Ops crash course

README.md

@@ -6,7 +6,7 @@
 
 Pour commencer :
 
-## [Docker](docker/DOCKER.md)
+## [Docker](ops/cours/OPS_COURS.md)
 
 Pour l'ensemble des parties du cours
 

api/.env

@@ -1,3 +1,7 @@
 POSTGRES_USER=userpd
 POSTGRES_PASSWORD=postgrespassword
 POSTGRES_DB=dbesiee
+
+PGADMIN_DEFAULT_EMAIL=morgan.courivaud@esiee.fr
+PGADMIN_DEFAULT_PASSWORD=pgadminpassword
+PGADMIN_LISTEN_PORT=9001

api/Dockerfile

@@ -3,5 +3,6 @@ FROM tiangolo/uvicorn-gunicorn-fastapi:python3.7
 ADD requirements.txt .
 
 RUN pip install -r requirements.txt
+WORKDIR /app
 
 COPY ./app /app/app

api/app/main.py

@@ -1,12 +1,15 @@
+import base64
 from typing import Optional
-from fastapi import FastAPI
+from fastapi import FastAPI, Header
 from fastapi.middleware.cors import CORSMiddleware
 import json
 import asyncio
 import os
+
+from starlette.requests import Request
 from starlette_exporter import PrometheusMiddleware, handle_metrics
-from .models import BaseSQL, engine
-from . import routers
+from models import BaseSQL, engine
+import routers
 
 app = FastAPI(
     title="My title",
@@ -28,7 +31,7 @@
 )
 
 app.include_router(routers.PostRouter)
-app.include_router(routers.HealthRouter)
+#app.include_router(routers.HealthRouter)
 
 app.add_middleware(PrometheusMiddleware)
 app.add_route("/metrics", handle_metrics)
@@ -38,10 +41,16 @@
 async def startup_event():
     BaseSQL.metadata.create_all(bind=engine)
 
+
 @app.get("/api/headers")
-def read_hello(request: Request, x_userinfo: Optional[str] = Header(None, convert_underscores=True), ):
+def read_hello(
+    request: Request,
+    x_userinfo: Optional[str] = Header(None, convert_underscores=True),
+):
     print(request["headers"])
-    return {"Headers": json.loads(base64.b64decode(x_userinfo))}
+    b64 = base64.b64decode(x_userinfo.encode("utf-8"))
+    return {"Headers": request["headers"]}
+
 
 @app.get("/")
 def read_root():

api/app/models/__init__.py

@@ -1,3 +1,3 @@
 from .post import Post
 from .database import BaseSQL
-from .db import get_db, engine
+from .db import get_db, engine

api/app/models/database.py

@@ -1,20 +1,20 @@
 from sqlalchemy import create_engine
 from sqlalchemy.ext.declarative import declarative_base
 from sqlalchemy.orm import sessionmaker
-import os 
+import os
 
 
 POSTGRES_USER = os.environ.get("POSTGRES_USER")
 POSTGRES_PASSWORD = os.environ.get("POSTGRES_PASSWORD")
 POSTGRES_DB = os.environ.get("POSTGRES_DB")
 
 
-SQLALCHEMY_DATABASE_URL = f"postgresql://{POSTGRES_USER}:{POSTGRES_PASSWORD}@postgres/{POSTGRES_DB}"
+SQLALCHEMY_DATABASE_URL = (
+    f"postgresql://{POSTGRES_USER}:{POSTGRES_PASSWORD}@db/{POSTGRES_DB}"
+)
 print(SQLALCHEMY_DATABASE_URL)
 
-engine = create_engine(
-    SQLALCHEMY_DATABASE_URL
-)
+engine = create_engine(SQLALCHEMY_DATABASE_URL)
 SessionLocal = sessionmaker(autocommit=False, autoflush=True, bind=engine)
 
 BaseSQL = declarative_base()

api/app/models/db.py

@@ -6,4 +6,4 @@ def get_db():
         db = SessionLocal()
         yield db
     finally:
-        db.close()
+        db.close()

api/app/routers/__init__.py

@@ -1,2 +1,2 @@
 from .posts import router as PostRouter
-from .health import router as HealthRouter
+from .health import router as HealthRouter

api/app/routers/health.py

@@ -22,6 +22,8 @@ def read_root():
 
 
 @router.get("/api/headers")
-def read_hello(request: Request, x_userinfo: Optional[str] = Header(None, convert_underscores=True)):
+def read_hello(
+    request: Request, x_userinfo: Optional[str] = Header(None, convert_underscores=True)
+):
     print(request["headers"])
     return {"Headers": json.loads(base64.b64decode(x_userinfo))}

api/app/routers/posts.py

@@ -1,6 +1,6 @@
 from fastapi import APIRouter, Depends
-from ..services import posts as posts_service
-from .. import schemas, models
+from services import posts as posts_service
+import schemas, models
 from sqlalchemy.orm import Session
 
 router = APIRouter(prefix="/posts")
@@ -25,8 +25,9 @@ async def get_posts_by_title(title: str = None, db: Session = Depends(models.get
 
