Skip to content

Commit

Permalink
Merge pull request #147 from mjanez/master
Browse files Browse the repository at this point in the history 
Fix CKAN-2.9.11
  • Loading branch information
@mjanez
mjanez committed Aug 29, 2024
2 parents bd13584 + 35a6bdc commit 67ae06b
Show file tree
Hide file tree
Showing 8 changed files with 82 additions and 53 deletions.
15 changes: 9 additions & 6 deletions .env.example
View file
Original file line number Diff line number Diff line change
Expand Up @@ -122,6 +122,9 @@ CKAN__SEARCH__SOLR_ALLOWED_QUERY_PARSERS=field
# CORS Settings. If True, all origins will be allowed (the response header Access-Control-Allow-Origin is set to ‘*’). If False, only origins from the ckan.cors.origin_whitelist setting will be allowed.
CKAN__CORS__ORIGIN_ALLOW_ALL=False
CKAN__CORS__ORIGIN_WHITELIST=""
# Enables or disable collaborators in individual datasets (https://docs.ckan.org/en/2.9/maintaining/authorization.html#dataset-collaborators)
CKAN__AUTH__ALLOW_DATASET_COLLABORATORS=False
CKAN__AUTH__ALLOW_ADMIN_COLLABORATORS=False

## Resource Proxy settings
### Preview size limit, default: 1MB
Expand Down Expand Up @@ -154,8 +157,8 @@ CKANEXT__XLOADER__JOBS__DB_URI=postgresql://${CKAN_DB_USER}:${CKAN_DB_PASSWORD}@

# ckanext-dcat
CKANEXT__DCAT__BASE_URI=${CKAN_URL}
# Default profile(s). Instead of this envvar, it's possible to specify all the profile(s) availables to be used for serialization using the profiles parameter: http://localhost:5000/catalog.xml?profiles=eu_dcat_ap_2,es_dcat
CKANEXT__DCAT__RDF_PROFILES='eu_dcat_ap_2 eu_dcat_ap_scheming'
# Default profile(s). Instead of this envvar, it's possible to specify all the profile(s) availables to be used for serialization using the profiles parameter: http://localhost:5000/catalog.xml?profiles=euro_dcat_ap,spain_dcat
CKANEXT__DCAT__RDF_PROFILES='euro_dcat_ap_2'
# The custom endpoint **must** start with a forward slash (`/`) and contain the `{_format}` placeholder. The endpoint is added to the CKAN_SITE_URL and CKAN__ROOT_PATH, example: http://localhost:5000/catalog/catalog.rdf
CKANEXT__DCAT__DEFAULT_CATALOG_ENDPOINT='/catalog.{_format}'

Expand All @@ -176,10 +179,10 @@ CKANEXT__GEOVIEW__SHP_VIEWER__ENCODING=UTF-8
## CSW Endpoint for spatial metadata
CKANEXT__SCHEMINGDCAT_GEOMETADATA_BASE_URI=${PYCSW_URL}
## Scheming: setup_scheming.sh
CKANEXT__SCHEMINGDCAT_DATASET_SCHEMA="ckanext.schemingdcat:schemas/geodcat_ap/eu_geodcat_ap_2.yaml ckanext.schemingdcat:schemas/resources/dcat_3_document.yaml"
CKANEXT__SCHEMINGDCAT_GROUP_SCHEMAS="ckanext.schemingdcat:schemas/geodcat_ap/eu_geodcat_ap_group.json"
CKANEXT__SCHEMINGDCAT_ORGANIZATION_SCHEMAS="ckanext.schemingdcat:schemas/geodcat_ap/eu_geodcat_ap_org.json"
CKANEXT__SCHEMINGDCAT_PRESETS="ckanext.schemingdcat:schemas/default_presets.json ckanext.fluent:presets.json"
CKANEXT__SCHEMINGDCAT_DATASET_SCHEMA="ckanext.schemingdcat:schemas/geodcatap_eu/geodcatap_eu_dataset.yaml"
CKANEXT__SCHEMINGDCAT_GROUP_SCHEMAS="ckanext.schemingdcat:schemas/geodcatap_eu/geodcatap_eu_group.json"
CKANEXT__SCHEMINGDCAT_ORGANIZATION_SCHEMAS="ckanext.schemingdcat:schemas/geodcatap_eu/geodcatap_eu_org.json"
CKANEXT__SCHEMINGDCAT_PRESETS="ckanext.schemingdcat:schemas/default_presets.json ckanext.fluent:presets.json ckanext.iepnb:schemas/presets.json"
## Facets: setup_scheming.sh
CKANEXT__SCHEMINGDCAT_FACET_LIST="dataset_scope theme groups theme_eu dcat_type groups publisher_name publisher_type spatial_uri owner_org res_format frequency tags tag_uri conforms_to"
CKANEXT__SCHEMINGDCAT_ORGANIZATION_CUSTOM_FACETS=True
Expand Down
22 changes: 15 additions & 7 deletions .github/workflows/docker-build.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,9 +14,9 @@ on:
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
TAG: ghcr.io/${{ github.repository }}:${{ github.head_ref }}
CONTEXT: .
BRANCH: ${{ github.head_ref }}
VERSION: ${{ github.head_ref }}
DOCKERFILE_PATH: /ckan
DOCKERFILE: Dockerfile

