Clean dev.local configuration

GenomicDataInfrastructure · Dec 22, 2023 · ee2288d · ee2288d
1 parent 2cc12e6
commit ee2288d
Show file tree

Hide file tree

Showing 20 changed files with 48 additions and 8,509 deletions.
diff --git a/.env.example b/.env.example
@@ -1,40 +1,17 @@
-# Container names
-NGINX_CONTAINER_NAME=nginx
-REDIS_CONTAINER_NAME=redis
-POSTGRESQL_CONTAINER_NAME=db
-SOLR_CONTAINER_NAME=solr
-CKAN_CONTAINER_NAME=ckan
-WORKER_CONTAINER_NAME=ckan-worker
-
 # Host Ports
 CKAN_PORT_HOST=5500
-NGINX_PORT_HOST=81
-NGINX_SSLPORT_HOST=8443
 
-# CKAN databases
+# Postgres
 POSTGRES_USER=postgres
 POSTGRES_PASSWORD=postgres
 POSTGRES_DB=postgres
-POSTGRES_HOST=db
+POSTGRES_HOST=postgres
 CKAN_DB_USER=ckandbuser
 CKAN_DB_PASSWORD=ckandbpassword
 CKAN_DB=ckandb
-CKAN_SQLALCHEMY_URL=postgresql://ckandbuser:ckandbpassword@db/ckandb
-
-# Test database connections
-TEST_CKAN_SQLALCHEMY_URL=postgres://ckan:ckan@db/ckan_test
-TEST_CKAN_DATASTORE_WRITE_URL=postgresql://ckan:ckan@db/datastore_test
-TEST_CKAN_DATASTORE_READ_URL=postgresql://datastore_ro:datastore@db/datastore_test
-
-DATASTORE_READONLY_USER=datastore_ro
-DATASTORE_READONLY_PASSWORD=datastore
-DATASTORE_DB=datastore
-
-# Dev settings
-USE_HTTPS_FOR_DEV=false
 
-# CKAN core
-CKAN_VERSION=2.10.1
+# CKAN
+CKAN_VERSION=2.10.3
 CKAN_SITE_ID=default
 CKAN_SITE_URL=http://localhost:5500
 CKAN_PORT=5000
@@ -45,13 +22,15 @@ CKAN___API_TOKEN__JWT__DECODE__SECRET=string:CHANGE_ME
 CKAN_SYSADMIN_NAME=ckan_admin
 CKAN_SYSADMIN_PASSWORD=test1234
 CKAN_SYSADMIN_EMAIL=[email protected]
-CKAN_STORAGE_PATH=/var/lib/ckan
 CKAN_SMTP_SERVER=smtp.corporateict.domain:25
 CKAN_SMTP_STARTTLS=True
 CKAN_SMTP_USER=user
 CKAN_SMTP_PASSWORD=pass
 CKAN_SMTP_MAIL_FROM=ckan@localhost
-TZ=UTC
+CKAN_SQLALCHEMY_URL=postgresql://${CKAN_DB_USER}:${CKAN_DB_PASSWORD}@${POSTGRES_HOST}/${CKAN_DB}
+TEST_CKAN_SQLALCHEMY_URL=postgres://ckan:ckan@${POSTGRES_HOST}/ckan_test
+TEST_CKAN_DATASTORE_WRITE_URL=postgresql://ckan:ckan@${POSTGRES_HOST}/datastore_test
+TEST_CKAN_DATASTORE_READ_URL=postgresql://datastore_ro:datastore@${POSTGRES_HOST}/datastore_test
 
 # Solr
 SOLR_IMAGE_VERSION=2.10-solr9

diff --git a/_http/ckan.http b/_http/ckan.http
@@ -0,0 +1,5 @@
+GET http://localhost:5500/api/action/scheming_package_show?type=dataset&id=5eedc478-87b2-4947-8a9a-c90437440079
+
+###
+
+GET http://localhost:5500/api/action/scheming_dataset_schema_show?type=dataset&id=4611e835-ee00-49e8-a97a-9077759ce791
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -10,12 +10,10 @@ services:
     build:
       context: ckan/
       dockerfile: Dockerfile.dev
-      args:
-        - TZ=${TZ}
     env_file:
       - .env
     depends_on:
-      db:
+      postgres:
         condition: service_healthy
       solr:
         condition: service_healthy
@@ -31,10 +29,8 @@ services:
     restart: unless-stopped
     healthcheck:
       test: ["CMD", "wget", "-qO", "/dev/null", "http://localhost:5500"]
-    extra_hosts:
-      - "catalogue.local.gdi.lu:host-gateway"
 
-  db:
+  postgres:
     build:
       context: postgresql/
     environment:
@@ -44,9 +40,6 @@ services:
       - CKAN_DB_USER
       - CKAN_DB_PASSWORD
       - CKAN_DB
-      - DATASTORE_READONLY_USER
-      - DATASTORE_READONLY_PASSWORD
-      - DATASTORE_DB
       - KC_DB_USERNAME
       - KC_DB_PASSWORD
       - KC_DB_NAME
@@ -55,6 +48,8 @@ services:
     restart: unless-stopped
     healthcheck:
       test: ["CMD", "pg_isready", "-U", "${POSTGRES_USER}", "-d", "${POSTGRES_DB}"]
+    ports:
+      - "5432:5432"
 
   solr:
     image: ckan/ckan-solr:${SOLR_IMAGE_VERSION}
@@ -79,7 +74,7 @@ services:
     volumes:
       - ./keycloak/realms:/opt/keycloak/data/import:ro
     depends_on:
-      db:
+      postgres:
         condition: service_healthy
     environment:
       - KC_DB_URL
@@ -90,11 +85,3 @@ services:
       - KC_HOSTNAME
     healthcheck:
       test: ["CMD", "curl", "-o", "/dev/null", http://localhost:8080/health/ready"]
-
-  national_catalogue_mock:
-    build: national-node-catalogue-mock/
-    environment:
-      - HARVESTER_URL=${CKAN_SITE_URL}
-    ports:
-      - 8001:8001
-    restart: unless-stopped
diff --git a/keycloak/Dockerfile b/keycloak/Dockerfile
@@ -6,11 +6,13 @@ RUN dnf install --installroot /mnt/rootfs curl --releasever 9 --setopt install_w
     rpm --root /mnt/rootfs -e --nodeps setup
 
