diff --git a/README.md b/README.md index b5ba69745..513c275c5 100644 --- a/README.md +++ b/README.md @@ -1,174 +1,182 @@ -## Queue Managment System - -The Queue Managment System will be used to manage the citizen flow and provide analtyics for our Service BC locations. This system is designed to be used for government offices with a large number of services. - -## Technology Stack Used - -Single Signon using KeyCloak. This is used so that we don't need to manage the security concerns of passwords within the application. This also integrates to internal authentication model. - -Designed for use in an application platform buld for containers specifically OpenShift: - -- VueJS & BootStrap for Front End -- Flask & Python for API Backend -- Percona Database Cluster -- RabbitMQ -- Caddy HTTP/2 Web Server - -## Features - -Designed to accomodate multiple locations. -Designed for both reception based offices and direct counter offices. - -Additional features for Reception offices: - -- Waiting queue displayed -- Citizens are called by name -- Digital Signage includes Current number of people waiting -- Handles a Quick Transaction Counter -- Ability to invite next citizen or pick from the waiting queue - -Basic Digital Signage URLs per office - -- Date and Time based on TimeZone -- MP4 to display messageing - -Hold Queue - -- Allows staff to place citizen tickets on hold - -Track Channels of an interaction from In Person, Phone, etc. - -Service Listings - -- Sorted by category -- Searching service listings includes descriptions -- Hovering over a service listing displays descriptions -- Ability to customize service listing per Office -- Ability to hide Services from Digital Signage display -- Ability to add multiple services in one interaction - -Office Status Panel - -- Provides a manager the ability to see counter interaction details - -Basic Administration Panels to add, update and delete: - -- Offices -- Customer Service Reps -- Service Listing -- Channels -- Roles - -Feedback - -- Sends to Slack and / or Service Now - -Analytics - -- Key timing events are sent to snowplow for analysis and reporting -- Data is also stored in the Percona MySQL database as an alternative method to extract analytics - -## Requirements - -Requires KeyCloak and additional Openshift / Kubernetes Config Maps - -- keycloak.json is required in Front End Container in the following location: /var/www/html/static/keycloak - - { - "realm": "", - "auth-server-url": "" , - "ssl-required": "", - "resource": "", - "credentials": { - "secret": "" - } - } - -- secrets.json is required in API Container in the following location: /opt/app-root/src/client_secrets - - { - "web": { - "realm_public_key": "", - "issuer": "" , - "auth_uri": "" , - "client_id": "", - "client_secret": "", - "redirect_urls": [ - "" - ], - "userinfo_uri": "" , - "token_uri": "" , - "token_introspection_uri": "" - } - } - -- Digital Signage video (with the name of sbc.mp4) needs to be manually placed in /var/www/html/static/videos - -The openshift templates are used for build configs and deployment configs - -Additional Enviornment Variables for API pods are used: - -SLACK_URL - to integrate feedback to Slack -THEQ_SNOWPLOW_ENDPOINT - where snowplow events are sent -THEQ_SNOWPLOW_APPID - Application ID for snowplow -THEQ_SNOWPLOW_NAMESPACE - Snowplow events namespace -THEQ_SNOWPLOW_CALLFLAG - disable/enable snowplow (Value: True or False) - -## [Installation](documentation/Readme.md) - -Additional information can be found in the [documention](documentation/Readme.md) folder. - -## Goals/Roadmap - -Currently onboarding to all of our sites. -Next major updates include: - -- Room Booking component -- Service Appointments - -## Getting Help or Reporting an Issue - -To report bugs/issues/feature requests, please file an [issue](../../issues). - -## How to Contribute - -_If you are including a Code of Conduct, make sure that you have a [CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md) file, and include the following text in here in the README:_ -"Please note that this project is released with a [Contributor Code of Conduct](CODE_OF_CONDUCT.md). By participating in this project you agree to abide by its terms." - -## License - -Detailed guidance around licenses is available -[here](/BC-Open-Source-Development-Employee-Guide/Licenses.md) - -Attach the appropriate LICENSE file directly into your repository before you do anything else! - -The default license For code repositories is: Apache 2.0 - -Here is the boiler-plate you should put into the comments header of every source code file as well as the bottom of your README.md: - - Copyright 2015 Province of British Columbia - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - -For repos that are made up of docs, wikis and non-code stuff it's Creative Commons Attribution 4.0 International, and should look like this at the bottom of your README.md: - -Creative Commons Licence
YOUR REPO NAME HERE by the Province of Britich Columbia is licensed under a Creative Commons Attribution 4.0 International License. - -and the code for the cc 4.0 footer looks like this: - - Creative Commons Licence
YOUR REPO NAME HERE by the Province of Britich Columbia - is licensed under a - Creative Commons Attribution 4.0 International License. +## Queue Managment System + +The Queue Managment System will be used to manage the citizen flow and provide analtyics for our Service BC locations. This system is designed to be used for government offices with a large number of services. + +## Technology Stack Used + +Single Signon using KeyCloak. This is used so that we don't need to manage the security concerns of passwords within the application. This also integrates to internal authentication model. + +Designed for use in an application platform buld for containers specifically OpenShift: + +- VueJS & BootStrap for Front End +- Flask & Python for API Backend +- Percona Database Cluster +- RabbitMQ +- Caddy HTTP/2 Web Server + +## Features + +Designed to accomodate multiple locations. +Designed for both reception based offices and direct counter offices. + +Additional features for Reception offices: + +- Waiting queue displayed +- Citizens are called by name +- Digital Signage includes Current number of people waiting +- Handles a Quick Transaction Counter +- Ability to invite next citizen or pick from the waiting queue + +Basic Digital Signage URLs per office + +- Date and Time based on TimeZone +- MP4 to display messageing + +Hold Queue + +- Allows staff to place citizen tickets on hold + +Track Channels of an interaction from In Person, Phone, etc. + +Service Listings + +- Sorted by category +- Searching service listings includes descriptions +- Hovering over a service listing displays descriptions +- Ability to customize service listing per Office +- Ability to hide Services from Digital Signage display +- Ability to add multiple services in one interaction + +Office Status Panel + +- Provides a manager the ability to see counter interaction details + +Service Appointments (Optional) + +- Calendar for booking appointments +- Ability to Checkin clients and place them at the top of the queue + +Room Booking and Exam Invigilation (Optional) +- Manage Industry Trade Authority Group and Individual Exams +- Manage Other (Basic Exams) +- Manage General Room Booking +- Report on Exams + + +Basic Administration Panels to add, update and delete: + +- Offices +- Customer Service Reps +- Service Listing +- Channels +- Roles +- Invigilators +- Exam Types +- Rooms +- Counter Types + +Feedback + +- Sends to Slack and / or Service Now and / or Rocket Chat + +Analytics + +- Key timing events are sent to snowplow for analysis and reporting +- Data is also stored in the Percona MySQL database as an alternative method to extract analytics + +## Requirements + +Requires KeyCloak and additional Openshift / Kubernetes