 
 @router.put("/{post_id}", tags=["posts"])
-async def update_post_by_id(post_id: str, post: schemas.Post,
-                            db: Session = Depends(models.get_db)):
+async def update_post_by_id(
+    post_id: str, post: schemas.Post, db: Session = Depends(models.get_db)
+):
     return posts_service.update_post(post_id=post_id, db=db, post=post)
 
 

api/app/services/posts.py

@@ -3,7 +3,7 @@
 from sqlalchemy.orm import Session
 from fastapi import HTTPException
 from datetime import datetime
-from .. import models, schemas
+import models, schemas
 
 
 def get_all_posts(db: Session, skip: int = 0, limit: int = 10) -> List[models.Post]:
@@ -16,7 +16,7 @@ def get_all_posts(db: Session, skip: int = 0, limit: int = 10) -> List[models.Po
 def get_post_by_id(post_id: str, db: Session) -> models.Post:
     record = db.query(models.Post).filter(models.Post.id == post_id).first()
     if not record:
-        raise HTTPException(status_code=404, detail="Not Found") 
+        raise HTTPException(status_code=404, detail="Not Found")
     record.id = str(record.id)
     return record
 

api/tp/predict/app/main.py

@@ -1,6 +1,6 @@
 from fastapi import FastAPI, BackgroundTasks
 import pathlib
-import glob 
+import glob
 from joblib import load, dump
 from schema import IrisPredict, IrisTrain
 import numpy as np
@@ -14,16 +14,17 @@
     version="0.0.1",
 )
 
-global  clf
+global clf
+
+CLASSES = ["setosa", "versicolor", "virginica"]
 
-CLASSES = ['setosa', 'versicolor', 'virginica']
 
 @app.get("/")
 def read_root():
     return {"Hello": "World"}
 
 
-@app.on_event('startup')
+@app.on_event("startup")
 async def load_model():
     global clf
     all_model_paths = glob.glob("./data/iris_*")
@@ -34,11 +35,12 @@ async def load_model():
 @app.post("/iris/predict")
 async def predict_iris(iris: IrisPredict):
     return {
-        "predicted_classes" : clf.predict(np.asarray([iris.data])).tolist(),
-        "predicted_probas" : clf.predict_proba(np.asarray([iris.data])).tolist(), 
-        "classes" : CLASSES
+        "predicted_classes": clf.predict(np.asarray([iris.data])).tolist(),
+        "predicted_probas": clf.predict_proba(np.asarray([iris.data])).tolist(),
+        "classes": CLASSES,
     }
 
+
 def retrain_model(X, y):
     logreg = LogisticRegression()
     logreg.fit(X, y)
@@ -52,7 +54,7 @@ async def train_iris_model(iris: IrisTrain, background_tasks: BackgroundTasks):
     background_tasks.add_task(retrain_model, X=X, y=y)
     return {"message": "Notification sent in the background"}
 
+
 @app.get("/iris/classes")
 async def create_post(iris: IrisPredict):
     return CLASSES
-

api/tp/predict/app/schema.py

@@ -5,6 +5,7 @@
 class IrisPredict(BaseModel):
     data: List[float]
 
+
 class IrisTrain(BaseModel):
     data: List[List[float]]
-    targets: List[float]
+    targets: List[float]

authentication/tp/api.py

@@ -7,15 +7,14 @@
 oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
 
 # Configure client
-keycloak_openid = KeycloakOpenID(server_url="http://localhost:8080/auth/",
-                                 client_id="fastapi",
-                                 realm_name="master",
-                                 client_secret_key="97e13e2d-90e6-447f-9e3b-914b27653821")
+keycloak_openid = KeycloakOpenID(
+    server_url="http://localhost:8080/auth/",
+    client_id="fastapi",
+    realm_name="master",
+    client_secret_key="97e13e2d-90e6-447f-9e3b-914b27653821",
+)
 
 
 @app.get("/protected")
 def protected(token: str = Depends(oauth2_scheme)):
-    return {
-        "Hello": "World",
-        "user_infos": token
-    }
+    return {"Hello": "World", "user_infos": token}

authentication/tp/front.py

@@ -7,27 +7,30 @@
 from os.path import join, dirname, realpath
 import requests
 
-UPLOADS_PATH = join(dirname(realpath(__file__)), 'client_secrets.json')
+UPLOADS_PATH = join(dirname(realpath(__file__)), "client_secrets.json")
 logging.basicConfig(level=logging.DEBUG)
 app = Flask(__name__)
 
