fix: WP-813 CMS customization fails, CMS is old #1034
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #1034 +/- ##
=======================================
Coverage 72.68% 72.68%
=======================================
Files 534 534
Lines 33657 33657
Branches 2989 2989
=======================================
Hits 24464 24464
Misses 8995 8995
Partials 198 198
Flags with carried forward coverage won't be shown. Click here to find out more. |
…e-Portal into enhance/CMD-194-update-core-cms
| - ../cms/settings_local.py:/code/taccsite_cms/settings_local.py | ||
| - ../cms/settings_custom.py:/code/taccsite_cms/settings_custom.py |
There was a problem hiding this comment.
This allows settings_local.py and settings_custom.py to function. I did not add :ro, because (based on my chat with Docker's AI) that will not prevent directory from showing if files exist.
Details
These are methods to prevent directory from being created if single-file volume is missing:
- A. Name the volume. Set it as
external: true; this causes error instead of empty directory. - B. Ensure the files exist before composing the Docker environment.
There was a problem hiding this comment.
In Production the :ro ensures that when a new portal VM is provisioned and configured if any of the placed files are forgotten (secrets, settings_local) the portal's docker engine will not generate an empty directory and try to mount said empty dir, docker will instead complain about the missing files - which is what we want. You may still want the mount to fail in local dev if the files are not present (ie - were not curled or copied as needed)? Its a quick way of knowing you missed something. Thoughts?
There was a problem hiding this comment.
A. Sounds fine, but adding :ro does not have that effect for me locally. Are my test steps flawed?
Test Steps
- Add the
:roto each settings & secrets file volume. - Run
make stop. - Deleted my existing settings & secrets files.
- Run
make start. - ❌ See empty directories added.
| b11800a |
|---|
 |
There was a problem hiding this comment.
B. I tried using verbose syntax, so I could change the mount type to bind. This change, with read_only: true worked i.e. caused error if a file is missing.
Test Steps
- Add the
:roto each settings & secrets file volume. - Run
make stop. - Deleted my existing settings & secrets directories.
(from testing method A) - Run
make start. - ✅ No empty directories added.
- ℹ️ Console reports error about missing file.
| 59a72f8 |
|---|
 |
There was a problem hiding this comment.
C. I investigated again the other method I'd read, a named volume with external: true. It requires manually adding a volume first and an equally verbose docker-compose file change. And I don't think it will work (because how would container tell CMS where file is).
Instructions (Untested)
- First, create a named volume manually (if it doesn't already exist):
docker volume create my_volume- Then, in your Docker Compose file, you can use this volume and mark it as external:
services: your_service: image: your_image volumes: - my_volume:/path/in/container/file.txt volumes: my_volume: external: true
There was a problem hiding this comment.
@rstijerina & @taoteg, I do not want to start Idea D yet.1
This PR, as of latest commit 4c0fb05, would create directories. But, anyone who would customize the CMS, is instructed to delete them, touch the files, restart, and populate the settings as necessary.
Is this sufferable for now?
Footnotes
-
Because it requires refactor in Core-CMS, clients and developers to move their settings, and Camino to update where it places CMS settings. ↩
There was a problem hiding this comment.
How about your verbose method, that doesn't create empty dirs?
There was a problem hiding this comment.
B.2. Ew. Okay. See 985e86a. But that causes an error if file does not exist… I thought new goal was to not create files unless necessary.
E. To avoid error and directory and file content, create empty files. Proposal: I add back "CMS" section to README.md but with new command. See 985e86a...3c0187bb.
I'm fine with [any…] just mentioning drawbacks.
—
P.S. [Devs have so many commands] to run… couldn't some be moved to a script that Docker runs on up?
There was a problem hiding this comment.
Also, if no rush on this, it can stay open to remind me to do Idea D.
There was a problem hiding this comment.
