From 7fba13b550073233bc2597ec6a32817ee4d4b2fe Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Fri, 11 Jul 2025 02:59:25 +0200 Subject: [PATCH] Solved wrong namings --- group_vars/all/15_about.yml | 6 +- main.py | 4 +- roles/cmp-rdbms-orchestrator/tasks/main.yml | 2 +- .../templates/services/postgres.yml.j2 | 2 +- .../cmp-rdbms-orchestrator/vars/database.yml | 2 +- roles/svc-rdbms-mariadb/Administration.md | 2 +- roles/svc-rdbms-mariadb/tasks/main.yml | 16 ++--- roles/svc-rdbms-postgres/Administration.md | 2 +- .../templates/update-docker.py.j2 | 2 +- roles/web-app-discourse/tasks/main.yml | 6 +- roles/web-app-friendica/Administration.md | 6 +- roles/web-app-pgadmin/vars/db_config.yml | 2 +- roles/web-app-phpmyadmin/templates/env.j2 | 4 +- tasks/stages/01_constructor.yml | 2 +- tests/integration/test_valid_applications.py | 67 +++++++++++++++++++ 15 files changed, 96 insertions(+), 29 deletions(-) create mode 100644 tests/integration/test_valid_applications.py diff --git a/group_vars/all/15_about.yml b/group_vars/all/15_about.yml index 79c36750..75702c0b 100644 --- a/group_vars/all/15_about.yml +++ b/group_vars/all/15_about.yml @@ -9,12 +9,12 @@ defaults_service_provider: city: "Cybertown" postal_code: "00001" country: "Nexusland" - logo: "{{ applications['assets-server'].url ~ '/img/logo.png' }}" + logo: "{{ applications['asset'].url ~ '/img/logo.png' }}" platform: titel: "CyMaIS" subtitel: "One login. Infinite applications." - logo: "{{ applications['assets-server'].url ~ '/img/logo.png' }}" - favicon: "{{ applications['assets-server'].url ~ '/img/favicon.ico' }}" + logo: "{{ applications['asset'].url ~ '/img/logo.png' }}" + favicon: "{{ applications['asset'].url ~ '/img/favicon.ico' }}" contact: bluesky: >- {{ ('@' ~ users.contact.username ~ '.' ~ domains.bluesky.api) diff --git a/main.py b/main.py index aed050d7..8423ac1f 100755 --- a/main.py +++ b/main.py @@ -185,11 +185,11 @@ if __name__ == "__main__": Fore.CYAN )) print(color_text( - " e.g. `cymais generate defaults applications` →", + " e.g. `cymais generate defaults users` →", Fore.CYAN )) print(color_text( - " corresponds to `cli/generate/defaults/applications.py`.", + " corresponds to `cli/generate/defaults/users.py`.", Fore.CYAN )) print() diff --git a/roles/cmp-rdbms-orchestrator/tasks/main.yml b/roles/cmp-rdbms-orchestrator/tasks/main.yml index 6f488999..82505e92 100644 --- a/roles/cmp-rdbms-orchestrator/tasks/main.yml +++ b/roles/cmp-rdbms-orchestrator/tasks/main.yml @@ -1,5 +1,5 @@ # The following env file will just be used from the dedicated mariadb container -# and not the {{applications.mariadb.hostname }}-database +# and not the {{applications['rdbms-mariadb'].hostname }}-database - name: "Create {{database_env}}" template: src: "env/{{database_type}}.env.j2" diff --git a/roles/cmp-rdbms-orchestrator/templates/services/postgres.yml.j2 b/roles/cmp-rdbms-orchestrator/templates/services/postgres.yml.j2 index 6b2ffe23..a5e5d5f2 100644 --- a/roles/cmp-rdbms-orchestrator/templates/services/postgres.yml.j2 +++ b/roles/cmp-rdbms-orchestrator/templates/services/postgres.yml.j2 @@ -1,7 +1,7 @@ # This template needs to be included in docker-compose.yml, which depend on a postgres database {% if not applications | is_feature_enabled('central_database',application_id) %} {{ database_host }}: - image: postgres:{{applications.postgres.version}}-alpine + image: postgres:{{applications['rdbms-postgres'].version}}-alpine container_name: {{application_id}}-database env_file: - {{database_env}} diff --git a/roles/cmp-rdbms-orchestrator/vars/database.yml b/roles/cmp-rdbms-orchestrator/vars/database.yml index 61c25971..04621d73 100644 --- a/roles/cmp-rdbms-orchestrator/vars/database.yml +++ b/roles/cmp-rdbms-orchestrator/vars/database.yml @@ -3,7 +3,7 @@ database_host: "{{ 'central-' + database_type if applications | is_feature_ database_name: "{{ applications[database_application_id].database.name | default( database_application_id ) }}" # The overwritte configuration is needed by bigbluebutton database_username: "{{ applications[database_application_id].database.username | default( database_application_id )}}" # The overwritte configuration