Merge remote-tracking branch 'upstream/master' into pr/add-slice-get-…

…endpoint

.dockerignore

@@ -1,10 +1,17 @@
 # Git
 .git
 .gitignore
+.github
+create_permissions.log
 # Logs
 log/*
 # Temp files
 tmp/*
 # Editor temp files
 *.swp
 *.swo
+coverage
+# Ignore generated test data
+test/data/uploaded_ontologies/**/*
+test/data/ontology_files/repo/**/*
+test/log

.github/workflows/deploy.yml

@@ -0,0 +1,85 @@
+# Workflow for deploying ontologies_api to stage/prod systems via capistrano.
+# This workflow runs after a successeful execution of the unit test workflow and it
+# can also be triggered manually.
+#
+# Required github secrets:
+#
+# CONFIG_REPO - github repo containing config and customizations for the API. Format 'author/private_config_repo'
+# it is used for getting capistrano deployment configuration for stages on the github actions runner and
+# PRIVATE_CONFIG_REPO env var is constructed from it which is used by capistrano on the remote servers for pulling configs.
+#
+# GH_PAT - github Personal Access Token for accessing PRIVATE_CONFIG_REPO
+#
+# SSH_JUMPHOST - ssh jump/proxy host though which deployments have to though if app servers are hosted on private network.
+#
+# DEPLOY_ENC_KEY - key for decrypting deploymnet ssh key residing in config/deploy_id_rsa_enc (see miloserdow/capistrano-deploy)
+# this SSH key is used for accessing jump host, UI nodes, and private github repo.
+
+name: Capistrano Deployment
+# Controls when the action will run.
+on:
+  # Trigger deployment to staging after unit test action completes
+  workflow_run:
+    workflows: ["Ruby Unit Tests"]
+    types:
+      - completed
+    branches: [master, develop]
+  # Allows running this workflow manually from the Actions tab
+  workflow_dispatch:
+    branches: [master, develop]
+    inputs:
+      BRANCH:
+        description: 'Branch/tag to deploy'
+        default: develop
+        required: true
+      environment:
+        description: 'target environment to deploy to'
+        type: choice
+        options:
+          - staging
+          - production
+        default: staging
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    # run deployment only if "Ruby Unit Tests" workflow completes sucessefully or when manually triggered
+    if: ${{ (github.event.workflow_run.conclusion == 'success') || (github.event_name == 'workflow_dispatch') }}
+    env:
+      BUNDLE_WITHOUT: default #install gems required primarily for the deployment in order to speed this workflow
+      PRIVATE_CONFIG_REPO: ${{ format('[email protected]:{0}.git', secrets.CONFIG_REPO) }}
+    # Steps represent a sequence of tasks that will be executed as part of the job
+    steps:
+    - name: set branch/tag and environment to deploy from inputs
+      run: |
+        # workflow_dispatch default input doesn't get set on push so we need to set defaults
+        # via shell parameter expansion
+        # https://dev.to/mrmike/github-action-handling-input-default-value-5f2g
+        USER_INPUT_BRANCH=${{ inputs.branch }}
+        echo "BRANCH=${USER_INPUT_BRANCH:-develop}" >> $GITHUB_ENV
+        USER_INPUT_ENVIRONMENT=${{ inputs.environment }}
+        echo "TARGET=${USER_INPUT_ENVIRONMENT:-staging}" >> $GITHUB_ENV
+    # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+    - uses: actions/checkout@v3
+    - uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: 2.7.6 # Not needed with a .ruby-version file
+        bundler-cache: true # runs 'bundle install' and caches installed gems automatically
+    - name: get-deployment-config
+      uses: actions/checkout@v3
+      with:
+        repository: ${{ secrets.CONFIG_REPO }} # repository containing deployment settings
+        token: ${{ secrets.GH_PAT }} # `GH_PAT` is a secret that contains your PAT
+        path:  deploy_config
+    - name: copy-deployment-config
+      run:  cp -r deploy_config/ontologies_api/* .
+    # add ssh hostkey so that capistrano doesn't complain
+    - name: Add jumphost's hostkey to Known Hosts
+      run: |
+        mkdir -p ~/.ssh
+        ssh-keyscan -H ${{ secrets.SSH_JUMPHOST }} > ~/.ssh/known_hosts
+      shell: bash
+    - uses: miloserdow/capistrano-deploy@master
+      with:
+        target: ${{ env.TARGET }} # which environment to deploy
+        deploy_key: ${{ secrets.DEPLOY_ENC_KEY }} # Name of the variable configured in Settings/Secrets of your github project

