From 9f117779441f0e4d35fda05dc2f257856af30306 Mon Sep 17 00:00:00 2001 From: Aleksandra Lazoroska Date: Thu, 14 Nov 2024 09:56:59 +0100 Subject: [PATCH 01/18] feat: Upgrade to CKAN 2.11.0 official Docker image --- sddi-base/Dockerfile | 376 ++++++++++++++++++++++++++++--------------- 1 file changed, 244 insertions(+), 132 deletions(-) diff --git a/sddi-base/Dockerfile b/sddi-base/Dockerfile index 5e0614c..a0af5d4 100644 --- a/sddi-base/Dockerfile +++ b/sddi-base/Dockerfile @@ -1,16 +1,32 @@ ############################################################################### -# Build stage +# Extbuild stage ############################################################################### -ARG CKAN_VERSION_BUILD_STAGE=2.9.9-dev -ARG CKAN_VERSION_BUILD_SPATIAL=2.9.9-focal -ARG CKAN_VERSION_RUNTIME_STAGE=2.9.9-focal - -FROM ckan/ckan-base:${CKAN_VERSION_BUILD_STAGE} as extbuild +FROM ckan/ckan-base:2.11 as extbuild USER root +RUN apt-get update && apt-get install -y \ + git \ + curl \ + libpq-dev \ + gcc \ + make \ + g++ \ + autoconf \ + automake \ + libtool \ + patch \ + musl-dev \ + libpcre3-dev \ + libpcre3 \ + libffi-dev \ + libxml2-dev \ + libxslt-dev + +RUN pip install -U markupsafe==2.0.1 sqlalchemy==1.4.41 + # ckanext-hierarchy ########################################################### -ARG CKANEXT_HIERARCHY_VERSION="v1.2.0" +ARG CKANEXT_HIERARCHY_VERSION="abb4e2d" ENV CKANEXT_HIERARCHY_VERSION=${CKANEXT_HIERARCHY_VERSION} RUN set -ex && \ @@ -23,21 +39,15 @@ RUN set -ex && \ curl -o /wheels/ckanext-hierarchy.txt https://raw.githubusercontent.com/ckan/ckanext-hierarchy/${CKANEXT_HIERARCHY_VERSION}/requirements.txt && \ ls -lah /wheels -# ckanext-grouphierarchy ###################################################### -ARG CKANEXT_SDDI_VERSION="1.1.4" -ENV CKANEXT_SDDI_VERSION=${CKANEXT_SDDI_VERSION} +# ckanext-envvars +ENV ENVVARS_GIT_URL=https://github.com/ckan/ckanext-envvars/ +ENV ENVVARS_GIT_BRANCH=v0.0.6 RUN set -ex && \ - pip wheel --wheel-dir=/wheels \ - git+https://github.com/tum-gis/ckanext-grouphierarchy-sddi.git@${CKANEXT_SDDI_VERSION}#egg=ckanext-grouphierarchy && \ - pip wheel --wheel-dir=/wheels -r \ - https://raw.githubusercontent.com/tum-gis/ckanext-grouphierarchy-sddi/${CKANEXT_SDDI_VERSION}/requirements.txt && \ - curl -o /wheels/ckanext-grouphierarchy.txt \ - https://raw.githubusercontent.com/tum-gis/ckanext-grouphierarchy-sddi/${CKANEXT_SDDI_VERSION}/requirements.txt && \ - ls -lah /wheels + pip3 wheel --wheel-dir=/wheels git+${ENVVARS_GIT_URL}@${ENVVARS_GIT_BRANCH}#egg=ckanext-envvars # ckanext-relation ############################################################ -ARG CKANEXT_RELATION_VERSION="1.0.3" +ARG CKANEXT_RELATION_VERSION="1.1.0" ENV CKANEXT_RELATION_VERSION=${CKANEXT_RELATION_VERSION} RUN set -ex && \ @@ -50,16 +60,16 @@ RUN set -ex && \ ls -lah /wheels # ckanext-scheming ############################################################ -ARG CKANEXT_SCHEMING_VERSION="f98daec" +ARG CKANEXT_SCHEMING_VERSION="27035f4" ENV CKANEXT_SCHEMING_VERSION=${CKANEXT_SCHEMING_VERSION} -ENV CKANEXT_SCHEMING_GITHUB_URL="https://github.com/MarijaKnezevic/ckanext-scheming" +ENV CKANEXT_SCHEMING_GITHUB_URL="https://github.com//ckan/ckanext-scheming" RUN set -ex && \ pip wheel --wheel-dir=/wheels \ git+${CKANEXT_SCHEMING_GITHUB_URL}.git@${CKANEXT_SCHEMING_VERSION}#egg=ckanext-scheming # ckanext datesearch ########################################################## -ARG CKANEXT_DATESEARCH_VERSION="1.0.2" +ARG CKANEXT_DATESEARCH_VERSION="1.1.0" ENV CKANEXT_DATESEARCH_VERSION=${CKANEXT_DATESEARCH_VERSION} ENV CKANEXT_DATESEARCH_VERSION_GITHUB_URL="https://github.com/MarijaKnezevic/ckanext-datesearch" @@ -67,134 +77,176 @@ RUN set -ex && \ pip wheel --wheel-dir=/wheels \ git+${CKANEXT_DATESEARCH_VERSION_GITHUB_URL}.git@${CKANEXT_DATESEARCH_VERSION}#egg=ckanext-datesearch -# ckanext-composite ########################################################### -ARG CKANEXT_COMPOSITE_VERSION="1e6d7bb" -ENV CKANEXT_COMPOSITE_VERSION=${CKANEXT_COMPOSITE_VERSION} -ENV CKANEXT_COMPOSITE_GITHUB_URL="https://github.com/EnviDat/ckanext-composite" +# ckanext-harvest ########################################################### +ARG CKANEXT_HARVEST_VERSION="v1.6.0" +ENV CKANEXT_HARVEST_VERSION=${CKANEXT_HARVEST_VERSION} +ENV CKANEXT_HARVEST_GITHUB_URL="https://github.com/ckan/ckanext-harvest.git" RUN set -ex && \ - pip install -r \ - https://raw.githubusercontent.com/EnviDat/ckanext-composite/${CKANEXT_COMPOSITE_VERSION}/dev-requirements.txt && \ - pip wheel --wheel-dir=/wheels \ - git+${CKANEXT_COMPOSITE_GITHUB_URL}.git@${CKANEXT_COMPOSITE_VERSION}#egg=ckanext-composite - -# ckanext-repeating ########################################################### -ARG CKANEXT_REPEATING_VERSION="1.0.0" -ENV CKANEXT_REPEATING_VERSION=${CKANEXT_REPEATING_VERSION} -ENV CKANEXT_REPEATING_GITHUB_URL="https://github.com/MarijaKnezevic/ckanext-repeating" + mkdir -p /wheels && \ + pip install -r https://raw.githubusercontent.com/ckan/ckanext-harvest/${CKANEXT_HARVEST_VERSION}/requirements.txt RUN set -ex && \ - pip wheel --wheel-dir=/wheels \ - git+${CKANEXT_REPEATING_GITHUB_URL}.git@${CKANEXT_REPEATING_VERSION}#egg=ckanext-repeating + pip wheel --wheel-dir=/wheels -r https://raw.githubusercontent.com/ckan/ckanext-harvest/${CKANEXT_HARVEST_VERSION}/requirements.txt && \ + pip wheel --wheel-dir=/wheels git+https://github.com/ckan/ckanext-harvest.git@${CKANEXT_HARVEST_VERSION}#egg=ckanext-harvest && \ + curl -o /wheels/ckanext-harvest.txt https://raw.githubusercontent.com/ckan/ckanext-harvest/${CKANEXT_HARVEST_VERSION}/requirements.txt && \ + ls -lah /wheels -# ckanext-clamav ############################################################## -ARG CKANEXT_CALMAV_VERSION="master" -ENV