From 6868d309f0f58711cb28a9c906b7463cc3c72c15 Mon Sep 17 00:00:00 2001
From: Martin Lowe <martin.lowe@eclipse-foundation.org>
Date: Tue, 26 Jul 2022 14:44:31 -0400
Subject: [PATCH] Fix missing setup instructions
---
.gitignore | 3 +-
Makefile | 11 +++-
README.md | 63 +++++++++++++-------
config/.env.sample | 8 +++
config/application/secret.properties.sample | 7 +++
config/sample.secret.properties | 7 ---
docker-compose.gitlab.yaml | 22 +++++++
docker-compose.yaml | 65 ++++++---------------
8 files changed, 109 insertions(+), 77 deletions(-)
create mode 100644 config/.env.sample
create mode 100644 config/application/secret.properties.sample
delete mode 100644 config/sample.secret.properties
create mode 100644 docker-compose.gitlab.yaml
diff --git a/.gitignore b/.gitignore
index 03d0e35a..068d0123 100644
--- a/.gitignore
+++ b/.gitignore
@@ -43,4 +43,5 @@ secrets/
secret.properties
# Additional build resources
-src/test/resources/schemas
\ No newline at end of file
+src/test/resources/schemas
+.env
\ No newline at end of file
diff --git a/Makefile b/Makefile
index 9dd78172..d8f59f5f 100644
--- a/Makefile
+++ b/Makefile
@@ -1,3 +1,12 @@
+SHELL = /bin/bash
+pre-setup:;
+ @echo "Creating environment file from template"
+ @rm -f .env && envsubst < config/.env.sample > .env
+setup:;
+ @echo "Generating secret files from templates using environment file + variables"
+ @source .env && rm -f ./config/application/secret.properties && envsubst < config/application/secret.properties.sample > config/application/secret.properties
+dev-start:;
+ source .env && mvn compile quarkus:dev
clean:;
mvn clean
compile-java: generate-spec;
@@ -14,6 +23,6 @@ validate-spec: install-yarn;
compile-start: compile-quick;
docker-compose down
docker-compose build
- docker-compose up
+ docker-compose up -d
start-spec: validate-spec;
yarn run start
\ No newline at end of file
diff --git a/README.md b/README.md
index 5c11f32b..407461df 100644
--- a/README.md
+++ b/README.md
@@ -12,15 +12,18 @@ This project uses Quarkus, the Supersonic Subatomic Java Framework.
If you want to learn more about Quarkus, please visit its website: https://quarkus.io/ .
<!-- TOC -->
-- [What is a valid commit?](#what-is-a-valid-commit)
-- [Submitting applications for existing bots](#submitting-applications-for-existing-bots)
-- [Running the application in dev mode](#running-the-application-in-dev-mode)
-- [Packaging and running the application](#packaging-and-running-the-application)
-- [Enabling commit hook in GitLab](#enabling-commit-hook-in-gitlab)
+- [About validation](#about-validation)
+ - [What is a valid commit?](#what-is-a-valid-commit)
+ - [Submitting applications for existing bots](#submitting-applications-for-existing-bots)
+ - [Enabling commit hook in GitLab](#enabling-commit-hook-in-gitlab)
+- [Application setup and operation](#application-setup-and-operation)
+ - [Setting up the application](#setting-up-the-application)
+ - [Running the application in dev mode](#running-the-application-in-dev-mode)
+ - [Packaging and running the application](#packaging-and-running-the-application)
<!-- /TOC -->
-
-## What is a valid commit?
+## About validation
+### What is a valid commit?
To be considered a valid commit, the following set of rules are checked against all commits that are submitted to this service. If any fail and the commit is related to a project, the service returns a message indicating the commit is not suitable for submission along with messages as hints.
1. All users that commit or author changes within a project within the Eclipse space must have a signed [ECA](https://accounts.eclipse.org/user/eca), and therefore, Eclipse accounts.
@@ -31,18 +34,45 @@ To be considered a valid commit, the following set of rules are checked against
While these rules apply to all project repositories, any non-project repositories will also be checked. The messages indicate the failures as warnings to the consuming service (like Gitlab or Gerrit) unless 'strict mode' is enabled for the service. Whether or not a repository is tracked (or if it is a project repository) is determined by its presence as a repository directly linked to an active project within the [PMI](https://projects.eclipse.org/), as reported by the [Projects API](https://api.eclipse.org/#tag/Projects).
-## Submitting applications for existing bots
+### Submitting applications for existing bots
To submit requests for existing bots to be registered within our API (such as dependabot), please see the [Project Bots API repository](https://github.com/EclipseFdn/projects-bots-api) and create an issue.
-## Running the application in dev mode
+### Enabling commit hook in GitLab
+
+To enable the Git hook that makes use of this service, a running GitLab instance will be needed with shell access. This instruction set assumes that the running GitLab instance runs using the Omnibus set up rather than the source. For the differences in process, please see the [GitLab custom hook administration instructions](https://docs.gitlab.com/ee/administration/custom_hooks.html). Once obtained, the following steps can be used to start or update the hook.
