-
Notifications
You must be signed in to change notification settings - Fork 39
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[MDS-6086] Fixed ssl validation error when running permit pipeline in…
… test, enable https for elasticsearch when running locally (#3210) * [MDS-6086] Added support for async permit condition extraction using celery * MDS-6086 Tweaks after PR feedback * MDS-6986 Fixed tests + added github action to run permit service tests * Added permit service test github action * Set up env variables before running permit tests * MDS-6086 Fixed typo in requirements.txt * Added test api key * Remove auth requirement in tests * Add debug folder * MDS-6086 Moved tests folder * MDS-6086 Run elasticsearch using https locally * MDS-6086 Fixed celery setup to accept certs * Fixed cert job startup issue
- Loading branch information
1 parent
6ba3241
commit b57c827
Showing
10 changed files
with
169 additions
and
48 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
import logging | ||
import os | ||
|
||
import celery | ||
|
||
logger = logging.getLogger(__name__) | ||
CACHE_REDIS_HOST = os.environ.get('CACHE_REDIS_HOST', 'redis') | ||
CACHE_REDIS_PORT = os.environ.get('CACHE_REDIS_PORT', 6379) | ||
CACHE_REDIS_PASS = os.environ.get('CACHE_REDIS_PASS', 'redis-password') | ||
CACHE_REDIS_URL = 'redis://:{0}@{1}:{2}'.format(CACHE_REDIS_PASS, CACHE_REDIS_HOST, | ||
CACHE_REDIS_PORT) | ||
|
||
celery_app = celery.Celery(__name__, broker=CACHE_REDIS_URL, backend='app.celery.elasticsearch_backend:MDSElasticSearchBackend') | ||
|
||
celery_app.conf.task_default_queue = 'permits' | ||
celery_app.autodiscover_tasks([ | ||
'app.permit_conditions.tasks', | ||
]) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
import os | ||
|
||
import elasticsearch | ||
from celery.backends.elasticsearch import ElasticsearchBackend | ||
|
||
ca_cert = os.environ.get("ELASTICSEARCH_CA_CERT", None) | ||
host = os.environ.get("ELASTICSEARCH_HOST", None) or "https://elasticsearch:9200" | ||
username = os.environ.get("ELASTICSEARCH_USERNAME", "") | ||
password = os.environ.get("ELASTICSEARCH_PASSWORD", "") | ||
|
||
scheme, hostname = host.split('://') | ||
|
||
backend_url = f'{scheme}://{username}:{password}@{hostname}/celery' | ||
|
||
class MDSElasticSearchBackend(ElasticsearchBackend): | ||
""" | ||
Elasticsearch backend that adds support for the `ca_certs` parameter. | ||
This is required for connecting to an elasticsearch instance with a self-signed certificate which is the case for us | ||
""" | ||
def __init__(self, url=None, *args, **kwargs): | ||
self.url = url | ||
super().__init__(url=backend_url, *args, **kwargs) | ||
|
||
def _get_server(self): | ||
http_auth = None | ||
if self.username and self.password: | ||
http_auth = (self.username, self.password) | ||
|
||
return elasticsearch.Elasticsearch( | ||
f'{self.scheme}://{self.host}:{self.port}', | ||
retry_on_timeout=self.es_retry_on_timeout, | ||
max_retries=self.es_max_retries, | ||
timeout=self.es_timeout, | ||
http_auth=http_auth, | ||
verify_certs=True if ca_cert else False, | ||
ca_certs=ca_cert if ca_cert else None, | ||
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters