Compare commits
17 Commits
925af7d314
...
dev
| Author | SHA1 | Date | |
|---|---|---|---|
| c9b1dac864 | |||
| cd4ab3fd27 | |||
| 301cf5922e | |||
| 479ec4f917 | |||
| 3f40a6126c | |||
| dd9e9ce110 | |||
| d3d3c98f99 | |||
| 9e010ed389 | |||
| 636a382cf5 | |||
| 76a351710f | |||
| c1f0da4a9c | |||
| eefc952ff0 | |||
| 8c35b3bd8c | |||
| 60011b1c72 | |||
| 859a962c12 | |||
| 0e9df4f859 | |||
| 1554404657 |
@ -1,5 +1,6 @@
|
||||
FROM python:3.11.7-slim-bookworm
|
||||
FROM python:3.11.7-alpine
|
||||
WORKDIR /app
|
||||
COPY api .
|
||||
RUN apk add --no-cache curl
|
||||
RUN pip install -r requirements.txt
|
||||
CMD python3 app.py
|
||||
|
||||
72
Jenkinsfile
vendored
72
Jenkinsfile
vendored
@ -1,72 +0,0 @@
|
||||
pipeline {
|
||||
agent any
|
||||
environment {
|
||||
DOCKER_REGISTRY_URL = 'marcin00.azurecr.io'
|
||||
DOCKER_IMAGE = "${DOCKER_REGISTRY_URL}/user-microservice:${GIT_COMMIT}"
|
||||
ACR_NAME = 'marcin00'
|
||||
}
|
||||
stages {
|
||||
stage('Checkout') {
|
||||
steps {
|
||||
checkout scm
|
||||
}
|
||||
}
|
||||
stage('Test python app') {
|
||||
steps {
|
||||
script {
|
||||
dir('api') {
|
||||
sh '''
|
||||
python3 -m venv env
|
||||
source env/bin/activate
|
||||
pip install -r requirements.txt pytest
|
||||
python3 -m pytest --junit-xml=pytest_junit.xml
|
||||
'''
|
||||
}
|
||||
}
|
||||
}
|
||||
post {
|
||||
always {
|
||||
junit testResults: '**/*pytest_junit.xml'
|
||||
}
|
||||
}
|
||||
}
|
||||
stage('Build & test docker image') {
|
||||
steps {
|
||||
script {
|
||||
appImage = docker.build("${DOCKER_IMAGE}")
|
||||
|
||||
sh label: 'Install dgoss', script: '''
|
||||
curl -s -L https://github.com/aelsabbahy/goss/releases/latest/download/goss-linux-amd64 -o goss
|
||||
curl -s -L https://github.com/aelsabbahy/goss/releases/latest/download/dgoss -o dgoss
|
||||
chmod +rx *goss
|
||||
'''
|
||||
|
||||
withEnv(["GOSS_OPTS=-f junit", 'GOSS_PATH=./goss', "SQLALCHEMY_DATABASE_URI=sqlite:///:memory:"]) {
|
||||
sh label: 'run image tests', script: './dgoss run ${DOCKER_IMAGE} > goss_junit.xml'
|
||||
}
|
||||
}
|
||||
}
|
||||
post {
|
||||
always {
|
||||
junit testResults: '**/*goss_junit.xml'
|
||||
}
|
||||
}
|
||||
}
|
||||
stage('Deploy') {
|
||||
steps {
|
||||
script {
|
||||
sh '''
|
||||
az login --identity
|
||||
az acr login --name ${ACR_NAME}
|
||||
docker push ${DOCKER_IMAGE}
|
||||
'''
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
post {
|
||||
cleanup {
|
||||
script { cleanWs() }
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -4,7 +4,8 @@ from flask_jwt_extended import JWTManager
|
||||
from jwt import ExpiredSignatureError
|
||||
from models import db, RevokedToken
|
||||
import os
|
||||
from utils import init_db
|
||||
from tech_views import tech_bp
|
||||
from utils import init_db, wait_for_db
|
||||
from views import user_bp
|
||||
from werkzeug.exceptions import HTTPException
|
||||
|
||||
@ -26,6 +27,7 @@ def create_app(config_name="default"):
|
||||
|
||||
# Blueprints registration
|
||||
app.register_blueprint(user_bp)
|
||||
app.register_blueprint(tech_bp)
|
||||
|
||||
# Database and JWT initialization
|
||||
db.init_app(app)
|
||||
@ -53,6 +55,7 @@ def create_app(config_name="default"):
|
||||
|
||||
# Fill database by initial values (only if we are not testing)
|
||||
with app.app_context():
|
||||
wait_for_db(max_retries=100)
|
||||
db.create_all()
|
||||
if config_name != "testing":
|
||||
init_db()
|
||||
@ -61,5 +64,7 @@ def create_app(config_name="default"):
|
||||
|
||||
# Server start only if we run app directly
|
||||
if __name__ == "__main__":
|
||||
from waitress import serve
|
||||
app = create_app()
|
||||
app.run(host="0.0.0.0")
|
||||
port = os.getenv("APP_PORT", "80")
|
||||
serve(app, host="0.0.0.0", port=port)
|
||||
|
||||
@ -11,4 +11,5 @@ mysql-connector-python==9.2.0
|
||||
python-dotenv==1.0.0
|
||||
SQLAlchemy==2.0.23
|
||||
typing_extensions==4.8.0
|
||||
waitress==3.0.2
|
||||
Werkzeug==3.0.1
|
||||
|
||||
20
api/tech_views.py