+
+1. Access the GitLab server shell, and create a folder at `/opt/gitlab/embedded/service/gitlab-shell/hooks/pre-receive.d/` if it doesn't already exist. This folder will contain all of the servers global Git hooks for pre-receive events. These hooks trigger when a user attempts to push information to the server.
+1. In the host machine, copy the ECA script to the newly created folder. If using a docker container, this can be done with a call similar to the following:
+`docker cp src/main/rb/eca.rb gitlab.eca_web_1:/opt/gitlab/embedded/service/gitlab-shell/hooks/pre-receive.d/`
+
+1. In the GitLab shell once again, ensure that the newly copied script matches the folders ownership, and that the file permissions are `755`. This allows the server to properly run the hook when needed.
+
+
+## Application setup and operation
+### Setting up the application for local use
+
+Pre-requisites:
+- Make
+- Maven
+- Java 11 >
+- Eclipse Account API credentials
+- Running MariaDB instance
+
+1. In MariaDB instance, create a new database called `git-eca` as that is what is configured out of the box. The table definitions for the database can be found under `./config/mariadb/init.sql`.
+1. Run `make pre-setup`. This command will setup a basic .env file, using some basic variables used in Eclipse development to accelerate the generation of secret files.
+1. Inside the .env file, update the `GIT_ECA_MARIADB_*` properties to reflect the connection settings for the MariaDB instance and the credentials needed to access the DB created in step 1.
+1. Set the Eclipse Account API credentials into the `GIT_ECA_OAUTH_*` settings. This will be used to enable searching and retrieval of EF accounts by email addresses, as well as be able to read those normally hidden values.
+1. Run `make setup` to finish the setup process for this API, generating the secret file under `./config/application/secret.properties`. This file can be moved, so long as the `CONFIG_SECRET_PATH` in the `.env` file is updated.
+1. Run `make compile-start` to build and start the server.
+
+### Running the application in dev mode
You can run your application in dev mode that enables live coding using:
```
-./mvnw quarkus:dev
+make dev-start
```
-
-## Packaging and running the application
+### Packaging and running the application
The application is packageable using `./mvnw package`.
It produces the executable `git-eca-rest-api-0.0.1-runner.jar` file in `/target` directory.
@@ -50,12 +80,3 @@ Be aware that it’s not an _über-jar_ as the dependencies are copied into the
The application is now runnable using `java -jar target/git-eca-rest-api-0.0.1-runner.jar`.
-## Enabling commit hook in GitLab
-
-To enable the Git hook that makes use of this service, a running GitLab instance will be needed with shell access. This instruction set assumes that the running GitLab instance runs using the Omnibus set up rather than the source. For the differences in process, please see the [GitLab custom hook administration instructions](https://docs.gitlab.com/ee/administration/custom_hooks.html). Once obtained, the following steps can be used to start or update the hook.
-
-1. Access the GitLab server shell, and create a folder at `/opt/gitlab/embedded/service/gitlab-shell/hooks/pre-receive.d/` if it doesn't already exist. This folder will contain all of the servers global Git hooks for pre-receive events. These hooks trigger when a user attempts to push information to the server.
-1. In the host machine, copy the ECA script to the newly created folder. If using a docker container, this can be done with a call similar to the following:
-`docker cp src/main/rb/eca.rb gitlab.eca_web_1:/opt/gitlab/embedded/service/gitlab-shell/hooks/pre-receive.d/`
-
-1. In the GitLab shell once again, ensure that the newly copied script matches the folders ownership, and that the file permissions are `755`. This allows the server to properly run the hook when needed.
