diff --git a/.vscode/settings.json b/.vscode/settings.json index 6ed02fc6..eab09775 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -14,14 +14,16 @@ "composer": "shellscript" }, "cSpell.words": [ - "MODESHAPE", - "POSTGRESQL", - "SIGTERM", "binarystorage", "catchable", "classpath", + "crond", "elif", "getenv", - "nativeplatform" + "getenv", + "MODESHAPE", + "nativeplatform", + "POSTGRESQL", + "SIGTERM" ] } \ No newline at end of file diff --git a/base/rootfs/etc/cont-init.d/00-container-environment-02-database-defaults.sh b/base/rootfs/etc/cont-init.d/00-container-environment-02-database-defaults.sh index d5a33614..a4d7b562 100755 --- a/base/rootfs/etc/cont-init.d/00-container-environment-02-database-defaults.sh +++ b/base/rootfs/etc/cont-init.d/00-container-environment-02-database-defaults.sh @@ -20,8 +20,10 @@ case "${DB_DRIVER}" in DB_HOST=$(&2 + echo "Only MySQL / PostgreSQL / SQLite are supported values for DB_DRIVER." >&2 exit 1 esac diff --git a/riprap/.dockerignore b/riprap/.dockerignore new file mode 100644 index 00000000..b43bf86b --- /dev/null +++ b/riprap/.dockerignore @@ -0,0 +1 @@ +README.md diff --git a/riprap/Dockerfile b/riprap/Dockerfile new file mode 100644 index 00000000..52d6fe9c --- /dev/null +++ b/riprap/Dockerfile @@ -0,0 +1,79 @@ +# syntax=docker/dockerfile:1.2.1 +ARG repository=local +ARG tag=latest +FROM --platform=$BUILDPLATFORM ${repository}/composer:${tag} AS composer + +RUN --mount=type=cache,id=riprap-composer,sharing=locked,target=/root/.composer/cache \ + --mount=type=cache,id=riprap-downloads,sharing=locked,target=/opt/downloads \ + COMMIT=7d7cae2d09dec20caa3c3f5752434af32401819e && \ + git-clone-cached.sh \ + --url https://github.com/mjordan/riprap.git \ + --cache-dir "${DOWNLOAD_CACHE_DIRECTORY}" \ + --commit "${COMMIT}" \ + --worktree /var/www/riprap && \ + composer install -d /var/www/riprap --no-dev + +FROM alpine:3.13.2 AS cache +FROM ${repository}/nginx:${tag} + +EXPOSE 8000 + +RUN --mount=type=cache,id=riprap-apk,sharing=locked,from=cache,target=/var/cache/apk \ + apk add php7-pdo_sqlite && \ + cleanup.sh + +# The driver is given explicitly as Rip Rap can be run on SQLite without +# further configuration. +ENV \ + RIPRAP_APP_ENV=dev \ + RIPRAP_APP_SECRET=f58c87e1d737c4422b45ba4310abede6 \ + RIPRAP_CROND_ENABLE_SERVICE=true \ + RIPRAP_CROND_LOG_LEVEL=8 \ + RIPRAP_CROND_SCHEDULE="0 0 1 * *" \ + RIPRAP_DB_DRIVER=sqlite \ + RIPRAP_DB_NAME=riprap \ + RIPRAP_DB_PASSWORD=password \ + RIPRAP_DB_USER=riprap \ + RIPRAP_LOG_LEVEL=debug \ + RIPRAP_MAILER_URL=null://localhost \ + RIPRAP_TRUSTED_HOSTS="" \ + RIPRAP_TRUSTED_PROXIES="" + +# Configuration specific to check fixity command: +ENV \ + RIPRAP_CONFIG_DIGEST_COMMAND=/usr/bin/sha1sum \ + RIPRAP_CONFIG_DRUPAL_BASEURL=https://islandora.traefik.me \ + RIPRAP_CONFIG_DRUPAL_CONTENT_TYPES="['islandora_object']" \ + RIPRAP_CONFIG_DRUPAL_FILE_FIELDNAMES="['field_media_audio', 'field_media_document', 'field_edited_text', 'field_media_file', 'field_media_image', 'field_media_video_file']" \ + RIPRAP_CONFIG_DRUPAL_MEDIA_AUTH="['admin', 'islandora']" \ + RIPRAP_CONFIG_DRUPAL_MEDIA_TAGS="[]" \ + RIPRAP_CONFIG_DRUPAL_PASSWORD=password \ + RIPRAP_CONFIG_DRUPAL_USER=admin \ + RIPRAP_CONFIG_EMAIL_FROM="" \ + RIPRAP_CONFIG_EMAIL_TO="" \ + RIPRAP_CONFIG_FAILURES_LOG_PATH=var/riprap_failed_events.log \ + RIPRAP_CONFIG_FEDORAAPI_DIGEST_HEADER_LEADER_PATTERN="^.