Backend REST API for the Firelink project: a web GUI for Bonfire. See the firelink-frontend for the other half of this app.
You should set your oc token and server via the OC_TOKEN and OC_SERVER environment variables before starting the app on a cluster:
$ export OC_TOKEN="sha256~DEADBEEFDEADBEEFDEADBEEFDEADBEEF"
$ export OC_SERVER="https://api.secretlab.company.com:6443"
$ export PROMETHEUS_URL="https://metrics.company.com"If you don't set these firelink-backend will assume you are already logged in with a local kubecontext and wont attempt a login to the OpenShift API.
# Make sure you have pip, pipenv, and pyenv installed before these obviously
$ pipenv install
$ pipenv shell
$ make runWe also include a dev proxy Caddy config to make doing development on the frontend and backend at the same time easier. You can start the dev proxy with this (if you have Caddy installed)
$ make start-proxyThe backend will run on port 5000 and if you have firelink-frontend running locally it will run on port 3000. The dev proxy will run on port 8000 and send requests to the backend and frontend as required.
A Dockerfile is provided to run firelink-backend in a UBI8 container with gunicorn on port 8000. The image is rootless and will run on OpenShift:
$ export OC_TOKEN="sha256~DEADBEEFDEADBEEFDEADBEEFDEADBEEF"
$ export OC_SERVER="https://api.secretlab.company.com:6443"
$ export PROMETHEUS_URL="https://metrics.company.com"
$ docker build -t firelink-backend:latest .
$ docker run --net=host -e OC_TOKEN -e OC_SERVER -p 8000:8000 firelink-backend:latestThis project uses pipenv for dep management. However, getting pipenv working in the UBI8 based python-311 image proved to be impossible, at least for me. So, instead we generate a requirements.txt file for use in the build process. If you add new depenendencies make sure to run make requirements or they wont get picked up during the build. There is a pre-commit hook that should remind you if you forget.
You can deploy to an OpenShift namespace running the Clowder operator with the provided template deploy/clowder.yaml so long as that namespace has the credentials in a secret.
$ oc process -f deploy/clowdapp.yaml -p IMAGE="quay.io/rh_ee_addrew/firelink-backend" -p IMAGE_TAG="latest" -p ENV_NAME="env-ephemeral-arficv" | oc apply -n ephemeral-arficv -f -If you want to supply the credentials at the command line, like if you are launching in an ephemeral environment, use the deploy/ephemeral.yaml template instead:
$ oc process -f deploy/ephemeral.yaml -p OC_TOKEN=$TOKEN -p OC_SERVER=$SERVER -p IMAGE="quay.io/rh_ee_addrew/firelink-backend" -p IMAGE_TAG="latest" -p ENV_NAME="env-ephemeral-arficv" | oc apply -n ephemeral-arficv -f -You can deploy to a cluster without Clowder, or if you don't need additional Clowder features, using the provided template:
$ oc process -f deploy/template.yaml -p OC_TOKEN=$OC_TOKEN -p OC_SERVER=$OC_SERVER -p IMAGE="quay.io/rh_ee_addrew/firelink-backend" -p IMAGE_TAG="latest" | oc apply -n $NS -f -