Refactor repo for HelmChart integration

PharmaLedger-IMI / fgt-workspace

UC3 Finished Goods Traceability

MIT License

5 stars 3 forks source link

Refactor repo for HelmChart integration #74

Open TiagoV-PDMFC opened 2 years ago

joaoluis-pdm commented 2 years ago

Dockerfile discussed with @lukasosterheider :

# Docker image build for Finished Goods Traceability (FGT)
#
FROM node:16-alpine

# The tag, branch or commit hash to clone.
ARG GIT_BRANCH
ENV GIT_BRANCH=${GIT_BRANCH:-v0.8.6}

RUN apk --no-cache add git curl && apk add --no-cache --upgrade bash

RUN npm install -g node-gyp

# create folder fgt-workspace and change its owner to pre-existing user 'node'
RUN mkdir -p /fgt-workspace

#checkov:skip=CKV_DOCKER_3: "Ensure that a user for the container has been created"
WORKDIR /fgt-workspace

# Build the software - Note: Clone by specific tag or branch
RUN git clone -b ${GIT_BRANCH} --single-branch --depth 1 https://github.com/PharmaLedger-IMI/fgt-workspace.git . && \
    npm install --unsafe-perm

RUN chown node /fgt-workspace

USER node

# Remove all Git related files and directories - see https://gist.github.com/facelordgists/80e868ff5e315878ecd6
RUN find . \( -name ".git" -o -name ".gitignore" -o -name ".gitmodules" -o -name ".gitattributes" \) -exec rm -rf -- {} +

RUN apk del git

CMD ["npm", "run", "server"]

# APIHub & Dashboard
EXPOSE 8080/tcp
# FGT API - different for Wholesaler & Pharmacy
EXPOSE 8081/tcp
# Swagger
EXPOSE 3009/tcp

Short term goal: Have the FGT environments provided by PDM use this Dockerfile as close as possible, to ease support of partners using similar Dockerfiles. (The idea is to replace the tracebility Dockerfile at https://github.com/PharmaLedger-IMI/fgt-workspace/blob/master/docker/api/traceability/Dockerfile and the participant Dockerfile https://github.com/PharmaLedger-IMI/fgt-workspace/blob/master/docker/api/Dockerfile with this one - adapt as needed ).

Longer term goal: Generate FGT "release" images for an image repository.

joaoluis-pdm commented 2 years ago

2 Dockerfiles revised and partially tested. (Tests with real blockchain not performed):

for the traceability domain : https://github.com/PharmaLedger-IMI/fgt-workspace/blob/0dfeeed4dd5099424b1f9734939bb870aa856c4c/docker/api/traceability/Dockerfile
for any participant : https://github.com/PharmaLedger-IMI/fgt-workspace/blob/0dfeeed4dd5099424b1f9734939bb870aa856c4c/docker/api/Dockerfile

With the objective of producing a single container image (that could be published in a repository) , there is an offending command at https://github.com/PharmaLedger-IMI/fgt-workspace/blob/0dfeeed4dd5099424b1f9734939bb870aa856c4c/docker/api/Dockerfile#L24 that is dependent on the context, and there are 2 contexts - docker/api and docker/api/traceability - implies 2 images.

To have a single image, a workaround is needed.

There is no explicit way to overwrite container files in docker-compose (outside of Dockerfile), unless the overwritten startup script CMD / command performs this overwrite. So, one possible solution is to place these 2 startup scripts inside this docker/api and docker/api/tracebility and let docker-compose call each one, depending on the context.

(Also the Node version is still kept at 14.17.4 - upgrade to 16.14.2 or 16.15.0 should work - but there are other issues, and that should be handled in a separate issue - see #81 ).

joaoluis-pdm commented 2 years ago

Tag v0.9.6 created for experimental image publishing.

Image was built with commands:

jpsl@PDM-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace$ cd docker/api
jpsl@PDM-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$  docker build --build-arg GIT_BRANCH=v0.9.6 -t fgt:v0.9.6 --rm=false --pull --network host -f=Dockerfile .
# ... takes a long time to build ... more than 30min...
Successfully built 0b6dd7437096
Successfully tagged fgt:v0.9.6

jpsl@PDM-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker image ls
REPOSITORY                   TAG              IMAGE ID       CREATED          SIZE
fgt                          v0.9.6           0b6dd7437096   31 seconds ago   2.58GB
...

