Add Makefile and ssh to Dockerfile to enable vscode debug

.gitignore

@@ -3,3 +3,4 @@ __pycache__/
 venv/
 .idea/
 .aws/
+launch.json

Dockerfile.update

@@ -15,10 +15,22 @@ USER 0
 COPY container/doozer-settings.yaml /home/"$USERNAME"/.config/doozer/settings.yaml
 COPY container/elliott-settings.yaml /home/"$USERNAME"/.config/elliott/settings.yaml
 
+# If you want to run with an ssh server (for debugging in vscode), uncomment these four lines
+# RUN dnf install -y openssh-server && \
+#     ssh-keygen -A && \
+#     sed -i 's/#Port 22/Port 22/' /etc/ssh/sshd_config && \
+#     sed -i 's/#PubkeyAuthentication yes/PubkeyAuthentication yes/' /etc/ssh/sshd_config
+
 # Switching back to default user
 USER "$USER_UID"
 
 WORKDIR /workspaces/art-dash
+
+# If you want to run with an ssh server (for debugging in vscode), uncomment these three lines after adding a the launch.json
+# RUN mkdir .vscode
+# RUN sudo chmod a+rw .vscode
+# COPY launch.json .vscode
+
 # Upadate pip
 RUN python3 -m pip install --upgrade pip
 COPY requirements.txt ./

Makefile

@@ -0,0 +1,122 @@
+OPENSHIFT_DEV_DIR=$(HOME)/tmp/art-ui
+GIT_TOKEN_FILE=$(OPENSHIFT_DEV_DIR)/git_token
+NETWORK_NAME=art-dashboard-network
+MARIADB_CONTAINER_NAME=mariadb
+MARIADB_IMAGE=docker.io/library/mariadb:10.6.14
+MARIADB_ROOT_PASSWORD=secret
+MARIADB_DATABASE=doozer_build
+
+ART_DASHBOARD_SERVER_DIR=$(OPENSHIFT_DEV_DIR)/art-dashboard-server
+ART_TOOLS_DIR=$(OPENSHIFT_DEV_DIR)/art-tools
+TEST_URL=http://localhost:8080/api/v1/test
+
+# Build the development environment base image
+.PHONY: build-dev-base
+build-dev-base:
+	podman build -f Dockerfile.base -t art-dash-server:base --build-arg USERNAME=$(USER) --build-arg USER_UID=1000 .
+
+# Build the development environment update image
+.PHONY: build-dev
+build-dev:
+	podman build -f Dockerfile.update -t art-dash-server:latest --build-arg USERNAME=$(USER) --build-arg USER_UID=1000 .
+
+# If the user wants to use their own .ssh directory, they need to copy it
+.PHONY: setup-dev-env
+setup-dev-env: check-network check-mariadb clone-repos
+
+# Check if the Podman network exists, create if it doesn't
+.PHONY: check-network
+check-network:
+	@if ! podman network exists $(NETWORK_NAME); then \
+		echo "Creating Podman network $(NETWORK_NAME)"; \
+		podman network create $(NETWORK_NAME); \
+	else \
+		echo "Podman network $(NETWORK_NAME) already exists"; \
+	fi
+
+# Check if the MariaDB container is running, start if it's not; if already
+# there but stopped, start it.
+.PHONY: check-mariadb
+check-mariadb:
+	@if ! podman ps --format "{{.Names}}" | grep -w $(MARIADB_CONTAINER_NAME) > /dev/null; then \
+		if podman ps -a --format "{{.Names}}" | grep -w $(MARIADB_CONTAINER_NAME) > /dev/null; then \
+			echo "MariaDB container exists but is stopped. Starting it..."; \
+			podman start $(MARIADB_CONTAINER_NAME); \
+		else \
+			echo "Starting a new MariaDB container"; \
+			podman run --net $(NETWORK_NAME) --name $(MARIADB_CONTAINER_NAME) \
+				-e MARIADB_ROOT_PASSWORD=$(MARIADB_ROOT_PASSWORD) \
+				-e MARIADB_DATABASE=$(MARIADB_DATABASE) \
+				-d $(MARIADB_IMAGE); \
+		fi \
+	else \
+		echo "MariaDB container $(MARIADB_CONTAINER_NAME) already running"; \
+	fi
+
+# Create the art-dash database in the MariaDB container.
+create-db: check-mariadb
+	sleep 4
+	podman exec $(MARIADB_CONTAINER_NAME) mysql -uroot -psecret -e "CREATE DATABASE IF NOT EXISTS art_dash;"
+
+# Make some local dirs to share with the ART-ui server container
+# Clone repositories if they don't exist
+.PHONY: clone-repos
+clone-repos:
+	mkdir -p $(OPENSHIFT_DEV_DIR)/.git
+	mkdir -p $(OPENSHIFT_DEV_DIR)/.docker
+	mkdir -p $(OPENSHIFT_DEV_DIR)/.ssh
+	cd $(OPENSHIFT_DEV_DIR)
+	touch $(OPENSHIFT_DEV_DIR)/.git/.gitconfig
+	touch $(OPENSHIFT_DEV_DIR)/.docker/config.json
+	@if [ ! -d $(ART_DASHBOARD_SERVER_DIR) ]; then \
+		echo "Cloning art-dashboard-server"; \
+		git clone https://github.com/openshift-eng/art-dashboard-server.git $(ART_DASHBOARD_SERVER_DIR); \
+	fi
+	@if [ ! -d $(ART_TOOLS_DIR) ]; then \
+		echo "Cloning art-tools"; \
+		git clone https://github.com/openshift-eng/art-tools.git $(ART_TOOLS_DIR); \
+	fi
+
+EXTRA_ARGS =
+
+ifeq ($(DEBUG_MODE),1)
+    EXTRA_ARGS = bash -c "sudo /usr/sbin/sshd -D -e"
+endif
+
+# Run the development environment
+# Run like this if you want to debug with vscode across ssh: 'make run-dev DEBUG_MODE=1'
+
+.PHONY: run-dev
+run-dev:
+	cd $(OPENSHIFT_DEV_DIR)
+	@if [ ! -f $(GIT_TOKEN_FILE) ]; then \
+		echo "Error: GitHub token file not found."; \
+		exit 1; \
+	fi
+	podman run --privileged -it --name dj1 --rm -p 8080:8080 -p 5678:5678 -p 3022:22 --net $(NETWORK_NAME) \
+		-v "$(ART_TOOLS_DIR)/doozer/":/workspaces/doozer/:cached,z \
+		-v "$(ART_TOOLS_DIR)/elliott/":/workspaces/elliott/:cached,z \
+		-v $(OPENSHIFT_DEV_DIR)/.ssh:/home/$(USER)/.ssh:ro,cached,z \
+		-v $(OPENSHIFT_DEV_DIR)/.docker/config.json:/home/$(USER)/.docker/config.json:ro,cached,z \
+		-v $(OPENSHIFT_DEV_DIR)/.git/.gitconfig:/home/$(USER)/.gitconfig:ro,cached,z \
+		-e RUN_ENV=development \
+		-e GITHUB_PERSONAL_ACCESS_TOKEN=$$(cat $(GIT_TOKEN_FILE)) \
+		art-dash-server:latest $(EXTRA_ARGS)
+
+# Test if the server is running by checking the response of curl to the API
+.PHONY: dev-test
+dev-test:
+	@curl -s -o /dev/null -w "%{http_code}" $(TEST_URL) | grep -q 200 && \
+		echo "dev environment is working" || echo "dev environment is not working"
+
+# Clean up development environment by stopping and removing containers and network
+.PHONY: clean-dev
+clean-dev:
+	@if podman ps -a --format "{{.Names}}" | grep -w $(MARIADB_CONTAINER_NAME) > /dev/null; then \
+		echo "Stopping and removing MariaDB container"; \
+		podman stop $(MARIADB_CONTAINER_NAME) && podman rm $(MARIADB_CONTAINER_NAME); \
+	fi
+	@if podman network exists $(NETWORK_NAME); then \
+		echo "Removing Podman network $(NETWORK_NAME)"; \
+		podman network rm $(NETWORK_NAME); \
+	fi