+=" \ + RIPRAP_CONFIG_FEDORAAPI_METHOD=HEAD \ + RIPRAP_CONFIG_FIXITY_ALGORITHM=sha1 \ + RIPRAP_CONFIG_GEMINI_AUTH_HEADER="Bearer islandora" \ + RIPRAP_CONFIG_GEMINI_ENDPOINT=http://gemini:8000 \ + RIPRAP_CONFIG_JSONAPI_AUTHORIZATION_HEADERS="" \ + RIPRAP_CONFIG_JSONAPI_PAGE_SIZE=50 \ + RIPRAP_CONFIG_JSONAPI_PAGER_DATA_FILE_PATH=var/fetchresourcelist.from.drupal.pager.txt \ + RIPRAP_CONFIG_MAX_RESOURCES=1000 \ + RIPRAP_CONFIG_OUTPUT_CSV_PATH=var/riprap_events.csv \ + RIPRAP_CONFIG_PLUGINS_FETCHDIGEST=PluginFetchDigestFromShell \ + RIPRAP_CONFIG_PLUGINS_FETCHRESOURCELIST="['PluginFetchResourceListFromFile']" \ + RIPRAP_CONFIG_PLUGINS_PERSIST=PluginPersistToDatabase \ + RIPRAP_CONFIG_PLUGINS_POSTCHECK="['PluginPostCheckCopyFailures']" \ + RIPRAP_CONFIG_RESOURCE_DIR_PATHS="" \ + RIPRAP_CONFIG_RESOURCE_LIST_PATH="['resources/csv_file_list.csv']" \ + RIPRAP_CONFIG_THIN=false \ + RIPRAP_CONFIG_USE_FEDORA_URLS=true \ + RIPRAP_CONFIG_VIEWS_PAGER_DATA_FILE_PATH=var/fetchresourcelist.from.drupal.pager.txt + +COPY --from=composer --chown=nginx:nginx /var/www /var/www + +COPY rootfs / + +WORKDIR /var/www/riprap \ No newline at end of file diff --git a/riprap/README.md b/riprap/README.md new file mode 100644 index 00000000..1991d996 --- /dev/null +++ b/riprap/README.md @@ -0,0 +1,127 @@ +# Riprap + +Docker image for [Riprap] (**unreleased version**) micro-service. + +Please refer to the [Riprap Documentation] for more in-depth information. + +## Dependencies + +Requires `islandora/nginx` docker image to build. Please refer to the +[Nginx Image README](../nginx/README.md) for additional information including +additional settings, volumes, ports, etc. + +Additionally you can run with different database backends, by default it will +use the bundled SQLite backend which requires no additional configuration. +However if you wish to use a MySQL or PostgreSQL backend please refer to the +[MariaDB Image README](../mariadb/README.md) and +[PostgreSQL Image README](../postgresql/README.md) respectively, and change +`RIPRAP_DB_DRIVER` to your selected backend, along with any other +relevant settings. + +## Ports + +| Port | Description | +| :--- | :---------- | +| 8000 | HTTP | + +## Volumes + +| Path | Description | +| :----------------------------- | :------------------------------------- | +| /var/www/riprap/src/Migrations | Generated Migrations | +| /var/www/riprap/var | SQLite Database / Cache files location | + +## Settings + +### Confd Settings + +| Environment Variable | Confd Key | Default | Description | +| :-------------------------- | :--------------------------- | :------------------------------- | :------------------------------------------------------------------------------------------------------------------------------------ | +| RIPRAP_APP_ENV | /riprap/app/env | dev | Only 'dev' is supported at this time | +| RIPRAP_APP_SECRET | /riprap/app/secret | f58c87e1d737c4422b45ba4310abede6 | This is a string that should be unique to your application and it's commonly used to add more entropy to security related operations. | +| RIPRAP_CROND_ENABLE_SERVICE | /riprap/crond/enable/service | true | Enable / disable crond service | +| RIPRAP_CROND_LOG_LEVEL | /riprap/crond/log/level | 8 | The log level for crond | +| RIPRAP_CROND_SCHEDULE | /riprap/crond/schedule | 0 0 1 * * | The schedule for running check_fixity command, default is once a month | +| RIPRAP_LOG_LEVEL | /riprap/log/level | debug | Log level. Possible Values: debug, info, notice, warning, error, critical, alert, emergency, none | +| RIPRAP_MAILER_URL | /riprap/mailer/url | null://localhost | | +| RIPRAP_TRUSTED_HOSTS | /riprap/trusted/hosts | | | +| RIPRAP_TRUSTED_PROXIES | /riprap/trusted/proxies | | | + +You can generate your own secret using the following command: + +```bash +cat /dev/urandom | base64 | head -c 32 && echo "" +``` + +What follows