Merge pull request #345 from samply/develop

Develop main

bridgehead

@@ -146,6 +146,10 @@ case "$ACTION" in
 		loadVars
 		exec ./lib/update-bridgehead.sh $PROJECT
 		;;
+	check)
+		loadVars &> /dev/null
+		exec ./lib/check-bridgehead.sh $PROJECT
+		;;
 	install)
 		source ./lib/prepare-system.sh NODEV
 		loadVars

ccp/docker-compose.yml

@@ -25,15 +25,16 @@ services:
     image: docker.verbis.dkfz.de/cache/samply/focus:${FOCUS_TAG}-dktk
     container_name: bridgehead-focus
     environment:
-      API_KEY: ${FOCUS_BEAM_SECRET_SHORT}
+    - API_KEY=${FOCUS_BEAM_SECRET_SHORT}
-      BEAM_APP_ID_LONG: focus.${PROXY_ID}
+    - BEAM_APP_ID_LONG=focus.${PROXY_ID}
-      PROXY_ID: ${PROXY_ID}
+    - PROXY_ID=${PROXY_ID}
-      BLAZE_URL: "http://bridgehead-ccp-blaze:8080/fhir/"
+    - BLAZE_URL=http://bridgehead-ccp-blaze:8080/fhir/
-      BEAM_PROXY_URL: http://beam-proxy:8081
+    - BEAM_PROXY_URL=http://beam-proxy:8081
-      RETRY_COUNT: ${FOCUS_RETRY_COUNT}
+    - RETRY_COUNT=${FOCUS_RETRY_COUNT}
-      EPSILON: 0.28
+    - EPSILON=0.28
-      QUERIES_TO_CACHE: '/queries_to_cache.conf'
+    - QUERIES_TO_CACHE=/queries_to_cache.conf
-      ENDPOINT_TYPE: ${FOCUS_ENDPOINT_TYPE:-blaze}
+    - ENDPOINT_TYPE=${FOCUS_ENDPOINT_TYPE:-blaze}
+    - CQL_PROJECTS_ENABLED
     volumes:
       - /srv/docker/bridgehead/ccp/queries_to_cache.conf:/queries_to_cache.conf:ro
     depends_on:

dhki/vars

@@ -23,4 +23,5 @@ do
     source $module
 done
 
-transfairSetup
+transfairSetup
+scoutSetup

lib/check-bridgehead.sh

@@ -0,0 +1,74 @@
+#!/bin/bash
+source lib/functions.sh
+
+log INFO "Running Bridgehead checks..."
+
+# Directory ownership
+log INFO "Checking directory ownership..."
+OWNERSHIP_OK=true
+if ! checkOwner /srv/docker/bridgehead bridgehead &> /dev/null; then
+  log ERROR "Wrong ownership for /srv/docker/bridgehead."
+  log INFO "Hint: Run 'sudo chown -R bridgehead /srv/docker/bridgehead'."
+  OWNERSHIP_OK=false
+fi
+if ! checkOwner /etc/bridgehead bridgehead &> /dev/null; then
+  log ERROR "Wrong ownership for /etc/bridgehead."
+  log INFO "Hint: Run 'sudo chown -R bridgehead /etc/bridgehead'."
+  OWNERSHIP_OK=false
+fi
+
+if [ "$OWNERSHIP_OK" = true ]; then
+  log INFO "Directory ownership is correct."
+fi
+
+# Git repository status
+log INFO "Checking Git repository status..."
+GIT_OK=true
+if [ -d "/etc/bridgehead/.git" ]; then
+  if [ -n "$(git -C "/etc/bridgehead" status --porcelain)" ]; then
+    log ERROR "The config repo at /etc/bridgehead is modified.\n$(git -C /etc/bridgehead status -s)"
+    log INFO "Hint: Review your changes with git diff if they are already upstreamed use git stash and git pull to update the repo"
+    GIT_OK=false
+  fi
+fi
+if [ -n "$(git -C "$(pwd)" status --porcelain)" ]; then
+  log ERROR "$(pwd) is modified. \n$(git -C "$(pwd)" status -s)"
+  log INFO "Hint: If these are site specific changes to docker compose files consider moving them to $PROJECT/docker-compose.override.yml which is ignored by git."
+  log INFO "      If they are already upstreamed use git stash and git pull to update the repo"
+  GIT_OK=false
+fi
+
+if [ "$GIT_OK" = true ]; then
+  log INFO "Git repositories are clean."
+fi
+
+# Git remote connection
+log INFO "Checking Git remote connection..."
+GIT_REMOTE_OK=true
+if [ -d "/etc/bridgehead/.git" ]; then
+  if ! git -C "/etc/bridgehead" fetch --dry-run >/dev/null 2>&1; then
+    log ERROR "Cannot connect to the Git remote for /etc/bridgehead."
+    log INFO "Hint: Check your network connection and Git remote configuration for /etc/bridgehead."
+    GIT_REMOTE_OK=false
+  fi
+fi
+if [ -d "$(pwd)/.git" ]; then
+  if ! git -C "$(pwd)" fetch --dry-run >/dev/null 2>&1; then
+    log ERROR "Cannot connect to the Git remote for $(pwd)."
+    log INFO "Hint: Check your network connection and Git remote configuration for $(pwd)."
+    GIT_REMOTE_OK=false
+  fi
+fi
+
+if [ "$GIT_REMOTE_OK" = true ]; then
+  log INFO "Git remote connection successful."
+fi
+
+if [ "$OWNERSHIP_OK" = true ] && [ "$GIT_OK" = true ] && [ "$GIT_REMOTE_OK" = true ]; then
+  log INFO "All checks passed."
+  exit 0
+else
+  log ERROR "Some checks failed. Please review the hints and fix the issues."
+  log ERROR "Without fixing these issues bridgehead updates may not work correctly."
+  exit 1
+fi

