ./manage.py migrate
+
+                case "${DEPLOYMENT}" in
+                        DEVELOPMENT|PILOTS_EARLY)
+                                printf "This is DEVELOPMENT/PILOTS_EARLY DEPLOYMENT: including demo hardcoded data\n  creating initial Datas\n" >&2
+                                ./manage.py initial_datas
+
+                                if [ "${RESPONSE_URI:-}" ]; then
+                                        config_oidc4vp
+                                fi
+                                ;;
+                        PROD)
+                        printf "creating superuser \n  user: ${DJANGO_SUPERUSER_USERNAME}\n  password: ${DJANGO_SUPERUSER_PASSWORD}\n  email: ${DJANGO_SUPERUSER_EMAIL}\n" >&2
+                        ## thanks https://stackoverflow.com/questions/6244382/how-to-automate-createsuperuser-on-django/59467533#59467533
+                        ./manage.py createsuperuser --no-input
+                esac
+        fi
+}
+
 _set() {
        key="${1}"
        value="${2}"
@ -45,46 +103,12 @@ main() {
        cd "${idhub_dir}"

        if [ ! -f "./manage.py" ]; then
-                cat <<END
-ERROR: you need to map your idhub git repo volume to docker, suggested volume mapping is:
-
-    volumes:
-      - ./IdHub:/opt/idhub
-END
-
-                exit 1
+                usage
        fi

-        # detect if existing deployment (TODO only works with sqlite)
-        if [ -f "${idhub_dir}/db.sqlite3" ]; then
-                echo "INFO: detected EXISTING deployment"
-                ./manage.py makemigrations
-                ./manage.py migrate
-        else
-                # move the migrate thing in docker entrypoint
-                #   inspired by https://medium.com/analytics-vidhya/django-with-docker-and-docker-compose-python-part-2-8415976470cc
-                echo "INFO detected NEW deployment"
-                ./manage.py migrate
+        deployment_strategy

-                if [ "${DEPLOYMENT}" = 'DEVELOPMENT' ]; then
-                        printf "This is DEVELOPMENT DEPLOYMENT: including demo hardcoded data\n  creating initial Datas\n" >&2
-                        ./manage.py initial_datas
-
-                        if [ "${RESPONSE_URI:-}" ]; then
-                                config_oidc4vp
-                        fi
-                else
-                        printf "creating superuser \n  user: ${DJANGO_SUPERUSER_USERNAME}\n  password: ${DJANGO_SUPERUSER_PASSWORD}\n  email: ${DJANGO_SUPERUSER_EMAIL}\n" >&2
-                        ## thanks https://stackoverflow.com/questions/6244382/how-to-automate-createsuperuser-on-django/59467533#59467533
-                        ./manage.py createsuperuser --no-input
-                fi
-        fi
-
-        # enable dev flags when DEVELOPMENT deployment
-        if [ "${DEPLOYMENT}" = 'DEVELOPMENT' ]; then
-                export DEBUG=True
-                export DEVELOPMENT=True
-        fi
+        inject_env_vars

        #./manage.py collectstatic