# attempt to tag with my personal repo
jpsl@PDM-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker image tag fgt:v0.9.6 joaoluispdm/pharmaledger-imi-fgt:v0.9.6

jpsl@PDM-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker image ls
REPOSITORY                         TAG              IMAGE ID       CREATED              SIZE
fgt                                v0.9.6           0b6dd7437096   About a minute ago   2.58GB
joaoluispdm/pharmaledger-imi-fgt   v0.9.6           0b6dd7437096   About a minute ago   2.58GB

jpsl@PDM-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker push joaoluispdm/pharmaledger-imi-fgt:v0.9.6
The push refers to repository [docker.io/joaoluispdm/pharmaledger-imi-fgt]
88554937a323: Preparing 
e49a58eda5bb: Preparing 
04390b737724: Preparing 
ff7e4b7b2a66: Preparing 
9e13a1b3395f: Preparing 
a7e2ede3d96e: Waiting 
2343acc0cedf: Waiting 
103fd3fcf321: Waiting 
48257685945a: Waiting 
e2685ea45316: Waiting 
d1abbe7e086d: Waiting 
9a5d14f9f550: Waiting 
denied: requested access to the resource is denied

jpsl@PDM-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker login
Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one.
Username: joaoluispdm
Password: 
WARNING! Your password will be stored unencrypted in /home/jpsl/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded

jpsl@PDM-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker push joaoluispdm/pharmaledger-imi-fgt:v0.9.6
The push refers to repository [docker.io/joaoluispdm/pharmaledger-imi-fgt]
88554937a323: Pushed 
e49a58eda5bb: Pushed 
04390b737724: Pushed 
ff7e4b7b2a66: Pushed 
9e13a1b3395f: Pushed 
a7e2ede3d96e: Pushed 
2343acc0cedf: Pushed 
103fd3fcf321: Pushed 
48257685945a: Mounted from library/node 
e2685ea45316: Mounted from library/node 
d1abbe7e086d: Mounted from library/node 
9a5d14f9f550: Mounted from library/node 
v0.9.6: digest: sha256:e9b1e19f6343ce24fdb83227abcaa134fa4bedf0693092c1bf43ab6809f5acc9 size: 2837

joaoluis-pdm commented 2 years ago

docker-compose tests with the pre-built image seem to work. (Reverted the docker-compose.yml to build from git master again).

joaoluis-pdm commented 2 years ago

Tag was created, deleted, and created again, once the version.js was updated.

Deploy to DEV being documented at #82

Image release:

jpsl@PDM-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker build --build-arg GIT_BRANCH=v0.9.7 -t fgt:v0.9.7 --rm=false --pull --network host -f=Dockerfile .

jpsl@PDM-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker image ls
REPOSITORY   TAG              IMAGE ID       CREATED              SIZE
fgt          v0.9.7           ec0d37698f48   About a minute ago   2.58GB
node         16.14.2-alpine   59b389513e8a   2 months ago         111MB

jpsl@PDM-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker image tag fgt:v0.9.7 joaoluispdm/pharmaledger-imi-fgt:v0.9.7

jpsl@PDM-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker login
Authenticating with existing credentials...
WARNING! Your password will be stored unencrypted in /home/jpsl/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded

jpsl@PDM-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker push joaoluispdm/pharmaledger-imi-fgt:v0.9.7
The push refers to repository [docker.io/joaoluispdm/pharmaledger-imi-fgt]
b81163d6dd6b: Pushed 
f7906f47dae3: Pushed 
266195d655bc: Pushed 
d49d669833a8: Pushed 
e7a43ef4d5f3: Pushed 
4127bcdc8786: Pushed 
bcea6e2e0da6: Pushed 
24fe427dc3f4: Pushed 
9c8958a02c6e: Mounted from library/node 
b5a53db2b893: Mounted from library/node 
cdb4a052fad7: Mounted from library/node 
4fc242d58285: Mounted from library/node 
v0.9.7: digest: sha256:45346da2b972515244f2315a75e56832e4f65c7aaf7ff81b593e1cb62ca42f90 size: 2837

joaoluis-pdm commented 2 years ago

Making docker image for v0.9.7.

