diff --git a/.github/workflows/master_merge.yml b/.github/workflows/master_merge.yml
index af3ac68..37aaf2d 100644
--- a/.github/workflows/master_merge.yml
+++ b/.github/workflows/master_merge.yml
@@ -4,9 +4,10 @@ on:
push:
branches: master
+
jobs:
build-ckan-2-9:
- runs-on: ubuntu-latest
+ runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
diff --git a/.github/workflows/pr_checks.yml b/.github/workflows/pr_checks.yml
index 092597c..4619032 100644
--- a/.github/workflows/pr_checks.yml
+++ b/.github/workflows/pr_checks.yml
@@ -4,9 +4,10 @@ on:
pull_request:
branches: master
+
jobs:
build-ckan-2-9:
- runs-on: ubuntu-latest
+ runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
@@ -52,6 +53,8 @@ jobs:
tags: keitaro/ckan:${{ steps.ubuntu.outputs.IMAGE_TAG }}
cache-from: type=local,src=/tmp/.buildx-cache-ubuntu-2-9
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-ubuntu-2-9
+ build-args: |
+ --progress=plain
build-ckan-2-8:
runs-on: ubuntu-latest
diff --git a/Readme.md b/Readme.md
index 93b442b..b5bfecf 100644
--- a/Readme.md
+++ b/Readme.md
@@ -48,7 +48,7 @@ We recommend to use a multi-stage approach to extend the docker images that we p
###################
### Extensions ####
###################
-FROM ghcr.io/keitaroinc/ckan:2.9.5 as extbuild
+FROM ghcr.io/keitaroinc/ckan:2.9.8 as extbuild
# Switch to the root user
USER root
@@ -64,7 +64,7 @@ RUN pip wheel --wheel-dir=/wheels git+https://github.com/acmecorp/ckanext-acme@0
############
### MAIN ###
############
-FROM ghcr.io/keitaroinc/ckan:2.9.5
+FROM ghcr.io/keitaroinc/ckan:2.9.8
# Add the custom extensions to the plugins list
ENV CKAN__PLUGINS envvars image_view text_view recline_view datastore datapusher acme
@@ -94,9 +94,9 @@ You can add scripts to CKAN custom images and copy them to the *docker-afterinit
## Build
To build a CKAN image run:
```sh
-docker build --tag ghcr.io/keitaroinc/ckan:2.9.5 images/ckan/2.9
+docker build --tag ghcr.io/keitaroinc/ckan:2.9.8 images/ckan/2.9
```
-The –-tag ghcr.io/keitaroinc/ckan:2.9.5 flag sets the image name to ghcr.io/keitaroinc/ckan:2.9.5 and 'images/ckan/2.9' at the end tells docker build to use the context into the specified directory where the Dockerfile and related contents are.
+The –-tag ghcr.io/keitaroinc/ckan:2.9.8 flag sets the image name to ghcr.io/keitaroinc/ckan:2.9.8 and 'images/ckan/2.9' at the end tells docker build to use the context into the specified directory where the Dockerfile and related contents are.
