[fineract-cn-docker-compose] 17/48: Implement bash scripts to provisioner fineract cn services

[angeh]

This is an automated email from the ASF dual-hosted git repository.

angeh pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/fineract-cn-docker-compose.git

commit 8ae755b046282f82f6fd1cf74f9924b25510cdda
Author: Anh3h <couragean...@gmail.com>
AuthorDate: Wed Sep 18 03:10:16 2019 -0400

    Implement bash scripts to provisioner fineract cn services
---
 README.md                         |  23 ++-
 bash_scripts/provision.sh         | 311 ++++++++++++++++++++++++++++++++++++++
 docker-compose.yml                |   1 +
 external_tools/docker-compose.yml |   4 +
 shut-down-and-reset.sh            |   8 +
 start-up.sh                       |  18 ++-
 6 files changed, 356 insertions(+), 9 deletions(-)

diff --git a/README.md b/README.md
index f049eb4..1cc8d35 100644
--- a/README.md
+++ b/README.md
@@ -5,10 +5,25 @@ This project contains Docker Compose Scripts for running 
Fineract CN especially
 - Docker
 - Docker-compose
 
-## Automatic or manual provisioning
+## Deploy and provision Fineract CN
 
-You can either try to provision automatically using bash script `bash 
start-up.sh`
-Or you could achieve the same state by manually following the instructions 
below:
+You can either deploy and provision Fineract CN automatically using bash 
scripts or manually using postman.
+
+## 1. Deploy Fineract automtically using bash scripts
+
+ - To start up all the Fineract CN services run:
+
+    `bash start-up.sh`
+ - Then log the last Fineract CN microservice deployed by docker compose 
(fineract-cn-notification) to make sure all your Fineract services are now 
available.
+
+    `docker logs -f fineract-cn-docker-compose_notifications-ms_1`
+ - Finally provison the microservices by
+
+    `cd bash_scripts`
+
+    `bash provision.sh playground` #where playground is your tenant name
+
+## 2. Deploy Fineract manually using postman
 
