Commit 95b7d2fa authored by Nicolas CASTEJON's avatar Nicolas CASTEJON
Browse files

Merge branch 'development' into 'master'

Update the license

See merge request !9
parents 8f2314eb 55e727a7
Pipeline #4064 passed with stage
in 20 seconds
stages:
- sonar-analysis
- build
- deploy
variables:
LEGACY_AUTH_SERVICE_URL: https://download.data.grandlyon.com/auth
ADMIN_USERNAME: data-beta-grandlyon-com
USER_SUPPORT_MAILBOX: alpha-test@erasme.org
ACCESS_TOKEN_COOKIE_KEY: access_token
SONAR_URL: https://sonarqube.forge.grandlyon.com
sonarqube:
stage: sonar-analysis
only:
- master
before_script:
- export PATH=$PATH:/usr/local/bin/sonar-scanner-3.2.0.1227-linux/bin/
- export NODE_PATH=$NODE_PATH:`npm root -g`
script:
- >
sonar-scanner
-Dsonar.projectName=${SONAR_PROJECT_KEY}
-Dsonar.projectVersion=1.0
-Dsonar.sourceEncoding=UTF-8
-Dsonar.projectBaseDir=.
-Dsonar.host.url=${SONAR_URL}
-Dsonar.projectKey=${SONAR_PROJECT_KEY}
-Dsonar.login=${SONAR_TOKEN}
build_development:
stage: build
only:
- development
script:
- export TAG=dev
- export TAG=$CI_COMMIT_SHORT_SHA
- export MIDDLEWARE_LEGACY_SERVICE_BIND_PORT=3004
- export REDIS_SENTINEL_PORT=26379
- export REDIS_SENTINEL_EXPOSED_PORT=26379
- export REDIS_SLAVE_PORT=6380
- export REDIS_MASTER_PORT=6379
- docker-compose build
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
- docker-compose push
- "curl -X POST -F token=$CI_JOB_TOKEN -F ref=master -F variables[TAG]=${TAG} https://forge.grandlyon.com/api/v4/projects/337/trigger/pipeline"
build_release:
stage: build
only:
- tags
# except:
# - /^(?!master).+@/
script:
- export TAG=$(echo $CI_COMMIT_TAG | sed 's/v//g')
- export MIDDLEWARE_LEGACY_SERVICE_BIND_PORT=3004
- export REDIS_SENTINEL_PORT=26379
- export REDIS_SENTINEL_EXPOSED_PORT=26379
- export REDIS_SLAVE_PORT=6380
- export REDIS_MASTER_PORT=6379
- docker-compose build
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
- docker-compose push
deploy_development:
stage: deploy
only:
- development
script:
- export TAG=dev
- export MIDDLEWARE_LEGACY_SERVICE_BIND_PORT=3004
- export REDIS_SENTINEL_PORT=26379
- export REDIS_SLAVE_PORT=6380
- export REDIS_MASTER_PORT=6379
- export SERVICE_EMAIL_URL=http://vm-refonte-data-2:9000/email
- export FRONT_END_URL=https://data-reloaded-dev.alpha.grandlyon.com/fr
- export API_KEY=$DEV_API_KEY
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
- docker-compose pull
- docker-compose --project-name middleware-legacy-auth-${TAG} up -d --force-recreate
environment:
name: development
deploy_staging:
stage: deploy
only:
- development
when: manual
script:
- export TAG=staging
- export MIDDLEWARE_LEGACY_SERVICE_BIND_PORT=3104
- export REDIS_SENTINEL_PORT=26479
- export REDIS_SLAVE_PORT=6480
- export REDIS_MASTER_PORT=6479
- export SERVICE_EMAIL_URL=http://vm-refonte-data-2:9100/email
- export FRONT_END_URL=https://data-reloaded-rec.alpha.grandlyon.com/fr
- export API_KEY=$REC_API_KEY
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
- TAG=dev docker-compose pull
- export REGISTRY_PATH=web-et-numerique/web-et-numerique-internet/data.grandlyon.com/web-portal/components/middlewares/legacy-auth
- docker tag $CI_REGISTRY/$REGISTRY_PATH:dev $CI_REGISTRY/$REGISTRY_PATH:${TAG}
- docker push $CI_REGISTRY/$REGISTRY_PATH:${TAG}
- docker-compose --project-name middleware-legacy-auth-${TAG} up -d --force-recreate
environment:
name: staging
- docker-compose push
\ No newline at end of file
This diff is collapsed.
