From b6d5c8aee5eec4625f310778d02d9ff6bb49532b Mon Sep 17 00:00:00 2001
From: František Zatloukal <fzatlouk@redhat.com>
Date: Apr 02 2020 15:40:16 +0000
Subject: OpenShift Support


---

diff --git a/Dockerfile b/Dockerfile
index 289b102..f391f16 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -25,6 +25,7 @@ RUN dnf -y install findutils rpm-build python3-pip python3-mod_wsgi python3-pycu
                       python3-dateutil \
                       python3-bodhi-client \
                       python3-pytz \
+                      python3-psycopg2 \
                       python3-requests \
                       python3-setuptools
 
@@ -58,8 +59,8 @@ RUN rm -rf /opt/app-root/src/oraculum \
 # EXPOSE 5005/tcp
 EXPOSE 5005
 
-RUN echo "SECRET_KEY = '`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1`'" >> /etc/oraculum/settings.py
-RUN echo "SQLALCHEMY_DATABASE_URI = 'sqlite:////var/tmp/oraculum.sqlite'" >> /etc/oraculum/settings.py
+#RUN echo "SECRET_KEY = '`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1`'" >> /etc/oraculum/settings.py
+#RUN echo "SQLALCHEMY_DATABASE_URI = 'sqlite:////var/tmp/oraculum.sqlite'" >> /etc/oraculum/settings.py
 RUN echo "OIDC_CLIENT_SECRETS = '/etc/oraculum/client_secrets.json'" >> /etc/oraculum/settings.py
 
 CMD [ "runserver" ]
diff --git a/conf/settings.py.example b/conf/settings.py.example
index b6d3d4e..7c84ec0 100644
--- a/conf/settings.py.example
+++ b/conf/settings.py.example
@@ -9,5 +9,7 @@ OIDC_ID_TOKEN_COOKIE_SECURE = False
 OIDC_REQUIRE_VERIFIED_EMAIL = False
 OIDC_SCOPES = ['openid', 'email', 'profile']
 
-SKIP_CACHE_AGE_CHECK = False # Skip checking cache age in runtime, make sure to set up cron with "runcli.py sync" if set to True
+# MAX_DB_AGE will be ignored if FORCE_CACHED_DATA, DB cache will be used no matter how old it is
+# make sure to set up cron with "runcli.py sync" if set to True
+FORCE_CACHED_DATA = False
 MAX_DB_AGE = 1800 # Max cache age allowed in seconds (30 minutes)
diff --git a/container_start.sh b/container_start.sh
index 79ed056..a9b243b 100644
--- a/container_start.sh
+++ b/container_start.sh
@@ -2,6 +2,10 @@
 if [[ $1 == runserver ]]; then
     echo $CLIENT_SECRETS > /etc/oraculum/client_secrets.json
 
+    # Prepare database
+    oraculum init_db
+    oraculum upgrade_db
+
     mod_wsgi-express-3 start-server /usr/share/oraculum/oraculum.wsgi --user apache --group apache \
     --port 5005 --threads 5 --include-file /etc/httpd/conf.d/oraculum.conf --log-level info \
     --log-to-terminal --access-log --startup-log
diff --git a/oraculum/__init__.py b/oraculum/__init__.py
index 46c8961..9603359 100644
--- a/oraculum/__init__.py
+++ b/oraculum/__init__.py
@@ -19,12 +19,13 @@
 
 from flask import Flask
 from flask_sqlalchemy import SQLAlchemy
-
 from flask_caching import Cache
 from flask_cors import CORS
 from flask_oidc import OpenIDConnect
 from flask_login import LoginManager
 
+from . import config
+
 import logging
 import os
 
@@ -37,6 +38,9 @@ __version__ = "0.0.3"
 app = Flask(__name__)
 app.secret_key = 'not-really-a-secret'
 
+# Is this an OpenShift deployment?
+openshift_production = os.getenv('OPENSHIFT_PROD')
+
 cache = Cache(app, config={'CACHE_TYPE': 'simple'})
 
 # Load default config, then override that with a config file
@@ -52,6 +56,9 @@ else:
 
 app.config.from_object(default_config_obj)
 
+if openshift_production:
+    config.openshift_config(app.config, openshift_production)
+
 config_file = os.environ.get('ORACULUM_CONFIG', default_config_file)
 
 if os.path.exists(config_file):
diff --git a/oraculum/cli.py b/oraculum/cli.py
index 30d9084..00d45e1 100644
--- a/oraculum/cli.py
+++ b/oraculum/cli.py
@@ -49,6 +49,7 @@ def initialize_db():
 
     if current_rev:
         print("Database already initialized and at rev %s - not re-initializing" % current_rev)
+        return True
     else:
         print("Initializing Database")
         db.drop_all()
@@ -57,6 +58,7 @@ def initialize_db():
         print("Initializing alembic version")
 
         al_command.stamp(alembic_cfg, "head")
+        return True
 
 
 def upgrade_db():
@@ -67,7 +69,7 @@ def upgrade_db():
 def sync():
     print("Refreshing DB Cache")
     app.config['MAX_DB_AGE'] = 0
-    app.config['SKIP_CACHE_AGE_CHECK'] = False
+    app.config['FORCE_CACHED_DATA'] = False
     db_utils.refresh_data("get_actions", controllers.main.get_actions())
     db_utils.refresh_data("api_v1_landing_page", controllers.main.get_landing_page_data())
     db_utils.refresh_data("api_v1_libkarma",
diff --git a/oraculum/config.py b/oraculum/config.py
index ea5e9b9..2544eab 100644
--- a/oraculum/config.py
+++ b/oraculum/config.py
@@ -17,6 +17,8 @@
 # Authors:
 #    Josef Skladanka <jskladan@redhat.com>
 
+import os
+import sys
 
 class Config(object):
     DEBUG = True
@@ -40,13 +42,14 @@ class Config(object):
     OIDC_REQUIRE_VERIFIED_EMAIL = False
     OIDC_SCOPES = ['openid', 'email', 'profile']
 
-    SKIP_CACHE_AGE_CHECK = False
+    FORCE_CACHED_DATA = False
     MAX_DB_AGE = 1800  # keep data cached for 30 minutes
 
 
 class ProductionConfig(Config):
     PRODUCTION = True
     DEBUG = False
+    FORCE_CACHED_DATA = True
 
 
 class DevelopmentConfig(Config):
@@ -60,3 +63,29 @@ class DevelopmentConfig(Config):
 class TestingConfig(Config):
     TRAP_BAD_REQUEST_ERRORS = True
     TESTING = True
+
+def openshift_config(config_object, openshift_production):
+    # First, get db details from env
+    try:
+        config_object["SQLALCHEMY_DATABASE_URI"] = "postgresql+psycopg2://%s:%s@%s:%s/%s" % (
+            os.environ["POSTGRESQL_USER"],
+            os.environ["POSTGRESQL_PASSWORD"],
+            os.environ["POSTGRESQL_SERVICE_HOST"],
+            os.environ["POSTGRESQL_SERVICE_PORT"],
+            os.environ["POSTGRESQL_DATABASE"]
+        )
+        config_object["SECRET_KEY"] = os.environ["SECRET_KEY"]
+        config_object["CLIENT_SECRETS"] = os.environ["CLIENT_SECRETS"]
+    except(KeyError):
+        print("OpenShift mode enabled but required values couldn't be fetched. "
+              "Check, if you have these variables defined in you env: "
+              "(POSTGRESQL_[USER, PASSWORD, DATABASE, SERVICE_HOST, SERVICE_PORT], SECRET_KEY, CLIENT_SECRETS)", file=sys.stderr)
+        sys.exit(1)
+
+    # Get some more data from OpenShift, if set
+    if os.getenv("KANBAN_CONFIG"):
+        config_object["KANBAN_CONFIG"] = os.getenv("KANBAN_CONFIG")
+
+    # Some final touches for oidc
+    if os.getenv("OVERWRITE_REDIRECT_URI"):
+        config_object["OVERWRITE_REDIRECT_URI"] = os.getenv("OVERWRITE_REDIRECT_URI")
diff --git a/oraculum/utils/db_utils.py b/oraculum/utils/db_utils.py
index 1b958e1..d75673b 100644
--- a/oraculum/utils/db_utils.py
+++ b/oraculum/utils/db_utils.py
@@ -28,9 +28,9 @@ from oraculum.models.db_cache import CachedData
 def is_new_enough(db_time):
     """
     Checks if given db_time is new enough according to MAX_DB_AGE
-    Skips check if SKIP_CACHE_AGE_CHECK is set to True
+    Skips check if FORCE_CACHED_DATA is set to True
     """
-    if app.config['SKIP_CACHE_AGE_CHECK']:
+    if app.config['FORCE_CACHED_DATA']:
         return True
     if not db_time:
         return False
@@ -41,10 +41,7 @@ def is_new_enough(db_time):
 def refresh_data(provider, data):
     """
     Refreshes given data for given provider in the db
-    Returns immediately when SKIP_CACHE_AGE_CHECK is set
     """
-    if app.config['SKIP_CACHE_AGE_CHECK']:
-        return True
     row = CachedData.query.filter_by(provider=provider).first()
     if row:
         row.time_created = datetime.utcnow()