README.md

@@ -10,11 +10,21 @@
 you can build it from scratch
 ```
 # only required once unless RPM reqs change
+# requires access to certs.corp.redhat.com (which is only accessible on the Redhat network)
 podman build -f Dockerfile.base -t art-dash-server:base --build-arg USERNAME=$USER --build-arg USER_UID=$(id -u) .
 
 # repeat this to update the app as it changes
 podman build -f Dockerfile.update -t art-dash-server:latest --build-arg USERNAME=$USER --build-arg USER_UID=$(id -u) .
 ```
+
+If you get an error like this when running the `podman build`:
+
+```
+useradd warning: <your UserID>'s uid 4205753 outside of the UID_MIN 1000 and UID_MAX 60000 range.
+```
+
+Change `$(id -u)` above to something within that range (e.g., 1000).
+
 or you can get the build from [cluster](https://console-openshift-console.apps.artc2023.pc3z.p1.openshiftapps.com/k8s/ns/art-dashboard-server/imagestreams/art-dash-server)
 ```
 # after you log in to the cluster on CLI
@@ -30,12 +40,15 @@ podman network create art-dashboard-network
 
 ## 3. Setup local database
 
+During development, if your modifications perform or depend on any DB operations, you'll need to
+populate the database; if not, skip to the section that just creates the database.
+
 Start the local DB server using a specific version of MariaDB (10.6.14), as the latest version doesn't include MySQL.
 ```
 podman run --net art-dashboard-network --name mariadb -e MARIADB_ROOT_PASSWORD=secret -e MARIADB_DATABASE=doozer_build -d docker.io/library/mariadb:10.6.14
 ```
 
-Download the test database as `test.sql`. 
+Download the test database as `test.sql`.
 ```
 # Log in to OpenShift CLI and switch to the art-db project
 oc login
@@ -62,10 +75,12 @@ Import db into the mariadb container
 podman cp test.sql mariadb:/test.sql
 podman exec -ti mariadb /bin/bash
 