 print(UPLOADS_PATH)
-app.config.update({
-    'SECRET_KEY': 'SomethingNotEntirelySecret',
-    'TESTING': True,
-    'DEBUG': True,
-    'OIDC_CLIENT_SECRETS': UPLOADS_PATH,
-    'OIDC_ID_TOKEN_COOKIE_SECURE': False,
-    'OIDC_REQUIRE_VERIFIED_EMAIL': False,
-    'OIDC_USER_INFO_ENABLED': True,
-    'OIDC_OPENID_REALM': 'master',
-    'OIDC_SCOPES': ['openid', 'email', 'profile'],
-    'OIDC_INTROSPECTION_AUTH_METHOD': 'client_secret_post'
-})
+app.config.update(
+    {
+        "SECRET_KEY": "SomethingNotEntirelySecret",
+        "TESTING": True,
+        "DEBUG": True,
+        "OIDC_CLIENT_SECRETS": UPLOADS_PATH,
+        "OIDC_ID_TOKEN_COOKIE_SECURE": False,
+        "OIDC_REQUIRE_VERIFIED_EMAIL": False,
+        "OIDC_USER_INFO_ENABLED": True,
+        "OIDC_OPENID_REALM": "master",
+        "OIDC_SCOPES": ["openid", "email", "profile"],
+        "OIDC_INTROSPECTION_AUTH_METHOD": "client_secret_post",
+    }
+)
 
 
 oidc = OpenIDConnect(app)
 
+
 @app.before_request
 def before_request():
     if oidc.user_loggedin:
@@ -36,58 +39,68 @@ def before_request():
         g.user = None
 
 
-@app.route('/')
+@app.route("/")
 def hello_world():
     if oidc.user_loggedin:
-        return ('Hello, %s, <a href="/private">See private</a> '
-                '<a href="/logout">Log out</a>') % \
-            oidc.user_getfield('preferred_username')
+        return (
+            'Hello, %s, <a href="/private">See private</a> '
+            '<a href="/logout">Log out</a>'
+        ) % oidc.user_getfield("preferred_username")
     else:
         return 'Welcome anonymous, <a href="/private">Log in</a>'
 
 
-@app.route('/private')
+@app.route("/private")
 @oidc.require_login
 def hello_me():
     """Example for protected endpoint that extracts private information from the OpenID Connect id_token.
-       Uses the accompanied access_token to access a backend service.
+    Uses the accompanied access_token to access a backend service.
     """
 
-    info = oidc.user_getinfo(['preferred_username', 'email', 'sub'])
+    info = oidc.user_getinfo(["preferred_username", "email", "sub"])
 
-    username = info.get('preferred_username')
-    email = info.get('email')
-    user_id = info.get('sub')
+    username = info.get("preferred_username")
+    email = info.get("email")
+    user_id = info.get("sub")
 
     if user_id in oidc.credentials_store:
         try:
             from oauth2client.client import OAuth2Credentials
-            access_token = OAuth2Credentials.from_json(oidc.credentials_store[user_id]).access_token
-            headers = {'Authorization': 'Bearer %s' % (access_token)}
+
+            access_token = OAuth2Credentials.from_json(
+                oidc.credentials_store[user_id]
+            ).access_token
+            headers = {"Authorization": "Bearer %s" % (access_token)}
             # YOLO
-            greeting = requests.get('http://127.0.0.1:1235/protected', headers=headers).text
+            greeting = requests.get(
+                "http://127.0.0.1:1235/protected", headers=headers
+            ).text
         except:
             greeting = "Hello %s" % username
 
-
-    return ("""%s your email is %s and your user_id is %s!
+    return """%s your email is %s and your user_id is %s!
                <ul>
                  <li><a href="/">Home</a></li>
                  <li><a href="//localhost:8080/auth/realms/master/account?referrer=flask-app&referrer_uri=http://localhost:5000/private&">Account</a></li>
-                </ul>""" %
-            (greeting, email, user_id))
+                </ul>""" % (
+        greeting,
+        email,
+        user_id,
+    )
 
 
-@app.route('/logout')
+@app.route("/logout")
 def logout():
     """Performs local logout by removing the session cookie."""
 
     res = make_response('Hi, you have been logged out! <a href="/">Return</a>')
     session.clear()
     oidc.logout()
-    requests.get("http://localhost:8080/auth/realms/master/protocol/openid-connect/logout")
+    requests.get(
+        "http://localhost:8080/auth/realms/master/protocol/openid-connect/logout"
+    )
     return res
 
 
-if __name__ == '__main__':
-    app.run(host='0.0.0.0', port=5001, debug=True)
+if __name__ == "__main__":
+    app.run(host="0.0.0.0", port=5001, debug=True)

base_authentication/.env

@@ -0,0 +1,6 @@
+POSTGRES_USER=userpd
+POSTGRES_PASSWORD=postgrespassword
+POSTGRES_DB=dbesiee
+
+JWT_SECRET_KEY=mysecretkey
+JWT_SECRET_ALGORITHM=HS256