You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@fineract.apache.org by ju...@apache.org on 2019/11/22 13:07:41 UTC
[fineract-cn-docker-compose] 17/44: Implement bash scripts to
provisioner fineract cn services
This is an automated email from the ASF dual-hosted git repository.
juhan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/fineract-cn-docker-compose.git
commit 8ae755b046282f82f6fd1cf74f9924b25510cdda
Author: Anh3h <co...@gmail.com>
AuthorDate: Wed Sep 18 03:10:16 2019 -0400
Implement bash scripts to provisioner fineract cn services
---
README.md | 23 ++-
bash_scripts/provision.sh | 311 ++++++++++++++++++++++++++++++++++++++
docker-compose.yml | 1 +
external_tools/docker-compose.yml | 4 +
shut-down-and-reset.sh | 8 +
start-up.sh | 18 ++-
6 files changed, 356 insertions(+), 9 deletions(-)
diff --git a/README.md b/README.md
index f049eb4..1cc8d35 100644
--- a/README.md
+++ b/README.md
@@ -5,10 +5,25 @@ This project contains Docker Compose Scripts for running Fineract CN especially
- Docker
- Docker-compose
-## Automatic or manual provisioning
+## Deploy and provision Fineract CN
-You can either try to provision automatically using bash script `bash start-up.sh`
-Or you could achieve the same state by manually following the instructions below:
+You can either deploy and provision Fineract CN automatically using bash scripts or manually using postman.
+
+## 1. Deploy Fineract automtically using bash scripts
+
+ - To start up all the Fineract CN services run:
+
+ `bash start-up.sh`
+ - Then log the last Fineract CN microservice deployed by docker compose (fineract-cn-notification) to make sure all your Fineract services are now available.
+
+ `docker logs -f fineract-cn-docker-compose_notifications-ms_1`
+ - Finally provison the microservices by
+
+ `cd bash_scripts`
+
+ `bash provision.sh playground` #where playground is your tenant name
+
+## 2. Deploy Fineract manually using postman
## Perquisites
@@ -37,7 +52,7 @@ docker-compose up
First only start provisioner-ms by running following in project root:
```
-docker-compose up provisioner-ms
+docker-compose up provisioner-ms
```
after it has started (and created table seshat to postgres) stop it.
This is just to make sure provisioner gets to create the database the other services require.
diff --git a/bash_scripts/provision.sh b/bash_scripts/provision.sh
new file mode 100755
index 0000000..b179054
--- /dev/null
+++ b/bash_scripts/provision.sh
@@ -0,0 +1,311 @@
+#!/bin/bash
+set -e
+
+function init-variables {
+ CASSANDRA_REPLICATION_TYPE="Simple"
+ CASSANDRA_CONTACT_POINTS="cassandra:9042"
+ CASSANDRA_CLUSTER_NAME="Datacenter1"
+ CASSANDRA_REPLICAS="1"
+
+ POSTGRES_DRIVER_CLASS="org.postgresql.Driver"
+ POSTGRES_HOST="postgres"
+ POSTGRES_PWD="postgres"
+ POSTGRESQL_PORT="5432"
+ POSTGRESQL_USER="postgres"
+
+ PROVISIONER_URL="http://provisioner-ms:2020/provisioner/v1"
+ IDENTITY_URL="http://identity-ms:2021/identity/v1"
+ RHYTHM_URL="http://rhythm-ms:2022/rhythm/v1"
+ OFFICE_URL="http://office-ms:2023/office/v1"
+ CUSTOMER_URL="http://customer-ms:2024/customer/v1"
+ ACCOUNTING_URL="http://accounting-ms:2025/accounting/v1"
+ PORTFOLIO_URL="http://portfolio-ms:2026/portfolio/v1"
+ DEPOSIT_URL="http://deposit-account-management-ms:2027/deposit/v1"
+ TELLER_URL="http://teller-ms:2028/teller/v1"
