From 5d2069646be6eee0cb69818d18ad6664ebd32e61 Mon Sep 17 00:00:00 2001 From: KulkarniShashank Date: Fri, 2 Feb 2024 16:35:10 +0530 Subject: [PATCH 1/4] refactor: added the docker shell script for spinup the agent Signed-off-by: KulkarniShashank --- Dockerfiles/Dockerfile.agent-provisioning | 16 +- .../AFJ/scripts/docker_start_agent.sh | 259 ++++++++++++++++++ .../AFJ/scripts/start_agent.sh | 2 +- 3 files changed, 273 insertions(+), 4 deletions(-) create mode 100644 apps/agent-provisioning/AFJ/scripts/docker_start_agent.sh diff --git a/Dockerfiles/Dockerfile.agent-provisioning b/Dockerfiles/Dockerfile.agent-provisioning index 5c9c4f19d..d23333fa0 100644 --- a/Dockerfiles/Dockerfile.agent-provisioning +++ b/Dockerfiles/Dockerfile.agent-provisioning @@ -9,7 +9,12 @@ FROM node:18-alpine as build RUN npm install -g pnpm --ignore-scripts \ && apk update \ && apk add openssh-client \ - && apk add aws-cli + && apk add aws-cli \ + && apk add docker \ + && apk add docker-compose + +RUN docker --version && \ + docker-compose --version # Set the working directory WORKDIR /app @@ -40,7 +45,10 @@ FROM node:18-alpine as prod RUN npm install -g pnpm --ignore-scripts \ && apk update \ && apk add openssh-client \ - && apk add aws-cli + && apk add aws-cli \ + && apk add docker \ + && apk add docker-compose + WORKDIR /app @@ -49,6 +57,7 @@ RUN mkdir -p ./agent-provisioning/AFJ/agent-config RUN mkdir -p ./agent-provisioning/AFJ/port-file RUN mkdir -p ./agent-provisioning/AFJ/token + # Copy the compiled code COPY --from=build /app/dist/apps/agent-provisioning/ ./dist/apps/agent-provisioning/ COPY --from=build /app/node_modules ./node_modules @@ -58,15 +67,16 @@ COPY --from=build /app/apps/agent-provisioning/AFJ/port-file ./agent-provisionin # Set permissions RUN chmod +x /app/agent-provisioning/AFJ/scripts/start_agent.sh RUN chmod +x /app/agent-provisioning/AFJ/scripts/start_agent_ecs.sh +RUN chmod +x /app/agent-provisioning/AFJ/scripts/docker_start_agent.sh RUN chmod 777 /app/agent-provisioning/AFJ/endpoints RUN chmod 777 /app/agent-provisioning/AFJ/agent-config RUN chmod 777 /app/agent-provisioning/AFJ/token + # Copy the libs folder COPY libs/ ./libs/ # Set the command to run the microservice CMD ["sh", "-c", "cd libs/prisma-service && npx prisma migrate deploy && npx prisma generate && cd ../.. && node dist/apps/agent-provisioning/main.js"] - # docker build -t agent-provisioning-service -f Dockerfiles/Dockerfile.agent-provisioning . # docker run -d --env-file .env --name agent-provisioning-service docker.io/library/agent-provisioning-service \ No newline at end of file diff --git a/apps/agent-provisioning/AFJ/scripts/docker_start_agent.sh b/apps/agent-provisioning/AFJ/scripts/docker_start_agent.sh new file mode 100644 index 000000000..520a138ad --- /dev/null +++ b/apps/agent-provisioning/AFJ/scripts/docker_start_agent.sh @@ -0,0 +1,259 @@ +#!