Use lockfile in running container (#8)

.devcontainer/.dev_config.yaml

@@ -2,3 +2,4 @@
 
 host: 0.0.0.0
 service_url: http://localhost:8080
+service_instance_id: "1"

.pyproject_generation/pyproject_custom.toml

@@ -1,11 +1,11 @@
 [project]
 name = "top"
-version = "1.1.0"
+version = "1.1.1"
 description = "Test OpenID Connect provider"
 dependencies = [
     "typer >= 0.9.0",
-    "ghga-service-commons[api,auth] >= 1.2.0",
-    "hexkit >= 1.1.0"
+    "ghga-service-commons[api,auth] >= 2.0.0",
+    "hexkit >= 2.0.0"
 ]
 
 [project.urls]

Dockerfile

@@ -30,15 +30,18 @@ FROM python:3.10.9-slim-bullseye
 # update and install dependencies
 RUN apt update
 RUN apt upgrade -y
-# copy and install wheel
+# copy and install requirements and wheel
 WORKDIR /service
+COPY --from=builder /service/lock/requirements.txt /service
+RUN pip install --no-deps -r requirements.txt
+RUN rm requirements.txt
 COPY --from=builder /service/dist/ /service
-RUN pip install *.whl
+RUN pip install --no-deps *.whl
+RUN rm *.whl
 # create new user and execute as that user
 RUN useradd --create-home appuser
 WORKDIR /home/appuser
 USER appuser
-# set environment
 ENV PYTHONUNBUFFERED=1
-# Please adapt to package name:
+# run application
 ENTRYPOINT ["top"]

README.md

@@ -18,21 +18,21 @@ We recommend using the provided Docker container.
 
 A pre-build version is available at [docker hub](https://hub.docker.com/repository/docker/ghga/test-oidc-provider):
 ```bash
-docker pull ghga/test-oidc-provider:1.1.0
+docker pull ghga/test-oidc-provider:1.1.1
 ```
 
 Or you can build the container yourself from the [`./Dockerfile`](./Dockerfile):
 ```bash
 # Execute in the repo's root dir:
-docker build -t ghga/test-oidc-provider:1.1.0 .
+docker build -t ghga/test-oidc-provider:1.1.1 .
 ```
 
 For production-ready deployment, we recommend using Kubernetes, however,
 for simple use cases, you could execute the service using docker
 on a single server:
 ```bash
 # The entrypoint is preconfigured:
-docker run -p 8080:8080 ghga/test-oidc-provider:1.1.0 --help
+docker run -p 8080:8080 ghga/test-oidc-provider:1.1.1 --help
 ```
 
 If you prefer not to use containers, you may install the service from source:
@@ -49,6 +49,33 @@ top --help
 ### Parameters
 
 The service requires the following configuration parameters:
+- **`log_level`** *(string)*: The minimum log level to capture. Must be one of: `["CRITICAL", "ERROR", "WARNING", "INFO", "DEBUG", "TRACE"]`. Default: `"INFO"`.
+
+- **`service_name`** *(string)*: Short name of this service. Default: `"top"`.
+
+- **`service_instance_id`** *(string)*: String that uniquely identifies this service instance in log messages. Default: `"default"`.
+
+- **`log_format`**: If set, will replace JSON formatting with the specified string format. If not set, has no effect. In addition to the standard attributes, the following can also be specified: timestamp, service, instance, level, correlation_id, and details. Default: `null`.
+
+  - **Any of**
+
+    - *string*
+
+    - *null*
+
+
+  Examples:
+
+  ```json
+  "%(timestamp)s - %(service)s - %(level)s - %(message)s"
+  ```
+
+
+  ```json
+  "%(asctime)s - Severity: %(levelno)s - %(msg)s"
+  ```
+
+
 - **`issuer`** *(string, format: uri)*: test issuer URL. Default: `"https://op.test/"`.
 
 - **`user_domain`** *(string)*: domain name of the home organization of the test users. Default: `"home.org"`.
@@ -61,8 +88,6 @@ The service requires the following configuration parameters:
 
 - **`port`** *(integer)*: Port to expose the server on the specified host. Default: `8080`.
 
-- **`log_level`** *(string)*: Controls the verbosity of the log. Must be one of: `["critical", "error", "warning", "info", "debug", "trace"]`. Default: `"info"`.
-
 - **`auto_reload`** *(boolean)*: A development feature. Set to `True` to automatically reload the server upon code changes. Default: `false`.
 
