OpenShift online ready

2025-11-11 18:56:23 +00:00 · 2018-06-12 09:18:36 +02:00
parent 4a899cc28a
commit 47d65253eb
8 changed files with 96 additions and 22 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -2,7 +2,7 @@ image: centos:centos7
 before_script:
  - yum install -y -t https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
-  - yum -y -t install python34 python34-pip python34-devel unzip mysql-devel gcc git
+  - yum -y -t install python34 python34-pip python34-devel unzip mysql-devel gcc git openldap-devel
  - pip3 install virtualenv --upgrade
  - virtualenv -p python3 /tmp/.virtualenv
  - source /tmp/.virtualenv/bin/activate
--- a/config.py
+++ b/config.py
@@ -1,10 +1,19 @@
 '''
 Configuration overrides for settings.py
 '''
 import os
-from ivatar.settings import BASE_DIR
+from socket import gethostname, gethostbyname
 from django.urls import reverse_lazy
 from ivatar.settings import BASE_DIR
 ADMIN_USERS = []
 ALLOWED_HOSTS = [
    'localhost',
    gethostname(),
    gethostbyname(gethostname()),
    '.openshiftapps.com',
    '127.0.0.1',
 ]
 from ivatar.settings import INSTALLED_APPS  # noqa
@@ -12,6 +21,7 @@ INSTALLED_APPS.extend([
    'django_extensions',
    'django_openid_auth',
    'bootstrap4',
    'anymail',
    'ivatar',
    'ivatar.ivataraccount',
 ])
@@ -40,7 +50,6 @@ TEMPLATES[0]['OPTIONS']['context_processors'].append(
 OPENID_CREATE_USERS = True
 OPENID_UPDATE_DETAILS_FROM_SREG = True
 SITE_URL = 'https://ivatar.io'
 SITE_NAME = 'ivatar'
 IVATAR_VERSION = '0.1'
@@ -72,5 +81,31 @@ BOOTSTRAP4 = {
    },
 }
 ANYMAIL = {
    'MAILGUN_API_KEY': '9ea63b269bf14734e928f7aa99f7b891-47317c98-19591231',
    'MAILGUN_SENDER_DOMAIN': 'sandbox86e598eae2de47bcac3926e6d24d789a.mailgun.org',
 }
 EMAIL_BACKEND = 'anymail.backends.mailgun.EmailBackend'
 DEFAULT_FROM_EMAIL = 'ivatar@linux-kernel.at'
 try:
    from ivatar.settings import DATABASES
 except Exception:  # pragma: no cover
    DATABASES = []  # pragma: no cover
 if not 'default' in DATABASES:
    DATABASES['default'] = {
        'ENGINE': 'django.db.backends.sqlite3',
        'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
    }
 if 'MYSQL_DATABASE' in os.environ:
    DATABASES['default'] = {
        'ENGINE': 'django.db.backends.mysql',
        'NAME': os.environ['MYSQL_DATABASE'],
        'USER': os.environ['MYSQL_USER'],
        'PASSWORD': os.environ['MYSQL_PASSWORD'],
        'HOST': 'mysql',
    }
 if os.path.isfile(os.path.join(BASE_DIR, 'config_local.py')):
    from config_local import *  # noqa # flake8: noqa # NOQA # pragma: no cover
--- a/config_local.py
+++ b/config_local.py
@@ -6,5 +6,4 @@ from ivatar.settings import TEMPLATES  # noqa
 SESSION_COOKIE_SECURE = False
 DEBUG = True
 SITE_URL = 'http://localhost:8383'
 TEMPLATES[0]['OPTIONS']['debug'] = True
--- a/create.sh
+++ b/create.sh
@@ -0,0 +1,21 @@
 #!/bin/sh
 oc new-project ivatar
 # Take care, the following environment variable must be set either in bashrc/profile or locally in this session
 oc secrets new-basicauth lkernat-gitlab-openshift-falko-access-token --password=$LKERNAT_GITLAB_OPENSHIFT_ACCESS_TOKEN
 oc secrets add serviceaccount/builder secrets/lkernat-gitlab-openshift-falko-access-token
 MYSQL_PASSWORD=`openssl rand -base64 16`
 MYSQL_ROOT_PASSWORD=`openssl rand -base64 16`
 oc new-app --source-secret=lkernat-gitlab-openshift-falko-access-token \
  python~https://git.linux-kernel.at/oliver/ivatar.git \
  mysql-persistent \
  --group=python+mysql-persistent \
  -e MYSQL_USER=ivatar \
  -p MYSQL_USER=ivatar \
  -e MYSQL_PASSWORD=$MYSQL_PASSWORD \
  -p MYSQL_PASSWORD=$MYSQL_PASSWORD \
  -e MYSQL_DATABASE=ivatar \
  -p MYSQL_DATABASE=ivatar \
  -e MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD \
  -p MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD
 oc expose svc/ivatar
--- a/ivatar/context_processors.py
+++ b/ivatar/context_processors.py
@@ -2,7 +2,7 @@
 Default: useful variables for the base page templates.