Config Maps + +- keycloak.json is required in Front End Container in the following location: /var/www/html/static/keycloak + + { + "realm": "", + "auth-server-url": "" , + "ssl-required": "", + "resource": "", + "credentials": { + "secret": "" + } + } + +- secrets.json is required in API Container in the following location: /opt/app-root/src/client_secrets + + { + "web": { + "realm_public_key": "", + "issuer": "" , + "auth_uri": "" , + "client_id": "", + "client_secret": "", + "redirect_urls": [ + "" + ], + "userinfo_uri": "" , + "token_uri": "" , + "token_introspection_uri": "" + } + } + +- Digital Signage video (with the name of sbc.mp4) needs to be manually placed in /var/www/html/static/videos + +The openshift templates are used for build configs and deployment configs + +Additional Enviornment Variables for API pods are used: + +SLACK_URL - to integrate feedback to Slack +THEQ_SNOWPLOW_ENDPOINT - where snowplow events are sent +THEQ_SNOWPLOW_APPID - Application ID for snowplow +THEQ_SNOWPLOW_NAMESPACE - Snowplow events namespace +THEQ_SNOWPLOW_CALLFLAG - disable/enable snowplow (Value: True or False) + +## [Installation](documentation/Readme.md) + +Additional information can be found in the [documention](documentation/Readme.md) folder. + +## Getting Help or Reporting an Issue + +To report bugs/issues/feature requests, please file an [issue](../../issues). + +## How to Contribute + +_If you are including a Code of Conduct, make sure that you have a [CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md) file, and include the following text in here in the README:_ +"Please note that this project is released with a [Contributor Code of Conduct](CODE_OF_CONDUCT.md). By participating in this project you agree to abide by its terms." + +## License + +Detailed guidance around licenses is available +[here](/BC-Open-Source-Development-Employee-Guide/Licenses.md) + +Attach the appropriate LICENSE file directly into your repository before you do anything else! + +The default license For code repositories is: Apache 2.0 + +Here is the boiler-plate you should put into the comments header of every source code file as well as the bottom of your README.md: + + Copyright 2015 Province of British Columbia + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + +For repos that are made up of docs, wikis and non-code stuff it's Creative Commons Attribution 4.0 International, and should look like this at the bottom of your README.md: + +Creative Commons Licence
YOUR REPO NAME HERE by the Province of Britich Columbia is licensed under a Creative Commons Attribution 4.0 International License. + +and the code for the cc 4.0 footer looks like this: + + Creative Commons Licence
YOUR REPO NAME HERE by the Province of Britich Columbia + is licensed under a + Creative Commons Attribution 4.0 International License. diff --git a/mender/image-tools/README.md b/mender/image-tools/README.md index a751d2df6..45e44cfc3 100644 --- a/mender/image-tools/README.md +++ b/mender/image-tools/README.md @@ -58,6 +58,7 @@ Thus, it is this stage where the majority of updates will be produced. - **Ubuntu 18.04** - 10 gigabytes of storage - qemu +- docker.io **NOTE**: When running these steps in a VM, restart the machine to prevent potential issues. @@ -75,7 +76,12 @@ sudo systemctl restart systemd-binfmt.service ``` ### Step 1: Building Base Image (Bootstrapping) -First, download the latest [Raspbian Lite Image](https://downloads.raspberrypi.org/raspbian_lite_latest) and copy it into the `./mender/image-tools` directory. + +``` +git clone https://www.github.com/bcgov/queue-management +cd queue-management/mender/image-tools +``` +Download and unzip the latest [Raspbian Lite Image](https://downloads.raspberrypi.org/raspbian_lite_latest) and copy it into the `./mender/image-tools` directory. **Note**: This step installs `chromium`. This will result in a large blue screen showing up and will require user input to