Merge branch 'release/1.6.0'

.env.example

@@ -81,6 +81,18 @@ EXPRESSION_AUTO_SYNC="0 * * * *"
 #                           example value: /home/myuser/firebase_keyfile.json
 FIREBASE_KEYFILE_PATH=/home/myuser/firebase_keyfile.json
 
+#################################################################################################
+###################################### DT PROCESS SETUP #########################################
+#################################################################################################
+
+# DT_API_DATA_USERNAME:     Username of DT Process API data.
+#                           default value: dt_user
+DT_API_DATA_USERNAME=dt_user
+
+# DT_API_DATA_PASSWORD:     Password of DT Process API data.
+#                           default value: dt_secret
+DT_API_DATA_PASSWORD=dt_secret
+
 ###########################################################################################################
 ###########################################  DATA BACKUP SETUP ############################################
 ###########################################################################################################

README.md

@@ -44,11 +44,11 @@ Repository with configuration files required for OCARIoT platform **deployment i
 All software installation is performed using the following command:
 
 ```sh
-curl -o- https://raw.githubusercontent.com/ocariot/docker-swarm/1.5.3/install.sh | sudo bash
+curl -o- https://raw.githubusercontent.com/ocariot/docker-swarm/1.6.0/install.sh | sudo bash
 ```
 
 ```sh
-wget -qO- https://raw.githubusercontent.com/ocariot/docker-swarm/1.5.3/install.sh | sudo bash
+wget -qO- https://raw.githubusercontent.com/ocariot/docker-swarm/1.6.0/install.sh | sudo bash
 ```
 
 
@@ -111,7 +111,16 @@ Variables used by the Data Sync Agent microservice, responsible for data synchro
 | `FITBIT_CLIENT_SECRET` |  Client Secret for Fitbit Application resposible to manage user data. This information is later shared through the REST API to the android application _(DA App)_. | `1234ab56cd789123wzd123a` |
 | `EXPRESSION_AUTO_SYNC` | Frequency time that the application will sync the users data in background according to the crontab expression. For example, the value `0 * * * *` means that synchronization will occur every hour. | `"0 * * * *"` |
 
-#### 2.1.5 Authorization/Authentication Setup
+#### 2.1.5 DT Process Setup
+
+Variables to define the user's credentials for DT Process service.
+
+| Variable | Description | Example |
+| -------- | ----------- | ------- |
+| `DT_API_DATA_USERNAME` | Username of DT Process API data. | `dt_user` |
+| `DT_API_DATA_PASSWORD` | Password of DT Process API data. | `dt_secret` |
+
+#### 2.1.6 Authorization/Authentication Setup
 
 Variables to define the administrator user's credentials the first time the platform is instantiated.
 
@@ -120,7 +129,7 @@ Variables to define the administrator user's credentials the first time the plat
 | `ADMIN_USERNAME` | Username of the default admin user created automatically at the first time the OCARIoT platform is instantiated. | `admin` |
 | `ADMIN_PASSWORD` | Password of the default admin user created automatically at the first time the OCARIoT platform is instatiated. | `admin` |
 
-#### 2.1.6 Data Backup Setup
+#### 2.1.7 Data Backup Setup
 
 Variables responsible for defining backup settings. The variables with prefix `CLOUD` are commented out by default, to activate them uncommented and set their respective value based on the values provided by the cloud service that you want to perform the backups and restores. The supported cloud storage services are Google Drive and AWS S3.
 

config/ocariot/service/scripts/initializing_service.sh

@@ -9,11 +9,12 @@ read_json()
 # Function to get credentials to mount URI and to access PSMDB
 get_psmdb_credential()
 {
-    PS_NAME="$(echo ${HOSTNAME} | sed  's/-service//g')"
+	  # Identifying the service that is running the script
+    local CONTAINER=$(echo ${HOSTNAME} | sed 's/-service//g')
 
