Skip to content

Commit

Permalink
deploy dev to prod (#101)
Browse files Browse the repository at this point in the history
* first commit for backend-only flask api

* Switch to Quart, use async/await

* add signaling server

* uuid for study_id

* minor updates

* try updating cloudbuild and other files to fix dev deployment

* add missing awaits

* set url for usage in dev in sfkit cli

* Split runtime and dev dependencies

* Add Dockerfile with a dummy test

* Add GitHub workflow to build the image with Dockerfile

* Fix Docker tag/label handling in GitHub workflow

* Fix pr event tag

* Set GitHub workflow trigger paths

* Fix Docker repo name using GitHub repo name

* Add missing *.py and hypercorn to Docker image

* remove multiprocessing where it is not longer usable

* Add image name+tag according to Terra guidelines

* first pass at image build

* fix image repo name

* fix PR comment step

* forgot a dollar sign

* how about this?

* empty commit to trigger ci

* updates for unusual branching strategies

* Fix signaling server for testing

* [DDO-3243] Remove Github workflow file from PR trigger paths

* Partially revert #d0d0847f

* Freeze dependencies

* don't wait on cp0 for proxy, as cp0 may not use proxy

* update startup-script to use sfkit-proxy

* small fixes to startup script

* add more error logging for signaling server

* take 2 at fixing signalling messages

* take 3 at fixing signalling messages

* take 4

* take 5

* take 6

* take 7

* take 8

* take 9

* take 10

* take 11

* update signalling server according to fixes in sfkit-proxy

* Improve GCP auth in the Terra GH workflow

* [github] Add Cron trigger for Terra workflow

* [github] Auto-cancel previous build_push_terra workflow runs

* add formatting check for study_id for extra protection against path-injection, as per CodeQL

* use simplified startup-script with docker for cp0

* add some configurations to startup-script

* minor improvement to startup script

* work on startup script

* try sudo to debug startup script

* automatically stop cp0 when user-configured study finishes

* Set APP_VERSION at Terra image build time

* Rename APP_VERSION to BUILD_VERSION

* Add APP_VERSION to Docker build

* update to allow proper version reporting and auto deploy to terra dev environment on merge

* only try to deploy commits to dev branch to dev

* Set default Websocket port to 8080

* Rename WebSocket Origin var

* Return firebaseProjectId from /createCustomToken

* Turn on FLASK_DEBUG only in Cloud Run development by default

* Restore Broadbot token

* add status and version endpoints

* separate appVersion and buildVersion

* Parse allowed CORS origin from SFKIT_API_URL (#15)

* Parse allowed CORS origin from SFKIT_API_URL

* Set frontend origins via CORS_ORIGINS env var

* Use * by default in CORS_ORIGINS

* [sfkit] Fix Failure upon autodeploy to terra dev environments (#16)

* fix outputs

* only auto deploy on merge to dev

* no server header for hypercorn (#17)

* Fix Hypercorn config copy and add Curl to Dockerfile (#18)

* Fix Hypercorn config copy in Dockerfile

* Add Curl to Dockerfile for development

* Add localhost dev origin (#19)

* Add localhost dev origin (attempt 2) (#20)

* Add localhost dev origin

* Fix comma split for Cloud Run set-env-vars

* Add localhost dev origin (attempt 3) (#21)

* Add localhost dev origin

* Fix comma split for Cloud Run set-env-vars

* Fix comma split for Cloud Run set-env-vars once again

* Fix commas once again

* Add localhost dev origin (attempt 4) (#22)

* Add localhost dev origin

* Fix comma split for Cloud Run set-env-vars

* Fix comma split for Cloud Run set-env-vars once again

* Fix commas once again

* Fix set-env-vars once again

* Fix cloudbuild commas (#23)

* Add localhost dev origin

* Fix comma split for Cloud Run set-env-vars

* Fix comma split for Cloud Run set-env-vars once again

* Fix commas once again

* Fix set-env-vars once again

* Fix set-env-vars once again...

* Remove extra quote

* Fix CORS origin list conversion (#24)

* modify auth to allow terra login (#25)

* Use FIREBASE_PROJECT_ID for Firestore database (#26)

* Use FIREBASE_PROJECT_ID for Firestore database

* Use project keyword for AsyncClient

* await auth; check firestore on creation (#27)

* Set Firebase App project ID (#28)

* Fix FIREBASE_PROJECT_ID constant import (#29)

* Use custom FIRESTORE_DATABASE name (#30)

* Bump cryptography from 41.0.5 to 41.0.6 (#31)

Bumps [cryptography](https://github.com/pyca/cryptography) from 41.0.5 to 41.0.6.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@41.0.5...41.0.6)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Set Firebase app for custom Firebase token creation (#32)

* Detect service account email for Firebase App (#33)

* Detect service account email for Firebase App

* Add logging message for Firebase app options

* Use optional TARGET_SERVICE_ACCOUNT impersonation (#34)

* Use optional TARGET_SERVICE_ACCOUNT impersonation

* Revert to Firebase app reference

* Fix Google Auth import (#35)

* Fix Google Auth import

* Fix Firebase credential object

* Attempt to fix Google impersonated_credentials import (#36)

* Set serviceAccountId for TARGET_SERVICE_ACCOUNT (#37)

* Always reference FIREBASE_PROJECT_ID when setting up Firebase and Firestore (#38)

* Log impersonated Firebase token without signature (#39)

* Log impersonated Firebase token without signature

* Add more logging

* Disable TARGET_SERVICE_ACCOUNT for now (#40)

* Re-enable impersonation (#41)

* Re-enable impersonation

* Add extra logging

* Remove and cleanup impersonation (#42)

* Remove and cleanup impersonation

* Don't set Firestore database if FIRESTORE_DATABASE isn't set

* Revert to using FIREBASE_PROJECT_ID (#43)

* Revert Firebase project ID assignment (#44)

* Unrevert project ID setting and return database name from /createCustomToken (#45)

* Return database name from /createCustomToken

* Unrevert 8614d7f

* Fix Firestore database name returned from /createCustomToken (#46)

* Fix Firestore database name returned from /createCustomToken

* Rename Firestore database key in return result

* Parse user ID universally and improve Auth header validation (#47)

* Parse user ID universally and improve Auth header validation

* Fix auth header verification

* Consolidate user db lookup

* Cache user IDs to speed up lookup

* Consolidate user ID parsing and use userSubjectId for Terra

* Streamline verification of auth header for Signaling and CLI APIs

* Fix missing db ref

* Move verify_auth_key and AUTH_HEADER into auth.py

* Populate PUBLIC_KEYS only in non-Terra env

* Guard against possible confusion of user_id with auth_keys

* Put Bearer token prefix into a constant

* Put AZURE_B2C_JWKS_URL and AZURE_B2C_CLIENT_ID into env vars

* Add comment about Azure vars vs Terra

* Use id instead of userSubjectId for the new Sam API

* Pass Terra auth header as-is without parsing to Sam

* Rename Terra and B2C user verification functions

* Rename verify_auth_key -> get_auth_key_user

* Add support for CLI auth with Terra (#48)

* Add support for CLI auth with Terra

* Improve error message for missing auth header

* Fix default Firestore database ID (#49)

* Fix default Firestore database ID

* Fix await for _get_terra_user

* Set log level via LOG_LEVEL env var and add auth user debug logging (#50)

* Add more logging (#51)

* Externalize all env vars into constants.py (#52)

* Externalize all env vars into constants.py

* Optimize imports

* Add back deepcopy import

* Fix log format and level for Terra/Kubernetes (#53)

* Step up DEBUG logging level to avoid too much verbosity (#54)

* Step up DEBUG logging level to avoid too much verbosity

* Return an instance of Logger subclass

* Improve debug logging (#55)

* Add separate database for non-terra dev (#56)

* Get CLI username from user ID and study_id from query param for Terra (#57)

* Get CLI username from user ID and study_id from query param for Terra

* Organize imports

* Restore previous formatting

* Fix whitespace

* Refactor study access checks

* Add global HttpException error handler

* Raise HTTP errors from authentication

* Refactor cli.py to remove boilerplate and improve input validation

* Validate msg before retrieving study

* Simplify msg parsing

* Remove redundant auth checks

* Remove redundant logging message

* Always raise Unauthrized in auth.py

* Launch terra cp0 (#60)

* Improve study access checks

* Override error description only when present

* Refactor Sam request and auth header handling

* Automatically register service account when running on Terra

* Implement submit_terra_workflow() through Rawls

* Fix auth header handling and generate SA token properly (#61)

* Fix auth header handling and generate SA token properly

* Fix Rawls submissions path

* Fix HeaderTypes -> Headers (#62)

* remove jinja dependency; simplify email invitation logic (#59)