 ## Perquisites
 
@@ -37,7 +52,7 @@ docker-compose up
 First only start provisioner-ms by running following in project root:
 
 ```
-docker-compose up provisioner-ms 
+docker-compose up provisioner-ms
 ```
 after it has started (and created table seshat to postgres) stop it.
 This is just to make sure provisioner gets to create the database the other 
services require.
diff --git a/bash_scripts/provision.sh b/bash_scripts/provision.sh
new file mode 100755
index 0000000..b179054
--- /dev/null
+++ b/bash_scripts/provision.sh
@@ -0,0 +1,311 @@
+#!/bin/bash
+set -e
+
+function init-variables {
+    CASSANDRA_REPLICATION_TYPE="Simple"
+    CASSANDRA_CONTACT_POINTS="cassandra:9042"
+    CASSANDRA_CLUSTER_NAME="Datacenter1"
+    CASSANDRA_REPLICAS="1"
+
+    POSTGRES_DRIVER_CLASS="org.postgresql.Driver"
+    POSTGRES_HOST="postgres"
+    POSTGRES_PWD="postgres"
+    POSTGRESQL_PORT="5432"
+    POSTGRESQL_USER="postgres"
+
+    PROVISIONER_URL="http://provisioner-ms:2020/provisioner/v1";
+    IDENTITY_URL="http://identity-ms:2021/identity/v1";
+    RHYTHM_URL="http://rhythm-ms:2022/rhythm/v1";
+    OFFICE_URL="http://office-ms:2023/office/v1";
+    CUSTOMER_URL="http://customer-ms:2024/customer/v1";
+    ACCOUNTING_URL="http://accounting-ms:2025/accounting/v1";
+    PORTFOLIO_URL="http://portfolio-ms:2026/portfolio/v1";
+    DEPOSIT_URL="http://deposit-account-management-ms:2027/deposit/v1";
+    TELLER_URL="http://teller-ms:2028/teller/v1";
+    REPORT_URL="http://reporting-ms:2029/report/v1";
+    CHEQUES_URL="http://cheques-ms:2030/cheques/v1";
+    PAYROLL_URL="http://payroll-ms:2031/payroll/v1";
+    GROUP_URL="http://group-ms:2032/group/v1";
+    NOTIFICATIONS_URL="http://notifications-ms:2033/notification/v1";
+
+    MS_VENDOR="Apache Fineract"
+    IDENTITY_MS_NAME="identity-v1"
+    RHYTHM_MS_NAME="rhythm-v1"
+    OFFICE_MS_NAME="office-v1"
+    CUSTOMER_MS_NAME="customer-v1"
+    ACCOUNTING_MS_NAME="accounting-v1"
+    PORTFOLIO_MS_NAME="portfolio-v1"
+    DEPOSIT_MS_NAME="deposit-v1"
+    TELLER_MS_NAME="teller-v1"
+    REPORT_MS_NAME="report-v1"
+    CHEQUES_MS_NAME="cheques-v1"
+    PAYROLL_MS_NAME="payroll-v1"
+    GROUP_MS_NAME="group-v1"
+    NOTIFICATIONS_MS_NAME="notification-v1"
+}
+
+function auto-seshat {
+    TOKEN=$( curl -s -X POST -H "Content-Type: application/json" \
+        
"$PROVISIONER_URL"'/auth/token?grant_type=password&client_id=service-runner&username=wepemnefret&password=oS/0IiAME/2unkN1momDrhAdNKOhGykYFH/mJN20'
 \
+         | jq --raw-output '.token' )
+}
+
+function login {
+    local tenant="$1"
+    local username="$2"
+    local password="$3"
+
+    ACCESS_TOKEN=$( curl -s -X POST -H "Content-Type: application/json" -H 
"User: guest" -H "X-Tenant-Identifier: $tenant" \
+       
"${IDENTITY_URL}/token?grant_type=password&username=${username}&password=${password}"
 \
+        | jq --raw-output '.accessToken' )
+}
+
+function create-application {
+    local name="$1"
+    local description="$2"
+    local vendor="$3"
+    local homepage="$4"
+
+    curl -H "Content-Type: application/json" -H "User: wepemnefret" -H 
"Authorization: ${TOKEN}" \
+    --data '{ "name": "'"$name"'", "description": "'"$description"'", 
"vendor": "'"$vendor"'", "homepage": "'"$homepage"'" }' \
+     ${PROVISIONER_URL}/applications
+    echo "Created microservice: $name"
+}
+
+function get-application {
+    echo ""
+    echo "Microservices: "
+    curl -s -H "Content-Type: application/json" -H "User: wepemnefret" -H 
"Authorization: ${TOKEN}" ${PROVISIONER_URL}/applications | jq '.'
+}
+
+function delete-application {
+    local service_name="$1"
+
+    curl -X delete -H "Content-Type: application/json" -H "User: wepemnefret" 
-H "Authorization: ${TOKEN}" ${PROVISIONER_URL}/applications/${service_name}
+    echo "Deleted microservice: $name"
+}
+
+function create-tenant {
+    local identifier="$1"
+    local name="$2"
+    local description="$3"
+    local database_name="$4"
+
+    curl -H "Content-Type: application/json" -H "User: wepemnefret" -H 
"Authorization: ${TOKEN}" \
+    --data '{
+       "identifier": "'"$identifier"'",
+       "name": "'"$name"'",
+       "description": "'"$description"'",
+       "cassandraConnectionInfo": {
+               "clusterName": "'"$CASSANDRA_CLUSTER_NAME"'",
+               "contactPoints": "'"$CASSANDRA_CONTACT_POINTS"'",
+               "keyspace": "'"$database_name"'",
+               "replicationType": "'"$CASSANDRA_REPLICATION_TYPE"'",
+               "replicas": "'"$CASSANDRA_REPLICAS"'"
+       },
+       "databaseConnectionInfo": {
+               "driverClass": "'"$POSTGRES_DRIVER_CLASS"'",
+               "databaseName": "'"$database_name"'",
+               "host": "'"$POSTGRES_HOST"'",
+               "port": "'"$POSTGRES_PORT"'",
+               "user": "'"$POSTGRES_USER"'",
+               "password": "'"$POSTGRES_PWD"'"
+       }}' \
+    ${PROVISIONER_URL}/tenants
+    echo "Created tenant: $database_name"
+}
+
