deploy demo alpr

README.md

@@ -1,3 +1,34 @@
+# RUN DOCKER DEMO
+
+ADD a clean argo
+```
+./run_argo.sh
+```
+Verify with `kubectl get pods -n argo -w` -> all server are running and 1/1
+Any problem with this, can be a top problem from your k3s or k8s (FIX IT BEFORE)
+
+```
+sudo ./clone_opencloud_microservices.sh demo-alpr
+cd ./docker
+./start-demo.sh
+```
+
+GO on localhost:8000, prefer a "chromium-browser --disable-web-security" chrome no CORS session to reach img. 
+
+Before launch or to stop properly 
+
+```
+cd ./docker
+./stop.sh
+```
+
+if you want a linux app : 
+
+```
+cd ../oc-front
+./local_run_traefik.sh
+```
+
 # Purpose of this component
 
 The purpose of oc-deploy, is to deploy all the OC components over a Kubernetes cluster.

clone_opencloud_microservices.sh

@@ -1,6 +1,5 @@
 #!/bin/bash
 
-
 REPOS=(
     "oc-auth"
     "oc-catalog"
@@ -19,7 +18,7 @@ REPOS=(
 clone_repo() {
     local repo_url="https://cloud.o-forge.io/core/$1.git"
     local repo_name=$(basename "$repo_url" .git)
-    local branch=$2
+    local branche=$2
     echo "Processing repository: $repo_name"
 
     if [ ! -d "$repo_name" ]; then
@@ -30,18 +29,17 @@ clone_repo() {
             exit 1
         fi 
     fi
+    echo "Check in $branche & pull"
+    ls
     echo "Repository '$repo_name' already exists. Pulling latest changes..."
-    cd "$repo_name" && git pull origin $branch && cd ..
+    cd "$repo_name" && git stash && git checkout $branche 
+    cd ..
 }
 
 cd ..
 # Iterate through each repository in the list
-branch = "main"
-if [ -n "$1" ]; then
-    branch = $1
-fi
 for repo in "${REPOS[@]}"; do
-    clone_repo $repo $branch
+    clone_repo $repo ${1:-main}
 done
 
 echo "All repositories processed successfully."

docker/db/datas/peer.json

@@ -1 +1 @@
-[{"_id":"c0cece97-7730-4c2a-8c20-a30944564106","failed_execution":null,"abstractobject":{"update_date":{"$date":"2025-03-27T09:13:13.230Z"},"access_mode":0,"id":"c0cece97-7730-4c2a-8c20-a30944564106","name":"local","is_draft":false,"creation_date":{"$date":"2025-03-27T09:13:13.230Z"}},"url":"http://localhost","wallet_address":"my-wallet","public_key":"-----BEGIN RSA PUBLIC KEY-----\nMIICCgKCAgEAw2pdG6wMtuLcP0+k1LFvIb0DQo/oHW2uNJaEJK74plXqp4ztz2dR\nb+RQHFLeLuqk4i/zc3b4K3fKPXSlwnVPJCwzPrnyT8jYGOZVlWlETiV9xeJhu6s/\nBh6g1PWz75XjjwV50iv/CEiLNBT23f/3J44wrQzygqNQCiQSALdxWLAEl4l5kHSa\n9oMyV70/Uql94/ayMARZsHgp9ZvqQKbkZPw6yzVMfCBxQozlNlo315OHevudhnhp\nDRjN5I7zWmqYt6rbXJJC7Y3Izdvzn7QI88RqjSRST5I/7Kz3ndCqrOnI+OQUE5NT\nREyQebphvQfTDTKlRPXkdyktdK2DH28Zj6ZF3yjQvN35Q4zhOzlq77dO5IhhopI7\nct8dZH1T1nYkvdyCA/EVMtQsASmBOitH0Y0ACoXQK5Kb6nm/TcM/9ZSJUNiEMuy5\ngBZ3YKE9oa4cpTpPXwcA+S/cU7HPNnQAsvD3iJi8GTW9uJs84pn4/WhpQqmXd4rv\nhKWECCN3fHy01fUs/U0PaSj2jDY/kQVeXoikNMzPUjdZd9m816TIBh3v3aVXCH/0\niTHHAxctvDgMRb2fpvRJ/wwnYjFG9RpamVFDMvC9NffuYzWAA9IRIY4cqgerfHrV\nZ2HHiPTDDvDAIsvImXZc/h7mXN6m3RCQ4Qywy993wd9gUdgg/qnynHcCAwEAAQ==\n-----END RSA PUBLIC KEY-----\n","state":1}]
+[{"_id":"c0cece97-7730-4c2a-8c20-a30944564106","failed_execution":null,"abstractobject":{"update_date":{"$date":"2025-03-27T09:13:13.230Z"},"access_mode":0,"id":"c0cece97-7730-4c2a-8c20-a30944564106","name":"local","is_draft":false,"creation_date":{"$date":"2025-03-27T09:13:13.230Z"}},"url":"http://localhost:8000","wallet_address":"my-wallet","public_key":"-----BEGIN RSA PUBLIC KEY-----\nMIICCgKCAgEAw2pdG6wMtuLcP0+k1LFvIb0DQo/oHW2uNJaEJK74plXqp4ztz2dR\nb+RQHFLeLuqk4i/zc3b4K3fKPXSlwnVPJCwzPrnyT8jYGOZVlWlETiV9xeJhu6s/\nBh6g1PWz75XjjwV50iv/CEiLNBT23f/3J44wrQzygqNQCiQSALdxWLAEl4l5kHSa\n9oMyV70/Uql94/ayMARZsHgp9ZvqQKbkZPw6yzVMfCBxQozlNlo315OHevudhnhp\nDRjN5I7zWmqYt6rbXJJC7Y3Izdvzn7QI88RqjSRST5I/7Kz3ndCqrOnI+OQUE5NT\nREyQebphvQfTDTKlRPXkdyktdK2DH28Zj6ZF3yjQvN35Q4zhOzlq77dO5IhhopI7\nct8dZH1T1nYkvdyCA/EVMtQsASmBOitH0Y0ACoXQK5Kb6nm/TcM/9ZSJUNiEMuy5\ngBZ3YKE9oa4cpTpPXwcA+S/cU7HPNnQAsvD3iJi8GTW9uJs84pn4/WhpQqmXd4rv\nhKWECCN3fHy01fUs/U0PaSj2jDY/kQVeXoikNMzPUjdZd9m816TIBh3v3aVXCH/0\niTHHAxctvDgMRb2fpvRJ/wwnYjFG9RpamVFDMvC9NffuYzWAA9IRIY4cqgerfHrV\nZ2HHiPTDDvDAIsvImXZc/h7mXN6m3RCQ4Qywy993wd9gUdgg/qnynHcCAwEAAQ==\n-----END RSA PUBLIC KEY-----\n","state":1}]