 - **`workers`** *(integer)*: Number of workers processes to run. Default: `1`.
@@ -166,8 +191,6 @@ The service requires the following configuration parameters:
   ```
 
 
-- **`service_name`** *(string)*: Short name of this service. Default: `"top"`.
-
 - **`service_url`** *(string, format: uri)*: External base URL of this service. Default: `"https://op.test/"`.
 
 

config_schema.json

@@ -2,6 +2,49 @@
   "additionalProperties": false,
   "description": "Modifies the orginal Settings class provided by the user",
   "properties": {
+    "log_level": {
+      "default": "INFO",
+      "description": "The minimum log level to capture.",
+      "enum": [
+        "CRITICAL",
+        "ERROR",
+        "WARNING",
+        "INFO",
+        "DEBUG",
+        "TRACE"
+      ],
+      "title": "Log Level",
+      "type": "string"
+    },
+    "service_name": {
+      "default": "top",
+      "description": "Short name of this service",
+      "title": "Service Name",
+      "type": "string"
+    },
+    "service_instance_id": {
+      "default": "default",
+      "description": "String that uniquely identifies this service instance in log messages",
+      "title": "Service Instance Id",
+      "type": "string"
+    },
+    "log_format": {
+      "anyOf": [
+        {
+          "type": "string"
+        },
+        {
+          "type": "null"
+        }
+      ],
+      "default": null,
+      "description": "If set, will replace JSON formatting with the specified string format. If not set, has no effect. In addition to the standard attributes, the following can also be specified: timestamp, service, instance, level, correlation_id, and details",
+      "examples": [
+        "%(timestamp)s - %(service)s - %(level)s - %(message)s",
+        "%(asctime)s - Severity: %(levelno)s - %(msg)s"
+      ],
+      "title": "Log Format"
+    },
     "issuer": {
       "default": "https://op.test/",
       "description": "test issuer URL",
@@ -41,20 +84,6 @@
       "title": "Port",
       "type": "integer"
     },
-    "log_level": {
-      "default": "info",
-      "description": "Controls the verbosity of the log.",
-      "enum": [
-        "critical",
-        "error",
-        "warning",
-        "info",
-        "debug",
-        "trace"
-      ],
-      "title": "Log Level",
-      "type": "string"
-    },
     "auto_reload": {
       "default": false,
       "description": "A development feature. Set to `True` to automatically reload the server upon code changes",
@@ -176,12 +205,6 @@
       "title": "Generate Correlation Id",
       "type": "boolean"
     },
-    "service_name": {
-      "default": "top",
-      "description": "Short name of this service",
-      "title": "Service Name",
-      "type": "string"
-    },
     "service_url": {
       "default": "https://op.test/",
       "description": "External base URL of this service",

example_config.yaml

@@ -9,9 +9,11 @@ docs_url: /docs
 generate_correlation_id: true
 host: 0.0.0.0
 issuer: https://op.test/
-log_level: info
+log_format: null
+log_level: INFO
 openapi_url: /openapi.json
 port: 8080
+service_instance_id: '1'
 service_name: top
 service_url: http://localhost:8080/
 user_domain: home.org

