Merge commit 'b0f8e06b995393d1b67037ac60c5b8d29c898c59' into names-an…

…d-labels

* commit 'b0f8e06b995393d1b67037ac60c5b8d29c898c59':
  #372 Removed unnecessary execution permission grant
  #372 Refactored student prototype startup script
  #355: Refactor and fix crash loop.
  #356: Added explanation why we sanitise.
  #356: Forgot to add the prefix.
  #356: Added username sanitation.
  #361 added default prefix to username to prevent errors when only using numbers
  Fixed typo
  Fixes for deployment issues with prototype (newlines and chmod) documented in deployment-guide.md
  Update ExecEngineFunctions.php
  #354: Reverted imagepullpolicy
  #354: Fixed the getImageCommand
  added getimagecommand
  Added image pull policy

RAP4/customizations/bootstrap/files/ExecEngineFunctions.php

@@ -343,10 +343,7 @@
     $zipContentForCommandline = base64_encode($zipContent);
     $mainAldForCommandLine = base64_encode("main.adl");
 
-    $pattern = '/[\W+]/';
-
-    $userName=strtolower($userName);
-    $userName = preg_replace($pattern, '-', $userName);
+    $userName = sanitize_username($userName);
 
     $deployment = getenv('RAP_DEPLOYMENT');
     if ($deployment == 'Kubernetes') {
@@ -360,12 +357,22 @@
         */
 
         $namespace=getenv('RAP_KUBERNETES_NAMESPACE');
-        $containerImage=getenv('RAP_STUDENT_PROTO_IMAGE');
+        $suffix=substr($namespace, 3);
+
+        $getImageCommand = new Command(
+            "kubectl get deployment/student-prototype{$suffix} -n {$namespace}",
+            [ "-o=jsonpath='{\$.spec.template.spec.containers[0].image}'"
+            ],
+            $ee->getLogger()
+        );
+
+        $getImageCommand->execute();
+
+        $containerImage=$getImageCommand->getResponse();
 
         $hostname=getenv('RAP_HOST_NAME');
         $hostname="{$userName}.{$hostname}";
 
-        $suffix=substr($namespace, 3);
 
         $dbName="rap-db{$suffix}";
 
@@ -464,6 +471,33 @@
     $scriptVersionAtom->link($message, 'compileresponse[ScriptVersion*CompileResponse]')->add();
 });
 
+/**Sanitize the username
+ * As the user is allowed to choose any name, it is possible that the name they chose does not conform to restrictions places on the string in certain use cases.
+ * For example, a user could use special characters in their username. This might violate the restrictions placed on strings in a kubernetes metadata.name field.
+ * Therefore we remove all characters deemed unfit, and create a hash from these characters and append this hash at the end.
+ * To prevent casting errors between int and string, we append 'st' at the beginning.
+*/
+function sanitize_username($username) {
+    // Define the pattern of illegal characters
+    $pattern = '/[^a-zA-Z0-9]/';
+
+    // Find all illegal characters
+    preg_match_all($pattern, $username, $matches);
+
+    // Remove illegal characters
+    $sanitized_username = preg_replace($pattern, '', $username);
+
+    // Create a hash of the illegal characters
+    $hash = !empty($matches[0]) ? substr(md5(implode($matches[0])), 0, 5) : '';
+
+    // Append the hash to the sanitized username
+    $sanitized_username .= $hash;
+
+    $sanitized_username = 'st' . $sanitized_username;
+
+    return strtolower($sanitized_username);
+}
+
 /**
  * @phan-closure-scope \Ampersand\Rule\ExecEngine
  * Phan analyzes the inner body of this closure as if it were a closure declared in ExecEngine.

RAP4/customizations/bootstrap/files/student-manifest-template.yaml

@@ -43,7 +43,7 @@ spec:
                 name: {{dbSecrets}}
           ports:
             - containerPort: 80
-          command: ["bash", "/run-student-prototype.sh"]
+          command: ["bash", "/scripts/run-student-prototype.sh"]
           args: [{{zipContent}},{{mainAdl}}]
 ---
 # student-prototype user service

RAP4USER/Dockerfile

@@ -13,12 +13,10 @@ RUN apt-get install -y unzip
 # COPY --from=ampersandtarski/ampersand:v4.6.0 /bin/ampersand /usr/local/bin
 # RUN chmod +x /usr/local/bin/ampersand
 
-COPY run-student-prototype.sh /
+COPY scripts /scripts
 
 COPY templates /templates
 
-RUN chmod +x /run-student-prototype.sh
-
 # RUN chown -R www-data:www-data /var/www/log /var/www/data /var/www/generics \
 #  && cd /var/www \
 #  # uncomment lines below if customizations are added to default prototype framework
@@ -27,4 +25,6 @@ RUN chmod +x /run-student-prototype.sh
 #  # && gulp build-ampersand \
 #  # && gulp build-project
 
-ENTRYPOINT bash /run-student-prototype.sh
+WORKDIR /scripts
+
+ENTRYPOINT bash /scripts/run-student-prototype.sh

RAP4USER/scripts/deploy-docker.sh

@@ -0,0 +1,19 @@
+#import shared functions
+source shared.sh
+
+#functions
+start_apache() {
+    docker-php-entrypoint apache2-foreground &
+    sleep 3600
+}
+
+#run commands
+echo "Deploying to docker"
+
+#these are required for the file to pick up the variables
+echo "Encoded zip: $1"
+echo "Encoded main: $2"
+
+read_input "$1" "$2"
+deploy
+start_apache

