feat: add gitpod support

elixir-europe-training / Training-Metrics-Database

TMD - a database for aggregation of training metrics in ELIXIR

https://tmd.elixir-europe.org

MIT License

4 stars 0 forks source link

feat: add gitpod support #28

Closed mihai-sysbio closed 1 year ago

mihai-sysbio commented 1 year ago

This PR makes it possible to run the entire stack in Gitpod, and adds a label in the Readme for it. @mblue9 and I started to look into this during the hackathon but didn’t quite get it to work. It proved to be a restriction on the allowed hosts.

mblue9 commented 1 year ago

Great! I had looked into this and found similar but didn't get around to adding it yet :)

Not part of this PR, but the other related things we discussed in case I forget,

if we want to make the preview easier, it could automatically appear with open-preview in .gitpod.yml e.g. see what Galaxy do here https://github.com/galaxyproject/training-material/blob/main/.gitpod.yml
also note as in their yml, you can automate initial setup tasks e.g would it make sense to automate the creation of .env (cp .env.default .env) and cp postgres/postgres.env.default postgres/postgres.env. I didn't initially know to do those steps as they're not something I've done before, maybe others are the same.

mihai-sysbio commented 1 year ago

Those were too good suggestions to wait with them @mblue9 so I've added them though commit dba8fa3.

mihai-sysbio commented 1 year ago

Allowing all hosts by default is not a good idea.

@jonandernovella could you expand?

Here's my thinking: For development, the Dockerfile is now set up to only allow requests from the localhost. Imho, this should be more secure than the filter in Django. And for production, this filter should not matter. Also, I think accepting all hosts is required for Django to work in Gitpod - but perhaps not?

jonandernovella commented 1 year ago

Allowing all hosts by default is not a good idea.

@jonandernovella could you expand?

Here's my thinking: For development, the Dockerfile is now set up to only allow requests from the localhost. Imho, this should be more secure than the filter in Django. And for production, this filter should not matter. Also, I think accepting all hosts is required for Django to work in Gitpod - but perhaps not?

If gitpod requires accepting all hosts that's OK. But we shouldn't need to change the default env values, which are secure by default. Instead I'd prefer if you can customize the actual env file to meet the requirements for gitpod.

mihai-sysbio commented 1 year ago

But we shouldn't need to change the default env values, which are secure by default.

In my view, this Django-provided security is of little/no benefit over the Docker-provided security, and the project is now fully running inside Docker.

Instead I'd prefer if you can customize the actual env file to meet the requirements for gitpod.

Good idea, that is of course possible - another env/Dockerfile can be set up especially for Gitpod, and to me that is extra maintenance (and possible duplication) which is why I prefer to avoid it.

However, @jonandernovella if you feel strongly about these changes, please feel free to add them directly to this branch.

jonandernovella commented 1 year ago

But we shouldn't need to change the default env values, which are secure by default.

In my view, this Django-provided security is of little/no benefit over the Docker-provided security, and the project is now fully running inside Docker.

Instead I'd prefer if you can customize the actual env file to meet the requirements for gitpod.

Good idea, that is of course possible - another env/Dockerfile can be set up especially for Gitpod, and to me that is extra maintenance (and possible duplication) which is why I prefer to avoid it.

However, @jonandernovella if you feel strongly about these changes, please feel free to add them directly to this branch.

It entirely depends on how Docker is set up and whether you trust your networks. I'd generally recommend applying a zero trust policy on this matter.

jonandernovella commented 1 year ago

But we shouldn't need to change the default env values, which are secure by default.

In my view, this Django-provided security is of little/no benefit over the Docker-provided security, and the project is now fully running inside Docker.

Instead I'd prefer if you can customize the actual env file to meet the requirements for gitpod.

Good idea, that is of course possible - another env/Dockerfile can be set up especially for Gitpod, and to me that is extra maintenance (and possible duplication) which is why I prefer to avoid it.

However, @jonandernovella if you feel strongly about these changes, please feel free to add them directly to this branch.

I don't think a new Dockerfile is needed. You'd just need to modify that variable in the gitpod script.

unode commented 1 year ago

Thanks @mihai-sysbio for this setup. I'm also a big fan of GitPod. Massive time saver.