feat: docker parameters for seeds #317
Conversation
Pull Request Test Coverage Report for Build 1b397325d64f5a1e95d8d8a7fef80c144069d8bb-PR-317Warning: This coverage report may be inaccurate.This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.
Details
💛 - Coveralls |
noaccOS
force-pushed
the
dynamic-seeds
branch
2 times, most recently
from
16e6a5e
to
27f2352
Compare
|
@noaccOS I'd keep an opt-in approach here: your PR is useful if I actually want to use seeds to connect to a real Astarte instance, but I would keep the usecase of just wanting some random seeds to be able to bring up Edgehog. |
noaccOS
force-pushed
the
dynamic-seeds
branch
4 times, most recently
from
a4d71f2
to
1b39732
Compare
backend/priv/keys/tenant_private.pem
Outdated
| -----BEGIN EC PRIVATE KEY----- | ||
| MHcCAQEEICx5W2odFd5CyMTv5VlLW96fgvWtcJ3bIJVVc3GWhMHBoAoGCCqGSM49 | ||
| AwEHoUQDQgAEhV0KI4hByk0uDkCg4yZImMTiAtz2azmpbh0sLAKOESdlRYOFw90U | ||
| p4F9fRRV5Li6Pn5XZiMCZhVkS/PoUbIKpA== | ||
| -----END EC PRIVATE KEY----- |
There was a problem hiding this comment.
Put this in a seeds subdirectory (i.e. priv/repo/seeds/realm_private.pem) so it's clear it's only for development purposes
backend/priv/keys/realm_private.pem
Outdated
| @@ -0,0 +1 @@ | |||
| notaprivatekey | |||
There was a problem hiding this comment.
See other comment for the subdirectory
docker-compose.yml
Outdated
| IPBASE_API_KEY: "${IPBASE_API_KEY}" | ||
| GOOGLE_GEOLOCATION_API_KEY: "${GOOGLE_GEOLOCATION_API_KEY}" | ||
| GOOGLE_GEOCODING_API_KEY: "${GOOGLE_GEOCODING_API_KEY}" | ||
| S3_ACCESS_KEY_ID: "${S3_ACCESS_KEY_ID}" | ||
| S3_SECRET_ACCESS_KEY: "${S3_SECRET_ACCESS_KEY}" | ||
| S3_REGION: "${S3_REGION}" | ||
| S3_SCHEME: "${S3_SCHEME}" | ||
| S3_HOST: "${S3_HOST}" | ||
| S3_PORT: "${S3_PORT}" | ||
| S3_BUCKET: "${S3_BUCKET}" | ||
| S3_ASSET_HOST: "${S3_ASSET_HOST}" | ||
| S3_GCP_CREDENTIALS: "${S3_GCP_CREDENTIALS}" | ||
| SEEDS_REALM: "${SEEDS_REALM}" | ||
| SEEDS_REALM_PRIVATE_KEY_FILE: /keys/realm_private.pem | ||
| SEEDS_TENANT_PRIVATE_KEY_FILE: /keys/tenant_private.pem | ||
| SEEDS_ASTARTE_BASE_API_URL: "${SEEDS_ASTARTE_BASE_API_URL}" |
There was a problem hiding this comment.
Since you already have an .env file, I think you can just use
env_file:
./filename.envIn that case, make the filename not hidden to make it more evident (e.g. compose.env like we do in Astarte)
There was a problem hiding this comment.
Docker by default only reads the .env file for the compose variables, and it is not possible to change that (at least I haven't found a way in the docs).
To be able to use a custom.env file, the user would need to pass the option -f custom.env with each command.
This is in contrast with Astarte's compose file, where it is possible to use another file, because here we're reading the variables in the compose file directly https://github.com/edgehog-device-manager/edgehog/pull/317/files#diff-e45e45baeda1c1e73482975a664062aa56f20c03dd9d64a827aba57775bed0d3R62 instead of just redirecting the variables to the containers.
As for using the env_file option, I'm not against that but I'll need to rename the SEEDS_*_PRIVATE_KEY_FILE as the same name is used in the .env.
Not necessarily a bad thing as it might be ambiguous as it is now.
There was a problem hiding this comment.
Ok I get it, in that case let's leave everything as is (no need to split between env_file and .env since it just disperses things)
backend/priv/repo/seeds.exs
Outdated
| Logger.warning( | ||
| """ | ||
| The realm's private key is not a valid RSA/RC private key. \ | ||
| This instante will not be able to connect to Astarte. |
backend/priv/repo/seeds.exs
Outdated
| The realm's private key is not a valid RSA/RC private key. \ | ||
| This instante will not be able to connect to Astarte. | ||
| """ | ||
| |> String.trim_trailing("\n") |
There was a problem hiding this comment.
If you want to split warning messages on multiple lines you can do
Logger.warning("My very very long" <>
"message"
)(not sure about the formatting, but mix format will take care of that). Split it at < 100 columns.
backend/priv/repo/seeds.exs
Outdated
|
|
||
| read_file_from_env_var = fn env_var -> | ||
| System.get_env(env_var, "") | ||
| |> File.read() |
There was a problem hiding this comment.
File.read!() already fails with helpful messages and mentioning the filename, just use that
backend/priv/repo/seeds.exs
Outdated
| @@ -25,19 +25,40 @@ alias Edgehog.{ | |||
| Tenants | |||
| } | |||
|
|
|||
| require Logger | |||
|
|
|||
| read_file_from_env_var = fn env_var -> | |||
There was a problem hiding this comment.
Use a trailing ! since this can raise
backend/priv/repo/seeds.exs
Outdated
| require Logger | ||
|
|
||
| read_file_from_env_var = fn env_var -> | ||
| System.get_env(env_var, "") |
There was a problem hiding this comment.
Since we already raise, use System.fetch_env!
backend/priv/repo/seeds.exs
Outdated
| """ | ||
| Using default tenant private key. \ | ||
| Please be sure to avoid using this for production. | ||
| """ | ||
| |> String.trim_trailing("\n") |
There was a problem hiding this comment.
See other comment on multiline Logger.warning
backend/priv/repo/seeds.exs
Outdated
| read_file_from_env_var.("SEEDS_REALM_PRIVATE_KEY_FILE") | ||
| |> then(fn pk -> | ||
| case X509.PrivateKey.from_pem(pk) do |
There was a problem hiding this comment.
You can pipe into case, so you drop then:
read_file(...)
|> X509.PrivateKey.from_pem()
|> case do
...
There was a problem hiding this comment.
I cannot do that as I need pk to return it in case of error
edgehog/backend/priv/repo/seeds.exs
Line 90 in 1b39732
Unfortunately piping wouldn't allow me to do it
noaccOS
force-pushed
the
dynamic-seeds
branch
2 times, most recently
from
266a60e
to
24f613a
Compare
Keeps defaults in a single point Signed-off-by: Francesco Noacco <francesco.noacco@secomind.com>
Signed-off-by: Francesco Noacco <francesco.noacco@secomind.com>
add environment variables to docker compose to be able to run the seeds with working astarte parameters