RAP4USER/scripts/deploy-kubernetes.sh

@@ -0,0 +1,18 @@
+#import shared functions
+source shared.sh
+
+#functions
+start_apache() {
+    docker-php-entrypoint apache2-foreground
+}
+
+#run commands
+echo "Deploying to kubernetes"
+
+#these are required for the file to pick up the variables
+echo "Encoded zip: $1"
+echo "Encoded main: $2"
+
+read_input "$1" "$2"
+deploy
+start_apache

RAP4USER/scripts/run-student-prototype.sh

@@ -0,0 +1,55 @@
+#!/bin/bash
+
+# Exit immediately if a command exits with a non-zero status
+set -e
+
+kubernetes_file="deploy-kubernetes.sh"
+docker_file="deploy-docker.sh"
+
+# Functions
+deploy_kubernetes(){
+    if [ -z "$1" ] || [ -z "$2" ]; then
+        echo "No arguments supplied"
+        sleep 3600
+    else
+        zip="$1"
+        main="$2"
+
+        if [ -f "$kubernetes_file" ]; then
+            echo "Loading $kubernetes_file"
+            source $kubernetes_file $zip $main
+        else
+            echo "Could't find file at $kubernetes_file"
+        fi
+
+    fi
+}
+
+deploy_docker(){
+    read -r line
+
+    if [ -z "$line" ]; then
+        echo "Line is empty"
+    else
+        # Split the line into zip and main
+        zip="${line%% *}"  # Everything before the first space
+        main="${line#* }"   # Everything after the first space
+
+        if [ -f "$docker_file" ]; then
+            echo "Loading $docker_file"
+
+            source $docker_file $zip $main
+        else
+            echo "Could't find file at $docker_file"
+        fi
+    fi
+}
+
+# Code run on startup
+if [[ -n $RAP_DEPLOYMENT && $RAP_DEPLOYMENT == "Kubernetes" ]]; then
+    echo "Target is kubernetes"
+    deploy_kubernetes "$1" "$2"
+else
+    echo "Target is docker"
+    deploy_docker "$1" "$2"
+fi

RAP4USER/scripts/shared.sh

@@ -0,0 +1,43 @@
+outzip="/out.zip"
+outfolder="/out"
+
+read_input(){
+    echo "Reading input"
+
+    echo "$1" | base64 -d > $outzip
+
+    main="$2"
+}
+
+unzip_content(){
+    echo "Unzipping zip: $outzip to folder: $outfolder"
+
+    unzip $outzip -d $outfolder
+}
+
+set_entry(){
+    echo "Decoding entry name"
+
+    entry=$(echo -n $main | base64 -d)
+}
+
+generate_prototype() {
+    entrypath="$outfolder/$entry"
+
+    echo "Generating prototype from path: $entrypath"
+
+    ampersand proto "$entrypath" --proto-dir=/var/www --verbose
+}
+
+set_permissions() {
+    echo "Setting permissions"
+
+    chown -R www-data:www-data /var/www/data /var/www/generics
+}
+
+deploy(){
+    unzip_content
+    set_entry
+    generate_prototype
+    set_permissions
+}

deployment/kubernetes/base/rap/student-prototype-deployment.yaml

@@ -16,4 +16,7 @@ spec:
     spec:
       containers:
         - image: ampersandtarski/rap4-student-prototype:v1.2.0
-          name: rap4-student-prototype          
+          name: rap4-student-prototype
+          env:
+          - name: RAP_DEPLOYMENT
+            value: Kubernetes

deployment/kubernetes/overlays/general/dev/rap/student-prototype-deployment.yaml

@@ -8,3 +8,4 @@ spec:
       containers:
         - image: ampersandtarski/rap4-student-prototype:dev-latest
           name: rap4-student-prototype          
+          imagePullPolicy: Never

docs/deployment-guide.md

@@ -118,7 +118,7 @@ The process for building images will be explained here.
    exit
    ```
 
-   This step may not be possible on Windows. If that's the case then skip it.
+   This step may not be possible on Windows. If that's the case then try it without "sudo" (or skip it).
 
 9. For security reasons, set `DISABLE_DB_INSTALL` to `true` in your `.env` file and repeat step 4 to effectuate this change.
 
@@ -142,6 +142,7 @@ docker stop phpmyadmin
 - Generate a Prototype. Upon success you will see a link "Open Prototype".
   If you get a permission error for `/var/run/docker.sock` something went wrong with step 8. Turn to "troubleshooting" for possible solutions.
 - Open the prototype. The URL `<yourname>.<hostname>` (e.g. `student123.rap.cs.ou.nl`) should appear in a new tab in your browser.
+  If you get a "404 page not found", look in the student prototype container log in Docker. If it starts with "$'\r': command not found", then convert the line-endings of RAP4USER/run-student-prototype.sh to Unix style with a tool (f.e. NotePad++ on Windows) and rebuild the image (see above)
 - Install the database by pushing the red button.
 - Verify that your prototype works.
 - Verify that `enroll.<hostname>` (e.g. enroll.rap.cs.ou.nl) works
@@ -467,7 +468,7 @@ Open a terminal, and give the following command:
 kubectl config view
 ```
 
-This will show the configuration of Kubernetes. In my case, it says that minicube is configured to run on the port. I played with minicube some time ago, and uninstalled it. Uninstall didn't remove all loose ends: Check the contents of `$HOME/.kube/config`.
+This will show the configuration of Kubernetes. In my case, it says that minikube is configured to run on the port. I played with minikube some time ago, and uninstalled it. Uninstall didn't remove all loose ends: Check the contents of `$HOME/.kube/config`.
 I also found [help at stackoverflow](https://stackoverflow.com/questions/37921222/kubectl-connection-to-server-was-refused).
 
 Good luck & Happy coding!