Thanks for background again. Idea D is best imo
Previous attempt to error if files are missing failed: #1034 (comment) This method succeeded, an error occurred: > invalid mount config for type "bind": bind source path does not exist: /host_mnt/[…]/server/conf/cms/secrets.py
README.md
Outdated
| ```sh | ||
| curl "https://cdn.jsdelivr.net/gh/TACC/Core-CMS@main/taccsite_cms/secrets.example.py" -o server/conf/cms/settings_custom.py | ||
| cp server/conf/cms/secrets.sample.py server/conf/cms/secrets.py | ||
| curl "https://cdn.jsdelivr.net/gh/TACC/Core-CMS@main/taccsite_cms/settings_local.example.py" -o server/conf/cms/settings_local.py | ||
| ``` |
There was a problem hiding this comment.
99% of use of the CMS in this repo by devs is just to have a homepage. I think a good goal would be to have a default config (the existing secrets.sample.py) to get up and running immediately, and if need be a dev who needs bespoke CMS settings can set them after the fact. Think we can figure something out?
There was a problem hiding this comment.
I had thought so, and am fine with minimal working secrets (as it was).
@taoteg reports devs adding CMS non-secret settings to CMS secrets.py. Or maybe I misunderstood. For fear that is happening:
- I added support for
settings_custom.pyandsettings_local.py. - To avoid
settings_custom.pyandsettings_local.pybeing added as directories if they are absent, I added commands to create them. - To avoid needing to keep those files up-to-date, I
curled them from TACC/Core-CMS.
There was a problem hiding this comment.
Personally I think keeping a working set of default settings committed makes more sense for local dev, and updates as needed can be committed to the repo.
How about this: We commit a set of local settings that are committed with dummy credentials that will be imported into the CMS settings on make start, and if a (untracked) secrets.py happens to exist, then that acts as an override
There was a problem hiding this comment.
I am looking for parity between env setups here. We should be using the same config files (settings, settings_custom, settings_local, secrets) in every env (dev, local, pprd, prod).
By leaving out parts of the default config structure we are not training devs on the expected practice for how these files exist in pprd/prod and why certain settings exist in certain files.
Examples:
- There is no value for
SILENCED_SYSTEM_CHECKS = ['captcha.recaptcha_test_key_error']in the example settings. This error will creep up in the logging (annoying). [Supposedly this will go away whenFP-1728: Remove once servers have RECAPTCHA_..._KEY settingsbut so far has not for me.. maybe due to the old CMS image?]. This setting should go in settings_local, but how would you do that in the CMS with the current setup? By overloading the secrets file... which is bad practice.
This request is as much about consistency in workflows as it is about having good settings out of the box that use a current CMS image.
There was a problem hiding this comment.
Ah, the SILENCED_SYSTEM_CHECKS is in Core-CMS settings_local.py…. Another way to resolve that missing piece is add it to a committed and tracked settings_custom.py (which @rstijerina proposed to us privately).
There was a problem hiding this comment.
New solution available via settings_default.py (which Core-CMS supports in TACC/Core-CMS#904.
Verbose config way to stop creation of empty directories. Drawback: Error if files do not exist.
Simple manual way to stop creation of empty directories. Drawback: Manual step… BUT it replaces step that had been here.
Overview & Changes
Status
settings/directory.+ Update other repositories accordingly.
Related
previously CMD-194
and CMS
mainbuild since its mergesettings_defaultCore-CMS#904Testing & UI
CMS Settings & Secrets
If Core-Portal is running locally, run
make stop.Backup your CMS settings & secrets.
e.g.
cp server/conf/cms/ server/conf/cms-before-WP-813/Add CMS settings via new instructions e.g.
Run
make start.Verify no errors and these —
server/conf/cms/settings_custom.pyserver/conf/cms/secrets.pyserver/conf/cms/settings_local.py— exist as files not directories.
Verify Core-Portal's Core-CMS loads in browser.
CMS Customization via Settings
Uncomment these lines in
settings_local.py—Reload Core-CMS in browser.
Verify "Login" link / Portal nav is absent.
WP-813.mov
CMS Version
core-syles.*.csscontent.