Expand All @@ -43,21 +43,29 @@ jobs:
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Extract tag version from branch name
id: extract_tag_version
run: echo "VERSION=$(echo ${{ github.head_ref }} | sed 's/^ckan-//')" >> $GITHUB_ENV

- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
labels: |
org.opencontainers.image.documentation=https://github.com/${{ github.repository }}/blob/${{ env.BRANCH }}/README.md
org.opencontainers.image.version=${{ env.BRANCH }}
org.opencontainers.image.version=${{ env.VERSION }}
annotations: |
org.opencontainers.image.description=This image contains CKAN based on a Docker Compose deployment. The container includes CKAN along with its dependencies and configurations for spatial data support.
org.opencontainers.image.source=https://github.com/${{ github.repository }}
- name: Build and push
uses: docker/build-push-action@v5
uses: docker/build-push-action@v6
with:
push: true
tags: ${{ env.TAG }}
tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }}
labels: ${{ steps.meta.outputs.labels }}
annotations: ${{ steps.meta.outputs.annotations }}
context: ${{ env.CONTEXT }}${{ env.DOCKERFILE_PATH }}
file: ${{ env.CONTEXT }}${{ env.DOCKERFILE_PATH }}/${{ env.DOCKERFILE }}

Expand All @@ -68,14 +76,14 @@ jobs:
no-fail: true

- name: Run Trivy container image vulnerability scanner
uses: aquasecurity/trivy-action@0.18.0
uses: aquasecurity/trivy-action@0.24.0
with:
image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.BRANCH }}
image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }}
format: sarif
output: trivy-results.sarif

- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
uses: github/codeql-action/upload-sarif@v3
if: always()
with:
sarif_file: trivy-results.sarif
22 changes: 15 additions & 7 deletions .github/workflows/docker-manual.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,9 @@ on: workflow_dispatch
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
TAG: ghcr.io/${{ github.repository }}:${{ github.ref_name }}
CONTEXT: .
BRANCH: ${{ github.ref_name }}
VERSION: ${{ github.ref_name }}
DOCKERFILE_PATH: /ckan
DOCKERFILE: Dockerfile

Expand All @@ -33,21 +33,29 @@ jobs:
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Extract tag version from branch name
id: extract_tag_version
run: echo "VERSION=$(echo ${{ github.head_ref }} | sed 's/^ckan-//')" >> $GITHUB_ENV

- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
labels: |
org.opencontainers.image.documentation=https://github.com/${{ github.repository }}/blob/${{ env.BRANCH }}/README.md
org.opencontainers.image.version=${{ env.BRANCH }}
org.opencontainers.image.version=${{ env.VERSION }}
annotations: |
org.opencontainers.image.description=This image contains CKAN based on a Docker Compose deployment. The container includes CKAN along with its dependencies and configurations for spatial data support.
org.opencontainers.image.source=https://github.com/${{ github.repository }}
- name: Build and push
uses: docker/build-push-action@v5
uses: docker/build-push-action@v6
with:
push: true
tags: ${{ env.TAG }}
tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }}
labels: ${{ steps.meta.outputs.labels }}
annotations: ${{ steps.meta.outputs.annotations }}
context: ${{ env.CONTEXT }}${{ env.DOCKERFILE_PATH }}
file: ${{ env.CONTEXT }}${{ env.DOCKERFILE_PATH }}/${{ env.DOCKERFILE }}

Expand All @@ -58,14 +66,14 @@ jobs:
no-fail: true

- name: Run Trivy container image vulnerability scanner
uses: aquasecurity/trivy-action@0.18.0
uses: aquasecurity/trivy-action@0.24.0
with:
image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.BRANCH }}
image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }}
format: sarif
output: trivy-results.sarif

- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
uses: github/codeql-action/upload-sarif@v3
if: always()
with:
sarif_file: trivy-results.sarif
22 changes: 14 additions & 8 deletions .github/workflows/docker-master.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,8 @@ env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
CONTEXT: .
BRANCH: master
VERSION: master
DOCKERFILE_PATH: /ckan
DOCKERFILE: Dockerfile

Expand All @@ -29,32 +31,36 @@ jobs:
with:
fetch-depth: 0

- name: Get highest ckan branch excluding -dev
id: getbranch
run: echo "VERSION=$(git branch -r | grep -o 'ckan-[0-9]*\.[0-9]*\.[0-9]*[^-dev]$' | sort -V | tail -n 1)" >> $GITHUB_ENV

- name: Login to registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Get highest ckan branch excluding -dev
id: getbranch
run: echo "VERSION=$(git branch -r | grep -o 'ckan-[0-9]*\.[0-9]*\.[0-9]*[^-dev]$' | sort -V | tail -n 1)" >> $GITHUB_ENV

- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
labels: |
org.opencontainers.image.documentation=https://github.com/${{ github.repository }}/blob/master/README.md
org.opencontainers.image.documentation=https://github.com/${{ github.repository }}/blob/${{ env.BRANCH }}/README.md
org.opencontainers.image.version=${{ env.VERSION }}
annotations: |
org.opencontainers.image.description=This image contains CKAN based on a Docker Compose deployment. The container includes CKAN along with its dependencies and configurations for spatial data support.
org.opencontainers.image.source=https://github.com/${{ github.repository }}
- name: Build and push
uses: docker/build-push-action@v5
uses: docker/build-push-action@v6
with:
push: true
tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }}
labels: ${{ steps.meta.outputs.labels }}
annotations: ${{ steps.meta.outputs.annotations }}
context: ${{ env.CONTEXT }}${{ env.DOCKERFILE_PATH }}
file: ${{ env.CONTEXT }}${{ env.DOCKERFILE_PATH }}/${{ env.DOCKERFILE }}

Expand All @@ -65,14 +71,14 @@ jobs:
no-fail: true

- name: Run Trivy container image vulnerability scanner
uses: aquasecurity/trivy-action@0.18.0
uses: aquasecurity/trivy-action@0.24.0
with:
image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }}
format: sarif
output: trivy-results.sarif

- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
uses: github/codeql-action/upload-sarif@v3
if: always()
with:
sarif_file: trivy-results.sarif
12 changes: 6 additions & 6 deletions .github/workflows/docker-pr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,43 +30,43 @@ jobs:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Checkout
- name: Check out code
uses: actions/checkout@v4

- name: NGINX build
uses: docker/build-push-action@v5
uses: docker/build-push-action@v6
with:
context: ./nginx
file: ./nginx/Dockerfile
push: false
tags: mjanez/ckan-docker-nginx:test-build-only

- name: Apache HTTP Server build
uses: docker/build-push-action@v5
uses: docker/build-push-action@v6
with:
context: ./apache
file: ./apache/Dockerfile
push: false
tags: mjanez/ckan-docker-apache:test-build-only

- name: PostgreSQL build
uses: docker/build-push-action@v5
uses: docker/build-push-action@v6
with:
context: ./postgresql
file: ./postgresql/Dockerfile
push: false
tags: mjanez/ckan-docker-postgresql:test-build-only

- name: Solr build
uses: docker/build-push-action@v5
uses: docker/build-push-action@v6
with:
context: ./solr
file: ./solr/Dockerfile
push: false
tags: mjanez/ckan-docker-solr:test-build-only

- name: ckan-pycsw build
uses: docker/build-push-action@v4
uses: docker/build-push-action@v6
with:
context: ./ckan-pycsw
file: ./ckan-pycsw/Dockerfile
Expand Down
12 changes: 5 additions & 7 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,13 +40,11 @@ Contains Docker images for the different components of CKAN Cloud and a Docker c
Available components:
* CKAN custom multi-stage build with spatial capabilities from [ckan-docker-spatial](https://github.com/mjanez/ckan-docker-spatial)[^1], an image used as a base and built from the official CKAN repo. The following versions of CKAN are available:

| CKAN Version | Type | Docker tag | Notes |
| --- | --- | --- | --- |
| 2.9.8 | custom image | `ghcr.io/mjanez/ckan-spatial:ckan-2.9.8` | Stable version with CKAN 2.9.8 |
| 2.9.9 | custom image | `ghcr.io/mjanez/ckan-docker:ckan-2.9.9` | Stable version with CKAN 2.9.9 |
| 2.9.10 | custom image | `ghcr.io/mjanez/ckan-docker:ckan-2.9.10` | Stable version with CKAN 2.9.10 |
| 2.9.11 | custom image | `ghcr.io/mjanez/ckan-docker:ckan-2.9.11` | Stable version with CKAN 2.9.11 |
| 2.9.11 | latest custom image | `ghcr.io/mjanez/ckan-docker:master` | Latest `ckan-docker` image. |
| CKAN Version | Type | Base image | Docker tag | Notes |
| --- | --- | --- | --- | --- |
| 2.9.x | custom spatial image | `alpine:3.15` | `ghcr.io/mjanez/ckan-spatial:ckan-2.9.8`, `ghcr.io/mjanez/ckan-spatial:ckan-2.9.8`, `ghcr.io/mjanez/ckan-docker:ckan-2.9.9`, `ghcr.io/mjanez/ckan-docker:ckan-2.9.10`, `ghcr.io/mjanez/ckan-docker:ckan-2.9.11` | Stable official versions of CKAN `2.9.8`, `2.9.10` and `2.9.11` |
| 2.10.x | custom spatial image | `python:3.10-slim-bookworm` | `ghcr.io/mjanez/ckan-docker:2.10.5` | From `2.10` images only [Debian-based official Python images](https://hub.docker.com/_/python) rather than Alpine-based images will be provided. |
| 2.11.x | custom spatial image | `python:3.10-slim-bookworm` | `ghcr.io/mjanez/ckan-docker:2.11.0` | CKAN's latest official version. Only [Debian-based official Python images](https://hub.docker.com/_/python). |

The non-CKAN images are as follows:
* PostgreSQL: [Custom image](/postgresql/Dockerfile) based on official PostgreSQL image. Database files are stored in a named volume.
Expand Down
15 changes: 9 additions & 6 deletions samples/.env.es.example
View file
Original file line number Diff line number Diff line change
Expand Up @@ -122,6 +122,9 @@ CKAN__SEARCH__SOLR_ALLOWED_QUERY_PARSERS=field
# CORS Settings. If True, all origins will be allowed (the response header Access-Control-Allow-Origin is set to ‘*’). If False, only origins from the ckan.cors.origin_whitelist setting will be allowed.
CKAN__CORS__ORIGIN_ALLOW_ALL=False
CKAN__CORS__ORIGIN_WHITELIST=""
# Enables or disable collaborators in individual datasets (https://docs.ckan.org/en/2.9/maintaining/authorization.html#dataset-collaborators)
CKAN__AUTH__ALLOW_DATASET_COLLABORATORS=False
CKAN__AUTH__ALLOW_ADMIN_COLLABORATORS=False