## Upload to DockerHub
>*It's recommended to upload built images to DockerHub*
diff --git a/compose/2.8/.ckan-env b/compose/2.8/.ckan-env
index f67c88b..6e37970 100644
--- a/compose/2.8/.ckan-env
+++ b/compose/2.8/.ckan-env
@@ -10,6 +10,10 @@ CKAN_SITE_ID=default
CKAN_SITE_URL=http://localhost:5000
CKAN_PORT=5000
CKAN_MAX_UPLOAD_SIZE_MB=10
+CKAN___BEAKER__SESSION__SECRET=CHANGE_ME
+# See https://docs.ckan.org/en/latest/maintaining/configuration.html#api-token-settings
+CKAN___API_TOKEN__JWT__ENCODE__SECRET=string:CHANGE_ME
+CKAN___API_TOKEN__JWT__DECODE__SECRET=string:CHANGE_ME
# CKAN Plugins
CKAN__PLUGINS=envvars image_view text_view recline_view datastore datapusher
# CKAN requires storage path to be set in order for filestore to be enabled
diff --git a/compose/2.8/.env b/compose/2.8/.env
index 9d90e47..83b4c85 100644
--- a/compose/2.8/.env
+++ b/compose/2.8/.env
@@ -12,7 +12,7 @@ POSTGRES_PORT=5432
DATASTORE_READONLY_PASSWORD=datastore
# CKAN
-CKAN_VERSION=2.8.10
+CKAN_VERSION=2.8.12
CKAN_SITE_ID=default
CKAN_SITE_URL=http://localhost:5000
CKAN_PORT=5000
diff --git a/compose/2.8/docker-compose.yml b/compose/2.8/docker-compose.yml
index 5711653..18c7b36 100644
--- a/compose/2.8/docker-compose.yml
+++ b/compose/2.8/docker-compose.yml
@@ -15,6 +15,7 @@ services:
- backend
depends_on:
- db
+ - solr
ports:
- "0.0.0.0:${CKAN_PORT}:5000"
env_file:
diff --git a/compose/2.8/postgresql/Dockerfile b/compose/2.8/postgresql/Dockerfile
index e5fcbb7..95e8cf6 100644
--- a/compose/2.8/postgresql/Dockerfile
+++ b/compose/2.8/postgresql/Dockerfile
@@ -1,4 +1,4 @@
-FROM postgis/postgis:14-3.2-alpine
+FROM postgis/postgis:11-3.3-alpine
# Allow connections; we don't map out any ports so only linked docker containers can connect
RUN echo "host all all 0.0.0.0/0 md5" >> /var/lib/postgresql/data/pg_hba.conf
diff --git a/compose/2.8/solr/solrconfig-2.8.10.xml b/compose/2.8/solr/solrconfig-2.8.12.xml
similarity index 100%
rename from compose/2.8/solr/solrconfig-2.8.10.xml
rename to compose/2.8/solr/solrconfig-2.8.12.xml
diff --git a/compose/2.8/solr/solrconfig-2.9.5.xml b/compose/2.8/solr/solrconfig-2.9.7.xml
similarity index 100%
rename from compose/2.8/solr/solrconfig-2.9.5.xml
rename to compose/2.8/solr/solrconfig-2.9.7.xml
diff --git a/compose/2.8/solr/solrconfig-2.9.8.xml b/compose/2.8/solr/solrconfig-2.9.8.xml
new file mode 100644
index 0000000..9b90496
--- /dev/null
+++ b/compose/2.8/solr/solrconfig-2.9.8.xml
@@ -0,0 +1,203 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+index_id
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/compose/2.9/.ckan-env b/compose/2.9/.ckan-env
index ceb8509..250b161 100644
--- a/compose/2.9/.ckan-env
+++ b/compose/2.9/.ckan-env
@@ -10,6 +10,10 @@ CKAN_SITE_ID=default
CKAN_SITE_URL=http://localhost:5000
CKAN_PORT=5000
CKAN_MAX_UPLOAD_SIZE_MB=10
+CKAN___BEAKER__SESSION__SECRET=CHANGE_ME
+# See https://docs.ckan.org/en/latest/maintaining/configuration.html#api-token-settings
+CKAN___API_TOKEN__JWT__ENCODE__SECRET=string:CHANGE_ME
