Test

feat: add Teiler and Exporter in BBMRI (#312 )
Co-authored-by: Jan <59206115+Threated@users.noreply.github.com>
2025-06-16 23:00:15 +02:00 · 2025-06-05 17:03:46 +02:00 · 2025-06-05 16:55:03 +02:00 · 2025-06-04 14:22:34 +02:00
13 changed files with 38 additions and 37 deletions
--- a/bbmri/modules/exporter-compose.yml
+++ b/bbmri/modules/exporter-compose.yml
@ -23,6 +23,18 @@ services:
      - "traefik.http.routers.exporter_bbmri.tls=true"
      - "traefik.http.middlewares.exporter_bbmri_strip.stripprefix.prefixes=/bbmri-exporter"
      - "traefik.http.routers.exporter_bbmri.middlewares=exporter_bbmri_strip"
      # Main router
      - "traefik.http.routers.exporter_bbmri.priority=20"
      # API router
      - "traefik.http.routers.exporter_bbmri_api.middlewares=exporter_bbmri_strip,exporter_auth"
      - "traefik.http.routers.exporter_bbmri_api.rule=PathRegexp(`/bbmri-exporter/.+`)"
      - "traefik.http.routers.exporter_bbmri_api.tls=true"
      - "traefik.http.routers.exporter_bbmri_api.priority=25"
      # Shared middlewares
      - "traefik.http.middlewares.exporter_auth.basicauth.users=${EXPORTER_USER}"
    volumes:
      - "/var/cache/bridgehead/bbmri/exporter-files:/app/exporter-files/output"
@ -65,3 +77,10 @@ services:
      - "traefik.http.routers.reporter_bbmri.tls=true"
      - "traefik.http.middlewares.reporter_bbmri_strip.stripprefix.prefixes=/bbmri-reporter"
      - "traefik.http.routers.reporter_bbmri.middlewares=reporter_bbmri_strip"
      - "traefik.http.routers.reporter_bbmri.priority=20"
      - "traefik.http.routers.reporter_bbmri_api.middlewares=reporter_bbmri_strip,exporter_auth"
      - "traefik.http.routers.reporter_bbmri_api.rule=PathRegexp(`/bbmri-reporter/.+`)"
      - "traefik.http.routers.reporter_bbmri_api.tls=true"
      - "traefik.http.routers.reporter_bbmri_api.priority=25"
--- a/bbmri/modules/teiler-compose.yml
+++ b/bbmri/modules/teiler-compose.yml
@ -19,7 +19,7 @@ services:
      HTTP_RELATIVE_PATH: "/bbmri-teiler"
  teiler-dashboard:
-    image: docker.verbis.dkfz.de/cache/samply/teiler-dashboard:develop
+    image: docker.verbis.dkfz.de/ccp/samply/teiler-dashboard:test
    container_name: bridgehead-teiler-dashboard
    labels:
      - "traefik.enable=true"
@ -68,6 +68,3 @@ services:
      TEILER_DASHBOARD_DE_URL: "https://${HOST}/bbmri-teiler-dashboard/de"
      TEILER_DASHBOARD_EN_URL: "https://${HOST}/bbmri-teiler-dashboard/en"
      HTTP_PROXY: "http://forward_proxy:3128"
      ENABLE_MTBA: "${ENABLE_MTBA}"
      ENABLE_DATASHIELD: "${ENABLE_DATASHIELD}"
      IDMANAGER_UPLOAD_APIKEY: "${IDMANAGER_UPLOAD_APIKEY}" # Only used to check if the ID Manager is active
--- a/bbmri/modules/teiler-setup.sh
+++ b/bbmri/modules/teiler-setup.sh
@ -5,5 +5,4 @@ if [ "$ENABLE_TEILER" == true ];then
  OVERRIDE+=" -f ./$PROJECT/modules/teiler-compose.yml"
  TEILER_DEFAULT_LANGUAGE=EN
  TEILER_DEFAULT_LANGUAGE_LOWER_CASE=${TEILER_DEFAULT_LANGUAGE,,}
  # add_public_oidc_redirect_url "/ccp-teiler/*"
 fi
--- a/bbmri/vars
+++ b/bbmri/vars
@ -3,7 +3,6 @@ BROKER_URL=https://${BROKER_ID}
 PROXY_ID=${SITE_ID}.${BROKER_ID}
 PRIVATEKEYFILENAME=/etc/bridgehead/pki/${SITE_ID}.priv.pem
 BROKER_URL_FOR_PREREQ=$BROKER_URL
 echo $PRIVATEKEYFILENAME
 # Makes sense for all European Biobanks
 : ${ENABLE_ERIC:=true}
@ -13,8 +12,6 @@ echo $PRIVATEKEYFILENAME
 FOCUS_RETRY_COUNT=${FOCUS_RETRY_COUNT:-64}
 POSTGRES_TAG=15.6-alpine
 for module in $PROJECT/modules/*.sh
 do
    log DEBUG "sourcing $module"
--- a/ccp/modules/datashield-compose.yml
+++ b/ccp/modules/datashield-compose.yml
@ -22,7 +22,7 @@ services:
  opal:
    container_name: bridgehead-opal
-    image: docker.verbis.dkfz.de/ccp/dktk-opal:test
+    image: docker.verbis.dkfz.de/ccp/dktk-opal:latest
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.opal_ccp.rule=PathPrefix(`/opal`)"
--- a/ccp/modules/teiler-compose.yml
+++ b/ccp/modules/teiler-compose.yml
@ -19,8 +19,7 @@ services:
      HTTP_RELATIVE_PATH: "/ccp-teiler"