MacBook-Pro-de-Techsupport:api joaoluis$ pwd
/Users/joaoluis/develop/PharmaLedger/fgt-workspace/docker/api
MacBook-Pro-de-Techsupport:api joaoluis$ docker build --build-arg GIT_BRANCH=v0.9.8 -t fgt:v0.9.8 --rm=false --pull --network host -f=Dockerfile .
[+] Building 786.9s (15/15) FINISHED                                                                                                                                                          
 => [internal] load build definition from Dockerfile                                                                                                                                     0.0s
 => => transferring dockerfile: 1.81kB                                                                                                                                                   0.0s
 => [internal] load .dockerignore                                                                                                                                                        0.0s
 => => transferring context: 2B                                                                                                                                                          0.0s
 => [internal] load metadata for docker.io/library/node:16.14.2-alpine                                                                                                                   1.7s
 => CACHED [ 1/11] FROM docker.io/library/node:16.14.2-alpine@sha256:28bed508446db2ee028d08e76fb47b935defa26a84986ca050d2596ea67fd506                                                    0.0s
 => [ 2/11] RUN apk --no-cache add git curl && apk add --no-cache --upgrade bash                                                                                                         2.2s
 => [ 3/11] RUN npm install -g node-gyp                                                                                                                                                  7.2s 
 => [ 4/11] RUN mkdir -p /fgt-workspace                                                                                                                                                  0.1s 
 => [ 5/11] WORKDIR /fgt-workspace                                                                                                                                                       0.0s 
 => [ 6/11] RUN git clone -b v0.9.8 --single-branch --depth 1 https://github.com/PharmaLedger-IMI/fgt-workspace.git . &&     npm install --unsafe-perm                                 377.6s 
 => [ 7/11] RUN npm run install-dsu-explorer                                                                                                                                            91.0s 
 => [ 8/11] RUN find . ( -name ".git" -o -name ".gitignore" -o -name ".gitmodules" -o -name ".gitattributes" ) -exec rm -rf -- {} +                                                      1.9s 
 => [ 9/11] RUN rm -rf docs workdocs                                                                                                                                                     0.1s
 => [10/11] RUN apk del git                                                                                                                                                              0.1s
 => [11/11] RUN chown -R node /fgt-workspace                                                                                                                                           287.0s
 => exporting to image                                                                                                                                                                  17.9s
 => => exporting layers                                                                                                                                                                 17.9s
 => => writing image sha256:8438bbaae92fafdb580c23e42181206abc5e3866ce17421aa08b8308bf860ffb                                                                                             0.0s
 => => naming to docker.io/library/fgt:v0.9.8                                                                                                                                            0.0s

MacBook-Pro-de-Techsupport:api joaoluis$ docker image ls
REPOSITORY                   TAG       IMAGE ID       CREATED         SIZE
fgt                          v0.9.8    8438bbaae92f   2 minutes ago   2.43GB

MacBook-Pro-de-Techsupport:api joaoluis$ docker login
...

MacBook-Pro-de-Techsupport:api joaoluis$ docker image tag fgt:v0.9.8 joaoluispdm/pharmaledger-imi-fgt:v0.9.8
MacBook-Pro-de-Techsupport:api joaoluis$ docker image ls
REPOSITORY                         TAG       IMAGE ID       CREATED          SIZE
joaoluispdm/pharmaledger-imi-fgt   v0.9.8    8438bbaae92f   16 minutes ago   2.43GB
fgt                                v0.9.8    8438bbaae92f   16 minutes ago   2.43GB

MacBook-Pro-de-Techsupport:api joaoluis$ docker push joaoluispdm/pharmaledger-imi-fgt:v0.9.8

joaoluis-pdm commented 2 years ago

v0.10.0 image generated, but was deleted afterwards due to https://github.com/PharmaLedger-IMI/fgt-workspace/issues/90#issuecomment-1186029230

joaoluis-pdm commented 2 years ago

v0.10.0 image generate consisten with existing tag.

