From b4cb2c7d4911e483c0a03848b8702b7a0366d9e5 Mon Sep 17 00:00:00 2001 From: Mike Olund Date: Fri, 19 Jan 2018 16:30:30 -0800 Subject: [PATCH] Added minishift configuration --- edivorce/apps/core/context_processors.py | 2 +- .../apps/core/middleware/bceid_middleware.py | 4 +- edivorce/apps/core/views/localdev.py | 2 +- edivorce/apps/core/views/main.py | 6 +- edivorce/apps/core/views/system.py | 2 +- edivorce/settings/base.py | 2 +- edivorce/settings/openshift.py | 13 ++- edivorce/urls.py | 4 +- openshift/MINISHIFT.md | 88 +++++++++++++++++++ .../edivorce-environment-template.yaml | 2 +- 10 files changed, 110 insertions(+), 15 deletions(-) create mode 100644 openshift/MINISHIFT.md diff --git a/edivorce/apps/core/context_processors.py b/edivorce/apps/core/context_processors.py index 262f467d..e4092c6d 100644 --- a/edivorce/apps/core/context_processors.py +++ b/edivorce/apps/core/context_processors.py @@ -6,5 +6,5 @@ def settings_processor(request): return { 'gtm_id': settings.GTM_ID, 'proxy_root_path': settings.FORCE_SCRIPT_NAME, - 'show_debug': settings.ENVIRONMENT in ['localdev', 'dev', 'test'] + 'show_debug': settings.ENVIRONMENT in ['localdev', 'dev', 'test', 'minishift'] } diff --git a/edivorce/apps/core/middleware/bceid_middleware.py b/edivorce/apps/core/middleware/bceid_middleware.py index 71c298a9..a769c491 100644 --- a/edivorce/apps/core/middleware/bceid_middleware.py +++ b/edivorce/apps/core/middleware/bceid_middleware.py @@ -78,7 +78,7 @@ class BceidMiddleware(object): # pylint: disable=too-few-public-methods """ # make sure the request didn't bypass the proxy - if (settings.DEPLOYMENT_TYPE != 'localdev' and + if (settings.DEPLOYMENT_TYPE not in ['localdev', 'minishift'] and not self.__request_came_from_proxy(request)): return redirect(settings.PROXY_BASE_URL + request.path) @@ -92,7 +92,7 @@ class BceidMiddleware(object): # pylint: disable=too-few-public-methods # link on our app or closing the browser. This is an extreme edge case, # and it's not pragmatic to code against it at this time. siteminder_user = request.META.get('HTTP_SM_USER', '') - is_localdev = settings.DEPLOYMENT_TYPE == 'localdev' + is_localdev = settings.DEPLOYMENT_TYPE in ['localdev', 'minishift'] update_user = False guid = request.META.get('HTTP_SMGOV_USERGUID', '') diff --git a/edivorce/apps/core/views/localdev.py b/edivorce/apps/core/views/localdev.py index e6c461a8..86cd7193 100644 --- a/edivorce/apps/core/views/localdev.py +++ b/edivorce/apps/core/views/localdev.py @@ -20,7 +20,7 @@ def bceid(request): # convert the login name to a guid hex_name = decode(binascii.hexlify(str.encode(login_name)))[0] - fake_guid = uuid.UUID(hex_name.rjust(32, '0')).urn[9:] + fake_guid = hex_name.rjust(32, '0') # save the guid in a session variable request.session['login_name'] = login_name diff --git a/edivorce/apps/core/views/main.py b/edivorce/apps/core/views/main.py index b2f582fa..2769cd12 100644 --- a/edivorce/apps/core/views/main.py +++ b/edivorce/apps/core/views/main.py @@ -82,7 +82,7 @@ def register(request): """ Sets a session variable and redirects users to register for BCeID """ - if settings.DEPLOYMENT_TYPE == 'localdev': + if settings.DEPLOYMENT_TYPE in ['localdev', 'minishift']: return render(request, 'localdev/register.html') request.session['went_to_register'] = True @@ -95,7 +95,7 @@ def login(request): logged into BCeID will get a login page. Users who are logged into BCeID will be redirected to the dashboard """ - if settings.DEPLOYMENT_TYPE == 'localdev' and not request.session.get('fake_bceid_guid'): + if settings.DEPLOYMENT_TYPE in ['localdev', 'minishift'] and not request.session.get('fake_bceid_guid'): return redirect(settings.PROXY_BASE_URL + settings.FORCE_SCRIPT_NAME[:-1] + '/bceid') if not request.user.is_authenticated(): @@ -133,7 +133,7 @@ def logout(request): response = redirect(settings.LOGOUT_URL) - if settings.DEPLOYMENT_TYPE == 'localdev': + if settings.DEPLOYMENT_TYPE in ['localdev', 'minishift']: response = redirect('/') return response diff --git a/edivorce/apps/core/views/system.py b/edivorce/apps/core/views/system.py index a4235791..72b9eb58 100644 --- a/edivorce/apps/core/views/system.py +++ b/edivorce/apps/core/views/system.py @@ -21,7 +21,7 @@ def current(request): """ Debug tool usable in dev and test environments, available at /current """ - if settings.ENVIRONMENT not in ['localdev', 'dev', 'test']: + if settings.ENVIRONMENT not in ['localdev', 'dev', 'test', 'minishift']: raise Http404() if request.GET.get('reset', False): diff --git a/edivorce/settings/base.py b/edivorce/settings/base.py index 39d6a428..81e32553 100644 --- a/edivorce/settings/base.py +++ b/edivorce/settings/base.py @@ -136,7 +136,7 @@ GTM_ID = 'GTM-NJLR7LT' def show_toolbar(request): - return ENVIRONMENT in ['localdev', 'dev', 'test'] + return ENVIRONMENT in ['localdev', 'dev', 'test', 'minishift'] DEBUG_TOOLBAR_CONFIG = { 'SHOW_TOOLBAR_CALLBACK': show_toolbar, diff --git a/edivorce/settings/openshift.py b/edivorce/settings/openshift.py index b146787d..ff74cf1d 100644 --- a/edivorce/settings/openshift.py +++ b/edivorce/settings/openshift.py @@ -48,6 +48,7 @@ COMPRESS_OFFLINE = True DEPLOYMENT_TYPE = os.getenv('ENVIRONMENT_TYPE') PROXY_URL_PREFIX = '' +PROXY_BASE_URL = 'https://justice.gov.bc.ca' if DEPLOYMENT_TYPE == 'dev': PROXY_URL_PREFIX = "/divorce-dev" @@ -64,6 +65,11 @@ if DEPLOYMENT_TYPE == 'prod': # Google Tag Manager (Production) GTM_ID = 'GTM-W4Z2SPS' +if DEPLOYMENT_TYPE == 'minishift': + DEBUG = True + REGISTER_URL = '#' + PROXY_BASE_URL = '' + # Internal Relative Urls FORCE_SCRIPT_NAME = PROXY_URL_PREFIX + '/' STATIC_URL = PROXY_URL_PREFIX + '/static/' @@ -74,7 +80,6 @@ WEASYPRINT_CSS_LOOPBACK = 'http://edivorce-django:8080' WEASYPRINT_CSS_LOOPBACK += PROXY_URL_PREFIX # External URLs -PROXY_BASE_URL = 'https://justice.gov.bc.ca' LOGOUT_URL_TEMPLATE = 'https://logon.gov.bc.ca/clp-cgi/logoff.cgi?returl=%s%s&retnow=1' LOGOUT_URL = LOGOUT_URL_TEMPLATE % (PROXY_BASE_URL, PROXY_URL_PREFIX) @@ -84,6 +89,8 @@ BASICAUTH_USERNAME = os.getenv('BASICAUTH_USERNAME', '') BASICAUTH_PASSWORD = os.getenv('BASICAUTH_PASSWORD', '') # Lock down the session cookie settings -SESSION_COOKIE_SECURE=True -SESSION_COOKIE_PATH = PROXY_URL_PREFIX SESSION_EXPIRE_AT_BROWSER_CLOSE = True + +if DEPLOYMENT_TYPE != 'minishift': + SESSION_COOKIE_PATH = PROXY_URL_PREFIX + SESSION_COOKIE_SECURE=True diff --git a/edivorce/urls.py b/edivorce/urls.py index 5056cc9e..73bfa2d0 100644 --- a/edivorce/urls.py +++ b/edivorce/urls.py @@ -4,11 +4,11 @@ from django.contrib import admin urlpatterns = [] -if settings.ENVIRONMENT in ['localdev', 'dev', 'test']: +if settings.ENVIRONMENT in ['localdev', 'dev', 'test', 'minishift']: import debug_toolbar urlpatterns.append(url(r'^__debug__/', include(debug_toolbar.urls)),) -if settings.ENVIRONMENT == 'localdev': +if settings.ENVIRONMENT in ['localdev', 'minishift']: urlpatterns.append(url(r'^admin/', admin.site.urls)) urlpatterns.append(url(r'^', include('edivorce.apps.core.urls'))) diff --git a/openshift/MINISHIFT.md b/openshift/MINISHIFT.md new file mode 100644 index 00000000..e664419f --- /dev/null +++ b/openshift/MINISHIFT.md @@ -0,0 +1,88 @@ +# A Quickstart Guide to Setting Up eDivorce on MiniShift + +These instructions assume you have 2 EMPTY projects created in MiniShift: + +- jag-csb-edivorce-tools (BUILD) +- jag-csb-edivorce-dev (DEV) + +For Minishift deployments we won't bother setting up Jenkins or NGINX. + + +## Uploading Templates into OpenShift + +1. Clone the project from Github, and then ```cd``` into the openshift/templates directory. + +2. Log into the OpenShift console to get your command line token. Then log into OpenShift from the command line. + +3. Upload the templates into OpenShift with the following commands + + Tools templates + ``` + oc create -f edivorce-build-template.yaml -n jag-csb-edivorce-tools + ``` + + Main eDivorce environment template + ``` + oc create -f edivorce-environment-template.yaml -n jag-csb-edivorce-dev + ``` + + +## Setting up the Tools Project + + +### Process the templates in the 'tools' project + +#### These can be processed from the commandline +``` +oc project jag-csb-edivorce-tools + +oc process edivorce-build | oc create -f - +``` + +You can monitor the process of the build in the OpenShift console on Minishift. You'll need to wait for it to finish before you can start the next step. + +## Setting up Dev + +Tag the builds in the tools project so they can be deployed to dev +``` +oc project jag-csb-edivorce-tools +``` + +Give the dev project access to Docker images stored in the tools project +``` +oc project jag-csb-edivorce-dev +oc policy add-role-to-user system:image-puller system:serviceaccount:jag-csb-edivorce-dev:default -n jag-csb-edivorce-tools +oc policy add-role-to-user edit system:serviceaccount:jag-csb-edivorce-tools:default -n jag-csb-edivorce-dev +``` + +Deploy the Django app and the Postgresql DB (Read the section about "Important Configuration Options" above!) +``` +oc process edivorce -v ENVIRONMENT_TYPE=minishift,PROXY_NETWORK=0.0.0.0/0 | oc create -f - +``` + +Edit the yaml for the edivorce-django deployment config through the web console + +Find: + + kind: ImageStreamTag + name: 'edivorce-django:deploy-to-dev' + + +Change to: + + kind: ImageStreamTag + name: 'edivorce-django:latest' + +Deploy Weasyprint +``` +oc deploy weasyprint --latest +``` + +## Create a Route + +Using the web console, create a new route called "minishift" in the jag-csb-edivorce-dev project. The only thing you need to change is the name. Otherwise just use default settings. + +## Log into eDivorce + +You should be able to find your route in the edivorce-django deployment of the jag-csb-edivorce-dev project. When you are prompted for a username and password you can use the password 'dovorce' with any username you choose. + diff --git a/openshift/templates/edivorce-environment-template.yaml b/openshift/templates/edivorce-environment-template.yaml index 0fa52809..0e0c47e1 100644 --- a/openshift/templates/edivorce-environment-template.yaml +++ b/openshift/templates/edivorce-environment-template.yaml @@ -334,7 +334,7 @@ parameters: value: jag-csb-edivorce-tools required: true - name: ENVIRONMENT_TYPE - displayName: Type of environnment (dev,test or prod). + displayName: Type of environnment (dev,test,prod or minishift). required: true - name: PROXY_NETWORK displayName: Network of upstream proxy (CIDR notation 0.0.0.0/0)