diff --git a/README.md b/README.md index 680dd100dd..790fdd7759 100644 --- a/README.md +++ b/README.md @@ -395,8 +395,8 @@ Auto-format frontend code in the `src` folder. ### Import Semantic Domains -Imports Semantic Domains from the XML files in `./deploy/scripts/semantic_domains/xml`. Run from within a Python virtual -environment. +To import Semantic Domains from the XML files in `./deploy/scripts/semantic_domains/xml`. Run from within a Python +virtual environment. 1. Generate the files for import into the Mongo database: @@ -458,9 +458,9 @@ sake of devices with limited bandwidth. There are scripts for generating these f files in this directory should _not_ be manually edited. The bash script `scripts/fetch_wordlists.sh` is used to fetch dictionary files for a given language (e.g., `es`) from -https://cgit.freedesktop.org/libreoffice/dictionaries/ and convert them to raw wordlists (e.g., -`src/resources/dictionaries/es.txt`). Execute the script with no arguments for its usage details. Any language not -currently supported can be manually added as a case in this script. +the [LibreOffice dictionaries](https://cgit.freedesktop.org/libreoffice/dictionaries/) and convert them to raw wordlists +(e.g., `src/resources/dictionaries/es.txt`). Execute the script with no arguments for its usage details. Any language +not currently supported can be manually added as a case in this script. ```bash ./scripts/fetch_wordlist.sh @@ -611,13 +611,21 @@ Build _The Combine_ containers by running the build script in an activated Pytho _TheCombine_'s project directory. (See the [Python](#python) section to create the virtual environment.) ```bash -python deploy/scripts/build.py [--nerdctl] +python deploy/scripts/build.py ``` Notes: -- Use the `--nerdctl` option if you are using _Rancher Desktop_ with the `containerd` for the container runtime. If you - are using _Docker Desktop_ or _Rancher Desktop_ with the `dockerd` container runtime, omit this option. +- If you are using _Rancher Desktop_ with `containerd` for the container runtime, set the following environment variable + in your user profile: + + ```bash + export CONTAINER_CLI="nerdctl" + ``` + + If you are using _Docker Desktop_ or _Rancher Desktop_ with the `dockerd` container runtime, clear this variable or + set its value to `docker`. + - Run with the `--help` option to see all available options. - If you see errors like: diff --git a/deploy/helm/cert-proxy-client/templates/_helpers.tpl b/deploy/helm/cert-proxy-client/templates/_helpers.tpl index 745f982ae3..e7a89a1165 100644 --- a/deploy/helm/cert-proxy-client/templates/_helpers.tpl +++ b/deploy/helm/cert-proxy-client/templates/_helpers.tpl @@ -11,19 +11,6 @@ {{- end }} {{- end }} -{{/* Get the Image Pull Policy */}} -{{- define "cert-proxy-client.imagePullPolicy" }} - {{- if .Values.imagePullPolicy }} - {{- print .Values.imagePullPolicy }} - {{- else }} - {{- if eq .Values.global.imageTag "latest" }} - {{- print "Always" }} - {{- else }} - {{- print "IfNotPresent" }} - {{- end }} - {{- end }} -{{- end }} - {{/* Build the SSL Certificate secret name */}} {{- define "cert-proxy-client.certSecretName" -}} {{- $hostString := replace "." "-" .Values.global.serverName }} diff --git a/deploy/helm/cert-proxy-client/templates/update-cert-cronjob.yaml b/deploy/helm/cert-proxy-client/templates/update-cert-cronjob.yaml index a62bac8189..71b14d4e96 100644 --- a/deploy/helm/cert-proxy-client/templates/update-cert-cronjob.yaml +++ b/deploy/helm/cert-proxy-client/templates/update-cert-cronjob.yaml @@ -18,7 +18,7 @@ spec: serviceAccountName: {{ .Values.serviceAccount.name }} containers: - image: {{ template "cert-proxy-client.containerImage" . }} - imagePullPolicy: {{ template "cert-proxy-client.imagePullPolicy" . }} + imagePullPolicy: {{ .Values.global.imagePullPolicy }} name: update-cert-cronjob command: - update_cert.py diff --git a/deploy/helm/cert-proxy-client/templates/update-cert-oneshot.yaml b/deploy/helm/cert-proxy-client/templates/update-cert-oneshot.yaml index 6d109dbb2a..5a65326499 100644 --- a/deploy/helm/cert-proxy-client/templates/update-cert-oneshot.yaml +++ b/deploy/helm/cert-proxy-client/templates/update-cert-oneshot.yaml @@ -12,7 +12,7 @@ spec: serviceAccountName: {{ .Values.serviceAccount.name }} containers: - image: {{ template "cert-proxy-client.containerImage" . }} - imagePullPolicy: {{ template "cert-proxy-client.imagePullPolicy" . }} + imagePullPolicy: {{ .Values.global.imagePullPolicy }} name: update-cert-oneshot command: - update_cert.py diff --git a/deploy/helm/cert-proxy-server/templates/_helpers.tpl b/deploy/helm/cert-proxy-server/templates/_helpers.tpl index 2284aee119..e3609ab1a3 100644 --- a/deploy/helm/cert-proxy-server/templates/_helpers.tpl +++ b/deploy/helm/cert-proxy-server/templates/_helpers.tpl @@ -10,16 +10,3 @@ {{- printf "%s:%s" .Values.imageName .Values.global.imageTag }} {{- end }} {{- end }} - -{{/* Get the Image Pull Policy */}} -{{- define "cert-proxy-server.imagePullPolicy" }} - {{- if .Values.imagePullPolicy }} - {{- print .Values.imagePullPolicy }} - {{- else }} - {{- if eq .Values.global.imageTag "latest" }} - {{- print "Always" }} - {{- else }} - {{- print "IfNotPresent" }} - {{- end }} - {{- end }} -{{- end }} diff --git a/deploy/helm/cert-proxy-server/templates/deployment-cert-proxy-server.yaml b/deploy/helm/cert-proxy-server/templates/deployment-cert-proxy-server.yaml index 85d4912047..e3b2b4e422 100644 --- a/deploy/helm/cert-proxy-server/templates/deployment-cert-proxy-server.yaml +++ b/deploy/helm/cert-proxy-server/templates/deployment-cert-proxy-server.yaml @@ -61,7 +61,7 @@ spec: - name: CERT_PROXY_NAMESPACE value: {{ .Release.Namespace }} image: {{ template "cert-proxy-server.containerImage" . }} - imagePullPolicy: {{ template "cert-proxy-server.imagePullPolicy" . }} + imagePullPolicy: {{ .Values.global.imagePullPolicy }} name: combine-cert-proxy resources: {} restartPolicy: Always diff --git a/deploy/helm/create-admin-user/templates/_helpers.tpl b/deploy/helm/create-admin-user/templates/_helpers.tpl index dde01c3451..34a828cc7d 100644 --- a/deploy/helm/create-admin-user/templates/_helpers.tpl +++ b/deploy/helm/create-admin-user/templates/_helpers.tpl @@ -10,16 +10,3 @@ {{- printf "%s:%s" .Values.imageName .Values.global.imageTag }} {{- end }} {{- end }} - -{{/* Get the Image Pull Policy */}} -{{- define "create-admin-user.imagePullPolicy" }} - {{- if .Values.global.imagePullPolicy }} - {{- print .Values.global.imagePullPolicy }} - {{- else }} - {{- if eq .Values.global.imageTag "latest" }} - {{- print "Always" }} - {{- else }} - {{- print "IfNotPresent" }} - {{- end }} - {{- end }} -{{- end }} diff --git a/deploy/helm/create-admin-user/templates/job-create-admin-user.yaml b/deploy/helm/create-admin-user/templates/job-create-admin-user.yaml index 764c673dac..a3af52cd87 100644 --- a/deploy/helm/create-admin-user/templates/job-create-admin-user.yaml +++ b/deploy/helm/create-admin-user/templates/job-create-admin-user.yaml @@ -41,7 +41,7 @@ spec: key: COMBINE_ADMIN_EMAIL name: admin-user-secrets image: {{ template "create-admin-user.containerImage" . }} - imagePullPolicy: {{ template "create-admin-user.imagePullPolicy" . }} + imagePullPolicy: {{ .Values.global.imagePullPolicy }} name: create-admin-user resources: {} volumeMounts: diff --git a/deploy/helm/thecombine/charts/backend/templates/_helpers.tpl b/deploy/helm/thecombine/charts/backend/templates/_helpers.tpl index aca8e4b4a3..afb59de162 100644 --- a/deploy/helm/thecombine/charts/backend/templates/_helpers.tpl +++ b/deploy/helm/thecombine/charts/backend/templates/_helpers.tpl @@ -10,16 +10,3 @@ {{- printf "%s:%s" .Values.imageName .Values.global.imageTag }} {{- end }} {{- end }} - -{{/* Get the Image Pull Policy */}} -{{- define "backend.imagePullPolicy" }} - {{- if .Values.global.imagePullPolicy }} - {{- print .Values.global.imagePullPolicy }} - {{- else }} - {{- if eq .Values.global.imageTag "latest" }} - {{- print "Always" }} - {{- else }} - {{- print "IfNotPresent" }} - {{- end }} - {{- end }} -{{- end }} diff --git a/deploy/helm/thecombine/charts/backend/templates/deployment-backend.yaml b/deploy/helm/thecombine/charts/backend/templates/deployment-backend.yaml index 5b524a5b6b..7fcba15213 100644 --- a/deploy/helm/thecombine/charts/backend/templates/deployment-backend.yaml +++ b/deploy/helm/thecombine/charts/backend/templates/deployment-backend.yaml @@ -35,7 +35,7 @@ spec: containers: - name: backend image: {{ template "backend.containerImage" . }} - imagePullPolicy: {{ template "backend.imagePullPolicy" . }} + imagePullPolicy: {{ .Values.global.imagePullPolicy }} env: - name: COMBINE_JWT_SECRET_KEY valueFrom: diff --git a/deploy/helm/thecombine/charts/database/templates/_helpers.tpl b/deploy/helm/thecombine/charts/database/templates/_helpers.tpl index a46caa8a17..1b67e82569 100644 --- a/deploy/helm/thecombine/charts/database/templates/_helpers.tpl +++ b/deploy/helm/thecombine/charts/database/templates/_helpers.tpl @@ -10,16 +10,3 @@ {{- printf "%s:%s" .Values.imageName .Values.global.imageTag }} {{- end }} {{- end }} - -{{/* Get the Image Pull Policy */}} -{{- define "database.imagePullPolicy" }} - {{- if .Values.global.imagePullPolicy }} - {{- print .Values.global.imagePullPolicy }} - {{- else }} - {{- if eq .Values.global.imageTag "latest" }} - {{- print "Always" }} - {{- else }} - {{- print "IfNotPresent" }} - {{- end }} - {{- end }} -{{- end }} diff --git a/deploy/helm/thecombine/charts/database/templates/database.yaml b/deploy/helm/thecombine/charts/database/templates/database.yaml index 9d63cd8fc6..bde017b7cc 100644 --- a/deploy/helm/thecombine/charts/database/templates/database.yaml +++ b/deploy/helm/thecombine/charts/database/templates/database.yaml @@ -44,7 +44,7 @@ spec: spec: containers: - image: {{ template "database.containerImage" . }} - imagePullPolicy: {{ template "database.imagePullPolicy" . }} + imagePullPolicy: {{ .Values.global.imagePullPolicy }} name: database ports: - containerPort: 27017 diff --git a/deploy/helm/thecombine/charts/frontend/templates/_helpers.tpl b/deploy/helm/thecombine/charts/frontend/templates/_helpers.tpl index 0ddfc74272..864399f27f 100644 --- a/deploy/helm/thecombine/charts/frontend/templates/_helpers.tpl +++ b/deploy/helm/thecombine/charts/frontend/templates/_helpers.tpl @@ -10,16 +10,3 @@ {{- printf "%s:%s" .Values.imageName .Values.global.imageTag }} {{- end }} {{- end }} - -{{/* Get the Image Pull Policy */}} -{{- define "frontend.imagePullPolicy" }} - {{- if .Values.global.imagePullPolicy }} - {{- print .Values.global.imagePullPolicy }} - {{- else }} - {{- if eq .Values.global.imageTag "latest" }} - {{- print "Always" }} - {{- else }} - {{- print "IfNotPresent" }} - {{- end }} - {{- end }} -{{- end }} diff --git a/deploy/helm/thecombine/charts/frontend/templates/deployment-frontend.yaml b/deploy/helm/thecombine/charts/frontend/templates/deployment-frontend.yaml index 02e50b9395..b57118d3b3 100644 --- a/deploy/helm/thecombine/charts/frontend/templates/deployment-frontend.yaml +++ b/deploy/helm/thecombine/charts/frontend/templates/deployment-frontend.yaml @@ -27,7 +27,7 @@ spec: containers: - name: frontend image: {{ template "frontend.containerImage" . }} - imagePullPolicy: {{ template "frontend.imagePullPolicy" . }} + imagePullPolicy: {{ .Values.global.imagePullPolicy }} env: - name: CERT_ADDL_DOMAINS valueFrom: diff --git a/deploy/helm/thecombine/charts/maintenance/templates/_helpers.tpl b/deploy/helm/thecombine/charts/maintenance/templates/_helpers.tpl index 0cdb357b92..544ade45cf 100644 --- a/deploy/helm/thecombine/charts/maintenance/templates/_helpers.tpl +++ b/deploy/helm/thecombine/charts/maintenance/templates/_helpers.tpl @@ -11,19 +11,6 @@ {{- end }} {{- end }} -{{/* Get the Image Pull Policy */}} -{{- define "maintenance.imagePullPolicy" }} - {{- if .Values.global.imagePullPolicy }} - {{- print .Values.global.imagePullPolicy }} - {{- else }} - {{- if eq .Values.global.imageTag "latest" }} - {{- print "Always" }} - {{- else }} - {{- print "IfNotPresent" }} - {{- end }} - {{- end }} -{{- end }} - {{/* Build the backup location string */}} {{- define "maintenance.backupNameFilter" -}} {{- $hostString := replace "." "-" .Values.global.serverName }} diff --git a/deploy/helm/thecombine/charts/maintenance/templates/deployment-maintenance.yaml b/deploy/helm/thecombine/charts/maintenance/templates/deployment-maintenance.yaml index cc8d69c6f8..6744316b68 100644 --- a/deploy/helm/thecombine/charts/maintenance/templates/deployment-maintenance.yaml +++ b/deploy/helm/thecombine/charts/maintenance/templates/deployment-maintenance.yaml @@ -30,7 +30,7 @@ spec: command: [ "/bin/bash", "-c", "--" ] args: [ 'sleep infinity & PID=$! ; trap "kill $PID" INT TERM ; wait' ] image: {{ template "maintenance.containerImage" . }} - imagePullPolicy: {{ template "maintenance.imagePullPolicy" . }} + imagePullPolicy: {{ .Values.global.imagePullPolicy }} securityContext: runAsUser: 999 runAsGroup: 999 diff --git a/deploy/helm/thecombine/values.yaml b/deploy/helm/thecombine/values.yaml index 4e10cb7b5a..6f93b72f24 100644 --- a/deploy/helm/thecombine/values.yaml +++ b/deploy/helm/thecombine/values.yaml @@ -11,28 +11,33 @@ global: serverName: localhost - pullSecretName: aws-login-credentials - awsS3Access: aws-s3-credentials - # Update strategy should be "Recreate" or "Rolling Update" - updateStrategy: Recreate - adminUsername: "Override" - adminPassword: "Override" - adminEmail: "Override" + # AWS Credentials awsAccount: "Override" awsDefaultRegion: "Override" awsAccessKeyId: "Override" awsSecretAccessKey: "Override" + # AWS S3 access + awsS3Access: aws-s3-credentials + awsS3Location: "thecombine.app" + # Combine variables + adminUsername: "Override" + adminPassword: "Override" + adminEmail: "Override" combineJwtSecretKey: "Override" combineSmtpUsername: "Override" combineSmtpPassword: "Override" + offline: false + # Local Storage for fonts fontStorageAccessMode: "ReadWriteOnce" fontStorageSize: 1Gi - offline: false - imageTag: "latest" + # Values for pulling container image from image registry + imagePullPolicy: "Override" # Define the image registry to use (may be blank for local images) imageRegistry: awsEcr - # Default AWS S3 