Merge pull request #51 from offen/accounts-app

Scaffold accounts app

.circleci/config.yml

@@ -1,5 +1,29 @@
 version: 2
 
+production_env: &production_env
+  environment:
+    - SERVER_HOST=https://server-alpha.offen.dev
+    - KMS_HOST=https://kms-alpha.offen.dev
+    - SCRIPT_HOST=https://script-alpha.offen.dev
+    - AUDITORIUM_HOST=https://auditorium-alpha.offen.dev
+    - VAULT_HOST=https://vault-alpha.offen.dev
+    - ACCOUNTS_HOST=https://accounts-alpha.offen.dev
+    - NODE_ENV=production
+
+deploy_preconditions: &deploy_preconditions
+  requires:
+    - server
+    - kms
+    - vault
+    - script
+    - auditorium
+    - packages
+    - shared
+    - accounts
+  filters:
+    branches:
+      only: /^master$/
+
 jobs:
   kms:
     docker:
@@ -160,16 +184,60 @@ jobs:
           name: Run tests
           command: npm test
 
-  deploy:
+  accounts:
+    docker:
+      - image: circleci/python:3.6
+    working_directory: ~/offen/accounts
+    steps:
+      - checkout:
+          path: ~/offen
+      - restore_cache:
+          key: offen-accounts-{{ checksum "requirements.txt" }}-{{ checksum "requirements-dev.txt" }}
+      - run:
+          name: Install dependencies
+          command: |
+            python3 -m venv venv
+            . venv/bin/activate
+            pip install -r requirements.txt
+            pip install -r requirements-dev.txt
+      - save_cache:
+          paths:
+            - ~/offen/accounts/venv
+          key: offen-accounts-{{ checksum "requirements.txt" }}-{{ checksum "requirements-dev.txt" }}
+      - run:
+          name: Run tests
+          command: |
+            . venv/bin/activate
+            make
+
+  deploy_python:
+    docker:
+      - image: circleci/python:3.6-node
+        <<: *production_env
+    working_directory: ~/offen
+    steps:
+      - checkout:
+          path: ~/offen
+      - restore_cache:
+          key: offen-deploy-{{ checksum "package.json" }}
+      - run:
+          name: Install dependencies
+          command: npm install
+      - save_cache:
+          paths:
+            - ~/offen/packages/node_modules
+          key: offen-packages-{{ checksum "package.json" }}
+      - run:
+          name: Deploy
+          working_directory: ~/offen
+          command: |
+            echo "Deploying accounts ..."
+            $(npm bin)/sls deploy --config accounts/serverless.yml
+
+  deploy_golang:
     docker:
       - image: circleci/golang:1.12-node
-        environment:
+        <<: *production_env
-          - SERVER_HOST=https://server-alpha.offen.dev
-          - KMS_HOST=https://kms-alpha.offen.dev
-          - SCRIPT_HOST=https://script-alpha.offen.dev
-          - AUDITORIUM_HOST=https://auditorium-alpha.offen.dev
-          - VAULT_HOST=https://vault-alpha.offen.dev
-          - NODE_ENV=production
     working_directory: ~/offen
     steps:
       - checkout:
@@ -204,6 +272,33 @@ jobs:
           name: Manually clear go cache
           command: sudo rm -rf /go/pkg/mod
 
+      - run:
+          name: Deploy
+          working_directory: ~/offen
+          command: |
+            echo "Deploying server ..."
+            $(npm bin)/sls deploy --config server/serverless.yml
+            echo "Deploying kms ..."
+            $(npm bin)/sls deploy --config kms/serverless.yml
+
+  deploy_node:
+    docker:
+      - image: circleci/node:10
+        <<: *production_env
+    working_directory: ~/offen
+    steps:
+      - checkout:
+          path: ~/offen
+      - restore_cache:
+          key: offen-deploy-{{ checksum "package.json" }}
+      - run:
+          name: Install dependencies
+          command: npm install
+      - save_cache:
+          paths:
+            - ~/offen/packages/node_modules
+          key: offen-packages-{{ checksum "package.json" }}
+
       - restore_cache:
           key: offen-auditorium-{{ checksum "auditorium/package.json" }}
       - run:
@@ -229,10 +324,6 @@ jobs:
           name: Deploy
           working_directory: ~/offen
           command: |
-            echo "Deploying server ..."
-            $(npm bin)/sls deploy --config server/serverless.yml
-            echo "Deploying kms ..."
-            $(npm bin)/sls deploy --config kms/serverless.yml
             echo "Deploying auditorium ..."
             $(npm bin)/sls deploy --config auditorium/serverless.yml
             $(npm bin)/sls client deploy --config auditorium/serverless.yml --no-confirm
@@ -254,15 +345,10 @@ workflows:
       - auditorium
       - packages
       - shared
-      - deploy:
+      - accounts
-          requires:
+      - deploy_golang:
-            - server
+          <<: *deploy_preconditions
-            - kms
+      - deploy_node:
-            - vault
+          <<: *deploy_preconditions
-            - script
+      - deploy_python:
-            - auditorium
+          <<: *deploy_preconditions
-            - packages
-            - shared
-          filters:
-            branches:
-              only: /^master$/

.gitignore

@@ -4,3 +4,4 @@ node_modules/
 package-lock.json
 # mkcert certificates
 *.pem
+venv/

Dockerfile.python

@@ -0,0 +1,3 @@
+FROM python:3.6
+
+ENV PATH="/root/.local/bin:$PATH"

Makefile

@@ -4,8 +4,6 @@ help:
 	@echo "    bootstrap"
 	@echo "        Create a KMS key and initialize the database."
 	@echo "        IMPORTANT: this wipes any existing data in your local database."
-	@echo "    build"
-	@echo "        Build all applications."
 
 setup:
 	@docker-compose build
@@ -14,6 +12,7 @@ setup:
 	@docker-compose run auditorium npm install
 	@docker-compose run server go mod download
 	@docker-compose run kms go mod download
+	@docker-compose run accounts pip install --user -r requirements.txt -r requirements-dev.txt
 	@echo "Successfully built containers and installed dependencies."
 	@echo "If this is your initial setup, you can run 'make bootstrap' next"
 	@echo "to create the needed local keys and seed the database."

accounts/.gitignore

@@ -0,0 +1,10 @@
+*.dot
+__pycache__
+*.log
+.vscode/
+.pytest_cache
+venv/
+*.pyc
+
+models/
+

accounts/Makefile

@@ -0,0 +1,4 @@
+test:
+	@pytest --disable-pytest-warnings
+
+.PHONY: test

accounts/accounts/__init__.py

@@ -0,0 +1,13 @@
+from flask import Flask, jsonify, render_template
+
+app = Flask(__name__)
+
+
+@app.route("/")
+def home():
+    return render_template("index.html")
+
+
+@app.route("/status")
+def status():
+    return jsonify({"ok": True})

accounts/accounts/templates/index.html

@@ -0,0 +1,9 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>offen accounts</title>
+</head>
+<body>
+  <h1>Welcome to offen accounts</h1>
+</body>
+</html>

accounts/accounts/tests/test_status.py

@@ -0,0 +1,12 @@
+import unittest
+
+from accounts import app
+
+class TestStatus(unittest.TestCase):
+    def setUp(self):
+        self.app = app.test_client()
+
+    def test_get(self):
+        rv = self.app.get("/status")
+        assert rv.status.startswith("200")
+        assert b"ok" in rv.data

accounts/requirements-dev.txt

@@ -0,0 +1,2 @@
+pytest
+black

accounts/requirements.txt

@@ -0,0 +1,2 @@
+Flask==1.0.2
+werkzeug==0.15.4

accounts/serverless.yml

@@ -0,0 +1,59 @@
+service:
+  name: accounts
+  awsKmsKeyArn: ${ssm:/aws/reference/secretsmanager/${self:custom.stage}/all/kmsArn~true}
+
+provider:
+  name: aws
+  endpointType: regional
+  runtime: python3.6
+  stage: alpha
+  region: eu-central-1
+  apiName: offen-${self:provider.stage}
+  logs:
+    restApi: true
+
+package:
+  individually: true
+  excludeDevDependencies: false
+  exclude:
+  - '**/*'
+
+plugins:
+  - serverless-domain-manager
+  - serverless-python-requirements
+  - serverless-wsgi
+
+custom:
+  stage: ${opt:stage, self:provider.stage}
+  domain:
+    production: accounts.offen.dev
+    staging: accounts-staging.offen.dev
+    alpha: accounts-alpha.offen.dev
+  customDomain:
+    basePath: ''
+    certificateName: '*.offen.dev'
+    domainName: ${self:custom.domain.${self:custom.stage}}
+    stage: ${self:custom.stage}
+    endpointType: regional
+    createRoute53Record: false
+  wsgi:
+    app: accounts.accounts.app
+    packRequirements: false
+  pythonRequirements:
+    slim: true
+    dockerizePip: non-linux
+    fileName: accounts/requirements.txt
+
+functions:
+  app:
+    package:
+      include:
+      - accounts/**/*
+    handler: wsgi_handler.handler
+    events:
+      - http:
+          path: '/'
+          method: any
+      - http:
+          path: '{proxy+}'
+          method: any

docker-compose.yml

@@ -1,11 +1,6 @@
 version: '3'
 
 services:
-  database:
-    image: postgres:11.2
-    environment:
-      - POSTGRES_PASSWORD=develop
-
   kms:
     build:
       context: '.'
@@ -21,6 +16,11 @@ services:
       - 8081:8081
     command: refresh run
 
+  server_database:
+    image: postgres:11.2
+    environment:
+      - POSTGRES_PASSWORD=develop
+
   server:
     build:
       context: '.'
@@ -30,14 +30,14 @@ services:
       - .:/offen
       - serverdeps:/go/pkg/mod
     environment:
-      - POSTGRES_CONNECTION_STRING=postgres://postgres:develop@database:5432/postgres?sslmode=disable
+      - POSTGRES_CONNECTION_STRING=postgres://postgres:develop@server_database:5432/postgres?sslmode=disable
       - KMS_ENCRYPTION_ENDPOINT=http://kms:8081/encrypt
       - PORT=8080
     ports:
       - 8080:8080
     command: refresh run
     links:
-      - database
+      - server_database
     depends_on:
       - kms
 
@@ -86,9 +86,25 @@ services:
     environment:
       - VAULT_HOST=http://localhost:9977
 
+  accounts:
+    build:
+      context: '.'
+      dockerfile: Dockerfile.python
+    working_dir: /offen/accounts
+    volumes:
+      - .:/offen
+      - accountdeps:/root/.local
+    command: flask run --host 0.0.0.0
+    ports:
+      - 5000:5000
+    environment:
+      - FLASK_APP=accounts
+      - FLASK_ENV=development
+
 volumes:
   kmsdeps:
   serverdeps:
   scriptdeps:
   auditoriumdeps:
   vaultdeps:
+  accountdeps:

package.json

@@ -15,6 +15,8 @@
   "dependencies": {
     "serverless": "^1.45.0",
     "serverless-domain-manager": "^2.6.13",
-    "serverless-finch": "^2.4.2"
+    "serverless-finch": "^2.4.2",
+    "serverless-python-requirements": "^4.3.0",
+    "serverless-wsgi": "^1.7.2"
   }
 }