From 92c6c28c33751aa181146e19bab5fbe189552a6a Mon Sep 17 00:00:00 2001 From: Riku Rouvila Date: Wed, 11 Sep 2024 22:41:38 +0300 Subject: [PATCH] add QA_ENV flag --- .github/workflows/clear-environment.yml | 7 ++----- infrastructure/clear-all-data.sh | 10 +++------- infrastructure/docker-compose.app.yml | 18 ++++++++++++++++++ .../elasticsearch/roles/search_user.json | 2 +- infrastructure/run-migrations.sh | 19 ++----------------- 5 files changed, 26 insertions(+), 30 deletions(-) diff --git a/.github/workflows/clear-environment.yml b/.github/workflows/clear-environment.yml index 8d66aa3a2..356e96fce 100644 --- a/.github/workflows/clear-environment.yml +++ b/.github/workflows/clear-environment.yml @@ -28,7 +28,7 @@ on: jobs: reset-data: - name: 'Reset data' + name: 'Reset data from stack ${{ inputs.stack }} in ${{ inputs.environment }}' environment: ${{ inputs.environment }} runs-on: ubuntu-22.04 outputs: @@ -74,7 +74,6 @@ jobs: MINIO_ROOT_USER: ${{ secrets.MINIO_ROOT_USER }} MINIO_ROOT_PASSWORD: ${{ secrets.MINIO_ROOT_PASSWORD }} SSH_ARGS: ${{ vars.SSH_ARGS }} - STACK: ${{ inputs.stack }} run: | ssh -p $SSH_PORT $SSH_USER@$SSH_HOST $SSH_ARGS " ELASTICSEARCH_ADMIN_USER=elastic \ @@ -88,6 +87,4 @@ jobs: echo "Running migrations..." echo ssh -p $SSH_PORT $SSH_USER@$SSH_HOST $SSH_ARGS " - ELASTICSEARCH_ADMIN_USER=elastic \ - ELASTICSEARCH_ADMIN_PASSWORD=$ELASTICSEARCH_SUPERUSER_PASSWORD \ - /opt/opencrvs/infrastructure/run-migrations.sh" + /opt/opencrvs/infrastructure/run-migrations.sh ${{ inputs.stack }}" diff --git a/infrastructure/clear-all-data.sh b/infrastructure/clear-all-data.sh index 3f13a4e19..eb2cda87f 100755 --- a/infrastructure/clear-all-data.sh +++ b/infrastructure/clear-all-data.sh @@ -102,11 +102,7 @@ docker run --rm --network=$NETWORK appropriate/curl curl -X POST "http://influxd #----------------------------- docker run --rm --network=$NETWORK --entrypoint=/bin/sh minio/mc -c "\ mc alias set myminio http://minio:9000 $MINIO_ROOT_USER $MINIO_ROOT_PASSWORD && \ - mc rm --recursive --force myminio/${STACK}__ocrvs && \ - mc rb myminio/${STACK}__ocrvs && \ - mc mb myminio/${STACK}__ocrvs" - -# Delete all data from metabase -#----------------------------- -docker exec $(docker ps | grep opencrvs_dashboards | awk '{print $1}' | head -n 1) /bin/sh -c "rm -rf /data/metabase/*" + mc rm --recursive --force myminio/${STACK}--ocrvs && \ + mc rb myminio/${STACK}--ocrvs && \ + mc mb myminio/${STACK}--ocrvs" diff --git a/infrastructure/docker-compose.app.yml b/infrastructure/docker-compose.app.yml index 3d985d635..c588a1f34 100644 --- a/infrastructure/docker-compose.app.yml +++ b/infrastructure/docker-compose.app.yml @@ -3,6 +3,7 @@ services: hearth: image: opencrvs/hearth:1.1.0 environment: + - QA_ENV=true - HOST=0.0.0.0 - mongodb__url=mongodb://${STACK}__hearth:${HEARTH_MONGODB_PASSWORD}@mongo1/${STACK}__hearth-dev?replicaSet=rs0 - logger__level=warn @@ -31,6 +32,7 @@ services: secrets: - jwt-public-key.{{STACK}}.{{ts}} environment: + - QA_ENV=true - HOST=0.0.0.0 - NODE_ENV=production - LANGUAGES=en,fr @@ -84,6 +86,7 @@ services: - 'traefik.http.routers.${STACK}__block-dashboard-queries.middlewares=${STACK}__block-internal-routes' replicas: 1 environment: + - QA_ENV=true - HOST=0.0.0.0 - NODE_ENV=production - FHIR_URL=http://hearth:3447/fhir @@ -122,6 +125,7 @@ services: login: image: opencrvs/ocrvs-login:${VERSION} environment: + - QA_ENV=true - HOST=0.0.0.0 - COUNTRY_CONFIG_URL=https://countryconfig.${STACK}.{{hostname}} - CONTENT_SECURITY_POLICY_WILDCARD=${CONTENT_SECURITY_POLICY_WILDCARD} @@ -154,6 +158,7 @@ services: client: image: opencrvs/ocrvs-client:${VERSION} environment: + - QA_ENV=true - HOST=0.0.0.0 - DECLARED_DECLARATION_SEARCH_QUERY_COUNT=100 - COUNTRY_CONFIG_URL=https://countryconfig.${STACK}.{{hostname}} @@ -194,6 +199,7 @@ services: secrets: - jwt-public-key.{{STACK}}.