+function get-tenants {
+    echo ""
+    echo "Tenants: "
+    curl -s -H "Content-Type: application/json" -H "User: wepemnefret" -H 
"Authorization: ${TOKEN}" ${PROVISIONER_URL}/tenants | jq '.'
+}
+
+function assign-identity-ms {
+    local tenant="$1"
+
+    ADMIN_PASSWORD=$( curl -s -H "Content-Type: application/json" -H "User: 
wepemnefret" -H "Authorization: ${TOKEN}" -H "X-Tenant-Identifier: $tenant" \
+       --data '{ "name": "'"$IDENTITY_MS_NAME"'" }' \
+       ${PROVISIONER_URL}/tenants/${tenant}/identityservice | jq --raw-output 
'.adminPassword')
+    echo "Assigned identity microservice for tenant $tenant"
+}
+
+function get-tenant-services {
+    local tenant="$1"
+
+    echo ""
+    echo "$tenant services: "
+    curl -s -H "Content-Type: application/json" -H "User: wepemnefret" -H 
"Authorization: ${TOKEN}" -H "X-Tenant-Identifier: $tenant" 
${PROVISIONER_URL}/tenants/$tenant/applications | jq '.'
+}
+
+function create-scheduler-role {
+    local tenant="$1"
+
+    curl -H "Content-Type: application/json" -H "User: antony" -H 
"Authorization: ${ACCESS_TOKEN}" -H "X-Tenant-Identifier: $tenant" \
+        --data '{
+                "identifier": "scheduler",
+                "permissions": [
+                        {
+                                "permittableEndpointGroupIdentifier": 
"identity__v1__app_self",
+                                "allowedOperations": ["CHANGE"]
+                        },
+                        {
+                                "permittableEndpointGroupIdentifier": 
"portfolio__v1__khepri",
+                                "allowedOperations": ["CHANGE"]
+                        }
+                ]
+        }' \
+        ${IDENTITY_URL}/roles
+    echo "Created scheduler role"
+}
+
+function create-org-admin-role {
+    local tenant="$1"
+
+    curl -H "Content-Type: application/json" -H "User: antony" -H 
"Authorization: ${ACCESS_TOKEN}" -H "X-Tenant-Identifier: $tenant" \
+        --data '{
+                "identifier": "orgadmin",
+                "permissions": [
+                        {
+                                "permittableEndpointGroupIdentifier": 
"office__v1__employees",
+                                "allowedOperations": ["READ", "CHANGE", 
"DELETE"]
+                        },
+                        {
+                                "permittableEndpointGroupIdentifier": 
"office__v1__offices",
+                                "allowedOperations": ["READ", "CHANGE", 
"DELETE"]
+                        },
+                        {
+                                "permittableEndpointGroupIdentifier": 
"identity__v1__users",
+                                "allowedOperations": ["READ", "CHANGE", 
"DELETE"]
+                        },
+                        {
+                                "permittableEndpointGroupIdentifier": 
"identity__v1__roles",
+                                "allowedOperations": ["READ", "CHANGE", 
"DELETE"]
+                        },
+                        {
+                                "permittableEndpointGroupIdentifier": 
"identity__v1__self",
+                                "allowedOperations": ["READ", "CHANGE", 
"DELETE"]
+                        },
+                        {
+                                "permittableEndpointGroupIdentifier": 
"accounting__v1__ledger",
+                                "allowedOperations": ["READ", "CHANGE", 
"DELETE"]
+                        },
+                        {
+                                "permittableEndpointGroupIdentifier": 
"accounting__v1__account",
+                                "allowedOperations": ["READ", "CHANGE", 
"DELETE"]
+                        }
+                ]
+        }' \
+        ${IDENTITY_URL}/roles
+    echo "Created organisation administrator role"
+}
+
+function create-user {
+    local tenant="$1"
+    local user="$2"
+    local user_identifier="$3"
+    local password="$4"
+    local role="$5"
+
+    curl -s -H "Content-Type: application/json" -H "User: $user" -H 
"Authorization: ${ACCESS_TOKEN}" -H "X-Tenant-Identifier: $tenant" \
+        --data '{
+                "identifier": "'"$user_identifier"'",
+                "password": "'"$password"'",
+                "role": "'"$role"'"
+        }' \
+        ${IDENTITY_URL}/users | jq '.'
+    echo "Created user: $user_identifier"
+}
+
+function get-users {
+    local tenant="$1"
+    local user="$2"
+
+    echo ""
+    echo "Users: "
+    curl -s -H "Content-Type: application/json" -H "User: $user" -H 
"Authorization: ${ACCESS_TOKEN}" -H "X-Tenant-Identifier: $tenant" 
${IDENTITY_URL}/users | jq '.'
+}
+
+function update-password {
+    local tenant="$1"
+    local user="$2"
+    local password="$3"
+
+    curl -s -X PUT -H "Content-Type: application/json" -H "User: $user" -H 
"Authorization: ${ACCESS_TOKEN}" -H "X-Tenant-Identifier: $tenant" \
+        --data '{
+                "password": "'"$password"'"
+        }' \
