initial

2021-06-17 11:52:13 +02:00 · 2021-06-17 11:52:13 +02:00 · 215eb69395
commit 215eb69395
11 changed files with 214 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,2 @@
 __pycache__/
 ENV
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -0,0 +1,58 @@
 stages:
        - check
        - build
        - deploy
 variables:
        IMAGE_NAME: $CI_REGISTRY/$CI_PROJECT_PATH
 check:
        image: registry.hottis.de/dockerized/base-build-env:latest
        stage: check
        tags:
                - hottis
                - linux
                - docker
        rules:
                - if: $CI_COMMIT_TAG
        script:
                - checksemver.py -v
                    --versionToValidate "${CI_COMMIT_TAG}"
                    --validateMessage
                    --messageToValidate "${CI_COMMIT_MESSAGE}"
 build:
        image: registry.hottis.de/dockerized/docker-bash:latest
        stage: build
        tags:
                - hottis
                - linux
                - docker
        script: 
                - docker build --tag $IMAGE_NAME:latest .
                - if [ "$CI_COMMIT_TAG" != "" ]; then
                    docker tag $IMAGE_NAME:latest $IMAGE_NAME:${CI_COMMIT_TAG};
                    docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY;
                    docker push $IMAGE_NAME:latest;
                    docker push $IMAGE_NAME:${CI_COMMIT_TAG};
                  fi
 deploy:
        stage: deploy
        image: registry.hottis.de/dockerized/docker-bash:latest
        only:
                - tags
        variables:
                GIT_STRATEGY: none
        before_script:
                - CONTAINER_NAME=$CI_PROJECT_NAME
                - SERVICE_VOLUME=$CI_PROJECT_NAME"-conf"
                - SERVICE_PORT=5000
                - docker volume inspect $SERVICE_VOLUME || docker volume create $SERVICE_VOLUME
                - docker stop $CONTAINER_NAME || echo "$CONTAINER_NAME not running, anyway okay"
                - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY;
                - docker pull $IMAGE_NAME:$VERSION
                - docker run -d --restart always --name "hv2-api" -p 5000:5000 -v $SERVICE_VOLUME:/opt/app/config ${IMAGE_NAME}:${VERSION}
--- a/48
+++ b/48
@ -0,0 +1,48 @@
 FROM python:latest
 LABEL Maintainer="Wolfgang Hottgenroth wolfgang.hottgenroth@icloud.com"
 LABEL ImageName="registry.hottis.de/hv2/hv2-api"
 ARG APP_DIR="/opt/app"
 ARG CONF_DIR="${APP_DIR}/config"
 ENV DB_HOST="172.16.10.18"
 ENV DB_NAME="hausverwaltung"
 ENV DB_USER="hausverwaltung-ui"
 ENV DB_PASS="test123"
 RUN \
    apt update && \
    apt install -y postgresql-client-common && \
    pip3 install psycopg2 && \
    pip3 install dateparser && \
    pip3 install connexion && \
    pip3 install connexion[swagger-ui] && \
    pip3 install uwsgi && \
    pip3 install flask-cors && \
    pip3 install python-jose[cryptography] && \
    pip3 install loguru
 RUN \
    mkdir -p ${APP_DIR} && \
    mkdir -p ${CONF_DIR} && \
    useradd -d ${APP_DIR} -u 1000 user
 COPY *.py ${APP_DIR}/
 COPY openapi.yaml ${APP_DIR}/
 COPY server.ini ${CONF_DIR}/
 USER 1000:1000
 WORKDIR ${APP_DIR}
 VOLUME ${CONF_DIR}
 EXPOSE 5000
 EXPOSE 9191
 CMD [ "uwsgi", "./config/server.ini" ]
--- a/ENV.tmpl
+++ b/ENV.tmpl
@ -0,0 +1,2 @@
 # copy to ENV and adjust values
--- a/auth.py
+++ b/auth.py
@ -0,0 +1,27 @@
 from jose import JWTError, jwt
 import werkzeug
 import os
 from loguru import logger
 JWT_PUB_KEY = ""
 try:
    JWT_PUB_KEY = os.environ["JWT_PUB_KEY"]
 except KeyError:
    with open('/opt/app/config/authservice.pub', 'r') as f:
        JWT_PUB_KEY = f.read()
 def decodeToken(token):
    try:
        return jwt.decode(token, JWT_PUB_KEY, audience="hv2")
    except JWTError as e:
        logger.error("{}".format(e))
        raise werkzeug.exceptions.Unauthorized()
 def testToken(user, token_info):
    return '''
    You are user_id {user} and the provided token has been signed by this issuers. Fine.'.
    Decoded token claims: {token_info}.
    '''.format(user=user, token_info=token_info)
--- a/build.sh
+++ b/build.sh
@ -0,0 +1,8 @@
 #!/bin/bash
 IMAGE_NAME="registry.hottis.de/hv2/hv2-api"
 VERSION=0.0.x
 docker build -t ${IMAGE_NAME}:${VERSION} .
 docker push ${IMAGE_NAME}:${VERSION}
--- a/openapi.yaml
+++ b/openapi.yaml
@ -0,0 +1,29 @@
 openapi: 3.0.0
 info:
  title: hv2-api
  version: "0.1"
 paths:
  /test:
    get:
      tags: [ "Test" ]
      summary: Return secret string
      operationId: auth.testToken
      responses:
        '200':
          description: secret response
          content:
            'text/plain':
              schema:
                type: string
      security:
      - jwt: ['secret']
 components:
  securitySchemes:
    jwt:
      type: http
      scheme: bearer
      bearerFormat: JWT
      x-bearerInfoFunc: auth.decodeToken
--- a/run.sh
+++ b/run.sh
@ -0,0 +1,14 @@
 #!/bin/bash
 . ENV
 IMAGE_NAME="registry.hottis.de/hv2/hv2-api"
 VERSION=0.0.x
 docker run \
    -d \
    --rm \
    --name "hv2-api" \
    -p 5000:5000
    ${IMAGE_NAME}:${VERSION}
--- a/server.ini
+++ b/server.ini
@ -0,0 +1,6 @@
 [uwsgi]
 http = :5000
 wsgi-file = server.py
 processes = 4
 stats = :9191
--- a/server.py
+++ b/server.py
@ -0,0 +1,12 @@
 import connexion
 from flask_cors import CORS
 # instantiate the webservice
 app = connexion.App(__name__)
 app.add_api('openapi.yaml')
 # CORSify it - otherwise Angular won't accept it
 CORS(app.app)
 # provide the webservice application to uwsgi
 application = app.app
--- a/test.py
+++ b/test.py
@ -0,0 +1,8 @@
 import connexion
 import logging
 logging.basicConfig(level=logging.DEBUG)
 app = connexion.App('hv2-api')
 app.add_api('./openapi.yaml')
 app.run(port=8080)