diff --git a/.github/workflows/provisioning-tests.yml b/.github/workflows/provisioning-tests.yml index 82963d0d..5165beef 100644 --- a/.github/workflows/provisioning-tests.yml +++ b/.github/workflows/provisioning-tests.yml @@ -30,7 +30,7 @@ jobs: os: - ubuntu-20.04 # Ubuntu 20.04 "Focal Fossa" python-version: [ '3.11' ] - services: [ discovery+lms+forum ,registrar+lms, ecommerce+lms, edx_notes_api+lms, credentials+lms, xqueue, analyticsapi+insights+lms, enterprise-catalog+lms, license-manager+lms] + services: [ discovery+lms+forum ,registrar+lms, ecommerce+lms, edx_notes_api+lms, credentials+lms, xqueue, analyticsapi+insights+lms, enterprise-catalog+enterprise-access+lms, license-manager+lms] fail-fast: false # some services can be flaky; let others run to completion even if one fails steps: diff --git a/check.sh b/check.sh index f010e392..9b05545b 100755 --- a/check.sh +++ b/check.sh @@ -114,6 +114,12 @@ if should_check ecommerce; then "curl --fail -L http://localhost:18130/health/" fi +if should_check enterprise_access; then + echo "Checking enterprise-access health:" + run_check enterprise_access_heartbeat enterprise-access \ + "curl --fail -L http://localhost:18130/health/" +fi + if should_check discovery; then echo "Checking discovery health:" run_check discovery_heartbeat discovery \ diff --git a/docker-compose-host.yml b/docker-compose-host.yml index b3635d32..1cdf6951 100644 --- a/docker-compose-host.yml +++ b/docker-compose-host.yml @@ -20,6 +20,14 @@ services: - ecommerce_tox:/edx/app/ecommerce/ecommerce/.tox - ${DEVSTACK_WORKSPACE}/src:/edx/src - ${PWD}/py_configuration_files/ecommerce.py:/edx/app/ecommerce/ecommerce/ecommerce/settings/devstack.py + enterprise-access: + volumes: + - ${DEVSTACK_WORKSPACE}/enterprise-access:/edx/app/enterprise-access/ + - ${DEVSTACK_WORKSPACE}/src:/edx/src + - ${PWD}/py_configuration_files/enterprise_access.py:/edx/app/enterprise-access/license_manager/settings/devstack.py + enterprise-access-worker: + volumes: + - ${DEVSTACK_WORKSPACE}/enterprise-access:/edx/app/enterprise-access/ forum: volumes: - ${DEVSTACK_WORKSPACE}/cs_comments_service:/edx/app/forum/cs_comments_service diff --git a/docker-compose.yml b/docker-compose.yml index afffc16e..4dd1598d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -386,6 +386,69 @@ services: ELASTICSEARCH_URL: "http://edx.devstack.elasticsearch710:9200" ELASTICSEARCH_DSL: "http://edx.devstack.elasticsearch710:9200" + enterprise-access: + image: edxops/enterprise-access-dev + container_name: "edx.${COMPOSE_PROJECT_NAME:-devstack}.enterprise-access" + hostname: enterprise-access.devstack.edx + command: bash -c 'while true; do python /edx/app/enterprise-access/manage.py runserver 0.0.0.0:18270; sleep 2; done' + ports: + - "18270:18270" + depends_on: + - mysql80 + - memcached + - enterprise-access-worker + networks: + default: + aliases: + - edx.devstack.enterprise-access + stdin_open: true + tty: true + environment: + CELERY_ALWAYS_EAGER: 'false' + CELERY_BROKER_TRANSPORT: redis + CELERY_BROKER_HOSTNAME: edx.devstack.redis:6379 + CELERY_BROKER_VHOST: 0 + CELERY_BROKER_PASSWORD: password + DJANGO_SETTINGS_MODULE: enterprise_access.settings.devstack + DJANGO_WATCHMAN_TIMEOUT: 30 + ENABLE_DJANGO_TOOLBAR: 1 + DB_HOST: edx.devstack.mysql80 + DB_NAME: enterprise_access + DB_PORT: 3306 + DB_USER: enterprise_access001 + DB_PASSWORD: password + + enterprise-access-worker: + image: edxops/enterprise-access-dev + command: bash -c 'cd /edx/app/enterprise-access/ && celery -A enterprise_access worker -l DEBUG' + container_name: "edx.