+ REPORT_URL="http://reporting-ms:2029/report/v1"
+ CHEQUES_URL="http://cheques-ms:2030/cheques/v1"
+ PAYROLL_URL="http://payroll-ms:2031/payroll/v1"
+ GROUP_URL="http://group-ms:2032/group/v1"
+ NOTIFICATIONS_URL="http://notifications-ms:2033/notification/v1"
+
+ MS_VENDOR="Apache Fineract"
+ IDENTITY_MS_NAME="identity-v1"
+ RHYTHM_MS_NAME="rhythm-v1"
+ OFFICE_MS_NAME="office-v1"
+ CUSTOMER_MS_NAME="customer-v1"
+ ACCOUNTING_MS_NAME="accounting-v1"
+ PORTFOLIO_MS_NAME="portfolio-v1"
+ DEPOSIT_MS_NAME="deposit-v1"
+ TELLER_MS_NAME="teller-v1"
+ REPORT_MS_NAME="report-v1"
+ CHEQUES_MS_NAME="cheques-v1"
+ PAYROLL_MS_NAME="payroll-v1"
+ GROUP_MS_NAME="group-v1"
+ NOTIFICATIONS_MS_NAME="notification-v1"
+}
+
+function auto-seshat {
+ TOKEN=$( curl -s -X POST -H "Content-Type: application/json" \
+ "$PROVISIONER_URL"'/auth/token?grant_type=password&client_id=service-runner&username=wepemnefret&password=oS/0IiAME/2unkN1momDrhAdNKOhGykYFH/mJN20' \
+ | jq --raw-output '.token' )
+}
+
+function login {
+ local tenant="$1"
+ local username="$2"
+ local password="$3"
+
+ ACCESS_TOKEN=$( curl -s -X POST -H "Content-Type: application/json" -H "User: guest" -H "X-Tenant-Identifier: $tenant" \
+ "${IDENTITY_URL}/token?grant_type=password&username=${username}&password=${password}" \
+ | jq --raw-output '.accessToken' )
+}
+
+function create-application {
+ local name="$1"
+ local description="$2"
+ local vendor="$3"
+ local homepage="$4"
+
+ curl -H "Content-Type: application/json" -H "User: wepemnefret" -H "Authorization: ${TOKEN}" \
+ --data '{ "name": "'"$name"'", "description": "'"$description"'", "vendor": "'"$vendor"'", "homepage": "'"$homepage"'" }' \
+ ${PROVISIONER_URL}/applications
+ echo "Created microservice: $name"
+}
+
+function get-application {
+ echo ""
+ echo "Microservices: "
+ curl -s -H "Content-Type: application/json" -H "User: wepemnefret" -H "Authorization: ${TOKEN}" ${PROVISIONER_URL}/applications | jq '.'
+}
+
+function delete-application {
+ local service_name="$1"
+
+ curl -X delete -H "Content-Type: application/json" -H "User: wepemnefret" -H "Authorization: ${TOKEN}" ${PROVISIONER_URL}/applications/${service_name}
+ echo "Deleted microservice: $name"
+}
+
+function create-tenant {
+ local identifier="$1"
+ local name="$2"
+ local description="$3"
+ local database_name="$4"
+
+ curl -H "Content-Type: application/json" -H "User: wepemnefret" -H "Authorization: ${TOKEN}" \
+ --data '{
+ "identifier": "'"$identifier"'",
+ "name": "'"$name"'",
+ "description": "'"$description"'",
+ "cassandraConnectionInfo": {
+ "clusterName": "'"$CASSANDRA_CLUSTER_NAME"'",
+ "contactPoints": "'"$CASSANDRA_CONTACT_POINTS"'",
+ "keyspace": "'"$database_name"'",
+ "replicationType": "'"$CASSANDRA_REPLICATION_TYPE"'",
+ "replicas": "'"$CASSANDRA_REPLICAS"'"
+ },
+ "databaseConnectionInfo": {
+ "driverClass": "'"$POSTGRES_DRIVER_CLASS"'",
+ "databaseName": "'"$database_name"'",
+ "host": "'"$POSTGRES_HOST"'",
+ "port": "'"$POSTGRES_PORT"'",
+ "user": "'"$POSTGRES_USER"'",
+ "password": "'"$POSTGRES_PWD"'"
+ }}' \
+ ${PROVISIONER_URL}/tenants
+ echo "Created tenant: $database_name"
+}
+
+function get-tenants {
+ echo ""
+ echo "Tenants: "
+ curl -s -H "Content-Type: application/json" -H "User: wepemnefret" -H "Authorization: ${TOKEN}" ${PROVISIONER_URL}/tenants | jq '.'