+CKAN___API_TOKEN__JWT__DECODE__SECRET=string:CHANGE_ME
# CKAN Plugins
CKAN__PLUGINS=envvars image_view text_view recline_view datastore datapusher
# CKAN requires storage path to be set in order for filestore to be enabled
@@ -32,5 +36,5 @@ CKAN__DATAPUSHER__URL=http://datapusher:8000
CKAN__DATAPUSHER__CALLBACK_URL_BASE=http://ckan:5000/
# Solr configuration
-CKAN_VERSION=2.9.5
+CKAN_VERSION=2.9.8
CKAN_CORE_NAME=ckan
diff --git a/compose/2.9/.env b/compose/2.9/.env
index 822c1bf..1765a6b 100644
--- a/compose/2.9/.env
+++ b/compose/2.9/.env
@@ -12,7 +12,7 @@ POSTGRES_PORT=5432
DATASTORE_READONLY_PASSWORD=datastore
# CKAN
-CKAN_VERSION=2.9.5
+CKAN_VERSION=2.9.8
CKAN_SITE_ID=default
CKAN_SITE_URL=http://localhost:5000
CKAN_PORT=5000
diff --git a/compose/2.9/docker-compose.yml b/compose/2.9/docker-compose.yml
index 8eac2a7..95f693c 100644
--- a/compose/2.9/docker-compose.yml
+++ b/compose/2.9/docker-compose.yml
@@ -15,6 +15,7 @@ services:
- backend
depends_on:
- db
+ - solr
ports:
- "0.0.0.0:${CKAN_PORT}:5000"
env_file:
diff --git a/compose/2.9/solr8/ckan_init_solr.sh b/compose/2.9/solr8/ckan_init_solr.sh
index fb8b8c1..680a1fa 100755
--- a/compose/2.9/solr8/ckan_init_solr.sh
+++ b/compose/2.9/solr8/ckan_init_solr.sh
@@ -4,7 +4,7 @@
# Arguments are supplied via environment variables: CKAN_CORE_NAME CKAN_VERSION
# Example:
# CKAN_CORE_NAME=ckan
-# CKAN_VERSION=2.9.5
+# CKAN_VERSION=2.9.8
set -e
diff --git a/examples/harvest/.ckan-env b/examples/harvest/.ckan-env
index ba51f22..b745b6f 100644
--- a/examples/harvest/.ckan-env
+++ b/examples/harvest/.ckan-env
@@ -33,5 +33,5 @@ CKAN__HARVEST__MQ__TYPE=redis
CKAN__HARVEST__MQ__HOSTNAME=redis
# Solr configuration
-CKAN_VERSION=2.9.5
+CKAN_VERSION=2.9.8
CKAN_CORE_NAME=ckan
diff --git a/examples/harvest/.env b/examples/harvest/.env
index 822c1bf..1765a6b 100644
--- a/examples/harvest/.env
+++ b/examples/harvest/.env
@@ -12,7 +12,7 @@ POSTGRES_PORT=5432
DATASTORE_READONLY_PASSWORD=datastore
# CKAN
-CKAN_VERSION=2.9.5
+CKAN_VERSION=2.9.8
CKAN_SITE_ID=default
CKAN_SITE_URL=http://localhost:5000
CKAN_PORT=5000
diff --git a/examples/harvest/Dockerfile b/examples/harvest/Dockerfile
index 5914b3d..3a2c008 100644
--- a/examples/harvest/Dockerfile
+++ b/examples/harvest/Dockerfile
@@ -1,7 +1,7 @@
###################
### Extensions ####
###################
-FROM ghcr.io/keitaroinc/ckan:2.9.5 as extbuild
+FROM ghcr.io/keitaroinc/ckan:2.9.8 as extbuild
# Locations and tags, please use specific tags or revisions
ENV HARVEST_GIT_URL=https://github.com/ckan/ckanext-harvest
@@ -30,7 +30,7 @@ USER ckan
############
### MAIN ###
############
-FROM ghcr.io/keitaroinc/ckan:2.9.5
+FROM ghcr.io/keitaroinc/ckan:2.9.8
LABEL maintainer="Keitaro Inc "
diff --git a/examples/s3filestore/.ckan-env b/examples/s3filestore/.ckan-env
index 7ef13f8..2800308 100644
--- a/examples/s3filestore/.ckan-env
+++ b/examples/s3filestore/.ckan-env
@@ -38,5 +38,5 @@ CKANEXT__S3FILESTORE__REGION_NAME=us-east-1