${COMPOSE_PROJECT_NAME:-devstack}.enterprise-access-worker" + hostname: enterprise-access-worker.devstack.edx + depends_on: + - mysql80 + - memcached + environment: + CELERY_ALWAYS_EAGER: 'false' + CELERY_BROKER_TRANSPORT: redis + CELERY_BROKER_HOSTNAME: edx.devstack.redis:6379 + CELERY_BROKER_VHOST: 0 + CELERY_BROKER_PASSWORD: password + DJANGO_SETTINGS_MODULE: enterprise_access.settings.devstack + COLUMNS: 80 + DB_HOST: edx.devstack.mysql80 + DB_NAME: enterprise_access + DB_PORT: 3306 + DB_USER: enterprise_access001 + DB_PASSWORD: password + networks: + default: + aliases: + - edx.devstack.enterprise-access-worker + ports: + - "18271:18271" + restart: always + stdin_open: true + tty: true + forum: command: bash -c 'source /edx/app/forum/ruby_env && source /edx/app/forum/devstack_forum_env && cd /edx/app/forum/cs_comments_service && bundle install && while true; do ./bin/unicorn -c config/unicorn_tcp.rb -I .; sleep 2; done' container_name: "edx.${COMPOSE_PROJECT_NAME:-devstack}.forum" diff --git a/docs/service_list.rst b/docs/service_list.rst index fa70a75b..76775769 100644 --- a/docs/service_list.rst +++ b/docs/service_list.rst @@ -69,6 +69,8 @@ Instead of a service name or list, you can also run commands like ``make dev.pro +------------------------------------+-------------------------------------+----------------+--------------+ | `enterprise-catalog`_ | http://localhost:18160/ | Python/Django | Extra | +------------------------------------+-------------------------------------+----------------+--------------+ +| `enterprise-access`_ | http://localhost:18270 | Python/Django | Extra | ++------------------------------------+-------------------------------------+----------------+--------------+ Some common service combinations include: @@ -104,3 +106,4 @@ Some common service combinations include: .. _analyticsapi: https://github.com/edx/edx-analytics-data-api .. _enterprise-catalog: https://github.com/openedx/enterprise-catalog .. _license-manager: https://github.com/openedx/license-manager +.. _enterprise-access: https://github.com/openedx/enterprise-access diff --git a/options.mk b/options.mk index 031a947f..8f62d984 100644 --- a/options.mk +++ b/options.mk @@ -67,7 +67,7 @@ credentials+discovery+ecommerce+edx_notes_api+forum+frontend-app-authn+frontend- # Separated by plus signs. # Separated by plus signs. Listed in alphabetical order for clarity. EDX_SERVICES ?= \ -analyticsapi+codejail+credentials+cms+cms-worker+cms_watcher+discovery+ecommerce+edx_notes_api+forum+frontend-app-account+frontend-app-learner-dashboard+frontend-app-learner-record+frontend-app-profile+frontend-app-authn+frontend-app-course-authoring+frontend-app-gradebook+frontend-app-ora-grading+frontend-app-learning+frontend-app-library-authoring+frontend-app-payment+frontend-app-program-console+frontend-app-publisher+insights+lms+lms-worker+lms_watcher+registrar+registrar-worker+xqueue+xqueue_consumer+enterprise-catalog+license-manager +analyticsapi+codejail+credentials+cms+cms-worker+cms_watcher+discovery+ecommerce+edx_notes_api+enterprise-access+forum+frontend-app-account+frontend-app-learner-dashboard+frontend-app-learner-record+frontend-app-profile+frontend-app-authn+frontend-app-course-authoring+frontend-app-gradebook+frontend-app-ora-grading+frontend-app-learning+frontend-app-library-authoring+frontend-app-payment+frontend-app-program-console+frontend-app-publisher+insights+lms+lms-worker+lms_watcher+registrar+registrar-worker+xqueue+xqueue_consumer+enterprise-catalog+license-manager # Services with database migrations. # Should be a subset of $(EDX_SERVICES). @@ -76,7 +76,7 @@ analyticsapi+codejail+credentials+cms+cms-worker+cms_watcher+discovery+ecommerce # Note: This list should contain _all_ db-backed services, even if not # configured to run; the list will be filtered later against $(DEFAULT_SERVICES). DB_SERVICES ?= \ -credentials+cms+discovery+ecommerce+lms+registrar+license-manager +credentials+cms+discovery+ecommerce+enterprise-access+lms+registrar+license-manager # Services with static assets to be built. # Should be a subset of $(EDX_SERVICES). diff --git a/provision-enterprise-access.sh b/provision-enterprise-access.sh new file mode 100755 index 00000000..5a3c645f --- /dev/null +++ b/provision-enterprise-access.sh @@ -0,0 +1,29 @@ +set -euf -o pipefail + +. scripts/colors.sh + +name="enterprise-access" +port="18270" + +docker compose up -d $name lms + +echo -e "${GREEN}Installing requirements for ${name}...