-# Inside the container
+# Inside the container, create the database
 mysql -uroot -psecret
 CREATE DATABASE art_dash;
 exit
+
+# Do this if you need to import data.
 mysql -uroot -psecret art_dash < test.sql
 ```
 Password is `secret` as defined in the podman run command.
@@ -74,7 +89,11 @@ Password is `secret` as defined in the podman run command.
 ## 4. Run container
 
 ```
-OPENSHIFT=$HOME/ART-dash    # create a workspace, clone art-tools and art-dash to this location.
+# create a workspace, git clone art-tools and art-dashoard-server  repos in this location.
+OPENSHIFT=$HOME/ART-dash
+cd $OPENSHIFT
+git clone https://github.com/openshift-eng/art-dashboard-server.git
+git clone https://github.com/openshift-eng/art-tools.git
 
 podman run -it --rm -p 8080:8080 --net art-dashboard-network \
 -v "$OPENSHIFT/art-dashboard-server":/workspaces/art-dash:cached,z \
@@ -104,6 +123,9 @@ Referrer-Policy: same-origin
 Cross-Origin-Opener-Policy: same-origin
 
 ```
+
+NOTE: If you want to run the server on a specific host, add it to the `ALLOWED_HOSTS` list in [settings.py](https://github.com/openshift-eng/art-dashboard-server/blob/00e65d2dfd13207ead5fa856a66aff164febf077/build_interface/settings.py#L101). For example, to run on `192.168.1.100`, add `192.168.1.100`; to run on `myhost.com`, add `myhost.com`. If you forget to do that, a curl like this: `curl -i http://myhost.com:8080...` will result in a `400 Bad Request`.
+
 To stop `art-dash-server:latest`, use `Ctrl-C`
 
 To stop mariadb server, run `podman stop mariadb`
@@ -116,3 +138,69 @@ To stop mariadb server, run `podman stop mariadb`
 - Environment variables that is common to both development and production should be defined in `conf/common.env`. The variables in that file is loaded first and then the ones on `prod.env` or `dev.env` depending on the environment.
 - It's recommended to set up a kerberos config file similar to the one in this project so that you can easily mount your keytab as shown above. Otherwise, you'll have to `kinit` inside the container everytime. Please make modifications to the volume mount command to reflect the keytab format in your local.
 - If an error like `failed to export image: failed to create image: failed to get layer` shows up during container build, re-run the command again.
+
+## Building using the Makefile
+
+You can use the [Makefile](./Makefile) to help you build and debug. Here are the commands supported in the Makefile:
+
+* Create the base image: `make build-dev-base`
+* Create the update image: `make build-dev`
+* Setup the develoment environment: `make setup-dev-env`
+  * Once this is done, create a file called `git_token` in `$(HOME)/tmp/art-ui`
+* Create the art-dash database: `make create-db`
+* Run the container: `make run-dev`
+  * For debug mode, use: `make run-dev DEBUG_MODE=1`
+
+### Debugging with vscode and ssh
+
+To run the python debugger with vscode for the container, you'll need these:
+
+* ability to login to the container via ssh without a password
+  * for example, modify your ~/.ssh/config to do this
+  ```
+  Host art1
+  Hostname 127.0.0.1
+  StrictHostKeyChecking no
+  Port 3022
+  IdentityFile ~/tmp/art_ui/.ssh/id_rsa
+  User dperique
+  ```
+
+  * Add your ssh private key and `authorized_keys` file (containing the corresponding ssh public key) to the .ssh subdir in your development environment (~/tmp/art-ui/.ssh):
+
+  ```bash
+  cd ~/tmp/arti-ui
+  cp ~/.ssh/id_rsa ./.ssh
+  cat ~/.ssh/id_rsa.pub >> ./.ssh/authorized_keys
+  ```
+
+* vscode with python debugging plugins installed
+  * install the "Python Debugger extension using debugpy" from Microsoft (if you try to debug, vscode will ask you if you want to install this)
+* this .vscode/launch.json (modify it to use your own email address, github token and jira token)
+
+```json
+{
+    "version": "0.2.0",
+    "configurations": [
+        {
+            "name": "Python Debugger: Django",
+            "type": "debugpy",
+            "request": "launch",
+            "args": [
+                "runserver",
+                "0.0.0.0:8080",
+                "--noreload"
+            ],
+            "env": {
+                "RUN_ENV": "development",
+                "GITHUB_PERSONAL_ACCESS_TOKEN": "<your git Personal Access token>",
+                "JIRA_EMAIL": "<your email>",
+                "JIRA_TOKEN": "<your jira token>"
+            },
+            "django": true,
+            "autoStartBrowser": false,
+            "program": "${workspaceFolder}/manage.py"
+        }
+    ]
+}
+```