location - awsS3Location: "thecombine.app" + imageTag: "latest" + pullSecretName: aws-login-credentials + # Update strategy should be "Recreate" or "Rolling Update" + updateStrategy: Recreate aws-login: enabled: true diff --git a/deploy/scripts/build.py b/deploy/scripts/build.py index 43af7de513..09237f4fb0 100755 --- a/deploy/scripts/build.py +++ b/deploy/scripts/build.py @@ -13,12 +13,14 @@ from __future__ import annotations -import argparse +from argparse import ArgumentParser, HelpFormatter, Namespace from dataclasses import dataclass import logging +import os from pathlib import Path import subprocess import sys +import textwrap import time from typing import Callable, Dict, List, Optional @@ -167,11 +169,33 @@ def get_image_name(repo: Optional[str], component: str, tag: Optional[str]) -> s return f"combine_{component}{tag_str}" -def parse_args() -> argparse.Namespace: +class RawFormatter(HelpFormatter): + """ + Allow new lines in help text. + + see https://stackoverflow.com/questions/3853722/how-to-insert-newlines-on-argparse-help-text + """ + + def _fill_text(self, text, width, indent): # type: ignore + """Strip the indent from the original python definition that plagues most of us.""" + text = textwrap.dedent(text) + text = textwrap.indent(text, indent) # Apply any requested indent. + text = text.splitlines() # Make a list of lines + text = [textwrap.fill(line, width) for line in text] # Wrap each line + text = "\n".join(text) # Join the lines again + return str(text) + + +def parse_args() -> Namespace: """Parse user command line arguments.""" - parser = argparse.ArgumentParser( + parser = ArgumentParser( description="Build containerd container images for project.", - formatter_class=argparse.ArgumentDefaultsHelpFormatter, + epilog=""" + NOTE: + The '--nerdctl' option is DEPRECATED and will be removed in future versions. + Set the environment variable CONTAINER_CLI to 'nerdctl' or 'docker' instead. + """, + formatter_class=RawFormatter, ) parser.add_argument( "--build-args", nargs="*", help="Build arguments to pass to the docker build." @@ -240,12 +264,17 @@ def main() -> None: logging.basicConfig(format="%(levelname)s:%(message)s", level=log_level) # Setup required build engine - docker or nerdctl - if args.nerdctl: - build_cmd = ["nerdctl", "-n", args.namespace, "build"] - push_cmd = ["nerdctl", "-n", args.namespace, "push"] - else: - build_cmd = ["docker", "buildx", "build"] - push_cmd = ["docker", "push"] + container_cli = os.getenv("CONTAINER_CLI", "nerdctl" if args.nerdctl else "docker") + match container_cli: + case "nerdctl": + build_cmd = [container_cli, "-n", args.namespace, "build"] + push_cmd = [container_cli, "-n", args.namespace, "push"] + case "docker": + build_cmd = [container_cli, "buildx", "build"] + push_cmd = [container_cli, "push"] + case _: + logging.critical(f"Container CLI '{container_cli}' is not supported.") + sys.exit(1) # Setup build options build_opts: List[str] = [] diff --git a/deploy/scripts/setup_files/combine_config.yaml b/deploy/scripts/setup_files/combine_config.yaml index a0ff17e48f..4e8384fd55 100644 --- a/deploy/scripts/setup_files/combine_config.yaml +++ b/deploy/scripts/setup_files/combine_config.yaml @@ -42,14 +42,26 @@ targets: thecombine: global: serverName: nuc3.thecombine.app - nuc_test: - profile: nuc_test + # the "QA" versions of the NUC configurations are for running QA/test versions of + # The Combine software pulled from the AWS ECR Private Repository. The serverName + # matches the production configuration so that the correct certificate