lock/requirements-dev.txt

@@ -2,7 +2,7 @@
 # This file is autogenerated by pip-compile with Python 3.9
 # by the following command:
 #
-#    pip-compile --generate-hashes --output-file=/workspace/lock/requirements-dev.txt /tmp/tmpa2nc2yxa/pyproject.toml /workspace/lock/requirements-dev.in
+#    pip-compile --generate-hashes --output-file=/workspace/lock/requirements-dev.txt /tmp/tmp1sh4qc1p/pyproject.toml /workspace/lock/requirements-dev.in
 #
 annotated-types==0.6.0 \
     --hash=sha256:0641064de18ba7a25dee8f96403ebc39113d0cb953a01429249d5c7564666a43 \
@@ -266,78 +266,6 @@ cryptography==41.0.7 \
     --hash=sha256:e3114da6d7f95d2dee7d3f4eec16dacff819740bbab931aff8648cb13c5ff5e7 \
     --hash=sha256:f983596065a18a2183e7f79ab3fd4c475205b839e02cbc0efbbf9666c4b3083d
     # via jwcrypto
-dependency-injector==4.41.0 \
-    --hash=sha256:02620454ee8101f77a317f3229935ce687480883d72a40858ff4b0c87c935cce \
-    --hash=sha256:059fbb48333148143e8667a5323d162628dfe27c386bd0ed3deeecfc390338bf \
-    --hash=sha256:05e15ea0f2b14c1127e8b0d1597fef13f98845679f63bf670ba12dbfc12a16ef \
-    --hash=sha256:12e91ac0333e7e589421943ff6c6bf9cf0d9ac9703301cec37ccff3723406332 \
-    --hash=sha256:1662e2ef60ac6e681b9e11b5d8b7c17a0f733688916cf695f9540f8f50a61b1e \
-    --hash=sha256:168334cba3f1cbf55299ef38f0f2e31879115cc767b780c859f7814a52d80abb \
-    --hash=sha256:16de2797dcfcc2263b8672bf0751166f7c7b369ca2ff9246ceb67b65f8e1d802 \
-    --hash=sha256:1baee908f21190bdc46a65ce4c417a5175e9397ca62354928694fce218f84487 \
-    --hash=sha256:22b11dbf696e184f0b3d5ac4e5418aeac3c379ba4ea758c04a83869b7e5d1cbf \
-    --hash=sha256:300838e9d4f3fbf539892a5a4072851728e23b37a1f467afcf393edd994d88f0 \
-    --hash=sha256:3055b3fc47a0d6e5f27defb4166c0d37543a4967c279549b154afaf506ce6efc \
-    --hash=sha256:33a724e0a737baadb4378f5dc1b079867cc3a88552fcca719b3dba84716828b2 \
-    --hash=sha256:3535d06416251715b45f8412482b58ec1c6196a4a3baa207f947f0b03a7c4b44 \
-    --hash=sha256:3588bd887b051d16b8bcabaae1127eb14059a0719a8fe34c8a75ba59321b352c \
-    --hash=sha256:3744c327d18408e74781bd6d8b7738745ee80ef89f2c8daecf9ebd098cb84972 \
-    --hash=sha256:37d5954026e3831663518d78bdf4be9c2dbfea691edcb73c813aa3093aa4363a \
-    --hash=sha256:40936d9384363331910abd59dd244158ec3572abf9d37322f15095315ac99893 \
-    --hash=sha256:409441122f40e1b4b8582845fdd76deb9dc5c9d6eb74a057b85736ef9e9c671f \
-    --hash=sha256:48b6886a87b4ceb9b9f78550f77b2a5c7d2ce33bc83efd886556ad468cc9c85a \
-    --hash=sha256:4a31d9d60be4b585585081109480cfb2ef564d3b851cb32a139bf8408411a93a \
-    --hash=sha256:4a44ca3ce5867513a70b31855b218be3d251f5068ce1c480cc3a4ad24ffd3280 \
-    --hash=sha256:51217cb384b468d7cc355544cec20774859f00812f9a1a71ed7fa701c957b2a7 \
-    --hash=sha256:5168dc59808317dc4cdd235aa5d7d556d33e5600156acaf224cead236b48a3e8 \
-    --hash=sha256:54032d62610cf2f4421c9d92cef52957215aaa0bca403cda580c58eb3f726eda \
-    --hash=sha256:56d37b9d2f50a18f059d9abdbea7669a7518bd42b81603c21a27910a2b3f1657 \
-    --hash=sha256:586a0821720b15932addbefb00f7370fbcd5831d6ebbd6494d774b44ff96d23a \
-    --hash=sha256:5fa3ed8f0700e47a0e7363f949b4525ffa8277aa1c5b10ca5b41fce4dea61bb9 \