* remove jinja dependency; simplify email invitation logic

* fix accept_invitation logic

* Fix register_service_account() invocation (#63)

* Fix Terra Service Account registration (#64)

* Fix register_service_account() invocation

* Fix Terra Service Account registration

* Remove async def

* Fix get_service_account_headers() implementation (#65)

* Add error description to register_terra_service_account() (#66)

* Fix Sam status check for existing Terra SA

* Revert and provide error description

* Temp log SA on error (#67)

* Fix Sam registration body (#68)

* Fix Sam registration request body

* Log successful response from Sam

* minor bug fixes and security improvements; fix accepting invitation to study (#69)

* Fix Terra request headers assignment (#70)

* Improve API exception reporting (#71)

* Refactor API exception handling through HTTPException (#72)

* Refactor API exception handling through HTTPException

* Move HTTPException handler into api_utils

* Cosmetic fix

* Remove redundant async

* Revert to using dedicated APIException class (#73)

* Revert "Refactor API exception handling through HTTPException (#72)"

This reverts commit 3c9809c.

* Parse out error message in APIException

* Fix parameters and error handling for Terra workflow submission (#74)

* Fix parameters and error handling for Terra workflow submission

* Add status code to APIException

* Await Terra workflow submission before returning response

* Fix response type conversion in APIException (#75)

* Fix APIException semantics (#76)

* prevent repeat study titles; minor formatting (#77)

* add endpoint to get_study_options for terra cli (#78)

* fix bug in previous commit (#79)

* fix wrong parameter in function (#80)

* Make auth key automatically (#81)

* fix wrong parameter in function

* make auth_key automatically on study creation or joining

* Auto-detect CP0 id on Terra (#82)

* Auto-detect CP0 id on Terra

* Formalize user ID keys and fix /get_study_options user_id for non-Terra

* Fix ID key imports (#83)

* Fix user_id detection in /get_study_options (#84)

* Fix user_id detection in /get_study_options

* Fix user_id setting without study_id

* lots of reformatting and some small bug fixes (#85)

* try to fix transactions (#86)

* try to fix transactions again (#87)

* fix awaiting for file (#88)

* Improve signaling logging (#89)

* Improve signaling logging

* Use warning for party disconnect

* fix task initialization for users (#90)

* set HOME env variable; handle SENDGRID_API_KEY env variable (#91)

* improve cloud run logging (#92)

* improve cloud run logging

* use source instead of bash so that env variable changes are maintained

* fix task resetting when restarting study

* source profile to fix startup scripts (#93)

* add logging for errors in signaling server (#94)

* Fix SFKIT_API_URL for Cloud Run and remove extra logging (#95)

* add debug logging for signaling server

* Log Signaling server origin

* Remove extra error logging in /ice

* Use manual Websocket origin check

* Add dummy websocket connection message

* Set SFKIT_API_URL for Cloud Run deployment

* Use SFKIT_API_URL in google_cloud_compute

* Add more pointed logging

* Add test /ice_status endpoint

* Use the same route for HTTP ICE status

* Rename ice status route

* Cleanup

* Cleanup

---------

Co-authored-by: Denis Loginov <denis@broadinstitute.org>

* Fix WebSocket connection issues due to CORS (#96)

* Fix WebSocket connection issues due to CORS

* Log allowed origins (#97)

* Log allowed origins

* Remove comma

* allow anonymous users to create studies (on non-terra) (#98)

* Bump cryptography from 41.0.6 to 42.0.0 (#99)

Bumps [cryptography](https://github.com/pyca/cryptography) from 41.0.6 to 42.0.0.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@41.0.6...42.0.0)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* add sf-relate; minor bug fixes (#100)

* don't hardcode SFKIT_API_URL as much; minor formatting (#102)

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Denis Loginov <denis@broadinstitute.org>
Co-authored-by: mflinn-broad <mflinn@broadinstitute.org>
Co-authored-by: dinvlad <137337+dinvlad@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
5 people authored Feb 15, 2024
1 parent 216ef61 commit 0e5cbaa
Show file tree
Hide file tree
Showing 129 changed files with 2,221 additions and 6,963 deletions.
6 changes: 6 additions & 0 deletions .dockerignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
*
!*.py
!*.toml
!requirements*.txt
!/src
!/tests
177 changes: 177 additions & 0 deletions .github/workflows/build_push_terra.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,177 @@
name: Build and push Docker image to Terra