can be + # fetched from AWS S3. + nuc1_qa: + profile: nuc_qa env_vars_required: false override: # override values for 'thecombine' chart thecombine: global: - serverName: nuc-test.thecombine.app + serverName: nuc1.thecombine.app + nuc2_qa: + profile: nuc_qa + env_vars_required: false + override: + # override values for 'thecombine' chart + thecombine: + global: + serverName: nuc2.thecombine.app qa: profile: staging @@ -93,7 +105,7 @@ profiles: charts: - thecombine - create-admin-user - nuc_test: # Profile for using a NUC running container images from the AWS ECR Private repositories + nuc_qa: # Profile for using a NUC running container images from the AWS ECR Private repositories charts: - thecombine staging: # Profile for the QA server diff --git a/deploy/scripts/setup_files/profiles/nuc.yaml b/deploy/scripts/setup_files/profiles/nuc.yaml index e99e78a7c4..4989d22973 100644 --- a/deploy/scripts/setup_files/profiles/nuc.yaml +++ b/deploy/scripts/setup_files/profiles/nuc.yaml @@ -14,6 +14,7 @@ charts: global: awsS3Location: prod.thecombine.app combineSmtpUsername: "" + imagePullPolicy: IfNotPresent pullSecretName: None frontend: configOffline: true diff --git a/deploy/scripts/setup_files/profiles/nuc_test.yaml b/deploy/scripts/setup_files/profiles/nuc_qa.yaml similarity index 88% rename from deploy/scripts/setup_files/profiles/nuc_test.yaml rename to deploy/scripts/setup_files/profiles/nuc_qa.yaml index cfe2135063..007e69ae56 100644 --- a/deploy/scripts/setup_files/profiles/nuc_test.yaml +++ b/deploy/scripts/setup_files/profiles/nuc_qa.yaml @@ -10,8 +10,9 @@ charts: aws-login: enabled: true global: - awsS3Location: dev.thecombine.app + awsS3Location: prod.thecombine.app combineSmtpUsername: "" + imagePullPolicy: Always frontend: configOffline: true configEmailEnabled: false diff --git a/deploy/scripts/setup_files/profiles/prod.yaml b/deploy/scripts/setup_files/profiles/prod.yaml index 348476f75c..7a360a553f 100644 --- a/deploy/scripts/setup_files/profiles/prod.yaml +++ b/deploy/scripts/setup_files/profiles/prod.yaml @@ -30,6 +30,7 @@ charts: global: awsS3Location: prod.thecombine.app fontStorageAccessMode: ReadWriteMany + imagePullPolicy: Always pullSecretName: None certManager: enabled: false diff --git a/deploy/scripts/setup_files/profiles/staging.yaml b/deploy/scripts/setup_files/profiles/staging.yaml index 2adf4153f6..026e550d36 100644 --- a/deploy/scripts/setup_files/profiles/staging.yaml +++ b/deploy/scripts/setup_files/profiles/staging.yaml @@ -14,6 +14,7 @@ charts: global: awsS3Location: prod.thecombine.app fontStorageAccessMode: ReadWriteMany + imagePullPolicy: Always tlsSecretName: thecombine-app-tls certManager: enabled: false diff --git a/maintenance/scripts/combine_restore.py b/maintenance/scripts/combine_restore.py index b093ba3ef7..d98b9e55df 100755 --- a/maintenance/scripts/combine_restore.py +++ b/maintenance/scripts/combine_restore.py @@ -92,12 +92,14 @@ def main() -> None: aws_backup_list: List[Tuple[str, str]] = [] for backup_row in backup_list_output: backup_components = backup_row.split() - aws_backup_list.append( - ( - humanfriendly.format_size(int(backup_components[2])), - aws_strip_bucket(backup_components[3]), + # Check for a directory listing + if re.match(r".*/$", backup_components[3]) is None: + aws_backup_list.append( + ( + humanfriendly.format_size(int(backup_components[2])), + aws_strip_bucket(backup_components[3]), + ) ) - ) # Print out the list of backups to choose from. In the process, # update each line in the backup list to be the AWS S3 object name