CKANEXT__S3FILESTORE__SIGNATURE_VERSION=s3v4
# Solr configuration
-CKAN_VERSION=2.9.5
+CKAN_VERSION=2.9.8
CKAN_CORE_NAME=ckan
diff --git a/examples/s3filestore/.env b/examples/s3filestore/.env
index 822c1bf..1765a6b 100644
--- a/examples/s3filestore/.env
+++ b/examples/s3filestore/.env
@@ -12,7 +12,7 @@ POSTGRES_PORT=5432
DATASTORE_READONLY_PASSWORD=datastore
# CKAN
-CKAN_VERSION=2.9.5
+CKAN_VERSION=2.9.8
CKAN_SITE_ID=default
CKAN_SITE_URL=http://localhost:5000
CKAN_PORT=5000
diff --git a/examples/s3filestore/Dockerfile b/examples/s3filestore/Dockerfile
index e4f8748..166952d 100644
--- a/examples/s3filestore/Dockerfile
+++ b/examples/s3filestore/Dockerfile
@@ -1,7 +1,7 @@
###################
### Extensions ####
###################
-FROM ghcr.io/keitaroinc/ckan:2.9.5 as extbuild
+FROM ghcr.io/keitaroinc/ckan:2.9.8 as extbuild
# Locations and tags, please use specific tags or revisions
ENV S3FILESTORE_GIT_URL=https://github.com/keitaroinc/ckanext-s3filestore
@@ -20,7 +20,7 @@ USER ckan
############
### MAIN ###
############
-FROM ghcr.io/keitaroinc/ckan:2.9.5
+FROM ghcr.io/keitaroinc/ckan:2.9.8
LABEL maintainer="Keitaro Inc "
diff --git a/images/ckan/2.7/Dockerfile b/images/ckan/2.7/Dockerfile
index 3474e4e..5974c69 100644
--- a/images/ckan/2.7/Dockerfile
+++ b/images/ckan/2.7/Dockerfile
@@ -58,7 +58,7 @@ COPY ./scripts/apply_ckan_patches.sh ${SRC_DIR}/apply_ckan_patches.sh
RUN ${SRC_DIR}/apply_ckan_patches.sh
RUN rm -rf /srv/app/src/ckan/.git
RUN pip wheel --wheel-dir=/wheels -r ckan/requirements.txt
-RUN pip wheel --wheel-dir=/wheels uwsgi==2.0.19.1 gevent==21.1.2 greenlet==1.1.0
+RUN pip wheel --wheel-dir=/wheels uwsgi==2.0.19.1 gevent==21.12.0 greenlet==1.1.3
###########################
@@ -139,7 +139,7 @@ COPY --from=extbuild /wheels /srv/app/ext_wheels
COPY --from=ckanbuild /srv/app/src/ckan ${CKAN_DIR}
# Additional install steps for build stages artifacts
-RUN pip install --no-index --find-links=/srv/app/wheels uwsgi==2.0.19.1 gevent==21.1.2
+RUN pip install --no-index --find-links=/srv/app/wheels uwsgi==2.0.19.1 gevent==21.12.0
# Create a local user and group to run the app
RUN addgroup -g 92 -S ckan && \
@@ -158,6 +158,7 @@ RUN pip install -e /srv/app/src/ckan && \
echo "UTC" > /etc/timezone && \
# Generate CKAN config
paster --plugin=ckan make-config ckan ${APP_DIR}/production.ini && \
+ paster --plugin=ckan config-tool ${APP_DIR}/production.ini "beaker.session.secret = " && \
paster --plugin=ckan config-tool ${APP_DIR}/production.ini "ckan.plugins = ${CKAN__PLUGINS}" && \
# Set the default level for extensions to INFO
paster --plugin=ckan config-tool ${APP_DIR}/production.ini -s logger_ckanext -e level=INFO && \
diff --git a/images/ckan/2.7/Dockerfile.focal b/images/ckan/2.7/Dockerfile.focal
index bc5c9e2..5e0cfbc 100644
--- a/images/ckan/2.7/Dockerfile.focal
+++ b/images/ckan/2.7/Dockerfile.focal
@@ -83,7 +83,7 @@ COPY ./scripts/apply_ckan_patches.sh ${SRC_DIR}/apply_ckan_patches.sh
RUN ${SRC_DIR}/apply_ckan_patches.sh
RUN rm -rf /srv/app/src/ckan/.git
