ENH: add handle system and linkahead

.gitmodules

+[submodule "test-handle-system"]
+	path = test-handle-system
+	url = git@gitlab.indiscale.com:fdo/test-handle-system.git

Makefile

+
+all: start
+
+start: start_handle_system start_linkahead
+	docker network connect test-handle-net_hs_network linkahead-doip-server-1
+
+stop: stop_linkahead stop_handle_system
+
+.PHONY: start_handle_system
+start_handle_system:
+	$(MAKE) -C test-handle-system start
+
+.PHONY: stop_handle_system
+stop_handle_system:
+	$(MAKE) -C test-handle-system stop
+
+.PHONY: start_linkahead
+start_linkahead:
+	$(MAKE) -C linkahead start
+
+.PHONY: stop_linkahead
+stop_linkahead:
+	$(MAKE) -C linkahead stop

linkahead/.env

+CERTIFICATES_KEY_PASSWORD=Password
+LINKAHEAD_IMAGE=gitlab.indiscale.com:5050/caosdb/src/caosdb-deploy:dev_F_f-doip_P_f-string-ids
+DOIP_SERVICE_ID=TestService
+DNS_HOST_NAME=localhost

linkahead/.gitignore

+cert

linkahead/Makefile

+
+start: cert
+	@echo "Start LinkAhead"
+	docker compose up --build --detach
+
+stop:
+	@echo "Stop LinkAhead"
+	docker compose rm -vsf
+
+cert: .env
+	./cert.sh

linkahead/cert.sh

+#!/bin/bash
+
+source .env
+export KEYPW="$CERTIFICATES_KEY_PASSWORD"
+export DOIP_SERVICE_ID="${DOIP_SERVICE_ID/\//\\/}"
+export DNS_HOST_NAME
+
+mkdir -p cert
+pushd cert
+
+# create encrypted private key
+openssl genrsa -aes256 -out key.pem -passout env:KEYPW 2048
+
+# create self-signed x509 certificate
+openssl req -new -x509 -key key.pem -out cert.pem -passin env:KEYPW -subj "/C=/ST=/L=/O=IndiScale GmbH/OU=FDO ONE/CN=$DOIP_SERVICE_ID" -days 365 -addext "subjectAltName = DNS:$DNS_HOST_NAME" -addext "certificatePolicies = 1.2.3.4"
+
+# extract public key
+openssl x509 -pubkey -noout < cert.pem > pubkey.pem
+
+# put certificate into pkcs12 store
+openssl pkcs12 -export -inkey key.pem -in cert.pem -out cert.pkcs12 -passin env:KEYPW -passout env:KEYPW
+
+# convert pkcs12 store to java keystore
+keytool -importkeystore -srckeystore cert.pkcs12 -srcstoretype PKCS12 -deststoretype pkcs12 -destkeystore keystore.jks -srcstorepass "${KEYPW}" -destkeypass "${KEYPW}" -deststorepass "${KEYPW}"
+
+popd

linkahead/conf/ext/server.conf.d/doip.conf

+# -- DOIP and Handle PID related options
+DOIP_SERVER_PORT_TLS=8888
+DEFAULT_HANDLE_PID_PREFIX=0.TEST
+DOIP_SERVICE_ID=Unknown
+SERVER_BIND_ADDRESS=0.0.0.0
+PID_RECORD_URL_BASE=https://localhost:10443
+PID_SERVICE_ADMIN_HANDLE=0.TEST/ADMIN
+PID_SERVICE_ADMIN_PRIVATE_KEY=conf/ext/server.conf.d/admpriv.bin

linkahead/docker-compose.yml

+name: linkahead-doip
+services:
+  sqldb:
+    image: mariadb:10.4
+    environment:
+      MYSQL_ROOT_PASSWORD: caosdb1234
+    networks:
+      - caosnet
+  server:
+    image: "$LINKAHEAD_IMAGE"
+    user: 999:999
+    depends_on:
+      - sqldb
+    networks:
+      - caosnet
+    volumes:
+      - type: bind
+        source: ./cert
+        target: /opt/caosdb/cert
+      - type: bind
+        source: ./conf/ext/server.conf.d
+        target: /opt/caosdb/git/caosdb-server/conf/ext/server.conf.d
+      - type: bind
+        source: ./scripting/bin
+        target: /opt/caosdb/git/caosdb-server/scripting/bin
+      - type: bind
+        source: ./scripting/home
+        target: /opt/caosdb/git/caosdb-server/scripting/home
+      - type: volume
+        source: extroot
+        target: /opt/caosdb/mnt/extroot
+      - type: volume
+        source: authtoken
+        target: /opt/caosdb/git/caosdb-server/authtoken
+      - type: bind
+        source: ../test-handle-system/.handle
+        target: /opt/caosdb/.handle
+    ports:
+      # - "from_outside:from_inside"
+      - "10443:10443"
+      - "10080:10080"
+      - "8888:8888"
+    environment:
+      DEBUG: 1
+      CAOSDB_CONFIG_AUTH_OPTIONAL: "TRUE"
+      JAVA_TOOL_OPTIONS: "-Dnet.handle.configDir=/opt/caosdb/.handle"
+      CAOSDB_CONFIG_CERTIFICATES_KEY_STORE_PATH: "/opt/caosdb/cert/keystore.jks"
+      CAOSDB_CONFIG_CERTIFICATES_KEY_PASSWORD: "$CERTIFICATES_KEY_PASSWORD"
+      CAOSDB_CONFIG_CERTIFICATES_KEY_STORE_PASSWORD: "$CERTIFICATES_KEY_PASSWORD"
+      CAOSDB_CONFIG_DOIP_SERVICE_ID: "$DOIP_SERVICE_ID"
+volumes:
+  extroot:
+  authtoken:
+networks:
+  caosnet:
+    driver: bridge

linkahead/scripting/bin/hooks/init_fdo_datamodel.py

+#!/usr/bin/env python3
+import argparse
+import linkahead as db
+
+print("Init FDO Datamodel...")
+parser = argparse.ArgumentParser(description='__doc__')
+parser.add_argument('-a', '--auth-token', required=True)
+args = parser.parse_args()
+db.configure_connection(auth_token=args.auth_token)
+
+res = db.execute_query("FIND RECORDTYPE DO")
+if not len(res):
+    print("Insert RecordType DO")
+    do = db.RecordType(name="DO").insert()
+else:
+    do = res[0]
+if not len(db.execute_query("FIND RECORDTYPE FDO")):
+    print("Insert RecordType FDO")
+    fdo = db.RecordType(name="FDO").add_parent(do).insert()
+if not len(db.execute_query("FIND PROPERTY FDO_MD_Refs")):
+    print("Insert Property FDO_MD_Refs")
+    md = db.Property(name="FDO_MD_Refs", datatype=do).insert()
+if not len(db.execute_query("FIND PROPERTY FDO_Data_Refs")):
+    print("Insert Property FDO_Data_Refs")
+    data = db.Property(name="FDO_Data_Refs", datatype=do).insert()
+print("Init FDO Datamodel - done.")

linkahead/scripting/bin/hooks/start_up

+#!/bin/bash
+
+$(dirname "$0")/init_fdo_datamodel.py "$@" 2>&1

linkahead/scripting/home/.pycaosdb.ini

+[Misc]
+experimental_string_ids=true
+
+[Container]
+debug=0
+
+[Connection]
+timeout=120000
+cacert=/opt/caosdb/cert/cert.pem
+url=https://localhost:10443/
+debug=0

test-handle-system @ 372a4524

+Subproject commit 372a4524641d3d8210d8643a8073a82ce3163050