Portail d’administration
Go to file
Frédéric Péters 0f7bffd1b2 agent: replace another occurence of file() (#36273) 2019-09-22 08:36:49 +02:00
debian debian: use open() to read secret key from settings (#36216) 2019-09-18 10:28:12 +02:00
hobo agent: replace another occurence of file() (#36273) 2019-09-22 08:36:49 +02:00
tests agent: adapt for python3 (#36273) 2019-09-21 18:02:37 +02:00
tests_authentic tests: changed mocked "file()" to mocked "open()", everywhere (#36216) 2019-09-18 11:10:09 +02:00
tests_multipublik tests: changed mocked "file()" to mocked "open()" (#36216) 2019-09-18 11:04:35 +02:00
tests_multitenant tests: changed mocked "file()" to mocked "open()", everywhere (#36216) 2019-09-18 11:10:09 +02:00
tests_passerelle tests: changed mocked "file()" to mocked "open()", everywhere (#36216) 2019-09-18 11:10:09 +02:00
tests_schemas reset MUST_NOTIFY on request start (#29240) 2019-09-19 15:23:36 +02:00
.gitignore gitignore: ignore local_settings.py 2015-02-12 10:19:05 +01:00
COPYING initial commit with copying 2014-03-24 18:41:39 +01:00
Jenkinsfile jenkins: add support for hotfix releases (#34485) 2019-07-02 14:27:18 +02:00
MANIFEST.in misc: ship template of debugging section (#36326) 2019-09-21 18:02:37 +02:00
README authentic agent: remove obsolete import-wcs-roles command (#35374) 2019-08-12 16:31:36 +02:00
config_example.py settings: use a single settings.py file 2015-02-09 15:55:38 +01:00
getlasso.sh use tox for running tests 2015-12-17 11:23:20 +01:00
jenkins.sh jenkins.sh: add -r to rm htmlcov (#29776) 2019-01-17 09:32:12 +01:00
manage.py settings: use a single settings.py file 2015-02-09 15:55:38 +01:00
merge-coverage.py add merge-coverage script (#8425) 2015-10-05 21:18:30 +02:00
merge-junit-results.py add merge-junit-results script (#8425) 2015-10-05 21:18:54 +02:00
requirements.txt misc: require django 1.11 (#33238) 2019-05-31 08:28:42 +02:00
setup.py misc: require django 1.11 (#33238) 2019-05-31 08:28:42 +02:00
tox.ini misc: remove support for sentry (#35566) 2019-08-24 18:02:48 +02:00

README

Hobo
====

Administration portal to configure and deploy applications.


Installation
------------

Dependencies can be installed with pip,

 $ pip install -r requirements.txt

It's then required to get the database configured (./manage.py syncdb); by
default it will create a db.sqlite3 file.

Hobo can then be run like typical django applications (./manage.py runserver),
it will communicate to deployment agents using Celery and expects a running
RabbitMQ server running on localhost.

The agent in charge of deploying application can then be run on the application
servers, for example:

  celery --app=hobo.agent.worker worker --loglevel=info

The agent will use settings from the file declared in the HOBO_AGENT_SETTINGS_FILE
environment variable (examples in hobo/agent/worker/settings.py)


Configuration
-------------

Hobo server configuration take place in hobo/settings.py, which import local
settings from the file declared in the HOBO_SETTINGS_FILE environment variable.

Adapt BROKER_URL if RabbitMQ doesn't run on localhost.

Some applications may support deployments templates, they can be specified in
the configuration with the SERVICE_TEMPLATES variable.

  SERVICE_TEMPLATES = {
        'wcs': [('export-auquo-light.wcs', u'Au quotidien light'),
                ('export-auquo.wcs', u'Au quotidien'),
                ('export-demo.wcs', u'Démo au quotidien')
                ],
  }


Agent configuration
-------------------

Agent configuration take place in hobo/agent/worker/settings.py, which import
local settings from the file declared in the HOBO_AGENT_SETTINGS_FILE
environment variable.

It's possible to limit agents to particular applications, or particular
hostnames, using the AGENT_HOST_PATTERNS configuration variable.

The format is a dictionary with applications as keys and a list of hostnames as
value. The hostnames can be prefixed by an exclamation mark to exclude them.

  AGENT_HOST_PATTERNS = {
     'wcs': ['*.example.net', '!  *.dev.example.net'],
  }

Will limit wcs deployments to *.example.net hostnames, while excluding
*.dev.example.net.


Usage
-----

Go to environment settings, pick a service, fill its name and URL, and watch it
being deployed.  Successfully deployed services will add a link to their
administration pages on the homepage.


Environment
-----------

An Hobo agent is a class defined in `hobo.agent.worker.services` and derived from
`BaseService`. For each service in the environment dictionary sent by the hobo
portal, it's instantiated with the key `base_url`, `title` and `secret_key` of
the service. If the `base_url` matches the `AGENT_HOST_PATTERNS` locally
defined, the `execute()` method of the instance is called, passing it his
`base_url` and the full environment dictionary.

The environment dictionary contains services for this particular agent and all
other services defined on the portal. The `execute()` method should only create
a tenant for the service whose `base_url` was passed to constructor. All other
informations are only for defining links with other services. The schema of the
dictionary is::

    {
        'timestamp': <current_time_as_an_unix_timestamp>,
        'users': [
            {
                'username': 'john.doe',
                'first_name': 'John',
                'last_name': 'Doe',
                'email': 'john.doe@example.com',
                'password': '<django-compatible-hashed-password>',
            }
        ],
        'services': [
           {
                'service-id': 'authentic' / 'wcs' / 'passerelle',
                'service-label': 'Authentic' / 'w.c.s.' / 'Passerelle',
                'title': 'name of service,
                'secret_key': '..', # base secret for Django applications or other needs
                'base_url': 'base url of the service',
                'saml-sp-metadata-url': '...',
                'template_name': 'demo', # name of the template bundle to use
                'variables': {
                    'variable-1': 'value-of-variable-1'
                }
           }
        ],
        'fields': [
           {
               'disabled': boolean,
               'name': unique identifier (e.g. 'first_name'),
               'label': '..' (e.g. 'First Name'),
               'kind': 'title' / 'string' / 'email',
               'asked_on_registration': boolean,
               'user_editable': boolean,
               'required': boolean,
               'user_visible': boolean,
               'order': 1
           },
        ],
        'variables': {
            'variable-1': 'value-of-variable-1'
        }
    }

Agents
------

 - w.c.s.

w.c.s. instances will be deployed using "/usr/bin/wcsctl" by default, this
command can be adapted in the WCS_MANAGE_COMMAND setting. It should be run
with the same rights as the wcs process (redefine the command to use sudo
if necessary).

Template keys defined in SERVICE_TEMPLATES have to map wcs skeleton sites
(created from settings / export) stored in /var/lib/wcs/skeletons (the exact
directory may vary according to the wcs configuration).

 - authentic2

authentic2 instances will be deployed using
"/usr/bin/authentic2-multitenant-manage" by default, this command can be
adapted in the AUTHENTIC_MANAGE_COMMAND setting. It should be run with the
same rights as the authentic2 process (redefine the command to use sudo if
necessary).


Tests
-----

For testing hobo server, do in a virtualenv:

   pip install pytest pytest-django

   DJANGO_SETTINGS_MODULE=hobo.settings HOBO_SETTINGS_FILE=tests/settings.py py.test tests

For testing multitenant framework, do in a virtualenv:

   pip install pytest pytest-django python-memcached mock .

   cd tests_multitenant ; PYTHONPATH=. DJANGO_SETTINGS_MODULE=settings py.test .