CKANEXT_CALMAV_VERSION=${CKANEXT_CALMAV_VERSION} -ENV CKANEXT_CALMAV_GITHUB_URL="https://github.com/mutantsan/ckanext-clamav" +# ckanext-spatial ############################################################# +ENV CKANEXT_SPATIAL_GITHUB_URL="https://github.com/ckan/ckanext-spatial" +ENV CKANEXT_SPATIAL_VERSION="8a00a2b" RUN set -ex && \ - pip wheel --wheel-dir=/wheels -r \ - https://raw.githubusercontent.com/mutantsan/ckanext-clamav/${CKANEXT_CALMAV_VERSION}/requirements.txt && \ - curl -o /wheels/ckanext-clamav.txt \ - https://raw.githubusercontent.com/mutantsan/ckanext-clamav/${CKANEXT_CALMAV_VERSION}/requirements.txt && \ + curl -o /wheels/ckanext-spatial-requirements.txt \ + https://raw.githubusercontent.com/ckan/ckanext-spatial/${CKANEXT_SPATIAL_VERSION}/requirements-py2.txt && \ pip wheel --wheel-dir=/wheels \ - git+${CKANEXT_CALMAV_GITHUB_URL}.git@${CKANEXT_CALMAV_VERSION}#egg=ckanext-clamav + git+${CKANEXT_SPATIAL_GITHUB_URL}.git@${CKANEXT_SPATIAL_VERSION}#egg=ckanext-spatial -# ckanext-password-policy ##################################################### -ARG CKANEXT_PASSWORD_POLICY_VERSION="5618dc9" -ENV CKANEXT_PASSWORD_POLICY_VERSION=${CKANEXT_PASSWORD_POLICY_VERSION} -ENV CKANEXT_PASSWORD_POLICY_GITHUB_URL="https://github.com/keitaroinc/ckanext-password-policy" +# ckanext-geoview ############################################################# +ARG CKANEXT_GEOVIEW_VERSION="v0.2.2" +ENV CKANEXT_GEOVIEW_VERSION=${CKANEXT_GEOVIEW_VERSION} +ENV CKANEXT_GEOVIEW_GITHUB_URL="https://github.com/ckan/ckanext-geoview" RUN set -ex && \ - pip install -r \ - https://raw.githubusercontent.com/keitaroinc/ckanext-password-policy/${CKANEXT_PASSWORD_POLICY_VERSION}/requirements.txt && \ - curl -o /wheels/ckanext-password-policy.txt \ - https://raw.githubusercontent.com/keitaroinc/ckanext-password-policy/${CKANEXT_PASSWORD_POLICY_VERSION}/requirements.txt && \ - pip wheel --wheel-dir=/wheels \ - git+${CKANEXT_PASSWORD_POLICY_GITHUB_URL}.git@${CKANEXT_PASSWORD_POLICY_VERSION}#egg=ckanext-password-policy + curl -o /wheels/ckanext-geoview-dev-requirements.txt \ + ${CKANEXT_GEOVIEW_GITHUB_URL}/raw/${CKANEXT_GEOVIEW_VERSION}/dev-requirements.txt && \ + pip install -r /wheels/ckanext-geoview-dev-requirements.txt && \ + pip wheel --wheel-dir=/wheels \ + git+${CKANEXT_GEOVIEW_GITHUB_URL}.git@${CKANEXT_GEOVIEW_VERSION}#egg=ckanext-geoview -# ckanext-spatial ############################################################# -FROM ghcr.io/keitaroinc/ckan:${CKAN_VERSION_BUILD_SPATIAL} as extbuild-spatial +# ckanext-theme-sddi ############################################################# +ARG CKANEXT_THEME_SDDI_VERSION="0.0.1" +ENV CKANEXT_THEME_SDDI_VERSION=${CKANEXT_THEME_SDDI_VERSION} +ENV CKANEXT_THEME_SDDI_GITHUB_URL="https://github.com/MarijaKnezevic/ckanext-theme-sddi" -ARG CKANEXT_SPATIAL_VERSION="c2118b9" -ENV CKANEXT_SPATIAL_VERSION=${CKANEXT_SPATIAL_VERSION} +RUN set -ex && \ + curl -o /wheels/ckanext-theme-sddi-dev-requirements.txt \ + ${CKANEXT_THEME_SDDI_GITHUB_URL}/raw/${CKANEXT_THEME_SDDI_VERSION}/requirements.txt && \ + pip install -r /wheels/ckanext-theme-sddi-dev-requirements.txt && \ + pip wheel --wheel-dir=/wheels \ + git+${CKANEXT_THEME_SDDI_GITHUB_URL}.git@${CKANEXT_THEME_SDDI_VERSION}#egg=ckanext-theme-sddi -USER root +# ckanext-clamav ############################################################# +ARG CKANEXT_CLAMAV_VERSION="a1d23ac" +ENV CKANEXT_CLAMAV_VERSION=${CKANEXT_CLAMAV_VERSION} +ENV CKANEXT_CLAMAV_GITHUB_URL="https://github.com/DataShades/ckanext-clamav" -# Install any system packages necessary to build extensions RUN set -ex && \ - apt-get update && \ - apt-get install -y --no-install-recommends \ - python3-dev python3-pip libxml2-dev libxslt1-dev libgeos-c1v5 python-is-python3 && \ - mkdir -p /wheels && \ - pip install -U pip + curl -o /wheels/ckanext-clamav-requirements.txt \ + ${CKANEXT_CLAMAV_GITHUB_URL}/raw/${CKANEXT_CLAMAV_VERSION}/requirements.txt && \ + pip install -r /wheels/ckanext-clamav-requirements.txt && \ + pip wheel --wheel-dir=/wheels \ + git+${CKANEXT_CLAMAV_GITHUB_URL}.git@${CKANEXT_CLAMAV_VERSION}#egg=ckanext-clamav -RUN set -ex && \ - pip install -r https://raw.githubusercontent.com/MarijaKnezevic/ckanext-spatial/${CKANEXT_SPATIAL_VERSION}/requirements.txt && \ - curl -o /wheels/ckanext-spatial.txt \ - https://raw.githubusercontent.com/MarijaKnezevic/ckanext-spatial/${CKANEXT_SPATIAL_VERSION}/requirements.txt && \ - pip install -r https://raw.githubusercontent.com/MarijaKnezevic/ckanext-spatial/${CKANEXT_SPATIAL_VERSION}/requirements-postgis.txt && \ - curl -o /wheels/ckanext-spatial-postgis.txt \ - https://raw.githubusercontent.com/MarijaKnezevic/ckanext-spatial/${CKANEXT_SPATIAL_VERSION}/requirements-postgis.txt && \ - ls -lah /wheels +# ckanext-dcat ########################################################## +ARG CKANEXT_DCAT_VERSION="v1.5.1" +ENV CKANEXT_DCAT_VERSION=${CKANEXT_DCAT_VERSION} +ENV CKANEXT_DCAT_GITHUB_URL="https://github.com/ckan/ckanext-dcat" RUN set -ex && \ - pip wheel --wheel-dir=/wheels \ - git+https://github.com/MarijaKnezevic/ckanext-spatial.git@${CKANEXT_SPATIAL_VERSION}#egg=ckanext-spatial + curl -o /wheels/ckanext-dcat-requirements.txt \ + https://raw.githubusercontent.com/ckan/ckanext-dcat/${CKANEXT_DCAT_VERSION}/requirements.txt && \ + pip install -r /wheels/ckanext-dcat-requirements.txt && \ + pip wheel --wheel-dir=/wheels \ + git+${CKANEXT_DCAT_GITHUB_URL}.git@${CKANEXT_DCAT_VERSION}#egg=ckanext-dcat + +# ckanext-security ###################################################### +ARG CKANEXT_SECURITY_VERSION="80dc1d6" +ENV CKANEXT_SECURITY_VERSION=${CKANEXT_SECURITY_VERSION} +ENV CKANEXT_SECURITY_GITHUB_URL="https://github.com/MarijaKnezevic/ckanext-security" + +RUN set -ex && \ + curl -o /wheels/ckanext-security-requirements.txt \ + https://raw.githubusercontent.com/MarijaKnezevic/ckanext-security/${CKANEXT_SECURITY_VERSION}/requirements.txt && \ + pip install -r /wheels/ckanext-security-requirements.txt && \ + pip wheel --wheel-dir=/wheels \ + git+${CKANEXT_SECURITY_GITHUB_URL}.git@${CKANEXT_SECURITY_VERSION}#egg=ckanext-security ############################################################################### # Runtime stage ############################################################################### -FROM ghcr.io/keitaroinc/ckan:${CKAN_VERSION_RUNTIME_STAGE} as runtime - -ENV CKAN__PLUGINS "image_view text_view recline_view webpage_view datastore datapusher \ - hierarchy_display hierarchy_form display_group relation \ - spatial_metadata spatial_query datesearch repeating composite scheming_datasets \ - password_policy clamav \ - envvars" - -# Extra env for compatibility with ckan/base Docker images for downstream k8s +FROM ckan/ckan-base:2.11 + +ENV APP_DIR=/srv/app +ENV SRC_DIR=/srv/app/src +ENV CKAN_DIR=${SRC_DIR}/ckan +ENV DATA_DIR=/srv/app/data +ENV PIP_SRC=${SRC_DIR} + +# Setting the locale +ENV LC_ALL="en_US.UTF-8" +RUN apt-get update && apt-get install --no-install-recommends -y locales +RUN sed -i "/$LC_ALL/s/^# //g" /etc/locale.gen +RUN dpkg-reconfigure --frontend=noninteractive locales +RUN update-locale LANG=${LC_ALL} + +# Set timezone +RUN echo "UTC" > /etc/timezone ENV CKAN_INI=${APP_DIR}/production.ini ENV CKAN_STORAGE_PATH=/var/lib/ckan -ENV TZ="UTC" -USER root +# Update the package lists and install required packages +RUN apt-get update && apt-get install -y \ + bash \ + git \ + gettext \ + curl \ + wget \ + unzip \ + postgresql-client \ + libmagic1 \ + libpcre3 \ + libxslt1.1 \ + libxml2 \ + tzdata \ + apache2-utils \ + musl-dev \ + libssl-dev \ + proj-bin \ + libproj-dev \ + proj-data \ + python3-cffi \ + uwsgi-plugin-python3 \ + supervisor + +# Cleanup to reduce image size +RUN apt-get clean && rm -rf /var/lib/apt/lists/* + +RUN set -ex pip install markupsafe==2.0.1 \ + setuptools \ + wheel \ + sqlalchemy==1.4.41 \ + gevent==22.10.2 \ + greenlet==2.0.1 + +# Create SRC_DIR +RUN mkdir -p ${SRC_DIR} && \ + # Link python to python3 + ln -s /usr/bin/python3 /usr/bin/python + +# Get artifacts from build stages +COPY --from=extbuild /wheels ${APP_DIR}/ext_wheels -# Install any system packages necessary to build extensions -RUN set -ex && \ - apt-get update && \ - apt-get install -y --no-install-recommends \ - clamav \ - clamav-daemon \ - libxml2-dev libxslt1-dev libgeos-c1v5 && \ - pip install --no-cache-dir -U pip && \ - rm -rf /var/lib/apt/lists/* +WORKDIR ${CKAN_DIR} -# Copy python wheels from build stage -COPY --from=extbuild /wheels ${APP_DIR}/ext_wheels -COPY --from=extbuild-spatial /wheels ${APP_DIR}/ext_wheels +# ckanext-harvest ########################################################### +RUN set -ex && \ + pip install --no-index --find-links=${APP_DIR}/ext_wheels ckanext-harvest && \ + pip install --no-index --find-links=${APP_DIR}/ext_wheels -r ${APP_DIR}/ext_wheels/ckanext-harvest.txt # ckanext-hierarchy ########################################################### RUN set -ex && \ pip install --find-links=${APP_DIR}/ext_wheels -r ${APP_DIR}/ext_wheels/ckanext-hierarchy.txt && \ pip install --no-index --find-links=${APP_DIR}/ext_wheels ckanext-hierarchy -# ckanext-grouphierarchy ###################################################### +# ckanext-envvars ############################################################ RUN set -ex && \ - pip install --find-links=${APP_DIR}/ext_wheels -r ${APP_DIR}/ext_wheels/ckanext-grouphierarchy.txt && \ - pip install --no-index --find-links=${APP_DIR}/ext_wheels ckanext-grouphierarchy + pip install --no-index --find-links=${APP_DIR}/ext_wheels ckanext-envvars # ckanext-relation ############################################################ RUN set -ex && \ - pip install --find-links=${APP_DIR}/ext_wheels -r ${APP_DIR}/ext_wheels/ckanext-relation.txt && \ pip install --no-index --find-links=${APP_DIR}/ext_wheels ckanext-relation -# ckanext-spatial ############################################################# -RUN set -ex && \ - pip install -r ${APP_DIR}/ext_wheels/ckanext-spatial.txt && \ - pip install -r ${APP_DIR}/ext_wheels/ckanext-spatial-postgis.txt && \ - pip install --no-index --find-links=${APP_DIR}/ext_wheels ckanext-spatial - # ckanext-scheming ############################################################ RUN set -ex && \ pip install --no-index --find-links=${APP_DIR}/ext_wheels ckanext-scheming @@ -203,48 +255,108 @@ RUN set -ex && \ RUN set -ex && \ pip install --no-index --find-links=${APP_DIR}/ext_wheels ckanext-datesearch -# ckanext-composite ########################################################### +# ckanext-spatial ############################################################# RUN set -ex && \ - pip install --no-index --find-links=${APP_DIR}/ext_wheels ckanext-composite + pip3 install -e 'git+https://github.com/ckan/ckanext-spatial.git#egg=ckanext-spatial' && \ + pip3 install -r 'https://raw.githubusercontent.com/ckan/ckanext-spatial/master/requirements.txt' -# ckanext-repeating ########################################################### +# ckanext-geoview ############################################################# RUN set -ex && \ - pip install --no-index --find-links=${APP_DIR}/ext_wheels ckanext-repeating - -# ckanext-clamav ############################################################## + pip install --no-index --find-links=${APP_DIR}/ext_wheels ckanext-geoview + +# ckanext-scheme-sddi ############################################################ +RUN set -ex && \ + pip install -e "git+https://github.com/MarijaKnezevic/ckanext-scheme-sddi@0.0.1#egg=ckanext-scheme-sddi" + +# ckanext-theme-sddi ############################################################# +RUN set -ex && \ + pip install --no-index --find-links=${APP_DIR}/ext_wheels ckanext-theme-sddi + +# ckanext-heroslideradmin ############################################################# +RUN set -ex && \ + pip install -e "git+https://github.com/dathere/ckanext-heroslideradmin.git@4b60e00#egg=ckanext-heroslideradmin" + +# ckanext-clamav ############################################################# RUN set -ex && \ - pip install -r ${APP_DIR}/ext_wheels/ckanext-clamav.txt && \ pip install --no-index --find-links=${APP_DIR}/ext_wheels ckanext-clamav - -# ckanext-password-policy ##################################################### + +# ckanext-fortify ############################## +RUN set -ex && \ + pip install -e "git+https://github.com/salsadigitalauorg/ckanext-fortify#egg=ckanext-fortify" + +# ckanext-dcat ########################################################## RUN set -ex && \ - pip install -r ${APP_DIR}/ext_wheels/ckanext-password-policy.txt && \ - pip install --no-index --find-links=${APP_DIR}/ext_wheels ckanext-password-policy + pip install --find-links=${APP_DIR}/ext_wheels -r ${APP_DIR}/ext_wheels/ckanext-dcat-requirements.txt && \ + pip install --no-index --find-links=${APP_DIR}/ext_wheels ckanext-dcat -# Copy init scripts and additional files -COPY --chown=ckan:ckan initScripts/ ${APP_DIR}/docker-afterinit.d -COPY --chown=ckan:ckan who.ini ${APP_DIR}/who.ini +# ckanext-security ###################################################### +RUN set -ex && \ + pip install --find-links=${APP_DIR}/ext_wheels -r ${APP_DIR}/ext_wheels/ckanext-security-requirements.txt && \ + pip install --no-index --find-links=${APP_DIR}/ext_wheels ckanext-security + +ENV CKAN__PLUGINS "envvars image_view text_view webpage_view datastore \ + harvest ckan_harvester \ + hierarchy_display hierarchy_form \ + relation \ + spatial_metadata spatial_query \ + datesearch \ + scheme_sddi \ + theme_sddi \ + scheming_datasets \ + geo_view geojson_view wmts_view shp_view \ + fortify \ + security \ + heroslideradmin \ + dcat dcat_rdf_harvester dcat_json_harvester dcat_json_interface \ + clamav" + +RUN set -ex && \ + ckan generate config ${APP_DIR}/production.ini RUN set -ex && \ ckan config-tool "${CKAN_INI}" "ckan.plugins = ${CKAN__PLUGINS}" && \ ckan config-tool "${CKAN_INI}" "ckan.spatial.srid = 4326" && \ ckan config-tool "${CKAN_INI}" "ckanext.spatial.search_backend = solr-bbox" && \ - ckan config-tool "${CKAN_INI}" "scheming.dataset_schemas = ckanext.scheming:ckan_dataset.yaml" && \ - ckan config-tool "${CKAN_INI}" "scheming.presets = ckanext.scheming:presets.json ckanext.repeating:presets.json ckanext.composite:presets.json" && \ + ckan config-tool "${CKAN_INI}" "ckanext.spatial.use_postgis_sorting = true" && \ + ckan config-tool "${CKAN_INI}" "scheming.dataset_schemas = ckanext.scheme_sddi:sddi_dataset.yaml" && \ + ckan config-tool "${CKAN_INI}" "scheming.presets = ckanext.scheming:presets.json ckanext.scheme_sddi:sddi_presets.json" && \ ckan config-tool "${CKAN_INI}" "scheming.dataset_fallback = false" && \ - ckan config-tool "${CKAN_INI}" "licenses_group_url = https://raw.githubusercontent.com/tum-gis/ckanext-grouphierarchy-sddi/main/ckanext/grouphierarchy/licenses_SDDI.json" && \ - ckan config-tool "${CKAN_INI}" "ckanext.password_policy.password_length = 12" && \ - ckan config-tool "${CKAN_INI}" "ckanext.password_policy.failed_logins = 3" && \ - ckan config-tool "${CKAN_INI}" "ckanext.password_policy.user_locked_time = 600" && \ + ckan config-tool "${CKAN_INI}" "ckanext.dathere_theme.column_count = 4" && \ ckan config-tool "${CKAN_INI}" "ckanext.spatial.common_map.type = custom" && \ ckan config-tool "${CKAN_INI}" "ckanext.spatial.common_map.custom.url = https://tile.openstreetmap.de/{z}/{x}/{y}.png" && \ ckan config-tool "${CKAN_INI}" "ckanext.spatial.common_map.attribution = OpenStreetMap contributors." && \ - ckan config-tool "${CKAN_INI}" "who.timeout = 1800" && \ - ckan config-tool "${CKAN_INI}" "ckan.auth.public_user_details = False" && \ + ckan config-tool "${CKAN_INI}" "ckanext.security.lock_timeout = 900" && \ + ckan config-tool "${CKAN_INI}" "ckanext.security.login_max_count = 3" && \ + ckan config-tool "${CKAN_INI}" "ckanext.security.brute_force_key = user_name" && \ + ckan config-tool "${CKAN_INI}" "ckanext.security.disable_password_reset_override = true" && \ + ckan config-tool "${CKAN_INI}" "ckanext.security.enable_totp = false" && \ + ckan config-tool "${CKAN_INI}" "ckan.fortify.enable_password_policy = True" && \ + ckan config-tool "${CKAN_INI}" "ckan.fortify.password_policy.min_length = 12" && \ + ckan config-tool "${CKAN_INI}" "ckan.fortify.check_parent_org_allowed = True" && \ + ckan config-tool "${CKAN_INI}" "ckanext.dcat.enable_content_negotiation = True" && \ + ckan config-tool "${CKAN_INI}" "ckan.harvest.log_scope = 0" && \ + ckan config-tool "${CKAN_INI}" "ckan.harvest.log_level = debug" && \ + ckan config-tool "${CKAN_INI}" "ckan.harvest.log_timeframe = 10" && \ + ckan config-tool "${CKAN_INI}" "PERMANENT_SESSION_LIFETIME = 600" && \ echo "${TZ}" > /etc/timezone && \ mkdir -p ${CKAN_STORAGE_PATH} && \ chown -R ckan:ckan ${APP_DIR} ${CKAN_STORAGE_PATH} && \ # Remove wheels rm -rf ${APP_DIR}/ext_wheels -USER ckan +WORKDIR ${APP_DIR} + +ENV UWSGI_HARAKIRI=50 + +# Create local storage folder +RUN mkdir -p ${CKAN_STORAGE_PATH} && \ + chown -R ckan:ckan ${CKAN_STORAGE_PATH} + +# Create entrypoint directory for children image scripts +ONBUILD RUN mkdir /docker-entrypoint.d + +EXPOSE 5000 + +HEALTHCHECK --interval=60s --timeout=5s --retries=5 CMD curl --fail http://localhost:5000/api/3/action/status_show || exit CMD ["/srv/app/start_ckan.sh"] + +CMD ["/srv/app/start_ckan.sh"] \ No newline at end of file From 6330f996adefb8554a9ecc59cc4a935ec855c260 Mon Sep 17 00:00:00 2001 From: Aleksandra Lazoroska Date: Fri, 15 Nov 2024 10:38:49 +0100 Subject: [PATCH 02/18] Temporary removed locale installation --- sddi-base/Dockerfile | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/sddi-base/Dockerfile b/sddi-base/Dockerfile index a0af5d4..bac74e1 100644 --- a/sddi-base/Dockerfile +++ b/sddi-base/Dockerfile @@ -174,11 +174,11 @@ ENV DATA_DIR=/srv/app/data ENV PIP_SRC=${SRC_DIR} # Setting the locale -ENV LC_ALL="en_US.UTF-8" -RUN apt-get update && apt-get install --no-install-recommends -y locales -RUN sed -i "/$LC_ALL/s/^# //g" /etc/locale.gen -RUN dpkg-reconfigure --frontend=noninteractive locales -RUN update-locale LANG=${LC_ALL} +# ENV LC_ALL="en_US.UTF-8" +# RUN apt-get update && apt-get install --no-install-recommends -y locales +# RUN sed -i "/$LC_ALL/s/^# //g" /etc/locale.gen +# RUN dpkg-reconfigure --frontend=noninteractive locales +# RUN update-locale LANG=${LC_ALL} # Set timezone RUN echo "UTC" > /etc/timezone From 7a66113e4feeee018795fde7c652a382da5cdc25 Mon Sep 17 00:00:00 2001 From: Aleksandra Lazoroska Date: Mon, 18 Nov 2024 11:44:29 +0100 Subject: [PATCH 03/18] Changing permissions for apt install --- sddi-base/Dockerfile | 58 +++++++++++++++++++++++--------------------- 1 file changed, 31 insertions(+), 27 deletions(-) diff --git a/sddi-base/Dockerfile b/sddi-base/Dockerfile index bac74e1..c19428e 100644 --- a/sddi-base/Dockerfile +++ b/sddi-base/Dockerfile @@ -172,18 +172,21 @@ ENV SRC_DIR=/srv/app/src ENV CKAN_DIR=${SRC_DIR}/ckan ENV DATA_DIR=/srv/app/data ENV PIP_SRC=${SRC_DIR} +ENV CKAN_INI=${APP_DIR}/production.ini +ENV CKAN_STORAGE_PATH=/var/lib/ckan +ENV UWSGI_HARAKIRI=50 + +USER root # Setting the locale -# ENV LC_ALL="en_US.UTF-8" -# RUN apt-get update && apt-get install --no-install-recommends -y locales -# RUN sed -i "/$LC_ALL/s/^# //g" /etc/locale.gen -# RUN dpkg-reconfigure --frontend=noninteractive locales -# RUN update-locale LANG=${LC_ALL} +ENV LC_ALL="en_US.UTF-8" +RUN apt-get update && apt-get install --no-install-recommends -y locales +RUN sed -i "/$LC_ALL/s/^# //g" /etc/locale.gen +RUN dpkg-reconfigure --frontend=noninteractive locales +RUN update-locale LANG=${LC_ALL} # Set timezone -RUN echo "UTC" > /etc/timezone -ENV CKAN_INI=${APP_DIR}/production.ini -ENV CKAN_STORAGE_PATH=/var/lib/ckan +RUN echo "UTC" > /etc/timezone # Update the package lists and install required packages RUN apt-get update && apt-get install -y \ @@ -207,18 +210,12 @@ RUN apt-get update && apt-get install -y \ proj-data \ python3-cffi \ uwsgi-plugin-python3 \ - supervisor + supervisor \ + sudo # Cleanup to reduce image size RUN apt-get clean && rm -rf /var/lib/apt/lists/* -RUN set -ex pip install markupsafe==2.0.1 \ - setuptools \ - wheel \ - sqlalchemy==1.4.41 \ - gevent==22.10.2 \ - greenlet==2.0.1 - # Create SRC_DIR RUN mkdir -p ${SRC_DIR} && \ # Link python to python3 @@ -227,6 +224,20 @@ RUN mkdir -p ${SRC_DIR} && \ # Get artifacts from build stages COPY --from=extbuild /wheels ${APP_DIR}/ext_wheels +# Create local storage folder +RUN mkdir -p ${CKAN_STORAGE_PATH} && \ + chown -R ckan:ckan ${CKAN_STORAGE_PATH} && \ + chown -R ckan:ckan ${APP_DIR} + +USER ckan + +RUN set -ex pip install markupsafe==2.0.1 \ + setuptools \ + wheel \ + sqlalchemy==1.4.41 \ + gevent==22.10.2 \ + greenlet==2.0.1 + WORKDIR ${CKAN_DIR} # ckanext-harvest ########################################################### @@ -337,21 +348,14 @@ RUN set -ex && \ ckan config-tool "${CKAN_INI}" "ckan.harvest.log_scope = 0" && \ ckan config-tool "${CKAN_INI}" "ckan.harvest.log_level = debug" && \ ckan config-tool "${CKAN_INI}" "ckan.harvest.log_timeframe = 10" && \ - ckan config-tool "${CKAN_INI}" "PERMANENT_SESSION_LIFETIME = 600" && \ - echo "${TZ}" > /etc/timezone && \ - mkdir -p ${CKAN_STORAGE_PATH} && \ - chown -R ckan:ckan ${APP_DIR} ${CKAN_STORAGE_PATH} && \ - # Remove wheels + ckan config-tool "${CKAN_INI}" "PERMANENT_SESSION_LIFETIME = 600" + +# Remove wheels +RUN set -ex && \ rm -rf ${APP_DIR}/ext_wheels WORKDIR ${APP_DIR} -ENV UWSGI_HARAKIRI=50 - -# Create local storage folder -RUN mkdir -p ${CKAN_STORAGE_PATH} && \ - chown -R ckan:ckan ${CKAN_STORAGE_PATH} - # Create entrypoint directory for children image scripts ONBUILD RUN mkdir /docker-entrypoint.d From 8dab8af790e4ad9ad269bd3e1afd096fe998757a Mon Sep 17 00:00:00 2001 From: Aleksandra Lazoroska Date: Mon, 18 Nov 2024 15:56:14 +0100 Subject: [PATCH 04/18] Fix ckan group name --- sddi-base/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sddi-base/Dockerfile b/sddi-base/Dockerfile index c19428e..8f33821 100644 --- a/sddi-base/Dockerfile +++ b/sddi-base/Dockerfile @@ -226,8 +226,8 @@ COPY --from=extbuild /wheels ${APP_DIR}/ext_wheels # Create local storage folder RUN mkdir -p ${CKAN_STORAGE_PATH} && \ - chown -R ckan:ckan ${CKAN_STORAGE_PATH} && \ - chown -R ckan:ckan ${APP_DIR} + chown -R ckan:ckan-sys ${CKAN_STORAGE_PATH} && \ + chown -R ckan:ckan-sys ${APP_DIR} USER ckan From d4f80dffe3a0a5f5f16c561e842440dc963bd5ed Mon Sep 17 00:00:00 2001 From: Aleksandra Lazoroska Date: Fri, 22 Nov 2024 11:03:21 +0100 Subject: [PATCH 05/18] Update version for spatial extension --- sddi-base/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sddi-base/Dockerfile b/sddi-base/Dockerfile index 8f33821..02e335e 100644 --- a/sddi-base/Dockerfile +++ b/sddi-base/Dockerfile @@ -94,7 +94,7 @@ RUN set -ex && \ # ckanext-spatial ############################################################# ENV CKANEXT_SPATIAL_GITHUB_URL="https://github.com/ckan/ckanext-spatial" -ENV CKANEXT_SPATIAL_VERSION="8a00a2b" +ENV CKANEXT_SPATIAL_VERSION="v2.2.0" RUN set -ex && \ curl -o /wheels/ckanext-spatial-requirements.txt \ From 