.dockerignore

@@ -1,13 +0,0 @@
-# SPDX-FileCopyrightText: WTF Kooperative eG <https://wtf-eg.de/>
-#
-# SPDX-License-Identifier: AGPL-3.0-or-later
-
-*
-!Pipfile
-!Pipfile.lock
-!data/
-!ki/
-!LICENSES/
-!migrations/
-!app.py
-!run_prod.py

.drone.yml

@@ -4,125 +4,48 @@
 # SPDX-License-Identifier: AGPL-3.0-or-later
 kind: pipeline
 type: docker
-name: qa
-
-trigger:
-  event:
-    - push
-    - pull_request
-  branch:
-    - main
+name: default
 
 steps:
-  - name: install-lint-test
-    image: python:3.9.21-alpine@sha256:f2f6a5627a879693b8c23e04df0b1a6aae3e09c165fa2a08f5c64b2b54c58d3c
-    env:
-      PYROOT: '/pyroot'
-      PYTHONUSERBASE: '/pyroot'
+- name: qa
+  image: registry.wtf-eg.net/ki-backend-builder:1.0.0
   commands:
-      - apk add --no-cache gcc g++ musl-dev python3-dev
-      - pip3 install pipenv
-      - pipenv verify
   - pipenv install --dev
   - pipenv run flake8
   - pipenv run reuse lint
-      - SQLALCHEMY_DATABASE_URI=sqlite:// pipenv run python -m unittest discover ki
-  - name: docker-dry-run
-    image: plugins/docker:20.18.6@sha256:59c993e3c4e6c097a0e2d274419aac0d7d8e929773f0ba1af44078e54389834f
+  - pipenv run python -m unittest discover ki
+
+- name: docker-publish
+  image: plugins/docker
   settings:
-      registry: git.wtf-eg.de
-      repo: git.wtf-eg.de/kompetenzinventar/backend
-      target: ki-backend
-      dry_run: true
-    when:
-      event:
-        - pull_request
-
----
-kind: pipeline
-type: docker
-name: build
-
-trigger:
-  event:
-    - push
-  branch:
-    - main
-
-depends_on:
-  - qa
-
-steps:
-  - name: docker-publish
-    image: plugins/docker:20.18.6@sha256:59c993e3c4e6c097a0e2d274419aac0d7d8e929773f0ba1af44078e54389834f
-    settings:
-      registry: git.wtf-eg.de
-      repo: git.wtf-eg.de/kompetenzinventar/backend
+    registry: registry.wtf-eg.net
+    repo: registry.wtf-eg.net/ki-backend
     target: ki-backend
     auto_tag: true
     username:
       from_secret: "docker_username"
     password:
       from_secret: "docker_password"
-
----
-kind: pipeline
-type: docker
-name: deploy
-
-trigger:
+  when:
     event:
       - push
     branch:
       - main
 
-depends_on:
-  - build
-
-steps:
-  - name: deploy-dev
-    image: appleboy/drone-ssh:1.7.5@sha256:995677e073454912f26d4c0fdd2f9df2e1f5a30d6603d3f2ece667311b6babb3
+- name: docker-publish-tag
+  image: plugins/docker
   settings:
-      host:
-        - dev01.wtf-eg.net
-      username: drone_deployment
-      key:
-        from_secret: "dev01_deployment_key"
-      command_timeout: 2m
-      script:
-        - echo "Executing forced command..."
-
-
----
-kind: pipeline
-type: docker
-name: tag-release
-
-trigger:
+    registry: registry.wtf-eg.net
+    repo: registry.wtf-eg.net/ki-backend
+    target: ki-backend
+    auto_tag: true
+    username:
+      from_secret: "docker_username"
+    password:
+      from_secret: "docker_password"
+  when:
     event:
       - tag
 
-steps:
-  - name: install-lint-test
-    image: python:3.9.21-alpine@sha256:f2f6a5627a879693b8c23e04df0b1a6aae3e09c165fa2a08f5c64b2b54c58d3c
-    env:
-      PYROOT: '/pyroot'
-      PYTHONUSERBASE: '/pyroot'
-    commands:
-      - apk add --no-cache gcc g++ musl-dev python3-dev
-      - pip3 install pipenv
-      - pipenv install --dev
-      - pipenv run flake8
-      - pipenv run reuse lint
-      - SQLALCHEMY_DATABASE_URI=sqlite:// pipenv run python -m unittest discover ki
-  - name: docker-publish
-    image: plugins/docker:20.18.6@sha256:59c993e3c4e6c097a0e2d274419aac0d7d8e929773f0ba1af44078e54389834f
-    settings:
-      registry: git.wtf-eg.de
-      repo: git.wtf-eg.de/kompetenzinventar/backend
-      target: ki-backend
-      auto_tag: true
-      username:
-        from_secret: "docker_username"
-      password:
-        from_secret: "docker_password"
+image_pull_secrets:
+- dockerconfig

.python-version

@@ -1 +0,0 @@
-3.9.21

.reuse/dep5

@@ -0,0 +1,12 @@
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: Kompetenzinventar
+Upstream-Contact: Michael Weimann <mail@michael-weimann.eu>
+Source: https://git.wtf-eg.de/kompetenzinventar/ki-backend
+
+Files: data/imgs/flags/*
+Copyright: 2013 Panayiotis Lipiridis <https://flagicons.lipis.dev/>
+License: MIT
+
+Files: Pipfile.lock migrations/*
+Copyright: WTF Kooperative eG <https://wtf-eg.de/>
+License: AGPL-3.0-or-later

.yapfignore

@@ -1,5 +0,0 @@
-# SPDX-FileCopyrightText: WTF Kooperative eG <https://wtf-eg.de/>
-#
-# SPDX-License-Identifier: AGPL-3.0-or-later
-
-migrations/*.py

Dockerfile

@@ -2,17 +2,7 @@
 #
 # SPDX-License-Identifier: AGPL-3.0-or-later
 
-FROM python:3.9.21-alpine@sha256:f2f6a5627a879693b8c23e04df0b1a6aae3e09c165fa2a08f5c64b2b54c58d3c AS builder
-
-ENV PYROOT=/pyroot
-ENV PYTHONUSERBASE=$PYROOT
-
-RUN apk add --no-cache \
-    gcc \
-    g++ \
-    musl-dev \
-    python3-dev && \
-    pip3 install pipenv
+FROM registry.wtf-eg.net/ki-backend-builder:1.0.1 as builder
 
 COPY Pipfile* ./
 
@@ -20,10 +10,7 @@ RUN PIP_USER=1 PIP_IGNORE_INSTALLED=1 pipenv install --system --deploy --ignore-
 RUN pip3 uninstall --yes pipenv
 
 
-FROM python:3.9.21-alpine@sha256:f2f6a5627a879693b8c23e04df0b1a6aae3e09c165fa2a08f5c64b2b54c58d3c AS ki-backend
-
-ENV PYROOT=/pyroot
-ENV PYTHONUSERBASE=$PYROOT
+FROM registry.wtf-eg.net/ki-backend-base:1.0.1 as ki-backend
 
 # Install six explicitly. Otherwise Python complains about it missing.
 RUN pip3 install six

Pipfile

@@ -8,26 +8,25 @@ verify_ssl = true
 name = "pypi"
 
 [packages]
-flask = "==2.3.3"
-python-dotenv = "==1.0.1"
-flask-migrate = "==4.0.7"
-flask-sqlalchemy  = "==3.1.1"
-sqlalchemy = "==2.0.36"
-waitress = "==2.1.2"
-pyyaml = "==6.0.2"
-flask-cors = "==5.0.0"
-ldap3 = "==2.9.1"
-pymysql = "==1.1.1"
-werkzeug = "==2.3.8"
+flask = "~=2.0.1"
+python-dotenv = "~=0.17.1"
+flask-migrate = "~=3.0.1"
+flask-sqlalchemy  = "~=2.5.1"
+sqlalchemy = "~=1.4.18"
+waitress = "~=2.0.0"
+pyyaml = "~=6.0.1"
+flask-cors = "~=3.0.10"
+ldap3 = "~=2.9"
+pymysql = "~=1.0.2"
 
 [dev-packages]
-flake8 = "==7.1.1"
-yapf = "==0.40.2"
-pre-commit = "==2.21.0"
-reuse = "==4.0.3"
+flake8 = "~=3.9.2"
+yapf = "~=0.31.0"
+pre-commit = "~=2.13.0"
+reuse = "~=0.13.0"
 
 [requires]
-python_version = "3.9"
+python_version = "3.8"
 
 [scripts]
 clean = "rm data/ki.sqlite"

README.md

@@ -39,7 +39,7 @@ Folgende Kanäle gibt es für die Kommunikation über das Kompetenzinventar:
 
 ### Abhängigkeiten
 
-- Python 3.9
+- Python 3.8
 - [Pipenv](https://github.com/pypa/pipenv)
 
 
@@ -222,6 +222,25 @@ docker-compose up
 
 Dann http://localhost:13337 aufrufen.
 