+}
+
+function assign-identity-ms {
+ local tenant="$1"
+
+ ADMIN_PASSWORD=$( curl -s -H "Content-Type: application/json" -H "User: wepemnefret" -H "Authorization: ${TOKEN}" -H "X-Tenant-Identifier: $tenant" \
+ --data '{ "name": "'"$IDENTITY_MS_NAME"'" }' \
+ ${PROVISIONER_URL}/tenants/${tenant}/identityservice | jq --raw-output '.adminPassword')
+ echo "Assigned identity microservice for tenant $tenant"
+}
+
+function get-tenant-services {
+ local tenant="$1"
+
+ echo ""
+ echo "$tenant services: "
+ curl -s -H "Content-Type: application/json" -H "User: wepemnefret" -H "Authorization: ${TOKEN}" -H "X-Tenant-Identifier: $tenant" ${PROVISIONER_URL}/tenants/$tenant/applications | jq '.'
+}
+
+function create-scheduler-role {
+ local tenant="$1"
+
+ curl -H "Content-Type: application/json" -H "User: antony" -H "Authorization: ${ACCESS_TOKEN}" -H "X-Tenant-Identifier: $tenant" \
+ --data '{
+ "identifier": "scheduler",
+ "permissions": [
+ {
+ "permittableEndpointGroupIdentifier": "identity__v1__app_self",
+ "allowedOperations": ["CHANGE"]
+ },
+ {
+ "permittableEndpointGroupIdentifier": "portfolio__v1__khepri",
+ "allowedOperations": ["CHANGE"]
+ }
+ ]
+ }' \
+ ${IDENTITY_URL}/roles
+ echo "Created scheduler role"
+}
+
+function create-org-admin-role {
+ local tenant="$1"
+
+ curl -H "Content-Type: application/json" -H "User: antony" -H "Authorization: ${ACCESS_TOKEN}" -H "X-Tenant-Identifier: $tenant" \
+ --data '{
+ "identifier": "orgadmin",
+ "permissions": [
+ {
+ "permittableEndpointGroupIdentifier": "office__v1__employees",
+ "allowedOperations": ["READ", "CHANGE", "DELETE"]
+ },
+ {
+ "permittableEndpointGroupIdentifier": "office__v1__offices",
+ "allowedOperations": ["READ", "CHANGE", "DELETE"]
+ },
+ {
+ "permittableEndpointGroupIdentifier": "identity__v1__users",
+ "allowedOperations": ["READ", "CHANGE", "DELETE"]
+ },
+ {
+ "permittableEndpointGroupIdentifier": "identity__v1__roles",
+ "allowedOperations": ["READ", "CHANGE", "DELETE"]
+ },
+ {
+ "permittableEndpointGroupIdentifier": "identity__v1__self",
+ "allowedOperations": ["READ", "CHANGE", "DELETE"]
+ },
+ {
+ "permittableEndpointGroupIdentifier": "accounting__v1__ledger",
+ "allowedOperations": ["READ", "CHANGE", "DELETE"]
+ },
+ {
+ "permittableEndpointGroupIdentifier": "accounting__v1__account",
+ "allowedOperations": ["READ", "CHANGE", "DELETE"]
+ }
+ ]
+ }' \
+ ${IDENTITY_URL}/roles
+ echo "Created organisation administrator role"
+}
+
+function create-user {
+ local tenant="$1"
+ local user="$2"
+ local user_identifier="$3"
+ local password="$4"
+ local role="$5"
+
+ curl -s -H "Content-Type: application/json" -H "User: $user" -H "Authorization: ${ACCESS_TOKEN}" -H "X-Tenant-Identifier: $tenant" \
+ --data '{
+ "identifier": "'"$user_identifier"'",
+ "password": "'"$password"'",
+ "role": "'"$role"'"
+ }' \
+ ${IDENTITY_URL}/users | jq '.'
+ echo "Created user: $user_identifier"
+}
+
+function get-users {
+ local tenant="$1"
+ local user="$2"
+
+ echo ""
+ echo "Users: "
+ curl -s -H "Content-Type: application/json" -H "User: $user" -H "Authorization: ${ACCESS_TOKEN}" -H "X-Tenant-Identifier: $tenant" ${IDENTITY_URL}/users | jq '.'