.github/workflows/docker-image.yml

@@ -0,0 +1,42 @@
+name: Docker Image CI
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  push_to_registry:
+    name: Push Docker image to Docker Hub
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out the repo
+        uses: actions/checkout@v3
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: bioportal/ontologies_api
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64
+          build-args: |
+            RUBY_VERSION=2.7
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}

.github/workflows/ruby-unit-tests.yml

@@ -6,12 +6,23 @@ on:
 
 jobs:
   test:
+    strategy:
+      matrix:
+        backend: ['api', 'api-agraph'] # api runs tests with 4store backend and api-agraph runs with AllegroGraph backend
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
     - name: Build docker-compose
-      working-directory: ./test
-      run: docker-compose build
+      run: docker-compose --profile 4store build #profile flag is set in order to build all containers in this step
     - name: Run unit tests
-      working-directory: ./test
-      run: docker-compose up --exit-code-from unit-test
+      # unit tests are run inside a container
+      # http://docs.codecov.io/docs/testing-with-docker
+      run: |
+        ci_env=`bash <(curl -s https://codecov.io/env)`
+        docker-compose run $ci_env -e CI --rm ${{ matrix.backend }} bundle exec rake test TESTOPTS='-v'
+    - name: Upload coverage reports to Codecov
+      uses: codecov/codecov-action@v3
+      with:
+        flags: unittests
+        verbose: true
+        fail_ci_if_error: false # optional (default = false)

Dockerfile

@@ -1,15 +1,26 @@
-FROM ruby:2.6
+ARG RUBY_VERSION
+ARG DISTRO_NAME=bullseye
 
-RUN apt-get update -yqq && apt-get install -yqq --no-install-recommends openjdk-11-jre-headless raptor2-utils wait-for-it
+FROM ruby:$RUBY_VERSION-$DISTRO_NAME
+
+RUN apt-get update -yqq && apt-get install -yqq --no-install-recommends \
+  openjdk-11-jre-headless \
+  raptor2-utils \
+  && rm -rf /var/lib/apt/lists/*
 
-# The Gemfile Caching Trick
-# we install gems before copying the code in its own layer so that gems would not have to get
-# installed every single time code is updated
 RUN mkdir -p /srv/ontoportal/ontologies_api
+RUN mkdir -p /srv/ontoportal/bundle
 COPY Gemfile* /srv/ontoportal/ontologies_api/
+
 WORKDIR /srv/ontoportal/ontologies_api
-RUN gem install bundler -v "$(grep -A 1 "BUNDLED WITH" Gemfile.lock | tail -n 1)"
+
+RUN gem update --system
+RUN gem install bundler
+ENV BUNDLE_PATH=/srv/ontoportal/bundle
 RUN bundle install
+
 COPY . /srv/ontoportal/ontologies_api
+RUN cp /srv/ontoportal/ontologies_api/config/environments/config.rb.sample /srv/ontoportal/ontologies_api/config/environments/development.rb
+
 EXPOSE 9393
-CMD ["bundle","exec","rackup","-p","9393","--host","0.0.0.0"]
+CMD ["bundle", "exec", "rackup", "-p", "9393", "--host", "0.0.0.0"]