joaoluis-pdm commented 2 years ago

Published image v0.10.4 to docker-hub

...
jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker push joaoluispdm/pharmaledger-imi-fgt:v0.10.4
The push refers to repository [docker.io/joaoluispdm/pharmaledger-imi-fgt]
0b023343862c: Pushed 
fe57ba908fc0: Pushed 
df3464bc2250: Pushed 
780de7cb7284: Pushed 
80381aa14cf8: Pushed 
0c82c15efabf: Pushed 
2c237b79c78d: Pushed 
fcfbc1e138f5: Pushed 
db691398d3a9: Pushed 
9c8958a02c6e: Layer already exists 
b5a53db2b893: Layer already exists 
cdb4a052fad7: Layer already exists 
4fc242d58285: Layer already exists 
v0.10.4: digest: sha256:61456313eebab4cbe610db7b6d8de9f32f6cb18f42d4ff17a53382b924dd8950 size: 3049

Released to TST on v0.10.4

joaoluis-pdm commented 2 years ago

publish image for v0.10.5

jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker build --build-arg GIT_BRANCH=v0.10.5 -t fgt:v0.10.5 --rm=false --pull --network host -f=Dockerfile .

jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker image tag fgt:v0.10.5 joaoluispdm/pharmaledger-imi-fgt:v0.10.5

jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker push joaoluispdm/pharmaledger-imi-fgt:v0.10.5

joaoluis-pdm commented 2 years ago

Updated package.json and re-generated tag v0.10.5

jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker build --build-arg GIT_BRANCH=v0.10.5 -t fgt:v0.10.5 --rm=false --pull --network host -f=Dockerfile .

jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker image tag fgt:v0.10.5 joaoluispdm/pharmaledger-imi-fgt:v0.10.5
jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker push joaoluispdm/pharmaledger-imi-fgt:v0.10.5
The push refers to repository [docker.io/joaoluispdm/pharmaledger-imi-fgt]
0b1cef742e00: Pushed 
784fac9860fb: Pushed 
599dee334be9: Pushed 
3133c9a49005: Pushed 
6f33a3a40d1b: Pushed 
68894c38f0cc: Pushed 
8ef7457ff74b: Pushed 
20e8d306d3ef: Pushed 
352431096f9a: Pushed 
9c8958a02c6e: Layer already exists 
b5a53db2b893: Layer already exists 
cdb4a052fad7: Layer already exists 
4fc242d58285: Layer already exists 
v0.10.5: digest: sha256:984b7d9bb96fbfdc256da88069e1548a5a7362022f4c6342c3c5ca3b3e70714b size: 3049

Next version will be v0.10.6 or higher

joaoluis-pdm commented 2 years ago

Thecnical meeting with Sanofi.

The build of v0.10.5 is apparently not correctly frozen. When repeating the generation of the docker image, the top level "npm ci" fails with

...
[ ERROR ]  TypeScript: ./src/components/pdm-item-organizer/pdm-item-organizer.tsx:39:71
           Cannot find name 'componentName'. Did you mean the instance
           member 'this.componentName'?

     L38:  /**
     L39:  s that will be passed to the HTML Element {@link componentName}
     L40:   */

The problem cause seems that that fgt-api/ is missing a frozen package-lock.json

This is preventing Sanofi from building and deploying their Docker image.

@TiagoV-PDMFC fixed, and release of v0.10.6 can begin.

joaoluis-pdm commented 2 years ago

Pushing image v0.10.6 (fgt-dev tests ongoing).

jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker build --build-arg GIT_BRANCH=v0.10.6 -t fgt:v0.10.6 --rm=false --pull --network host -f=Dockerfile .

jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker image tag fgt:v0.10.6 joaoluispdm/pharmaledger-imi-fgt:v0.10.6
jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker push joaoluispdm/pharmaledger-imi-fgt:v0.10.6
The push refers to repository [docker.io/joaoluispdm/pharmaledger-imi-fgt]
e002bdedb0e8: Pushed 
326d654e7316: Pushed 
e82b14f9574f: Pushed 
d18bc865f958: Pushed 
5beb0f939050: Pushed 
321ae9e6c59c: Pushed 
5a11eaed40d9: Pushed 
bebbd8217666: Pushed 
5c962ae4e1f3: Pushed 
9c8958a02c6e: Layer already exists 
b5a53db2b893: Layer already exists 
cdb4a052fad7: Layer already exists 
4fc242d58285: Layer already exists 
v0.10.6: digest: sha256:6fdc9ebb957a18ac984d4aad6ed5d22c3c9ffc9e8a8e58242912fdd47c203709 size: 3048

joaoluis-pdm commented 2 years ago

Deleted tag v0.10.6 on docker hub. Pushing v0.10.7

jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker build --build-arg GIT_BRANCH=v0.10.7 -t fgt:v0.10.7 --rm=false --pull --network host -f=Dockerfile .

jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker image tag fgt:v0.10.7 joaoluispdm/pharmaledger-imi-fgt:v0.10.7
jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker push joaoluispdm/pharmaledger-imi-fgt:v0.10.7
The push refers to repository [docker.io/joaoluispdm/pharmaledger-imi-fgt]
c52633f44e7e: Pushed 
1a0ff8571784: Pushed 
d78816cb9c2f: Pushed 
3926a9038e8b: Pushed 
e22fd67131f0: Pushed 
8dfdba6fd6fb: Pushed 
62dbaabf29fa: Pushed 
66da2d51c885: Pushed 
f8656b0cc7ea: Pushed 
9c8958a02c6e: Layer already exists 
b5a53db2b893: Layer already exists 
cdb4a052fad7: Layer already exists 
4fc242d58285: Layer already exists 
v0.10.7: digest: sha256:4de5af4889e2a7769191d2b9730e081bc6f4d5663ecd7d9c0568907007b7aead size: 3049

joaoluis-pdm commented 2 years ago

Internal report on testing a helm-charts with minikube 1.27 on Ubuntu 22.04.1

(minikube is intended as a developer's tool providing some aspects of a full Kubernetes environment, and allowing PDM developers to test the new releases against the https://github.com/PharmaLedger-IMI/fgt-workspace/blob/master/fgt-api/server-helm.js variation of the server.js in the same folder ).

docker already installed Docker version 20.10.18, build b40c2f6
install minikube (such as in https://computingforgeeks.com/how-to-install-minikube-on-ubuntu-debian-linux/ ) and start it.

1.1. after the install of minikube is complete, start it

$ minikube start

1.2. add the ingress add-on (Not tested with success on MacOS, partial success on Ubuntu 22)

$ minikube addons enable ingress

clone helm-charts https://github.com/PharmaLedger-IMI/helm-charts/

git clone https://github.com/PharmaLedger-IMI/helm-charts/

2.1. create a variation on the example example-config-mah.yaml called example-config-mymah.yaml : change the ID ( MYMAH011 ) and point the traceability domain to the fgt-dev environment. (Local swagger and api URLs still need to be fixed).

helm-charts$ diff charts/fgt/config-examples/example-config-mah.yaml charts/fgt/config-examples/example-config-mymah.yaml 47c47
<           "https://fgt-traceability-app.pharma-company.com"
---
>           "https://fgt-dev.pharmaledger.pdmfc.com"
50c50
<           "https://fgt-traceability-app.pharma-company.com"
---
>           "https://fgt-dev.pharmaledger.pdmfc.com"
53c53
<           "https://fgt-traceability-app.pharma-company.com"
---
>           "https://fgt-dev.pharmaledger.pdmfc.com"
56c56
<           "https://fgt-traceability-app.pharma-company.com"
---
>           "https://fgt-dev.pharmaledger.pdmfc.com"
132c132
<         "secret": "MAH011",
---
>         "secret": "MYMAH011",
140c140
<         "secret": "pharmaledger@company.com",
---
>         "secret": "pharmaledgermymah@company.com",

deploy the my-mah solution

helm-charts$ helm upgrade my-mah charts/fgt --version=v0.10.7     --install     --values charts/fgt/config-examples/example-config-mymah.yaml

3.1. workaround 'image will not download' problem

helm-charts$ minikube ssh 
docker@minikube:~$ docker pull joaoluispdm/pharmaledger-imi-fgt:v0.10.7

Now there is a local image, matching the names expected in the helm-charts.

