pikram/user-microservice
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: pikram:jenkins-pipeline
Branches Tags
pikram:main
pikram:jenkins-pipeline
pikram:dev
pikram:woodpecker
pikram:argo-workflow
..
compare: pikram:main
Branches Tags
pikram:jenkins-pipeline
pikram:dev
pikram:main
pikram:woodpecker
pikram:argo-workflow

No commits in common. "jenkins-pipeline" and "main" have entirely different histories.
jenkins-pi ... main

7 changed files with 13 additions and 150 deletions
Show Stats Expand all files Collapse all files

49
.jenkins/Jenkinsfile vendored
View File

@ -1,49 +0,0 @@
pipeline {
agent {
kubernetes {
yamlFile '.jenkins/podTemplate.yaml'
}
}
environment {
ACR_NAME = 'marcin00'
CLIENT_ID = 'c302726f-fafb-4143-94c1-67a70975574a'
DOCKER_REGISTRY_URL = 'marcin00.azurecr.io'
DOCKER_IMAGE = "${DOCKER_REGISTRY_URL}/user-microservice:${GIT_COMMIT}"
}
stages {
stage('Code Tests') {
steps {
container('python') {
dir('api') {
sh '''
python3 -m venv env
source env/bin/activate
pip install -r requirements.txt pytest
python3 -m pytest --junit-xml=pytest_junit.xml
'''
}
}
}
post {
always {
junit testResults: '**/*pytest_junit.xml'
}
}
}
stage('Build & Push Docker') {
steps {
container('docker') {
sh '''
docker build -t ${DOCKER_IMAGE} .
az login --identity --client-id ${CLIENT_ID}
az acr login --name ${ACR_NAME}
docker push ${DOCKER_IMAGE}
'''
}
}
}
}
}

50
.jenkins/podTemplate.yaml
View File

@ -1,50 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
annotations:
io.kubernetes.cri-o.userns-mode: "auto:size=65536"
labels:
jenkins: "slave"
jenkins/label: "kubernetes-agent"
spec:
runtimeClassName: sysbox-runc
containers:
- name: jnlp
image: jenkins/inbound-agent:alpine
tty: false
workingDir: /home/jenkins/agent
volumeMounts:
- name: workspace-volume
mountPath: /home/jenkins/agent
env:
- name: JENKINS_WEB_SOCKET
value: "true"
- name: REMOTING_OPTS
value: "-noReconnectAfter 1d"
- name: python
image: python:3.11.7-alpine
command:
- cat
tty: true
workingDir: /home/jenkins/agent
volumeMounts:
- name: workspace-volume
mountPath: /home/jenkins/agent
- name: docker
image: marcin00.azurecr.io/azure-cli-docker:slim-bookworm
tty: true
workingDir: /home/jenkins/agent
volumeMounts:
- name: workspace-volume
mountPath: /home/jenkins/agent
nodeSelector:
kubernetes.io/os: linux
restartPolicy: Never
volumes:
- name: workspace-volume
emptyDir: {}

3
Dockerfile
View File

@ -1,6 +1,5 @@
FROM python:3.11.7-alpine
FROM python:3.11.7-slim-bookworm
WORKDIR /app
COPY api .
RUN apk add --no-cache curl
RUN pip install -r requirements.txt
CMD python3 app.py

4
api/app.py
View File

@ -4,7 +4,6 @@ from flask_jwt_extended import JWTManager
from jwt import ExpiredSignatureError
from models import db, RevokedToken
import os
from tech_views import tech_bp
from utils import init_db, wait_for_db
from views import user_bp
from werkzeug.exceptions import HTTPException
@ -27,7 +26,6 @@ def create_app(config_name="default"):
# Blueprints registration
app.register_blueprint(user_bp)
app.register_blueprint(tech_bp)
# Database and JWT initialization
db.init_app(app)
@ -55,7 +53,7 @@ def create_app(config_name="default"):
# Fill database by initial values (only if we are not testing)
with app.app_context():
wait_for_db(max_retries=100)
wait_for_db()
db.create_all()
if config_name != "testing":
init_db()

20
api/tech_views.py
View File

@ -1,20 +0,0 @@
from flask import Blueprint, jsonify
from models import db
from sqlalchemy import text
from utils import db_ready
# Blueprint with technical endpoints
tech_bp = Blueprint('tech_bp', __name__)
@tech_bp.route('/health', methods=['GET'])
def health_check():
"Check if service works and database is functional"
try:
with db.engine.connect() as connection:
connection.execute(text("SELECT 1"))
return jsonify(status="healthy"), 200
except Exception:
if db_ready:
return jsonify(status="unhealthy"), 500
else:
return jsonify(status="starting"), 503

22
api/utils.py
View File

@ -3,21 +3,19 @@ from flask_jwt_extended import get_jwt_identity
from models import User, db
import os
from sqlalchemy import text
from sqlalchemy.exc import DatabaseError, InterfaceError
from sqlalchemy.exc import DatabaseError
import time
from werkzeug.security import generate_password_hash
db_ready = False
def admin_required(user_id, message='Access denied.'):
"Check if common user try to make administrative action."
user = db.session.get(User, user_id)
if user is None or user.role != "Administrator":
abort(403, message)
def validate_access(owner_id, message='Access denied.'):
"Check if user try to access or edit resource that does not belong to them."
# Check if user try to access or edit resource that does not belong to them
logged_user_id = int(get_jwt_identity())
logged_user_role = db.session.get(User, logged_user_id).role
if logged_user_role != "Administrator" and logged_user_id != owner_id:
@ -32,18 +30,20 @@ def get_user_or_404(user_id):
return user
def wait_for_db(max_retries):
"Try to connect with database <max_retries> times."
global db_ready
for _ in range(max_retries):
MAX_RETRIES = 100
def wait_for_db():
for retries in range(MAX_RETRIES):
try:
with db.engine.connect() as connection:
connection.execute(text("SELECT 1"))
db_ready = True
print("Successfully connected with database.")
return
except DatabaseError | InterfaceError:
except DatabaseError:
print(f"Waiting for database... (retry {retries + 1})")
time.sleep(3)
raise Exception("Failed to connect to database.")
print("Failed to connect to database.")
raise Exception("Database not ready after multiple retries.")
def init_db():

15
docker-compose.yml
View File

@ -7,24 +7,9 @@ services:
build: .
env_file:
- api/.env
ports:
- 80:80
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost/health"]
interval: 10s
timeout: 5s
retries: 5
start_period: 15s
db:
container_name: db
hostname: db
image: mysql:latest
env_file:
- db/.env
ports:
- 3306:3306
healthcheck:
test: ["CMD", "mysqladmin", "ping", "-h", "localhost"]
interval: 10s
timeout: 5s
retries: 5