+        ${IDENTITY_URL}/users/${user}/password | jq '.'
+    echo "Updated $user password"
+}
+
+function provision-app {
+    local tenant="$1"
+    local service="$2"
+
+    curl -s -X PUT -H "Content-Type: application/json" -H "User: wepemnefret" 
-H "Authorization: ${TOKEN}" \
+       --data '[{ "name": "'"$service"'" }]' \
+       ${PROVISIONER_URL}/tenants/${tenant}/applications | jq '.'
+    echo "Provisioned microservice, $service for tenant, $tenant"
+}
+
+function set-application-permission-enabled-for-user {
+    local tenant="$1"
+    local service="$2"
+    local permission="$3"
+    local user="$4"
+
+    curl -s -X PUT -H "Content-Type: application/json" -H "User: $user" -H 
"Authorization: ${ACCESS_TOKEN}" -H "X-Tenant-Identifier: $tenant" \
+       --data 'true' \
+       
${IDENTITY_URL}/applications/${service}/permissions/${permission}/users/${user}/enabled
 | jq '.'
+    echo "Enabled permission, $permission for service $service"
+}
+
+init-variables
+auto-seshat
+create-application "$IDENTITY_MS_NAME" "" "$MS_VENDOR" "$IDENTITY_URL"
+create-application "$RHYTHM_MS_NAME" "" "$MS_VENDOR" "$RHYTHM_URL"
+create-application "$OFFICE_MS_NAME" "" "$MS_VENDOR" "$OFFICE_URL"
+create-application "$CUSTOMER_MS_NAME" "" "$MS_VENDOR" "$CUSTOMER_URL"
+create-application "$ACCOUNTING_MS_NAME" "" "$MS_VENDOR" "$ACCOUNTING_URL"
+create-application "$PORTFOLIO_MS_NAME" "" "$MS_VENDOR" "$PORTFOLIO_URL"
+create-application "$DEPOSIT_MS_NAME" "" "$MS_VENDOR" "$DEPOSIT_URL"
+create-application "$TELLER_MS_NAME" "" "$MS_VENDOR" "$TELLER_URL"
+create-application "$REPORT_MS_NAME" "" "$MS_VENDOR" "$REPORT_URL"
+create-application "$CHEQUES_MS_NAME" "" "$MS_VENDOR" "$CHEQUES_URL"
+create-application "$PAYROLL_MS_NAME" "" "$MS_VENDOR" "$PAYROLL_URL"
+create-application "$GROUP_MS_NAME" "" "$MS_VENDOR" "$GROUP_URL"
+create-application "$NOTIFICATIONS_MS_NAME" "" "$MS_VENDOR" 
"$NOTIFICATIONS_URL"
+
+#Set tenant identifier
+TENANT=$1
+create-tenant ${TENANT} "${TENANT}" "All in one Demo Server" ${TENANT}
+assign-identity-ms ${TENANT}
+login ${TENANT} "antony" $ADMIN_PASSWORD
+create-scheduler-role ${TENANT}
+create-user ${TENANT} "antony" "imhotep" "p4ssw0rd" "scheduler"
+login ${TENANT} "imhotep" "p4ssw0rd"
+update-password ${TENANT} "imhotep" "p4ssw0rd"
+provision-app ${TENANT} $RHYTHM_MS_NAME
+login ${TENANT} "imhotep" "p4ssw0rd"
+# Rhythm is not available at the moment
+# set-application-permission-enabled-for-user ${TENANT} $RHYTHM_MS_NAME 
"identity__v1__app_self" "imhotep"
+provision-app ${TENANT} $OFFICE_MS_NAME
+provision-app ${TENANT} $ACCOUNTING_MS_NAME
+provision-app ${TENANT} $PORTFOLIO_MS_NAME
+# Rhythm is not available at the moment
+# set-application-permission-enabled-for-user ${TENANT} $RHYTHM_MS_NAME 
"portfolio__v1__khepri" "imhotep"
+provision-app ${TENANT} $CUSTOMER_MS_NAME
+provision-app ${TENANT} $DEPOSIT_MS_NAME
+provision-app ${TENANT} $TELLER_MS_NAME
+provision-app ${TENANT} $REPORT_MS_NAME
+provision-app ${TENANT} $CHEQUES_MS_NAME
+provision-app ${TENANT} $PAYROLL_MS_NAME
+provision-app ${TENANT} $GROUP_MS_NAME
+provision-app ${TENANT} $NOTIFICATIONS_MS_NAME
+login ${TENANT} "antony" $ADMIN_PASSWORD
+create-org-admin-role ${TENANT}
+create-user ${TENANT} "antony" "operator" "init1@l23" "orgadmin"
+login ${TENANT} "operator" "init1@l"
+
+echo "COMPLETED PROVISIONING PROCESS."
\ No newline at end of file
diff --git a/docker-compose.yml b/docker-compose.yml
index 2f7acaf..73e58aa 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -157,6 +157,7 @@ services:
       eureka.instance.hostname: ${EUREKA_INSTANCE_HOSTNAME}
       postgresql.host: ${POSTGRESQL_HOST}
       ribbon.listOfServers: ${RIBBON_EUREKA_SERVER}
+      spring.datasource.url: 
jdbc:postgresql://${POSTGRESQL_HOST}:${POSTGRESQL_PORT}/seshat
       system.publicKey.exponent: ${PUBLIC_KEY_EXPONENT}
       system.publicKey.modulus: ${PUBLIC_KEY_MODULUS}
       system.publicKey.timestamp: ${PUBLIC_KEY_TIMESTAMP}
diff --git a/external_tools/docker-compose.yml 
b/external_tools/docker-compose.yml
index 137ad0f..010666d 100644
--- a/external_tools/docker-compose.yml
+++ b/external_tools/docker-compose.yml
@@ -39,6 +39,10 @@ services:
   postgres:
     image: postgres:11
     container_name: postgres
+    command:
+      - "postgres"
+      - "-c"
+      - "max_connections=200"
     environment:
       POSTGRES_USER: postgres
       POSTGRES_PASSWORD: postgres
diff --git a/shut-down-and-reset.sh b/shut-down-and-reset.sh
new file mode 100755
index 0000000..a4941bb
--- /dev/null
+++ b/shut-down-and-reset.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+docker-compose down --remove-orphans
+cd external_tools/
+docker-compose down
+cd ..
+docker volume rm external_tools_cassandra-volume
+docker volume rm external_tools_postgres-volume
\ No newline at end of file
diff --git a/start-up.sh b/start-up.sh
index 97deace..8111bb8 100755
--- a/start-up.sh
+++ b/start-up.sh
@@ -1,12 +1,13 @@
 #!/bin/sh
 set -e
 