3.2 workaround DNS problem

$ kubectl get pods
NAME                          READY   STATUS    RESTARTS   AGE
my-mah-fgt-7877b58c9f-jp2nw   1/1     Running   0          65m
$ kubectl logs -f --timestamps my-mah-fgt-7877b58c9f-jp2nw
...
2022-09-30T11:44:31.511709080Z [POST] https://fgt-dev.pharmaledger.pdmfc.com/bricking/traceability/put-brick Error: getaddrinfo EAI_AGAIN fgt-dev.pharmaledger.pdmfc.com
2022-09-30T11:44:31.511811675Z     at GetAddrInfoReqWrap.onlookup [as oncomplete] (node:dns:71:26) {
2022-09-30T11:44:31.511848068Z   errno: -3001,
2022-09-30T11:44:31.511870865Z   code: 'EAI_AGAIN',
2022-09-30T11:44:31.511884890Z   syscall: 'getaddrinfo',
2022-09-30T11:44:31.511897992Z   hostname: 'fgt-dev.pharmaledger.pdmfc.com'
2022-09-30T11:44:31.511911787Z }
2022-09-30T11:44:31.514889696Z Build process of <fgt-mah-ssapp> failed.
...

The DNS errors seem random or due to some kind of throttling (I can have +/- 1000 HTTPS requests successful, and then on the 1001 request, EAI_AGAIN error for the same URL).

(Could this be related to https://github.com/kubernetes/kubernetes/issues/112135 (?) but I don't understand it very well...)

Workaround not known yet... (will possibly try to add an /etc/hosts entry to the pod image).

Adding hostAliases to the deployment template:

diff --git a/charts/fgt/templates/deployment.yaml b/charts/fgt/templates/deployment.yaml
index 86e4599..0107bf8 100644
--- a/charts/fgt/templates/deployment.yaml
+++ b/charts/fgt/templates/deployment.yaml
@@ -22,6 +22,10 @@ spec:
       labels:
         {{- include "fgt.selectorLabels" . | nindent 8 }}
     spec:
+      {{- with .Values.hostAliases }}
+      hostAliases:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
       {{- with .Values.imagePullSecrets }}
       imagePullSecrets:
         {{- toYaml . | nindent 8 }}

Prepend hostAliases to charts/fgt/config-examples/example-config-mymah.yaml:

helm-charts$ diff charts/fgt/config-examples/example-config-mah.yaml charts/fgt/config-examples/example-config-mymah.yaml 8a9,13
> hostAliases:
>   - ip: "213.63.130.240"
>     hostnames:
>     - "fgt-dev.pharmaledger.pdmfc.com"
> 
47c52

Example of credentials are wrong. The address and passrepeat fields are required. The example given at https://github.com/PharmaLedger-IMI/helm-charts/blob/a74da15854fd50ff8cde36a506c8d7d0f3b20c32/charts/fgt/values.yaml#L179 or https://github.com/PharmaLedger-IMI/helm-charts/blob/a74da15854fd50ff8cde36a506c8d7d0f3b20c32/charts/fgt/config-examples/example-config-mah.yaml#L129 are wrong.

Bad example:

    {
      "id": {
        "secret": "MAH011",
        "public": true
      },
      "name": {
        "secret": "Company Inc.",
        "public": true
      },
      "email": {
        "secret": "pharmaledger@company.com",
        "public": true
      },
      "pass": {
        "secret": "This1sSuchAS3curePassw0rd"
      }
    }

Good example:

    {
      "id": {
        "secret": "MYMAH011",
        "public": true
      },
      "name": {
        "secret": "Company Inc.",
        "public": true
      },
      "email": {
        "secret": "pharmaledgermymah@company.com",
        "public": true
      },
      "address": {
        "required": true,
        "secret": "address street",
        "public": true
      },
      "pass": {
        "secret": "This1sSuchAS3curePassw0rd"
      },
      "passrepeat": {
        "secret": "This1sSuchAS3curePassw0rd"
      }
    }

How to undeply my-mah
```
helm-charts$ helm uninstall my-mah
```
... but then go to the minikube dashboard, Config and Storage, Persistent Volume Claims, and delete the my-mah-fgt. (Otherwise the update/install process will fail).
Stopping and deleting the minikube cluster
```
$ minikube stop
$ minikube delete
```