is configuration specific to the check fixity command. Not all +configurations are applicable in all situations, they are largely dependent on +which plugins you enable. + +Please refer to the [Riprap Plugin Overview] and [Riprap Plugin Documentation] +for more in-depth information, as well as the [Riprap Plugins] themselves. + +If starting out fresh its recommend to use +`PluginFetchResourceListFromDrupalView` rather than +`PluginFetchResourceListFromDrupal` which is currently in the process of being +deprecated. + +| Environment Variable | Confd Key | Default | Description | +| :--------------------------------------------------- | :---------------------------------------------------- | :------------------------------------------------------------------------------------------------------------------------------------ | :----------------------------------------------------------------------------------------------------------------------------------------------------------- | +| RIPRAP_CONFIG_DIGEST_COMMAND | /riprap/config/digest/command | /usr/bin/sha1sum | | +| RIPRAP_CONFIG_DRUPAL_BASEURL | /riprap/config/drupal/baseurl | https://islandora.traefik.me | | +| RIPRAP_CONFIG_DRUPAL_CONTENT_TYPES | /riprap/config/drupal/content/types | ['islandora_object'] | | +| RIPRAP_CONFIG_DRUPAL_FILE_FIELDNAMES | /riprap/config/drupal/file/fieldnames | ['field_media_audio', 'field_media_document', 'field_edited_text', 'field_media_file', 'field_media_image', 'field_media_video_file'] | | +| RIPRAP_CONFIG_DRUPAL_MEDIA_AUTH | /riprap/config/drupal/media/auth | ['admin', 'islandora'] | | +| RIPRAP_CONFIG_DRUPAL_MEDIA_TAGS | /riprap/config/drupal/media/tags | [] | e.g. ['/taxonomy/term/15'] | +| RIPRAP_CONFIG_DRUPAL_PASSWORD | /riprap/config/drupal/password | password | | +| RIPRAP_CONFIG_DRUPAL_USER | /riprap/config/drupal/user | admin | | +| RIPRAP_CONFIG_EMAIL_FROM | /riprap/config/email/from | | | +| RIPRAP_CONFIG_EMAIL_TO | /riprap/config/email/to | | | +| RIPRAP_CONFIG_FAILURES_LOG_PATH | /riprap/config/failures/log/path | var/riprap_failed_events.log | Absolute or relative to the Riprap application directory | +| RIPRAP_CONFIG_FEDORAAPI_DIGEST_HEADER_LEADER_PATTERN | /riprap/config/fedoraapi/digest/header/leader/pattern | "^.+=" | var/riprap_failed_events.log | +| RIPRAP_CONFIG_FEDORAAPI_METHOD | /riprap/config/fedoraapi/method | HEAD | | +| RIPRAP_CONFIG_FIXITY_ALGORITHM | /riprap/config/fixity/algorithm | sha1 | One of 'md5', 'sha1', or 'sha256' | +| RIPRAP_CONFIG_GEMINI_AUTH_HEADER | /riprap/config/gemini/auth/header | "Bearer islandora" | | +| RIPRAP_CONFIG_GEMINI_ENDPOINT | /riprap/config/gemini/endpoint | http://gemini:8000 | | +| RIPRAP_CONFIG_JSONAPI_AUTHORIZATION_HEADERS | /riprap/config/jsonapi/authorization/headers | | e.g. ['Authorization: Basic YWRtaW46aXNsYW5kb3Jh'] | +| RIPRAP_CONFIG_JSONAPI_PAGER_DATA_FILE_PATH | /riprap/config/jsonapi/pager/data/file/path | var/fetchresourcelist.from.drupal.pager.txt | Absolute or relative to the Riprap application directory | +| RIPRAP_CONFIG_JSONAPI_PAGE_SIZE | /riprap/config/jsonapi/page/size | 50 | | +| RIPRAP_CONFIG_MAX_RESOURCES | /riprap/config/max/resources | 1000 | Must be a multiple of RIPRAP_CONFIG_JSONAPI_PAGE_SIZE | +| RIPRAP_CONFIG_OUTPUT_CSV_PATH | /riprap/config/output/csv/path | var/riprap_events.csv | | +| RIPRAP_CONFIG_PLUGINS_FETCHDIGEST | /riprap/config/plugins/fetchdigest | PluginFetchDigestFromShell | Either "PluginFetchDigestFromDrupal", "PluginFetchDigestFromFedoraAPI", or "PluginFetchDigestFromShell" | +| RIPRAP_CONFIG_PLUGINS_FETCHRESOURCELIST | /riprap/config/plugins/fetchresourcelist | ['PluginFetchResourceListFromFile'] | Either "PluginFetchResourceListFromDrupal", "PluginFetchResourceListFromDrupalView", "PluginFetchResourceListFromFile", or "PluginFetchResourceListFromGlob" | +| RIPRAP_CONFIG_PLUGINS_PERSIST | /riprap/config/plugins/persist | PluginPersistToDatabase | Either "PluginPersistToCsv" or "PluginPersistToDatabase" | +| RIPRAP_CONFIG_PLUGINS_POSTCHECK | /riprap/config/plugins/postcheck | ['PluginPostCheckCopyFailures'] | Either "PluginPostCheckCopyFailures", "PluginPostCheckMailFailures", "PluginPostCheckMigrateFedora3AuditLog", "PluginPostCheckSayHello", or unspecified | +| RIPRAP_CONFIG_RESOURCE_DIR_PATHS | /riprap/config/resource/dir/paths | | e.g. ['resources/filesystemexample/resourcefiles'] | +| RIPRAP_CONFIG_RESOURCE_LIST_PATH | /riprap/config/resource/list/path | ['resources/csv_file_list.csv'] | | +| RIPRAP_CONFIG_THIN | /riprap/config/thin | false | | +| RIPRAP_CONFIG_USE_FEDORA_URLS | /riprap/config/use/fedora/urls | true | | +| RIPRAP_CONFIG_VIEWS_PAGER_DATA_FILE_PATH | /riprap/config/views/pager/data/file/path | var/fetchresourcelist.from.drupal.pager.txt | | + +> N.B. Configuration list was generated by searching for all instances of +> `$this->settings['some_setting']` in the riprap repository. When upgrading +> riprap commit be sure to check that the options for configuration have been +> updated appropriately along with their defaults. + +### Database Settings + +[Riprap] can optionally make use of different database backends. Please see +the documentation in the [base image] for more information about the default +database connection configuration. + +Aside from `RIPRAP_DB_DRIVER`, the following settings are only used if +`RIPRAP_DB_DRIVER` is set to `mysql` or `postgresql`. + +| Environment Variable | Confd Key | Default | Description | +| :------------------- | :------------------ | :------- | :------------------------------------------------------------ | +| RIPRAP_DB_DRIVER | /riprap/db/driver | sqlite | The database driver either 'sqlite', 'mysql', or 'postgresql' | +| RIPRAP_DB_NAME | /riprap/db/name | riprap | The name of the database | +| RIPRAP_DB_PASSWORD | /riprap/db/password | password | The database users password | +| RIPRAP_DB_USER | /riprap/db/user | riprap | The database user | + +[base image]: ../base/README.md +[Riprap Documentation]: https://github.com/mjordan/riprap#riprap +[Riprap Plugin Documentation]: https://github.com/mjordan/riprap/blob/master/docs/plugins.md +[Riprap Plugin Overview]: https://github.com/mjordan/riprap#plugins +[Riprap Plugins]: https://github.com/mjordan/riprap/tree/master/src/Plugin +[Riprap]: https://github.com/mjordan/riprap diff --git a/riprap/rootfs/etc/confd/conf.d/.env.toml b/riprap/rootfs/etc/confd/conf.d/.env.toml new file mode 100644 index 00000000..42cece18 --- /dev/null +++ b/riprap/rootfs/etc/confd/conf.d/.env.toml @@ -0,0 +1,7 @@ +[template] +src = ".env.tmpl" +dest = "/var/www/riprap/.env" +uid = 100 +gid = 101 +mode = "0644" +keys = [ "/" ] \ No newline at end of file diff --git a/riprap/rootfs/etc/confd/conf.d/cron_config.yml.toml b/riprap/rootfs/etc/confd/conf.d/cron_config.yml.toml new file mode 100644 index 00000000..cd68de50 --- /dev/null +++ b/riprap/rootfs/etc/confd/conf.d/cron_config.yml.toml @@ -0,0 +1,7 @@ +[template] +src = "cron_config.yml.tmpl" +dest = "/var/www/riprap/cron_config.yaml" +uid = 100 +gid = 101 +mode = "0644" +keys = [ "/" ] \ No newline at end of file diff --git a/riprap/rootfs/etc/confd/conf.d/doctrine.yaml.toml b/riprap/rootfs/etc/confd/conf.d/doctrine.yaml.toml new file mode 100644 index 00000000..23f0212c --- /dev/null +++ b/riprap/rootfs/etc/confd/conf.d/doctrine.yaml.toml @@ -0,0 +1,7 @@ +[template] +src = "doctrine.yaml.tmpl" +dest = "/var/www/riprap/config/packages/doctrine.yaml" +uid = 100 +gid = 101 +mode = "0644" +keys = [ "/" ] \ No newline at end of file diff --git a/riprap/rootfs/etc/confd/conf.d/monolog.yaml.toml b/riprap/rootfs/etc/confd/conf.d/monolog.yaml.toml new file mode 100644 index 00000000..ddeb9511 --- /dev/null +++ b/riprap/rootfs/etc/confd/conf.d/monolog.yaml.toml @@ -0,0 +1,7 @@ +[template] +src = "monolog.yaml.tmpl" +dest = "/var/www/riprap/config/packages/dev/monolog.yaml" +uid = 100 +gid = 101 +mode = "0644" +keys = [ "/" ] diff --git a/riprap/rootfs/etc/confd/templates/.env.tmpl b/riprap/rootfs/etc/confd/templates/.env.tmpl new file mode 100644 index 00000000..0397369a --- /dev/null +++ b/riprap/rootfs/etc/confd/templates/.env.tmpl @@ -0,0 +1,35 @@ +# This file is a "template" of which env vars need to be defined for your application +# Copy this file to .env file for development, create environment variables when deploying to production +# https://symfony.com/doc/current/best_practices/configuration.html#infrastructure-related-configuration + +###> symfony/framework-bundle ### +APP_ENV={{ getenv "RIPRAP_APP_ENV" }} +APP_SECRET={{ getenv "RIPRAP_APP_SECRET" }} +{{ if ne (getenv "RIPRAP_TRUSTED_PROXIES") "" }} +TRUSTED_PROXIES={{ getenv "RIPRAP_TRUSTED_PROXIES" }} +{{ end }} +{{ if ne (getenv "RIPRAP_TRUSTED_HOSTS") "" }} +TRUSTED_HOSTS={{ getenv "RIPRAP_TRUSTED_HOSTS" }} +{{ end }} +###< symfony/framework-bundle ### + +###> doctrine/doctrine-bundle ### +# Format described at http://docs.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/configuration.html#connecting-using-a-url +# Configure your db driver and server_version in config/packages/doctrine.yaml +{{ if eq (getenv "DB_DRIVER") "sqlite" }} +DATABASE_URL=sqlite:///%kernel.project_dir%/var/data.db +{{ end }} +{{ if eq (getenv "DB_DRIVER") "mysql" }} +DATABASE_URL=mysql://{{ getenv "RIPRAP_DB_USER" }}:{{ getenv "RIPRAP_DB_PASSWORD" }}@{{ getenv "DB_MYSQL_HOST" }}:{{ getenv "DB_MYSQL_PORT" }}/{{ getenv "RIPRAP_DB_NAME" }} +{{ end }} +{{ if eq (getenv "DB_DRIVER") "postgresql" }} +DATABASE_URL=pgsql://{{ getenv "RIPRAP_DB_USER" }}:{{ getenv "RIPRAP_DB_PASSWORD" }}@{{ getenv "DB_POSTGRESQL_HOST" }}:{{ getenv "DB_POSTGRESQL_PORT" }}/{{ getenv "RIPRAP_DB_NAME" }} +{{ end }} +###< doctrine/doctrine-bundle ### + +###> symfony/swiftmailer-bundle ### +# For Gmail as a transport, use: "gmail://username:password@localhost" +# For a generic SMTP server, use: "smtp://localhost:25?encryption=&auth_mode=" +# Delivery is disabled by default via "null://localhost" +MAILER_URL={{ getenv "RIPRAP_MAILER_URL" }} +###< symfony/swiftmailer-bundle ### \ No newline at end of file diff --git a/riprap/rootfs/etc/confd/templates/cron_config.yml.tmpl b/riprap/rootfs/etc/confd/templates/cron_config.yml.tmpl new file mode 100644 index 00000000..03fab0b3 --- /dev/null +++ b/riprap/rootfs/etc/confd/templates/cron_config.yml.tmpl @@ -0,0 +1,40 @@ +# Riprap config file used by the crond service. +# +# Requires that the "Riprap resource list" View be enabled in +# the Islandora instance. This View is bundled with the Islandora Riprap +# module. +# +# This plugin is agnostic to which media have fixity event checks performed +# on them. The filters in the "Riprap resource list" View determine that. +# See the View's filter criteria GUI for examples. + +digest_command: '{{ getenv "RIPRAP_CONFIG_DIGEST_COMMAND" }}' +drupal_baseurl: '{{ getenv "RIPRAP_CONFIG_DRUPAL_BASEURL" }}' +drupal_content_types: {{ getenv "RIPRAP_CONFIG_DRUPAL_CONTENT_TYPES" }} +drupal_file_fieldnames: {{ getenv "RIPRAP_CONFIG_DRUPAL_FILE_FIELDNAMES" }} +drupal_media_auth: {{ getenv "RIPRAP_CONFIG_DRUPAL_MEDIA_AUTH" }} +drupal_media_tags: {{ getenv "RIPRAP_CONFIG_DRUPAL_MEDIA_TAGS" }} +drupal_password: '{{ getenv "RIPRAP_CONFIG_DRUPAL_PASSWORD" }}' +drupal_user: '{{ getenv "RIPRAP_CONFIG_DRUPAL_USER" }}' +email_from: '{{ getenv "RIPRAP_CONFIG_EMAIL_FROM" }}' +email_to: '{{ getenv "RIPRAP_CONFIG_EMAIL_TO" }}' +failures_log_path: '{{ getenv "RIPRAP_CONFIG_FAILURES_LOG_PATH" }}' +fedoraapi_digest_header_leader_pattern: '{{ getenv "RIPRAP_CONFIG_FEDORAAPI_DIGEST_HEADER_LEADER_PATTERN" }}' +fedoraapi_method: '{{ getenv "RIPRAP_CONFIG_FEDORAAPI_METHOD" }}' +fixity_algorithm: '{{ getenv "RIPRAP_CONFIG_FIXITY_ALGORITHM" }}' +gemini_auth_header: '{{ getenv "RIPRAP_CONFIG_GEMINI_AUTH_HEADER" }}' +gemini_endpoint: '{{ getenv "RIPRAP_CONFIG_GEMINI_ENDPOINT" }}' +jsonapi_authorization_headers: '{{ getenv "RIPRAP_CONFIG_JSONAPI_AUTHORIZATION_HEADERS" }}' +jsonapi_pager_data_file_path: '{{ getenv "RIPRAP_CONFIG_JSONAPI_PAGER_DATA_FILE_PATH" }}' +jsonapi_page_size: {{ getenv "RIPRAP_CONFIG_JSONAPI_PAGE_SIZE" }} +max_resources: {{ getenv "RIPRAP_CONFIG_MAX_RESOURCES" }} +output_csv_path: '{{ getenv "RIPRAP_CONFIG_OUTPUT_CSV_PATH" }}' +plugins.fetchdigest: '{{ getv "/config/plugins.fetchdigest" (getenv "RIPRAP_CONFIG_PLUGINS_FETCHDIGEST") }}' +plugins.fetchresourcelist: {{ getv "/config/plugins.fetchresourcelist" (getenv "RIPRAP_CONFIG_PLUGINS_FETCHRESOURCELIST") }} +plugins.persist: '{{ getv "/config/plugins.persist" (getenv "RIPRAP_CONFIG_PLUGINS_PERSIST") }}' +plugins.postcheck: {{ getv "/config/plugins.postcheck" (getenv "RIPRAP_CONFIG_PLUGINS_POSTCHECK") }} +resource_dir_paths: {{ getenv "RIPRAP_CONFIG_RESOURCE_DIR_PATHS" }} +resource_list_path: {{ getenv "RIPRAP_CONFIG_RESOURCE_LIST_PATH" }} +thin: {{ getenv "RIPRAP_CONFIG_THIN" }} +use_fedora_urls: {{ getenv "RIPRAP_CONFIG_USE_FEDORA_URLS" }} +views_pager_data_file_path: '{{ getenv "RIPRAP_CONFIG_VIEWS_PAGER_DATA_FILE_PATH" }}' \ No newline at end of file diff --git a/riprap/rootfs/etc/confd/templates/doctrine.yaml.tmpl b/riprap/rootfs/etc/confd/templates/doctrine.yaml.tmpl new file mode 100644 index 00000000..3f137bd4 --- /dev/null +++ b/riprap/rootfs/etc/confd/templates/doctrine.yaml.tmpl @@ -0,0 +1,32 @@ +parameters: + # Adds a fallback DATABASE_URL if the env var is not set. + # This allows you to run cache:warmup even if your + # environment variables are not available yet. + # You should not need to change this value. + env(DATABASE_URL): '' + +doctrine: + dbal: +{{ if eq (getenv "DB_DRIVER") "mysql" }} + driver: 'pdo_mysql' + charset: utf8mb4 + default_table_options: + charset: utf8mb4 + collate: utf8mb4_unicode_ci +{{ end }} +{{ if eq (getenv "DB_DRIVER") "postgresql" }} + driver: 'pdo_pgsql' + charset: utf8 +{{ end }} + url: '%env(resolve:DATABASE_URL)%' + orm: + auto_generate_proxy_classes: '%kernel.debug%' + naming_strategy: doctrine.orm.naming_strategy.underscore_number_aware + auto_mapping: true + mappings: + App: + is_bundle: false + type: annotation + dir: '%kernel.project_dir%/src/Entity' + prefix: 'App\Entity' + alias: App \ No newline at end of file diff --git a/riprap/rootfs/etc/confd/templates/monolog.yaml.tmpl b/riprap/rootfs/etc/confd/templates/monolog.yaml.tmpl new file mode 100644 index 00000000..1b9a3f28 --- /dev/null +++ b/riprap/rootfs/etc/confd/templates/monolog.yaml.tmpl @@ -0,0 +1,20 @@ +monolog: + handlers: + main: + type: stream + # path: "%kernel.logs_dir%/%kernel.environment%.log" + path: "php://stderr" + level: {{ getenv "RIPRAP_LOG_LEVEL" }} + channels: ["!event"] + # uncomment to get logging in your browser + # you may have to allow bigger header sizes in your Web server configuration + #firephp: + # type: firephp + # level: info + #chromephp: + # type: chromephp + # level: info + console: + type: console + process_psr_3_messages: false + channels: ["!event", "!doctrine", "!console"] \ No newline at end of file diff --git a/riprap/rootfs/etc/cont-init.d/03-riprap-setup.sh b/riprap/rootfs/etc/cont-init.d/03-riprap-setup.sh new file mode 100755 index 00000000..5d88eb10 --- /dev/null +++ b/riprap/rootfs/etc/cont-init.d/03-riprap-setup.sh @@ -0,0 +1,80 @@ +#!/usr/bin/with-contenv bash +set -e + +function mysql_create_database { + cat <<- EOF | create-database.sh +-- Create database in mariadb or mysql. +CREATE DATABASE IF NOT EXISTS ${RIPRAP_DB_NAME} CHARACTER SET utf8 COLLATE utf8_general_ci; + +-- Create user and grant rights. +CREATE USER IF NOT EXISTS '${RIPRAP_DB_USER}'@'%' IDENTIFIED BY '${RIPRAP_DB_PASSWORD}'; +GRANT ALL PRIVILEGES ON ${RIPRAP_DB_NAME}.* to '${RIPRAP_DB_USER}'@'%'; +FLUSH PRIVILEGES; + +-- Update user password if changed. +SET PASSWORD FOR ${RIPRAP_DB_USER}@'%' = PASSWORD('${RIPRAP_DB_PASSWORD}') +EOF +} + +function postgresql_create_database { + cat <<- EOF | create-database.sh +BEGIN; + +DO \$\$ +BEGIN + IF NOT EXISTS (SELECT 1 FROM pg_roles WHERE rolname = '${RIPRAP_DB_USER}') THEN + CREATE ROLE ${RIPRAP_DB_USER}; + END IF; +END +\$\$; + +ALTER ROLE ${RIPRAP_DB_USER} WITH LOGIN; +ALTER USER ${RIPRAP_DB_USER} PASSWORD '${RIPRAP_DB_PASSWORD}'; + +ALTER DATABASE ${RIPRAP_DB_NAME} OWNER TO ${RIPRAP_DB_USER}; +GRANT ALL PRIVILEGES ON DATABASE ${RIPRAP_DB_NAME} TO ${RIPRAP_DB_USER}; + +COMMIT; +EOF +} + +function create_database { + case "${DB_DRIVER}" in + sqlite) + # Running migrations will create the database. + ;; + mysql) + mysql_create_database + ;; + postgresql) + postgresql_create_database + ;; + *) + echo "Only SQLite/MySQL/PostgresSQL databases are supported for now." >&2 + exit 1 + esac +} + +function setup_cron { + if [[ "${RIPRAP_CROND_ENABLE_SERVICE}" == "true" ]]; then + cat <("test") \ No newline at end of file diff --git a/riprap/tests/ServiceStartsWithBackendMySQL/docker-compose.yml b/riprap/tests/ServiceStartsWithBackendMySQL/docker-compose.yml new file mode 100644 index 00000000..2d06f2e4 --- /dev/null +++ b/riprap/tests/ServiceStartsWithBackendMySQL/docker-compose.yml @@ -0,0 +1,13 @@ +# file: docker-compose.yml +version: "3.8" +services: + mariadb: + image: ${MYSQL_IMAGE:-local/mariadb:latest} + riprap: + environment: + RIPRAP_DB_DRIVER: mysql + volumes: + - ./test.sh:/test.sh # Test to run. + command: + - /test.sh # Run test and exit. + image: ${BASE_IMAGE:-local/riprap:latest} \ No newline at end of file diff --git a/riprap/tests/ServiceStartsWithBackendMySQL/test.sh b/riprap/tests/ServiceStartsWithBackendMySQL/test.sh new file mode 100755 index 00000000..e5f348e5 --- /dev/null +++ b/riprap/tests/ServiceStartsWithBackendMySQL/test.sh @@ -0,0 +1,31 @@ +#!/usr/bin/with-contenv bash + +source /usr/local/share/isle/utilities.sh + +function count { + cat <<- EOF | execute-sql-file.sh --database "${DB_NAME}" - -- -N 2>/dev/null +SELECT COUNT(*) as count FROM fixity_check_event; +EOF +} + +# Exit non-zero if database does not exist. +cat <<- EOF | execute-sql-file.sh +use ${DB_NAME} +EOF + +# Perform check-fixity (ingests from CSV). +check-fixity.sh "--settings=/var/www/riprap/cron_config.yaml" + +# Query the database to determine if the expected number of checks occured. +rows=$(count) + +# Check if results meet expectations. +if [[ "${rows}" != "3" ]]; then + echo "Failed to created the expected number of rows: ${rows}!