-    --hash=sha256:63bfba21f8bff654a80e9b9d06dd6c43a442990b73bf89cd471314c11c541ec2 \
-    --hash=sha256:67b369592c57549ccdcad0d5fef1ddb9d39af7fed8083d76e789ab0111fc6389 \
-    --hash=sha256:6b29abac56ce347d2eb58a560723e1663ee2125cf5cc38866ed92b84319927ec \
-    --hash=sha256:6b98945edae88e777091bf0848f869fb94bd76dfa4066d7c870a5caa933391d0 \
-    --hash=sha256:6ee9810841c6e0599356cb884d16453bfca6ab739d0e4f0248724ed8f9ee0d79 \
-    --hash=sha256:740a8e8106a04d3f44b52b25b80570fdac96a8a3934423de7c9202c5623e7936 \
-    --hash=sha256:75280dfa23f7c88e1bf56c3920d58a43516816de6f6ab2a6650bb8a0f27d5c2c \
-    --hash=sha256:75e7a733b372db3144a34020c4233f6b94db2c6342d6d16bc5245b1b941ee2bd \
-    --hash=sha256:76b94c8310929e54136f3cb3de3adc86d1a657b3984299f40bf1cd2ba0bae548 \
-    --hash=sha256:786f7aac592e191c9caafc47732161d807bad65c62f260cd84cd73c7e2d67d6d \
-    --hash=sha256:7a92680bea1c260e5c0d2d6cd60b0c913cba76a456a147db5ac047ecfcfcc758 \
-    --hash=sha256:7dcba8665cafec825b7095d5dd80afb5cf14404450eca3fe8b66e1edbf4dbc10 \
-    --hash=sha256:7fa4970f12a3fc95d8796938b11c41276ad1ff4c447b0e589212eab3fc527a90 \
-    --hash=sha256:87be84084a1b922c4ba15e2e5aa900ee24b78a5467997cb7aec0a1d6cdb4a00b \
-    --hash=sha256:89c67edffe7007cf33cee79ecbca38f48efcc2add5c280717af434db6c789377 \
-    --hash=sha256:8b51efeaebacaf79ef68edfc65e9687699ccffb3538c4a3ab30d0d77e2db7189 \
-    --hash=sha256:8b8cf1c6c56f5c18bdbd9f5e93b52ca29cb4d99606d4056e91f0c761eef496dc \
-    --hash=sha256:8d670a844268dcd758195e58e9a5b39fc74bb8648aba99a13135a4a10ec9cfac \
-    --hash=sha256:8f0090ff14038f17a026ca408a3a0b0e7affb6aa7498b2b59d670f40ac970fbe \
-    --hash=sha256:939dfc657104bc3e66b67afd3fb2ebb0850c9a1e73d0d26066f2bbdd8735ff9c \
-    --hash=sha256:953bfac819d32dc72b963767589e0ed372e5e9e78b03fb6b89419d0500d34bbe \
-    --hash=sha256:99ed73b1521bf249e2823a08a730c9f9413a58f4b4290da022e0ad4fb333ba3d \
-    --hash=sha256:9e3b9d41e0eff4c8e16fea1e33de66ff0030fe51137ca530f3c52ce110447914 \
-    --hash=sha256:a2381a251b04244125148298212550750e6e1403e9b2850cc62e0e829d050ad3 \
-    --hash=sha256:a2dee5d4abdd21f1a30a51d46645c095be9dcc404c7c6e9f81d0a01415a49e64 \
-    --hash=sha256:a4f113e5d4c3070973ad76e5bda7317e500abae6083d78689f0b6e37cf403abf \
-    --hash=sha256:a8686fa330c83251c75c8238697686f7a0e0f6d40658538089165dc72df9bcff \
-    --hash=sha256:ac79f3c05747f9724bd56c06985e78331fc6c85eb50f3e3f1a35e0c60f9977e9 \
-    --hash=sha256:b0c9c966ff66c77364a2d43d08de9968aff7e3903938fe912ba49796b2133344 \
-    --hash=sha256:b2440b32474d4e747209528ca3ae48f42563b2fbe3d74dbfe949c11dfbfef7c4 \
-    --hash=sha256:b365a8548e9a49049fa6acb24d3cd939f619eeb8e300ca3e156e44402dcc07ec \
-    --hash=sha256:b37f36ecb0c1227f697e1d4a029644e3eda8dd0f0716aa63ad04d96dbb15bbbb \
-    --hash=sha256:b3890a12423ae3a9eade035093beba487f8d092ee6c6cb8706f4e7080a56e819 \
-    --hash=sha256:b8b61a15bc46a3aa7b29bd8a7384b650aa3a7ef943491e93c49a0540a0b3dda4 \
-    --hash=sha256:bc852da612c7e347f2fcf921df2eca2718697a49f648a28a63db3ab504fd9510 \
-    --hash=sha256:c71d30b6708438050675f338edb9a25bea6c258478dbe5ec8405286756a2d347 \
-    --hash=sha256:d03f5fa0fa98a18bd0dfce846db80e2798607f0b861f1f99c97f441f7669d7a2 \
-    --hash=sha256:d09c08c944a25dabfb454238c1a889acd85102b93ae497de523bf9ab7947b28a \