 '''
-from ivatar.settings import IVATAR_VERSION, SITE_NAME, SITE_URL
+from ivatar.settings import IVATAR_VERSION, SITE_NAME
 from ipware import get_client_ip
@@ -19,5 +19,5 @@ def basepage(request):
    context['client_ip'] = client_ip
    context['ivatar_version'] = IVATAR_VERSION
    context['site_name'] = SITE_NAME
-    context['site_url'] = SITE_URL
+    context['site_url'] = request.build_absolute_uri('/')
    return context
--- a/ivatar/ivataraccount/forms.py
+++ b/ivatar/ivataraccount/forms.py
@@ -35,10 +35,11 @@ class AddEmailForm(forms.Form):
        # TODO: Domain restriction as in libravatar?
        return self.cleaned_data['email'].lower()
-    def save(self, user):
+    def save(self, request):
        '''
        Save the model, ensuring some safety
        '''
        user = request.user
        # Enforce the maximum number of unconfirmed emails a user can have
        num_unconfirmed = user.unconfirmedemail_set.count()
@@ -66,7 +67,7 @@ class AddEmailForm(forms.Form):
        unconfirmed.user = user
        unconfirmed.save()
-        link = settings.SITE_URL + \
+        link = request.build_absolute_uri('/') + \
            reverse(
                'confirm_email',
                kwargs={'verification_key': unconfirmed.verification_key})
--- a/ivatar/ivataraccount/views.py
+++ b/ivatar/ivataraccount/views.py
@@ -21,7 +21,7 @@ from .forms import AddEmailForm, UploadPhotoForm, AddOpenIDForm
 from .models import UnconfirmedEmail, ConfirmedEmail, Photo
 from .models import UnconfirmedOpenId, ConfirmedOpenId, DjangoOpenIDStore
-from ivatar.settings import MAX_NUM_PHOTOS, MAX_PHOTO_SIZE, SITE_URL
+from ivatar.settings import MAX_NUM_PHOTOS, MAX_PHOTO_SIZE
 import io
@@ -91,7 +91,7 @@ class AddEmailView(SuccessMessageMixin, FormView):
    success_url = reverse_lazy('profile')
    def form_valid(self, form):
-        if not form.save(self.request.user):
+        if not form.save(self.request):
            messages.error(self.request, _('Address not added'))
        else:
            messages.success(self.request, _('Address added successfully'))
@@ -447,7 +447,7 @@ class RedirectOpenIDView(View):
            messages.error(request, _('OpenID discovery failed'))
            return HttpResponseRedirect(reverse_lazy('profile'))
-        realm = SITE_URL  # pragma: no cover
+        realm = request.build_absolute_uri('/')  # pragma: no cover
        return_url = realm + reverse(  # pragma: no cover
            'confirm_openid', args=[kwargs['openid_id']])
        return HttpResponseRedirect(  # pragma: no cover
@@ -461,7 +461,7 @@ class ConfirmOpenIDView(View):  # pragma: no cover
    def do_request(self, data, *args, **kwargs):
        session = {'id': self.request.session.session_key}
-        current_url = SITE_URL + self.request.path
+        current_url = self.request.build_absolute_uri('/') + self.request.path
        openid_consumer = consumer.Consumer(session, DjangoOpenIDStore())
        info = openid_consumer.complete(data, current_url)
        if info.status == consumer.FAILURE:
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,14 +1,32 @@
 autopep8
 bcrypt
 defusedxml
 Django
-git+https://github.com/ofalk/django-openid-auth
+django-auth-ldap
 python3-openid
 pytz
 six
 Pillow
 py3dns
 bcrypt
 django-extensions
 PyMySQL
 django-ipware
 django-bootstrap4
 django-coverage-plugin
 django-extensions
 django-ipware
 django-user-accounts
 fabric
 flake8-respect-noqa
 git+https://github.com/ofalk/django-openid-auth
 Pillow
 pip
 py3dns
 pydocstyle
 pyLibravatar
 pylint
 PyMySQL
 python3-openid
 python-coveralls
 python-language-server
 pytz
 rope
 setuptools
 six
 social-auth-app-django
 wheel
 yapf
 django-anymail[mailgun]
 mysqlclient