${NC}" +docker compose exec -T ${name} bash -e -c 'cd /edx/app/enterprise-access && make requirements' -- "$name" + +# Run migrations +echo -e "${GREEN}Running migrations for ${name}...${NC}" +docker compose exec -T ${name} bash -e -c "cd /edx/app/enterprise-access/ && make migrate" -- "$name" +# docker compose exec -T ${name} bash -e -c 'source /edx/app/credentials/credentials_env && cd /edx/app/credentials/credentials && make migrate' -- "$name" + +# Create superuser +echo -e "${GREEN}Creating super-user for ${name}...${NC}" +docker compose exec -T ${name} bash -e -c "echo 'from django.contrib.auth import get_user_model; User = get_user_model(); User.objects.create_superuser(\"edx\", \"edx@example.com\", \"edx\") if not User.objects.filter(username=\"edx\").exists() else None' | python /edx/app/enterprise-access/manage.py shell" -- "$name" + +./provision-ida-user.sh ${name} ${name} ${port} + +# Create system wide enterprise role assignment +# TODO: this is a pretty complex oneline, we should probably eventually convert this to a management command. +echo -e "${GREEN}Creating system wide enterprise user role assignment for ${name}...${NC}" +docker compose exec -T lms bash -e -c "source /edx/app/edxapp/edxapp_env && echo 'from django.contrib.auth import get_user_model; from enterprise.models import SystemWideEnterpriseUserRoleAssignment, SystemWideEnterpriseRole; User = get_user_model(); worker_user = User.objects.get(username=\"${name}_worker\"); operator_role = SystemWideEnterpriseRole.objects.get(name=\"enterprise_openedx_operator\"); assignment = SystemWideEnterpriseUserRoleAssignment.objects.get_or_create(user=worker_user, role=operator_role, applies_to_all_contexts=True);' | /edx/app/edxapp/venvs/edxapp/bin/python /edx/app/edxapp/edx-platform/manage.py lms shell" -- lms + +make dev.restart-devserver.enterprise-access diff --git a/provision-mysql80.sql b/provision-mysql80.sql index 724a84bb..c32e725e 100644 --- a/provision-mysql80.sql +++ b/provision-mysql80.sql @@ -18,6 +18,10 @@ CREATE DATABASE IF NOT EXISTS ecommerce; CREATE USER IF NOT EXISTS 'ecomm001'@'%' IDENTIFIED BY 'password'; GRANT ALL ON ecommerce.* TO 'ecomm001'@'%'; +CREATE DATABASE IF NOT EXISTS enterprise_access; +CREATE USER IF NOT EXISTS 'enterprise_access001'@'%' IDENTIFIED BY 'password'; +GRANT ALL ON enterprise_access.* TO 'enterprise_access001'@'%'; + CREATE DATABASE IF NOT EXISTS notes; CREATE USER IF NOT EXISTS 'notes001'@'%' IDENTIFIED BY 'password'; GRANT ALL ON notes.* TO 'notes001'@'%'; diff --git a/provision.sh b/provision.sh index d27a2d6f..d4df912d 100755 --- a/provision.sh +++ b/provision.sh @@ -51,6 +51,7 @@ insights \ analyticsapi \ enterprise-catalog \ license-manager \ +enterprise-access \ " # What should we provision? diff --git a/provision.sql b/provision.sql index c0d3a96d..da384e70 100644 --- a/provision.sql +++ b/provision.sql @@ -7,6 +7,9 @@ GRANT ALL ON discovery.* TO 'discov001'@'%' IDENTIFIED BY 'password'; CREATE DATABASE IF NOT EXISTS ecommerce; GRANT ALL ON ecommerce.* TO 'ecomm001'@'%' IDENTIFIED BY 'password'; +CREATE DATABASE IF NOT EXISTS enterprise_access; +GRANT ALL ON enterprise_access.* TO 'enterprise_access001'@'%' IDENTIFIED BY 'password'; + CREATE DATABASE IF NOT EXISTS notes; GRANT ALL ON notes.* TO 'notes001'@'%' IDENTIFIED BY 'password'; diff --git a/repo.sh b/repo.sh index 7362cd15..753a1700 100755 --- a/repo.sh +++ b/repo.sh @@ -39,6 +39,7 @@ repos=( "https://github.com/openedx/enterprise-catalog.git" "https://github.com/openedx/license-manager.git" "https://github.com/openedx/codejail-service.git" + "https://github.com/openedx/enterprise-access.git" ) non_release_repos=( @@ -72,6 +73,7 @@ ssh_repos=( "git@github.com:edx/edx-analytics-data-api.git" "git@github.com:openedx/license-manager.git" "git@github.com:openedx/codejail-service.git" + "git@github.com:openedx/enterprise-access.git" ) non_release_ssh_repos=(