pikram/user-microservice
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: pikram:woodpecker
Branches Tags
pikram:main pikram:dev pikram:jenkins-pipeline pikram:woodpecker pikram:argo-workflow
..
compare: pikram:dev
Branches Tags
pikram:dev pikram:jenkins-pipeline pikram:main pikram:woodpecker pikram:argo-workflow

9 Commits
woodpecker ... dev

Author SHA1 Message Date
Marcin-Ramotowski
c9b1dac864 Added endpoint to fetch app version 2025-07-03 22:47:21 +02:00
Marcin-Ramotowski
cd4ab3fd27 Handled more errors during db initialization 2025-06-12 18:42:07 +00:00
Marcin-Ramotowski
301cf5922e Changed docker image base to Alpine and added curl 2025-06-11 22:15:37 +00:00
Marcin-Ramotowski
479ec4f917 Added healthcheck 2025-06-11 22:04:35 +00:00
Marcin-Ramotowski
3f40a6126c Added more descriptions of functions 2025-06-11 20:04:04 +00:00
Marcin-Ramotowski
dd9e9ce110 Improved function body 2025-06-11 19:57:15 +00:00
Marcin-Ramotowski
d3d3c98f99 Moved wait_for_db function to utils module 2025-06-11 19:48:58 +00:00
Marcin-Ramotowski
9e010ed389 Implemented waiting for db readiness 2025-06-11 19:43:47 +00:00
Marcin-Ramotowski
636a382cf5 Deleted jenkins pipeline from main branch 2025-06-11 17:13:27 +00:00
9 changed files with 69 additions and 132 deletions
Expand all files Collapse all files

49
.woodpecker/build.yaml
View File

@ -1,49 +0,0 @@
when:
- event: push
branch: woodpecker
steps:
- name: code-tests
image: python:3.11.7-alpine
commands:
- cd api
- python3 -m venv env
- source env/bin/activate
- pip install -r requirements.txt pytest
- python3 -m pytest --junit-xml=pytest_junit.xml
- name: build
image: docker:dind
privileged: true
environment:
ACR_USERNAME: marcin00
ACR_PASSWORD:
from_secret: acr_password
commands:
- dockerd-entrypoint.sh &
- sleep 10 # czas na uruchomienie usługi Docker
- DOCKER_IMAGE=marcin00.azurecr.io/user-microservice:$CI_COMMIT_SHA
- echo "===> Building Docker image"
- docker build -t $DOCKER_IMAGE .
- echo "===> Installing bash"
- apk add --no-cache bash
- echo "===> Installing goss"
- wget https://github.com/aelsabbahy/goss/releases/latest/download/goss-linux-amd64 -O goss
- wget https://github.com/aelsabbahy/goss/releases/latest/download/dgoss -O dgoss
- chmod +x *goss
- echo "===> Starting container for test"
- export GOSS_OPTS="-f junit"
- export GOSS_PATH=./goss
- export GOSS_SLEEP=3
- "./dgoss run -e SQLALCHEMY_DATABASE_URI=sqlite:///:memory: $DOCKER_IMAGE > goss_junit.xml"
- echo "===> Logging in to ACR"
- echo "$ACR_PASSWORD" | docker login marcin00.azurecr.io -u $ACR_USERNAME --password-stdin
- echo "===> Pushing image to ACR"
- docker push $DOCKER_IMAGE

3
Dockerfile
View File

@ -1,5 +1,6 @@
FROM python:3.11.7-slim-bookworm FROM python:3.11.7-alpine
WORKDIR /app WORKDIR /app
COPY api . COPY api .
RUN apk add --no-cache curl
RUN pip install -r requirements.txt RUN pip install -r requirements.txt
CMD python3 app.py CMD python3 app.py

72
Jenkinsfile vendored
View File

@ -1,72 +0,0 @@
pipeline {
agent any
environment {
DOCKER_REGISTRY_URL = 'marcin00.azurecr.io'
DOCKER_IMAGE = "${DOCKER_REGISTRY_URL}/user-microservice:${GIT_COMMIT}"
ACR_NAME = 'marcin00'
}
stages {
stage('Checkout') {
steps {
checkout scm
}
}
stage('Test python app') {
steps {
script {
dir('api') {
sh '''
python3 -m venv env
source env/bin/activate
pip install -r requirements.txt pytest
python3 -m pytest --junit-xml=pytest_junit.xml
'''
}
}
}
post {
always {
junit testResults: '**/*pytest_junit.xml'
}
}
}
stage('Build & test docker image') {
steps {
script {
appImage = docker.build("${DOCKER_IMAGE}")
sh label: 'Install dgoss', script: '''
curl -s -L https://github.com/aelsabbahy/goss/releases/latest/download/goss-linux-amd64 -o goss
curl -s -L https://github.com/aelsabbahy/goss/releases/latest/download/dgoss -o dgoss
chmod +rx *goss
'''
withEnv(['GOSS_OPTS=-f junit', 'GOSS_PATH=./goss', 'GOSS_SLEEP=3', 'SQLALCHEMY_DATABASE_URI=sqlite:///:memory:']) {
sh label: 'run image tests', script: './dgoss run -e SQLALCHEMY_DATABASE_URI=sqlite:///:memory: ${DOCKER_IMAGE} > goss_junit.xml'
}
}
}
post {
always {
junit testResults: '**/*goss_junit.xml'
}
}
}
stage('Deploy') {
steps {
script {
sh '''
az login --identity
az acr login --name ${ACR_NAME}
docker push ${DOCKER_IMAGE}
'''
}
}
}
}
post {
cleanup {
script { cleanWs() }
}
}
}