/bin/sh + +START_TIME=$(date +%s) + +AGENCY=$1 +EXTERNAL_IP=$2 +WALLET_NAME=$3 +WALLET_PASSWORD=$4 +RANDOM_SEED=$5 +WEBHOOK_HOST=$6 +WALLET_STORAGE_HOST=$7 +WALLET_STORAGE_PORT=$8 +WALLET_STORAGE_USER=$9 +WALLET_STORAGE_PASSWORD=${10} +CONTAINER_NAME=${11} +PROTOCOL=${12} +TENANT=${13} +AFJ_VERSION=${14} +INDY_LEDGER=${15} + +echo "AGENCY: $AGENCY" +echo "EXTERNAL_IP: $EXTERNAL_IP" +echo "WALLET_NAME: $WALLET_NAME" +echo "WALLET_PASSWORD: $WALLET_PASSWORD" +echo "RANDOM_SEED: $RANDOM_SEED" +echo "WEBHOOK_HOST: $WEBHOOK_HOST" +echo "WALLET_STORAGE_HOST: $WALLET_STORAGE_HOST" +echo "WALLET_STORAGE_PORT: $WALLET_STORAGE_PORT" +echo "WALLET_STORAGE_USER: $WALLET_STORAGE_USER" +echo "WALLET_STORAGE_PASSWORD: $WALLET_STORAGE_PASSWORD" +echo "CONTAINER_NAME: $CONTAINER_NAME" +echo "PROTOCOL: $PROTOCOL" +echo "TENANT: $TENANT" +echo "AFJ_VERSION: $AFJ_VERSION" +echo "INDY_LEDGER: $INDY_LEDGER" + +ADMIN_PORT_FILE="$PWD/agent-provisioning/AFJ/port-file/last-admin-port.txt" +INBOUND_PORT_FILE="$PWD/agent-provisioning/AFJ/port-file/last-inbound-port.txt" +ADMIN_PORT=8001 +INBOUND_PORT=9001 + +increment_port() { + local port="$1" + local lower_limit="$2" + + while [ "$port" -le "$lower_limit" ]; do + port=$((port + 1)) # Increment the port using arithmetic expansion + done + + echo "$port" +} + +# Check if admin port file exists and if not, create and initialize it +if [ ! -e "$ADMIN_PORT_FILE" ]; then + echo "$ADMIN_PORT" > "$ADMIN_PORT_FILE" +fi + +# Read the last used admin port number from the file +last_used_admin_port=$(cat "$ADMIN_PORT_FILE") +echo "Last used admin port: $last_used_admin_port" + +# Increment the admin port number starting from the last used port +last_used_admin_port=$(increment_port "$last_used_admin_port" "$last_used_admin_port") + +# Save the updated admin port number back to the file and update the global variable +echo "$last_used_admin_port" > "$ADMIN_PORT_FILE" +ADMIN_PORT="$last_used_admin_port" + +# Check if inbound port file exists and if not, create and initialize it +if [ ! -e "$INBOUND_PORT_FILE" ]; then + echo "$INBOUND_PORT" > "$INBOUND_PORT_FILE" +fi + +# Read the last used inbound port number from the file +last_used_inbound_port=$(cat "$INBOUND_PORT_FILE") +echo "Last used inbound port: $last_used_inbound_port" + +# Increment the inbound port number starting from the last used port +last_used_inbound_port=$(increment_port "$last_used_inbound_port" "$last_used_inbound_port") + +# Save the updated inbound port number back to the file and update the global variable +echo "$last_used_inbound_port" > "$INBOUND_PORT_FILE" +INBOUND_PORT="$last_used_inbound_port" + +echo "Last used admin port: $ADMIN_PORT" +echo "Last used inbound port: $INBOUND_PORT" + +echo "AGENT SPIN-UP STARTED" + +if [ -d "${PWD}/agent-provisioning/AFJ/endpoints" ]; then + echo "Endpoints directory exists." +else + echo "Error: Endpoints directory does not exists." + mkdir ${PWD}/agent-provisioning/AFJ/endpoints +fi + +if [ -d "${PWD}/agent-provisioning/AFJ/agent-config" ]; then + echo "Endpoints directory exists." +else + echo "Error: Endpoints directory does not exists." + mkdir ${PWD}/agent-provisioning/AFJ/agent-config +fi + +AGENT_ENDPOINT="${PROTOCOL}://${EXTERNAL_IP}:${INBOUND_PORT}" + +echo "-----$AGENT_ENDPOINT----" +CONFIG_FILE="${PWD}/agent-provisioning/AFJ/agent-config/${AGENCY}_${CONTAINER_NAME}.json" + +echo "--CONFIG_FILE----${CONFIG_FILE}" + +# Check if the file exists +if [ -f "$CONFIG_FILE" ]; then + # If it exists, remove the file + rm "$CONFIG_FILE" +fi + + +cat <${CONFIG_FILE} +{ + "label": "${AGENCY}_${CONTAINER_NAME}", + "walletId": "$WALLET_NAME", + "walletKey": "$WALLET_PASSWORD", + "walletType": "postgres", + "walletUrl": "$WALLET_STORAGE_HOST:$WALLET_STORAGE_PORT", + "walletAccount": "$WALLET_STORAGE_USER", + "walletPassword": "$WALLET_STORAGE_PASSWORD", + "walletAdminAccount": "$WALLET_STORAGE_USER", + "walletAdminPassword": "$WALLET_STORAGE_PASSWORD", + "walletScheme": "DatabasePerWallet", + "indyLedger": $INDY_LEDGER, + "endpoint": [ + "$AGENT_ENDPOINT" + ], + "autoAcceptConnections": true, + "autoAcceptCredentials": "contentApproved", + "autoAcceptProofs": "contentApproved", + "logLevel": 5, + "inboundTransport": [ + { + "transport": "$PROTOCOL", + "port": "$INBOUND_PORT" + } + ], + "outboundTransport": [ + "$PROTOCOL" + ], + "webhookUrl": "$WEBHOOK_HOST/wh/$AGENCY", + "adminPort": "$ADMIN_PORT", + "tenancy": $TENANT +} +EOF + +FILE_NAME="docker-compose_${AGENCY}_${CONTAINER_NAME}.yaml" + +DOCKER_COMPOSE="${PWD}/agent-provisioning/AFJ/${FILE_NAME}" + +# Check if the file exists +if [ -f "$DOCKER_COMPOSE" ]; then + # If it exists, remove the file + rm "$DOCKER_COMPOSE" +fi +cat <${DOCKER_COMPOSE} +version: '3' + +services: + agent: + image: $AFJ_VERSION + + container_name: ${AGENCY}_${CONTAINER_NAME} + restart: always + environment: + AFJ_REST_LOG_LEVEL: 1 + ports: + - ${INBOUND_PORT}:${INBOUND_PORT} + - ${ADMIN_PORT}:${ADMIN_PORT} + + volumes: + - ./agent-config/${AGENCY}_${CONTAINER_NAME}.json:/config.json + + command: --auto-accept-connections --config /config.json + +volumes: + pgdata: + agent-indy_client: + agent-tmp: +EOF + +if [ $? -eq 0 ]; then + cd agent-provisioning/AFJ + echo "docker-compose generated successfully!" + echo "=================" + echo "spinning up the container" + echo "=================" + echo "container-name::::::${CONTAINER_NAME}" + echo "file-name::::::$FILE_NAME" + + docker-compose -f $FILE_NAME up -d + if [ $? -eq 0 ]; then + + n=0 + until [ "$n" -ge 6 ]; do + if netstat -tln | grep ${ADMIN_PORT} >/dev/null; then + + AGENTURL="http://${EXTERNAL_IP}:${ADMIN_PORT}/agent" + agentResponse=$(curl -s -o /dev/null -w "%{http_code}" $AGENTURL) + + if [ "$agentResponse" = "200" ]; then + echo "Agent is running" && break + else + echo "Agent is not running" + n=$((n + 1)) + sleep 10 + fi + else + echo "No response from agent" + n=$((n + 1)) + sleep 10 + fi + done + + echo "Creating agent config" + # Capture the logs from the container + container_logs=$(docker logs $(docker ps -q --filter "name=${AGENCY}_${CONTAINER_NAME}")) + + # Extract the token from the logs using sed + token=$(echo "$container_logs" | sed -nE 's/.