# Legacy AUTH middleware
## Installation
This middleware has been developed with the [NestJS](https://nestjs.com/) framework. It requires [Node.js](https://nodejs.org/en/) in order to run.
Once Node.js installed on your computer, you will need to install the project's dependencies. Go to the root of the project and run the following command.
```bash
$ npm install
npm install
```
## Environment variables
......@@ -13,7 +19,7 @@ For a local deployment:
1. `cp template.env .env`
2. Edit .env according to the chosen configuration
The values will be read from the file by default, but you can override any of those by exporting manually the variable before launching the service.
The values will be read from the file by default when running with docker. If you run the service outside of docker you can export those variables.
## Running the app without docker
......@@ -21,26 +27,26 @@ You will need to provide a healthy connection to a database in order for the ser
```bash
# development
$ npm run start
npm run start
# watch mode
$ npm run start:dev
npm run start:dev
# production mode
$ npm run start:prod
npm run start:prod
```
## Running the app with docker
```bash
# build
$ docker-compose build
docker-compose build
# deploy
$ docker-compose up [-d]
docker-compose up [-d]
# build and deploy
$ docker-compose up --build [-d]
docker-compose up --build [-d]
```
<!-- ## Test
......@@ -54,6 +60,4 @@ $ npm run test:e2e
# test coverage
$ npm run test:cov
``` -->
``` -->
\ No newline at end of file
......@@ -13,50 +13,50 @@ services:
- SERVICE_EMAIL_URL=${SERVICE_EMAIL_URL}
- USER_SUPPORT_MAILBOX=${USER_SUPPORT_MAILBOX}
- FRONT_END_URL=${FRONT_END_URL}
- VALIDATE_ACCOUNT_URI=connexion
- PASSWORD_RESET_URI=reinitialiser-mon-mot-de-passe
- VALIDATE_ACCOUNT_URI=${VALIDATE_ACCOUNT_URI}
- PASSWORD_RESET_URI=${PASSWORD_RESET_URI}
- API_KEY=${API_KEY}
- ACCESS_TOKEN_COOKIE_KEY=${ACCESS_TOKEN_COOKIE_KEY}
- IMAGE_HOST=https://minio.alpha.grandlyon.com/email-template-assets
- REDIS_SENTINEL_HOST=redis-sentinel-1
- REDIS_SENTINEL_PORT=26379
- REDIS_GROUP_NAME=mymaster
- IMAGE_HOST=${IMAGE_HOST}
- REDIS_SENTINEL_HOST=${REDIS_SENTINEL_HOST}
- REDIS_SENTINEL_PORT=${REDIS_SENTINEL_PORT}
- REDIS_GROUP_NAME=${REDIS_GROUP_NAME}
restart: unless-stopped
depends_on:
- redis-sentinel-1
- redis-sentinel
redis-master:
image: 'bitnami/redis:latest'
image: 'bitnami/redis:5.0.5'
environment:
- ALLOW_EMPTY_PASSWORD=yes
- ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}
ports:
- '${REDIS_MASTER_PORT}:6379'
volumes:
- redis-master:/bitnami/redis/data
restart: unless-stopped
redis-sentinel-1:
image: 'bitnami/redis-sentinel:latest'
redis-sentinel:
image: 'bitnami/redis-sentinel:5.0.5'
environment:
- REDIS_MASTER_HOST=redis-master
- REDIS_MASTER_SET=mymaster
- REDIS_MASTER_HOST=${REDIS_MASTER_HOST}
- REDIS_MASTER_SET=${REDIS_GROUP_NAME}
ports:
- '${REDIS_SENTINEL_PORT}:26379'
volumes:
- redis-sentinel-1:/bitnami/redis/data
- '${REDIS_SENTINEL_EXPOSED_PORT}:26379'
restart: unless-stopped
redis-slave-1:
image: 'bitnami/redis:latest'