is needed by bigbluebutton database_password: "{{ applications[database_application_id].credentials.database_password }}" -database_port: "{{ 3306 if database_type == 'mariadb' else applications.postgres.port }}" +database_port: "{{ 3306 if database_type == 'mariadb' else applications['rdbms-postgres'].port }}" database_env: "{{docker_compose.directories.env}}{{database_type}}.env" database_url_jdbc: "jdbc:{{ database_type if database_type == 'mariadb' else 'postgresql' }}://{{ database_host }}:{{ database_port }}/{{ database_name }}" database_url_full: "{{database_type}}://{{database_username}}:{{database_password}}@{{database_host}}:{{database_port}}/{{ database_name }}" \ No newline at end of file diff --git a/roles/svc-rdbms-mariadb/Administration.md b/roles/svc-rdbms-mariadb/Administration.md index 6c165ce4..7526f484 100644 --- a/roles/svc-rdbms-mariadb/Administration.md +++ b/roles/svc-rdbms-mariadb/Administration.md @@ -2,5 +2,5 @@ ## Execute SQL commands ```bash -docker exec -it {{applications.mariadb.hostname }} mariadb -u root -p +docker exec -it {{applications['rdbms-mariadb'].hostname }} mariadb -u root -p ``` \ No newline at end of file diff --git a/roles/svc-rdbms-mariadb/tasks/main.yml b/roles/svc-rdbms-mariadb/tasks/main.yml index 182c2ec0..6fdb909e 100644 --- a/roles/svc-rdbms-mariadb/tasks/main.yml +++ b/roles/svc-rdbms-mariadb/tasks/main.yml @@ -8,11 +8,11 @@ - name: install MariaDB docker_container: - name: "{{applications.mariadb.hostname }}" - image: "mariadb:{{applications.mariadb.version}}" #could lead to problems with nextcloud + name: "{{applications['rdbms-mariadb'].hostname }}" + image: "mariadb:{{applications['rdbms-mariadb'].version}}" #could lead to problems with nextcloud detach: yes env: - MARIADB_ROOT_PASSWORD: "{{applications.mariadb.credentials.root_password}}" + MARIADB_ROOT_PASSWORD: "{{applications['rdbms-mariadb'].credentials.root_password}}" MARIADB_AUTO_UPGRADE: "1" networks: - name: central_mariadb @@ -23,7 +23,7 @@ command: "--transaction-isolation=READ-COMMITTED --binlog-format=ROW" #for nextcloud restart_policy: "{{docker_restart_policy}}" healthcheck: - test: "/usr/bin/mariadb --user=root --password={{applications.mariadb.credentials.root_password}} --execute \"SHOW DATABASES;\"" + test: "/usr/bin/mariadb --user=root --password={{applications['rdbms-mariadb'].credentials.root_password}} --execute \"SHOW DATABASES;\"" interval: 3s timeout: 1s retries: 5 @@ -38,7 +38,7 @@ - name: Wait until the MariaDB container is healthy community.docker.docker_container_info: - name: "{{ applications.mariadb.hostname }}" + name: "{{ applications['rdbms-mariadb'].hostname }}" register: db_info until: - db_info.containers is defined @@ -56,7 +56,7 @@ name: "{{ database_name }}" state: present login_user: root - login_password: "{{ applications.mariadb.credentials.root_password }}" + login_password: "{{ applications['rdbms-mariadb'].credentials.root_password }}" login_host: 127.0.0.1 login_port: "{{ database_port }}" encoding: "{{ database_encoding }}" @@ -70,7 +70,7 @@ priv: '{{database_name}}.*:ALL' state: present login_user: root - login_password: "{{applications.mariadb.credentials.root_password}}" + login_password: "{{applications['rdbms-mariadb'].credentials.root_password}}" login_host: 127.0.0.1 login_port: "{{database_port}}" @@ -78,7 +78,7 @@ # @todo Remove if this works fine in the future. #- name: Grant database privileges # ansible.builtin.shell: -# cmd: "docker exec {{applications.mariadb.hostname }} mariadb -u root -p{{ applications.mariadb.credentials.root_password }} -e \"GRANT ALL PRIVILEGES ON `{{database_name}}`.* TO '{{database_username}}'@'%';\"" +# cmd: "docker exec {{applications['rdbms-mariadb'].hostname }} mariadb -u root -p{{ applications['rdbms-mariadb'].credentials.root_password }} -e \"GRANT ALL PRIVILEGES ON `{{database_name}}`.