diff --git a/config/.env.sample b/config/.env.sample
new file mode 100644
index 00000000..52fc857c
--- /dev/null
+++ b/config/.env.sample
@@ -0,0 +1,8 @@
+export GIT_ECA_MARIADB_USER=$MARIADB_USER
+export GIT_ECA_MARIADB_PASSWORD=$MARIADB_PASSWORD
+export GIT_ECA_MARIADB_HOST=$MARIADB_HOST
+export GIT_ECA_MARIADB_PORT=$MARIADB_PORT
+
+export GIT_ECA_OAUTH_CLIENT_ID=sample
+export GIT_ECA_OAUTH_CLIENT_CREDENTIALS=sample
+export CONFIG_SECRET_PATH=$PWD/config/application/secret.properties
\ No newline at end of file
diff --git a/config/application/secret.properties.sample b/config/application/secret.properties.sample
new file mode 100644
index 00000000..2b0d3634
--- /dev/null
+++ b/config/application/secret.properties.sample
@@ -0,0 +1,7 @@
+## Required for authenticated requests to profile API
+oauth2.client-id=$GIT_ECA_OAUTH_CLIENT_ID
+oauth2.client-secret=$GIT_ECA_OAUTH_CLIENT_CREDENTIALS
+
+quarkus.datasource.username=$GIT_ECA_MARIADB_USER
+quarkus.datasource.password=$GIT_ECA_MARIADB_PASSWORD
+quarkus.datasource.jdbc.url=jdbc:mariadb://$GIT_ECA_MARIADB_HOST:$GIT_ECA_MARIADB_PORT/git-eca
\ No newline at end of file
diff --git a/config/sample.secret.properties b/config/sample.secret.properties
deleted file mode 100644
index bd69c382..00000000
--- a/config/sample.secret.properties
+++ /dev/null
@@ -1,7 +0,0 @@
-## Required for authenticated requests to profile API
-oauth2.client-id=sample
-oauth2.client-secret=sample
-
-quarkus.datasource.username = root
-quarkus.datasource.password = eclipse_sample
-quarkus.datasource.jdbc.url=jdbc:mariadb://mariadb/eclipse
\ No newline at end of file
diff --git a/docker-compose.gitlab.yaml b/docker-compose.gitlab.yaml
new file mode 100644
index 00000000..c87fd09e
--- /dev/null
+++ b/docker-compose.gitlab.yaml
@@ -0,0 +1,22 @@
+version: '3'
+services:
+ web:
+ container_name: gitlab
+ image: 'gitlab/gitlab-ce:latest'
+ restart: always
+ environment:
+ VIRTUAL_HOST: "gitlab.dev.docker"
+ VIRTUAL_PORT: 443
+ VIRTUAL_PROTO: https
+ CERT_NAME: dev.docker
+ GITLAB_OMNIBUS_CONFIG: "external_url 'http://localhost/';"
+ shm_size: '256m'
+ ports:
+ - 443:443
+ - 80:80
+ - 22:22
+ volumes:
+ - '/localdocker/gitlab/config:/etc/gitlab'
+ - '/localdocker/gitlab/logs:/var/log/gitlab'
+ - '/localdocker/gitlab/data:/var/opt/gitlab'
+
diff --git a/docker-compose.yaml b/docker-compose.yaml
index 656341eb..4743e815 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -1,51 +1,22 @@
version: '3'
services:
- web:
- container_name: gitlab
- image: 'gitlab/gitlab-ce:latest'
- restart: always
- environment:
- VIRTUAL_HOST: "gitlab.dev.docker"
- VIRTUAL_PORT: 443
- VIRTUAL_PROTO: https
- CERT_NAME: dev.docker
- GITLAB_OMNIBUS_CONFIG: "external_url 'http://localhost/';"
- shm_size: '256m'
+ application:
+ build:
+ dockerfile: ./src/main/docker/Dockerfile.jvm
ports:
- - 443:443
- - 80:80
- - 22:22
- volumes:
- - '/localdocker/gitlab/config:/etc/gitlab'
- - '/localdocker/gitlab/logs:/var/log/gitlab'
- - '/localdocker/gitlab/data:/var/opt/gitlab'
- postgres:
- container_name: postgres
- image: postgres:12.4
- volumes:
- - ./volumes/postgres:/var/lib/postgresql/data
+ - 8090:8080
environment:
- - POSTGRES_DB=${GIT_ECA_POSTGRES_DB}
- - POSTGRES_USER=${GIT_ECA_POSTGRES_USER}
- - POSTGRES_PASSWORD=${GIT_ECA_POSTGRES_PASSWORD}
- ports:
- - 5432
- keycloak:
- container_name: keycloak
- image: jboss/keycloak:11.0.1
- environment:
- - VIRTUAL_HOST=keycloak
- - VIRTUAL_PORT=8080
- - DB_VENDOR=POSTGRES
- - DB_DATABASE=${GIT_ECA_POSTGRES_DB}
- - DB_SCHEMA=public
- - DB_ADDR=postgres
- - DB_PORT=5432
- - DB_USER=${GIT_ECA_POSTGRES_USER}
- - DB_PASSWORD=${GIT_ECA_POSTGRES_PASSWORD}
- - KEYCLOAK_USER=${GIT_ECA_KEYCLOAK_USER}
- - KEYCLOAK_PASSWORD=${GIT_ECA_KEYCLOAK_PASSWORD}
- ports:
- - '8080:8080'
- depends_on:
- - postgres
+ - CONFIG_SECRET_PATH=/var/run/secrets/secret.properties
+ volumes:
+ - $CONFIG_SECRET_PATH:/var/run/secrets/secret.properties
+ deploy:
+ restart_policy:
+ condition: on-failure
+ max_attempts: 5
+ resources:
+ limits:
+ cpus: '0.5'
+ memory: 256M
+ reservations:
+ cpus: '0.001'
+ memory: 192M
\ No newline at end of file
--
GitLab