## Resource Proxy settings
### Preview size limit, default: 1MB
Expand Down Expand Up @@ -153,8 +156,8 @@ CKANEXT__XLOADER__JOBS__DB_URI=postgresql://${CKAN_DB_USER}:${CKAN_DB_PASSWORD}@

# ckanext-dcat
CKANEXT__DCAT__BASE_URI=${CKAN_URL}
# Default profile(s). Instead of this envvar, it's possible to specify all the profile(s) availables to be used for serialization using the profiles parameter: http://localhost:5000/catalog.xml?profiles=eu_dcat_ap_2,es_dcat
CKANEXT__DCAT__RDF_PROFILES='eu_dcat_ap_2 eu_dcat_ap_scheming'
# Default profile(s). Instead of this envvar, it's possible to specify all the profile(s) availables to be used for serialization using the profiles parameter: http://localhost:5000/catalog.xml?profiles=euro_dcat_ap,spain_dcat
CKANEXT__DCAT__RDF_PROFILES='euro_dcat_ap_2'
# The custom endpoint **must** start with a forward slash (`/`) and contain the `{_format}` placeholder. The endpoint is added to the CKAN_SITE_URL and CKAN__ROOT_PATH, example: http://localhost:5000/catalog/catalog.rdf
CKANEXT__DCAT__DEFAULT_CATALOG_ENDPOINT='/catalog.{_format}'

Expand All @@ -175,10 +178,10 @@ CKANEXT__GEOVIEW__SHP_VIEWER__ENCODING=UTF-8
## CSW Endpoint for spatial metadata
CKANEXT__SCHEMINGDCAT_GEOMETADATA_BASE_URI=${PYCSW_URL}
## Scheming: setup_scheming.sh
CKANEXT__SCHEMINGDCAT_DATASET_SCHEMA="ckanext.schemingdcat:schemas/geodcat_ap/es_geodcat_ap_2.yaml ckanext.schemingdcat:schemas/resources/dcat_3_document.yaml"
CKANEXT__SCHEMINGDCAT_GROUP_SCHEMAS="ckanext.schemingdcat:schemas/geodcat_ap/es_geodcat_ap_group.json"
CKANEXT__SCHEMINGDCAT_ORGANIZATION_SCHEMAS="ckanext.schemingdcat:schemas/geodcat_ap/es_geodcat_ap_org.json"
CKANEXT__SCHEMINGDCAT_PRESETS="ckanext.schemingdcat:schemas/default_presets.json ckanext.fluent:presets.json"
CKANEXT__SCHEMINGDCAT_DATASET_SCHEMA="ckanext.schemingdcat:schemas/geodcatap_es/geodcatap_es_dataset.yaml"
CKANEXT__SCHEMINGDCAT_GROUP_SCHEMAS="ckanext.schemingdcat:schemas/geodcatap_es/geodcatap_es_group.json"
CKANEXT__SCHEMINGDCAT_ORGANIZATION_SCHEMAS="ckanext.schemingdcat:schemas/geodcatap_es/geodcatap_es_org.json"
CKANEXT__SCHEMINGDCAT_PRESETS="ckanext.schemingdcat:schemas/default_presets.json ckanext.fluent:presets.json ckanext.iepnb:schemas/presets.json"
## Facets: setup_scheming.sh
CKANEXT__SCHEMINGDCAT_FACET_LIST="dataset_scope theme groups theme_es dcat_type groups publisher_name publisher_type spatial_uri owner_org res_format frequency tags tag_uri conforms_to"
CKANEXT__SCHEMINGDCAT_ORGANIZATION_CUSTOM_FACETS=True
Expand Down
Loading

0 comments on commit 67ae06b

Please sign in to comment.