Uploaded image for project: 'Airavata'
  1. Airavata
  2. AIRAVATA-3383

Automate creating a settings_local.py file for local development

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • None
    • Django Portal
    • None

    Description

      Make it easier for gateway developers to get a settings_local.py for local development. What we tend to do is copy the settings_local.py for the deployed Django portal instance (/var/www/portals/django-gateway/airavata-django-portal/django_airavata/settings_local.py) and then modify it to work for local development.

      Here are some differences between the production and local dev settings_local.py

      • comment out production settings like DEBUG, STATIC_ROOT, ALLOWED_HOSTS
      • comment out the MySQL database engine - local dev will use sqlite db instead
        • need to also remove the db password or mask it
      • comment out/remove the Email settings
      • set GATEWAY_DATA_STORE_REMOTE_API so that locally the user sees the files on the remote deployed gateway (for example https://geochemsim.org/api)
      • comment out FILE_UPLOAD_TEMP_DIR
      • comment out the TUS settings

      Also, for the Keycloak OAuth login to work we need to add http://localhost:8000/ and http://localhost:8000/auth/callback*. Also http://127.0.0.1:8000/ and http://127.0.0.1:8000/auth/callback*

      Improvements that could be made:

      • ideally, we would create a new Keycloak client for the realm that has as little privileges as necessary. The Keycloak client used for the production deployed Django portals has 'manage-users' role. The Keycloak client for local development should only allow logging in to localhost.
      • might be good to create a SQLite configuration that names the database file uniquely, but that is maybe something that is only useful is working on more than one gateway
      TODO
      • [x] verify that client can be created for local portal development using the REST API
      • [x] script to add manage-clients role to portal client service accounts (they currently only get manage-users role)
      • [x] update TenantManagementKeycloakImpl to add manage-clients to newly created portal client service accounts
      • [x] Django portal: implement creating portal client using REST API
      • [x] Django portal: implement creating settings_local.py download
      • [x] add settings_local.py download link to the admin app, new development section
      • [x] only allow users in the Admins group to download a settings_local.py file
      • [x] disable downloading settings_local.py in local development mode, I'm thinking the DEBUG setting can be used for this
      • [x] Document
      • [x] test profile service changes in dev, merge to prod
      Deferred
      • [ ] handle clients that don't have "Direct Access Grants Enabled" - redirect to Keycloak login page to login with username/password (see comment below)
      • [ ] how to include any extra settings that gateways add, like MAPTOOL_SETTINGS?

      Attachments

        Activity

          People

            marcuschristie Marcus Christie
            marcuschristie Marcus Christie
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: