initial

2021-06-17 11:52:13 +02:00 · 2021-06-17 11:52:13 +02:00 · 215eb69395
commit 215eb69395
11 changed files with 214 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,2 @@
+__pycache__/
+ENV
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -0,0 +1,58 @@
+stages:
+        - check
+        - build
+        - deploy
+
+variables:
+        IMAGE_NAME: $CI_REGISTRY/$CI_PROJECT_PATH
+
+check:
+        image: registry.hottis.de/dockerized/base-build-env:latest
+        stage: check
+        tags:
+                - hottis
+                - linux
+                - docker
+        rules:
+                - if: $CI_COMMIT_TAG
+        script:
+                - checksemver.py -v
+                    --versionToValidate "${CI_COMMIT_TAG}"
+                    --validateMessage
+                    --messageToValidate "${CI_COMMIT_MESSAGE}"
+
+build:
+        image: registry.hottis.de/dockerized/docker-bash:latest
+        stage: build
+        tags:
+                - hottis
+                - linux
+                - docker
+        script: 
+                - docker build --tag $IMAGE_NAME:latest .
+                - if [ "$CI_COMMIT_TAG" != "" ]; then
+                    docker tag $IMAGE_NAME:latest $IMAGE_NAME:${CI_COMMIT_TAG};
+                    docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY;
+                    docker push $IMAGE_NAME:latest;
+                    docker push $IMAGE_NAME:${CI_COMMIT_TAG};
+                  fi
+
+
+
+deploy:
+        stage: deploy
+        image: registry.hottis.de/dockerized/docker-bash:latest
+        only:
+                - tags
+        variables:
+                GIT_STRATEGY: none
+        before_script:
+                - CONTAINER_NAME=$CI_PROJECT_NAME
+                - SERVICE_VOLUME=$CI_PROJECT_NAME"-conf"
+                - SERVICE_PORT=5000
+                - docker volume inspect $SERVICE_VOLUME || docker volume create $SERVICE_VOLUME
+                - docker stop $CONTAINER_NAME || echo "$CONTAINER_NAME not running, anyway okay"
+                - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY;
+                - docker pull $IMAGE_NAME:$VERSION
+                - docker run -d --restart always --name "hv2-api" -p 5000:5000 -v $SERVICE_VOLUME:/opt/app/config ${IMAGE_NAME}:${VERSION}
+
--- a/48
+++ b/48
@ -0,0 +1,48 @@
+FROM python:latest
+
+LABEL Maintainer="Wolfgang Hottgenroth wolfgang.hottgenroth@icloud.com"
+LABEL ImageName="registry.hottis.de/hv2/hv2-api"
+
+ARG APP_DIR="/opt/app"
+ARG CONF_DIR="${APP_DIR}/config"
+
+ENV DB_HOST="172.16.10.18"
+ENV DB_NAME="hausverwaltung"
+ENV DB_USER="hausverwaltung-ui"
+ENV DB_PASS="test123"
+
+
+RUN \
+    apt update && \
+    apt install -y postgresql-client-common && \
+    pip3 install psycopg2 && \
+    pip3 install dateparser && \
+    pip3 install connexion && \
+    pip3 install connexion[swagger-ui] && \
+    pip3 install uwsgi && \
+    pip3 install flask-cors && \
+    pip3 install python-jose[cryptography] && \
+    pip3 install loguru
+
+
+
+RUN \
+    mkdir -p ${APP_DIR} && \
+    mkdir -p ${CONF_DIR} && \
+    useradd -d ${APP_DIR} -u 1000 user
+
+COPY *.py ${APP_DIR}/
+COPY openapi.yaml ${APP_DIR}/
+COPY server.ini ${CONF_DIR}/
+
+USER 1000:1000
+WORKDIR ${APP_DIR}
+VOLUME ${CONF_DIR}
+
+EXPOSE 5000
+EXPOSE 9191
+
+CMD [ "uwsgi", "./config/server.ini" ]
+
+
+
--- a/ENV.tmpl
+++ b/ENV.tmpl
@ -0,0 +1,2 @@
+# copy to ENV and adjust values
+
--- a/auth.py
+++ b/auth.py
@ -0,0 +1,27 @@
+from jose import JWTError, jwt
+import werkzeug
+import os
+from loguru import logger
+
+
+JWT_PUB_KEY = ""
+try:
+    JWT_PUB_KEY = os.environ["JWT_PUB_KEY"]
+except KeyError:
+    with open('/opt/app/config/authservice.pub', 'r') as f:
+        JWT_PUB_KEY = f.read()
+
+
+def decodeToken(token):
+    try:
+        return jwt.decode(token, JWT_PUB_KEY, audience="hv2")
+    except JWTError as e:
+        logger.error("{}".format(e))
+        raise werkzeug.exceptions.Unauthorized()
+
+def testToken(user, token_info):
+    return '''
+    You are user_id {user} and the provided token has been signed by this issuers. Fine.'.
+    Decoded token claims: {token_info}.
+    '''.format(user=user, token_info=token_info)
+
--- a/build.sh
+++ b/build.sh
@ -0,0 +1,8 @@
+#!/bin/bash
+
+IMAGE_NAME="registry.hottis.de/hv2/hv2-api"
+VERSION=0.0.x
+
+docker build -t ${IMAGE_NAME}:${VERSION} .
+docker push ${IMAGE_NAME}:${VERSION}
+
--- a/openapi.yaml
+++ b/openapi.yaml
@ -0,0 +1,29 @@
+openapi: 3.0.0
+info:
+  title: hv2-api
+  version: "0.1"
+
+paths:
+  /test:
+    get:
+      tags: [ "Test" ]
+      summary: Return secret string
+      operationId: auth.testToken
+      responses:
+        '200':
+          description: secret response
+          content:
+            'text/plain':
+              schema:
+                type: string
+      security:
+      - jwt: ['secret']
+
+
+components:
+  securitySchemes:
+    jwt:
+      type: http
+      scheme: bearer
+      bearerFormat: JWT
+      x-bearerInfoFunc: auth.decodeToken
--- a/run.sh
+++ b/run.sh
@ -0,0 +1,14 @@
+#!/bin/bash
+
+. ENV
+
+IMAGE_NAME="registry.hottis.de/hv2/hv2-api"
+VERSION=0.0.x
+
+
+docker run \
+    -d \
+    --rm \
+    --name "hv2-api" \
+    -p 5000:5000
+    ${IMAGE_NAME}:${VERSION}
--- a/server.ini
+++ b/server.ini
@ -0,0 +1,6 @@
+[uwsgi]
+http = :5000
+wsgi-file = server.py
+processes = 4
+stats = :9191
+
--- a/server.py
+++ b/server.py
@ -0,0 +1,12 @@
+import connexion
+from flask_cors import CORS
+
+# instantiate the webservice
+app = connexion.App(__name__)
+app.add_api('openapi.yaml')
+
+# CORSify it - otherwise Angular won't accept it
+CORS(app.app)
+
+# provide the webservice application to uwsgi
+application = app.app
--- a/test.py
+++ b/test.py
@ -0,0 +1,8 @@
+import connexion
+import logging
+
+logging.basicConfig(level=logging.DEBUG)
+
+app = connexion.App('hv2-api')
+app.add_api('./openapi.yaml')
+app.run(port=8080)