RUN pip wheel --wheel-dir=/wheels -r ckan/requirements.txt
-RUN pip wheel --wheel-dir=/wheels uwsgi==2.0.19.1 gevent==21.1.2 greenlet==1.1.0
+RUN pip wheel --wheel-dir=/wheels uwsgi==2.0.19.1 gevent==21.12.0 greenlet==1.1.3
###########################
@@ -189,8 +189,7 @@ COPY --from=extbuild /wheels /srv/app/ext_wheels
COPY --from=ckanbuild /srv/app/src/ckan ${CKAN_DIR}
# Additional install steps for build stages artifacts
-RUN pip install --no-index --find-links=/srv/app/wheels uwsgi==2.0.19.1 gevent==21.1.2
-
+RUN pip install --no-index --find-links=/srv/app/wheels uwsgi==2.0.19.1 gevent==21.12.0
# Create a local user and group to run the app
RUN groupadd -g 92 ckan && \
useradd -rm -d /srv/app -s /bin/bash -g ckan -u 92 ckan
diff --git a/images/ckan/2.7/setup/app/start_ckan.sh b/images/ckan/2.7/setup/app/start_ckan.sh
index a0bc80d..a7bf12a 100755
--- a/images/ckan/2.7/setup/app/start_ckan.sh
+++ b/images/ckan/2.7/setup/app/start_ckan.sh
@@ -12,8 +12,16 @@ then
done
fi
+if grep -E "beaker.session.secret ?= ?$" $APP_DIR/production.ini
+then
+ echo "Setting beaker.session.secret in ini file"
+ paster --plugin=ckan config-tool $APP_DIR/production.ini "beaker.session.secret=$(python -c 'import secrets; print(secrets.token_urlsafe())')"
+fi
+
# Set the common uwsgi options
-UWSGI_OPTS="--socket /tmp/uwsgi.sock --uid 92 --gid 92 --http :5000 --master --enable-threads --paste config:/srv/app/production.ini --paste-logger /srv/app/production.ini --lazy-apps --gevent 2000 -p 2 -L --gevent-early-monkey-patch"
+echo "Starting UWSGI with '${UWSGI_PROC_NO:-2}' workers"
+
+UWSGI_OPTS="--socket /tmp/uwsgi.sock --uid 92 --gid 92 --http :5000 --master --enable-threads --paste config:/srv/app/production.ini --paste-logger /srv/app/production.ini --lazy-apps --gevent 2000 -p ${UWSGI_PROC_NO:-2} -L --gevent-early-monkey-patch"
# Run the prerun script to init CKAN and create the default admin user
python prerun.py || { echo '[CKAN prerun] FAILED. Exiting...' ; exit 1; }
diff --git a/images/ckan/2.8/Dockerfile b/images/ckan/2.8/Dockerfile
index c1d940c..ea24952 100644
--- a/images/ckan/2.8/Dockerfile
+++ b/images/ckan/2.8/Dockerfile
@@ -4,11 +4,11 @@
FROM alpine:3.14.2 as ckanbuild
# Used by Github Actions to tag the image with
-ENV IMAGE_TAG=2.8.10
+ENV IMAGE_TAG=2.8.12
# Set CKAN version to build
ENV GIT_URL=https://github.com/ckan/ckan.git
-ENV GIT_BRANCH=ckan-2.8.10
+ENV GIT_BRANCH=ckan-2.8.12
# Set src dirs
ENV SRC_DIR=/srv/app/src
@@ -54,7 +54,7 @@ COPY ./scripts/apply_ckan_patches.sh ${SRC_DIR}/apply_ckan_patches.sh
RUN ${SRC_DIR}/apply_ckan_patches.sh
RUN rm -rf /srv/app/src/ckan/.git
RUN pip wheel --wheel-dir=/wheels -r ckan/requirements.txt
-RUN pip wheel --wheel-dir=/wheels uwsgi==2.0.19.1 gevent==21.1.2 greenlet==1.1.0
+RUN pip wheel --wheel-dir=/wheels uwsgi==2.0.19.1 gevent==21.12.0 greenlet==1.1.3
###########################
@@ -132,7 +132,7 @@ COPY --from=extbuild /wheels /srv/app/ext_wheels
COPY --from=ckanbuild /srv/app/src/ckan ${CKAN_DIR}