+### Workaround, falls der Zugriff auf registry.wtf-eg.net nicht möglich ist
+
+Voraussetzung: 
+
+[ki-backend-docker](https://git.wtf-eg.de/kompetenzinventar/ki-backend-docker) muss parallel zum `ki-backend` ausgecheckt sein.
+
+```
+cd ki-backend-docker
+docker build . --target base -t ki-backend-base
+docker build . --target builder -t ki-backend-builder
+```
+
+Ändern der 2 Einträge im `Dockerfile` des `ki-backend`:
+
+- registry.wtf-eg.net/ki-backend-builder:1.0.0 -> ki-backend-builder
+- registry.wtf-eg.net/ki-backend-base:1.0.0 -> ki-backend-base
+
+Danach sollte `docker-compose up` funktionieren.
+
 ## Lizenzen
 
 Dieses Projekt erfüllt die [REUSE](https://reuse.software/) Spezifikation.

REUSE.toml

@@ -1,24 +0,0 @@
-# SPDX-FileCopyrightText: NONE
-# SPDX-License-Identifier: CC0-1.0
-
-version = 1
-SPDX-PackageName = "Kompetenzinventar Backend"
-SPDX-PackageDownloadLocation = "https://git.wtf-eg.de/kompetenzinventar/ki-backend"
-
-[[annotations]]
-path = "data/imgs/flags/**"
-precedence = "aggregate"
-SPDX-FileCopyrightText = "2013 Panayiotis Lipiridis <https://flagicons.lipis.dev/>"
-SPDX-License-Identifier = "MIT"
-
-[[annotations]]
-path = ["Pipfile.lock", "migrations/**"]
-precedence = "aggregate"
-SPDX-FileCopyrightText = "WTF Kooperative eG <https://wtf-eg.de/>"
-SPDX-License-Identifier = "AGPL-3.0-or-later"
-
-[[annotations]]
-path = ["renovate.json", ".python-version"]
-precedence = "aggregate"
-SPDX-FileCopyrightText = "WTF Kooperative eG <https://wtf-eg.de/>"
-SPDX-License-Identifier = "AGPL-3.0-or-later"

app.py

@@ -38,7 +38,7 @@ app.config["KI_LDAP_AUTH_PASSWORD"] = os.getenv("KI_LDAP_AUTH_PASSWORD")
 app.config["KI_LDAP_BASE_DN"] = os.getenv("KI_LDAP_BASE_DN")
 
 CORS(app)
-db = SQLAlchemy(app, session_options={"future": True})
+db = SQLAlchemy(app)
 migrate = Migrate(app, db, compare_type=True)
 
 app.logger.info("Hello from KI")

data/imgs/flags/ca.svg

@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<svg xmlns="http://www.w3.org/2000/svg" width="810" height="540">
-<rect width="810" height="540" fill="#FCDD09"/>
-<path stroke="#DA121A" stroke-width="60" d="M0,90H810m0,120H0m0,120H810m0,120H0"/>
-</svg>

ki/actions/seed.py

@@ -19,7 +19,7 @@ def seed_contacttypes():
 
         for contacttype in csv_reader:
             id = int(contacttype["id"])
-            db_contacttype = db.session.get(ContactType, id)
+            db_contacttype = ContactType.query.get(id)
 
             if db_contacttype is None:
                 db.session.add(ContactType(id=int(contacttype["id"]), name=contacttype["name"]))
@@ -88,7 +88,6 @@ def seed_user(auth_id,
 
 
 def seed(dev: bool):
-    with app.app_context():
     seed_contacttypes()
 
     skill_seed_file_path = app.config["KI_DATA_DIR"] + "/seed_data/skills.csv"
@@ -100,7 +99,7 @@ def seed(dev: bool):
 
         for skill in skills_csv_reader:
             id = int(skill["id"])
-                db_skill = db.session.get(Skill, id)
+            db_skill = Skill.query.get(id)
 