continue. This is a good sign, do not be alarmed. diff --git a/mender/openshift/templates/mender-conductor-deployment-template.yaml b/mender/openshift/templates/mender-conductor-deployment-template.yaml index eecda9d7f..91fff6321 100644 --- a/mender/openshift/templates/mender-conductor-deployment-template.yaml +++ b/mender/openshift/templates/mender-conductor-deployment-template.yaml @@ -236,8 +236,14 @@ objects: subapp: mender-conductor spec: ports: - - port: 8080 + - name: in + port: 9300 + protocol: TCP + targetPort: 9300 + - name: tcp + port: 9200 protocol: TCP + targetPort: 9200 selector: service: mender-elasticsearch - apiVersion: v1 @@ -274,6 +280,15 @@ objects: spec: containers: - name: mender-elasticsearch + env: + - name: ES_JAVA_OPTS + value: '-Xms512m -Xmx512m' + - name: transport.host + value: 0.0.0.0 + - name: discovery.type + value: single-node + - name: xpack.security.enabled + value: 'false' image: " " # readinessProbe: # failureThreshold: 3 diff --git a/openshift/templates/Readme.md b/openshift/templates/Readme.md index 014fb630d..e3d9a6266 100644 --- a/openshift/templates/Readme.md +++ b/openshift/templates/Readme.md @@ -27,3 +27,6 @@ Required information in the ConfigMap includes: 1. `auth_url=` 1. `clientid=` 1. `realm=` + +Once the statefulset is up and running, set the guest passwod by going each of the pods and running the following command in the terminal: +`rabbitmqctl change_password guest ` diff --git a/openshift/templates/queue-management-chained-builds.yml b/openshift/templates/queue-management-chained-builds.yml index 480e6b304..77d2ed1a5 100644 --- a/openshift/templates/queue-management-chained-builds.yml +++ b/openshift/templates/queue-management-chained-builds.yml @@ -117,10 +117,13 @@ objects: strategy: type: Source sourceStrategy: + env: + - name: NODE_ENV + value: development from: kind: ImageStreamTag namespace: openshift - name: nodejs:6 + name: nodejs:10 output: to: kind: ImageStreamTag diff --git a/openshift/templates/rabbitmq3.7-dc.yml b/openshift/templates/rabbitmq3.7-dc.yml index c7e8c0202..2fde0e85f 100644 --- a/openshift/templates/rabbitmq3.7-dc.yml +++ b/openshift/templates/rabbitmq3.7-dc.yml @@ -16,7 +16,7 @@ parameters: value: rabbitmq-cluster - name: ISTAG description: "Image to deploy" - value: rabbitmq:3.7-management + value: rabbitmq:3.7.14-management - name: RABBITMQ_USER description: "Username for the RabbitMQ instance" value: rabbitmq @@ -94,7 +94,7 @@ objects: management.load_definitions = /etc/rabbitmq/policy.json enabled_plugins: | [rabbitmq_management,rabbitmq_peer_discovery_k8s]. - policy.json: "{\r\n \"vhosts\":[\r\n {\r\n \"name\": \"/\"\r\n }\r\n ],\r\n \"users\": [\r\n {\r\n \"name\": \"${MQ_USER}\",\r\n \"${MQ_PASSWORD} \": \"${MQ_USER}\",\r\n \"hashing_algorithm\": \"rabbit_password_hashing_sha256\",\r\n \"tags\": \"administrator\"\r\n }\r\n ],\r\n \"permissions\": [\r\n {\r\n \"user\": \"${MQ_USER}\",\r\n \"vhost\": \"\\/\",\r\n \"configure\": \".*\",\r\n \"write\": \".*\",\r\n \"read\": \".*\"\r\n }\r\n ],\r\n \"policies\":[\r\n {\r\n \"vhost\": \"/\",\r\n \"name\": \"ha-all\",\r\n \"pattern\": \"\", \r\n \"definition\": {\r\n \"ha-mode\": \"all\",\r\n \"ha-sync-mode\": \"automatic\",\r\n \"ha-sync-batch-size\": 5\r\n }\r\n }\r\n ]\r\n}" + policy.json: "{\r\n \"vhosts\":[\r\n {\r\n \"name\": \"/\"\r\n }\r\n ],\r\n \"users\": [\r\n {\r\n \"name\": \"guest\",\r\n \"password\": \"guest\",\r\n \"hashing_algorithm\": \"rabbit_password_hashing_sha256\",\r\n \"tags\": \"administrator\"\r\n }\r\n ],\r\n \"permissions\": [\r\n {\r\n \"user\": \"guest\",\r\n \"vhost\": \"\\/\",\r\n \"configure\": \".*\",\r\n \"write\": \".*\",\r\n \"read\": \".*\"\r\n }\r\n ],\r\n \"policies\":[\r\n {\r\n \"vhost\": \"/\",\r\n \"name\": \"ha-all\",\r\n \"pattern\": \"\", \r\n \"definition\": {\r\n \"ha-mode\": \"all\",\r\n \"ha-sync-mode\": \"automatic\",\r\n \"ha-sync-batch-size\": 5\r\n }\r\n }\r\n ]\r\n}" # Load balancer - kind: Service