     RET_CREDENTIAL=1
     while [[ $RET_CREDENTIAL -ne 200 ]]; do
-        echo "=> Waiting for ${PS_NAME} credential..."
+        echo "=> Waiting for ${CONTAINER} credential..."
         # The requests are realized every 2 seconds
         sleep 2
         # Request to get access credential for PSMDB
@@ -24,9 +25,6 @@ get_psmdb_credential()
                 ${VAULT_BASE_URL}/v1/database/creds/${HOSTNAME})
     done
 
-    # Identifying the service that is running the script
-    local CONTAINER=$(echo ${HOSTNAME} | sed 's/-service//g')
-
     # Processing credentials received
     CREDENTIAL=$(cat /tmp/psmdb_credential.json)
 
@@ -35,16 +33,21 @@ get_psmdb_credential()
     # Password received
     local PASSWD=$(read_json password ${CREDENTIAL})
 
-    if [ "${PS_NAME}" = "missions" ]; then
-        echo "export DATABASE_NAME=${PS_NAME}" >> ~/.bashrc
-        echo "export DATABASE_USER_NAME=${USER}" >> ~/.bashrc
-        echo "export DATABASE_USER_PASSWORD=${PASSWD}" >> ~/.bashrc
+    if [ "${CONTAINER}" = "missions" ]; then
+        echo -e "export DATABASE_NAME=${CONTAINER}\n" \
+        	"export DATABASE_USER_NAME=${USER}\n" \
+        	"export DATABASE_USER_PASSWORD=${PASSWD}" >> ~/.bashrc
+    elif [ "${CONTAINER}" = "dt-process" ]; then
+        echo -e "export MONGO_DATABASE=${CONTAINER}\n" \
+        	"export MONGO_COLLECTION=SloopChildren\n" \
+        	"export MONGODB_URI_PYTHON=mongodb://${USER}:${PASSWD}@psmdb-${CONTAINER}:27017/${CONTAINER}?ssl=true\&ssl_cert_reqs=CERT_NONE\n" \
+					"export MONGODB_URI=mongodb://${USER}:${PASSWD}@psmdb-${CONTAINER}:27017/${CONTAINER}?ssl=true" >> ~/.bashrc
     else
         # Mounting environment variable and placing in "~/.bashrc" file
         echo "export MONGODB_URI=mongodb://${USER}:${PASSWD}@psmdb-${CONTAINER}:27017/${CONTAINER}?ssl=true" >> ~/.bashrc
     fi
 
-    if [ "${PS_NAME}" = "notification" ]; then
+    if [ "${CONTAINER}" = "notification" ]; then
 
         RET=1
         while [[ $RET -ne 200 ]]; do
@@ -66,7 +69,7 @@ get_psmdb_credential()
         # User received
         local KEYSTORE_PASS=$(read_json value ${CREDENTIAL})
 
-        echo "export MONGO_NOTIFICATION_DATABASE=${PS_NAME} KEYSTORE_PASS=${KEYSTORE_PASS}" >> ~/.bashrc
+        echo "export MONGO_NOTIFICATION_DATABASE=${CONTAINER} KEYSTORE_PASS=${KEYSTORE_PASS}" >> ~/.bashrc
 
         keytool -import -file /etc/.certs/ca.crt -alias ca_vault \
           -keystore /usr/lib/jvm/java-1.8-openjdk/jre/lib/security/cacerts \
@@ -278,4 +281,3 @@ if [ "$(echo "${HOSTNAME}" | grep notification)" ];then
 else
     npm start
 fi
-

config/ocariot/vault/policies/dt-process-service.hcl

@@ -0,0 +1,11 @@
+path "database/creds/dt-process-service" {
+  capabilities = ["read"]
+}
+
+path "rabbitmq/creds/read_write" {
+  capabilities = ["read"]
+}
+
+path "pki/issue/dt-process-service" {
+  capabilities = ["read","update"]
+}