MacOS notes

None of the workarounds mentioned above (forced image download, and DNS hostAliases) seem to be needed on MacOS 12.6 , so it is possible that the problems above are specific for Ubuntu 22.04

joaoluis-pdm commented 2 years ago

Building image for FGT v0.11.0

jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker build --build-arg GIT_BRANCH=v0.11.0 -t fgt:v0.11.0 --rm=false --pull --network host -f=Dockerfile .
jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker image tag fgt:v0.11.0 joaoluispdm/pharmaledger-imi-fgt:v0.11.0
jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker push joaoluispdm/pharmaledger-imi-fgt:v0.11.0
The push refers to repository [docker.io/joaoluispdm/pharmaledger-imi-fgt]
a13d25320d56: Pushed 
3e00fcb2361d: Pushed 
9d6018811670: Pushed 
edff82c5cc22: Pushed 
e0beaddf98cb: Pushed 
33fe7d99a470: Pushed 
3b93fcfbb3cb: Pushed 
6567f2c0cfe9: Pushed 
c88b34a3b00b: Pushed 
9c8958a02c6e: Layer already exists 
b5a53db2b893: Layer already exists 
cdb4a052fad7: Layer already exists 
4fc242d58285: Layer already exists 
v0.11.0: digest: sha256:901aa08d2d6f514bddd3cfec6077dbf067f37fbc86023ddf7af2accec8367cc2 size: 3049

joaoluis-pdm commented 2 years ago

Building image for FGT v0.11.1

jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker build --build-arg GIT_BRANCH=v0.11.1 -t fgt:v0.11.1 --rm=false --pull --network host -f=Dockerfile .
jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker image tag fgt:v0.11.1 joaoluispdm/pharmaledger-imi-fgt:v0.11.1
jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker push joaoluispdm/pharmaledger-imi-fgt:v0.11.1
The push refers to repository [docker.io/joaoluispdm/pharmaledger-imi-fgt]
7c677aa7a117: Pushed 
d536e14c40cf: Pushed 
685cd4200514: Pushed 
f5caff95597a: Pushed 
34ddf1d9b262: Pushed 
3a66ca8ac1e6: Pushed 
a97fa0807c09: Pushed 
0aecc9f743d6: Pushed 
6a9e879288fd: Pushed 
9c8958a02c6e: Layer already exists 
b5a53db2b893: Layer already exists 
cdb4a052fad7: Layer already exists 
4fc242d58285: Layer already exists 
v0.11.1: digest: sha256:cc84c82633638fe55cbc0ab2d27075bc6c3cbd570e42666fdd654891f2aa0815 size: 3049

joaoluis-pdm commented 2 years ago

jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker build --build-arg GIT_BRANCH=v0.11.2 -t fgt:v0.11.2 --rm=false --pull --network host -f=Dockerfile .
jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker image tag fgt:v0.11.2 joaoluispdm/pharmaledger-imi-fgt:v0.11.2
jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker push joaoluispdm/pharmaledger-imi-fgt:v0.11.2
The push refers to repository [docker.io/joaoluispdm/pharmaledger-imi-fgt]
fdde4617f7c6: Pushed 
d19108d56d8b: Pushed 
754266105d28: Pushed 
2ceaeabac7f7: Pushed 
dc5422b7d580: Pushed 
4be39f60167d: Pushed 
aa449356ec37: Pushed 
c1e69ec0c83b: Pushed 
79cbac5e6718: Pushed 
9c8958a02c6e: Layer already exists 
b5a53db2b893: Layer already exists 
cdb4a052fad7: Layer already exists 
4fc242d58285: Layer already exists 
v0.11.2: digest: sha256:5df868fe2e3d953a72083cf69ff1c615beb8d67daa56228d3bad571d7b0403f3 size: 3049

joaoluis-pdm commented 2 years ago

New minikube tests for v0.11.2 on a fork of helm-charts

$ minikube start --driver=docker  --kubernetes-version=v1.25.3
$ minikube dashboard

# on a fork of helm-charts
helm-charts$ helm upgrade my-mah charts/fgt --version=v0.11.2     --install     --values charts/fgt/config-examples/example-config-mymah.yaml

helm-charts$ helm uninstall my-mah

joaoluis-pdm commented 2 years ago

Attempted changes on helm-charts: https://github.com/joaoluis-pdm/helm-charts/commit/94717dc8f798337dc34835bf8b3e5ad51fc54c0c (and 4b7e480b3cc54938dc4d4fd1db772dfbc2a7834e )

Major differences:

2 new environment variables ENVIRONMENT=dev and bricksDomain=traceability.mymah011

bricksDomain needs to be chosen before (possibly based on credentials.id and provisioned on bdns.hosts on github (for dev or tst). (Example bricksDomain=traceability.mymah011 is for example-config-mymah.yaml where id="MYMAH011"). (This could possible also be the same as existing "subDomain" parameter in existing helm-charts).