+}
+
+function update-password {
+ local tenant="$1"
+ local user="$2"
+ local password="$3"
+
+ curl -s -X PUT -H "Content-Type: application/json" -H "User: $user" -H "Authorization: ${ACCESS_TOKEN}" -H "X-Tenant-Identifier: $tenant" \
+ --data '{
+ "password": "'"$password"'"
+ }' \
+ ${IDENTITY_URL}/users/${user}/password | jq '.'
+ echo "Updated $user password"
+}
+
+function provision-app {
+ local tenant="$1"
+ local service="$2"
+
+ curl -s -X PUT -H "Content-Type: application/json" -H "User: wepemnefret" -H "Authorization: ${TOKEN}" \
+ --data '[{ "name": "'"$service"'" }]' \
+ ${PROVISIONER_URL}/tenants/${tenant}/applications | jq '.'
+ echo "Provisioned microservice, $service for tenant, $tenant"
+}
+
+function set-application-permission-enabled-for-user {
+ local tenant="$1"
+ local service="$2"
+ local permission="$3"
+ local user="$4"
+
+ curl -s -X PUT -H "Content-Type: application/json" -H "User: $user" -H "Authorization: ${ACCESS_TOKEN}" -H "X-Tenant-Identifier: $tenant" \
+ --data 'true' \
+ ${IDENTITY_URL}/applications/${service}/permissions/${permission}/users/${user}/enabled | jq '.'
+ echo "Enabled permission, $permission for service $service"
+}
+
+init-variables
+auto-seshat
+create-application "$IDENTITY_MS_NAME" "" "$MS_VENDOR" "$IDENTITY_URL"
+create-application "$RHYTHM_MS_NAME" "" "$MS_VENDOR" "$RHYTHM_URL"
+create-application "$OFFICE_MS_NAME" "" "$MS_VENDOR" "$OFFICE_URL"
+create-application "$CUSTOMER_MS_NAME" "" "$MS_VENDOR" "$CUSTOMER_URL"
+create-application "$ACCOUNTING_MS_NAME" "" "$MS_VENDOR" "$ACCOUNTING_URL"
+create-application "$PORTFOLIO_MS_NAME" "" "$MS_VENDOR" "$PORTFOLIO_URL"
+create-application "$DEPOSIT_MS_NAME" "" "$MS_VENDOR" "$DEPOSIT_URL"
+create-application "$TELLER_MS_NAME" "" "$MS_VENDOR" "$TELLER_URL"
+create-application "$REPORT_MS_NAME" "" "$MS_VENDOR" "$REPORT_URL"
+create-application "$CHEQUES_MS_NAME" "" "$MS_VENDOR" "$CHEQUES_URL"
+create-application "$PAYROLL_MS_NAME" "" "$MS_VENDOR" "$PAYROLL_URL"
+create-application "$GROUP_MS_NAME" "" "$MS_VENDOR" "$GROUP_URL"
+create-application "$NOTIFICATIONS_MS_NAME" "" "$MS_VENDOR" "$NOTIFICATIONS_URL"
+
+#Set tenant identifier
+TENANT=$1
+create-tenant ${TENANT} "${TENANT}" "All in one Demo Server" ${TENANT}
+assign-identity-ms ${TENANT}
+login ${TENANT} "antony" $ADMIN_PASSWORD
+create-scheduler-role ${TENANT}
+create-user ${TENANT} "antony" "imhotep" "p4ssw0rd" "scheduler"
+login ${TENANT} "imhotep" "p4ssw0rd"
+update-password ${TENANT} "imhotep" "p4ssw0rd"
+provision-app ${TENANT} $RHYTHM_MS_NAME
+login ${TENANT} "imhotep" "p4ssw0rd"
+# Rhythm is not available at the moment
+# set-application-permission-enabled-for-user ${TENANT} $RHYTHM_MS_NAME "identity__v1__app_self" "imhotep"
+provision-app ${TENANT} $OFFICE_MS_NAME
+provision-app ${TENANT} $ACCOUNTING_MS_NAME
+provision-app ${TENANT} $PORTFOLIO_MS_NAME
+# Rhythm is not available at the moment
+# set-application-permission-enabled-for-user ${TENANT} $RHYTHM_MS_NAME "portfolio__v1__khepri" "imhotep"
+provision-app ${TENANT} $CUSTOMER_MS_NAME
+provision-app ${TENANT} $DEPOSIT_MS_NAME
+provision-app ${TENANT} $TELLER_MS_NAME
+provision-app ${TENANT} $REPORT_MS_NAME
+provision-app ${TENANT} $CHEQUES_MS_NAME
+provision-app ${TENANT} $PAYROLL_MS_NAME
+provision-app ${TENANT} $GROUP_MS_NAME
+provision-app ${TENANT} $NOTIFICATIONS_MS_NAME
+login ${TENANT} "antony" $ADMIN_PASSWORD
+create-org-admin-role ${TENANT}
+create-user ${TENANT} "antony" "operator" "init1@l23" "orgadmin"
+login ${TENANT} "operator" "init1@l"
+
+echo "COMPLETED PROVISIONING PROCESS."