  teiler-dashboard:
-    #image: docker.verbis.dkfz.de/cache/samply/teiler-dashboard:develop
+    image: docker.verbis.dkfz.de/ccp/samply/teiler-dashboard:test
    image: samply/teiler-dashboard:develop
    container_name: bridgehead-teiler-dashboard
    labels:
      - "traefik.enable=true"
--- a/ccp/vars
+++ b/ccp/vars
@ -15,8 +15,6 @@ OIDC_PUBLIC_CLIENT_ID=${SITE_ID}-public
 OIDC_URL="https://login.verbis.dkfz.de/realms/test-realm-01"
 OIDC_GROUP_CLAIM="groups"
 POSTGRES_TAG=15.6-alpine
 for module in $PROJECT/modules/*.sh
 do
    log DEBUG "sourcing $module"
--- a/dhki/vars
+++ b/dhki/vars
@ -8,8 +8,6 @@ PRIVATEKEYFILENAME=/etc/bridgehead/pki/${SITE_ID}.priv.pem
 BROKER_URL_FOR_PREREQ=$BROKER_URL
 POSTGRES_TAG=15.6-alpine
 for module in ccp/modules/*.sh
 do
    log DEBUG "sourcing $module"
--- a/lib/functions.sh
+++ b/lib/functions.sh
@ -301,34 +301,19 @@ function sync_secrets() {
    if [[ $secret_sync_args == "" ]]; then
        return
    fi
    if [ "$PROJECT" == "bbmri" ]; then
        # If the project is BBMRI, use the BBMRI-ERIC broker and not the GBN broker
        proxy_id=$ERIC_PROXY_ID
        broker_url=$ERIC_BROKER_URL
        broker_id=$ERIC_BROKER_ID
        root_crt_file="/srv/docker/bridgehead/bbmri/modules/${ERIC_ROOT_CERT}.root.crt.pem"
    else
        proxy_id=$PROXY_ID
        broker_url=$BROKER_URL
        broker_id=$BROKER_ID
        root_crt_file="/srv/docker/bridgehead/$PROJECT/root.crt.pem"
    fi
    mkdir -p /var/cache/bridgehead/secrets/ || fail_and_report 1 "Failed to create '/var/cache/bridgehead/secrets/'. Please run sudo './bridgehead install $PROJECT' again."
    touch /var/cache/bridgehead/secrets/oidc
    echo $PRIVATEKEYFILENAME
    docker run --rm \
        -v /var/cache/bridgehead/secrets/oidc:/usr/local/cache \
        -v $PRIVATEKEYFILENAME:/run/secrets/privkey.pem:ro \
-        -v $root_crt_file:/run/secrets/root.crt.pem:ro \
+        -v /srv/docker/bridgehead/$PROJECT/root.crt.pem:/run/secrets/root.crt.pem:ro \
        -v /etc/bridgehead/trusted-ca-certs:/conf/trusted-ca-certs:ro \
        -e TLS_CA_CERTIFICATES_DIR=/conf/trusted-ca-certs \
        -e NO_PROXY=localhost,127.0.0.1 \
        -e ALL_PROXY=$HTTPS_PROXY_FULL_URL \
-        -e PROXY_ID=$proxy_id \
+        -e PROXY_ID=$PROXY_ID \
-        -e BROKER_URL=$broker_url \
+        -e BROKER_URL=$BROKER_URL \
-        -e OIDC_PROVIDER=secret-sync-central.central-secret-sync.$broker_id \
+        -e OIDC_PROVIDER=secret-sync-central.central-secret-sync.$BROKER_ID \
        -e SECRET_DEFINITIONS=$secret_sync_args \
        docker.verbis.dkfz.de/cache/samply/secret-sync-local:latest
--- a/lib/install-bridgehead.sh
+++ b/lib/install-bridgehead.sh
@ -49,6 +49,12 @@ if [ -z "$TRANSFAIR_AUTH" ]; then
  fi
 fi
 if [ -z "$EXPORTER_USER" ]; then
  log "INFO" "Now generating basic auth for the exporter and reporter (see adduser in bridgehead for more information). "
  generated_passwd="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 32)"
  add_basic_auth_user $PROJECT $generated_passwd "EXPORTER_USER" $PROJECT
 fi
 log "INFO" "Registering system units for bridgehead and bridgehead-update"
 cp -v \
    lib/systemd/bridgehead\@.service \
--- a/versions/acceptance
+++ b/versions/acceptance
@ -1,3 +1,4 @@
 FOCUS_TAG=develop
 BEAM_TAG=develop
 BLAZE_TAG=main
 POSTGRES_TAG=15.13-alpine
--- a/versions/prod
+++ b/versions/prod
@ -1,3 +1,4 @@
 FOCUS_TAG=main
 BEAM_TAG=main
 BLAZE_TAG=0.32
 POSTGRES_TAG=15.13-alpine
--- a/versions/test
+++ b/versions/test
@ -1,3 +1,4 @@
 FOCUS_TAG=develop
 BEAM_TAG=develop
 BLAZE_TAG=main
 POSTGRES_TAG=15.13-alpine
Author	SHA1	Message	Date
David Juarez	02954c1ef4	Test	2025-06-05 17:03:46 +02:00
djuarezgf	d482324361	feat: add Teiler and Exporter in BBMRI (#312 ) Co-authored-by: Jan <59206115+Threated@users.noreply.github.com>	2025-06-05 16:55:03 +02:00
Martin Lablans	b7a42f3d3b	chore: externalize POSTGRES_TAG and bump postgres to 15.13 (#313 )	2025-06-04 14:22:34 +02:00