# Additional install steps for build stages artifacts
-RUN pip install --no-index --find-links=/srv/app/wheels uwsgi==2.0.19.1 gevent==21.1.2
+RUN pip install --no-index --find-links=/srv/app/wheels uwsgi==2.0.19.1 gevent==21.12.0
# Create a local user and group to run the app
RUN addgroup -g 92 -S ckan && \
@@ -151,6 +151,7 @@ RUN pip install -e /srv/app/src/ckan && \
echo "UTC" > /etc/timezone && \
# Generate CKAN config
paster --plugin=ckan make-config ckan ${APP_DIR}/production.ini && \
+ paster --plugin=ckan config-tool ${APP_DIR}/production.ini "beaker.session.secret = " && \
paster --plugin=ckan config-tool ${APP_DIR}/production.ini "ckan.plugins = ${CKAN__PLUGINS}" && \
# Set the default level for extensions to INFO
paster --plugin=ckan config-tool ${APP_DIR}/production.ini -s logger_ckanext -e level=INFO && \
diff --git a/images/ckan/2.8/Dockerfile.focal b/images/ckan/2.8/Dockerfile.focal
index 6ff0a95..2e1790f 100644
--- a/images/ckan/2.8/Dockerfile.focal
+++ b/images/ckan/2.8/Dockerfile.focal
@@ -4,11 +4,11 @@
FROM ubuntu:focal-20210827 as ckanbuild
# Used by Github Actions to tag the image with
-ENV IMAGE_TAG=2.8.10-focal
+ENV IMAGE_TAG=2.8.12-focal
# Set CKAN version to build
ENV GIT_URL=https://github.com/ckan/ckan.git
-ENV GIT_BRANCH=ckan-2.8.10
+ENV GIT_BRANCH=ckan-2.8.12
# Set timezone
ENV TZ=UTC
@@ -75,7 +75,7 @@ COPY ./scripts/apply_ckan_patches.sh ${SRC_DIR}/apply_ckan_patches.sh
RUN ${SRC_DIR}/apply_ckan_patches.sh
RUN rm -rf /srv/app/src/ckan/.git
RUN pip wheel --wheel-dir=/wheels -r ckan/requirements.txt
-RUN pip wheel --wheel-dir=/wheels uwsgi==2.0.19.1 gevent==21.1.2 greenlet==1.1.0
+RUN pip wheel --wheel-dir=/wheels uwsgi==2.0.19.1 gevent==21.12.0 greenlet==1.1.3
###########################
@@ -174,7 +174,7 @@ COPY --from=extbuild /wheels /srv/app/ext_wheels
COPY --from=ckanbuild /srv/app/src/ckan ${CKAN_DIR}
# Additional install steps for build stages artifacts
-RUN pip install --no-index --find-links=/srv/app/wheels uwsgi==2.0.19.1 gevent==21.1.2
+RUN pip install --no-index --find-links=/srv/app/wheels uwsgi==2.0.19.1 gevent==21.12.0
# Create a local user and group to run the app
RUN groupadd -g 92 ckan && \
diff --git a/images/ckan/2.8/setup/app/start_ckan.sh b/images/ckan/2.8/setup/app/start_ckan.sh
index a0bc80d..a7bf12a 100755
--- a/images/ckan/2.8/setup/app/start_ckan.sh
+++ b/images/ckan/2.8/setup/app/start_ckan.sh
@@ -12,8 +12,16 @@ then
done
fi
+if grep -E "beaker.session.secret ?= ?$" $APP_DIR/production.ini
+then
+ echo "Setting beaker.session.secret in ini file"
+ paster --plugin=ckan config-tool $APP_DIR/production.ini "beaker.session.secret=$(python -c 'import secrets; print(secrets.token_urlsafe())')"
+fi
+
# Set the common uwsgi options
-UWSGI_OPTS="--socket /tmp/uwsgi.sock --uid 92 --gid 92 --http :5000 --master --enable-threads --paste config:/srv/app/production.ini --paste-logger /srv/app/production.ini --lazy-apps --gevent 2000 -p 2 -L --gevent-early-monkey-patch"
+echo "Starting UWSGI with '${UWSGI_PROC_NO:-2}' workers"
+
+UWSGI_OPTS="--socket /tmp/uwsgi.sock --uid 92 --gid 92 --http :5000 --master --enable-threads --paste config:/srv/app/production.ini --paste-logger /srv/app/production.ini --lazy-apps --gevent 2000 -p ${UWSGI_PROC_NO:-2} -L --gevent-early-monkey-patch"
# Run the prerun script to init CKAN and create the default admin user
python prerun.py || { echo '[CKAN prerun] FAILED. Exiting...' ; exit 1; }
diff --git a/images/ckan/2.9/Dockerfile b/images/ckan/2.9/Dockerfile
index d68240e..5458289 100644
--- a/images/ckan/2.9/Dockerfile
+++ b/images/ckan/2.9/Dockerfile
@@ -4,11 +4,11 @@
FROM alpine:3.13.7 as ckanbuild
# Used by Github Actions to tag the image with
-ENV IMAGE_TAG=2.9.5
+ENV IMAGE_TAG=2.9.8
# Set CKAN version to build
ENV GIT_URL=https://github.com/ckan/ckan.git
-ENV GIT_BRANCH=ckan-2.9.5
+ENV GIT_BRANCH=ckan-2.9.8
# Set src dirs
ENV SRC_DIR=/srv/app/src
@@ -60,7 +60,7 @@ COPY ./scripts/apply_ckan_patches.sh ${SRC_DIR}/apply_ckan_patches.sh
RUN ${SRC_DIR}/apply_ckan_patches.sh
RUN rm -rf /srv/app/src/ckan/.git
RUN pip wheel --wheel-dir=/wheels -r ckan/requirements.txt
-RUN pip wheel --wheel-dir=/wheels uwsgi==2.0.19.1 gevent==21.1.2 greenlet==1.1.0
+RUN pip wheel --wheel-dir=/wheels uWSGI==2.0.20 gevent==21.12.0 greenlet==1.1.3
###########################
@@ -143,7 +143,7 @@ COPY --from=extbuild /wheels /srv/app/ext_wheels
COPY --from=ckanbuild /srv/app/src/ckan ${CKAN_DIR}
# Additional install steps for build stages artifacts
-RUN pip install --no-index --find-links=/srv/app/wheels uwsgi==2.0.19.1 gevent==21.1.2
+RUN pip install --no-index --find-links=/srv/app/wheels uWSGI==2.0.20 gevent==21.12.0
# Create a local user and group to run the app
RUN addgroup -g 92 -S ckan && \
@@ -162,6 +162,7 @@ RUN pip install -e /srv/app/src/ckan && \
echo "UTC" > /etc/timezone && \
# Generate CKAN config
ckan generate config ${APP_DIR}/production.ini && \
+ ckan config-tool ${APP_DIR}/production.ini "beaker.session.secret = " && \
# Configure plugins
ckan config-tool ${APP_DIR}/production.ini "ckan.plugins = ${CKAN__PLUGINS}" && \
# Create the data directory
diff --git a/images/ckan/2.9/Dockerfile.focal b/images/ckan/2.9/Dockerfile.focal
index c8edbcb..3e6abc8 100644
--- a/images/ckan/2.9/Dockerfile.focal
+++ b/images/ckan/2.9/Dockerfile.focal
@@ -4,11 +4,11 @@
FROM ubuntu:focal-20210827 as ckanbuild
# Used by Github Actions to tag the image with
-ENV IMAGE_TAG=2.9.5-focal
+ENV IMAGE_TAG=2.9.8-focal
# Set CKAN version to build
ENV GIT_URL=https://github.com/ckan/ckan.git
-ENV GIT_BRANCH=ckan-2.9.5
+ENV GIT_BRANCH=ckan-2.9.8
# Set timezone
ENV TZ=UTC
@@ -81,7 +81,7 @@ COPY ./scripts/apply_ckan_patches.sh ${SRC_DIR}/apply_ckan_patches.sh
RUN ${SRC_DIR}/apply_ckan_patches.sh
RUN rm -rf /srv/app/src/ckan/.git
RUN pip wheel --wheel-dir=/wheels -r ckan/requirements.txt
-RUN pip wheel --wheel-dir=/wheels uwsgi==2.0.19.1 gevent==21.1.2 greenlet==1.1.0
+RUN pip wheel --wheel-dir=/wheels uWSGI==2.0.20 gevent==21.12.0 greenlet==1.1.3