+# Start up Eureka, ActiveMQ, Cassandra and Postgres
 cd external_tools/
 docker-compose up -d
 cassandra_ip=$(docker inspect -f '{{range 
.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' cassandra)
 postgres_ip=$(docker inspect -f '{{range 
.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' postgres)
 
-# #Test Cassandra and Postgres
+#Test Cassandra and Postgres
 echo "Waiting for Cassandra and Postgres ..."
 while ! nc -z "${cassandra_ip}" 9042 ; do
   sleep 1
@@ -17,10 +18,17 @@ done
 echo "Cassandra and Postgres are up and running..."
 cd ..
 
-echo "Starting up Fineract CN microservices..."
-wget 
https://mifos.jfrog.io/mifos/libs-snapshot-local/org/apache/fineract/cn/lang/0.1.0-BUILD-SNAPSHOT/lang-0.1.0-BUILD-SNAPSHOT.jar
-java -cp lang-0.1.0-BUILD-SNAPSHOT.jar 
org.apache.fineract.cn.lang.security.RsaKeyPairFactory UNIX > .env
+# Start up Fineract CN microservices
+java -cp external_tools/lang-0.1.0-BUILD-SNAPSHOT.jar 
org.apache.fineract.cn.lang.security.RsaKeyPairFactory UNIX > .env
 cat env_variables >> .env
 
+echo "Starting Provisioner... "
+docker-compose up -d provisioner-ms
+# Make sure provisioner is up and running
+echo "Waiting for provisioner to initialize database... "
+while ! docker logs fineract-cn-docker-compose_provisioner-ms_1 | grep -q 
"Started ProvisionerApplication in"; do
+  sleep 1
+done
+echo "Start remaining Fineract CN microservices... "
 docker-compose up -d
-echo "Successfully started fineract services."
+echo "Successfully started fineract services."
\ No newline at end of file