Closed maoo closed 7 years ago
EDN is a data-only format, and therefore you can't embed processing instructions (such as System/getenv) in it - the EDN reader will reject such content (as is happening in the exception above).
Furthermore, bot-unfurl uses a library called cprop for handling configuration, and amongst other benefits it's more flexible than System/getenv. I'll look at a solution based on that. How these environment variables interact with the existing config file will need some thought.
Finally, why have you flagged the locations of the certificate and truststore files, and the email address of the bot user as "secret"?
Certificate location is considered a sensitive info as it may suggest how (and from where) they are downloaded.
Email address is considered a sensitive info simply to avoid spamming.
Should should be fixed in 7496050, via the use of aero which supports environment variables within config.edn
. @maoo if you have a chance to test this, I'd really appreciate it - not sure when I'll have time to properly test environment variables myself.
Works like a charm, see https://github.com/maoo/bot-unfurl/commit/f57d04f70c2397cf0ea7610daa4bf7288dc8f4ed
I'm now stuck on javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
, more details on https://gist.github.com/maoo/7421f248cfabb0a538c385e40182949d .
I've tested different cacerts:
keytool -importkeystore
to copy certs from one to another)This issue is reproduced locally; I can send over my certs/keystore on Symphony chat, in order to reproduce the issue.
That exception is clearly showing that the SSL handshake between the JVM bot-unfurl is running in and the Symphony pod is failing. I've only ever seen this happen when the pod's SSL certificate hasn't been added to the truststore used by the JVM.
Stupid me, I forgot to register the certificate on the pod keystore; adding the bot-unfurl root certificate on the pod "Manage Certificates" UI fixed the problem. Thanks for the hint!
Now I got another exception trying to run locally, strangely a ClassNotFoundException - https://gist.github.com/maoo/5743d80abf9cb3ebe79cde847ef2ee66
Nevermind, issue fixed by last commit. the bot-unfurl is now running locally. I'll close this issue as soon as I have it deployed on Openshift Online
Openshift Online is running bot-unfurl against the ODP, closing issue.
Reopening issue, as I realised that the PR must be still submitted and merged.
Added OC_TOKEN
environment variable into Travis CI; deployment on Openshift from latest Travis build was successful, see https://travis-ci.org/symphonyoss/bot-unfurl
Closing issue.
Background
As applied for the Symphony Java Sample Bots project, I'd like to enable Continuous Delivery on this project, so that everytime that Travis CI runs a successful build, the built artifact (uberjar) is deployed against the ODP
To accomplish this, I have:
bot-unfurl
To test the deployment on this project, I've forked and applied the relevant changes:
.travis.yml
file prepares the content to deploy and invokes oc-deploy.sh onafter_success
config-openshift.edn
defines the user credentials that are read by environment variablesTravis CI successfully starts the Openshift build, which creates the container and triggers a new deployment.
Outstanding issues
The container execution is failing with the exception mentioned below; I'm still uncertain if the
System/getenv
syntax used inconfig-openshift.edn
is working as expected. For completion, below are mentioned the environment variables that are available within the container.Environment vars
Runtime exception