###########################
@@ -192,7 +192,7 @@ COPY --from=extbuild /wheels /srv/app/ext_wheels
COPY --from=ckanbuild /srv/app/src/ckan ${CKAN_DIR}
# Additional install steps for build stages artifacts
-RUN pip install --no-index --find-links=/srv/app/wheels uwsgi==2.0.19.1 gevent==21.1.2
+RUN pip install --no-index --find-links=/srv/app/wheels uWSGI==2.0.20 gevent==21.12.0
# Create a local user and group to run the app
RUN groupadd -g 92 ckan && \
diff --git a/images/ckan/2.9/setup/app/start_ckan.sh b/images/ckan/2.9/setup/app/start_ckan.sh
index fee6dad..f1b5986 100755
--- a/images/ckan/2.9/setup/app/start_ckan.sh
+++ b/images/ckan/2.9/setup/app/start_ckan.sh
@@ -12,8 +12,16 @@ then
done
fi
-# Set the common uwsgi options
-UWSGI_OPTS="--socket /tmp/uwsgi.sock --uid ckan --gid ckan --http :5000 --master --enable-threads --wsgi-file /srv/app/wsgi.py --module wsgi:application --lazy-apps --gevent 2000 -p 2 -L --gevent-early-monkey-patch --vacuum --harakiri 50 --callable application"
+if grep -E "beaker.session.secret ?= ?$" $APP_DIR/production.ini
+then
+ echo "Setting secrets in ini file"
+ ckan config-tool $APP_DIR/production.ini "beaker.session.secret=$(python3 -c 'import secrets; print(secrets.token_urlsafe())')"
+ ckan config-tool $APP_DIR/production.ini "api_token.jwt.encode.secret=$(python3 -c 'import secrets; print("string:" + secrets.token_urlsafe())')"
+ ckan config-tool $APP_DIR/production.ini "api_token.jwt.decode.secret=$(python3 -c 'import secrets; print("string:" + secrets.token_urlsafe())')"
+fi
+
+echo "Starting UWSGI with '${UWSGI_PROC_NO:-2}' workers"
+UWSGI_OPTS="--socket /tmp/uwsgi.sock --uid ckan --gid ckan --http :5000 --master --enable-threads --wsgi-file /srv/app/wsgi.py --module wsgi:application --lazy-apps --gevent 2000 -p ${UWSGI_PROC_NO:-2} -L --gevent-early-monkey-patch --vacuum --harakiri 50 --callable application"
# Run the prerun script to init CKAN and create the default admin user
python prerun.py || { echo '[CKAN prerun] FAILED. Exiting...' ; exit 1; }
diff --git a/images/datapusher/Dockerfile b/images/datapusher/Dockerfile
index f425cfb..bd42b0c 100644
--- a/images/datapusher/Dockerfile
+++ b/images/datapusher/Dockerfile
@@ -50,7 +50,7 @@ RUN pip wheel --wheel-dir=/wheels -r ${REQUIREMENTS_URL}
RUN curl -o /wheels/requirements.txt ${REQUIREMENTS_URL}
# Get uwsgi and gevent from pip
-RUN pip wheel --wheel-dir=/wheels uwsgi==2.0.19.1 gevent==20.6.2 greenlet==0.4.16
+RUN pip wheel --wheel-dir=/wheels uwsgi==2.0.19.1 gevent==21.12.0 greenlet==1.1.3
############
@@ -80,7 +80,7 @@ RUN curl -o /tmp/get-pip.py https://bootstrap.pypa.io/get-pip.py && \
COPY --from=build /wheels /srv/app/wheels
# Install uwsgi and gevent
-RUN pip install --no-index --find-links=/srv/app/wheels uwsgi==2.0.19.1 gevent==20.6.2
+RUN pip install --no-index --find-links=/srv/app/wheels uwsgi==2.0.19.1 gevent==21.12.0
# Create a local user and group to run the app
RUN addgroup -g 92 -S ckan && \