idhub.entrypoint: refactor oidc waiting interval

instead of sleep, waits that all idhubs have wrote its content in
/sharedsecret/ dir
This commit is contained in:
pedro 2024-03-18 10:05:16 +01:00
parent d990d46dd9
commit 1e1a339917
1 changed files with 18 additions and 4 deletions

View File

@ -35,6 +35,10 @@ deployment_strategy() {
# warn admin that it should re-enter password to keep the service working # warn admin that it should re-enter password to keep the service working
./manage.py send_mail_admins ./manage.py send_mail_admins
else else
# this file helps all docker containers to guess number of hosts involved
# right now is only needed by new deployment for oidc
touch /sharedsecret/${DOMAIN}
# move the migrate thing in docker entrypoint # move the migrate thing in docker entrypoint
# inspired by https://medium.com/analytics-vidhya/django-with-docker-and-docker-compose-python-part-2-8415976470cc # inspired by https://medium.com/analytics-vidhya/django-with-docker-and-docker-compose-python-part-2-8415976470cc
echo "INFO detected NEW deployment" echo "INFO detected NEW deployment"
@ -60,14 +64,24 @@ _get() {
sqlite3 -json db.sqlite3 "select * from oidc4vp_organization;" sqlite3 -json db.sqlite3 "select * from oidc4vp_organization;"
} }
_lines () {
local myfile="${1}"
cat "${myfile}" | wc -l
}
config_oidc4vp() { config_oidc4vp() {
# populate your config # populate your config
local file="${DOMAIN}"
data="$(_get)" data="$(_get)"
echo "${data}" | jq --arg domain "${DOMAIN}" '{ ($domain): .}' > /sharedsecret/${file} echo "${data}" | jq --arg domain "${DOMAIN}" '{ ($domain): .}' > /sharedsecret/${DOMAIN}
echo wait the other idhubs to write, this is the only oportunity to sync with other idhubs in the docker compose while true; do
sleep 2 echo wait the other idhubs to write, this is the only oportunity to sync with other idhubs in the docker compose
## break when no empty files left
if ! wc -l /sharedsecret/* | awk '{print $1;}' | grep -qE '^0$'; then
break
fi
sleep 1
done
# get other configs # get other configs
for host in /sharedsecret/*; do for host in /sharedsecret/*; do
# we are flexible on querying for DOMAIN: the first one based on regex # we are flexible on querying for DOMAIN: the first one based on regex