Warning
This project has moved here
CMSSW DQM pull request review tool that aggregates and displays information about pull requests from Github, TagCollector and other sources.
Before running there should be a private/
folder inside the root directory of the repository containing these files:
private/cert.key
- GRID certificate key fileprivate/cert.pem
- GRID certificate fileprivate/github_oauth_data.txt
- Github OAuth credentials. Second line should contain client_id and third line should contain client_secret. First line is just informational message that will be ignored.
Run this by executing run.sh
.
-r
option will reload the web app if it crashes each time any file is updated and saved. fswatch
is used to observe file changes. -d
will run the web app in debug mode. Both options should be used only in development.
Packages listed in requirements.txt
have to be installed like this:
python3 -m pip install -r requirements.txt -t .python_packages
The service is hosted on an OpenStack machine called prinspector
. To get to this machine you have to execute this from lxplus
: ssh prinspector
.
Source code for the service is located here: /srv/PRInspector/
.
When the code in this repository changes and you want the changes to be reflected in a running service, execute the following instructions:
ssh prinspector
cd /srv/PRInspector/
./update.sh
If the update has some unwanted behaviour, you can rollback to the latest working version like so: ./rollback.sh
See this step.
This will create a new project on <paas.cern.ch>.
docker login registry.cern.ch # The "password" is a token you can get from the registry.cern.ch website
docker build -t registry.cern.ch/cms-dqmdc/prinspector .
docker push registry.cern.ch/cms-dqmdc/prinspector
Note
Requires the oc
tool.
-
Login to Openshift through
oc
on your own computer. To do so go to <paas.cern.ch>, click your username on the top right and clickCopy login command
. -
Add the SSO Proxy to the project.
- Open and select your project on PaaS.
- Navigate to
Developer
>Topology
- Right click in the empty space and
Add to Project
>Helm Charts
. - Select
Cern Auth Proxy
andCreate
.
- In the
Create Helm Release
form, select the latestChart version
. - Then select
YAML view
and paste the contents of thedeployment/prod/sso_proxy_helmchart.yaml
- Click on
Create
.
[!NOTE] By default, the SSO proxy will use the
oidc-client-secret
which is automatically created upon PaaS project creation. If you need to use a manually created SSO Application Registration, you will need to modify this secret to use the Client ID and Secrets of the custom SSO Application Registration. -
Import the image to your project:
oc import-image prinspector --from=registry.cern.ch/cms-dqmdc/prinspector --confirm
-
Deploy the secrets:
oc apply -f deployment/prod/secrets.yaml
This will create two new secrets in your project:
grid-cert-and-github-secret
(three files which will be mounted on/app/private
) andconfig-secrets
, which contains environment variables. For example, thegrid-cert-and-github-secret
will be created here: https://paas.cern.ch/k8s/ns/prinspector/secrets/grid-cert-and-github-secret. -
Update the
grid-cert-and-github-secret
secret. Go here and paste the contents ofcert.key
,cert.pem
(the key and certificate parts of a Grid certificate, respectively, preferably generated by a service account) andgithub_oauth_data.txt
. -
Deploy the
ConfigMap
s:oc apply -f deployment/prod/configmaps
-
Deploy the
Deployment
s:oc apply -f deployment/prod/deployments
-
Deploy the
Route
s:oc apply -f deployment/prod/routes.yaml
-
Restart the rollouts:
oc rollout restart deployment/nginx oc rollout restart deployment/prinspector-app