Merge branch 'dev' of https://github.com/bcgov/api-services-portal in…

…to dev
bcgov · Jul 7, 2021 · 98c5695 · 98c5695
2 parents c1385da + 3ff7466
commit 98c5695
Show file tree

Hide file tree

Showing 13 changed files with 2,867 additions and 2,054 deletions.
diff --git a/.env.local b/.env.local
@@ -10,12 +10,12 @@ MONGO_USER=
 MONGO_PASSWORD=
 KONG_URL=http://kong.localtest.me:8001
 JWKS_URL=http://keycloak.localtest.me:9080/auth/realms/master/protocol/openid-connect/certs
-FEEDER_URL=http://localhost:6000
+FEEDER_URL=http://feeder.localtest.me:6000
 NEXT_PUBLIC_API_ROOT=http://oauth2proxy.localtest.me:4180
 GWA_API_URL=http://localhost:2000
-GWA_PROD_ENV_SLUG=<UPDATE_ME>
-GWA_RES_SVR_CLIENT_ID=<UPDATE_ME>
-GWA_RES_SVR_CLIENT_SECRET=<UPDATE_ME>
+GWA_PROD_ENV_SLUG=E0000000
+GWA_RES_SVR_CLIENT_ID=gwa-api
+GWA_RES_SVR_CLIENT_SECRET=18900468-3db1-43f7-a8af-e75f079eb742
 KEYCLOAK_AUTH_URL=http://keycloak.localtest.me:9080/auth
 KEYCLOAK_REALM=master
 EMAIL_ENABLED=false

diff --git a/README.md b/README.md
@@ -52,15 +52,16 @@ Once running, the `api services portal` application is reachable via `localhost:
 ##### Steps
 
 1. Create a `.env` from `.env.local` file
-2. Edit `.env` file by updating all (`<UPDATE_ME>`)'s with appropriate values
-3. Run `docker-compose up` to spin up a local development environment with services (Postgres, Keycloak, OAuth2-proxy, APS-Portal and Kong Gateway)
+2. Create a `.env` from `.env.local` file under `feeds` directory
+3. Run `docker-compose up` to spin up a local development environment with services (Postgres, Keycloak, OAuth2-proxy, APS-Portal, Feeder and Kong Gateway)
 4. Go to: http://oauth2proxy.localtest.me:4180
-5. To login, use username `local` and password `local`
+5. To login, use username `local` and password `local`, or username `awsummer@idir` and password `awsummer`
 6. `docker-compose down` : Removes all the hosted services
 
 ##### Note:
 
 - Please wait until keycloak service starts and is initialized with `master` realm. The realm configuration is saved in `./keycloak/master-realm.json`. It also creates a realm user `local` with admin privileges.
+- You may want to run `docker-compose build` if there are new changes that are not reflected in the last time you built the container images
 
 ## Design
 

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -23,6 +23,7 @@ services:
         '-Dkeycloak.migration.provider=singleFile',
         '-Dkeycloak.migration.file=/tmp/realm-config/master-realm.json',
         '-Dkeycloak.migration.strategy=OVERWRITE_EXISTING',
+        '-Dkeycloak.profile.feature.upload_scripts=enabled',
       ]
     ports:
       - 9080:9080/tcp
@@ -60,19 +61,53 @@ services:
           - oauth2proxy.localtest.me
   apsportal:
     container_name: apsportal
+    image: apsportal:latest
     depends_on:
       - keycloak
     build:
       context: .
       dockerfile: Dockerfile
     env_file:
       - .env
+    ports:
+      - 3000:3000
     networks:
       portal:
         aliases:
           - apsportal.localtest.me
       keycloak: {}
       oauth2-proxy: {}
+      kong-net: {}
+  feeder:
+    container_name: feeder
+    image: feeder:latest
+    depends_on:
+      - oauth2-proxy
+    build:
+      context: ./feeds
+      dockerfile: Dockerfile
+    env_file:
+      - ./feeds/.env
+    ports:
+      - 6000:6000
+    networks:
+      portal:
+        aliases:
+          - feeder.localtest.me
+      kong-net: {}
+  feeder-seeding:
+    container_name: feeder-seeding
+    image: feeder:latest
+    command: ''
+    entrypoint: sh -c "chmod +x /tmp/init.sh && sh /tmp/init.sh"
+    depends_on:
+      - feeder
+    restart: on-failure
+    volumes:
+      - ./local/feeder-init:/tmp
+    networks:
+      - portal
+      - keycloak
   kong-db:
     image: postgres:latest
     container_name: kong-db
@@ -86,7 +121,6 @@ services:
     volumes:
       - ./local/db/database-init.sql:/docker-entrypoint-initdb.d/1-init.sql
       - ./local/db/keystone-init.sql:/docker-entrypoint-initdb.d/2-init.sql
-      - aps-pg-data:/var/lib/postgresql/data
     networks:
       - kong-net
       - keycloak