Gemfile

@@ -4,7 +4,6 @@ gem 'activesupport', '~> 3.0'
 # see https://github.com/ncbo/ontologies_api/issues/69
 gem 'bigdecimal', '1.4.2'
 gem 'faraday', '~> 1.9'
-gem 'google-api-client', '~> 0.10'
 gem 'json-schema', '~> 2.0'
 gem 'multi_json', '~> 1.0'
 gem 'oj', '~> 2.0'
@@ -18,49 +17,49 @@ gem 'sinatra-contrib', '~> 1.0'
 # Rack middleware
 gem 'ffi'
 gem 'rack-accept', '~> 0.4'
-gem 'rack-attack', '~> 5.4.2', require: 'rack/attack'
+gem 'rack-attack', '~> 6.6.1', require: 'rack/attack'
 gem 'rack-cache', '~> 1.0'
 gem 'rack-cors', require: 'rack/cors'
-gem 'rack-post-body-to-params', git: 'https://github.com/palexander/rack-post-body-to-params.git', branch: "multipart_support" # github dependency can be removed when https://github.com/niko/rack-post-body-to-params/pull/6 is merged and released
+# GitHub dependency can be removed when https://github.com/niko/rack-post-body-to-params/pull/6 is merged and released
+gem 'rack-post-body-to-params', github: 'palexander/rack-post-body-to-params', branch: 'multipart_support'
 gem 'rack-timeout'
-gem 'redis-rack-cache', '~> 1.0'
+gem 'redis-rack-cache', '~> 2.0'
 
 # Data access (caching)
 gem 'redis'
 gem 'redis-activesupport'
+gem 'redis-store', '1.9.1' # remove after https://github.com/redis-store/redis-store/issues/358 is resolved
 
 # Monitoring
 gem 'cube-ruby', require: 'cube'
 gem 'newrelic_rpm'
 
 # HTTP server
-gem 'rainbows'
 gem 'unicorn'
 gem 'unicorn-worker-killer'
 
 # Templating
-gem 'haml'
+gem 'haml', '~> 5.2.2' # pin see https://github.com/ncbo/ontologies_api/pull/107
 gem 'redcarpet'
 
-# NCBO gems (can be from a local dev path or from rubygems/git)
-gem 'goo', git: 'https://github.com/ncbo/goo.git', branch: 'master'
-gem 'ncbo_annotator', git: 'https://github.com/ncbo/ncbo_annotator.git', branch: 'master'
-gem 'ncbo_cron', git: 'https://github.com/ncbo/ncbo_cron.git', branch: 'master'
-gem 'ncbo_ontology_recommender', git: 'https://github.com/ncbo/ncbo_ontology_recommender.git', branch: 'master'
-gem 'ontologies_linked_data', git: 'https://github.com/ncbo/ontologies_linked_data.git', branch: 'master'
-gem 'sparql-client', git: 'https://github.com/ncbo/sparql-client.git', branch: 'master'
-
-# NCBO gems (unversioned)
-gem 'ncbo_resolver', git: 'https://github.com/ncbo/ncbo_resolver.git'
-gem 'ncbo_resource_index', git: 'https://github.com/ncbo/resource_index.git'
+# NCBO
+gem 'goo', github: 'ncbo/goo', branch: 'master'
+gem 'ncbo_annotator', github: 'ncbo/ncbo_annotator', branch: 'master'
+gem 'ncbo_cron', github: 'ncbo/ncbo_cron', branch: 'master'
+gem 'ncbo_ontology_recommender', github: 'ncbo/ncbo_ontology_recommender', branch: 'master'
+gem 'ontologies_linked_data', github: 'ncbo/ontologies_linked_data', branch: 'master'
+gem 'sparql-client', github: 'ncbo/sparql-client', branch: 'master'
 
 group :development do
+  # bcrypt_pbkdf and ed35519 is required for capistrano deployments when using ed25519 keys; see https://github.com/miloserdow/capistrano-deploy/issues/42
+  gem 'bcrypt_pbkdf', '>= 1.0', '< 2.0', require: false
   gem 'capistrano', '~> 3', require: false
   gem 'capistrano-bundler', require: false
   gem 'capistrano-locally', require: false
   gem 'capistrano-rbenv', require: false
+  gem 'ed25519', '>= 1.2', '< 2.0', require: false
   gem 'pry'
-  gem 'shotgun', git: 'https://github.com/palexander/shotgun.git', branch: 'ncbo'
+  gem 'shotgun', github: 'palexander/shotgun', branch: 'ncbo'
 end
 
 group :profiling do
@@ -72,4 +71,5 @@ group :test do
   gem 'minitest-stub_any_instance'
   gem 'rack-test'
   gem 'simplecov', require: false
+  gem 'simplecov-cobertura' # for codecov.io
 end