\ No newline at end of file
diff --git a/docker-compose.yml b/docker-compose.yml
index 2f7acaf..73e58aa 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -157,6 +157,7 @@ services:
eureka.instance.hostname: ${EUREKA_INSTANCE_HOSTNAME}
postgresql.host: ${POSTGRESQL_HOST}
ribbon.listOfServers: ${RIBBON_EUREKA_SERVER}
+ spring.datasource.url: jdbc:postgresql://${POSTGRESQL_HOST}:${POSTGRESQL_PORT}/seshat
system.publicKey.exponent: ${PUBLIC_KEY_EXPONENT}
system.publicKey.modulus: ${PUBLIC_KEY_MODULUS}
system.publicKey.timestamp: ${PUBLIC_KEY_TIMESTAMP}
diff --git a/external_tools/docker-compose.yml b/external_tools/docker-compose.yml
index 137ad0f..010666d 100644
--- a/external_tools/docker-compose.yml
+++ b/external_tools/docker-compose.yml
@@ -39,6 +39,10 @@ services:
postgres:
image: postgres:11
container_name: postgres
+ command:
+ - "postgres"
+ - "-c"
+ - "max_connections=200"
environment:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
diff --git a/shut-down-and-reset.sh b/shut-down-and-reset.sh
new file mode 100755
index 0000000..a4941bb
--- /dev/null
+++ b/shut-down-and-reset.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+docker-compose down --remove-orphans
+cd external_tools/
+docker-compose down
+cd ..
+docker volume rm external_tools_cassandra-volume
+docker volume rm external_tools_postgres-volume
\ No newline at end of file
diff --git a/start-up.sh b/start-up.sh
index 97deace..8111bb8 100755
--- a/start-up.sh
+++ b/start-up.sh
@@ -1,12 +1,13 @@
#!/bin/sh
set -e
+# Start up Eureka, ActiveMQ, Cassandra and Postgres
cd external_tools/
docker-compose up -d
cassandra_ip=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' cassandra)
postgres_ip=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' postgres)
-# #Test Cassandra and Postgres
+#Test Cassandra and Postgres
echo "Waiting for Cassandra and Postgres ..."
while ! nc -z "${cassandra_ip}" 9042 ; do
sleep 1
@@ -17,10 +18,17 @@ done
echo "Cassandra and Postgres are up and running..."
cd ..
-echo "Starting up Fineract CN microservices..."
-wget https://mifos.jfrog.io/mifos/libs-snapshot-local/org/apache/fineract/cn/lang/0.1.0-BUILD-SNAPSHOT/lang-0.1.0-BUILD-SNAPSHOT.jar
-java -cp lang-0.1.0-BUILD-SNAPSHOT.jar org.apache.fineract.cn.lang.security.RsaKeyPairFactory UNIX > .env
+# Start up Fineract CN microservices
+java -cp external_tools/lang-0.1.0-BUILD-SNAPSHOT.jar org.apache.fineract.cn.lang.security.RsaKeyPairFactory UNIX > .env
cat env_variables >> .env
+echo "Starting Provisioner... "
+docker-compose up -d provisioner-ms
+# Make sure provisioner is up and running
+echo "Waiting for provisioner to initialize database... "
+while ! docker logs fineract-cn-docker-compose_provisioner-ms_1 | grep -q "Started ProvisionerApplication in"; do
+ sleep 1
+done
+echo "Start remaining Fineract CN microservices... "
docker-compose up -d
-echo "Successfully started fineract services."
+echo "Successfully started fineract services."
\ No newline at end of file