command: redis-server --bind 0.0.0.0 --slaveof redis-master 6379 --dir /bitnami/redis/data
redis-slave:
image: 'bitnami/redis:5.0.5'
environment:
- ALLOW_EMPTY_PASSWORD=yes
- ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}
ports:
- '${REDIS_SLAVE_PORT}:6379'
command: redis-server --bind 0.0.0.0 --slaveof redis-master 6379 --dir /bitnami/redis/data
volumes:
- redis-slave-1:/bitnami/redis/data
restart: unless-stopped
volumes:
redis-master:
redis-sentinel-1:
redis-slave-1:
......@@ -3,7 +3,7 @@
"version": "3.2.5",
"description": "",
"author": "",
"license": "MIT",
"license": "GNU Affero General Public License v3.0",
"scripts": {
"format": "prettier --write \"src/**/*.ts\"",
"start": "ts-node -r tsconfig-paths/register src/main.ts",
......
TAG=<version of the service to deploy>
MIDDLEWARE_LEGACY_SERVICE_BIND_PORT=<listening port of the service>
LEGACY_AUTH_SERVICE_URL=<base url of the legacy auth service>
ADMIN_PASSWORD=<admin password of the legacy auth service>
ADMIN_USERNAME=<admin username of the legacy auth service>
SERVICE_EMAIL_URL=<base url of the mail service>
USER_SUPPORT_MAILBOX=<user support email address>
FRONT_END_URL=<web app url>
API_KEY=<api key of the of the service (generated in kong)>
ACCESS_TOKEN_COOKIE_KEY=<cookie key where the access token will be stored>
IMAGE_HOST=<host of the images present in the emails body>
REDIS_SENTINEL_HOST=<redis sentinel host>
REDIS_SENTINEL_PORT=<redis sentinel port>
REDIS_MASTER_PORT=<redis master port>
REDIS_SLAVE_PORT=<redis slave port>
REDIS_GROUP_NAME=<group name containing a master, and one or more slaves>
\ No newline at end of file
TAG=<version/tag of the docker image to be deployed>
MIDDLEWARE_LEGACY_SERVICE_BIND_PORT=<port on which the service will be running>
LEGACY_AUTH_SERVICE_URL=<root url of the legacy auth service>
ADMIN_PASSWORD=<legacy auth service admin password>
ADMIN_USERNAME=<legacy auth service admin username>
SERVICE_EMAIL_URL=<the email service URL>
USER_SUPPORT_MAILBOX=<email address of the support team>
FRONT_END_URL=<the root url of the web app>
VALIDATE_ACCOUNT_URI=<path in the web app to the validate account page ex: '/connexion'>
PASSWORD_RESET_URI=<path in the web app that allow a user to reset/reenter its password >
API_KEY=<the API key that allows this service to be authentified by the API gateway>
ACCESS_TOKEN_COOKIE_KEY=<key of the cookie where the JWT has been set>
IMAGE_HOST=<host of the images in the email templates>
REDIS_SENTINEL_HOST=<host of the redis sentinel from the service point of view ex: 'redis-sentinel-1'>
REDIS_SENTINEL_PORT=<port of the redis sentinel from the service point of view ex: 26379>
REDIS_SENTINEL_EXPOSED_PORT=<port on which the redis sentinel is exposed>
REDIS_GROUP_NAME=<name of the group of the different sentinels>
ALLOW_EMPTY_PASSWORD=<whether empty password is accepted or not for a redis instance ex: 'yes'>
REDIS_MASTER_PORT=<port of the redis master>
REDIS_MASTER_HOST=<host of the redis master>
REDIS_SLAVE_PORT=<port of the redis slave>
\ No newline at end of file
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment