From d58070fa1cd8801184ca6ce7a63fc0f794695563 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Wed, 9 Aug 2023 16:15:37 +0200 Subject: [PATCH 01/39] Init workflow file --- .github/workflows/build-and-push-services.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 .github/workflows/build-and-push-services.yml diff --git a/.github/workflows/build-and-push-services.yml b/.github/workflows/build-and-push-services.yml new file mode 100644 index 00000000000..8c5b5736fb1 --- /dev/null +++ b/.github/workflows/build-and-push-services.yml @@ -0,0 +1,12 @@ +name: Build and push Images +on: + push: + branches: + - "52n-istg" + +jobs: + hello: + runs-on: ubuntu-22.04 + steps: + - name: Say Hello IStG + run: echo "Hello IStG GeoNode!" \ No newline at end of file From 915fd64eca12062d97f51cc82ffad87b3a6b2e3b Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Thu, 10 Aug 2023 14:03:07 +0200 Subject: [PATCH 02/39] Add docker container registry workflow --- .github/workflows/build-and-push-services.yml | 73 ++++++++++++++++++- .gitignore | 2 +- 2 files changed, 70 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build-and-push-services.yml b/.github/workflows/build-and-push-services.yml index 8c5b5736fb1..f857620fb14 100644 --- a/.github/workflows/build-and-push-services.yml +++ b/.github/workflows/build-and-push-services.yml @@ -1,12 +1,77 @@ -name: Build and push Images +name: Release Docker Images + +env: + TITLE: "52°North GeoNode Deployment Image for IStG" + VENDOR: "52°North GmbH" + AUTHORS: "https://52North.org/" + DESCRIPTION: "52°North GeoNode Deployment Image" + LICENSE: "GPL-3.0" + on: push: branches: - "52n-istg" + # release: + # types: + # - "created" + # branches: + # - "52n-istg" + # tags: + # - "istg-v*.*.*" jobs: - hello: + build_images: runs-on: ubuntu-22.04 steps: - - name: Say Hello IStG - run: echo "Hello IStG GeoNode!" \ No newline at end of file + - + name: Checkout + uses: actions/checkout@v3 + - + name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - + name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - + name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v4 + with: + images: 52north/istg_geonode + labels: | + "org.opencontainers.image.authors=${{ env.AUTHORS }}" + "org.opencontainers.image.vendor=${{ env.VENDOR }}" + "org.opencontainers.image.description=${{ env.DESCRIPTION }}" + "org.opencontainers.image.title=${{ env.TITLE }}" + "org.opencontainers.image.licenses=${{ env.LICENSE }}" + tags: | + latest + # type=match,pattern=v(.*),group=1,value=${{ github.event.inputs.tags }} + # type=semver,pattern={{version}} + # type=semver,pattern={{major}}.{{minor}} + - + name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN_ISTG }} + - + name: Build and push + uses: docker/build-push-action@v4 + with: + context: . + file: ./Dockerfile + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=registry,ref=52north/istg_geonode:buildcache + cache-to: type=registry,ref=52north/istg_geonode:buildcache,mode=max + + # - name: Build and push + # uses: docker/build-push-action@v4 + # with: + # context: . + # push: true + # tags: 52north/geonode_istg:latest + # cache-from: type=registry,ref=52north/geonode_istg:buildcache + # cache-to: type=registry,ref=52north/geonode_istg:buildcache,mode=max \ No newline at end of file diff --git a/.gitignore b/.gitignore index 7a455624878..60f95d0efc8 100644 --- a/.gitignore +++ b/.gitignore @@ -96,4 +96,4 @@ scripts/spcgeonode/_volume_* !hooks/* .env - +.secret From 7ec8347f74d40f7fe32934a80838234c437e72d5 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Thu, 10 Aug 2023 14:57:57 +0200 Subject: [PATCH 03/39] Update meta tags in workflow --- .github/workflows/build-and-push-services.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-and-push-services.yml b/.github/workflows/build-and-push-services.yml index f857620fb14..98fa7c0a45b 100644 --- a/.github/workflows/build-and-push-services.yml +++ b/.github/workflows/build-and-push-services.yml @@ -46,9 +46,9 @@ jobs: "org.opencontainers.image.licenses=${{ env.LICENSE }}" tags: | latest + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} # type=match,pattern=v(.*),group=1,value=${{ github.event.inputs.tags }} - # type=semver,pattern={{version}} - # type=semver,pattern={{major}}.{{minor}} - name: Login to Docker Hub uses: docker/login-action@v2 From 9117e8dcba5f2d7cd67ce506d943654cbd1cad00 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Thu, 10 Aug 2023 16:26:03 +0200 Subject: [PATCH 04/39] Add version tag 4.1 --- .github/workflows/build-and-push-services.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build-and-push-services.yml b/.github/workflows/build-and-push-services.yml index 98fa7c0a45b..4a8e7f0a282 100644 --- a/.github/workflows/build-and-push-services.yml +++ b/.github/workflows/build-and-push-services.yml @@ -45,6 +45,7 @@ jobs: "org.opencontainers.image.title=${{ env.TITLE }}" "org.opencontainers.image.licenses=${{ env.LICENSE }}" tags: | + 4.1 latest type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} From fae80c952c386c4b3b6f5114580431eff757c698 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Thu, 10 Aug 2023 17:54:50 +0200 Subject: [PATCH 05/39] Add further images to build --- .github/workflows/build-and-push-services.yml | 121 ++++++++++++-- scripts/docker/geoserver/Dockerfile | 113 +++++++++++++ scripts/docker/geoserver/README.md | 132 +++++++++++++++ scripts/docker/geoserver/docker-compose.yml | 61 +++++++ scripts/docker/geoserver/entrypoint.sh | 152 ++++++++++++++++++ scripts/docker/geoserver/get_dockerhost_ip.py | 24 +++ scripts/docker/geoserver/get_nginxhost_ip.py | 45 ++++++ scripts/docker/geoserver/multidump-alt.sh | 16 ++ scripts/docker/geoserver/multidump.sh | 18 +++ scripts/docker/geoserver/requirements.txt | 1 + .../docker/geoserver/set_geoserver_auth.sh | 91 +++++++++++ scripts/docker/geoserver/setup_auth.sh | 3 + .../geofence-datasource-ovr.properties.j2 | 12 ++ 13 files changed, 775 insertions(+), 14 deletions(-) create mode 100644 scripts/docker/geoserver/Dockerfile create mode 100644 scripts/docker/geoserver/README.md create mode 100644 scripts/docker/geoserver/docker-compose.yml create mode 100644 scripts/docker/geoserver/entrypoint.sh create mode 100644 scripts/docker/geoserver/get_dockerhost_ip.py create mode 100644 scripts/docker/geoserver/get_nginxhost_ip.py create mode 100644 scripts/docker/geoserver/multidump-alt.sh create mode 100644 scripts/docker/geoserver/multidump.sh create mode 100644 scripts/docker/geoserver/requirements.txt create mode 100644 scripts/docker/geoserver/set_geoserver_auth.sh create mode 100644 scripts/docker/geoserver/setup_auth.sh create mode 100644 scripts/docker/geoserver/templates/geofence/geofence-datasource-ovr.properties.j2 diff --git a/.github/workflows/build-and-push-services.yml b/.github/workflows/build-and-push-services.yml index 4a8e7f0a282..7a0738dc687 100644 --- a/.github/workflows/build-and-push-services.yml +++ b/.github/workflows/build-and-push-services.yml @@ -20,8 +20,11 @@ on: # - "istg-v*.*.*" jobs: - build_images: + build_and_push_geonode: runs-on: ubuntu-22.04 + env: + IMAGE: 52north/istg_geonode + VERSION: "4.1" steps: - name: Checkout @@ -37,7 +40,7 @@ jobs: id: meta uses: docker/metadata-action@v4 with: - images: 52north/istg_geonode + images: ${{ env.IMAGE }} labels: | "org.opencontainers.image.authors=${{ env.AUTHORS }}" "org.opencontainers.image.vendor=${{ env.VENDOR }}" @@ -45,11 +48,10 @@ jobs: "org.opencontainers.image.title=${{ env.TITLE }}" "org.opencontainers.image.licenses=${{ env.LICENSE }}" tags: | - 4.1 latest + ${{ env.VERSION }} type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} - # type=match,pattern=v(.*),group=1,value=${{ github.event.inputs.tags }} - name: Login to Docker Hub uses: docker/login-action@v2 @@ -65,14 +67,105 @@ jobs: push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - cache-from: type=registry,ref=52north/istg_geonode:buildcache - cache-to: type=registry,ref=52north/istg_geonode:buildcache,mode=max + cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache + cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max - # - name: Build and push - # uses: docker/build-push-action@v4 - # with: - # context: . - # push: true - # tags: 52north/geonode_istg:latest - # cache-from: type=registry,ref=52north/geonode_istg:buildcache - # cache-to: type=registry,ref=52north/geonode_istg:buildcache,mode=max \ No newline at end of file + build_and_push_nginx: + runs-on: ubuntu-22.04 + env: + IMAGE: 52north/istg_nginx + VERSION: "4.1" + steps: + - + name: Checkout + uses: actions/checkout@v3 + - + name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - + name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - + name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v4 + with: + images: ${{ env.IMAGE }} + labels: | + "org.opencontainers.image.authors=${{ env.AUTHORS }}" + "org.opencontainers.image.vendor=${{ env.VENDOR }}" + "org.opencontainers.image.description=${{ env.DESCRIPTION }}" + "org.opencontainers.image.title=${{ env.TITLE }}" + "org.opencontainers.image.licenses=${{ env.LICENSE }}" + tags: | + latest + ${{ env.VERSION }} + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + - + name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN_ISTG }} + - + name: Build and push + uses: docker/build-push-action@v4 + with: + context: ./scripts/docker/nginx/ + file: ./scripts/docker/nginx/Dockerfile + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache + cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max + + build_and_push_geoserver: + runs-on: ubuntu-22.04 + env: + IMAGE: 52north/istg_geoserver + VERSION: "2.23.0" + steps: + - + name: Checkout + uses: actions/checkout@v3 + - + name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - + name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - + name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v4 + with: + images: "${{ env.IMAGE }}" + labels: | + "org.opencontainers.image.authors=${{ env.AUTHORS }}" + "org.opencontainers.image.vendor=${{ env.VENDOR }}" + "org.opencontainers.image.description=${{ env.DESCRIPTION }}" + "org.opencontainers.image.title=${{ env.TITLE }}" + "org.opencontainers.image.licenses=${{ env.LICENSE }}" + tags: | + latest + ${{ env.VERSION }} + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + - + name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN_ISTG }} + - + name: Build and push + uses: docker/build-push-action@v4 + with: + context: ./scripts/docker/nginx/ + file: ./scripts/docker/nginx/Dockerfile + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache + cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max \ No newline at end of file diff --git a/scripts/docker/geoserver/Dockerfile b/scripts/docker/geoserver/Dockerfile new file mode 100644 index 00000000000..cf69384629f --- /dev/null +++ b/scripts/docker/geoserver/Dockerfile @@ -0,0 +1,113 @@ +ARG IMAGE_VERSION=9.0-jdk11-openjdk-slim-bullseye +ARG JAVA_HOME=/usr/local/openjdk-11 +FROM tomcat:$IMAGE_VERSION +LABEL GeoNode Development Team + +ARG GEOSERVER_CORS_ENABLED=False +ARG GEOSERVER_CORS_ALLOWED_ORIGINS=* +ARG GEOSERVER_CORS_ALLOWED_METHODS=GET,POST,PUT,DELETE,HEAD,OPTIONS +ARG GEOSERVER_CORS_ALLOWED_HEADERS=* +# +# Set GeoServer version and data directory +# +ENV GEOSERVER_VERSION=2.23.0 +ENV GEOSERVER_DATA_DIR="/geoserver_data/data" +ENV GEOSERVER_CORS_ENABLED=$GEOSERVER_CORS_ENABLED +ENV GEOSERVER_CORS_ALLOWED_ORIGINS=$GEOSERVER_CORS_ALLOWED_ORIGINS +ENV GEOSERVER_CORS_ALLOWED_METHODS=$GEOSERVER_CORS_ALLOWED_METHODS +ENV GEOSERVER_CORS_ALLOWED_HEADERS=$GEOSERVER_CORS_ALLOWED_HEADERS +# +# Download and install GeoServer +# +RUN apt-get update -y && apt-get install curl wget unzip -y +RUN cd /usr/local/tomcat/webapps \ + && wget --no-check-certificate --progress=bar:force:noscroll https://artifacts.geonode.org/geoserver/${GEOSERVER_VERSION}/geoserver.war -O geoserver.war \ + && unzip -q geoserver.war -d geoserver \ + && rm geoserver.war \ + && mkdir -p $GEOSERVER_DATA_DIR + +VOLUME $GEOSERVER_DATA_DIR + +# added by simonelanucara https://github.com/simonelanucara +# Optionally add JAI, ImageIO and Marlin Render for improved Geoserver performance +WORKDIR /tmp + +RUN wget --no-check-certificate https://repo1.maven.org/maven2/org/postgis/postgis-jdbc/1.3.3/postgis-jdbc-1.3.3.jar -O postgis-jdbc-1.3.3.jar && \ + wget --no-check-certificate https://maven.geo-solutions.it/org/hibernatespatial/hibernate-spatial-postgis/1.1.3.2/hibernate-spatial-postgis-1.1.3.2.jar -O hibernate-spatial-postgis-1.1.3.2.jar && \ + rm /usr/local/tomcat/webapps/geoserver/WEB-INF/lib/hibernate-spatial-h2-geodb-1.1.3.2.jar && \ + mv hibernate-spatial-postgis-1.1.3.2.jar /usr/local/tomcat/webapps/geoserver/WEB-INF/lib/ && \ + mv postgis-jdbc-1.3.3.jar /usr/local/tomcat/webapps/geoserver/WEB-INF/lib/ + +###########docker host############### +# Set DOCKERHOST variable if DOCKER_HOST exists +ARG DOCKERHOST=${DOCKERHOST} +# for debugging +RUN echo -n #1===>DOCKERHOST=${DOCKERHOST} +# +ENV DOCKERHOST ${DOCKERHOST} +# for debugging +RUN echo -n #2===>DOCKERHOST=${DOCKERHOST} + +###########docker host ip############# +# Set GEONODE_HOST_IP address if it exists +ARG GEONODE_HOST_IP=${GEONODE_HOST_IP} +# for debugging +RUN echo -n #1===>GEONODE_HOST_IP=${GEONODE_HOST_IP} +# +ENV GEONODE_HOST_IP ${GEONODE_HOST_IP} +# for debugging +RUN echo -n #2===>GEONODE_HOST_IP=${GEONODE_HOST_IP} +# If empty set DOCKER_HOST_IP to GEONODE_HOST_IP +ENV DOCKER_HOST_IP=${DOCKER_HOST_IP:-${GEONODE_HOST_IP}} +# for debugging +RUN echo -n #1===>DOCKER_HOST_IP=${DOCKER_HOST_IP} +# Trying to set the value of DOCKER_HOST_IP from DOCKER_HOST +RUN if ! [ -z ${DOCKER_HOST_IP} ]; \ + then echo export DOCKER_HOST_IP=${DOCKERHOST} | \ + sed 's/tcp:\/\/\([^:]*\).*/\1/' >> /root/.bashrc; \ + else echo "DOCKER_HOST_IP is already set!"; fi +# for debugging +RUN echo -n #2===>DOCKER_HOST_IP=${DOCKER_HOST_IP} + +# Set WEBSERVER public port +ARG PUBLIC_PORT=${PUBLIC_PORT} +# for debugging +RUN echo -n #1===>PUBLIC_PORT=${PUBLIC_PORT} +# +ENV PUBLIC_PORT=${PUBLIC_PORT} +# for debugging +RUN echo -n #2===>PUBLIC_PORT=${PUBLIC_PORT} + +# set nginx base url for geoserver +RUN echo export NGINX_BASE_URL=http://${NGINX_HOST}:${NGINX_PORT}/ | \ + sed 's/tcp:\/\/\([^:]*\).*/\1/' >> /root/.bashrc + +# copy the script and perform the run of scripts from entrypoint.sh +RUN mkdir -p /usr/local/tomcat/tmp +WORKDIR /usr/local/tomcat/tmp +COPY set_geoserver_auth.sh /usr/local/tomcat/tmp +COPY setup_auth.sh /usr/local/tomcat/tmp +COPY requirements.txt /usr/local/tomcat/tmp +COPY get_dockerhost_ip.py /usr/local/tomcat/tmp +COPY get_nginxhost_ip.py /usr/local/tomcat/tmp +COPY entrypoint.sh /usr/local/tomcat/tmp +COPY ./templates /templates +COPY multidump.sh /usr/local/tomcat/tmp +COPY multidump-alt.sh /usr/local/tomcat/tmp + +RUN apt-get update \ + && apt-get install -y procps less \ + && apt-get install -y python3 python3-pip python3-dev \ + && chmod +x /usr/local/tomcat/tmp/set_geoserver_auth.sh \ + && chmod +x /usr/local/tomcat/tmp/setup_auth.sh \ + && chmod +x /usr/local/tomcat/tmp/entrypoint.sh \ + && pip3 install pip --upgrade \ + && pip3 install -r requirements.txt \ + && chmod +x /usr/local/tomcat/tmp/get_dockerhost_ip.py \ + && chmod +x /usr/local/tomcat/tmp/get_nginxhost_ip.py + +RUN pip install j2cli + +ENV JAVA_OPTS="-Djava.awt.headless=true -Dgwc.context.suffix=gwc -XX:+UnlockDiagnosticVMOptions -XX:+LogVMOutput -XX:LogFile=/var/log/jvm.log -XX:MaxPermSize=512m -XX:PermSize=256m -Xms512m -Xmx2048m -XX:+UseConcMarkSweepGC -XX:ParallelGCThreads=4 -Dfile.encoding=UTF8 -Djavax.servlet.request.encoding=UTF-8 -Djavax.servlet.response.encoding=UTF-8 -Duser.timezone=GMT -Dorg.geotools.shapefile.datetime=false -DGS-SHAPEFILE-CHARSET=UTF-8 -DGEOSERVER_CSRF_DISABLED=true -DPRINT_BASE_URL=http://geoserver:8080/geoserver/pdf -Xbootclasspath/a:/usr/local/tomcat/webapps/geoserver/WEB-INF/lib/marlin-0.9.3.jar -Dsun.java2d.renderer=org.marlin.pisces.MarlinRenderingEngine" + +CMD ["/usr/local/tomcat/tmp/entrypoint.sh"] \ No newline at end of file diff --git a/scripts/docker/geoserver/README.md b/scripts/docker/geoserver/README.md new file mode 100644 index 00000000000..9d00a465066 --- /dev/null +++ b/scripts/docker/geoserver/README.md @@ -0,0 +1,132 @@ +# geoserver-docker + + +**The scripts/docker/geonode folder is a copy from geonode-project* to be able to build GeoServer image from this repository directly. In case of an update, just replace the whole folder.** + + +[GeoServer](http://geoserver.org) is an open source server for sharing geospatial data. +This is a docker image that eases setting up a GeoServer running specifically for [GeoNode](https://github.com/GeoNode/geoserver-geonode-ext) with an additional separated data directory. + +The image is based on the official Tomcat 9 image + +## Installation + +This image is available as a [trusted build on the docker hub](https://registry.hub.docker.com/r/geonode/geoserver/), and is the recommended method of installation. +Simple pull the image from the docker hub. + +```bash +$ docker pull geonode/geoserver +``` + +Alternatively you can build the image locally + +```bash +$ git clone https://github.com/geonode/geoserver-docker.git +$ cd geoserver-docker +$ docker build -t "geonode/geoserver" . +``` + +## Quick start + +You can quick start the image using the command line + +```bash +$ docker run --name "geoserver" -v /var/run/docker.sock:/var/run/docker.sock -d -p 8080:8080 geonode/geoserver +``` + +Point your browser to `http://localhost:8080/geoserver` and login using GeoServer's default username and password: + +* Username: admin +* Password: geoserver + +## How to use different versions + +There are mainly two different versions of this image which are useful for running **GeoNode** with different authentication system types. These versions are released as specific tags for two authentication mechanisms: + +**Cookie based authn**: +- [geonode/geoserver:2.9.x](https://hub.docker.com/r/geonode/geoserver/builds/bx7ydhghnlrfnsppduyva73/) + +**Oauth2 based authn**: +- [geonode/geoserver:2.9.x-oauth2](https://hub.docker.com/r/geonode/geoserver/builds/bwca5rtexeoegzgroavftdr/) +- [geonode/geoserver:2.10.x](https://hub.docker.com/r/geonode/geoserver/builds/bjohcnc29vm69acqjrvndxf/) +- [geonode/geoserver:2.12.x](https://hub.docker.com/r/geonode/geoserver/builds/bh7pyw5atmkcljurwsnzbs7/) +- [geonode/geoserver:2.13.x](https://hub.docker.com/r/geonode/geoserver/builds/btmjctbuvrjfnnrxrs4wyrs/) +- [geonode/geoserver:2.14.x](https://hub.docker.com/r/geonode/geoserver/builds/bj53pi8he8uksz6ggvrs3wc/) + +You can declare what version to use along with the data directory tag which corresponds to the same version. + +## Configuration + +### Data volume + +This GeoServer container keeps its configuration data at `/geoserver_data/data` which is exposed as volume in the dockerfile. +The volume allows for stopping and starting new containers from the same image without losing all the data and custom configuration. + +You may want to map this volume to a directory on the host. It will also ease the upgrade process in the future. Volumes can be mounted by passing the `-v` flag to the docker run command: + +```bash +-v /your/host/data/path:/geoserver_data/data +``` + +### Data volume container + +In case you are running Compose for automatically having GeoServer up and running then a data volume container will be mounted with a default preloaded *GEOSERVER_DATA_DIR* at the configuration data directory of the container. +Make sure that the image from the repository [data-docker](https://github.com/GeoNode/data-docker) is available from the [GeoNode Docker Hub](https://hub.docker.com/u/geonode/) or has been built locally: + +```bash +docker build -t geonode/geoserver_data . +``` + +#### Persistance behavior + +If you run: + +```bash +docker-compose stop +``` + +Data are retained in the *GEOSERVER_DATA_DIR* and can then be mounted in a new GeoServer instance by running again: + +```bash +docker-compose up +``` + +If you run: + +```bash +docker-compose down +``` + +Data are completely gone but you can ever start from the base GeoServer Data Directory built for Geonode. + +#### Data directory versions + +There has to be a correspondence one-to-one between the data directory version and the tag of the GeoServer image used in the Docker compose file. So at the end you can consume these images below: + +* **2.9.x**: [geonode/geoserver_data:2.9.x](https://hub.docker.com/r/geonode/geoserver_data/builds/bsus6alnddg4bc7icwymevp/) +* **2.9.x-oauth2**: [geonode/geoserver_data:2.9.x-oauth2](https://hub.docker.com/r/geonode/geoserver_data/builds/bwkxcupsunvuitzusi9gsnt/) +* **2.10.x**: [geonode/geoserver_data:2.10.x](https://hub.docker.com/r/geonode/geoserver_data/builds/b5jqhpzapkqxzyevjizccug/) +* **2.12.x**: [geonode/geoserver_data:2.12.x](https://hub.docker.com/r/geonode/geoserver_data/builds/byaaalw3lnasunpveyg3x4i/) +* **2.13.x**: [geonode/geoserver_data:2.13.x](https://hub.docker.com/r/geonode/geoserver_data/builds/bunuqzq7a7dk65iumjhkbtc/) +* **2.14.x**: [geonode/geoserver_data:2.14.x](https://hub.docker.com/r/geonode/geoserver_data/builds/blpdjzkrv7pm3stunzpn4pp/) + +### Database + +GeoServer recommends the usage of a spatial database + +#### PostGIS container (PostgreSQL + GIS Extension) + +If you want to use a [PostGIS](http://postgis.org/) container, you can link it to this image. You're free to use any PostGIS container. +An example with [kartooza/postgis](https://registry.hub.docker.com/u/kartoza/postgis/) image: + +```bash +$ docker run -d --name="postgis" kartoza/postgis +``` + +For further information see [kartooza/postgis](https://registry.hub.docker.com/u/kartoza/postgis/). + +Now start the GeoServer instance by adding the `--link` option to the docker run command: + +```bash +--link postgis:postgis +``` diff --git a/scripts/docker/geoserver/docker-compose.yml b/scripts/docker/geoserver/docker-compose.yml new file mode 100644 index 00000000000..5f3dc1cf34e --- /dev/null +++ b/scripts/docker/geoserver/docker-compose.yml @@ -0,0 +1,61 @@ +version: '3.9' + +services: + + postgis: + image: geonode/postgis:13 + ports: + - "25432:5432" + volumes: + - /srv/docker/geoserver/postgis:/var/lib/postgresql + #volumes_from: + #- pgstore + healthcheck: + test: "pg_isready -d postgres -U postgres" + restart: on-failure + + geoserver: + image: geonode/geoserver:2.23.0 + build: + context: . + args: + - DOCKERHOST + - GEONODE_HOST_IP + - PUBLIC_PORT=80 + links: + - postgis + ports: + - "8080:8080" + volumes: + - /geoserver_data/data + environment: + - DOCKERHOST + - GEONODE_HOST_IP + - PUBLIC_PORT=80 + - DOCKER_HOST_IP + - DJANGO_URL=http://localhost/ + depends_on: + postgis: + condition: service_completed_successfully + data-dir-conf: + condition: service_healthy + healthcheck: + test: curl --fail -s http://localhost:8080/geoserver/rest/workspaces/geonode.html || exit 1 + interval: 1m30s + timeout: 10s + retries: 3 + restart: on-failure + + data-dir-conf: + image: geonode/geoserver_data:2.23.0 + container_name: geoserver_data_dir # named data container + entrypoint: sleep infinity + volumes: + - /geoserver_data/data + healthcheck: + test: "ls -A '/geoserver_data/data' | wc -l" + restart: on-failure + +volumes: + # reference to the named data container that holds the preloaded geoserver data directory + geoserver_data_dir: \ No newline at end of file diff --git a/scripts/docker/geoserver/entrypoint.sh b/scripts/docker/geoserver/entrypoint.sh new file mode 100644 index 00000000000..f9af5f42024 --- /dev/null +++ b/scripts/docker/geoserver/entrypoint.sh @@ -0,0 +1,152 @@ +#!/bin/bash +set -e + +source /root/.bashrc + +# control the value of DOCKER_HOST_IP variable +if [ -z ${DOCKER_HOST_IP} ] +then + + echo "DOCKER_HOST_IP is empty so I'll run the python utility \n" + echo export DOCKER_HOST_IP=`python3 /usr/local/tomcat/tmp/get_dockerhost_ip.py` >> /root/.override_env + echo "The calculated value is now DOCKER_HOST_IP='$DOCKER_HOST_IP' \n" + +else + + echo "DOCKER_HOST_IP is filled so I'll leave the found value '$DOCKER_HOST_IP' \n" + +fi + +# control the values of LB settings if present +if [ ${GEONODE_LB_HOST_IP} ] +then + + echo "GEONODE_LB_HOST_IP is filled so I replace the value of '$DOCKER_HOST_IP' with '$GEONODE_LB_HOST_IP' \n" + echo export DOCKER_HOST_IP=${GEONODE_LB_HOST_IP} >> /root/.override_env + +fi + +if [ ${GEONODE_LB_PORT} ] +then + + echo "GEONODE_LB_PORT is filled so I replace the value of '$PUBLIC_PORT' with '$GEONODE_LB_PORT' \n" + echo export PUBLIC_PORT=${GEONODE_LB_PORT} >> /root/.override_env + +fi + +if [ ! -z "${GEOSERVER_JAVA_OPTS}" ] +then + + echo "GEOSERVER_JAVA_OPTS is filled so I replace the value of '$JAVA_OPTS' with '$GEOSERVER_JAVA_OPTS' \n" + JAVA_OPTS=${GEOSERVER_JAVA_OPTS} + +fi + +# control the value of NGINX_BASE_URL variable +if [ -z `echo ${NGINX_BASE_URL} | sed 's/http:\/\/\([^:]*\).*/\1/'` ] +then + echo "NGINX_BASE_URL is empty so I'll use the static nginx hostname \n" + # echo export NGINX_BASE_URL=`python3 /usr/local/tomcat/tmp/get_nginxhost_ip.py` >> /root/.override_env + # TODO rework get_nginxhost_ip to get URL with static hostname from nginx service name + # + exposed port of that container i.e. http://geonode:80 + echo export NGINX_BASE_URL=http://geonode:80 >> /root/.override_env + echo "The calculated value is now NGINX_BASE_URL='$NGINX_BASE_URL' \n" +else + echo "NGINX_BASE_URL is filled so I'll leave the found value '$NGINX_BASE_URL' \n" +fi + +# set basic tagname +TAGNAME=( "baseUrl" ) + +if ! [ -f ${GEOSERVER_DATA_DIR}/security/auth/geonodeAuthProvider/config.xml ] +then + + echo "Configuration file '$GEOSERVER_DATA_DIR'/security/auth/geonodeAuthProvider/config.xml is not available so it is gone to skip \n" + +else + + # backup geonodeAuthProvider config.xml + cp ${GEOSERVER_DATA_DIR}/security/auth/geonodeAuthProvider/config.xml ${GEOSERVER_DATA_DIR}/security/auth/geonodeAuthProvider/config.xml.orig + # run the setting script for geonodeAuthProvider + /usr/local/tomcat/tmp/set_geoserver_auth.sh ${GEOSERVER_DATA_DIR}/security/auth/geonodeAuthProvider/config.xml ${GEOSERVER_DATA_DIR}/security/auth/geonodeAuthProvider/ ${TAGNAME} > /dev/null 2>&1 + +fi + +# backup geonode REST role service config.xml +cp "${GEOSERVER_DATA_DIR}/security/role/geonode REST role service/config.xml" "${GEOSERVER_DATA_DIR}/security/role/geonode REST role service/config.xml.orig" +# run the setting script for geonode REST role service +/usr/local/tomcat/tmp/set_geoserver_auth.sh "${GEOSERVER_DATA_DIR}/security/role/geonode REST role service/config.xml" "${GEOSERVER_DATA_DIR}/security/role/geonode REST role service/" ${TAGNAME} > /dev/null 2>&1 + +# set oauth2 filter tagname +TAGNAME=( "accessTokenUri" "userAuthorizationUri" "redirectUri" "checkTokenEndpointUrl" "logoutUri" ) + +# backup geonode-oauth2 config.xml +cp ${GEOSERVER_DATA_DIR}/security/filter/geonode-oauth2/config.xml ${GEOSERVER_DATA_DIR}/security/filter/geonode-oauth2/config.xml.orig +# run the setting script for geonode-oauth2 +/usr/local/tomcat/tmp/set_geoserver_auth.sh ${GEOSERVER_DATA_DIR}/security/filter/geonode-oauth2/config.xml ${GEOSERVER_DATA_DIR}/security/filter/geonode-oauth2/ "${TAGNAME[@]}" > /dev/null 2>&1 + +# set global tagname +TAGNAME=( "proxyBaseUrl" ) + +# backup global.xml +cp ${GEOSERVER_DATA_DIR}/global.xml ${GEOSERVER_DATA_DIR}/global.xml.orig +# run the setting script for global configuration +/usr/local/tomcat/tmp/set_geoserver_auth.sh ${GEOSERVER_DATA_DIR}/global.xml ${GEOSERVER_DATA_DIR}/ ${TAGNAME} > /dev/null 2>&1 + +# set correct amqp broker url +sed -i -e 's/localhost/rabbitmq/g' ${GEOSERVER_DATA_DIR}/notifier/notifier.xml + +# exclude wrong dependencies +sed -i -e 's/xom-\*\.jar/xom-\*\.jar,bcprov\*\.jar/g' /usr/local/tomcat/conf/catalina.properties + +# J2 templating for this docker image we should also do it for other configuration files in /usr/local/tomcat/tmp + +declare -a geoserver_datadir_template_dirs=("geofence") + +for template in in ${geoserver_datadir_template_dirs[*]}; do + #Geofence templates + if [ "$template" == "geofence" ]; then + cp -R /templates/$template/* ${GEOSERVER_DATA_DIR}/geofence + + for f in $(find ${GEOSERVER_DATA_DIR}/geofence/ -type f -name "*.j2"); do + echo -e "Evaluating template\n\tSource: $f\n\tDest: ${f%.j2}" + /usr/local/bin/j2 $f > ${f%.j2} + rm -f $f + done + + fi +done + +# configure CORS (inspired by https://github.com/oscarfonts/docker-geoserver) +# if enabled, this will add the filter definitions +# to the end of the web.xml +# (this will only happen if our filter has not yet been added before) +if [ "${GEOSERVER_CORS_ENABLED}" = "true" ] || [ "${GEOSERVER_CORS_ENABLED}" = "True" ]; then + if ! grep -q DockerGeoServerCorsFilter "$CATALINA_HOME/webapps/geoserver/WEB-INF/web.xml"; then + echo "Enable CORS for $CATALINA_HOME/webapps/geoserver/WEB-INF/web.xml" + sed -i "\::i\\ + \n\ + DockerGeoServerCorsFilter\n\ + org.apache.catalina.filters.CorsFilter\n\ + \n\ + cors.allowed.origins\n\ + ${GEOSERVER_CORS_ALLOWED_ORIGINS}\n\ + \n\ + \n\ + cors.allowed.methods\n\ + ${GEOSERVER_CORS_ALLOWED_METHODS}\n\ + \n\ + \n\ + cors.allowed.headers\n\ + ${GEOSERVER_CORS_ALLOWED_HEADERS}\n\ + \n\ + \n\ + \n\ + DockerGeoServerCorsFilter\n\ + /*\n\ + " "$CATALINA_HOME/webapps/geoserver/WEB-INF/web.xml"; + fi +fi + +# start tomcat +exec env JAVA_OPTS="${JAVA_OPTS}" catalina.sh run \ No newline at end of file diff --git a/scripts/docker/geoserver/get_dockerhost_ip.py b/scripts/docker/geoserver/get_dockerhost_ip.py new file mode 100644 index 00000000000..7b5a42ed310 --- /dev/null +++ b/scripts/docker/geoserver/get_dockerhost_ip.py @@ -0,0 +1,24 @@ +#!/usr/bin/env python3 + +import logging + +import docker + +BOOTSTRAP_IMAGE_CHEIP = 'codenvy/che-ip:nightly' +# AF: why call before definition? print _docker_host_ip() + +def _docker_host_ip(): + client = docker.from_env() + ip_list = client.containers.run(BOOTSTRAP_IMAGE_CHEIP, + network_mode='host' + ).split("\n") + if len(ip_list) > 1: + logging.info("Docker daemon is running on more than one \ +address {0}".format(ip_list)) + logging.info("Only the first address:{0} will be returned!".format( + ip_list[0] + )) + else: + logging.info("Docker daemon is running at the following \ +address {0}".format(ip_list[0])) + return ip_list[0] diff --git a/scripts/docker/geoserver/get_nginxhost_ip.py b/scripts/docker/geoserver/get_nginxhost_ip.py new file mode 100644 index 00000000000..c6a67d8490d --- /dev/null +++ b/scripts/docker/geoserver/get_nginxhost_ip.py @@ -0,0 +1,45 @@ +#!/usr/bin/env python3 + +import logging +import os + +import docker + +client = docker.from_env() +# print(client.info()) +# TODO avoid this script can fail and fall in the loop where the geoserver +# service is not available and consequently the nginx too which has geoserver +# as a reference link +for network in client.networks.list(): + if 'geonode' in network.name: + geonode_network = network.name + else: + geonode_network = 'geonode_default' + +try: + containers = { + c.attrs['Config']['Image']: c.attrs['NetworkSettings']['\ +Networks'][geonode_network]['\ +IPAddress'] for c in client.containers.list() if c.status in 'running' + } + for item in containers.items(): + if "geonode/nginx" in item[0]: + ipaddr = item[1] + + try: + os.environ["NGINX_BASE_URL"] = "http://" + ipaddr + ":" + "80" + nginx_base_url = "http://{}:80".format(ipaddr) + except NameError as er: + logging.info("NGINX container is not running maybe exited! Running\ +containers are:{0}".format(containers)) +except KeyError as ke: + logging.info("There has been a problem with the docker\ +network which has raised the following exception: {0}".format(ke)) +else: + # nginx_base_url = None + pass +finally: + try: + print(nginx_base_url) + except NameError as ne: + print("http://geonode:80") diff --git a/scripts/docker/geoserver/multidump-alt.sh b/scripts/docker/geoserver/multidump-alt.sh new file mode 100644 index 00000000000..cc237e17bec --- /dev/null +++ b/scripts/docker/geoserver/multidump-alt.sh @@ -0,0 +1,16 @@ +#!/bin/sh + +if [ $# -ne 3 ]; then + echo "Usage: $0 pid interval count" + exit 1 +fi + +PID=$1 +INTERVAL=$2 +COUNT=$3 + +top -bH -d $INTERVAL -n $COUNT -p $PID >> top.out 2>&1 & +for i in `seq $COUNT`; do + kill -3 $PID + sleep $INTERVAL +done diff --git a/scripts/docker/geoserver/multidump.sh b/scripts/docker/geoserver/multidump.sh new file mode 100644 index 00000000000..21dfd2ba660 --- /dev/null +++ b/scripts/docker/geoserver/multidump.sh @@ -0,0 +1,18 @@ +#!/bin/sh + +if [ $# -ne 3 ]; then + echo "Usage: $0 pid interval count" + exit 1 +fi + +PID=$1 +INTERVAL=$2 +COUNT=$3 + +top -bH -d $INTERVAL -n $COUNT -p $PID >> top.out 2>&1 & +for i in `seq $COUNT`; do + echo "stack trace $i of $COUNT" >> jstack.out + jstack -l $PID >> jstack.out + echo "--------------------" >> jstack.out + sleep $INTERVAL +done diff --git a/scripts/docker/geoserver/requirements.txt b/scripts/docker/geoserver/requirements.txt new file mode 100644 index 00000000000..0b31242fdae --- /dev/null +++ b/scripts/docker/geoserver/requirements.txt @@ -0,0 +1 @@ +docker==3.1.1 diff --git a/scripts/docker/geoserver/set_geoserver_auth.sh b/scripts/docker/geoserver/set_geoserver_auth.sh new file mode 100644 index 00000000000..27dd11ef54e --- /dev/null +++ b/scripts/docker/geoserver/set_geoserver_auth.sh @@ -0,0 +1,91 @@ +#!/bin/bash + +auth_conf_source="$1" +auth_conf_target="$2" +# Creating a temporary file for sed to write the changes to +temp_file="xml.tmp" +touch $temp_file + +source /root/.bashrc +source /root/.override_env + +test -z "$auth_conf_source" && echo "You must specify a source file" && exit 1 +test -z "$auth_conf_target" && echo "You must specify a target conf directory" && exit 1 + +test ! -f "$auth_conf_source" && echo "Source $auth_conf_source does not exist or is not a file" && exit 1 +test ! -d "$auth_conf_target" && echo "Target directory $auth_conf_target does not exist or is not a directory" && exit 1 + +# for debugging +echo -e "NGINX_BASE_URL=${NGINX_BASE_URL}\n" +if [ "$PUBLIC_PORT" == "443" ]; then + SUBSTITUTION_URL="https://${DOCKER_HOST_IP}" + if [ "$PUBLIC_PORT" != "443" ]; then + SUBSTITUTION_URL="https://${DOCKER_HOST_IP}:${PUBLIC_PORT}" + fi +else + SUBSTITUTION_URL="http://${DOCKER_HOST_IP}" + if [ "$PUBLIC_PORT" != "80" ]; then + SUBSTITUTION_URL="http://${DOCKER_HOST_IP}:${PUBLIC_PORT}" + fi +fi + +echo -e "SUBSTITUTION_URL=$SUBSTITUTION_URL\n" +echo -e "auth_conf_source=$auth_conf_source\n" +echo -e "auth_conf_target=$auth_conf_target\n" + +# Elegance is the key -> adding an empty last line for Mr. “sed” to pick up +echo " " >> "$auth_conf_source" + +cat "$auth_conf_source" + +tagname=( ${@:3:5} ) + +# for debugging +for i in "${tagname[@]}" +do + echo "tagname=<$i>" +done + +echo "DEBUG: Starting... [Ok]\n" + +for i in "${tagname[@]}" +do + echo "DEBUG: Working on '$auth_conf_source' for tagname <$i>" + # Extracting the value from the <$tagname> element + # echo -ne "<$i>$tagvalue" | xmlstarlet sel -t -m "//a" -v . -n + tagvalue=`grep "<$i>.*<.$i>" "$auth_conf_source" | sed -e "s/^.*<$i/<$i/" | cut -f2 -d">"| cut -f1 -d"<"` + + echo "DEBUG: Found the current value for the element <$i> - '$tagvalue'" + + # Setting new substituted value + case $i in + proxyBaseUrl ) + if [ ${GEONODE_LB_HOST_IP} ] + then + echo "DEBUG: Editing '$auth_conf_source' for tagname <$i> and replacing its value with '$SUBSTITUTION_URL'" + newvalue=`echo -ne "$tagvalue" | sed -re "s@http://localhost(:8.*0)@$SUBSTITUTION_URL@"` + else + echo "DEBUG: Editing '$auth_conf_source' for tagname <$i> and replacing its value with '$NGINX_BASE_URL'" + newvalue=`echo -ne "$tagvalue" | sed -re "s@http://localhost(:8.*0)@$NGINX_BASE_URL@"` + fi;; + accessTokenUri | checkTokenEndpointUrl | baseUrl ) + echo "DEBUG: Editing '$auth_conf_source' for tagname <$i> and replacing its value with '$NGINX_BASE_URL'" + newvalue=`echo -ne "$tagvalue" | sed -re "s@http://localhost(:8.*0)@$NGINX_BASE_URL@"`;; + userAuthorizationUri | redirectUri | logoutUri ) + echo "DEBUG: Editing '$auth_conf_source' for tagname <$i> and replacing its value with '$SUBSTITUTION_URL'" + newvalue=`echo -ne "$tagvalue" | sed -re "s@http://localhost(:8.*0)@$SUBSTITUTION_URL@"`;; + *) echo -n "an unknown variable has been found";; + esac + + echo "DEBUG: Found the new value for the element <$i> - '$newvalue'" + # Replacing element’s value with $SUBSTITUTION_URL + # echo -ne "<$i>$tagvalue" | xmlstarlet sel -t -m "//a" -v . -n + sed -e "s@<$i>$tagvalue<\/$i>@<$i>$newvalue<\/$i>@g" "$auth_conf_source" > "$temp_file" + cp "$temp_file" "$auth_conf_source" +done +# Writing our changes back to the original file ($auth_conf_source) +# no longer needed +# mv $temp_file $auth_conf_source + +echo "DEBUG: Finished... [Ok] --- Final xml file is \n" +cat "$auth_conf_source" diff --git a/scripts/docker/geoserver/setup_auth.sh b/scripts/docker/geoserver/setup_auth.sh new file mode 100644 index 00000000000..6f9373b978c --- /dev/null +++ b/scripts/docker/geoserver/setup_auth.sh @@ -0,0 +1,3 @@ +#!/bin/sh +sed -i.bak 's@\([^<][^<]*\)@'"$DJANGO_URL"'@'\ + /geoserver_data/data/security/auth/geonodeAuthProvider/config.xml \ No newline at end of file diff --git a/scripts/docker/geoserver/templates/geofence/geofence-datasource-ovr.properties.j2 b/scripts/docker/geoserver/templates/geofence/geofence-datasource-ovr.properties.j2 new file mode 100644 index 00000000000..7b18d3e55f3 --- /dev/null +++ b/scripts/docker/geoserver/templates/geofence/geofence-datasource-ovr.properties.j2 @@ -0,0 +1,12 @@ +geofenceVendorAdapter.databasePlatform=org.hibernatespatial.postgis.PostgisDialect +geofenceDataSource.driverClassName=org.postgresql.Driver +geofenceDataSource.url=jdbc:postgresql://{{ DATABASE_HOST }}:{{ DATABASE_PORT }}/{{ GEONODE_GEODATABASE }} +geofenceDataSource.username={{ GEONODE_GEODATABASE }} +geofenceDataSource.password={{ GEONODE_GEODATABASE_PASSWORD }} +geofenceEntityManagerFactory.jpaPropertyMap[hibernate.default_schema]={{ GEONODE_GEODATABASE_SCHEMA }} + +# avoid hibernate transaction issues +geofenceDataSource.testOnBorrow=true +geofenceDataSource.validationQuery=SELECT 1 +geofenceEntityManagerFactory.jpaPropertyMap[hibernate.testOnBorrow]=true +geofenceEntityManagerFactory.jpaPropertyMap[hibernate.validationQuery]=SELECT 1 \ No newline at end of file From a5c84a0117899c009a6d43b8c42aadf0e7b9fe98 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Thu, 10 Aug 2023 18:16:48 +0200 Subject: [PATCH 06/39] Fix geoserver's context path --- .github/workflows/build-and-push-services.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-and-push-services.yml b/.github/workflows/build-and-push-services.yml index 7a0738dc687..dd38db3aae5 100644 --- a/.github/workflows/build-and-push-services.yml +++ b/.github/workflows/build-and-push-services.yml @@ -162,8 +162,8 @@ jobs: name: Build and push uses: docker/build-push-action@v4 with: - context: ./scripts/docker/nginx/ - file: ./scripts/docker/nginx/Dockerfile + context: ./scripts/docker/geoserver/ + file: ./scripts/docker/geoserver/Dockerfile push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} From 41ce5b7f37c6fa1c2b92f1ca36583e1dc3b41cd2 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Fri, 11 Aug 2023 14:29:19 +0200 Subject: [PATCH 07/39] Add tags for mayor, minor, and bugfix version --- .github/workflows/build-and-push-services.yml | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build-and-push-services.yml b/.github/workflows/build-and-push-services.yml index dd38db3aae5..a1ef2e50d90 100644 --- a/.github/workflows/build-and-push-services.yml +++ b/.github/workflows/build-and-push-services.yml @@ -24,7 +24,9 @@ jobs: runs-on: ubuntu-22.04 env: IMAGE: 52north/istg_geonode - VERSION: "4.1" + MAJOR_VERSION: "4" + MINOR_VERSION: "4.1" + BUGFIX_VERSION: "4.1.1" steps: - name: Checkout @@ -49,7 +51,9 @@ jobs: "org.opencontainers.image.licenses=${{ env.LICENSE }}" tags: | latest - ${{ env.VERSION }} + ${{ env.MAJOR_VERSION }} + ${{ env.MINOR_VERSION }} + ${{ env.BUGFIX_VERSION }} type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} - @@ -74,7 +78,9 @@ jobs: runs-on: ubuntu-22.04 env: IMAGE: 52north/istg_nginx - VERSION: "4.1" + MAJOR_VERSION: "4" + MINOR_VERSION: "4.1" + BUGFIX_VERSION: "4.1.1" steps: - name: Checkout @@ -99,7 +105,9 @@ jobs: "org.opencontainers.image.licenses=${{ env.LICENSE }}" tags: | latest - ${{ env.VERSION }} + ${{ env.MAJOR_VERSION }} + ${{ env.MINOR_VERSION }} + ${{ env.BUGFIX_VERSION }} type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} - From 537ac90d60b830e93d65034a78156b361b272512 Mon Sep 17 00:00:00 2001 From: Giovanni Allegri Date: Fri, 11 Aug 2023 11:51:41 +0200 Subject: [PATCH 08/39] BUmp to 4.1.x (#11371) --- CHANGELOG.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b440a931782..e2ac7e72bd1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,10 @@ # Change Log -## [4.1.1](https://github.com/GeoNode/geonode/tree/4.1.0) (2023-06-05) +## [4.1.2](https://github.com/GeoNode/geonode/tree/4.1.2) (2023-08-11) +## Bug Fixes +- Upgrade to importer 1.0.5 which fixes the import with filenames longer then 63 chars +- Fixed parsing and rendering of ISO TC211 spatial representetion type +## [4.1.1](https://github.com/GeoNode/geonode/tree/4.1.1) (2023-06-05) ## Security and Bug Fixes - Upgrade to Ubuntu 22.10 - Upgrade to Django 3.2.20 From dd53272e5cdb9eb4d8b0df601fe705de274a3042 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Fri, 11 Aug 2023 14:40:46 +0200 Subject: [PATCH 09/39] Update geonode version to 4.1.2 --- .github/workflows/build-and-push-services.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-and-push-services.yml b/.github/workflows/build-and-push-services.yml index a1ef2e50d90..1d2922c6ec7 100644 --- a/.github/workflows/build-and-push-services.yml +++ b/.github/workflows/build-and-push-services.yml @@ -26,7 +26,7 @@ jobs: IMAGE: 52north/istg_geonode MAJOR_VERSION: "4" MINOR_VERSION: "4.1" - BUGFIX_VERSION: "4.1.1" + BUGFIX_VERSION: "4.1.2" steps: - name: Checkout @@ -80,7 +80,7 @@ jobs: IMAGE: 52north/istg_nginx MAJOR_VERSION: "4" MINOR_VERSION: "4.1" - BUGFIX_VERSION: "4.1.1" + BUGFIX_VERSION: "4.1.2" steps: - name: Checkout From 75859d835ea955a0351a51c58531ba8f778946fe Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Tue, 15 Aug 2023 10:55:13 +0200 Subject: [PATCH 10/39] Clean up versions metadata --- .github/workflows/build-and-push-services.yml | 17 ++++------------- 1 file changed, 4 insertions(+), 13 deletions(-) diff --git a/.github/workflows/build-and-push-services.yml b/.github/workflows/build-and-push-services.yml index 1d2922c6ec7..ea522e691ea 100644 --- a/.github/workflows/build-and-push-services.yml +++ b/.github/workflows/build-and-push-services.yml @@ -1,6 +1,7 @@ name: Release Docker Images env: + SHA: ${{ github.sha }} TITLE: "52°North GeoNode Deployment Image for IStG" VENDOR: "52°North GmbH" AUTHORS: "https://52North.org/" @@ -11,13 +12,6 @@ on: push: branches: - "52n-istg" - # release: - # types: - # - "created" - # branches: - # - "52n-istg" - # tags: - # - "istg-v*.*.*" jobs: build_and_push_geonode: @@ -51,11 +45,10 @@ jobs: "org.opencontainers.image.licenses=${{ env.LICENSE }}" tags: | latest + ${{ env.SHA }} ${{ env.MAJOR_VERSION }} ${{ env.MINOR_VERSION }} ${{ env.BUGFIX_VERSION }} - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} - name: Login to Docker Hub uses: docker/login-action@v2 @@ -105,11 +98,10 @@ jobs: "org.opencontainers.image.licenses=${{ env.LICENSE }}" tags: | latest + ${{ env.SHA }} ${{ env.MAJOR_VERSION }} ${{ env.MINOR_VERSION }} ${{ env.BUGFIX_VERSION }} - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} - name: Login to Docker Hub uses: docker/login-action@v2 @@ -157,9 +149,8 @@ jobs: "org.opencontainers.image.licenses=${{ env.LICENSE }}" tags: | latest + ${{ env.SHA }} ${{ env.VERSION }} - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} - name: Login to Docker Hub uses: docker/login-action@v2 From ae6c47480d950055a2079dcaf83441c6172b21ab Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Tue, 15 Aug 2023 12:43:41 +0200 Subject: [PATCH 11/39] Push core images to dedicated repos --- .github/workflows/build-and-push-services.yml | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/build-and-push-services.yml b/.github/workflows/build-and-push-services.yml index ea522e691ea..e32093c1729 100644 --- a/.github/workflows/build-and-push-services.yml +++ b/.github/workflows/build-and-push-services.yml @@ -1,23 +1,23 @@ -name: Release Docker Images +name: Release GeoNode Docker Images env: SHA: ${{ github.sha }} - TITLE: "52°North GeoNode Deployment Image for IStG" + TITLE: "52°North GeoNode Docker Image" VENDOR: "52°North GmbH" AUTHORS: "https://52North.org/" - DESCRIPTION: "52°North GeoNode Deployment Image" + DESCRIPTION: "Builds and publishes the Docker images GeoNode, GeoServer, Nginx" LICENSE: "GPL-3.0" on: push: branches: - - "52n-istg" + - "52n-master" jobs: build_and_push_geonode: runs-on: ubuntu-22.04 env: - IMAGE: 52north/istg_geonode + IMAGE: 52north/geonode-geonode MAJOR_VERSION: "4" MINOR_VERSION: "4.1" BUGFIX_VERSION: "4.1.2" @@ -54,7 +54,7 @@ jobs: uses: docker/login-action@v2 with: username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN_ISTG }} + password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} - name: Build and push uses: docker/build-push-action@v4 @@ -70,7 +70,7 @@ jobs: build_and_push_nginx: runs-on: ubuntu-22.04 env: - IMAGE: 52north/istg_nginx + IMAGE: 52north/geonode-nginx MAJOR_VERSION: "4" MINOR_VERSION: "4.1" BUGFIX_VERSION: "4.1.2" @@ -107,7 +107,7 @@ jobs: uses: docker/login-action@v2 with: username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN_ISTG }} + password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} - name: Build and push uses: docker/build-push-action@v4 @@ -123,7 +123,7 @@ jobs: build_and_push_geoserver: runs-on: ubuntu-22.04 env: - IMAGE: 52north/istg_geoserver + IMAGE: 52north/geonode-geoserver VERSION: "2.23.0" steps: - @@ -156,7 +156,7 @@ jobs: uses: docker/login-action@v2 with: username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN_ISTG }} + password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} - name: Build and push uses: docker/build-push-action@v4 From 9f6504832fcf5943f88e1e3e2bacecfc4044f97a Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Tue, 15 Aug 2023 16:01:26 +0200 Subject: [PATCH 12/39] Push geonode image to 52north/geonode --- .github/workflows/build-and-push-services.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-and-push-services.yml b/.github/workflows/build-and-push-services.yml index e32093c1729..73bdab615b7 100644 --- a/.github/workflows/build-and-push-services.yml +++ b/.github/workflows/build-and-push-services.yml @@ -17,7 +17,7 @@ jobs: build_and_push_geonode: runs-on: ubuntu-22.04 env: - IMAGE: 52north/geonode-geonode + IMAGE: 52north/geonode MAJOR_VERSION: "4" MINOR_VERSION: "4.1" BUGFIX_VERSION: "4.1.2" From 065aa07bfd3b7b9730c79c8a032f0ac0f3b671e0 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Thu, 17 Aug 2023 10:07:32 +0200 Subject: [PATCH 13/39] Upload a dockerhub description --- .github/workflows/dockerhub-desciption.yml | 22 ++++++++++++++++++++++ README_52n.md | 6 ++++++ 2 files changed, 28 insertions(+) create mode 100644 .github/workflows/dockerhub-desciption.yml create mode 100644 README_52n.md diff --git a/.github/workflows/dockerhub-desciption.yml b/.github/workflows/dockerhub-desciption.yml new file mode 100644 index 00000000000..d4b52d051d3 --- /dev/null +++ b/.github/workflows/dockerhub-desciption.yml @@ -0,0 +1,22 @@ +name: Update Docker Hub Description +on: + push: + branches: + - 52n-master + paths: + - README_52n.md + - .github/workflows/dockerhub-description.yml +jobs: + dockerHubDescription: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + - name: Docker Hub Description + uses: peter-evans/dockerhub-description@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} + repository: peterevans/dockerhub-description + short-description: ${{ github.event.repository.description }} + enable-url-completion: true \ No newline at end of file diff --git a/README_52n.md b/README_52n.md new file mode 100644 index 00000000000..42ef8337913 --- /dev/null +++ b/README_52n.md @@ -0,0 +1,6 @@ +# 52°North Fork of GeoNode + +This is a fork of [Geonode](https://github.com/geonode/geonode). +[52°North GmbH](https://52north.org) maintains an own fork of GeoNode in order to make necessary adjustments within projects which are not part of GeoNode core. + +However, we are interested to stay as close to upstream as possible, to benefit from ongoing development, but also to contribute features and fixes we develop in our projects. From 77cd1cf1da8270bb3cb9327d802d082f920bfbeb Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Thu, 17 Aug 2023 10:12:00 +0200 Subject: [PATCH 14/39] Update dockerhub description workflow config --- .github/workflows/dockerhub-desciption.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/dockerhub-desciption.yml b/.github/workflows/dockerhub-desciption.yml index d4b52d051d3..294e9535d0d 100644 --- a/.github/workflows/dockerhub-desciption.yml +++ b/.github/workflows/dockerhub-desciption.yml @@ -18,5 +18,6 @@ jobs: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} repository: peterevans/dockerhub-description - short-description: ${{ github.event.repository.description }} + short-description: "Geospatial content management system" + readme-filepath: ./README_52n.md enable-url-completion: true \ No newline at end of file From dcbd06030fdb39ce7860a68231cc48a23f12f2d0 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Thu, 17 Aug 2023 10:16:47 +0200 Subject: [PATCH 15/39] Update 52n readme --- README_52n.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README_52n.md b/README_52n.md index 42ef8337913..4b748e91ba5 100644 --- a/README_52n.md +++ b/README_52n.md @@ -1,6 +1,6 @@ # 52°North Fork of GeoNode -This is a fork of [Geonode](https://github.com/geonode/geonode). +This image is built from a fork of [Geonode](https://github.com/geonode/geonode). [52°North GmbH](https://52north.org) maintains an own fork of GeoNode in order to make necessary adjustments within projects which are not part of GeoNode core. However, we are interested to stay as close to upstream as possible, to benefit from ongoing development, but also to contribute features and fixes we develop in our projects. From 650cbb19ef0f3510d5d8871870ce5fed69f79ab7 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Thu, 17 Aug 2023 10:18:06 +0200 Subject: [PATCH 16/39] Fix image repository config --- .github/workflows/dockerhub-desciption.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dockerhub-desciption.yml b/.github/workflows/dockerhub-desciption.yml index 294e9535d0d..3dbe8fbb583 100644 --- a/.github/workflows/dockerhub-desciption.yml +++ b/.github/workflows/dockerhub-desciption.yml @@ -17,7 +17,7 @@ jobs: with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} - repository: peterevans/dockerhub-description + repository: 52north/geonode short-description: "Geospatial content management system" readme-filepath: ./README_52n.md enable-url-completion: true \ No newline at end of file From 57e10649452f4798aaa62afdb9b54ac7f783ef62 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Thu, 17 Aug 2023 10:19:24 +0200 Subject: [PATCH 17/39] Fix workflow name --- .../{dockerhub-desciption.yml => dockerhub-description.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/workflows/{dockerhub-desciption.yml => dockerhub-description.yml} (100%) diff --git a/.github/workflows/dockerhub-desciption.yml b/.github/workflows/dockerhub-description.yml similarity index 100% rename from .github/workflows/dockerhub-desciption.yml rename to .github/workflows/dockerhub-description.yml From 76539f8b9484e26e546c0f6219b23e3524113532 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Thu, 17 Aug 2023 10:25:17 +0200 Subject: [PATCH 18/39] Link to 52n fork on github --- README_52n.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README_52n.md b/README_52n.md index 4b748e91ba5..d340a6a6e6c 100644 --- a/README_52n.md +++ b/README_52n.md @@ -4,3 +4,6 @@ This image is built from a fork of [Geonode](https://github.com/geonode/geonode) [52°North GmbH](https://52north.org) maintains an own fork of GeoNode in order to make necessary adjustments within projects which are not part of GeoNode core. However, we are interested to stay as close to upstream as possible, to benefit from ongoing development, but also to contribute features and fixes we develop in our projects. + +This image is built from the `52n-master` branch of the [`52north/geonode` repository](https://github.com/52North/geonode/tree/52n-master). +Depending on our current project contexts we merge regularly from upstream, and create new pull requests from this fork. From a592ddbc06fe7d0e06ee6c6e80bd2171abbf4749 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Thu, 17 Aug 2023 11:03:46 +0200 Subject: [PATCH 19/39] Add a note to version 3 tags --- README_52n.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/README_52n.md b/README_52n.md index d340a6a6e6c..7f100e89118 100644 --- a/README_52n.md +++ b/README_52n.md @@ -5,5 +5,9 @@ This image is built from a fork of [Geonode](https://github.com/geonode/geonode) However, we are interested to stay as close to upstream as possible, to benefit from ongoing development, but also to contribute features and fixes we develop in our projects. -This image is built from the `52n-master` branch of the [`52north/geonode` repository](https://github.com/52North/geonode/tree/52n-master). +Starting from version `4` this image is built from the `52n-master` branch of the [`52north/geonode` repository](https://github.com/52North/geonode/tree/52n-master). Depending on our current project contexts we merge regularly from upstream, and create new pull requests from this fork. + +> :warning: **Note on `3`** +> +> Images containing a `3.x` version tag do have different code base. \ No newline at end of file From 2ea3b29a2c161f4e308eaceb66acbec840149143 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Thu, 17 Aug 2023 11:09:23 +0200 Subject: [PATCH 20/39] Add a note to version 3 tags --- README_52n.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/README_52n.md b/README_52n.md index 7f100e89118..56ecf449f93 100644 --- a/README_52n.md +++ b/README_52n.md @@ -8,6 +8,7 @@ However, we are interested to stay as close to upstream as possible, to benefit Starting from version `4` this image is built from the `52n-master` branch of the [`52north/geonode` repository](https://github.com/52North/geonode/tree/52n-master). Depending on our current project contexts we merge regularly from upstream, and create new pull requests from this fork. -> :warning: **Note on `3`** +> **Note on version `3` tags** > -> Images containing a `3.x` version tag do have different code base. \ No newline at end of file +> Images containing a `3.x` version tag were experimental and do have a different code base. +> These image are considered to be removed in the near future. \ No newline at end of file From 22063711ee075fa95e595cae605e7c2bd3568e93 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Thu, 17 Aug 2023 11:43:28 +0200 Subject: [PATCH 21/39] Update dockerhub readme --- README_52n.md | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/README_52n.md b/README_52n.md index 56ecf449f93..3e92b9009b5 100644 --- a/README_52n.md +++ b/README_52n.md @@ -6,7 +6,18 @@ This image is built from a fork of [Geonode](https://github.com/geonode/geonode) However, we are interested to stay as close to upstream as possible, to benefit from ongoing development, but also to contribute features and fixes we develop in our projects. Starting from version `4` this image is built from the `52n-master` branch of the [`52north/geonode` repository](https://github.com/52North/geonode/tree/52n-master). -Depending on our current project contexts we merge regularly from upstream, and create new pull requests from this fork. +The repository builds and publishes three images: + +* [`52north/geonode`](https://hub.docker.com/r/52north/geonode) (this image) +* [`52north/geonode-nginx`](https://hub.docker.com/r/52north/geonode-nginx) +* [`52north/geonode-geoserver`](https://hub.docker.com/r/52north/geonode-geoserver) + +The Dockerfiles can be found under the [`./scripts/docker` folder](https://github.com/52North/geonode/tree/52n-master/scripts/docker). + +The official Docker configuration of [GeoServer for GeoNode](https://github.com/GeoNode/geoserver-docker) seems to be outdated. +Therefore, our fork adds a `./scripts/docker/geoserver` Docker config which is based on [the geonode-project](https://github.com/geonode/geonode-project) template. + +Depending on our current project contexts we merge regularly from upstream, and create new pull requests based on this fork. > **Note on version `3` tags** > From 605a873d2be36ffa5c873c5e671ed6b13358c266 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Mon, 4 Sep 2023 11:55:49 +0200 Subject: [PATCH 22/39] Do not use commit SHA for labels --- .github/workflows/build-and-push-services.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/build-and-push-services.yml b/.github/workflows/build-and-push-services.yml index 73bdab615b7..472c1dc9931 100644 --- a/.github/workflows/build-and-push-services.yml +++ b/.github/workflows/build-and-push-services.yml @@ -1,7 +1,6 @@ name: Release GeoNode Docker Images env: - SHA: ${{ github.sha }} TITLE: "52°North GeoNode Docker Image" VENDOR: "52°North GmbH" AUTHORS: "https://52North.org/" @@ -45,7 +44,6 @@ jobs: "org.opencontainers.image.licenses=${{ env.LICENSE }}" tags: | latest - ${{ env.SHA }} ${{ env.MAJOR_VERSION }} ${{ env.MINOR_VERSION }} ${{ env.BUGFIX_VERSION }} @@ -98,7 +96,6 @@ jobs: "org.opencontainers.image.licenses=${{ env.LICENSE }}" tags: | latest - ${{ env.SHA }} ${{ env.MAJOR_VERSION }} ${{ env.MINOR_VERSION }} ${{ env.BUGFIX_VERSION }} @@ -149,7 +146,6 @@ jobs: "org.opencontainers.image.licenses=${{ env.LICENSE }}" tags: | latest - ${{ env.SHA }} ${{ env.VERSION }} - name: Login to Docker Hub From 649085bcdaea80be1d4526fb9f63fa3c6a49e6b9 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Wed, 13 Sep 2023 10:12:19 +0200 Subject: [PATCH 23/39] Separates 4.1.x and a release builds --- ...-push-services.yml => 52n-build-4.1.x.yml} | 29 ++------ .github/workflows/52n-release.yaml | 73 +++++++++++++++++++ 2 files changed, 78 insertions(+), 24 deletions(-) rename .github/workflows/{build-and-push-services.yml => 52n-build-4.1.x.yml} (86%) create mode 100644 .github/workflows/52n-release.yaml diff --git a/.github/workflows/build-and-push-services.yml b/.github/workflows/52n-build-4.1.x.yml similarity index 86% rename from .github/workflows/build-and-push-services.yml rename to .github/workflows/52n-build-4.1.x.yml index 472c1dc9931..28303f5be2a 100644 --- a/.github/workflows/build-and-push-services.yml +++ b/.github/workflows/52n-build-4.1.x.yml @@ -1,4 +1,4 @@ -name: Release GeoNode Docker Images +name: Builds GeoNode Docker Images 4.1.x env: TITLE: "52°North GeoNode Docker Image" @@ -6,6 +6,7 @@ env: AUTHORS: "https://52North.org/" DESCRIPTION: "Builds and publishes the Docker images GeoNode, GeoServer, Nginx" LICENSE: "GPL-3.0" + TAG: 4.1.x on: push: @@ -17,16 +18,10 @@ jobs: runs-on: ubuntu-22.04 env: IMAGE: 52north/geonode - MAJOR_VERSION: "4" - MINOR_VERSION: "4.1" - BUGFIX_VERSION: "4.1.2" steps: - name: Checkout uses: actions/checkout@v3 - - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 @@ -44,9 +39,7 @@ jobs: "org.opencontainers.image.licenses=${{ env.LICENSE }}" tags: | latest - ${{ env.MAJOR_VERSION }} - ${{ env.MINOR_VERSION }} - ${{ env.BUGFIX_VERSION }} + ${{ env.TAG }} - name: Login to Docker Hub uses: docker/login-action@v2 @@ -69,16 +62,10 @@ jobs: runs-on: ubuntu-22.04 env: IMAGE: 52north/geonode-nginx - MAJOR_VERSION: "4" - MINOR_VERSION: "4.1" - BUGFIX_VERSION: "4.1.2" steps: - name: Checkout uses: actions/checkout@v3 - - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 @@ -96,9 +83,7 @@ jobs: "org.opencontainers.image.licenses=${{ env.LICENSE }}" tags: | latest - ${{ env.MAJOR_VERSION }} - ${{ env.MINOR_VERSION }} - ${{ env.BUGFIX_VERSION }} + ${{ env.TAG }} - name: Login to Docker Hub uses: docker/login-action@v2 @@ -121,14 +106,10 @@ jobs: runs-on: ubuntu-22.04 env: IMAGE: 52north/geonode-geoserver - VERSION: "2.23.0" steps: - name: Checkout uses: actions/checkout@v3 - - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 @@ -146,7 +127,7 @@ jobs: "org.opencontainers.image.licenses=${{ env.LICENSE }}" tags: | latest - ${{ env.VERSION }} + ${{ env.TAG }} - name: Login to Docker Hub uses: docker/login-action@v2 diff --git a/.github/workflows/52n-release.yaml b/.github/workflows/52n-release.yaml new file mode 100644 index 00000000000..75d17eeb48e --- /dev/null +++ b/.github/workflows/52n-release.yaml @@ -0,0 +1,73 @@ +name: Release GeoNode Docker Images + +env: + TITLE: "52°North GeoNode Docker Image" + VENDOR: "52°North GmbH" + AUTHORS: "https://52North.org/" + DESCRIPTION: "Builds and publishes the Docker images GeoNode, GeoServer, Nginx" + LICENSE: "GPL-3.0" + +on: + push: + tags: + - "v*-52n" + +jobs: + build_and_push_geonode: + runs-on: ubuntu-22.04 + env: + IMAGE: 52north/geonode + steps: + - + name: Checkout + uses: actions/checkout@v3 + - + name: Parse semver string + id: semver_parser + uses: booxmedialtd/ws-action-parse-semver@v1 + with: + input_string: "${{github.ref_name}}" + - + name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - + name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v4 + env: + MAJOR_VERSION: ${{ steps.semver_parser.outputs.major }} + MAJOR_MINOR_VERSION: ${{ steps.semver_parser.outputs.major }}-${{ steps.semver_parser.outputs.minor }} + MAJOR_MINOR_PATCH_VERSION: ${{ steps.semver_parser.outputs.major }}-${{ steps.semver_parser.outputs.minor }}-${{ steps.semver_parser.outputs.patch }} + with: + images: ${{ env.IMAGE }} + labels: | + "org.opencontainers.image.authors=${{ env.AUTHORS }}" + "org.opencontainers.image.vendor=${{ env.VENDOR }}" + "org.opencontainers.image.description=${{ env.DESCRIPTION }}" + "org.opencontainers.image.title=${{ env.TITLE }}" + "org.opencontainers.image.licenses=${{ env.LICENSE }}" + tags: | + ${{ env.MAJOR_VERSION }} + ${{ env.MAJOR_MINOR_VERSION }} + ${{ env.MAJOR_MINOR_PATCH_VERSION }} + - + name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - + name: Fail in case fully tagged version already exists + run: docker manifest inspect ${{ env.IMAGE }}:${{ steps.meta.env.MAJOR_MINOR_PATCH_VERSION }} > /dev/null ; test $? != 0 + - + name: Build and push + uses: docker/build-push-action@v4 + with: + context: . + file: ./Dockerfile + push: false + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache + cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max + From 44095c3314bc878c814c173b8df7abe67e9ea028 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Wed, 13 Sep 2023 10:19:51 +0200 Subject: [PATCH 24/39] Cancel running builds --- .github/workflows/52n-build-4.1.x.yml | 4 ++++ .github/workflows/52n-release.yaml | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/.github/workflows/52n-build-4.1.x.yml b/.github/workflows/52n-build-4.1.x.yml index 28303f5be2a..c6bcccc0906 100644 --- a/.github/workflows/52n-build-4.1.x.yml +++ b/.github/workflows/52n-build-4.1.x.yml @@ -1,5 +1,9 @@ name: Builds GeoNode Docker Images 4.1.x +concurrency: + group: "geonode_build_4.1.x" + cancel-in-progress: true + env: TITLE: "52°North GeoNode Docker Image" VENDOR: "52°North GmbH" diff --git a/.github/workflows/52n-release.yaml b/.github/workflows/52n-release.yaml index 75d17eeb48e..04c742cae94 100644 --- a/.github/workflows/52n-release.yaml +++ b/.github/workflows/52n-release.yaml @@ -1,5 +1,9 @@ name: Release GeoNode Docker Images +concurrency: + group: "geonode_build_release" + cancel-in-progress: true + env: TITLE: "52°North GeoNode Docker Image" VENDOR: "52°North GmbH" From afba6aaaf96488c913527a0d1125734b99390dcf Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Wed, 13 Sep 2023 10:55:06 +0200 Subject: [PATCH 25/39] Trigger release build on tag having -52n suffix --- .github/workflows/52n-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/52n-release.yaml b/.github/workflows/52n-release.yaml index 04c742cae94..c32061ef692 100644 --- a/.github/workflows/52n-release.yaml +++ b/.github/workflows/52n-release.yaml @@ -14,7 +14,7 @@ env: on: push: tags: - - "v*-52n" + - "*-52n" jobs: build_and_push_geonode: From a169074fa2548144db7921af23f7929a03016774 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Wed, 13 Sep 2023 10:58:04 +0200 Subject: [PATCH 26/39] Fix dockerhub secret refs --- .github/workflows/52n-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/52n-release.yaml b/.github/workflows/52n-release.yaml index c32061ef692..f3fec8adebc 100644 --- a/.github/workflows/52n-release.yaml +++ b/.github/workflows/52n-release.yaml @@ -59,7 +59,7 @@ jobs: uses: docker/login-action@v2 with: username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} + password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} - name: Fail in case fully tagged version already exists run: docker manifest inspect ${{ env.IMAGE }}:${{ steps.meta.env.MAJOR_MINOR_PATCH_VERSION }} > /dev/null ; test $? != 0 From 4a50a9c065d2b8406decef7cfb8bdc071530fa5d Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Wed, 13 Sep 2023 11:00:04 +0200 Subject: [PATCH 27/39] Failing action tested successfully --- .github/workflows/52n-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/52n-release.yaml b/.github/workflows/52n-release.yaml index f3fec8adebc..d3329ba23e0 100644 --- a/.github/workflows/52n-release.yaml +++ b/.github/workflows/52n-release.yaml @@ -69,7 +69,7 @@ jobs: with: context: . file: ./Dockerfile - push: false + push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache From 952f0bb1e67097c47c7e1ceeafb25deb1ba27330 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Wed, 13 Sep 2023 11:06:53 +0200 Subject: [PATCH 28/39] Adds release build jobs for nginx and geoserver --- .github/workflows/52n-build-4.1.x.yml | 4 +- .github/workflows/52n-release.yaml | 114 ++++++++++++++++++++++++++ 2 files changed, 117 insertions(+), 1 deletion(-) diff --git a/.github/workflows/52n-build-4.1.x.yml b/.github/workflows/52n-build-4.1.x.yml index c6bcccc0906..193eacfa7c8 100644 --- a/.github/workflows/52n-build-4.1.x.yml +++ b/.github/workflows/52n-build-4.1.x.yml @@ -3,7 +3,7 @@ name: Builds GeoNode Docker Images 4.1.x concurrency: group: "geonode_build_4.1.x" cancel-in-progress: true - + env: TITLE: "52°North GeoNode Docker Image" VENDOR: "52°North GmbH" @@ -16,6 +16,8 @@ on: push: branches: - "52n-master" + paths: + - "!.github/workflow/*-release.yaml" jobs: build_and_push_geonode: diff --git a/.github/workflows/52n-release.yaml b/.github/workflows/52n-release.yaml index d3329ba23e0..ecb8267b7aa 100644 --- a/.github/workflows/52n-release.yaml +++ b/.github/workflows/52n-release.yaml @@ -75,3 +75,117 @@ jobs: cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max + + build_and_push_nginx: + runs-on: ubuntu-22.04 + env: + IMAGE: 52north/geonode-nginx + steps: + - + name: Checkout + uses: actions/checkout@v3 + - + name: Parse semver string + id: semver_parser + uses: booxmedialtd/ws-action-parse-semver@v1 + with: + input_string: "${{github.ref_name}}" + - + name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - + name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v4 + env: + MAJOR_VERSION: ${{ steps.semver_parser.outputs.major }} + MAJOR_MINOR_VERSION: ${{ steps.semver_parser.outputs.major }}-${{ steps.semver_parser.outputs.minor }} + MAJOR_MINOR_PATCH_VERSION: ${{ steps.semver_parser.outputs.major }}-${{ steps.semver_parser.outputs.minor }}-${{ steps.semver_parser.outputs.patch }} + with: + images: ${{ env.IMAGE }} + labels: | + "org.opencontainers.image.authors=${{ env.AUTHORS }}" + "org.opencontainers.image.vendor=${{ env.VENDOR }}" + "org.opencontainers.image.description=${{ env.DESCRIPTION }}" + "org.opencontainers.image.title=${{ env.TITLE }}" + "org.opencontainers.image.licenses=${{ env.LICENSE }}" + tags: | + latest + ${{ env.TAG }} + - + name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} + - + name: Fail in case fully tagged version already exists + run: docker manifest inspect ${{ env.IMAGE }}:${{ steps.meta.env.MAJOR_MINOR_PATCH_VERSION }} > /dev/null ; test $? != 0 + - + name: Build and push + uses: docker/build-push-action@v4 + with: + context: ./scripts/docker/nginx/ + file: ./scripts/docker/nginx/Dockerfile + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache + cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max + + build_and_push_geoserver: + runs-on: ubuntu-22.04 + env: + IMAGE: 52north/geonode-geoserver + steps: + - + name: Checkout + uses: actions/checkout@v3 + - + name: Parse semver string + id: semver_parser + uses: booxmedialtd/ws-action-parse-semver@v1 + with: + input_string: "${{github.ref_name}}" + - + name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - + name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v4 + env: + MAJOR_VERSION: ${{ steps.semver_parser.outputs.major }} + MAJOR_MINOR_VERSION: ${{ steps.semver_parser.outputs.major }}-${{ steps.semver_parser.outputs.minor }} + MAJOR_MINOR_PATCH_VERSION: ${{ steps.semver_parser.outputs.major }}-${{ steps.semver_parser.outputs.minor }}-${{ steps.semver_parser.outputs.patch }} + with: + images: "${{ env.IMAGE }}" + labels: | + "org.opencontainers.image.authors=${{ env.AUTHORS }}" + "org.opencontainers.image.vendor=${{ env.VENDOR }}" + "org.opencontainers.image.description=${{ env.DESCRIPTION }}" + "org.opencontainers.image.title=${{ env.TITLE }}" + "org.opencontainers.image.licenses=${{ env.LICENSE }}" + tags: | + latest + ${{ env.TAG }} + - + name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} + - + name: Fail in case fully tagged version already exists + run: docker manifest inspect ${{ env.IMAGE }}:${{ steps.meta.env.MAJOR_MINOR_PATCH_VERSION }} > /dev/null ; test $? != 0 + - + name: Build and push + uses: docker/build-push-action@v4 + with: + context: ./scripts/docker/geoserver/ + file: ./scripts/docker/geoserver/Dockerfile + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache + cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max \ No newline at end of file From 912f845b8bf5fcafefd281afc92211e2949890c9 Mon Sep 17 00:00:00 2001 From: Giovanni Allegri Date: Wed, 7 Jun 2023 15:35:01 +0200 Subject: [PATCH 29/39] updated changelog --- CHANGELOG.md | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index ee54d4a6d2e..799dbb6035c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,50 @@ # Change Log +## [4.1.0](https://github.com/GeoNode/geonode/tree/4.1.0) (2023-06-05) +### New upload engine +GeoNode integrates a brand new importer module based on [GDAL/OGR](https://gdal.org/), which offers increased robustness and reliability to the upload UI and API services. GeoPackage (vector), GeoJSON, KML/KMZ formats and a new CSV handler have been implemented. + +### Thesaurus faceting and date filtering +If thesaurus and thesaurus keywords are configured and assigned to resources, they will be available inside the filters panel, along with the number of associated resources. +Date filtering (from/top) has also been added. + +### Time series configurable after the upload +The configuration of (potential) time series at upload time was confusing for users, and not very robust. +With the new importer, the optional configuration of vector time series can be done afterward, through the Settings tab inside the Metadata editing page +Only vector fomats that provide date(time) fields natively are supported. Conversion from string fields is not implemented. + +### Related resources +This restore a functionality available in previous versions of GeoNode. +A tab inside the info panel has been added where relationships between datasets, maps and documents are reported. + +### Vector dataset attributes +A tab inside the info panel has been added showing the attributes of vector datasets + +### Remote documents +The API has been extended to permit the creation of document resources referencing remote URLs + +### ISO-19115 XML upload via API +The API now supports the upload of a metadata XML file along with the resource data + +### Software upgrades + + - [Geoserver 2.23.0](https://geoserver.org/announcements/2023/04/05/geoserver-2-23-0-released.html) is now the reference version. This version includes Geofence WPS rules which are employed by GeoNode to strengthen the security of the OGC/WPS processes. +- [MapStore 2022.02.xx](https://github.com/geosolutions-it/MapStore2/tree/2022.02.xx) +- [Django 3.2.19](https://docs.djangoproject.com/en/4.2/releases/3.2.19/) +- PostgreSQL 13 and PostGIS 3.3.3 + + +## Security and Bug Fixes +- [CVE-2023-26043](https://github.com/GeoNode/geonode/security/advisories/GHSA-mcmc-c59m-pqq8) +Fixed a vulnerability to XML External Entity (XXE) injection +- [CVE-2023-28442](https://github.com/GeoNode/geonode/security/advisories/GHSA-87mh-vw7c-5v6w) +Fixed information leak + +You can see the **full list of closed issues [here](https://github.com/GeoNode/geonode/compare/4.1.0...4.0.3)**. + +## System requirements +Python >3.9 is required to run GeoNode 4.1.0, since many of its dependencies have dropped support for older versions. + ## [4.0.2](https://github.com/GeoNode/geonode/tree/4.0.2) (2022-12-20) ### Breaking Changes From ebddab741ed94bad63e1292c59d9af032be381b3 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Wed, 13 Sep 2023 11:12:34 +0200 Subject: [PATCH 30/39] Add missing image tags in meta step --- .github/workflows/52n-release.yaml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/.github/workflows/52n-release.yaml b/.github/workflows/52n-release.yaml index ecb8267b7aa..4def073f7e6 100644 --- a/.github/workflows/52n-release.yaml +++ b/.github/workflows/52n-release.yaml @@ -51,6 +51,7 @@ jobs: "org.opencontainers.image.title=${{ env.TITLE }}" "org.opencontainers.image.licenses=${{ env.LICENSE }}" tags: | + latest ${{ env.MAJOR_VERSION }} ${{ env.MAJOR_MINOR_VERSION }} ${{ env.MAJOR_MINOR_PATCH_VERSION }} @@ -111,7 +112,9 @@ jobs: "org.opencontainers.image.licenses=${{ env.LICENSE }}" tags: | latest - ${{ env.TAG }} + ${{ env.MAJOR_VERSION }} + ${{ env.MAJOR_MINOR_VERSION }} + ${{ env.MAJOR_MINOR_PATCH_VERSION }} - name: Login to Docker Hub uses: docker/login-action@v2 @@ -168,7 +171,9 @@ jobs: "org.opencontainers.image.licenses=${{ env.LICENSE }}" tags: | latest - ${{ env.TAG }} + ${{ env.MAJOR_VERSION }} + ${{ env.MAJOR_MINOR_VERSION }} + ${{ env.MAJOR_MINOR_PATCH_VERSION }} - name: Login to Docker Hub uses: docker/login-action@v2 From e022610858391c62aa3ca63e830b8fee24ecca9c Mon Sep 17 00:00:00 2001 From: Giovanni Allegri Date: Tue, 8 Aug 2023 16:02:52 +0200 Subject: [PATCH 31/39] changelog and fixes for packaging (#11355) --- CHANGELOG.md | 9 +++++++++ setup.py | 5 +++++ 2 files changed, 14 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 799dbb6035c..b440a931782 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,14 @@ # Change Log +## [4.1.1](https://github.com/GeoNode/geonode/tree/4.1.0) (2023-06-05) +## Security and Bug Fixes +- Upgrade to Ubuntu 22.10 +- Upgrade to Django 3.2.20 +- Fixed direct download URL not working in some cases when local files are not available +- Fixed assignment of regions crossing the dateline +- Fixed harvesting of ArcGIS REST ImageServer services +- Fixed some italian translations +- Disabling of the (deprecated) Monitoring module ## [4.1.0](https://github.com/GeoNode/geonode/tree/4.1.0) (2023-06-05) ### New upload engine GeoNode integrates a brand new importer module based on [GDAL/OGR](https://gdal.org/), which offers increased robustness and reliability to the upload UI and API services. GeoPackage (vector), GeoJSON, KML/KMZ formats and a new CSV handler have been implemented. diff --git a/setup.py b/setup.py index 498d391199e..86f10350f9e 100644 --- a/setup.py +++ b/setup.py @@ -28,6 +28,7 @@ setup( version=__import__("geonode").get_version(), long_description=open("README.md").read(), + long_description_content_type='text/markdown', package_data={ "": ["*.*"], # noqa "": ["static/*.*"], # noqa @@ -35,4 +36,8 @@ "": ["templates/*.*"], # noqa "templates": ["*.*"], }, + exclude_package_data={ + "": ["uploaded/*.*"], # noqa + "uploaded": ["*.*"], + } ) From ba23dcd60f6ee61322e6be75f67438641fef9485 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Thu, 12 Oct 2023 16:47:55 +0200 Subject: [PATCH 32/39] Build latest from master --- .github/workflows/52n-build-4.1.x.yml | 60 ++++++++++----------------- 1 file changed, 21 insertions(+), 39 deletions(-) diff --git a/.github/workflows/52n-build-4.1.x.yml b/.github/workflows/52n-build-4.1.x.yml index 193eacfa7c8..75ad35baa8b 100644 --- a/.github/workflows/52n-build-4.1.x.yml +++ b/.github/workflows/52n-build-4.1.x.yml @@ -1,7 +1,7 @@ -name: Builds GeoNode Docker Images 4.1.x +name: Builds GeoNode Docker Images master/latest -concurrency: - group: "geonode_build_4.1.x" +concurrency: + group: "geonode_build_master" cancel-in-progress: true env: @@ -10,13 +10,13 @@ env: AUTHORS: "https://52North.org/" DESCRIPTION: "Builds and publishes the Docker images GeoNode, GeoServer, Nginx" LICENSE: "GPL-3.0" - TAG: 4.1.x + TAG: latest on: push: branches: - "52n-master" - paths: + paths: - "!.github/workflow/*-release.yaml" jobs: @@ -25,14 +25,11 @@ jobs: env: IMAGE: 52north/geonode steps: - - - name: Checkout + - name: Checkout uses: actions/checkout@v3 - - - name: Set up Docker Buildx + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - - - name: Extract metadata (tags, labels) for Docker + - name: Extract metadata (tags, labels) for Docker id: meta uses: docker/metadata-action@v4 with: @@ -44,16 +41,13 @@ jobs: "org.opencontainers.image.title=${{ env.TITLE }}" "org.opencontainers.image.licenses=${{ env.LICENSE }}" tags: | - latest ${{ env.TAG }} - - - name: Login to Docker Hub + - name: Login to Docker Hub uses: docker/login-action@v2 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} - - - name: Build and push + - name: Build and push uses: docker/build-push-action@v4 with: context: . @@ -69,14 +63,11 @@ jobs: env: IMAGE: 52north/geonode-nginx steps: - - - name: Checkout + - name: Checkout uses: actions/checkout@v3 - - - name: Set up Docker Buildx + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - - - name: Extract metadata (tags, labels) for Docker + - name: Extract metadata (tags, labels) for Docker id: meta uses: docker/metadata-action@v4 with: @@ -88,16 +79,13 @@ jobs: "org.opencontainers.image.title=${{ env.TITLE }}" "org.opencontainers.image.licenses=${{ env.LICENSE }}" tags: | - latest ${{ env.TAG }} - - - name: Login to Docker Hub + - name: Login to Docker Hub uses: docker/login-action@v2 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} - - - name: Build and push + - name: Build and push uses: docker/build-push-action@v4 with: context: ./scripts/docker/nginx/ @@ -113,14 +101,11 @@ jobs: env: IMAGE: 52north/geonode-geoserver steps: - - - name: Checkout + - name: Checkout uses: actions/checkout@v3 - - - name: Set up Docker Buildx + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - - - name: Extract metadata (tags, labels) for Docker + - name: Extract metadata (tags, labels) for Docker id: meta uses: docker/metadata-action@v4 with: @@ -132,16 +117,13 @@ jobs: "org.opencontainers.image.title=${{ env.TITLE }}" "org.opencontainers.image.licenses=${{ env.LICENSE }}" tags: | - latest ${{ env.TAG }} - - - name: Login to Docker Hub + - name: Login to Docker Hub uses: docker/login-action@v2 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} - - - name: Build and push + - name: Build and push uses: docker/build-push-action@v4 with: context: ./scripts/docker/geoserver/ @@ -150,4 +132,4 @@ jobs: tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache - cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max \ No newline at end of file + cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max From 8d471c8b994996dba4d2c09b195cee724c7fea5f Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Thu, 12 Oct 2023 16:59:05 +0200 Subject: [PATCH 33/39] Remove path exclusions --- .github/workflows/52n-build-4.1.x.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/52n-build-4.1.x.yml b/.github/workflows/52n-build-4.1.x.yml index 75ad35baa8b..ade8a296b79 100644 --- a/.github/workflows/52n-build-4.1.x.yml +++ b/.github/workflows/52n-build-4.1.x.yml @@ -16,8 +16,6 @@ on: push: branches: - "52n-master" - paths: - - "!.github/workflow/*-release.yaml" jobs: build_and_push_geonode: From e8f27b599cc513f44f6f588c0b59d31ac28fadd5 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Fri, 13 Oct 2023 12:13:51 +0200 Subject: [PATCH 34/39] Rename workflow build --- .github/workflows/52n-build-4.1.x.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/52n-build-4.1.x.yml b/.github/workflows/52n-build-4.1.x.yml index ade8a296b79..59a3ce8954b 100644 --- a/.github/workflows/52n-build-4.1.x.yml +++ b/.github/workflows/52n-build-4.1.x.yml @@ -1,4 +1,4 @@ -name: Builds GeoNode Docker Images master/latest +name: "[52n_master -> lastest] Builds GeoNode Docker Images" concurrency: group: "geonode_build_master" From c315d4504a7621e603c52f7639df391ccc244d32 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Fri, 13 Oct 2023 12:22:07 +0200 Subject: [PATCH 35/39] Rename workflow file --- .github/workflows/{52n-build-4.1.x.yml => 52n-build-master.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/workflows/{52n-build-4.1.x.yml => 52n-build-master.yml} (100%) diff --git a/.github/workflows/52n-build-4.1.x.yml b/.github/workflows/52n-build-master.yml similarity index 100% rename from .github/workflows/52n-build-4.1.x.yml rename to .github/workflows/52n-build-master.yml From cf80dce37950e30158fb3cea3be51e4dd4ca70b6 Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Fri, 13 Oct 2023 12:22:23 +0200 Subject: [PATCH 36/39] Release are built from dedicated branches --- .github/workflows/52n-release.yaml | 196 ----------------------------- 1 file changed, 196 deletions(-) delete mode 100644 .github/workflows/52n-release.yaml diff --git a/.github/workflows/52n-release.yaml b/.github/workflows/52n-release.yaml deleted file mode 100644 index 4def073f7e6..00000000000 --- a/.github/workflows/52n-release.yaml +++ /dev/null @@ -1,196 +0,0 @@ -name: Release GeoNode Docker Images - -concurrency: - group: "geonode_build_release" - cancel-in-progress: true - -env: - TITLE: "52°North GeoNode Docker Image" - VENDOR: "52°North GmbH" - AUTHORS: "https://52North.org/" - DESCRIPTION: "Builds and publishes the Docker images GeoNode, GeoServer, Nginx" - LICENSE: "GPL-3.0" - -on: - push: - tags: - - "*-52n" - -jobs: - build_and_push_geonode: - runs-on: ubuntu-22.04 - env: - IMAGE: 52north/geonode - steps: - - - name: Checkout - uses: actions/checkout@v3 - - - name: Parse semver string - id: semver_parser - uses: booxmedialtd/ws-action-parse-semver@v1 - with: - input_string: "${{github.ref_name}}" - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v4 - env: - MAJOR_VERSION: ${{ steps.semver_parser.outputs.major }} - MAJOR_MINOR_VERSION: ${{ steps.semver_parser.outputs.major }}-${{ steps.semver_parser.outputs.minor }} - MAJOR_MINOR_PATCH_VERSION: ${{ steps.semver_parser.outputs.major }}-${{ steps.semver_parser.outputs.minor }}-${{ steps.semver_parser.outputs.patch }} - with: - images: ${{ env.IMAGE }} - labels: | - "org.opencontainers.image.authors=${{ env.AUTHORS }}" - "org.opencontainers.image.vendor=${{ env.VENDOR }}" - "org.opencontainers.image.description=${{ env.DESCRIPTION }}" - "org.opencontainers.image.title=${{ env.TITLE }}" - "org.opencontainers.image.licenses=${{ env.LICENSE }}" - tags: | - latest - ${{ env.MAJOR_VERSION }} - ${{ env.MAJOR_MINOR_VERSION }} - ${{ env.MAJOR_MINOR_PATCH_VERSION }} - - - name: Login to Docker Hub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} - - - name: Fail in case fully tagged version already exists - run: docker manifest inspect ${{ env.IMAGE }}:${{ steps.meta.env.MAJOR_MINOR_PATCH_VERSION }} > /dev/null ; test $? != 0 - - - name: Build and push - uses: docker/build-push-action@v4 - with: - context: . - file: ./Dockerfile - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache - cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max - - - build_and_push_nginx: - runs-on: ubuntu-22.04 - env: - IMAGE: 52north/geonode-nginx - steps: - - - name: Checkout - uses: actions/checkout@v3 - - - name: Parse semver string - id: semver_parser - uses: booxmedialtd/ws-action-parse-semver@v1 - with: - input_string: "${{github.ref_name}}" - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v4 - env: - MAJOR_VERSION: ${{ steps.semver_parser.outputs.major }} - MAJOR_MINOR_VERSION: ${{ steps.semver_parser.outputs.major }}-${{ steps.semver_parser.outputs.minor }} - MAJOR_MINOR_PATCH_VERSION: ${{ steps.semver_parser.outputs.major }}-${{ steps.semver_parser.outputs.minor }}-${{ steps.semver_parser.outputs.patch }} - with: - images: ${{ env.IMAGE }} - labels: | - "org.opencontainers.image.authors=${{ env.AUTHORS }}" - "org.opencontainers.image.vendor=${{ env.VENDOR }}" - "org.opencontainers.image.description=${{ env.DESCRIPTION }}" - "org.opencontainers.image.title=${{ env.TITLE }}" - "org.opencontainers.image.licenses=${{ env.LICENSE }}" - tags: | - latest - ${{ env.MAJOR_VERSION }} - ${{ env.MAJOR_MINOR_VERSION }} - ${{ env.MAJOR_MINOR_PATCH_VERSION }} - - - name: Login to Docker Hub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} - - - name: Fail in case fully tagged version already exists - run: docker manifest inspect ${{ env.IMAGE }}:${{ steps.meta.env.MAJOR_MINOR_PATCH_VERSION }} > /dev/null ; test $? != 0 - - - name: Build and push - uses: docker/build-push-action@v4 - with: - context: ./scripts/docker/nginx/ - file: ./scripts/docker/nginx/Dockerfile - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache - cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max - - build_and_push_geoserver: - runs-on: ubuntu-22.04 - env: - IMAGE: 52north/geonode-geoserver - steps: - - - name: Checkout - uses: actions/checkout@v3 - - - name: Parse semver string - id: semver_parser - uses: booxmedialtd/ws-action-parse-semver@v1 - with: - input_string: "${{github.ref_name}}" - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v4 - env: - MAJOR_VERSION: ${{ steps.semver_parser.outputs.major }} - MAJOR_MINOR_VERSION: ${{ steps.semver_parser.outputs.major }}-${{ steps.semver_parser.outputs.minor }} - MAJOR_MINOR_PATCH_VERSION: ${{ steps.semver_parser.outputs.major }}-${{ steps.semver_parser.outputs.minor }}-${{ steps.semver_parser.outputs.patch }} - with: - images: "${{ env.IMAGE }}" - labels: | - "org.opencontainers.image.authors=${{ env.AUTHORS }}" - "org.opencontainers.image.vendor=${{ env.VENDOR }}" - "org.opencontainers.image.description=${{ env.DESCRIPTION }}" - "org.opencontainers.image.title=${{ env.TITLE }}" - "org.opencontainers.image.licenses=${{ env.LICENSE }}" - tags: | - latest - ${{ env.MAJOR_VERSION }} - ${{ env.MAJOR_MINOR_VERSION }} - ${{ env.MAJOR_MINOR_PATCH_VERSION }} - - - name: Login to Docker Hub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} - - - name: Fail in case fully tagged version already exists - run: docker manifest inspect ${{ env.IMAGE }}:${{ steps.meta.env.MAJOR_MINOR_PATCH_VERSION }} > /dev/null ; test $? != 0 - - - name: Build and push - uses: docker/build-push-action@v4 - with: - context: ./scripts/docker/geoserver/ - file: ./scripts/docker/geoserver/Dockerfile - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache - cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max \ No newline at end of file From 3e7fdd4035b4adf4759aaa9b54b9f0a51411d76a Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Mon, 30 Oct 2023 14:28:10 +0100 Subject: [PATCH 37/39] Deduplicates code by using composite action --- .github/actions/build_and_push/action.yml | 85 +++++++++++++ .github/workflows/52n-build-master.yml | 140 ++++++---------------- 2 files changed, 124 insertions(+), 101 deletions(-) create mode 100644 .github/actions/build_and_push/action.yml diff --git a/.github/actions/build_and_push/action.yml b/.github/actions/build_and_push/action.yml new file mode 100644 index 00000000000..355ba5741a6 --- /dev/null +++ b/.github/actions/build_and_push/action.yml @@ -0,0 +1,85 @@ +name: Builds and pushes Docker image +description: Action to build and push images to docker + + +inputs: + dockerfile: + description: Path to the Dockerfile + default: ./Dockerfile + required: false + dockercontext: + description: Path to the Docker context + default: ./ + required: false + # image coordinates + image: + description: Name of the image to build + required: true + tags: + description: Image Tag(s) + required: false + default: latest + # OCI metadata annotations + oci_title: + description: Image Title (OCI annotation) + required: true + oci_description: + description: Image Description (OCI annotation) + required: true + # registry credentials + registry_username: + description: The username for Docker hub sign-in + required: true + registry_password: + description: The password for Docker hub sign-in + required: true + + +runs: + using: "composite" + steps: + - + name: Checkout + uses: actions/checkout@v3 + - + uses: dorny/paths-filter@v2 + id: changes + with: + filters: | + src: + - '${{ inputs.dockercontext }}/**' + # - + # name: Set up Docker Buildx + # uses: docker/setup-buildx-action@v2 + # - + # name: Extract metadata (tags, labels) for Docker + # id: meta + # uses: docker/metadata-action@v4 + # with: + # images: ${{ inputs.image }} + # labels: | + # "org.opencontainers.image.vendor=52°North GmbH" + # "org.opencontainers.image.authors=https://52North.org/" + # "org.opencontainers.image.source=https://github.com/52North/geonode" + # "org.opencontainers.image.description=${{ inputs.oci_description }}" + # "org.opencontainers.image.title=${{ inputs.oci_title }}" + # "org.opencontainers.image.licenses=GPL-3.0" + # tags: | + # ${{ inputs.tags }} + # - + # name: Login to Docker registry + # uses: docker/login-action@v2 + # with: + # username: ${{ inputs.registry_username }} + # password: ${{ inputs.registry_password }} + # - + # name: Build and push + # uses: docker/build-push-action@v4 + # with: + # context: . + # file: ${{ inputs.dockerfile }} + # push: true + # tags: ${{ steps.meta.outputs.tags }} + # labels: ${{ steps.meta.outputs.labels }} + # cache-from: type=registry,ref=${{ inputs.image }}:buildcache + # cache-to: type=registry,ref=${{ inputs.image }}:buildcache,mode=max diff --git a/.github/workflows/52n-build-master.yml b/.github/workflows/52n-build-master.yml index 59a3ce8954b..9c19abc1d4c 100644 --- a/.github/workflows/52n-build-master.yml +++ b/.github/workflows/52n-build-master.yml @@ -1,15 +1,10 @@ -name: "[52n_master -> lastest] Builds GeoNode Docker Images" +name: "[52n-master -> latest] Builds GeoNode Docker Images" concurrency: group: "geonode_build_master" cancel-in-progress: true env: - TITLE: "52°North GeoNode Docker Image" - VENDOR: "52°North GmbH" - AUTHORS: "https://52North.org/" - DESCRIPTION: "Builds and publishes the Docker images GeoNode, GeoServer, Nginx" - LICENSE: "GPL-3.0" TAG: latest on: @@ -20,114 +15,57 @@ on: jobs: build_and_push_geonode: runs-on: ubuntu-22.04 - env: - IMAGE: 52north/geonode steps: - - name: Checkout + - + name: Checkout uses: actions/checkout@v3 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v4 - with: - images: ${{ env.IMAGE }} - labels: | - "org.opencontainers.image.authors=${{ env.AUTHORS }}" - "org.opencontainers.image.vendor=${{ env.VENDOR }}" - "org.opencontainers.image.description=${{ env.DESCRIPTION }}" - "org.opencontainers.image.title=${{ env.TITLE }}" - "org.opencontainers.image.licenses=${{ env.LICENSE }}" - tags: | - ${{ env.TAG }} - - name: Login to Docker Hub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} - - name: Build and push - uses: docker/build-push-action@v4 + - + name: build and push geonode + uses: ./.github/actions/build_and_push with: - context: . - file: ./Dockerfile - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache - cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max - + image: 52north/geonode + tags: ${{ env.TAG }} + oci_title: "52°North GeoNode image" + oci_description: "GeoNode built from 52n fork" + registry_username: ${{ secrets.DOCKERHUB_USERNAME }} + registry_password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} + build_and_push_nginx: runs-on: ubuntu-22.04 - env: - IMAGE: 52north/geonode-nginx steps: - - name: Checkout + - + name: Checkout uses: actions/checkout@v3 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v4 + - + name: build and push nginx + uses: ./.github/actions/build_and_push with: - images: ${{ env.IMAGE }} - labels: | - "org.opencontainers.image.authors=${{ env.AUTHORS }}" - "org.opencontainers.image.vendor=${{ env.VENDOR }}" - "org.opencontainers.image.description=${{ env.DESCRIPTION }}" - "org.opencontainers.image.title=${{ env.TITLE }}" - "org.opencontainers.image.licenses=${{ env.LICENSE }}" - tags: | - ${{ env.TAG }} - - name: Login to Docker Hub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} - - name: Build and push - uses: docker/build-push-action@v4 - with: - context: ./scripts/docker/nginx/ - file: ./scripts/docker/nginx/Dockerfile - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache - cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max + dockerfile: ./scripts/docker/nginx/Dockerfile + dockercontext: ./scripts/docker/nginx/ + image: 52north/geonode-nginx + tags: ${{ env.TAG }} + oci_title: "52°North Nginx image for GeoNode" + oci_description: "Nginx built for GeoNode from a 52n fork" + registry_username: ${{ secrets.DOCKERHUB_USERNAME }} + registry_password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} build_and_push_geoserver: runs-on: ubuntu-22.04 env: IMAGE: 52north/geonode-geoserver steps: - - name: Checkout + - + name: Checkout uses: actions/checkout@v3 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v4 - with: - images: "${{ env.IMAGE }}" - labels: | - "org.opencontainers.image.authors=${{ env.AUTHORS }}" - "org.opencontainers.image.vendor=${{ env.VENDOR }}" - "org.opencontainers.image.description=${{ env.DESCRIPTION }}" - "org.opencontainers.image.title=${{ env.TITLE }}" - "org.opencontainers.image.licenses=${{ env.LICENSE }}" - tags: | - ${{ env.TAG }} - - name: Login to Docker Hub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} - - name: Build and push - uses: docker/build-push-action@v4 + - + name: build and push geoserver + uses: ./.github/actions/build_and_push with: - context: ./scripts/docker/geoserver/ - file: ./scripts/docker/geoserver/Dockerfile - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache - cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max + dockerfile: ./scripts/docker/geoserver/Dockerfile + dockercontext: ./scripts/docker/geoserver/ + image: 52north/geonode-geoserver + tags: ${{ env.TAG }} + oci_title: "52°North GeoServer image for GeoNode" + oci_description: "GeoServer built for GeoNode from a 52n fork" + registry_username: ${{ secrets.DOCKERHUB_USERNAME }} + registry_password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} From 49b9698145a1185c5c72b4b04c5601cd0a46cdfb Mon Sep 17 00:00:00 2001 From: Henning Bredel Date: Wed, 9 Aug 2023 16:15:37 +0200 Subject: [PATCH 38/39] Init workflow for 52n build pipeline Add docker container registry workflow Update meta tags in workflow Add version tag 4.1 Add further images to build Fix geoserver's context path Add tags for mayor, minor, and bugfix version BUmp to 4.1.x (#11371) Update geonode version to 4.1.2 Clean up versions metadata Push core images to dedicated repos Push geonode image to 52north/geonode Upload a dockerhub description Update dockerhub description workflow config Update 52n readme Fix image repository config Fix workflow name Link to 52n fork on github Add a note to version 3 tags Add a note to version 3 tags Update dockerhub readme Do not use commit SHA for labels Separates 4.1.x and a release builds Cancel running builds Trigger release build on tag having -52n suffix Fix dockerhub secret refs Failing action tested successfully Adds release build jobs for nginx and geoserver Add missing image tags in meta step Build latest from master Remove path exclusions Rename workflow build Rename workflow file Release are built from dedicated branches --- .github/workflows/52n-build-master.yml | 133 +++++++++++++++ .github/workflows/dockerhub-description.yml | 23 +++ .gitignore | 2 +- CHANGELOG.md | 6 +- README_52n.md | 25 +++ scripts/docker/geoserver/Dockerfile | 113 +++++++++++++ scripts/docker/geoserver/README.md | 132 +++++++++++++++ scripts/docker/geoserver/docker-compose.yml | 61 +++++++ scripts/docker/geoserver/entrypoint.sh | 152 ++++++++++++++++++ scripts/docker/geoserver/get_dockerhost_ip.py | 24 +++ scripts/docker/geoserver/get_nginxhost_ip.py | 45 ++++++ scripts/docker/geoserver/multidump-alt.sh | 16 ++ scripts/docker/geoserver/multidump.sh | 18 +++ scripts/docker/geoserver/requirements.txt | 1 + .../docker/geoserver/set_geoserver_auth.sh | 91 +++++++++++ scripts/docker/geoserver/setup_auth.sh | 3 + .../geofence-datasource-ovr.properties.j2 | 12 ++ 17 files changed, 855 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/52n-build-master.yml create mode 100644 .github/workflows/dockerhub-description.yml create mode 100644 README_52n.md create mode 100644 scripts/docker/geoserver/Dockerfile create mode 100644 scripts/docker/geoserver/README.md create mode 100644 scripts/docker/geoserver/docker-compose.yml create mode 100644 scripts/docker/geoserver/entrypoint.sh create mode 100644 scripts/docker/geoserver/get_dockerhost_ip.py create mode 100644 scripts/docker/geoserver/get_nginxhost_ip.py create mode 100644 scripts/docker/geoserver/multidump-alt.sh create mode 100644 scripts/docker/geoserver/multidump.sh create mode 100644 scripts/docker/geoserver/requirements.txt create mode 100644 scripts/docker/geoserver/set_geoserver_auth.sh create mode 100644 scripts/docker/geoserver/setup_auth.sh create mode 100644 scripts/docker/geoserver/templates/geofence/geofence-datasource-ovr.properties.j2 diff --git a/.github/workflows/52n-build-master.yml b/.github/workflows/52n-build-master.yml new file mode 100644 index 00000000000..59a3ce8954b --- /dev/null +++ b/.github/workflows/52n-build-master.yml @@ -0,0 +1,133 @@ +name: "[52n_master -> lastest] Builds GeoNode Docker Images" + +concurrency: + group: "geonode_build_master" + cancel-in-progress: true + +env: + TITLE: "52°North GeoNode Docker Image" + VENDOR: "52°North GmbH" + AUTHORS: "https://52North.org/" + DESCRIPTION: "Builds and publishes the Docker images GeoNode, GeoServer, Nginx" + LICENSE: "GPL-3.0" + TAG: latest + +on: + push: + branches: + - "52n-master" + +jobs: + build_and_push_geonode: + runs-on: ubuntu-22.04 + env: + IMAGE: 52north/geonode + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v4 + with: + images: ${{ env.IMAGE }} + labels: | + "org.opencontainers.image.authors=${{ env.AUTHORS }}" + "org.opencontainers.image.vendor=${{ env.VENDOR }}" + "org.opencontainers.image.description=${{ env.DESCRIPTION }}" + "org.opencontainers.image.title=${{ env.TITLE }}" + "org.opencontainers.image.licenses=${{ env.LICENSE }}" + tags: | + ${{ env.TAG }} + - name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} + - name: Build and push + uses: docker/build-push-action@v4 + with: + context: . + file: ./Dockerfile + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache + cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max + + build_and_push_nginx: + runs-on: ubuntu-22.04 + env: + IMAGE: 52north/geonode-nginx + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v4 + with: + images: ${{ env.IMAGE }} + labels: | + "org.opencontainers.image.authors=${{ env.AUTHORS }}" + "org.opencontainers.image.vendor=${{ env.VENDOR }}" + "org.opencontainers.image.description=${{ env.DESCRIPTION }}" + "org.opencontainers.image.title=${{ env.TITLE }}" + "org.opencontainers.image.licenses=${{ env.LICENSE }}" + tags: | + ${{ env.TAG }} + - name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} + - name: Build and push + uses: docker/build-push-action@v4 + with: + context: ./scripts/docker/nginx/ + file: ./scripts/docker/nginx/Dockerfile + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache + cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max + + build_and_push_geoserver: + runs-on: ubuntu-22.04 + env: + IMAGE: 52north/geonode-geoserver + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v4 + with: + images: "${{ env.IMAGE }}" + labels: | + "org.opencontainers.image.authors=${{ env.AUTHORS }}" + "org.opencontainers.image.vendor=${{ env.VENDOR }}" + "org.opencontainers.image.description=${{ env.DESCRIPTION }}" + "org.opencontainers.image.title=${{ env.TITLE }}" + "org.opencontainers.image.licenses=${{ env.LICENSE }}" + tags: | + ${{ env.TAG }} + - name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} + - name: Build and push + uses: docker/build-push-action@v4 + with: + context: ./scripts/docker/geoserver/ + file: ./scripts/docker/geoserver/Dockerfile + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache + cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max diff --git a/.github/workflows/dockerhub-description.yml b/.github/workflows/dockerhub-description.yml new file mode 100644 index 00000000000..3dbe8fbb583 --- /dev/null +++ b/.github/workflows/dockerhub-description.yml @@ -0,0 +1,23 @@ +name: Update Docker Hub Description +on: + push: + branches: + - 52n-master + paths: + - README_52n.md + - .github/workflows/dockerhub-description.yml +jobs: + dockerHubDescription: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + - name: Docker Hub Description + uses: peter-evans/dockerhub-description@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN_52N_MASTER }} + repository: 52north/geonode + short-description: "Geospatial content management system" + readme-filepath: ./README_52n.md + enable-url-completion: true \ No newline at end of file diff --git a/.gitignore b/.gitignore index 7a455624878..60f95d0efc8 100644 --- a/.gitignore +++ b/.gitignore @@ -96,4 +96,4 @@ scripts/spcgeonode/_volume_* !hooks/* .env - +.secret diff --git a/CHANGELOG.md b/CHANGELOG.md index b440a931782..e2ac7e72bd1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,10 @@ # Change Log -## [4.1.1](https://github.com/GeoNode/geonode/tree/4.1.0) (2023-06-05) +## [4.1.2](https://github.com/GeoNode/geonode/tree/4.1.2) (2023-08-11) +## Bug Fixes +- Upgrade to importer 1.0.5 which fixes the import with filenames longer then 63 chars +- Fixed parsing and rendering of ISO TC211 spatial representetion type +## [4.1.1](https://github.com/GeoNode/geonode/tree/4.1.1) (2023-06-05) ## Security and Bug Fixes - Upgrade to Ubuntu 22.10 - Upgrade to Django 3.2.20 diff --git a/README_52n.md b/README_52n.md new file mode 100644 index 00000000000..3e92b9009b5 --- /dev/null +++ b/README_52n.md @@ -0,0 +1,25 @@ +# 52°North Fork of GeoNode + +This image is built from a fork of [Geonode](https://github.com/geonode/geonode). +[52°North GmbH](https://52north.org) maintains an own fork of GeoNode in order to make necessary adjustments within projects which are not part of GeoNode core. + +However, we are interested to stay as close to upstream as possible, to benefit from ongoing development, but also to contribute features and fixes we develop in our projects. + +Starting from version `4` this image is built from the `52n-master` branch of the [`52north/geonode` repository](https://github.com/52North/geonode/tree/52n-master). +The repository builds and publishes three images: + +* [`52north/geonode`](https://hub.docker.com/r/52north/geonode) (this image) +* [`52north/geonode-nginx`](https://hub.docker.com/r/52north/geonode-nginx) +* [`52north/geonode-geoserver`](https://hub.docker.com/r/52north/geonode-geoserver) + +The Dockerfiles can be found under the [`./scripts/docker` folder](https://github.com/52North/geonode/tree/52n-master/scripts/docker). + +The official Docker configuration of [GeoServer for GeoNode](https://github.com/GeoNode/geoserver-docker) seems to be outdated. +Therefore, our fork adds a `./scripts/docker/geoserver` Docker config which is based on [the geonode-project](https://github.com/geonode/geonode-project) template. + +Depending on our current project contexts we merge regularly from upstream, and create new pull requests based on this fork. + +> **Note on version `3` tags** +> +> Images containing a `3.x` version tag were experimental and do have a different code base. +> These image are considered to be removed in the near future. \ No newline at end of file diff --git a/scripts/docker/geoserver/Dockerfile b/scripts/docker/geoserver/Dockerfile new file mode 100644 index 00000000000..cf69384629f --- /dev/null +++ b/scripts/docker/geoserver/Dockerfile @@ -0,0 +1,113 @@ +ARG IMAGE_VERSION=9.0-jdk11-openjdk-slim-bullseye +ARG JAVA_HOME=/usr/local/openjdk-11 +FROM tomcat:$IMAGE_VERSION +LABEL GeoNode Development Team + +ARG GEOSERVER_CORS_ENABLED=False +ARG GEOSERVER_CORS_ALLOWED_ORIGINS=* +ARG GEOSERVER_CORS_ALLOWED_METHODS=GET,POST,PUT,DELETE,HEAD,OPTIONS +ARG GEOSERVER_CORS_ALLOWED_HEADERS=* +# +# Set GeoServer version and data directory +# +ENV GEOSERVER_VERSION=2.23.0 +ENV GEOSERVER_DATA_DIR="/geoserver_data/data" +ENV GEOSERVER_CORS_ENABLED=$GEOSERVER_CORS_ENABLED +ENV GEOSERVER_CORS_ALLOWED_ORIGINS=$GEOSERVER_CORS_ALLOWED_ORIGINS +ENV GEOSERVER_CORS_ALLOWED_METHODS=$GEOSERVER_CORS_ALLOWED_METHODS +ENV GEOSERVER_CORS_ALLOWED_HEADERS=$GEOSERVER_CORS_ALLOWED_HEADERS +# +# Download and install GeoServer +# +RUN apt-get update -y && apt-get install curl wget unzip -y +RUN cd /usr/local/tomcat/webapps \ + && wget --no-check-certificate --progress=bar:force:noscroll https://artifacts.geonode.org/geoserver/${GEOSERVER_VERSION}/geoserver.war -O geoserver.war \ + && unzip -q geoserver.war -d geoserver \ + && rm geoserver.war \ + && mkdir -p $GEOSERVER_DATA_DIR + +VOLUME $GEOSERVER_DATA_DIR + +# added by simonelanucara https://github.com/simonelanucara +# Optionally add JAI, ImageIO and Marlin Render for improved Geoserver performance +WORKDIR /tmp + +RUN wget --no-check-certificate https://repo1.maven.org/maven2/org/postgis/postgis-jdbc/1.3.3/postgis-jdbc-1.3.3.jar -O postgis-jdbc-1.3.3.jar && \ + wget --no-check-certificate https://maven.geo-solutions.it/org/hibernatespatial/hibernate-spatial-postgis/1.1.3.2/hibernate-spatial-postgis-1.1.3.2.jar -O hibernate-spatial-postgis-1.1.3.2.jar && \ + rm /usr/local/tomcat/webapps/geoserver/WEB-INF/lib/hibernate-spatial-h2-geodb-1.1.3.2.jar && \ + mv hibernate-spatial-postgis-1.1.3.2.jar /usr/local/tomcat/webapps/geoserver/WEB-INF/lib/ && \ + mv postgis-jdbc-1.3.3.jar /usr/local/tomcat/webapps/geoserver/WEB-INF/lib/ + +###########docker host############### +# Set DOCKERHOST variable if DOCKER_HOST exists +ARG DOCKERHOST=${DOCKERHOST} +# for debugging +RUN echo -n #1===>DOCKERHOST=${DOCKERHOST} +# +ENV DOCKERHOST ${DOCKERHOST} +# for debugging +RUN echo -n #2===>DOCKERHOST=${DOCKERHOST} + +###########docker host ip############# +# Set GEONODE_HOST_IP address if it exists +ARG GEONODE_HOST_IP=${GEONODE_HOST_IP} +# for debugging +RUN echo -n #1===>GEONODE_HOST_IP=${GEONODE_HOST_IP} +# +ENV GEONODE_HOST_IP ${GEONODE_HOST_IP} +# for debugging +RUN echo -n #2===>GEONODE_HOST_IP=${GEONODE_HOST_IP} +# If empty set DOCKER_HOST_IP to GEONODE_HOST_IP +ENV DOCKER_HOST_IP=${DOCKER_HOST_IP:-${GEONODE_HOST_IP}} +# for debugging +RUN echo -n #1===>DOCKER_HOST_IP=${DOCKER_HOST_IP} +# Trying to set the value of DOCKER_HOST_IP from DOCKER_HOST +RUN if ! [ -z ${DOCKER_HOST_IP} ]; \ + then echo export DOCKER_HOST_IP=${DOCKERHOST} | \ + sed 's/tcp:\/\/\([^:]*\).*/\1/' >> /root/.bashrc; \ + else echo "DOCKER_HOST_IP is already set!"; fi +# for debugging +RUN echo -n #2===>DOCKER_HOST_IP=${DOCKER_HOST_IP} + +# Set WEBSERVER public port +ARG PUBLIC_PORT=${PUBLIC_PORT} +# for debugging +RUN echo -n #1===>PUBLIC_PORT=${PUBLIC_PORT} +# +ENV PUBLIC_PORT=${PUBLIC_PORT} +# for debugging +RUN echo -n #2===>PUBLIC_PORT=${PUBLIC_PORT} + +# set nginx base url for geoserver +RUN echo export NGINX_BASE_URL=http://${NGINX_HOST}:${NGINX_PORT}/ | \ + sed 's/tcp:\/\/\([^:]*\).*/\1/' >> /root/.bashrc + +# copy the script and perform the run of scripts from entrypoint.sh +RUN mkdir -p /usr/local/tomcat/tmp +WORKDIR /usr/local/tomcat/tmp +COPY set_geoserver_auth.sh /usr/local/tomcat/tmp +COPY setup_auth.sh /usr/local/tomcat/tmp +COPY requirements.txt /usr/local/tomcat/tmp +COPY get_dockerhost_ip.py /usr/local/tomcat/tmp +COPY get_nginxhost_ip.py /usr/local/tomcat/tmp +COPY entrypoint.sh /usr/local/tomcat/tmp +COPY ./templates /templates +COPY multidump.sh /usr/local/tomcat/tmp +COPY multidump-alt.sh /usr/local/tomcat/tmp + +RUN apt-get update \ + && apt-get install -y procps less \ + && apt-get install -y python3 python3-pip python3-dev \ + && chmod +x /usr/local/tomcat/tmp/set_geoserver_auth.sh \ + && chmod +x /usr/local/tomcat/tmp/setup_auth.sh \ + && chmod +x /usr/local/tomcat/tmp/entrypoint.sh \ + && pip3 install pip --upgrade \ + && pip3 install -r requirements.txt \ + && chmod +x /usr/local/tomcat/tmp/get_dockerhost_ip.py \ + && chmod +x /usr/local/tomcat/tmp/get_nginxhost_ip.py + +RUN pip install j2cli + +ENV JAVA_OPTS="-Djava.awt.headless=true -Dgwc.context.suffix=gwc -XX:+UnlockDiagnosticVMOptions -XX:+LogVMOutput -XX:LogFile=/var/log/jvm.log -XX:MaxPermSize=512m -XX:PermSize=256m -Xms512m -Xmx2048m -XX:+UseConcMarkSweepGC -XX:ParallelGCThreads=4 -Dfile.encoding=UTF8 -Djavax.servlet.request.encoding=UTF-8 -Djavax.servlet.response.encoding=UTF-8 -Duser.timezone=GMT -Dorg.geotools.shapefile.datetime=false -DGS-SHAPEFILE-CHARSET=UTF-8 -DGEOSERVER_CSRF_DISABLED=true -DPRINT_BASE_URL=http://geoserver:8080/geoserver/pdf -Xbootclasspath/a:/usr/local/tomcat/webapps/geoserver/WEB-INF/lib/marlin-0.9.3.jar -Dsun.java2d.renderer=org.marlin.pisces.MarlinRenderingEngine" + +CMD ["/usr/local/tomcat/tmp/entrypoint.sh"] \ No newline at end of file diff --git a/scripts/docker/geoserver/README.md b/scripts/docker/geoserver/README.md new file mode 100644 index 00000000000..9d00a465066 --- /dev/null +++ b/scripts/docker/geoserver/README.md @@ -0,0 +1,132 @@ +# geoserver-docker + + +**The scripts/docker/geonode folder is a copy from geonode-project* to be able to build GeoServer image from this repository directly. In case of an update, just replace the whole folder.** + + +[GeoServer](http://geoserver.org) is an open source server for sharing geospatial data. +This is a docker image that eases setting up a GeoServer running specifically for [GeoNode](https://github.com/GeoNode/geoserver-geonode-ext) with an additional separated data directory. + +The image is based on the official Tomcat 9 image + +## Installation + +This image is available as a [trusted build on the docker hub](https://registry.hub.docker.com/r/geonode/geoserver/), and is the recommended method of installation. +Simple pull the image from the docker hub. + +```bash +$ docker pull geonode/geoserver +``` + +Alternatively you can build the image locally + +```bash +$ git clone https://github.com/geonode/geoserver-docker.git +$ cd geoserver-docker +$ docker build -t "geonode/geoserver" . +``` + +## Quick start + +You can quick start the image using the command line + +```bash +$ docker run --name "geoserver" -v /var/run/docker.sock:/var/run/docker.sock -d -p 8080:8080 geonode/geoserver +``` + +Point your browser to `http://localhost:8080/geoserver` and login using GeoServer's default username and password: + +* Username: admin +* Password: geoserver + +## How to use different versions + +There are mainly two different versions of this image which are useful for running **GeoNode** with different authentication system types. These versions are released as specific tags for two authentication mechanisms: + +**Cookie based authn**: +- [geonode/geoserver:2.9.x](https://hub.docker.com/r/geonode/geoserver/builds/bx7ydhghnlrfnsppduyva73/) + +**Oauth2 based authn**: +- [geonode/geoserver:2.9.x-oauth2](https://hub.docker.com/r/geonode/geoserver/builds/bwca5rtexeoegzgroavftdr/) +- [geonode/geoserver:2.10.x](https://hub.docker.com/r/geonode/geoserver/builds/bjohcnc29vm69acqjrvndxf/) +- [geonode/geoserver:2.12.x](https://hub.docker.com/r/geonode/geoserver/builds/bh7pyw5atmkcljurwsnzbs7/) +- [geonode/geoserver:2.13.x](https://hub.docker.com/r/geonode/geoserver/builds/btmjctbuvrjfnnrxrs4wyrs/) +- [geonode/geoserver:2.14.x](https://hub.docker.com/r/geonode/geoserver/builds/bj53pi8he8uksz6ggvrs3wc/) + +You can declare what version to use along with the data directory tag which corresponds to the same version. + +## Configuration + +### Data volume + +This GeoServer container keeps its configuration data at `/geoserver_data/data` which is exposed as volume in the dockerfile. +The volume allows for stopping and starting new containers from the same image without losing all the data and custom configuration. + +You may want to map this volume to a directory on the host. It will also ease the upgrade process in the future. Volumes can be mounted by passing the `-v` flag to the docker run command: + +```bash +-v /your/host/data/path:/geoserver_data/data +``` + +### Data volume container + +In case you are running Compose for automatically having GeoServer up and running then a data volume container will be mounted with a default preloaded *GEOSERVER_DATA_DIR* at the configuration data directory of the container. +Make sure that the image from the repository [data-docker](https://github.com/GeoNode/data-docker) is available from the [GeoNode Docker Hub](https://hub.docker.com/u/geonode/) or has been built locally: + +```bash +docker build -t geonode/geoserver_data . +``` + +#### Persistance behavior + +If you run: + +```bash +docker-compose stop +``` + +Data are retained in the *GEOSERVER_DATA_DIR* and can then be mounted in a new GeoServer instance by running again: + +```bash +docker-compose up +``` + +If you run: + +```bash +docker-compose down +``` + +Data are completely gone but you can ever start from the base GeoServer Data Directory built for Geonode. + +#### Data directory versions + +There has to be a correspondence one-to-one between the data directory version and the tag of the GeoServer image used in the Docker compose file. So at the end you can consume these images below: + +* **2.9.x**: [geonode/geoserver_data:2.9.x](https://hub.docker.com/r/geonode/geoserver_data/builds/bsus6alnddg4bc7icwymevp/) +* **2.9.x-oauth2**: [geonode/geoserver_data:2.9.x-oauth2](https://hub.docker.com/r/geonode/geoserver_data/builds/bwkxcupsunvuitzusi9gsnt/) +* **2.10.x**: [geonode/geoserver_data:2.10.x](https://hub.docker.com/r/geonode/geoserver_data/builds/b5jqhpzapkqxzyevjizccug/) +* **2.12.x**: [geonode/geoserver_data:2.12.x](https://hub.docker.com/r/geonode/geoserver_data/builds/byaaalw3lnasunpveyg3x4i/) +* **2.13.x**: [geonode/geoserver_data:2.13.x](https://hub.docker.com/r/geonode/geoserver_data/builds/bunuqzq7a7dk65iumjhkbtc/) +* **2.14.x**: [geonode/geoserver_data:2.14.x](https://hub.docker.com/r/geonode/geoserver_data/builds/blpdjzkrv7pm3stunzpn4pp/) + +### Database + +GeoServer recommends the usage of a spatial database + +#### PostGIS container (PostgreSQL + GIS Extension) + +If you want to use a [PostGIS](http://postgis.org/) container, you can link it to this image. You're free to use any PostGIS container. +An example with [kartooza/postgis](https://registry.hub.docker.com/u/kartoza/postgis/) image: + +```bash +$ docker run -d --name="postgis" kartoza/postgis +``` + +For further information see [kartooza/postgis](https://registry.hub.docker.com/u/kartoza/postgis/). + +Now start the GeoServer instance by adding the `--link` option to the docker run command: + +```bash +--link postgis:postgis +``` diff --git a/scripts/docker/geoserver/docker-compose.yml b/scripts/docker/geoserver/docker-compose.yml new file mode 100644 index 00000000000..5f3dc1cf34e --- /dev/null +++ b/scripts/docker/geoserver/docker-compose.yml @@ -0,0 +1,61 @@ +version: '3.9' + +services: + + postgis: + image: geonode/postgis:13 + ports: + - "25432:5432" + volumes: + - /srv/docker/geoserver/postgis:/var/lib/postgresql + #volumes_from: + #- pgstore + healthcheck: + test: "pg_isready -d postgres -U postgres" + restart: on-failure + + geoserver: + image: geonode/geoserver:2.23.0 + build: + context: . + args: + - DOCKERHOST + - GEONODE_HOST_IP + - PUBLIC_PORT=80 + links: + - postgis + ports: + - "8080:8080" + volumes: + - /geoserver_data/data + environment: + - DOCKERHOST + - GEONODE_HOST_IP + - PUBLIC_PORT=80 + - DOCKER_HOST_IP + - DJANGO_URL=http://localhost/ + depends_on: + postgis: + condition: service_completed_successfully + data-dir-conf: + condition: service_healthy + healthcheck: + test: curl --fail -s http://localhost:8080/geoserver/rest/workspaces/geonode.html || exit 1 + interval: 1m30s + timeout: 10s + retries: 3 + restart: on-failure + + data-dir-conf: + image: geonode/geoserver_data:2.23.0 + container_name: geoserver_data_dir # named data container + entrypoint: sleep infinity + volumes: + - /geoserver_data/data + healthcheck: + test: "ls -A '/geoserver_data/data' | wc -l" + restart: on-failure + +volumes: + # reference to the named data container that holds the preloaded geoserver data directory + geoserver_data_dir: \ No newline at end of file diff --git a/scripts/docker/geoserver/entrypoint.sh b/scripts/docker/geoserver/entrypoint.sh new file mode 100644 index 00000000000..f9af5f42024 --- /dev/null +++ b/scripts/docker/geoserver/entrypoint.sh @@ -0,0 +1,152 @@ +#!/bin/bash +set -e + +source /root/.bashrc + +# control the value of DOCKER_HOST_IP variable +if [ -z ${DOCKER_HOST_IP} ] +then + + echo "DOCKER_HOST_IP is empty so I'll run the python utility \n" + echo export DOCKER_HOST_IP=`python3 /usr/local/tomcat/tmp/get_dockerhost_ip.py` >> /root/.override_env + echo "The calculated value is now DOCKER_HOST_IP='$DOCKER_HOST_IP' \n" + +else + + echo "DOCKER_HOST_IP is filled so I'll leave the found value '$DOCKER_HOST_IP' \n" + +fi + +# control the values of LB settings if present +if [ ${GEONODE_LB_HOST_IP} ] +then + + echo "GEONODE_LB_HOST_IP is filled so I replace the value of '$DOCKER_HOST_IP' with '$GEONODE_LB_HOST_IP' \n" + echo export DOCKER_HOST_IP=${GEONODE_LB_HOST_IP} >> /root/.override_env + +fi + +if [ ${GEONODE_LB_PORT} ] +then + + echo "GEONODE_LB_PORT is filled so I replace the value of '$PUBLIC_PORT' with '$GEONODE_LB_PORT' \n" + echo export PUBLIC_PORT=${GEONODE_LB_PORT} >> /root/.override_env + +fi + +if [ ! -z "${GEOSERVER_JAVA_OPTS}" ] +then + + echo "GEOSERVER_JAVA_OPTS is filled so I replace the value of '$JAVA_OPTS' with '$GEOSERVER_JAVA_OPTS' \n" + JAVA_OPTS=${GEOSERVER_JAVA_OPTS} + +fi + +# control the value of NGINX_BASE_URL variable +if [ -z `echo ${NGINX_BASE_URL} | sed 's/http:\/\/\([^:]*\).*/\1/'` ] +then + echo "NGINX_BASE_URL is empty so I'll use the static nginx hostname \n" + # echo export NGINX_BASE_URL=`python3 /usr/local/tomcat/tmp/get_nginxhost_ip.py` >> /root/.override_env + # TODO rework get_nginxhost_ip to get URL with static hostname from nginx service name + # + exposed port of that container i.e. http://geonode:80 + echo export NGINX_BASE_URL=http://geonode:80 >> /root/.override_env + echo "The calculated value is now NGINX_BASE_URL='$NGINX_BASE_URL' \n" +else + echo "NGINX_BASE_URL is filled so I'll leave the found value '$NGINX_BASE_URL' \n" +fi + +# set basic tagname +TAGNAME=( "baseUrl" ) + +if ! [ -f ${GEOSERVER_DATA_DIR}/security/auth/geonodeAuthProvider/config.xml ] +then + + echo "Configuration file '$GEOSERVER_DATA_DIR'/security/auth/geonodeAuthProvider/config.xml is not available so it is gone to skip \n" + +else + + # backup geonodeAuthProvider config.xml + cp ${GEOSERVER_DATA_DIR}/security/auth/geonodeAuthProvider/config.xml ${GEOSERVER_DATA_DIR}/security/auth/geonodeAuthProvider/config.xml.orig + # run the setting script for geonodeAuthProvider + /usr/local/tomcat/tmp/set_geoserver_auth.sh ${GEOSERVER_DATA_DIR}/security/auth/geonodeAuthProvider/config.xml ${GEOSERVER_DATA_DIR}/security/auth/geonodeAuthProvider/ ${TAGNAME} > /dev/null 2>&1 + +fi + +# backup geonode REST role service config.xml +cp "${GEOSERVER_DATA_DIR}/security/role/geonode REST role service/config.xml" "${GEOSERVER_DATA_DIR}/security/role/geonode REST role service/config.xml.orig" +# run the setting script for geonode REST role service +/usr/local/tomcat/tmp/set_geoserver_auth.sh "${GEOSERVER_DATA_DIR}/security/role/geonode REST role service/config.xml" "${GEOSERVER_DATA_DIR}/security/role/geonode REST role service/" ${TAGNAME} > /dev/null 2>&1 + +# set oauth2 filter tagname +TAGNAME=( "accessTokenUri" "userAuthorizationUri" "redirectUri" "checkTokenEndpointUrl" "logoutUri" ) + +# backup geonode-oauth2 config.xml +cp ${GEOSERVER_DATA_DIR}/security/filter/geonode-oauth2/config.xml ${GEOSERVER_DATA_DIR}/security/filter/geonode-oauth2/config.xml.orig +# run the setting script for geonode-oauth2 +/usr/local/tomcat/tmp/set_geoserver_auth.sh ${GEOSERVER_DATA_DIR}/security/filter/geonode-oauth2/config.xml ${GEOSERVER_DATA_DIR}/security/filter/geonode-oauth2/ "${TAGNAME[@]}" > /dev/null 2>&1 + +# set global tagname +TAGNAME=( "proxyBaseUrl" ) + +# backup global.xml +cp ${GEOSERVER_DATA_DIR}/global.xml ${GEOSERVER_DATA_DIR}/global.xml.orig +# run the setting script for global configuration +/usr/local/tomcat/tmp/set_geoserver_auth.sh ${GEOSERVER_DATA_DIR}/global.xml ${GEOSERVER_DATA_DIR}/ ${TAGNAME} > /dev/null 2>&1 + +# set correct amqp broker url +sed -i -e 's/localhost/rabbitmq/g' ${GEOSERVER_DATA_DIR}/notifier/notifier.xml + +# exclude wrong dependencies +sed -i -e 's/xom-\*\.jar/xom-\*\.jar,bcprov\*\.jar/g' /usr/local/tomcat/conf/catalina.properties + +# J2 templating for this docker image we should also do it for other configuration files in /usr/local/tomcat/tmp + +declare -a geoserver_datadir_template_dirs=("geofence") + +for template in in ${geoserver_datadir_template_dirs[*]}; do + #Geofence templates + if [ "$template" == "geofence" ]; then + cp -R /templates/$template/* ${GEOSERVER_DATA_DIR}/geofence + + for f in $(find ${GEOSERVER_DATA_DIR}/geofence/ -type f -name "*.j2"); do + echo -e "Evaluating template\n\tSource: $f\n\tDest: ${f%.j2}" + /usr/local/bin/j2 $f > ${f%.j2} + rm -f $f + done + + fi +done + +# configure CORS (inspired by https://github.com/oscarfonts/docker-geoserver) +# if enabled, this will add the filter definitions +# to the end of the web.xml +# (this will only happen if our filter has not yet been added before) +if [ "${GEOSERVER_CORS_ENABLED}" = "true" ] || [ "${GEOSERVER_CORS_ENABLED}" = "True" ]; then + if ! grep -q DockerGeoServerCorsFilter "$CATALINA_HOME/webapps/geoserver/WEB-INF/web.xml"; then + echo "Enable CORS for $CATALINA_HOME/webapps/geoserver/WEB-INF/web.xml" + sed -i "\::i\\ + \n\ + DockerGeoServerCorsFilter\n\ + org.apache.catalina.filters.CorsFilter\n\ + \n\ + cors.allowed.origins\n\ + ${GEOSERVER_CORS_ALLOWED_ORIGINS}\n\ + \n\ + \n\ + cors.allowed.methods\n\ + ${GEOSERVER_CORS_ALLOWED_METHODS}\n\ + \n\ + \n\ + cors.allowed.headers\n\ + ${GEOSERVER_CORS_ALLOWED_HEADERS}\n\ + \n\ + \n\ + \n\ + DockerGeoServerCorsFilter\n\ + /*\n\ + " "$CATALINA_HOME/webapps/geoserver/WEB-INF/web.xml"; + fi +fi + +# start tomcat +exec env JAVA_OPTS="${JAVA_OPTS}" catalina.sh run \ No newline at end of file diff --git a/scripts/docker/geoserver/get_dockerhost_ip.py b/scripts/docker/geoserver/get_dockerhost_ip.py new file mode 100644 index 00000000000..7b5a42ed310 --- /dev/null +++ b/scripts/docker/geoserver/get_dockerhost_ip.py @@ -0,0 +1,24 @@ +#!/usr/bin/env python3 + +import logging + +import docker + +BOOTSTRAP_IMAGE_CHEIP = 'codenvy/che-ip:nightly' +# AF: why call before definition? print _docker_host_ip() + +def _docker_host_ip(): + client = docker.from_env() + ip_list = client.containers.run(BOOTSTRAP_IMAGE_CHEIP, + network_mode='host' + ).split("\n") + if len(ip_list) > 1: + logging.info("Docker daemon is running on more than one \ +address {0}".format(ip_list)) + logging.info("Only the first address:{0} will be returned!".format( + ip_list[0] + )) + else: + logging.info("Docker daemon is running at the following \ +address {0}".format(ip_list[0])) + return ip_list[0] diff --git a/scripts/docker/geoserver/get_nginxhost_ip.py b/scripts/docker/geoserver/get_nginxhost_ip.py new file mode 100644 index 00000000000..c6a67d8490d --- /dev/null +++ b/scripts/docker/geoserver/get_nginxhost_ip.py @@ -0,0 +1,45 @@ +#!/usr/bin/env python3 + +import logging +import os + +import docker + +client = docker.from_env() +# print(client.info()) +# TODO avoid this script can fail and fall in the loop where the geoserver +# service is not available and consequently the nginx too which has geoserver +# as a reference link +for network in client.networks.list(): + if 'geonode' in network.name: + geonode_network = network.name + else: + geonode_network = 'geonode_default' + +try: + containers = { + c.attrs['Config']['Image']: c.attrs['NetworkSettings']['\ +Networks'][geonode_network]['\ +IPAddress'] for c in client.containers.list() if c.status in 'running' + } + for item in containers.items(): + if "geonode/nginx" in item[0]: + ipaddr = item[1] + + try: + os.environ["NGINX_BASE_URL"] = "http://" + ipaddr + ":" + "80" + nginx_base_url = "http://{}:80".format(ipaddr) + except NameError as er: + logging.info("NGINX container is not running maybe exited! Running\ +containers are:{0}".format(containers)) +except KeyError as ke: + logging.info("There has been a problem with the docker\ +network which has raised the following exception: {0}".format(ke)) +else: + # nginx_base_url = None + pass +finally: + try: + print(nginx_base_url) + except NameError as ne: + print("http://geonode:80") diff --git a/scripts/docker/geoserver/multidump-alt.sh b/scripts/docker/geoserver/multidump-alt.sh new file mode 100644 index 00000000000..cc237e17bec --- /dev/null +++ b/scripts/docker/geoserver/multidump-alt.sh @@ -0,0 +1,16 @@ +#!/bin/sh + +if [ $# -ne 3 ]; then + echo "Usage: $0 pid interval count" + exit 1 +fi + +PID=$1 +INTERVAL=$2 +COUNT=$3 + +top -bH -d $INTERVAL -n $COUNT -p $PID >> top.out 2>&1 & +for i in `seq $COUNT`; do + kill -3 $PID + sleep $INTERVAL +done diff --git a/scripts/docker/geoserver/multidump.sh b/scripts/docker/geoserver/multidump.sh new file mode 100644 index 00000000000..21dfd2ba660 --- /dev/null +++ b/scripts/docker/geoserver/multidump.sh @@ -0,0 +1,18 @@ +#!/bin/sh + +if [ $# -ne 3 ]; then + echo "Usage: $0 pid interval count" + exit 1 +fi + +PID=$1 +INTERVAL=$2 +COUNT=$3 + +top -bH -d $INTERVAL -n $COUNT -p $PID >> top.out 2>&1 & +for i in `seq $COUNT`; do + echo "stack trace $i of $COUNT" >> jstack.out + jstack -l $PID >> jstack.out + echo "--------------------" >> jstack.out + sleep $INTERVAL +done diff --git a/scripts/docker/geoserver/requirements.txt b/scripts/docker/geoserver/requirements.txt new file mode 100644 index 00000000000..0b31242fdae --- /dev/null +++ b/scripts/docker/geoserver/requirements.txt @@ -0,0 +1 @@ +docker==3.1.1 diff --git a/scripts/docker/geoserver/set_geoserver_auth.sh b/scripts/docker/geoserver/set_geoserver_auth.sh new file mode 100644 index 00000000000..27dd11ef54e --- /dev/null +++ b/scripts/docker/geoserver/set_geoserver_auth.sh @@ -0,0 +1,91 @@ +#!/bin/bash + +auth_conf_source="$1" +auth_conf_target="$2" +# Creating a temporary file for sed to write the changes to +temp_file="xml.tmp" +touch $temp_file + +source /root/.bashrc +source /root/.override_env + +test -z "$auth_conf_source" && echo "You must specify a source file" && exit 1 +test -z "$auth_conf_target" && echo "You must specify a target conf directory" && exit 1 + +test ! -f "$auth_conf_source" && echo "Source $auth_conf_source does not exist or is not a file" && exit 1 +test ! -d "$auth_conf_target" && echo "Target directory $auth_conf_target does not exist or is not a directory" && exit 1 + +# for debugging +echo -e "NGINX_BASE_URL=${NGINX_BASE_URL}\n" +if [ "$PUBLIC_PORT" == "443" ]; then + SUBSTITUTION_URL="https://${DOCKER_HOST_IP}" + if [ "$PUBLIC_PORT" != "443" ]; then + SUBSTITUTION_URL="https://${DOCKER_HOST_IP}:${PUBLIC_PORT}" + fi +else + SUBSTITUTION_URL="http://${DOCKER_HOST_IP}" + if [ "$PUBLIC_PORT" != "80" ]; then + SUBSTITUTION_URL="http://${DOCKER_HOST_IP}:${PUBLIC_PORT}" + fi +fi + +echo -e "SUBSTITUTION_URL=$SUBSTITUTION_URL\n" +echo -e "auth_conf_source=$auth_conf_source\n" +echo -e "auth_conf_target=$auth_conf_target\n" + +# Elegance is the key -> adding an empty last line for Mr. “sed” to pick up +echo " " >> "$auth_conf_source" + +cat "$auth_conf_source" + +tagname=( ${@:3:5} ) + +# for debugging +for i in "${tagname[@]}" +do + echo "tagname=<$i>" +done + +echo "DEBUG: Starting... [Ok]\n" + +for i in "${tagname[@]}" +do + echo "DEBUG: Working on '$auth_conf_source' for tagname <$i>" + # Extracting the value from the <$tagname> element + # echo -ne "<$i>$tagvalue" | xmlstarlet sel -t -m "//a" -v . -n + tagvalue=`grep "<$i>.*<.$i>" "$auth_conf_source" | sed -e "s/^.*<$i/<$i/" | cut -f2 -d">"| cut -f1 -d"<"` + + echo "DEBUG: Found the current value for the element <$i> - '$tagvalue'" + + # Setting new substituted value + case $i in + proxyBaseUrl ) + if [ ${GEONODE_LB_HOST_IP} ] + then + echo "DEBUG: Editing '$auth_conf_source' for tagname <$i> and replacing its value with '$SUBSTITUTION_URL'" + newvalue=`echo -ne "$tagvalue" | sed -re "s@http://localhost(:8.*0)@$SUBSTITUTION_URL@"` + else + echo "DEBUG: Editing '$auth_conf_source' for tagname <$i> and replacing its value with '$NGINX_BASE_URL'" + newvalue=`echo -ne "$tagvalue" | sed -re "s@http://localhost(:8.*0)@$NGINX_BASE_URL@"` + fi;; + accessTokenUri | checkTokenEndpointUrl | baseUrl ) + echo "DEBUG: Editing '$auth_conf_source' for tagname <$i> and replacing its value with '$NGINX_BASE_URL'" + newvalue=`echo -ne "$tagvalue" | sed -re "s@http://localhost(:8.*0)@$NGINX_BASE_URL@"`;; + userAuthorizationUri | redirectUri | logoutUri ) + echo "DEBUG: Editing '$auth_conf_source' for tagname <$i> and replacing its value with '$SUBSTITUTION_URL'" + newvalue=`echo -ne "$tagvalue" | sed -re "s@http://localhost(:8.*0)@$SUBSTITUTION_URL@"`;; + *) echo -n "an unknown variable has been found";; + esac + + echo "DEBUG: Found the new value for the element <$i> - '$newvalue'" + # Replacing element’s value with $SUBSTITUTION_URL + # echo -ne "<$i>$tagvalue" | xmlstarlet sel -t -m "//a" -v . -n + sed -e "s@<$i>$tagvalue<\/$i>@<$i>$newvalue<\/$i>@g" "$auth_conf_source" > "$temp_file" + cp "$temp_file" "$auth_conf_source" +done +# Writing our changes back to the original file ($auth_conf_source) +# no longer needed +# mv $temp_file $auth_conf_source + +echo "DEBUG: Finished... [Ok] --- Final xml file is \n" +cat "$auth_conf_source" diff --git a/scripts/docker/geoserver/setup_auth.sh b/scripts/docker/geoserver/setup_auth.sh new file mode 100644 index 00000000000..6f9373b978c --- /dev/null +++ b/scripts/docker/geoserver/setup_auth.sh @@ -0,0 +1,3 @@ +#!/bin/sh +sed -i.bak 's@\([^<][^<]*\)@'"$DJANGO_URL"'@'\ + /geoserver_data/data/security/auth/geonodeAuthProvider/config.xml \ No newline at end of file diff --git a/scripts/docker/geoserver/templates/geofence/geofence-datasource-ovr.properties.j2 b/scripts/docker/geoserver/templates/geofence/geofence-datasource-ovr.properties.j2 new file mode 100644 index 00000000000..7b18d3e55f3 --- /dev/null +++ b/scripts/docker/geoserver/templates/geofence/geofence-datasource-ovr.properties.j2 @@ -0,0 +1,12 @@ +geofenceVendorAdapter.databasePlatform=org.hibernatespatial.postgis.PostgisDialect +geofenceDataSource.driverClassName=org.postgresql.Driver +geofenceDataSource.url=jdbc:postgresql://{{ DATABASE_HOST }}:{{ DATABASE_PORT }}/{{ GEONODE_GEODATABASE }} +geofenceDataSource.username={{ GEONODE_GEODATABASE }} +geofenceDataSource.password={{ GEONODE_GEODATABASE_PASSWORD }} +geofenceEntityManagerFactory.jpaPropertyMap[hibernate.default_schema]={{ GEONODE_GEODATABASE_SCHEMA }} + +# avoid hibernate transaction issues +geofenceDataSource.testOnBorrow=true +geofenceDataSource.validationQuery=SELECT 1 +geofenceEntityManagerFactory.jpaPropertyMap[hibernate.testOnBorrow]=true +geofenceEntityManagerFactory.jpaPropertyMap[hibernate.validationQuery]=SELECT 1 \ No newline at end of file From f91e67ff7170742d92a417d65e7eb7639f2bdbf2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 22 Jan 2024 00:58:29 +0000 Subject: [PATCH 39/39] Bump boto3 from 1.28.56 to 1.34.23 Bumps [boto3](https://github.com/boto/boto3) from 1.28.56 to 1.34.23. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.28.56...1.34.23) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 39864fb3294..950d2bcce1b 100644 --- a/requirements.txt +++ b/requirements.txt @@ -113,7 +113,7 @@ django-storages==1.14.1 dropbox==11.36.2 google-cloud-storage==2.11.0 google-cloud-core==2.3.3 -boto3==1.28.56 +boto3==1.34.23 # Django Caches python-memcached<=1.59