on:
push:
# when ready to merge dev branch back into main, change this to main
branches: [dev]
paths:
- "*.py"
- "requirements*.txt"
- "src/**"
- "tests/**"
- "Dockerfile"
- ".github/workflows/build_push_terra.yml"
pull_request:
paths:
- "*.py"
- "requirements*.txt"
- "src/**"
- "tests/**"
- "Dockerfile"
- ".github/workflows/build_push_terra.yml"
schedule:
- cron: "30 12 * * 1"

concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true

env:
# Delete me when ready to merge dev back into main
TARGET_BRANCH: dev
# Google project where artifacts are uploaded.
GOOGLE_PROJECT: dsp-artifact-registry
# Name of the app-specific Docker repository configured in GOOGLE_PROJECT.
REPOSITORY_NAME: sfkit
# Name of the image we'll be uploading into the Docker repository.
# This is often equal to the GitHub repository name, but it might also be the
# name of the Helm Chart if that's different.
IMAGE_NAME: ${{ github.event.repository.name }}
# This is the region-specific top-level Google-managed domain where our
# GOOGLE_PROJECT/REPOSITORY_NAME can be found.
GOOGLE_DOCKER_REPOSITORY: us-central1-docker.pkg.dev

jobs:
generate-tag:
runs-on: ubuntu-latest
permissions:
contents: read
outputs:
tag: ${{ steps.tag.outputs.new_tag }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
token: ${{ (github.actor != 'dependabot[bot]' && secrets.BROADBOT_TOKEN) || secrets.GITHUB_TOKEN }}
fetch-depth: 0

- name: Generate Tag
uses: databiosphere/github-actions/actions/bumper@bumper-0.2.0
id: tag
env:
DEFAULT_BUMP: patch
RELEASE_BRANCHES: ${{ env.TARGET_BRANCH || github.event.repository.default_branch }}
WITH_V: true
GITHUB_TOKEN: ${{ (github.actor != 'dependabot[bot]' && secrets.BROADBOT_TOKEN) || secrets.GITHUB_TOKEN }}

build-and-publish:
needs: [generate-tag]
if: ${{ needs.generate-tag.outputs.tag != '' }}
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write

steps:
- uses: actions/checkout@v4

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Assemble Docker tags
uses: docker/metadata-action@v5
id: meta
with:
# server image for backwards compatibility with old build behavior
images: |
${{ env.GOOGLE_DOCKER_REPOSITORY }}/${{ env.GOOGLE_PROJECT }}/${{ env.REPOSITORY_NAME }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=latest,enable={{is_default_branch}}
type=raw,value=${{ needs.generate-tag.outputs.tag }}
type=semver,pattern=v{{major}},value=${{ needs.generate-tag.outputs.tag }},enable={{is_default_branch}}
type=semver,pattern=v{{major}}.{{minor}},value=${{ needs.generate-tag.outputs.tag }},enable={{is_default_branch}}
- name: Auth to GCP
id: gcp-auth
uses: google-github-actions/auth@v1
with:
token_format: access_token
workload_identity_provider: "projects/1038484894585/locations/global/workloadIdentityPools/github-wi-pool/providers/github-wi-provider"
service_account: "dsp-artifact-registry-push@dsp-artifact-registry.iam.gserviceaccount.com"

- name: Auth to GAR
uses: docker/login-action@v3
with:
registry: ${{ env.GOOGLE_DOCKER_REPOSITORY }}
username: oauth2accesstoken
password: "${{ steps.gcp-auth.outputs.access_token }}"

- name: Build Docker image
uses: docker/build-push-action@v5
with:
load: true
build-args: |
APP_VERSION=${{ needs.generate-tag.outputs.tag }}
BUILD_VERSION=${{ github.sha }}-${{ github.run_attempt }}
cache-from: type=gha,scope=${{ github.ref_name }}
cache-to: type=gha,scope=${{ github.ref_name }},mode=max
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

- name: Run Trivy vulnerability scanner
uses: broadinstitute/dsp-appsec-trivy-action@v1