5
api/app.py
View File

@ -4,7 +4,8 @@ from flask_jwt_extended import JWTManager
from jwt import ExpiredSignatureError from jwt import ExpiredSignatureError
from models import db, RevokedToken from models import db, RevokedToken
import os import os
from utils import init_db from tech_views import tech_bp
from utils import init_db, wait_for_db
from views import user_bp from views import user_bp
from werkzeug.exceptions import HTTPException from werkzeug.exceptions import HTTPException
@ -26,6 +27,7 @@ def create_app(config_name="default"):
# Blueprints registration # Blueprints registration
app.register_blueprint(user_bp) app.register_blueprint(user_bp)
app.register_blueprint(tech_bp)
# Database and JWT initialization # Database and JWT initialization
db.init_app(app) db.init_app(app)
@ -53,6 +55,7 @@ def create_app(config_name="default"):
# Fill database by initial values (only if we are not testing) # Fill database by initial values (only if we are not testing)
with app.app_context(): with app.app_context():
wait_for_db(max_retries=100)
db.create_all() db.create_all()
if config_name != "testing": if config_name != "testing":
init_db() init_db()

20
api/tech_views.py Normal file
View File

@ -0,0 +1,20 @@
from flask import Blueprint, jsonify
from models import db
from sqlalchemy import text
from utils import db_ready
# Blueprint with technical endpoints
tech_bp = Blueprint('tech_bp', __name__)
@tech_bp.route('/health', methods=['GET'])
def health_check():
"Check if service works and database is functional"
try:
with db.engine.connect() as connection:
connection.execute(text("SELECT 1"))
return jsonify(status="healthy"), 200
except Exception:
if db_ready:
return jsonify(status="unhealthy"), 500
else:
return jsonify(status="starting"), 503

21
api/utils.py
View File

@ -2,17 +2,22 @@ from flask import abort
from flask_jwt_extended import get_jwt_identity from flask_jwt_extended import get_jwt_identity
from models import User, db from models import User, db
import os import os
from sqlalchemy import text
from sqlalchemy.exc import DatabaseError, InterfaceError
import time
from werkzeug.security import generate_password_hash from werkzeug.security import generate_password_hash
db_ready = False
def admin_required(user_id, message='Access denied.'): def admin_required(user_id, message='Access denied.'):
"Check if common user try to make administrative action."
user = db.session.get(User, user_id) user = db.session.get(User, user_id)
if user is None or user.role != "Administrator": if user is None or user.role != "Administrator":
abort(403, message) abort(403, message)
def validate_access(owner_id, message='Access denied.'): def validate_access(owner_id, message='Access denied.'):
# Check if user try to access or edit resource that does not belong to them "Check if user try to access or edit resource that does not belong to them."
logged_user_id = int(get_jwt_identity()) logged_user_id = int(get_jwt_identity())
logged_user_role = db.session.get(User, logged_user_id).role logged_user_role = db.session.get(User, logged_user_id).role
if logged_user_role != "Administrator" and logged_user_id != owner_id: if logged_user_role != "Administrator" and logged_user_id != owner_id:
@ -27,6 +32,20 @@ def get_user_or_404(user_id):
return user return user
def wait_for_db(max_retries):
"Try to connect with database <max_retries> times."
global db_ready
for _ in range(max_retries):
try:
with db.engine.connect() as connection:
connection.execute(text("SELECT 1"))
db_ready = True
return
except DatabaseError | InterfaceError:
time.sleep(3)
raise Exception("Failed to connect to database.")
def init_db(): def init_db():
"""Create default admin account if database is empty""" """Create default admin account if database is empty"""
with db.session.begin(): with db.session.begin():

8
api/views.py
View File

@ -2,6 +2,7 @@ from flask import Blueprint, jsonify, request, abort
from flask_jwt_extended import create_access_token, set_access_cookies, jwt_required, \ from flask_jwt_extended import create_access_token, set_access_cookies, jwt_required, \
verify_jwt_in_request, get_jwt_identity, unset_jwt_cookies, get_jwt verify_jwt_in_request, get_jwt_identity, unset_jwt_cookies, get_jwt
from models import db, RevokedToken, User from models import db, RevokedToken, User
import os
from utils import admin_required, validate_access, get_user_or_404 from utils import admin_required, validate_access, get_user_or_404
from werkzeug.security import check_password_hash, generate_password_hash from werkzeug.security import check_password_hash, generate_password_hash
@ -110,3 +111,10 @@ def user_logout():
response = jsonify({"msg": "User logged out successfully."}) response = jsonify({"msg": "User logged out successfully."})
unset_jwt_cookies(response) unset_jwt_cookies(response)
return response return response
@user_bp.route('/version', methods=['GET'])
def version():
return jsonify({
"version": os.getenv("APP_VERSION", "unknown"),
"build_time": os.getenv("BUILD_DATE", "unknown")
})

15
docker-compose.yml
View File

@ -7,9 +7,24 @@ services:
build: . build: .
env_file: env_file:
- api/.env - api/.env
ports:
- 80:80
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost/health"]
interval: 10s
timeout: 5s
retries: 5
start_period: 15s
db: db:
container_name: db container_name: db
hostname: db hostname: db
image: mysql:latest image: mysql:latest
env_file: env_file:
- db/.env - db/.env
ports:
- 3306:3306
healthcheck:
test: ["CMD", "mysqladmin", "ping", "-h", "localhost"]
interval: 10s
timeout: 5s
retries: 5

8
goss.yaml
View File

@ -1,8 +0,0 @@
port:
tcp:80:
listening: true
ip:
- 0.0.0.0
process:
python3:
running: true