* TO '{{database_username}}'@'%';\"" # args: # executable: /bin/bash diff --git a/roles/svc-rdbms-postgres/Administration.md b/roles/svc-rdbms-postgres/Administration.md index e169dda4..75f3cb88 100644 --- a/roles/svc-rdbms-postgres/Administration.md +++ b/roles/svc-rdbms-postgres/Administration.md @@ -3,5 +3,5 @@ ## Root Access To access the database via the root account execute the following on the server: ```bash -docker exec -it "{{ applications.postgres.hostname }}" psql -U postgres +docker exec -it "{{ applications['rdbms-postgres'].hostname }}" psql -U postgres ``` \ No newline at end of file diff --git a/roles/update-docker/templates/update-docker.py.j2 b/roles/update-docker/templates/update-docker.py.j2 index dc6f35c1..dfbbf023 100644 --- a/roles/update-docker/templates/update-docker.py.j2 +++ b/roles/update-docker/templates/update-docker.py.j2 @@ -133,7 +133,7 @@ def update_discourse(directory): update_procedure("docker stop {{applications.discourse.container}}") update_procedure("docker rm {{applications.discourse.container}}") try: - update_procedure("docker network connect {{applications.discourse.network}} {{ applications.postgres.hostname }}") + update_procedure("docker network connect {{applications.discourse.network}} {{ applications['rdbms-postgres'].hostname }}") except subprocess.CalledProcessError as e: error_message = e.output.decode() if "already exists" in error_message or "is already connected" in error_message: diff --git a/roles/web-app-discourse/tasks/main.yml b/roles/web-app-discourse/tasks/main.yml index f67c31a8..32dd9f8b 100644 --- a/roles/web-app-discourse/tasks/main.yml +++ b/roles/web-app-discourse/tasks/main.yml @@ -43,13 +43,13 @@ meta: flush_handlers when: run_once_docker_discourse is not defined -- name: "Connect {{ applications[application_id].container }} to network {{ applications.postgres.network }}" +- name: "Connect {{ applications[application_id].container }} to network {{ applications['rdbms-postgres'].network }}" command: > - docker network connect {{ applications.postgres.network }} {{ applications[application_id].container }} + docker network connect {{ applications['rdbms-postgres'].network }} {{ applications[application_id].container }} register: network_connect failed_when: > network_connect.rc != 0 and - 'Error response from daemon: endpoint with name {{ applications[application_id].container }} already exists in network {{ applications.postgres.network }}' + 'Error response from daemon: endpoint with name {{ applications[application_id].container }} already exists in network {{ applications['rdbms-postgres'].network }}' not in network_connect.stderr changed_when: network_connect.rc == 0 when: diff --git a/roles/web-app-friendica/Administration.md b/roles/web-app-friendica/Administration.md index 045e4ebd..143a93f8 100644 --- a/roles/web-app-friendica/Administration.md +++ b/roles/web-app-friendica/Administration.md @@ -14,7 +14,7 @@ The following environment variables need to be defined for successful operation: To completely reset Friendica, including its database and volumes, run: ```bash -docker exec -i {{applications.mariadb.hostname }} mariadb -u root -p"${DB_ROOT_PASSWORD}" -e "DROP DATABASE IF EXISTS friendica; CREATE DATABASE friendica;" +docker exec -i {{applications['rdbms-mariadb'].hostname }} mariadb -u root -p"${DB_ROOT_PASSWORD}" -e "DROP DATABASE IF EXISTS friendica; CREATE DATABASE friendica;" docker compose down rm -rv /mnt/hdd/data/docker/volumes/friendica_data docker volume rm friendica_data @@ -25,7 +25,7 @@ docker volume rm friendica_data ## Manual Method: 1. Connect to the MariaDB instance: ```bash - docker exec -it {{applications.mariadb.hostname }} mariadb -u root -p + docker exec -it {{applications['rdbms-mariadb'].hostname }} mariadb -u root -p ``` 2. Run the following commands: ```sql @@ -37,7 +37,7 @@ docker volume rm friendica_data ## Automatic Method: ```bash DB_ROOT_PASSWORD="your_root_password" -docker exec -i {{applications.mariadb.hostname }} mariadb -u root -p"${DB_ROOT_PASSWORD}" -e "DROP DATABASE IF EXISTS friendica; CREATE DATABASE friendica;" +docker exec -i {{applications['rdbms-mariadb'].hostname }} mariadb -u root -p"${DB_ROOT_PASSWORD}" -e "DROP DATABASE IF EXISTS friendica; CREATE DATABASE friendica;" ``` ## Enter the Application Container 🔍 diff --git a/roles/web-app-pgadmin/vars/db_config.yml b/roles/web-app-pgadmin/vars/db_config.yml index 9e9915c8..98187647 100644 --- a/roles/web-app-pgadmin/vars/db_config.yml +++ b/roles/web-app-pgadmin/vars/db_config.yml @@ -9,6 +9,6 @@ pgadmin_servers: port: "{{ database_port }}" username: "postgres" maintenance_db: "postgres" - password: "{{ applications.postgres.credentials.postgres_password }}" + password: "{{ applications['rdbms-postgres'].credentials.postgres_password }}" # Here you can add more databases \ No newline at end of file diff --git a/roles/web-app-phpmyadmin/templates/env.j2 b/roles/web-app-phpmyadmin/templates/env.j2 index cc73cea8..d19e9c48 100644 --- a/roles/web-app-phpmyadmin/templates/env.j2 +++ b/roles/web-app-phpmyadmin/templates/env.j2 @@ -1,7 +1,7 @@ # Configuration @see https://hub.docker.com/_/phpmyadmin -PMA_HOST={{applications.mariadb.hostname}} +PMA_HOST={{applications['rdbms-mariadb'].hostname}} {% if applications[application_id].autologin | bool %} PMA_USER= root -PMA_PASSWORD= "{{applications.mariadb.credentials.root_password}}" +PMA_PASSWORD= "{{applications['rdbms-mariadb'].credentials.root_password}}" {% endif %} \ No newline at end of file diff --git a/tasks/stages/01_constructor.yml b/tasks/stages/01_constructor.yml index a09902d5..11469302 100644 --- a/tasks/stages/01_constructor.yml +++ b/tasks/stages/01_constructor.yml @@ -48,7 +48,7 @@ # The following mapping is necessary to define the exceptions for domains which are created, but which aren't used redirect_domain_mappings: "{{ [] | - add_redirect_if_group('assets-server', domains | get_domain('assets-server'), domains | get_domain('file-server'), group_names) | + add_redirect_if_group('asset', domains | get_domain('asset'), domains | get_domain('file-server'), group_names) | merge_mapping(redirect_domain_mappings| default([]), 'source') }}" diff --git a/tests/integration/test_valid_applications.py b/tests/integration/test_valid_applications.py new file mode 100644 index 00000000..b715859e --- /dev/null +++ b/tests/integration/test_valid_applications.py @@ -0,0 +1,67 @@ +import os +import sys +import re +import unittest +from cli.meta.applications import find_application_ids + +# ensure project root is on PYTHONPATH so we can import the CLI code +# project root is two levels up from this file (tests/integration -> project root) +ROOT = os.path.abspath(os.path.join(os.path.dirname(__file__), os.pardir, os.pardir)) +sys.path.insert(0, ROOT) + +class TestValidApplicationUsage(unittest.TestCase): + """ + Integration test to ensure that only valid application IDs + are used in all .yml, .yaml, .yml.j2, .yaml.j2, and .py files. + Methods like applications.items() can be whitelisted and ignored. + """ + # regex patterns to capture applications['name'], applications.get('name'), and applications.name + APPLICATION_SUBSCRIPT_RE = re.compile(r"applications\[['\"](?P[^'\"]+)['\"]\]") + APPLICATION_GET_RE = re.compile(r"applications\.get\(\s*['\"](?P[^'\"]+)['\"]") + APPLICATION_ATTR_RE = re.compile(r"applications\.(?P[A-Za-z_]\w*)") + + # methods and exceptions that should not be validated as application IDs + WHITELIST = {'items', 'yml', 'get'} + + def test_application_references_use_valid_ids(self): + valid_apps = find_application_ids() + + tests_dir = os.path.join(ROOT, 'tests') + for dirpath, _, filenames in os.walk(ROOT): + # skip the tests/ directory and all its subdirectories + if dirpath == tests_dir or dirpath.startswith(tests_dir + os.sep): + continue + + for filename in filenames: + if not filename.lower().endswith(('.yml', '.yaml', '.yml.j2', '.yaml.j2', '.py')): + continue + filepath = os.path.join(dirpath, filename) + try: + with open(filepath, 'r', encoding='utf-8') as f: + content = f.read() + except Exception: + # skip files that cannot be opened + continue + + for pattern in ( + self.APPLICATION_SUBSCRIPT_RE, + self.APPLICATION_GET_RE, + self.APPLICATION_ATTR_RE, + ): + for match in pattern.finditer(content): + name = match.group('name') + # skip whitelisted methods/exceptions + if name in self.WHITELIST: + continue + # each found reference must be in valid_apps + self.assertIn( + name, + valid_apps, + msg=( + f"{filepath}: reference to application '{name}' " + f"is invalid. Known IDs: {sorted(valid_apps)}" + ) + ) + +if __name__ == '__main__': + unittest.main()