- name: Push Docker image
run: |
docker push ${{ env.GOOGLE_DOCKER_REPOSITORY }}/${{ env.GOOGLE_PROJECT }}/${{ env.REPOSITORY_NAME }}/${{ env.IMAGE_NAME }} --all-tags
# (Optional) Comment pushed image
- name: Comment pushed image
uses: actions/github-script@0.3.0
if: github.event_name == 'pull_request'
with:
github-token: ${{ secrets.BROADBOT_TOKEN }}
script: |
const { issue: { number: issue_number }, repo: { owner, repo } } = context;
github.issues.createComment({ issue_number, owner, repo, body: 'Pushed image: ${{ env.GOOGLE_DOCKER_REPOSITORY }}/${{ env.GOOGLE_PROJECT }}/${{ env.REPOSITORY_NAME }}/${{ env.IMAGE_NAME }}:${{ needs.generate-tag.outputs.tag }}' });
report-to-sherlock:
uses: broadinstitute/sherlock/.github/workflows/client-report-app-version.yaml@main
needs: [build-and-publish, generate-tag]
with:
chart-name: "sfkit"
new-version: ${{ needs.generate-tag.outputs.tag }}
permissions:
contents: "read"
id-token: "write"

set-version-in-terra-dev:
# Put new version in Broad dev environment
uses: broadinstitute/sherlock/.github/workflows/client-set-environment-app-version.yaml@main
needs: [build-and-publish, report-to-sherlock, generate-tag]
if: ${{ github.ref_name == 'dev' }}
with:
new-version: ${{ needs.generate-tag.outputs.tag }}
chart-name: "sfkit"
environment-name: "dev"
secrets:
sync-git-token: ${{ secrets.BROADBOT_TOKEN }}
permissions:
id-token: "write"

# Uncomment this to have success/failure notifications sent to Slack for auto deploys
# report workflow status in slack
# see https://docs.google.com/document/d/1G6-whnNJvON6Qq1b3VvRJFC7M9M-gu2dAVrQHDyp9Us/edit?usp=sharing
# report-workflow:
# uses: broadinstitute/sherlock/.github/workflows/client-report-workflow.yaml@main
# with:
# # Channels to notify upon workflow success or failure
# notify-slack-channels-upon-workflow-completion: '#YOUR_CHANNEL_HERE'

# # Channels to notify upon workflow success only
# # notify-slack-channels-upon-workflow-success: "#channel-here"

# # Channels to notify upon workflow failure only
# # notify-slack-channels-upon-workflow-failure: "#channel-here"
# permissions:
# id-token: 'write'
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -24,3 +24,4 @@ requirements2.txt
.sourcery.yaml
*_manhattan.png
*pca_plot.png
mypy.ini
55 changes: 55 additions & 0 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
# hadolint global ignore=DL3059

# Install dependencies, lint and test
FROM cgr.dev/chainguard/python:latest-dev AS builder

WORKDIR /app

# Install dependencies
COPY requirements*.txt .

RUN pip install --no-cache-dir --user \
-r requirements.txt \
-r requirements-dev.txt

# Copy sources
COPY . .

# stop the build if there are Python syntax errors or undefined names
RUN python -m flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics

# exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
RUN python -m flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics

# Test
RUN python -m pytest

# Clean up
RUN pip uninstall -yr requirements-dev.txt


# Copy everything into the minimal runtime image
FROM us.gcr.io/broad-dsp-gcr-public/base/python:distroless

WORKDIR /app

COPY --from=builder /home/nonroot/.local/bin/hypercorn /bin/
COPY --from=builder /home/nonroot/.local/lib /usr/lib/
COPY --from=builder /app/*.py /app/*.toml ./
COPY --from=builder /app/src ./src/

# TODO: Remove for production
COPY --from=cgr.dev/chainguard/curl /usr/bin/curl /bin/
COPY --from=cgr.dev/chainguard/curl \
/usr/lib/libcurl.so.4 \
/usr/lib/libnghttp2.so.* \
/usr/lib/libbrotlidec.so.1 \
/usr/lib/libbrotlicommon.so.1 /lib/

ARG APP_VERSION=latest
ARG BUILD_VERSION=latest

ENV APP_VERSION=${APP_VERSION} \
BUILD_VERSION=${BUILD_VERSION}

ENTRYPOINT ["hypercorn", "app:app", "--bind", "0.0.0.0:8080", "--config", "hypercorn_config.toml"]
2 changes: 1 addition & 1 deletion Procfile
Original file line number Diff line number Diff line change
@@ -1 +1 @@
web: waitress-serve --call --host='0.0.0.0' --port=$PORT src:create_app
web: hypercorn 'app:app' --bind '0.0.0.0:8080' --config hypercorn_config.toml
3 changes: 3 additions & 0 deletions app.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
from src import create_app