 # Second stage: build keycloak image
-FROM quay.io/keycloak/keycloak:latest
+FROM quay.io/keycloak/keycloak:23.0.3
 
 # Copy curl from the first stage
 COPY --from=ubi-micro-build /mnt/rootfs /
 
+USER keycloak
+
 # Enable health and metrics support
 ENV KC_HEALTH_ENABLED=true
 

diff --git a/keycloak/realms/ckan.json → keycloak/realms/ckan-realm.json b/keycloak/realms/ckan.json → keycloak/realms/ckan-realm.json
@@ -192,7 +192,7 @@
         "composite" : true,
         "composites" : {
           "client" : {
-            "realm-management" : [ "view-realm", "query-clients", "impersonation", "query-groups", "view-events", "manage-identity-providers", "manage-clients", "view-authorization", "manage-realm", "manage-authorization", "view-identity-providers", "view-users", "create-client", "view-clients", "query-realms", "manage-users", "manage-events", "query-users" ]
+            "realm-management" : [ "view-realm", "query-clients", "impersonation", "query-groups", "view-events", "manage-identity-providers", "manage-clients", "view-authorization", "manage-realm", "manage-authorization", "view-identity-providers", "create-client", "view-users", "query-realms", "view-clients", "manage-users", "manage-events", "query-users" ]
           }
         },
         "clientRole" : true,
@@ -383,6 +383,29 @@
   "webAuthnPolicyPasswordlessAcceptableAaguids" : [ ],
   "webAuthnPolicyPasswordlessExtraOrigins" : [ ],
   "users" : [ {
+    "id" : "52cacbab-c440-4385-9d5f-46aa4930b0e4",
+    "createdTimestamp" : 1703107576892,
+    "username" : "ckan_admin",
+    "enabled" : true,
+    "totp" : false,
+    "emailVerified" : false,
+    "firstName" : "CKAN",
+    "lastName" : "Admin",
+    "email" : "[email protected]",
+    "credentials" : [ {
+      "id" : "1c2c2caf-4556-479d-853f-9ed3c0ecb017",
+      "type" : "password",
+      "userLabel" : "My password",
+      "createdDate" : 1703107588036,
+      "secretData" : "{\"value\":\"urHSmjggWEph066Ed4l6c2qA63fShCx+ny7PA7pAquw=\",\"salt\":\"Zh3X+GfxGoMiZ1dZv3rnPw==\",\"additionalParameters\":{}}",
+      "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}"
+    } ],
+    "disableableCredentialTypes" : [ ],
+    "requiredActions" : [ ],
+    "realmRoles" : [ "default-roles-ckan" ],
+    "notBefore" : 0,
+    "groups" : [ ]
+  }, {
     "id" : "900af5fc-4c5c-4333-bcee-9855bfb0991d",
     "createdTimestamp" : 1701295297234,
     "username" : "service-account-ckan",
@@ -1191,7 +1214,7 @@
       "subType" : "authenticated",
       "subComponents" : { },
       "config" : {
-        "allowed-protocol-mapper-types" : [ "oidc-usermodel-property-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-full-name-mapper", "saml-user-attribute-mapper", "saml-role-list-mapper", "oidc-address-mapper", "oidc-usermodel-attribute-mapper", "saml-user-property-mapper" ]
+        "allowed-protocol-mapper-types" : [ "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-property-mapper", "saml-role-list-mapper", "saml-user-attribute-mapper", "oidc-full-name-mapper", "oidc-address-mapper", "oidc-usermodel-attribute-mapper", "saml-user-property-mapper" ]
       }
     }, {
       "id" : "1a9c6e95-2a93-47b4-83ee-b414941cac4e",
@@ -1235,7 +1258,7 @@
       "subType" : "anonymous",
       "subComponents" : { },
       "config" : {
-        "allowed-protocol-mapper-types" : [ "oidc-address-mapper", "oidc-full-name-mapper", "saml-role-list-mapper", "oidc-sha256-pairwise-sub-mapper", "saml-user-attribute-mapper", "oidc-usermodel-attribute-mapper", "saml-user-property-mapper", "oidc-usermodel-property-mapper" ]
+        "allowed-protocol-mapper-types" : [ "oidc-full-name-mapper", "saml-role-list-mapper", "oidc-usermodel-attribute-mapper", "oidc-usermodel-property-mapper", "oidc-sha256-pairwise-sub-mapper", "saml-user-property-mapper", "saml-user-attribute-mapper", "oidc-address-mapper" ]
       }
     }, {
       "id" : "c6451db3-895c-4b82-9b16-3923fc8161f4",
@@ -1841,7 +1864,7 @@
     "cibaInterval" : "5",
     "realmReusableOtpCode" : "false"
   },
-  "keycloakVersion" : "23.0.1",
+  "keycloakVersion" : "23.0.3",
   "userManagedAccessAllowed" : false,
   "clientProfiles" : {
     "profiles" : [ ]

diff --git a/national-node-catalogue-mock/Dockerfile b/national-node-catalogue-mock/Dockerfile