-
Before you can build this project, you must install the following dependencies on your machine:
-
Java 11 SDK.
-
Node.js: We use Node to run a development web server and build the project. Depending on your system, you can install Node either from source or as a pre-packaged bundle. The version of node we are using can be found in the .nvmrc file.
- If you are using nvm simply run the following commands from the root directory of the project to install and use the correct version of node.
nvm install nvm use
-
After installing Node and yarn, you should be able to run the following command to install development tools. You will only need to run this command when dependencies change in package.json.
yarn install
We use yarn scripts and Webpack as our build system.
-
If you are using redis as a cache, you will have to launch a cache server.
-
To start your cache server, run:
docker-compose -f src/main/docker/redis.yml up
-
The cache can also be turned off by adding to the application-dev.yaml:
spring: cache: type: none
See here for details.
-
-
Configure Keycloak and Google SSO
To log in to your app, you'll need to have Keycloak up and running.
docker-compose -f src/main/docker/keycloak.yml up
-
Once keycloak server is running, go to
http://localhost:8080and clickAdministration Console -
Login with the credential
username: admin, password:admin.- Note this will match the credentials in the keycloak.yml.
-
Create a realm and name it
oncokb-curation -
Create a new openid-connect client
- Set Access Type to
confidential - Enable Standard Flow
- Enable implicit flow
- Disable access grants
- Disable service accounts
- Disable OAuth 2.0 Device Authorization Grant
- Disable Authorization
- Set valid Redirect URI's to
http://localhost:*andhttps://localhost:* - Set Web Origins to
*
- Set Access Type to
-
Follow instructions to obtain Google Oauth2 client id and secret.
-
In Keycloak, go to Identity Providers > Edit button on google provider > Replace client id and secret
-
Copy the redirect URL for the google identity provider. It should look like
http://localhost:8080/realms/oncokb-curation/broker/google/endpoint -
Go back to Google APIs & Services
Credentialstab and click on your application. Add the redirect URL from the last step into the list with the labelAuthorized redirect URIs. -
Update the security settings in application-dev.yml.
- Include realm name in the
spring.security.oauth2.client.provider.oidc.issue-uriproperty. - To find the client secret, go to keycloak admin console and look for
web_appclient. Find theCredentialstab and copy the client secret. Credentials tab will only show when the client'sAccess Type = confidential.
spring: ... security: oauth2: client: provider: oidc: issuer-uri: http://localhost:8080/realms/oncokb-curation registration: oidc: client-id: web_app client-secret: CLIENT_SECRET scope: openid,profile,email
- Include realm name in the
-
-
Configure Firebase
-
Go to Firebase Console and create a new project
- You can disable Google Analytics
-
Expand Build and click Realtime Database
-
Click Create Database
- You can use the default location
- Start in locked mode
-
Import a JSON file with seed data.
- If you wish to have sample data for firebase then please contact dev@oncokb.org
-
Click the Rules section of the Realtime Database page
-
Create a Firebase Realtime Database and configure the rules as such:
{ "rules": { ".read": "auth !== null && auth.token.firebaseAuthorizedUser === true", ".write": "auth !== null && auth.token.firebaseAuthorizedUser === true" } } -
Click Publish to save the changes
-
Select gear icon next to Project Overview
-
Click Project settings
-
Choose Service Accounts on header
-
Under Firebase Admin SDK section, click on Generate new private key
-
Move the service account credentials under
src/main/resources/<CREDENTIALS_FILENAME>.json -
Update
application.firebase.service-account-credentials-pathto the filename -
Under Project Overview page in the General tab under the Your apps section click the
</>to add a web application. -
Pick whatever name you want to represent the oncokb curation frontend
- You do not need to setup firebase hosting
-
The resulting credential and paste them in the corresponding fields in
application.firebase -
Expand Build and click Authentication
-
Click the Sign-in method section and add email/password provider
-
-
Verify that your mysql configuration in application-dev.yaml is correct for you mysql server instance.
spring: datasource: url: jdbc:mysql://localhost:3306/oncokb_curation?useUnicode=true&characterEncoding=utf8&useSSL=false&useLegacyDatetimeCode=false&serverTimezone=UTC&createDatabaseIfNotExist=true username: root password: root
-
Run the application (Don't login just yet)
- Note your a oncokb_curation schema will be created in your mysql database. Data will also be seeded for it.
./mvnw
-
Wait until the server is listening to requests and is able to redirect you to the login screen. (server url defaults to
http://localhost:9090) -
Add a login for yourself into your mysql instance. Replace <your_email> with your gmail email address.
INSERT INTO `oncokb_curation`.`user` ( `login`, `email`, `created_by`, `activated`) VALUES ('<your_email>', '<your_email>', 'SYSTEM', 1); SET @UserID = (SELECT Id FROM `oncokb_curation`.`user` WHERE email = '<your_email>'); INSERT INTO `oncokb_curation`.`user_authority` (user_id, authority_name) VALUES (@UserId, 'ROLE_ADMIN'), (@UserId, 'ROLE_CURATOR'), (@UserId, 'ROLE_USER');
-
Login to curation!
To build the final jar and optimize the oncokb-curation application for production, run:
./mvnw -Pprod clean verifyThis will concatenate and minify the client CSS and JavaScript files. It will
also modify index.html so it references these new files.
To ensure everything worked, run:
java -jar target/\*.jarThen navigate to http://localhost:9090 in your browser.
To package your application as a war in order to deploy it to an application server, run:
./mvnw -Pprod,war clean verifyTo launch your application's tests, run:
./mvnw verifyTo run the tests the first time, you need to follow the steps in below.
- Run the brew command for the Mac in the compiling section of the node-canvas readme. For other systems, please see compiling section for instructions.
brew install pkg-config cairo pango libpng jpeg giflib librsvg pixman- Install the new npm packages with yarn.
yarn install --frozen-lockfile- Log into the firebase CLI
npx firebase login- Create an emulated version of firebase locally.
npx firebase init- Select
Set up local emulators for Firebase products - Name your project, for instance
oncokb-local - Enter when prompted for the project name so it defaulted to your project
- Select Authentication Emulator, Database Emulator when asked which emulators to setup
Unit tests are run by Jest. They're located in src/test/javascript/ and can be run with:
yarn testWe use the WebDriverIO framework for our end-to-end testing, allowing us to test interactions like a user and take screenshots. We provide two options for running these tests: locally and in docker.
IMPORTANT: Expect the screenshot tests to fail if ran locally due to resolution issues. Local development for screenshot tests is only recommended during development for faster iteration. To update screenshots, wait for the GitHub action after pushing your changes and retrieve the updated screenshots from the actual folder.
-
Follow the Set up instructions
-
Start up just the local client
yarn start- Start the firebase emulator
yarn run firebase-emulator- Run web driver IO
yarn run wdioRun docker compose up to build and run the tests. Make sure to update the images after making changes to the project.
If you are already logged into docker hub:
./mvnw -ntp package -Pprod verify jib:build -DskipTests -Djib.to.image=oncokb/oncokb-curation:0.6.0If you want to explicitly pass a username and password:
./mvnw -ntp package \
-Pprod verify \
jib:build \
-DskipTests \
-Djib.to.image=oncokb/oncokb-curation:0.6.0 \
-Djib.to.auth.username=USERNAME \
-Djib.to.auth.password=PASSWORD