lib/functions.sh

@@ -53,7 +53,7 @@ checkOwner(){
 }
 
 printUsage() {
-	echo "Usage: bridgehead start|stop|logs|docker-logs|is-running|update|install|uninstall|adduser|enroll PROJECTNAME"
+	echo "Usage: bridgehead start|stop|logs|docker-logs|is-running|update|check|install|uninstall|adduser|enroll PROJECTNAME"
 	echo "PROJECTNAME should be one of ccp|bbmri|cce|itcc|kr|dhki"
 }
 

modules/scout-compose.yml

@@ -0,0 +1,40 @@
+volumes:
+  scout-blaze-data:
+
+services:
+  traefik:
+    labels:
+      - "traefik.http.middlewares.additional-users-auth.basicauth.users=${SCOUT_BASIC_AUTH_USERS}"
+
+  scout-blaze:
+    image: docker.verbis.dkfz.de/cache/samply/blaze:${BLAZE_TAG}
+    container_name: bridgehead-scout-blaze
+    environment:
+      BASE_URL: "http://bridgehead-scout-blaze:8080"
+      ENFORCE_REFERENTIAL_INTEGRITY: "false"
+    volumes:
+      - "scout-blaze-data:/app/data"
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.scout-blaze.rule=PathPrefix(`/scout-blaze`)"
+      - "traefik.http.middlewares.scout-blaze-stripprefix.stripprefix.prefixes=/scout-blaze"
+      - "traefik.http.services.scout-blaze.loadbalancer.server.port=8080"
+      - "traefik.http.routers.scout-blaze.middlewares=scout-blaze-stripprefix,additional-users-auth"
+      - "traefik.http.routers.scout-blaze.tls=true"
+
+  scout:
+    image: samply/scout:main
+    container_name: bridgehead-scout
+    configs:
+      - scout.toml
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.scout.rule=PathPrefix(`/scout`)"
+      - "traefik.http.services.scout.loadbalancer.server.port=8080"
+      - "traefik.http.routers.scout.middlewares=additional-users-auth"
+      - "traefik.http.routers.scout.tls=true"
+
+configs:
+  scout.toml:
+    content: |
+      fhir_base_url = "http://scout-blaze:8080/fhir"

modules/scout-setup.sh

@@ -0,0 +1,8 @@
+#!/bin/bash -e
+
+function scoutSetup() {
+    if [[ -n "$ENABLE_SCOUT" && -n "$SCOUT_BASIC_AUTH_USERS" ]]; then
+        echo "Starting scout."
+	    OVERRIDE+=" -f ./modules/scout-compose.yml"
+    fi
+}