app = create_app()
7 changes: 5 additions & 2 deletions cloudbuild.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ steps:
- '--region=$_DEPLOY_REGION'
- '--min-instances=1'
- '--quiet'
- '--set-env-vars=CLOUD_RUN=True'
- '--set-env-vars=^@^CLOUD_RUN=True@SERVICE_URL=https://$_SERVICE_NAME-$_DEPLOY_REGION.a.run.app@CORS_ORIGINS=$_CORS_ORIGINS@FLASK_DEBUG=$_FLASK_DEBUG@FIRESTORE_DATABASE=sfkit-dev@SFKIT_API_URL=$_SFKIT_API_URL'
id: Deploy
entrypoint: gcloud
images:
Expand All @@ -34,10 +34,13 @@ options:
logging: CLOUD_LOGGING_ONLY
substitutionOption: ALLOW_LOOSE
substitutions:
_SERVICE_NAME: sfkit-website
_SERVICE_NAME: sfkit-website-dev
_LABELS: gcb-trigger-id=44d26102-694b-457c-afaf-b086e4d866be
_TRIGGER_ID: 44d26102-694b-457c-afaf-b086e4d866be
_DEPLOY_REGION: us-central1
_FLASK_DEBUG: development
_CORS_ORIGINS: https://dev.sfkit.org,http://localhost:5173
_SFKIT_API_URL: https://sfkit-website-dev-bhj5a4wkqa-uc.a.run.app/api
_GCR_HOSTNAME: us.gcr.io
_PLATFORM: managed
tags:
Expand Down
1 change: 1 addition & 0 deletions hypercorn_config.toml
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
include_server_header = false
11 changes: 11 additions & 0 deletions requirements-dev.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
coverage==7.3.2
flake8==6.1.0
iniconfig==2.0.0
mccabe==0.7.0
mock-firestore==0.11.0
packaging==23.2
pluggy==1.3.0
pycodestyle==2.11.1
pyflakes==3.1.0
pytest==7.4.3
pytest-mock==3.12.0
87 changes: 64 additions & 23 deletions requirements.txt
Original file line number Diff line number Diff line change
@@ -1,23 +1,64 @@
black
coverage
firebase_admin
Flask
Flask_Bootstrap
google-cloud-firestore
google-cloud-iam
google-cloud-logging
google-cloud-secret-manager
google-cloud-storage
ipaddr
mock-firestore
protobuf
PyJWT
pytest
pytest-mock
requests
sendgrid
tenacity
toml
urllib3
waitress
Werkzeug
aiofiles==23.2.1
anyio==4.0.0
blinker==1.6.3
CacheControl==0.13.1
cachetools==5.3.2
certifi==2023.7.22
cffi==1.16.0
charset-normalizer==3.3.1
click==8.1.7
cryptography==42.0.0
firebase-admin==6.2.0
Flask==3.0.0
google-api-core==2.12.0
google-api-python-client==2.105.0
google-auth==2.23.3
google-auth-httplib2==0.1.1
google-cloud-appengine-logging==1.3.2
google-cloud-audit-log==0.2.5
google-cloud-core==2.3.3
google-cloud-firestore==2.13.0
google-cloud-iam==2.12.2
google-cloud-logging==3.8.0
google-cloud-secret-manager==2.16.4
google-cloud-storage==2.12.0
google-crc32c==1.5.0
google-resumable-media==2.6.0
googleapis-common-protos==1.61.0
grpc-google-iam-v1==0.12.6
grpcio==1.59.0
grpcio-status==1.59.0
h11==0.14.0
h2==4.1.0
hpack==4.0.0
httpcore==0.18.0
httplib2==0.22.0
httpx==0.25.0
hypercorn==0.14.4
hyperframe==6.0.1
idna==3.4
ipaddr==2.2.0
itsdangerous==2.1.2
MarkupSafe==2.1.3
msgpack==1.0.7
priority==2.0.0
proto-plus==1.22.3
protobuf==4.24.4
pyasn1==0.5.0
pyasn1-modules==0.3.0
pycparser==2.21
PyJWT==2.8.0
pyparsing==3.1.1
python-http-client==3.3.7
Quart==0.19.4
quart-cors==0.7.0
requests==2.31.0
rsa==4.9
sendgrid==6.10.0
sniffio==1.3.0
starkbank-ecdsa==2.2.0
tenacity==8.2.3
uritemplate==4.1.1
urllib3==2.0.7
Werkzeug==3.0.1
wsproto==1.2.0
Loading

0 comments on commit 0e5cbaa

Please sign in to comment.