diff --git a/feeds/.env.local b/feeds/.env.local
@@ -0,0 +1,3 @@
+WORKING_PATH=/tmp
+DESTINATION_URL=http://apsportal.localtest.me:3000
+KONG_ADMIN_URL=http://kong.localtest.me:8001
diff --git a/feeds/index.js b/feeds/index.js
@@ -11,6 +11,7 @@ const port = 6000;
 
 const replay = require('./utils/replay');
 const push = require('./utils/push');
+require('dotenv').config()
 
 assert.strictEqual(
   'WORKING_PATH' in process.env,

diff --git a/local/feeder-init/developer-user.yaml b/local/feeder-init/developer-user.yaml
@@ -0,0 +1,6 @@
+entity: User
+record:
+  id: 'local'
+  name: 'local F local L'
+  email: '[email protected]'
+  isAdmin: false
diff --git a/local/feeder-init/idir-user.yaml b/local/feeder-init/idir-user.yaml
@@ -0,0 +1,6 @@
+entity: User
+record:
+  id: 'awsummer@idir'
+  name: 'Awesome Summers'
+  email: '[email protected]'
+  isAdmin: false
diff --git a/local/feeder-init/init.sh b/local/feeder-init/init.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+
+apk add --no-cache curl
+cd /tmp
+
+while true; do
+    keycloakstatus=$(curl -o /dev/null -Isw '%{http_code}\n' http://keycloak.localtest.me:9080/auth/realms/master)
+    echo "$keycloakstatus"
+    if [[ "$keycloakstatus" == "200" ]]; then
+        echo  "Keycloak is up"
+        curl http://feeder.localtest.me:6000/push -F [email protected]
+        curl http://feeder.localtest.me:6000/push -F [email protected]
+        curl http://feeder.localtest.me:6000/push -F [email protected]
+        curl http://feeder.localtest.me:6000/push -F [email protected]
+        curl http://feeder.localtest.me:6000/push -F [email protected]
+        break
+    else
+        echo  "Waiting for Keycloak....."
+        sleep 2m
+    fi
+done
+
diff --git a/local/feeder-init/legal.yaml b/local/feeder-init/legal.yaml
@@ -0,0 +1,7 @@
+entity: Legal
+record:
+  id: "terms-of-use-for-api-gateway-1"
+  title: "Terms of Use for API Gateway"
+  link: "https://www2.gov.bc.ca/gov/content/data/open-data/api-terms-of-use-for-ogl-information"
+  document: terms-of-use
+  version: 1
diff --git a/local/feeder-init/platform-authz-profile.yaml b/local/feeder-init/platform-authz-profile.yaml
@@ -0,0 +1,26 @@
+entity: CredentialIssuer
+record:
+  id: 'Gateway Services Resource Server'
+  namespace: platform
+  description: 'Authorization Profile for protecting the Gateway Services API'
+  flow: client-credentials
+  mode: auto
+  clientAuthenticator: client-secret
+  authPlugin: jwt-keycloak
+  clientRoles: []
+  availableScopes: []
+  resourceType: platform
+  resourceAccessScope: Namespace.Manage
+  resourceScopes:
+    - Namespace.Manage
+    - Namespace.View
+    - Access.Manage
+    - GatewayConfig.Publish
+    - Content.Publish
+  owner: awsummer@idir
+  environmentDetails:
+    - environment: prod
+      issuerUrl: http://keycloak.localtest.me:9080/auth/realms/master
+      clientId: gwa-api
+      clientRegistration: managed
+      clientSecret: '18900468-3db1-43f7-a8af-e75f079eb742'
diff --git a/local/feeder-init/platform-gwa-api.yaml b/local/feeder-init/platform-gwa-api.yaml
@@ -0,0 +1,14 @@
+entity: Product
+record:
+  id: 748D98F1F56C
+  name: Gateway Services API
+  namespace: platform
+  environments:
+    - id: E0000000
+      name: prod
+      active: true
+      approval: true
+      flow: client-credentials
+      legal: terms-of-use-for-api-gateway-1
+      services: []
+      credentialIssuer: 'Gateway Services Resource Server'