config/ocariot/vault/policies/psmdb-dt-process.hcl

@@ -0,0 +1,11 @@
+path "secret/data/vault/ca" {
+  capabilities = ["read"]
+}
+
+path "pki/issue/psmdb-dt-process" {
+  capabilities = ["read","update"]
+}
+
+path "secret/data/psmdb-dt-process/*" {
+  capabilities = ["create", "read"]
+}

docker-ocariot-stack.yml

@@ -384,6 +384,40 @@ services:
       options:
         max-size: 100m
 
+  psmdb-dt-process: # MongoDB container for the DT Process Service
+    hostname: psmdb-dt-process
+    image: percona/percona-server-mongodb:latest
+    user: root
+    environment:
+      - VAULT_BASE_URL=https://vault:8200
+    volumes:
+      - type: volume
+        source: psmdb-dt-process-data
+        target: /data/db
+      - type: bind
+        source: ./config/ocariot/vault/.tokens/access-token-psmdb-dt-process
+        target: /tmp/access-token-psmdb-dt-process
+    command: initializing_psmdb.sh
+    configs:
+      - source: ocariot-mongo-config
+        target: /tmp/base_conf_mongod
+        mode: 400
+      - source: ocariot-init-psmdb-config
+        target: /usr/bin/initializing_psmdb.sh
+        mode: 0100
+    secrets:
+      - source: vault-ca-cert
+        target: /tmp/vault/ca.crt
+        mode: 0400
+    depends_on:
+      - vault
+    networks:
+      - ocariot
+    logging:
+      driver: json-file
+      options:
+        max-size: 100m
+
   psmysql-missions:
     hostname: psmysql-missions
     image: percona/percona-server:latest
@@ -824,6 +858,49 @@ services:
       options:
         max-size: 100m
 
+  dt-process: # Container for OCARIoT DT Process service
+    hostname: dt-process-service
+    image: ocariot/dtprocess-sloop:latest
+    deploy:
+      replicas: 1
+      restart_policy:
+        condition: any
+        delay: 15s
+        max_attempts: 15
+    environment:
+      - VAULT_BASE_URL=https://vault:8200
+      - PROTOCOL=https
+      - PORT_HTTP=11000
+      - PORT_HTTPS=11001
+      - MONGODB_URI_PYTHON=mongodb://${DT_PROCESS_DB_USER}:${DT_PROCESS_DB_PASS}@mongo-dt-process:27017/dt-process?ssl=true&ssl_cert_reqs=CERT_NONE
+      - USERNAME_OCARIOT_API_DATA=${DT_API_DATA_USERNAME}
+      - PASSWORD_OCARIOT_API_DATA=${DT_API_DATA_PASSWORD}
+      - MONGO_DATABASE=dt-process
+      - MONGO_COLLECTION=SloopChildren
+    volumes:
+      - type: bind
+        source: ./config/ocariot/vault/.tokens/access-token-dt-process-service
+        target: /tmp/access-token-dt-process-service
+    command: initializing_service.sh
+    configs:
+      - source: ocariot-init-service-config
+        target: /usr/bin/initializing_service.sh
+        mode: 0100
+    secrets:
+      - source: vault-ca-cert
+        target: /tmp/vault/ca.crt
+        mode: 0400
+    depends_on:
+      - psmdb-dt-process
+      - rabbitmq
+      - vault
+    networks:
+      - ocariot
+    logging:
+      driver: json-file
+      options:
+        max-size: 100m
+
   missions:
     hostname: missions-service
     image: ocariot/missions:latest
@@ -977,6 +1054,8 @@ volumes:
     name: ocariot-psmdb-gamification-data
   psmdb-notification-data:
     name: ocariot-psmdb-notification-data
+  psmdb-dt-process-data:
+    name: ocariot-psmdb-dt-process-data
   psmysql-missions-data:
     name: ocariot-psmysql-missions-data
   consul-data:

install.sh

@@ -4,7 +4,7 @@ INSTALL_PATH="/opt/ocariot-swarm"
 
 version()
 {
-  echo "1.5.3"
+  echo "1.6.0"
 }
 
 isInstalled()