=3." + exit 1 +else + echo "Created the expected number of rows." +fi + +# All tests were successful +exit 0 \ No newline at end of file diff --git a/riprap/tests/ServiceStartsWithBackendPostgreSQL/build.gradle.kts b/riprap/tests/ServiceStartsWithBackendPostgreSQL/build.gradle.kts new file mode 100644 index 00000000..975756eb --- /dev/null +++ b/riprap/tests/ServiceStartsWithBackendPostgreSQL/build.gradle.kts @@ -0,0 +1,2 @@ +import tasks.tests.DockerComposeTest +tasks.register("test") \ No newline at end of file diff --git a/riprap/tests/ServiceStartsWithBackendPostgreSQL/docker-compose.yml b/riprap/tests/ServiceStartsWithBackendPostgreSQL/docker-compose.yml new file mode 100644 index 00000000..406b3479 --- /dev/null +++ b/riprap/tests/ServiceStartsWithBackendPostgreSQL/docker-compose.yml @@ -0,0 +1,14 @@ +# file: docker-compose.yml +version: "3.8" +services: + postgresql: + image: ${MYSQL_IMAGE:-local/postgresql:latest} + riprap: + # Allow downstream container to override `DB` environment variables. + environment: + RIPRAP_DB_DRIVER: postgresql + volumes: + - ./test.sh:/test.sh # Test to run. + command: + - /test.sh # Run test and exit. + image: ${BASE_IMAGE:-local/riprap:latest} \ No newline at end of file diff --git a/riprap/tests/ServiceStartsWithBackendPostgreSQL/test.sh b/riprap/tests/ServiceStartsWithBackendPostgreSQL/test.sh new file mode 100755 index 00000000..8ab16a96 --- /dev/null +++ b/riprap/tests/ServiceStartsWithBackendPostgreSQL/test.sh @@ -0,0 +1,26 @@ +#!/usr/bin/with-contenv bash + +source /usr/local/share/isle/utilities.sh + +function count { + cat <("test") \ No newline at end of file diff --git a/riprap/tests/ServiceStartsWithBackendSqlite/docker-compose.yml b/riprap/tests/ServiceStartsWithBackendSqlite/docker-compose.yml new file mode 100644 index 00000000..476a6df9 --- /dev/null +++ b/riprap/tests/ServiceStartsWithBackendSqlite/docker-compose.yml @@ -0,0 +1,9 @@ +# file: docker-compose.yml +version: "3.8" +services: + riprap: + volumes: + - ./test.sh:/test.sh # Test to run. + command: + - /test.sh # Run test and exit. + image: ${BASE_IMAGE:-local/riprap:latest} \ No newline at end of file diff --git a/riprap/tests/ServiceStartsWithBackendSqlite/test.sh b/riprap/tests/ServiceStartsWithBackendSqlite/test.sh new file mode 100755 index 00000000..17eab802 --- /dev/null +++ b/riprap/tests/ServiceStartsWithBackendSqlite/test.sh @@ -0,0 +1,36 @@ +#!/usr/bin/with-contenv bash + +source /usr/local/share/isle/utilities.sh + +# Perform check-fixity (ingests from CSV). +check-fixity.sh "--settings=/var/www/riprap/cron_config.yaml" + +# Confirm sqlite database exists. +test -e /var/www/riprap/var/data.db + +# Query the database to determine if the expected number of checks occured. +rows=$( +cat <<'EOF' | php -f /dev/stdin +query($sql); +if($result){ + while($row = $result->fetch(PDO::FETCH_ASSOC)){ + echo $row['count']; + } +} +?> +EOF +) + +# Check if results meet expectations. +if [[ "${rows}" != "3" ]]; then + echo "Failed to created the expected number of rows: ${rows}!=3." + exit 1 +else + echo "Created the expected number of rows." +fi + +# All tests were successful +exit 0 \ No newline at end of file diff --git a/riprap/tests/ServiceStartsWithDefaults/build.gradle.kts b/riprap/tests/ServiceStartsWithDefaults/build.gradle.kts new file mode 100644 index 00000000..c1430982 --- /dev/null +++ b/riprap/tests/ServiceStartsWithDefaults/build.gradle.kts @@ -0,0 +1,4 @@ +import tasks.tests.ServiceStartsWithDefaultsTest +tasks.register("test") { + waitForMessage.set("NOTICE: ready to handle connections") +}