49bfe7f58efa9507ceeeb4cd7561196152d6e927 Mon Sep 17 00:00:00 2001 From: Aleksandra Lazoroska Date: Thu, 12 Dec 2024 17:23:45 +0100 Subject: [PATCH 06/18] Upgrade to CKAN 2.11.1 official Docker image --- sddi-base/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sddi-base/Dockerfile b/sddi-base/Dockerfile index 02e335e..7754100 100644 --- a/sddi-base/Dockerfile +++ b/sddi-base/Dockerfile @@ -1,7 +1,7 @@ ############################################################################### # Extbuild stage ############################################################################### -FROM ckan/ckan-base:2.11 as extbuild +FROM ckan/ckan-base:2.11.1 as extbuild USER root @@ -165,7 +165,7 @@ RUN set -ex && \ ############################################################################### # Runtime stage ############################################################################### -FROM ckan/ckan-base:2.11 +FROM ckan/ckan-base:2.11.1 ENV APP_DIR=/srv/app ENV SRC_DIR=/srv/app/src From a99ce51e9ecc737ee487a4b658c6d2d180d28e11 Mon Sep 17 00:00:00 2001 From: Aleksandra Lazoroska Date: Mon, 16 Dec 2024 12:25:45 +0100 Subject: [PATCH 07/18] Added activity plugin --- sddi-base/Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/sddi-base/Dockerfile b/sddi-base/Dockerfile index 7754100..430ffee 100644 --- a/sddi-base/Dockerfile +++ b/sddi-base/Dockerfile @@ -306,6 +306,7 @@ RUN set -ex && \ pip install --no-index --find-links=${APP_DIR}/ext_wheels ckanext-security ENV CKAN__PLUGINS "envvars image_view text_view webpage_view datastore \ + activity \ harvest ckan_harvester \ hierarchy_display hierarchy_form \ relation \ From 7d9deb238dfead9facbd51fcabdcea581bd9d50d Mon Sep 17 00:00:00 2001 From: Aleksandra Lazoroska Date: Thu, 9 Jan 2025 11:50:23 +0100 Subject: [PATCH 08/18] Updated ckanext-harvest extension to use update-manifest branch --- sddi-base/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sddi-base/Dockerfile b/sddi-base/Dockerfile index 430ffee..172a7d6 100644 --- a/sddi-base/Dockerfile +++ b/sddi-base/Dockerfile @@ -78,7 +78,7 @@ RUN set -ex && \ git+${CKANEXT_DATESEARCH_VERSION_GITHUB_URL}.git@${CKANEXT_DATESEARCH_VERSION}#egg=ckanext-datesearch # ckanext-harvest ########################################################### -ARG CKANEXT_HARVEST_VERSION="v1.6.0" +ARG CKANEXT_HARVEST_VERSION="update-manifest" ENV CKANEXT_HARVEST_VERSION=${CKANEXT_HARVEST_VERSION} ENV CKANEXT_HARVEST_GITHUB_URL="https://github.com/ckan/ckanext-harvest.git" From d9a9670d45aadf87842e84a0e3d414f70b9e59b0 Mon Sep 17 00:00:00 2001 From: Aleksandra Lazoroska Date: Mon, 13 Jan 2025 12:54:36 +0100 Subject: [PATCH 09/18] Updated sddi themes version --- sddi-base/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sddi-base/Dockerfile b/sddi-base/Dockerfile index 172a7d6..00275aa 100644 --- a/sddi-base/Dockerfile +++ b/sddi-base/Dockerfile @@ -115,7 +115,7 @@ RUN set -ex && \ git+${CKANEXT_GEOVIEW_GITHUB_URL}.git@${CKANEXT_GEOVIEW_VERSION}#egg=ckanext-geoview # ckanext-theme-sddi ############################################################# -ARG CKANEXT_THEME_SDDI_VERSION="0.0.1" +ARG CKANEXT_THEME_SDDI_VERSION="main" ENV CKANEXT_THEME_SDDI_VERSION=${CKANEXT_THEME_SDDI_VERSION} ENV CKANEXT_THEME_SDDI_GITHUB_URL="https://github.com/MarijaKnezevic/ckanext-theme-sddi" From c10ce5874b141acdfb5a2fa64b27e01c4e3baaed Mon Sep 17 00:00:00 2001 From: Aleksandra Lazoroska Date: Mon, 13 Jan 2025 15:41:54 +0100 Subject: [PATCH 10/18] Removed fortify extension from Dockerfile --- sddi-base/Dockerfile | 8 -------- 1 file changed, 8 deletions(-) diff --git a/sddi-base/Dockerfile b/sddi-base/Dockerfile index 00275aa..6598866 100644 --- a/sddi-base/Dockerfile +++ b/sddi-base/Dockerfile @@ -291,10 +291,6 @@ RUN set -ex && \ RUN set -ex && \ pip install --no-index --find-links=${APP_DIR}/ext_wheels ckanext-clamav -# ckanext-fortify ############################## -RUN set -ex && \ - pip install -e "git+https://github.com/salsadigitalauorg/ckanext-fortify#egg=ckanext-fortify" - # ckanext-dcat ########################################################## RUN set -ex && \ pip install --find-links=${APP_DIR}/ext_wheels -r ${APP_DIR}/ext_wheels/ckanext-dcat-requirements.txt && \ @@ -316,7 +312,6 @@ ENV CKAN__PLUGINS "envvars image_view text_view webpage_view datastore \ theme_sddi \ scheming_datasets \ geo_view geojson_view wmts_view shp_view \ - fortify \ security \ heroslideradmin \ dcat dcat_rdf_harvester dcat_json_harvester dcat_json_interface \ @@ -342,9 +337,6 @@ RUN set -ex && \ ckan config-tool "${CKAN_INI}" "ckanext.security.brute_force_key = user_name" && \ ckan config-tool "${CKAN_INI}" "ckanext.security.disable_password_reset_override = true" && \ ckan config-tool "${CKAN_INI}" "ckanext.security.enable_totp = false" && \ - ckan config-tool "${CKAN_INI}" "ckan.fortify.enable_password_policy = True" && \ - ckan config-tool "${CKAN_INI}" "ckan.fortify.password_policy.min_length = 12" && \ - ckan config-tool "${CKAN_INI}" "ckan.fortify.check_parent_org_allowed = True" && \ ckan config-tool "${CKAN_INI}" "ckanext.dcat.enable_content_negotiation = True" && \ ckan config-tool "${CKAN_INI}" "ckan.harvest.log_scope = 0" && \ ckan config-tool "${CKAN_INI}" "ckan.harvest.log_level = debug" && \ From 2541f45561406a89f1552d3cb2ff13cfbcb25ca1 Mon Sep 17 00:00:00 2001 From: Aleksandra Lazoroska Date: Tue, 14 Jan 2025 09:49:59 +0100 Subject: [PATCH 11/18] Updated CKAN auth configurations --- sddi-base/Dockerfile | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/sddi-base/Dockerfile b/sddi-base/Dockerfile index 6598866..4c48daf 100644 --- a/sddi-base/Dockerfile +++ b/sddi-base/Dockerfile @@ -341,8 +341,10 @@ RUN set -ex && \ ckan config-tool "${CKAN_INI}" "ckan.harvest.log_scope = 0" && \ ckan config-tool "${CKAN_INI}" "ckan.harvest.log_level = debug" && \ ckan config-tool "${CKAN_INI}" "ckan.harvest.log_timeframe = 10" && \ - ckan config-tool "${CKAN_INI}" "PERMANENT_SESSION_LIFETIME = 600" - + ckan config-tool "${CKAN_INI}" "PERMANENT_SESSION_LIFETIME = 600" && \ + ckan config-tool "${CKAN_INI}" "ckan.auth.create_user_via_api = false" && \ + ckan config-tool "${CKAN_INI}" "ckan.auth.create_user_via_web = false" + # Remove wheels RUN set -ex && \ rm -rf ${APP_DIR}/ext_wheels From 57f60141f211adec0f999af8bf294a4aeef5f569 Mon Sep 17 00:00:00 2001 From: Aleksandra Lazoroska Date: Tue, 14 Jan 2025 11:48:05 +0100 Subject: [PATCH 12/18] Removed user creation configuration settings and updated harvest extension version --- sddi-base/Dockerfile | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/sddi-base/Dockerfile b/sddi-base/Dockerfile index 4c48daf..af0c47a 100644 --- a/sddi-base/Dockerfile +++ b/sddi-base/Dockerfile @@ -78,7 +78,7 @@ RUN set -ex && \ git+${CKANEXT_DATESEARCH_VERSION_GITHUB_URL}.git@${CKANEXT_DATESEARCH_VERSION}#egg=ckanext-datesearch # ckanext-harvest ########################################################### -ARG CKANEXT_HARVEST_VERSION="update-manifest" +ARG CKANEXT_HARVEST_VERSION="v1.6.1" ENV CKANEXT_HARVEST_VERSION=${CKANEXT_HARVEST_VERSION} ENV CKANEXT_HARVEST_GITHUB_URL="https://github.com/ckan/ckanext-harvest.git" @@ -341,9 +341,7 @@ RUN set -ex && \ ckan config-tool "${CKAN_INI}" "ckan.harvest.log_scope = 0" && \ ckan config-tool "${CKAN_INI}" "ckan.harvest.log_level = debug" && \ ckan config-tool "${CKAN_INI}" "ckan.harvest.log_timeframe = 10" && \ - ckan config-tool "${CKAN_INI}" "PERMANENT_SESSION_LIFETIME = 600" && \ - ckan config-tool "${CKAN_INI}" "ckan.auth.create_user_via_api = false" && \ - ckan config-tool "${CKAN_INI}" "ckan.auth.create_user_via_web = false" + ckan config-tool "${CKAN_INI}" "PERMANENT_SESSION_LIFETIME = 600" # Remove wheels RUN set -ex && \ From 7bd958cdfe45a3f355a92b8f2a92a0622259ae4c Mon Sep 17 00:00:00 2001 From: Aleksandra Lazoroska Date: Wed, 15 Jan 2025 15:14:22 +0100 Subject: [PATCH 13/18] Temporarily disabled harvest plugin and updated datesearch version --- sddi-base/Dockerfile | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/sddi-base/Dockerfile b/sddi-base/Dockerfile index af0c47a..b343e9c 100644 --- a/sddi-base/Dockerfile +++ b/sddi-base/Dockerfile @@ -69,7 +69,7 @@ RUN set -ex && \ git+${CKANEXT_SCHEMING_GITHUB_URL}.git@${CKANEXT_SCHEMING_VERSION}#egg=ckanext-scheming # ckanext datesearch ########################################################## -ARG CKANEXT_DATESEARCH_VERSION="1.1.0" +ARG CKANEXT_DATESEARCH_VERSION="master" ENV CKANEXT_DATESEARCH_VERSION=${CKANEXT_DATESEARCH_VERSION} ENV CKANEXT_DATESEARCH_VERSION_GITHUB_URL="https://github.com/MarijaKnezevic/ckanext-datesearch" @@ -78,19 +78,19 @@ RUN set -ex && \ git+${CKANEXT_DATESEARCH_VERSION_GITHUB_URL}.git@${CKANEXT_DATESEARCH_VERSION}#egg=ckanext-datesearch # ckanext-harvest ########################################################### -ARG CKANEXT_HARVEST_VERSION="v1.6.1" -ENV CKANEXT_HARVEST_VERSION=${CKANEXT_HARVEST_VERSION} -ENV CKANEXT_HARVEST_GITHUB_URL="https://github.com/ckan/ckanext-harvest.git" +# ARG CKANEXT_HARVEST_VERSION="v1.6.1" +# ENV CKANEXT_HARVEST_VERSION=${CKANEXT_HARVEST_VERSION} +# ENV CKANEXT_HARVEST_GITHUB_URL="https://github.com/ckan/ckanext-harvest.git" -RUN set -ex && \ - mkdir -p /wheels && \ - pip install -r https://raw.githubusercontent.com/ckan/ckanext-harvest/${CKANEXT_HARVEST_VERSION}/requirements.txt +# RUN set -ex && \ +# mkdir -p /wheels && \ +# pip install -r https://raw.githubusercontent.com/ckan/ckanext-harvest/${CKANEXT_HARVEST_VERSION}/requirements.txt -RUN set -ex && \ - pip wheel --wheel-dir=/wheels -r https://raw.githubusercontent.com/ckan/ckanext-harvest/${CKANEXT_HARVEST_VERSION}/requirements.txt && \ - pip wheel --wheel-dir=/wheels git+https://github.com/ckan/ckanext-harvest.git@${CKANEXT_HARVEST_VERSION}#egg=ckanext-harvest && \ - curl -o /wheels/ckanext-harvest.txt https://raw.githubusercontent.com/ckan/ckanext-harvest/${CKANEXT_HARVEST_VERSION}/requirements.txt && \ - ls -lah /wheels +# RUN set -ex && \ +# pip wheel --wheel-dir=/wheels -r https://raw.githubusercontent.com/ckan/ckanext-harvest/${CKANEXT_HARVEST_VERSION}/requirements.txt && \ +# pip wheel --wheel-dir=/wheels git+https://github.com/ckan/ckanext-harvest.git@${CKANEXT_HARVEST_VERSION}#egg=ckanext-harvest && \ +# curl -o /wheels/ckanext-harvest.txt https://raw.githubusercontent.com/ckan/ckanext-harvest/${CKANEXT_HARVEST_VERSION}/requirements.txt && \ +# ls -lah /wheels # ckanext-spatial ############################################################# ENV CKANEXT_SPATIAL_GITHUB_URL="https://github.com/ckan/ckanext-spatial" @@ -241,9 +241,9 @@ RUN set -ex pip install markupsafe==2.0.1 \ WORKDIR ${CKAN_DIR} # ckanext-harvest ########################################################### -RUN set -ex && \ - pip install --no-index --find-links=${APP_DIR}/ext_wheels ckanext-harvest && \ - pip install --no-index --find-links=${APP_DIR}/ext_wheels -r ${APP_DIR}/ext_wheels/ckanext-harvest.txt +# RUN set -ex && \ +# pip install --no-index --find-links=${APP_DIR}/ext_wheels ckanext-harvest && \ +# pip install --no-index --find-links=${APP_DIR}/ext_wheels -r ${APP_DIR}/ext_wheels/ckanext-harvest.txt # ckanext-hierarchy ########################################################### RUN set -ex && \ @@ -303,7 +303,7 @@ RUN set -ex && \ ENV CKAN__PLUGINS "envvars image_view text_view webpage_view datastore \ activity \ - harvest ckan_harvester \ + # harvest ckan_harvester \ hierarchy_display hierarchy_form \ relation \ spatial_metadata spatial_query \ @@ -338,9 +338,9 @@ RUN set -ex && \ ckan config-tool "${CKAN_INI}" "ckanext.security.disable_password_reset_override = true" && \ ckan config-tool "${CKAN_INI}" "ckanext.security.enable_totp = false" && \ ckan config-tool "${CKAN_INI}" "ckanext.dcat.enable_content_negotiation = True" && \ - ckan config-tool "${CKAN_INI}" "ckan.harvest.log_scope = 0" && \ - ckan config-tool "${CKAN_INI}" "ckan.harvest.log_level = debug" && \ - ckan config-tool "${CKAN_INI}" "ckan.harvest.log_timeframe = 10" && \ +# ckan config-tool "${CKAN_INI}" "ckan.harvest.log_scope = 0" && \ +# ckan config-tool "${CKAN_INI}" "ckan.harvest.log_level = debug" && \ +# ckan config-tool "${CKAN_INI}" "ckan.harvest.log_timeframe = 10" && \ ckan config-tool "${CKAN_INI}" "PERMANENT_SESSION_LIFETIME = 600" # Remove wheels From 475c681f083520042e77fdc9ebbc9d39558a30d9 Mon Sep 17 00:00:00 2001 From: Aleksandra Lazoroska Date: Wed, 15 Jan 2025 15:37:03 +0100 Subject: [PATCH 14/18] Temporarily disabled dcat harvesters --- sddi-base/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sddi-base/Dockerfile b/sddi-base/Dockerfile index b343e9c..6021763 100644 --- a/sddi-base/Dockerfile +++ b/sddi-base/Dockerfile @@ -314,7 +314,7 @@ ENV CKAN__PLUGINS "envvars image_view text_view webpage_view datastore \ geo_view geojson_view wmts_view shp_view \ security \ heroslideradmin \ - dcat dcat_rdf_harvester dcat_json_harvester dcat_json_interface \ + # dcat dcat_rdf_harvester dcat_json_harvester dcat_json_interface \ clamav" RUN set -ex && \ From efcca3962bef7d8a97cfbd618f6a05a5fe29798d Mon Sep 17 00:00:00 2001 From: Aleksandra Lazoroska Date: Tue, 21 Jan 2025 16:02:36 +0100 Subject: [PATCH 15/18] Updated sddi-theme extension version --- sddi-base/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sddi-base/Dockerfile b/sddi-base/Dockerfile index 6021763..2b37c24 100644 --- a/sddi-base/Dockerfile +++ b/sddi-base/Dockerfile @@ -115,7 +115,7 @@ RUN set -ex && \ git+${CKANEXT_GEOVIEW_GITHUB_URL}.git@${CKANEXT_GEOVIEW_VERSION}#egg=ckanext-geoview # ckanext-theme-sddi ############################################################# -ARG CKANEXT_THEME_SDDI_VERSION="main" +ARG CKANEXT_THEME_SDDI_VERSION="update-manifest" ENV CKANEXT_THEME_SDDI_VERSION=${CKANEXT_THEME_SDDI_VERSION} ENV CKANEXT_THEME_SDDI_GITHUB_URL="https://github.com/MarijaKnezevic/ckanext-theme-sddi" From 816dc9a25e628f67a28b37a84d027b3f80176d15 Mon Sep 17 00:00:00 2001 From: Aleksandra Lazoroska Date: Tue, 21 Jan 2025 16:33:49 +0100 Subject: [PATCH 16/18] Revert sddi-theme extension changes to previous version --- sddi-base/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sddi-base/Dockerfile b/sddi-base/Dockerfile index 2b37c24..6021763 100644 --- a/sddi-base/Dockerfile +++ b/sddi-base/Dockerfile @@ -115,7 +115,7 @@ RUN set -ex && \ git+${CKANEXT_GEOVIEW_GITHUB_URL}.git@${CKANEXT_GEOVIEW_VERSION}#egg=ckanext-geoview # ckanext-theme-sddi ############################################################# -ARG CKANEXT_THEME_SDDI_VERSION="update-manifest" +ARG CKANEXT_THEME_SDDI_VERSION="main" ENV CKANEXT_THEME_SDDI_VERSION=${CKANEXT_THEME_SDDI_VERSION} ENV CKANEXT_THEME_SDDI_GITHUB_URL="https://github.com/MarijaKnezevic/ckanext-theme-sddi" From 8fc8e266e60a3a80e7b68f0ff6eab5e84ec73d59 Mon Sep 17 00:00:00 2001 From: Aleksandra Lazoroska Date: Tue, 21 Jan 2025 17:27:31 +0100 Subject: [PATCH 17/18] Add theme-sddi build trigger --- sddi-base/Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/sddi-base/Dockerfile b/sddi-base/Dockerfile index 6021763..1506b0e 100644 --- a/sddi-base/Dockerfile +++ b/sddi-base/Dockerfile @@ -114,6 +114,7 @@ RUN set -ex && \ pip wheel --wheel-dir=/wheels \ git+${CKANEXT_GEOVIEW_GITHUB_URL}.git@${CKANEXT_GEOVIEW_VERSION}#egg=ckanext-geoview +# Trigger sddi build # ckanext-theme-sddi ############################################################# ARG CKANEXT_THEME_SDDI_VERSION="main" ENV CKANEXT_THEME_SDDI_VERSION=${CKANEXT_THEME_SDDI_VERSION} From 3a78c469e9dc42defa6cb2a935c09a39c96c515c Mon Sep 17 00:00:00 2001 From: Aleksandra Lazoroska Date: Thu, 23 Jan 2025 16:51:13 +0100 Subject: [PATCH 18/18] Updated extensions version and enable TOTP security --- sddi-base/Dockerfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/sddi-base/Dockerfile b/sddi-base/Dockerfile index 1506b0e..c20aec2 100644 --- a/sddi-base/Dockerfile +++ b/sddi-base/Dockerfile @@ -69,7 +69,7 @@ RUN set -ex && \ git+${CKANEXT_SCHEMING_GITHUB_URL}.git@${CKANEXT_SCHEMING_VERSION}#egg=ckanext-scheming # ckanext datesearch ########################################################## -ARG CKANEXT_DATESEARCH_VERSION="master" +ARG CKANEXT_DATESEARCH_VERSION="1.1.1" ENV CKANEXT_DATESEARCH_VERSION=${CKANEXT_DATESEARCH_VERSION} ENV CKANEXT_DATESEARCH_VERSION_GITHUB_URL="https://github.com/MarijaKnezevic/ckanext-datesearch" @@ -116,7 +116,7 @@ RUN set -ex && \ # Trigger sddi build # ckanext-theme-sddi ############################################################# -ARG CKANEXT_THEME_SDDI_VERSION="main" +ARG CKANEXT_THEME_SDDI_VERSION="0.0.2" ENV CKANEXT_THEME_SDDI_VERSION=${CKANEXT_THEME_SDDI_VERSION} ENV CKANEXT_THEME_SDDI_GITHUB_URL="https://github.com/MarijaKnezevic/ckanext-theme-sddi" @@ -337,7 +337,7 @@ RUN set -ex && \ ckan config-tool "${CKAN_INI}" "ckanext.security.login_max_count = 3" && \ ckan config-tool "${CKAN_INI}" "ckanext.security.brute_force_key = user_name" && \ ckan config-tool "${CKAN_INI}" "ckanext.security.disable_password_reset_override = true" && \ - ckan config-tool "${CKAN_INI}" "ckanext.security.enable_totp = false" && \ + ckan config-tool "${CKAN_INI}" "ckanext.security.enable_totp = true" && \ ckan config-tool "${CKAN_INI}" "ckanext.dcat.enable_content_negotiation = True" && \ # ckan config-tool "${CKAN_INI}" "ckan.harvest.log_scope = 0" && \ # ckan config-tool "${CKAN_INI}" "ckan.harvest.log_level = debug" && \