*API Toekn: ([^ ]+).*/\1/p') + + # Print the extracted token + echo "Token: $token" + + ENDPOINT="${PWD}/endpoints/${AGENCY}_${CONTAINER_NAME}.json" + + # Check if the file exists + if [ -f "$ENDPOINT" ]; then + # If it exists, remove the file + rm "$ENDPOINT" + fi + cat <${ENDPOINT} + { + "CONTROLLER_ENDPOINT":"${EXTERNAL_IP}:${ADMIN_PORT}" + } +EOF + + cat <${PWD}/token/${AGENCY}_${CONTAINER_NAME}.json + { + "token" : "$token" + } +EOF + echo "Agent config created" + else + echo "===============" + echo "ERROR : Failed to spin up the agent!" + echo "===============" && exit 125 + fi +else + echo "ERROR : Failed to execute!" && exit 125 +fi + +echo "Total time elapsed: $(date -ud "@$(($(date +%s) - $START_TIME))" +%T) (HH:MM:SS)" \ No newline at end of file diff --git a/apps/agent-provisioning/AFJ/scripts/start_agent.sh b/apps/agent-provisioning/AFJ/scripts/start_agent.sh index ea5b17f28..79fa19fc1 100644 --- a/apps/agent-provisioning/AFJ/scripts/start_agent.sh +++ b/apps/agent-provisioning/AFJ/scripts/start_agent.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh START_TIME=$(date +%s) From 6cfb83dea31bfabe28922e6cc1ad1b2ce6294092 Mon Sep 17 00:00:00 2001 From: KulkarniShashank Date: Wed, 21 Feb 2024 19:33:15 +0530 Subject: [PATCH 2/4] Changes on the agent-provisioning dockerfile for the spinup the agent Signed-off-by: KulkarniShashank --- Dockerfiles/Dockerfile.agent-provisioning | 7 ++++++- Dockerfiles/Dockerfile.agent-service | 16 ++++++++++++++++ .../AFJ/scripts/docker_start_agent.sh | 12 ++++++------ docker-compose.yml | 15 ++++++++++++++- 4 files changed, 42 insertions(+), 8 deletions(-) diff --git a/Dockerfiles/Dockerfile.agent-provisioning b/Dockerfiles/Dockerfile.agent-provisioning index d23333fa0..72201a53f 100644 --- a/Dockerfiles/Dockerfile.agent-provisioning +++ b/Dockerfiles/Dockerfile.agent-provisioning @@ -16,6 +16,11 @@ RUN npm install -g pnpm --ignore-scripts \ RUN docker --version && \ docker-compose --version +ARG ROOT_PATH +ENV ROOT_PATH ${ROOT_PATH} + +RUN echo "ROOT_PATH is set to: $ROOT_PATH" + # Set the working directory WORKDIR /app @@ -76,7 +81,7 @@ RUN chmod 777 /app/agent-provisioning/AFJ/token COPY libs/ ./libs/ # Set the command to run the microservice -CMD ["sh", "-c", "cd libs/prisma-service && npx prisma migrate deploy && npx prisma generate && cd ../.. && node dist/apps/agent-provisioning/main.js"] +CMD ["sh", "-c", "cd libs/prisma-service && npx prisma migrate deploy && npx prisma generate && cd ../.. && node dist/apps/agent-provisioning/main.js $ROOT_PATH"] # docker build -t agent-provisioning-service -f Dockerfiles/Dockerfile.agent-provisioning . # docker run -d --env-file .env --name agent-provisioning-service docker.io/library/agent-provisioning-service \ No newline at end of file diff --git a/Dockerfiles/Dockerfile.agent-service b/Dockerfiles/Dockerfile.agent-service index 1089b8234..b226e0631 100644 --- a/Dockerfiles/Dockerfile.agent-service +++ b/Dockerfiles/Dockerfile.agent-service @@ -1,5 +1,13 @@ # Stage 1: Build the application FROM node:18-alpine as build + +RUN npm install -g pnpm --ignore-scripts \ + && apk update \ + && apk add openssh-client \ + && apk add aws-cli \ + && apk add docker \ + && apk add docker-compose + RUN npm install -g pnpm # Set the working directory WORKDIR /app @@ -19,6 +27,14 @@ RUN pnpm run build agent-service # Stage 2: Create the final image FROM node:18-alpine + +RUN npm install -g pnpm --ignore-scripts \ + && apk update \ + && apk add openssh-client \ + && apk add aws-cli \ + && apk add docker \ + && apk add docker-compose + RUN npm install -g pnpm # Set the working directory WORKDIR /app diff --git a/apps/agent-provisioning/AFJ/scripts/docker_start_agent.sh b/apps/agent-provisioning/AFJ/scripts/docker_start_agent.sh index 520a138ad..ab3673453 100644 --- a/apps/agent-provisioning/AFJ/scripts/docker_start_agent.sh +++ b/apps/agent-provisioning/AFJ/scripts/docker_start_agent.sh @@ -106,8 +106,6 @@ AGENT_ENDPOINT="${PROTOCOL}://${EXTERNAL_IP}:${INBOUND_PORT}" echo "-----$AGENT_ENDPOINT----" CONFIG_FILE="${PWD}/agent-provisioning/AFJ/agent-config/${AGENCY}_${CONTAINER_NAME}.json" -echo "--CONFIG_FILE----${CONFIG_FILE}" - # Check if the file exists if [ -f "$CONFIG_FILE" ]; then # If it exists, remove the file @@ -159,25 +157,27 @@ if [ -f "$DOCKER_COMPOSE" ]; then # If it exists, remove the file rm "$DOCKER_COMPOSE" fi +echo ${PWD} cat <${DOCKER_COMPOSE} version: '3' services: - agent: + agent: image: $AFJ_VERSION container_name: ${AGENCY}_${CONTAINER_NAME} restart: always environment: AFJ_REST_LOG_LEVEL: 1 + ROOT_PATH: ${ROOT_PATH} ports: - ${INBOUND_PORT}:${INBOUND_PORT} - ${ADMIN_PORT}:${ADMIN_PORT} volumes: - - ./agent-config/${AGENCY}_${CONTAINER_NAME}.json:/config.json + - ${ROOT_PATH}:/agent-config - command: --auto-accept-connections --config /config.json + command: --auto-accept-connections --config /agent-config/${AGENCY}_${CONTAINER_NAME}.json volumes: pgdata: @@ -194,7 +194,7 @@ if [ $? -eq 0 ]; then echo "container-name::::::${CONTAINER_NAME}" echo "file-name::::::$FILE_NAME" - docker-compose -f $FILE_NAME up -d + docker compose -f $FILE_NAME up -d if [ $? -eq 0 ]; then n=0 diff --git a/docker-compose.yml b/docker-compose.yml index b05c9ab25..07d9fd9c8 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -111,9 +111,17 @@ services: - verification build: context: ./ # Adjust the context path as needed - dockerfile: Dockerfiles/Dockerfile.agnet-provisioning + dockerfile: Dockerfiles/Dockerfile.agent-provisioning + args: + - ROOT_PATH=$PWD/apps/agent-provisioning/AFJ/agent-config env_file: - ./.env + environment: + - ROOT_PATH=$PWD/apps/agent-provisioning/AFJ/agent-config + volumes: + - $PWD/apps/agent-provisioning/AFJ/agent-config:/app/agent-provisioning/AFJ/agent-config + - /var/run/docker.sock:/var/run/docker.sock + - /app/agent-provisioning/AFJ/token:/app/agent-provisioning/AFJ/token agent-service: depends_on: - nats # Use depends_on instead of needs @@ -125,11 +133,16 @@ services: - organization - verification - agent-provisioning + command: sh -c 'until (docker logs platform-agent-provisioning-1 | grep "Agent-Provisioning-Service Microservice is listening to NATS"); do sleep 1; done && node dist/apps/agent-service/main.js' build: context: ./ # Adjust the context path as needed dockerfile: Dockerfiles/Dockerfile.agent-service env_file: - ./.env + volumes: + - /var/run/docker.sock:/var/run/docker.sock + volumes_from: + - agent-provisioning From 950a0edb7d4a72b0862d33d7bd4ddfd1b13f0242 Mon Sep 17 00:00:00 2001 From: KulkarniShashank Date: Mon, 26 Feb 2024 12:39:00 +0530 Subject: [PATCH 3/4] Solved the sonar lint issues Signed-off-by: KulkarniShashank --- Dockerfiles/Dockerfile.agent-provisioning | 29 +++++++++++++---------- 1 file changed, 17 insertions(+), 12 deletions(-) diff --git a/Dockerfiles/Dockerfile.agent-provisioning b/Dockerfiles/Dockerfile.agent-provisioning index 72201a53f..6b6370dcb 100644 --- a/Dockerfiles/Dockerfile.agent-provisioning +++ b/Dockerfiles/Dockerfile.agent-provisioning @@ -6,12 +6,14 @@ FROM node:18-alpine as build # RUN apk add openssh-client # RUN apk update # RUN apk add aws-cli -RUN npm install -g pnpm --ignore-scripts \ - && apk update \ - && apk add openssh-client \ - && apk add aws-cli \ - && apk add docker \ - && apk add docker-compose +RUN set -eux \ + && apk --no-cache add \ + openssh-client \ + aws-cli \ + docker \ + docker-compose \ + && npm install -g pnpm --ignore-scripts \ + && rm -rf /var/cache/apk/* RUN docker --version && \ docker-compose --version @@ -47,12 +49,15 @@ FROM node:18-alpine as prod # RUN apk add openssh-client # RUN apk update # RUN apk add aws-cli -RUN npm install -g pnpm --ignore-scripts \ - && apk update \ - && apk add openssh-client \ - && apk add aws-cli \ - && apk add docker \ - && apk add docker-compose +RUN set -eux \ + && apk --no-cache add \ + openssh-client \ + aws-cli \ + docker \ + docker-compose \ + && npm install -g pnpm --ignore-scripts \ + && rm -rf /var/cache/apk/* + WORKDIR /app From d6eb3790d4e5a8fb92e82d6b8df151e56c01a507 Mon Sep 17 00:00:00 2001 From: KulkarniShashank Date: Mon, 26 Feb 2024 12:57:24 +0530 Subject: [PATCH 4/4] Solved the security issues Signed-off-by: KulkarniShashank --- Dockerfiles/Dockerfile.agent-provisioning | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfiles/Dockerfile.agent-provisioning b/Dockerfiles/Dockerfile.agent-provisioning index 6b6370dcb..7ac849872 100644 --- a/Dockerfiles/Dockerfile.agent-provisioning +++ b/Dockerfiles/Dockerfile.agent-provisioning @@ -13,7 +13,8 @@ RUN set -eux \ docker \ docker-compose \ && npm install -g pnpm --ignore-scripts \ - && rm -rf /var/cache/apk/* + && export PATH=$PATH:/usr/lib/node_modules/pnpm/bin \ + && rm -rf /var/cache/apk/* RUN docker --version && \ docker-compose --version @@ -56,9 +57,8 @@ RUN set -eux \ docker \ docker-compose \ && npm install -g pnpm --ignore-scripts \ - && rm -rf /var/cache/apk/* - - + && export PATH=$PATH:/usr/lib/node_modules/pnpm/bin \ + && rm -rf /var/cache/apk/* WORKDIR /app