docker/start-demo.sh

@@ -1,11 +1,21 @@
 #!/bin/bash
-HOST=${1:-"http://localhost:8000"}
+server=$(grep 'server:' ~/.kube/config | awk '{print $2}')
+
+host=$(ip -4 addr show $(ip route | awk '/default/ {print $5}') | awk '/inet / {print $2}' | cut -d/ -f1)
+port=6443
+ca=$(kubectl config view --raw --minify -o jsonpath='{.clusters[0].cluster.certificate-authority-data}')
+cert=$(kubectl config view --raw --minify -o jsonpath='{.users[0].user.client-certificate-data}')
+key=$(kubectl config view --raw --minify -o jsonpath='{.users[0].user.client-key-data}')
+
+HOST=${2:-"http://localhost:8000"}
 docker network create oc | true
 
 docker compose down
+
 cd ./tools && docker compose  -f ./docker-compose.dev.yml up --force-recreate -d
 docker compose  -f ./docker-compose.traefik.yml up --force-recreate -d  && cd ..
 
+
 cd ./db && ./add.sh && cd ..
 
 cd ../..
@@ -29,6 +39,10 @@ do
    docker kill $i | true
    docker rm $i | true
    cd ./$i 
-   docker build . -t $i --build-arg=HOST=$HOST && docker compose up -d
+   docker build . -t $i --build-arg=HOST=$HOST --build-arg=KUBERNETES_SERVICE_HOST=$host \
+   --build-arg=KUBERNETES_SERVICE_PORT=$port --build-arg=KUBE_CA=$ca --build-arg=KUBE_CERT=$cert \
+   --build-arg=KUBE_DATA=$key  && docker compose up -d
    cd ..
-done
+done
+
+cd ./oc-deploy/docker/tools && docker compose  -f ./docker-compose.dev.yml up hydra-client --force-recreate -d

docker/start.sh

@@ -1,11 +1,20 @@
 #!/bin/bash
-HOST=${1:-"http://localhost:8000"}
+server=$(grep 'server:' ~/.kube/config | awk '{print $2}')
+
+host=$(ip -4 addr show $(ip route | awk '/default/ {print $5}') | awk '/inet / {print $2}' | cut -d/ -f1)
+port=6443
+ca=$(kubectl config view --raw --minify -o jsonpath='{.clusters[0].cluster.certificate-authority-data}')
+cert=$(kubectl config view --raw --minify -o jsonpath='{.users[0].user.client-certificate-data}')
+key=$(kubectl config view --raw --minify -o jsonpath='{.users[0].user.client-key-data}')
+
+export HOST=${HOST:-"http://localhost:8000"}
 docker network create oc | true
 
 docker compose down
 cd ./tools && docker compose  -f ./docker-compose.dev.yml up --force-recreate -d
 docker compose  -f ./docker-compose.traefik.yml up --force-recreate -d  && cd ..
 