-    --hash=sha256:d283aee588a72072439e6721cb64aa6cba5bc18c576ef0ab28285a6ec7a9d655 \
-    --hash=sha256:d557e40673de984f78dab13ebd68d27fbb2f16d7c4e3b663ea2fa2f9fae6765b \
-    --hash=sha256:e3229d83e99e255451605d5276604386e06ad948e3d60f31ddd796781c77f76f \
-    --hash=sha256:f2842e15bae664a9f69932e922b02afa055c91efec959cb1896f6c499bf68180 \
-    --hash=sha256:f89a507e389b7e4d4892dd9a6f5f4da25849e24f73275478634ac594d621ab3f
-    # via hexkit
 deprecated==1.2.14 \
     --hash=sha256:6fac8b097794a90302bdbb17b9b815e732d3c4720583ff1b198499d78470466c \
     --hash=sha256:e5323eb936458dccc2582dc6f9c322c852a775a27065ff2b0c4970b9d53d01b3
@@ -378,9 +306,9 @@ filelock==3.13.1 \
     --hash=sha256:521f5f56c50f8426f5e03ad3b281b490a87ef15bc6c526f168290f0c7148d44e \
     --hash=sha256:57dbda9b35157b05fb3e58ee91448612eb674172fab98ee235ccb0b5bee19a1c
     # via virtualenv
-ghga-service-commons[api,auth,objectstorage]==1.3.0 \
-    --hash=sha256:1582b251052163640d0c609d90d1e51e2d14902909e889e36d50a3a0be239e00 \
-    --hash=sha256:717216804aa8dac5e069dabaf796d47efde279ac00c45b2d17b0f720019d9b2c
+ghga-service-commons[api,auth,objectstorage]==2.0.0 \
+    --hash=sha256:56b91fdff152715cbb4649e9deb683a03fcac3cbca1021374a3e2877da944b69 \
+    --hash=sha256:c552c884cb3fc6d810b81bd900bd9f43f096a6c3f7bdd9ecdda6e94a7e92aa01
     # via
     #   ghga-service-commons
     #   top (pyproject.toml)
@@ -394,9 +322,9 @@ h11==0.14.0 \
     # via
     #   httpcore
     #   uvicorn
-hexkit==1.2.0 \
-    --hash=sha256:18170e65b0428e23d837990d7ac7dfbf889dbf66d184835927d4ea61b3b1fe4c \
-    --hash=sha256:be7ed66f0486794bf9861db4f83c4ef365f8f905b2af39c3577f6dc947b5613f
+hexkit==2.0.0 \
+    --hash=sha256:baaaa7af9634e2438591e6fe78b0192f850659045797235a9faab8f6b63b583a \
+    --hash=sha256:cae4b5b58edfd5f79576ac6385c377cc95bf07621a3486b29b360358e045f9cc
     # via
     #   ghga-service-commons
     #   top (pyproject.toml)
@@ -469,9 +397,9 @@ iniconfig==2.0.0 \
     --hash=sha256:2d91e135bf72d31a410b17c16da610a82cb55f6b0477d1a902134b24a455b8b3 \
     --hash=sha256:b6a85871a79d2e3b22d2d1b94ac2824226a63c6b741c88f7ae975f18b6778374
     # via pytest
-jsonschema2md==1.0.0 \
-    --hash=sha256:01e18693c8dcdd643aa79ce757c5896877c590493422d23fd0bd76562fbc424b \
-    --hash=sha256:1d1333cb6d55a152ce10051b05651bc71122c0ec5e572b3433046825661569d4
+jsonschema2md==1.1.0 \
+    --hash=sha256:2386fc4d119330686db3989ea497ab96a4defb6388386fc0ceff756b5c1a66a7 \
+    --hash=sha256:e89edf2de1bc7fc3e842915c7c29b7b70888555a87002eccc06350c0412a1458
     # via -r /workspace/lock/requirements-dev-template.in
 jwcrypto==1.5.1 \
     --hash=sha256:48bb9bf433777136253579e52b75ffe0f9a4a721d133d01f45a0b91ed5f4f1ae
@@ -869,9 +797,7 @@ ruff==0.1.11 \
 six==1.16.0 \
     --hash=sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926 \
     --hash=sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254
-    # via
-    #   dependency-injector
-    #   pytest-profiling
+    # via pytest-profiling
 snakeviz==2.2.0 \
     --hash=sha256:569e2d71c47f80a886aa6e70d6405cb6d30aa3520969ad956b06f824c5f02b8e \
     --hash=sha256:7bfd00be7ae147eb4a170a471578e1cd3f41f803238958b6b8efcf2c698a6aa9