Normal file
20
api/tech_views.py
Normal file
@ -0,0 +1,20 @@
|
||||
from flask import Blueprint, jsonify
|
||||
from models import db
|
||||
from sqlalchemy import text
|
||||
from utils import db_ready
|
||||
|
||||
# Blueprint with technical endpoints
|
||||
tech_bp = Blueprint('tech_bp', __name__)
|
||||
|
||||
@tech_bp.route('/health', methods=['GET'])
|
||||
def health_check():
|
||||
"Check if service works and database is functional"
|
||||
try:
|
||||
with db.engine.connect() as connection:
|
||||
connection.execute(text("SELECT 1"))
|
||||
return jsonify(status="healthy"), 200
|
||||
except Exception:
|
||||
if db_ready:
|
||||
return jsonify(status="unhealthy"), 500
|
||||
else:
|
||||
return jsonify(status="starting"), 503
|
||||
21
api/utils.py
21
api/utils.py
@ -2,17 +2,22 @@ from flask import abort
|
||||
from flask_jwt_extended import get_jwt_identity
|
||||
from models import User, db
|
||||
import os
|
||||
from sqlalchemy import text
|
||||
from sqlalchemy.exc import DatabaseError, InterfaceError
|
||||
import time
|
||||
from werkzeug.security import generate_password_hash
|
||||
|
||||
db_ready = False
|
||||
|
||||
def admin_required(user_id, message='Access denied.'):
|
||||
"Check if common user try to make administrative action."
|
||||
user = db.session.get(User, user_id)
|
||||
if user is None or user.role != "Administrator":
|
||||
abort(403, message)
|
||||
|
||||
|
||||
def validate_access(owner_id, message='Access denied.'):
|
||||
# Check if user try to access or edit resource that does not belong to them
|
||||
"Check if user try to access or edit resource that does not belong to them."
|
||||
logged_user_id = int(get_jwt_identity())
|
||||
logged_user_role = db.session.get(User, logged_user_id).role
|
||||
if logged_user_role != "Administrator" and logged_user_id != owner_id:
|
||||
@ -27,6 +32,20 @@ def get_user_or_404(user_id):
|
||||
return user
|
||||
|
||||
|
||||
def wait_for_db(max_retries):
|
||||
"Try to connect with database <max_retries> times."
|
||||
global db_ready
|
||||
for _ in range(max_retries):
|
||||
try:
|
||||
with db.engine.connect() as connection:
|
||||
connection.execute(text("SELECT 1"))
|
||||
db_ready = True
|
||||
return
|
||||
except DatabaseError | InterfaceError:
|
||||
time.sleep(3)
|
||||
raise Exception("Failed to connect to database.")
|
||||
|
||||
|
||||
def init_db():
|
||||
"""Create default admin account if database is empty"""
|
||||
with db.session.begin():
|
||||
|
||||
@ -2,6 +2,7 @@ from flask import Blueprint, jsonify, request, abort
|
||||
from flask_jwt_extended import create_access_token, set_access_cookies, jwt_required, \
|
||||
verify_jwt_in_request, get_jwt_identity, unset_jwt_cookies, get_jwt
|
||||
from models import db, RevokedToken, User
|
||||
import os
|
||||
from utils import admin_required, validate_access, get_user_or_404
|
||||
from werkzeug.security import check_password_hash, generate_password_hash
|
||||
|
||||
@ -110,3 +111,10 @@ def user_logout():
|
||||
response = jsonify({"msg": "User logged out successfully."})
|
||||
unset_jwt_cookies(response)
|
||||
return response
|
||||
|
||||
@user_bp.route('/version', methods=['GET'])
|
||||
def version():
|
||||
return jsonify({
|
||||
"version": os.getenv("APP_VERSION", "unknown"),
|
||||
"build_time": os.getenv("BUILD_DATE", "unknown")
|
||||
})
|
||||
@ -7,9 +7,24 @@ services:
|
||||
build: .
|
||||
env_file:
|
||||
- api/.env
|
||||
ports:
|
||||
- 80:80
|
||||
healthcheck:
|
||||
test: ["CMD", "curl", "-f", "http://localhost/health"]
|
||||
interval: 10s
|
||||
timeout: 5s
|
||||
retries: 5
|
||||
start_period: 15s
|
||||
db:
|
||||
container_name: db
|
||||
hostname: db
|
||||
image: mysql:latest
|
||||
env_file:
|
||||
- db/.env
|
||||
ports:
|
||||
- 3306:3306
|
||||
healthcheck:
|
||||
test: ["CMD", "mysqladmin", "ping", "-h", "localhost"]
|
||||
interval: 10s
|
||||
timeout: 5s
|
||||
retries: 5
|
||||
|
||||
Reference in New Issue
Block a user