These are used by the initial npm run update-docker-apihub-config

This script does 2 things:

Overwrite /fgt-workspace/apihub-root/external-volume/config/apihub.json with a new version with extra-content:

...
"componentsConfig": {
"bdns": {
  "url": "https://raw.githubusercontent.com/PharmaLedger-IMI/fgt-workspace/master/fgt-bdns/dev/bdns.hosts"
},
...

The "dev" string above is defined by the ${ENVIRONMENT} variable.

Generates a new local domain configuration /fgt-workspace/apihub-root/external-volume/config/domains/${bricksDomain}.json

This will have fixed content:

{"anchoring":{
    "type":"FS",
    "option":{"enableBricksLedger":false},
    "commands":{"addAnchor":"anchor"}
  },
  "enable":["mq"],
  "skipOAuth":["/bricking/${bricksDomain}/get-brick"]}

(Updated 2022-11-18)

Note that ${bricksDomain} is replaced by the chosen bricks domain name.

This is actually failing as the paths seem to be read-only.

=======> Ovewriting APIHub configs ...

> fgt-workspace@0.11.2 update-docker-apihub-config
> cd fgt-api && node ./updateDockerConfigs.js

Updating environment configurations for the dev environment using bricksDomain: traceability.mymah011
Error: EACCES: permission denied, copyfile '/fgt-workspace/fgt-bdns/dev/apihub.json' -> '/fgt-workspace/apihub-root/external-volume/config/apihub.json'
    at Object.copyFileSync (node:fs:2804:3)
    at /fgt-workspace/fgt-api/updateDockerConfigs.js:12:16
    at new Promise (<anonymous>)
    at updateConfigsToMatchEnvironment (/fgt-workspace/fgt-api/updateDockerConfigs.js:8:12)
    at Object.<anonymous> (/fgt-workspace/fgt-api/updateDockerConfigs.js:40:1)
    at Module._compile (node:internal/modules/cjs/loader:1103:14)
    at Object.Module._extensions..js (node:internal/modules/cjs/loader:1157:10)
    at Module.load (node:internal/modules/cjs/loader:981:32)
    at Function.Module._load (node:internal/modules/cjs/loader:822:12)
    at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:77:12) {
  errno: -13,
  syscall: 'copyfile',
  code: 'EACCES',
  path: '/fgt-workspace/fgt-bdns/dev/apihub.json',
  dest: '/fgt-workspace/apihub-root/external-volume/config/apihub.json'
}

The error is possibly due to the readOnly / root ownership of most mounts under external-volume/config. heml-charts owner ,might decide to solve things differently (with file overrides/templates/etc...).

Please ignore ingress stuff...

joaoluis-pdm commented 2 years ago

jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker build --build-arg GIT_BRANCH=v0.11.3 -t fgt:v0.11.3 --rm=false --pull --network host -f=Dockerfile .
jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker image tag fgt:v0.11.3 joaoluispdm/pharmaledger-imi-fgt:v0.11.3
jpsl@pdm-00781:/export/home/jpsl/develop/PharmaLedger/fgt-workspace/docker/api$ docker push joaoluispdm/pharmaledger-imi-fgt:v0.11.3
The push refers to repository [docker.io/joaoluispdm/pharmaledger-imi-fgt]
09475e153559: Pushed 
f16ca0c50e4d: Pushed 
b15ce4a0fa56: Pushed 
690420a29964: Pushed 
ce7e8c1724fe: Pushed 
72828a34d22a: Pushed 
88cb144a607b: Pushed 
14a6f13a81f4: Pushed 
534bc013f37b: Pushed 
9c8958a02c6e: Layer already exists 
b5a53db2b893: Layer already exists 
cdb4a052fad7: Layer already exists 
4fc242d58285: Layer already exists 
v0.11.3: digest: sha256:31aa14318ff1de2f8cc8ae2cca424f8fee9340cb779f1f8089372a72e7c676e5 size: 3049

joaoluis-pdm commented 1 year ago

After BDNS update, some containers need restart. Notes: https://github.com/PharmaLedger-IMI/fgt-workspace/issues/123#issuecomment-1344542249