+
 cd ../..
 
 REPOS=(
@@ -27,6 +36,15 @@ do
    docker kill $i | true
    docker rm $i | true
    cd ./$i 
-   docker build . -t $i --build-arg=HOST=$HOST && docker compose up -d
+   cat > ./env.env <<EOF
+KUBERNETES_SERVICE_HOST=$hostdocker 
+KUBERNETES_SERVICE_PORT=$port
+KUBE_CA="$ca"
+KUBE_CERT="$cert"
+KUBE_DATA="$key"
+EOF
+   make run-docker
    cd ..
-done
+done
+
+cd ./oc-deploy/docker/tools && docker compose  -f ./docker-compose.dev.yml up hydra-client --force-recreate -d

docker/tools/docker-compose.dev.yml

@@ -69,43 +69,6 @@ services:
       - GF_SECURITY_ADMIN_PASSWORD=pfnirt                   # Change this to anything but admin to not have a password change page at startup
       - GF_SECURITY_ADMIN_USER=admin
       - GF_SECURITY_DISABLE_INITIAL_ADMIN_PASSWORD_CHANGE=true
-  hydra-client: 
-        image: oryd/hydra:v2.2.0
-        container_name: hydra-client
-        environment:
-            HYDRA_ADMIN_URL: http://hydra:4445
-            ORY_SDK_URL: http://hydra:4445
-        command:
-            - create
-            - oauth2-client
-            - --skip-tls-verify
-            - --name
-            - test-client
-            - --secret
-            - oc-auth-got-secret
-            - --response-type
-            - id_token,token,code
-            - --grant-type
-            - implicit,refresh_token,authorization_code,client_credentials
-            - --scope
-            - openid,profile,email,roles
-            - --token-endpoint-auth-method
-            - client_secret_post
-            - --redirect-uri
-            - http://localhost:3000
-
-        networks:
-            - oc
-        deploy:
-            restart_policy:
-                condition: none
-        depends_on:
-            - hydra
-        healthcheck:
-            test: ["CMD", "curl", "-f", "http://hydra:4445"]
-            interval: 10s
-            timeout: 10s
-            retries: 10
   hydra:
       container_name: hydra
       image: oryd/hydra:v2.2.0
@@ -153,6 +116,44 @@ services:
     container_name: keto
     networks: 
       - oc
+  
+  hydra-client: 
+        image: oryd/hydra:v2.2.0
+        container_name: hydra-client
+        environment:
+            HYDRA_ADMIN_URL: http://hydra:4445
+            ORY_SDK_URL: http://hydra:4445
+        command:
+            - create
+            - oauth2-client
+            - --skip-tls-verify
+            - --name
+            - test-client
+            - --secret
+            - oc-auth-got-secret
+            - --response-type
+            - id_token,token,code
+            - --grant-type
+            - implicit,refresh_token,authorization_code,client_credentials
+            - --scope
+            - openid,profile,email,roles
+            - --token-endpoint-auth-method
+            - client_secret_post
+            - --redirect-uri
+            - http://localhost:3000
+
+        networks:
+            - oc
+        deploy:
+            restart_policy:
+                condition: none
+        depends_on:
+            - hydra
+        healthcheck:
+            test: ["CMD", "curl", "-f", "http://hydra:4445"]
+            interval: 10s
+            timeout: 10s
+            retries: 10
 
 volumes:
   oc-data:

env.env

@@ -0,0 +1,5 @@
+KUBERNETES_SERVICE_HOST=127.0.0.1
+KUBERNETES_SERVICE_PORT=6443
+KUBE_CA=""
+KUBE_CERT=""
+KUBE_DATA=""

run_argo.sh

@@ -0,0 +1,19 @@
+#!/bin/bash
+set -e
+
+kubectl get pods -n kube-system -o name | xargs -n1 kubectl delete --force --grace-period=0 -n kube-system
+
+NAMESPACE="argo"
+ARGO_MANIFEST="https://raw.githubusercontent.com/argoproj/argo-workflows/stable/manifests/install.yaml"
+
+echo "=== Create namespace if missing ==="
+kubectl get ns $NAMESPACE >/dev/null 2>&1 || kubectl create ns $NAMESPACE
+
+echo "=== Delete all dangling pods in $NAMESPACE ==="
+kubectl delete pod --all -n $NAMESPACE --ignore-not-found
+
+echo "=== Apply Argo manifests ==="
+kubectl apply -n $NAMESPACE -f $ARGO_MANIFEST
+
+echo "=== All done! ==="
+kubectl get pods -n $NAMESPACE