             if db_skill is None:
                 db.session.add(Skill(id=int(skill["id"]), name=skill["name"]))
@@ -114,7 +113,7 @@ def seed(dev: bool):
 
         for iso in iso_csv_reader:
             id = iso["639-1"]
-                db_language = db.session.get(Language, id)
+            db_language = Language.query.get(id)
 
             if db_language is None:
                 db.session.add(Language(id=iso["639-1"], name=iso["Sprache"]))
@@ -137,8 +136,7 @@ def seed(dev: bool):
                   skills=[(3, 3), (1, 5)],
                   searchtopics=[3, 1],
                   languages=[("de", 5), ("fr", 3)],
-                      address=("Peter Nichtlustig", "Waldweg", "23i", "Hinterhaus", "13337", "Bielefeld",
-                               "Deutschland"),
+                  address=("Peter Nichtlustig", "Waldweg", "23i", "Hinterhaus", "13337", "Bielefeld", "Deutschland"),
                   contacts=[(4, "@peter:wtf-eg.de"), (1, "peter@wtf-eg.de")])
 
         seed_user("dirtydieter",

ki/handlers/update_profile.py

@@ -33,7 +33,7 @@ def update_languages(profile, languages_data):
         if "id" not in language_data["language"]:
             continue
 
-        language = db.session.get(Language, language_data["language"]["id"])
+        language = Language.query.get(language_data["language"]["id"])
         profile_language = ProfileLanguage.query.filter(ProfileLanguage.profile == profile,
                                                         ProfileLanguage.language == language).first()
 
@@ -110,7 +110,7 @@ def update_contacts(profile, contacts_data):
         if "id" in contact_data:
             contact_id = int(contact_data["id"])
             contact_ids_to_be_deleted.remove(contact_id)
-            contact = db.session.get(Contact, contact_id)
+            contact = Contact.query.get(contact_id)
         else:
             contact = Contact(profile=profile, contacttype=contacttype)
             db.session.add(contact)
@@ -122,7 +122,7 @@ def update_contacts(profile, contacts_data):
 
 
 def update_profile(user_id: int):
-    user = db.session.get(User, user_id)
+    user = User.query.get(user_id)
 
     if user is None:
         return make_response({}, 404)

ki/routes.py

@@ -10,14 +10,13 @@ from ki.auth import auth
 from ki.handlers import find_profiles as find_profiles_handler
 from ki.handlers import update_profile as update_profile_handler
 from ki.models import ContactType, Language, Skill, Token, User
-from app import app, db
+from app import app
 
 content_type_svg = "image/svg+xml"
 content_type_png = "image/png"
 
 
 def token_auth(func):
-
     @wraps(func)
     def _token_auth(*args, **kwargs):
         auth_header = request.headers.get("Authorization")
@@ -66,7 +65,7 @@ def handle_completion_request(model, key):
 
 
 def handle_icon_request(model, id, path):
-    object = db.session.get(model, id)
+    object = model.query.get(id)
 
     if object is None:
         return make_response({}, 404)

ki/test/ApiTest.py

@@ -31,7 +31,6 @@ class ApiTest(unittest.TestCase):
         self.max_skill_id = max_skill.id
 
     def tearDown(self):
-        with app.app_context():
         db.drop_all()
         db.engine.dispose()
 

ki/test/test_contacttypes_endpoint.py

@@ -8,7 +8,6 @@ from ki.test.ApiTest import ApiTest
 
 
 class TestContactTypesEndpoint(ApiTest):
-
     def test_skills_options(self):
         response = self.client.options("/contacttypes")
         self.assertEqual(response.status_code, 200)

ki/test/test_find_profiles_endpoint.py

@@ -8,7 +8,6 @@ from ki.test.ApiTest import ApiTest
 
 
 class TestFindProfilesEndpoint(ApiTest):
-
     def test_find_profiles_options(self):
         response = self.client.options("/users/profiles")
         self.assertEqual(response.status_code, 200)

ki/test/test_languages_endpoint.py

@@ -8,7 +8,6 @@ from ki.test.ApiTest import ApiTest
 
 
 class TestLanguagesEndpoint(ApiTest):
-
     def test_skills_options(self):
         response = self.client.options("/languages")
         self.assertEqual(response.status_code, 200)
@@ -33,7 +32,6 @@ class TestLanguagesEndpoint(ApiTest):
         self.assertEqual(response.status_code, 200)
         self.assertIn("Content-Type", response.headers)
         self.assertEqual(response.headers["Content-Type"], "image/svg+xml; charset=utf-8")
-        response.close()
 