{{ts}} environment: + - QA_ENV=true - HOST=0.0.0.0 - NODE_ENV=production - LANGUAGES=en,fr @@ -250,6 +256,7 @@ services: secrets: - jwt-public-key.{{STACK}}.{{ts}} environment: + - QA_ENV=true - HOST=0.0.0.0 - NODE_ENV=production - LANGUAGES=en,fr @@ -284,6 +291,7 @@ services: secrets: - jwt-public-key.{{STACK}}.{{ts}} environment: + - QA_ENV=true - HOST=0.0.0.0 - NODE_ENV=production - SENTRY_DSN=${SENTRY_DSN:-} @@ -314,6 +322,7 @@ services: volumes: - /data/vsexport:/usr/src/app/packages/metrics/src/scripts environment: + - QA_ENV=true - HOST=0.0.0.0 - NODE_ENV=production - SENTRY_DSN=${SENTRY_DSN:-} @@ -353,6 +362,7 @@ services: - jwt-public-key.{{STACK}}.{{ts}} - jwt-private-key.{{STACK}}.{{ts}} environment: + - QA_ENV=true - HOST=0.0.0.0 - NODE_ENV=production - SENTRY_DSN=${SENTRY_DSN:-} @@ -399,6 +409,7 @@ services: secrets: - jwt-public-key.{{STACK}}.{{ts}} environment: + - QA_ENV=true - HOST=0.0.0.0 - NODE_ENV=production - SENTRY_DSN=${SENTRY_DSN:-} @@ -429,6 +440,7 @@ services: secrets: - jwt-public-key.{{STACK}}.{{ts}} environment: + - QA_ENV=true - HOST=0.0.0.0 - NODE_ENV=production - SENTRY_DSN=${SENTRY_DSN:-} @@ -470,6 +482,7 @@ services: secrets: - jwt-public-key.{{STACK}}.{{ts}} environment: + - QA_ENV=true - HOST=0.0.0.0 - NODE_ENV=production - SENTRY_DSN=${SENTRY_DSN:-} @@ -525,6 +538,7 @@ services: secrets: - jwt-public-key.{{STACK}}.{{ts}} environment: + - QA_ENV=true - HOST=0.0.0.0 - NODE_ENV=production - APN_SERVICE_URL=http://apm-server:8200 @@ -548,6 +562,7 @@ services: scheduler: image: opencrvs/ocrvs-scheduler:${VERSION} environment: + - QA_ENV=true - NODE_ENV=production - METRICS_URL=http://metrics:1050 deploy: @@ -566,6 +581,7 @@ services: migration: image: opencrvs/ocrvs-migration:${VERSION} environment: + - QA_ENV=true - HOST=0.0.0.0 - ELASTICSEARCH_INDEX_NAME=ocrvs--${STACK} - USER_MGNT_MONGO_URL=mongodb://${STACK}__user-mgnt:${USER_MGNT_MONGODB_PASSWORD}@mongo1/${STACK}__user-mgnt?replicaSet=rs0 @@ -614,6 +630,7 @@ services: restart_policy: condition: none environment: + - QA_ENV=true - HOST=0.0.0.0 - REPLICAS=1 - DATABASE_PREFIX=${STACK} @@ -646,6 +663,7 @@ services: - overlay_net - dependencies_overlay_net environment: + - QA_ENV=true - HOST=0.0.0.0 # Note that only mongo1 is used here on purpose for all environments # https://discourse.metabase.com/t/solved-add-mongodb-replicaset-database/7404/2 diff --git a/infrastructure/elasticsearch/roles/search_user.json b/infrastructure/elasticsearch/roles/search_user.json index da60cdeb8..e17f81ed6 100644 --- a/infrastructure/elasticsearch/roles/search_user.json +++ b/infrastructure/elasticsearch/roles/search_user.json @@ -2,7 +2,7 @@ "cluster": ["manage"], "indices": [ { - "names": ["ocrvs", "ocrvs-*"], + "names": ["*__ocrvs", "ocrvs", "ocrvs-*"], "privileges": [ "write", "create", diff --git a/infrastructure/run-migrations.sh b/infrastructure/run-migrations.sh index 0935bb443..91cc1c38b 100755 --- a/infrastructure/run-migrations.sh +++ b/infrastructure/run-migrations.sh @@ -8,22 +8,7 @@ # Copyright (C) The OpenCRVS Authors located at https://github.com/opencrvs/opencrvs-core/blob/master/AUTHORS. set -e -print_usage_and_exit () { - echo 'Usage: ./run-migrations.sh' - echo "" - echo "If your Elasticsearch is password protected, an admin user's credentials can be given as environment variables:" - echo "ELASTICSEARCH_ADMIN_USER=your_user ELASTICSEARCH_ADMIN_PASSWORD=your_pass" - exit 1 - exit 1 -} - -elasticsearch_host() { - if [ ! -z ${ELASTICSEARCH_ADMIN_USER+x} ] || [ ! -z ${ELASTICSEARCH_ADMIN_PASSWORD+x} ]; then - echo "$ELASTICSEARCH_ADMIN_USER:$ELASTICSEARCH_ADMIN_PASSWORD@elasticsearch:9200"; - else - echo "elasticsearch:9200"; - fi -} +STACK=$1 # run migration by restarting migration service -docker service update --force --update-parallelism 1 --update-delay 30s $STACK_migration +docker service update --force --update-parallelism 1 --update-delay 30s "${STACK}_migration"