 
 if __name__ == "main":

ki/test/test_login_endpoint.py

@@ -10,7 +10,6 @@ from ki.test.ApiTest import ApiTest
 
 
 class TestLoginEndpoint(ApiTest):
-
     def test_login(self):
         response1_data = self.login("peter", "geheim")
         response2_data = self.login("peter", "geheim")

ki/test/test_profile_endpoint.py

@@ -20,7 +20,6 @@ class TestProfileEndpoint(ApiTest):
         self.assertEqual(login_response.status_code, 200)
         self.assertIn("token", login_response.json)
 
-        with app.app_context():
         babsi = User.query.filter(User.auth_id == "babsi1").first()
         response = self.client.post(f"/users/{babsi.id}/profile",
                                     data=json.dumps({}),
@@ -104,7 +103,6 @@ class TestProfileEndpoint(ApiTest):
                 "level": 2
             }]
         }
-        with app.app_context():
         peter = User.query.filter(User.auth_id == "peter").first()
         response = self.client.post(f"/users/{peter.id}/profile",
                                     data=json.dumps(data),
@@ -187,7 +185,6 @@ class TestProfileEndpoint(ApiTest):
     def test_get_visible_proifle(self):
         token = self.login("peter", "geheim")["token"]
 
-        with app.app_context():
         babsi = User.query.filter(User.auth_id == "babsi1").first()
         response = self.client.get(f"/users/{babsi.id}/profile", headers={"Authorization": f"Bearer {token}"})
 
@@ -200,7 +197,6 @@ class TestProfileEndpoint(ApiTest):
         self.assertEqual(login_response.status_code, 200)
         self.assertIn("token", login_response.json)
 
-        with app.app_context():
         peter = User.query.filter(User.auth_id == "peter").first()
         response = self.client.get(f"/users/{peter.id}/profile",
                                    headers={"Authorization": "Bearer " + login_response.json["token"]})

ki/test/test_skills_endpoint.py

@@ -8,7 +8,6 @@ from ki.test.ApiTest import ApiTest
 
 
 class TestSkillsEndpoint(ApiTest):
-
     def test_skills_options(self):
         response = self.client.options("/skills")
         self.assertEqual(response.status_code, 200)
@@ -41,14 +40,12 @@ class TestSkillsEndpoint(ApiTest):
         self.assertEqual(response.status_code, 200)
         self.assertIn("Content-Type", response.headers)
         self.assertEqual(response.headers["Content-Type"], "image/svg+xml; charset=utf-8")
-        response.close()
 
     def test_get_fallback_skill_icon(self):
         response = self.client.get("/skills/2/icon")
         self.assertEqual(response.status_code, 200)
         self.assertIn("Content-Type", response.headers)
         self.assertEqual(response.headers["Content-Type"], "image/svg+xml; charset=utf-8")
-        response.close()
 
 
 if __name__ == "main":

migrations/env.py

@@ -19,7 +19,7 @@ logger = logging.getLogger('alembic.env')
 # target_metadata = mymodel.Base.metadata
 config.set_main_option(
     'sqlalchemy.url',
-    str(current_app.extensions['migrate'].db.engine.url).replace(
+    str(current_app.extensions['migrate'].db.get_engine().url).replace(
         '%', '%%'))
 target_metadata = current_app.extensions['migrate'].db.metadata
 
@@ -68,7 +68,7 @@ def run_migrations_online():
                 directives[:] = []
                 logger.info('No changes in schema detected.')
 
-    connectable = current_app.extensions['migrate'].db.engine
+    connectable = current_app.extensions['migrate'].db.get_engine()
 
     with connectable.connect() as connection:
         context.configure(

renovate.json

@@ -1,18 +0,0 @@
-{
-  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-  "extends": [
-    "config:best-practices",
-    ":disableDependencyDashboard",
-    ":maintainLockFilesMonthly",
-    ":pinVersions",
-    ":separateMultipleMajorReleases"
-  ],
-  "packageRules": [
-    {
-      "matchDepNames": ["python"],
-      "groupName": "Python",
-      "separateMinorPatch": true,
-      "separateMultipleMinor": true
-    }
-  ]
-}