BD2KGenomics
diff --git a/‎README.md‎
Lines changed: 5 additions & 4 deletions b/‎README.md‎
Lines changed: 5 additions & 4 deletions
diff --git a/‎action/action_compose.yml‎
Lines changed: 1 addition & 0 deletions b/‎action/action_compose.yml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎boardwalk/prod.yml‎
Lines changed: 3 additions & 3 deletions b/‎boardwalk/prod.yml‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎install_bootstrap‎
Lines changed: 117 additions & 62 deletions b/‎install_bootstrap‎
Lines changed: 117 additions & 62 deletions
@@ -172,6 +172,7 @@ The `install_bootstrap` script will ask you to configure each service interactiv
   * On question 'What is your AWS S3 bucket?', put the name of the s3 bucket you created for Redwood.
   * On question 'What is your AWS S3 endpoint?', put the S3 endpoint pertaining to your region. See [here](http://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region).
   * On question 'What is your AWS IAM KMS key ID?', put your encryption key ID (See 'Create an AWS IAM Encryption Key" above). If you don't want server-side encryption, you can leave this blank.
+  * On question 'Would you like to use external redwood databases?', enter 'N'.
 * Boardwalk
   * Install in prod mode
   * On question `What is your Google Client ID?`, put your Google Client ID. See [here](http://bitwiser.in/2015/09/09/add-google-login-in-flask.html#creating-a-google-project)
@@ -202,10 +203,10 @@ Here are things we need to explain how to do post install:
 
 * first of all, how to go to the website and confirm things are working e.g. https://ops-dev.ucsc-cgl.org or whatever the domain name is
 * how to associate a token with a user email so token download works
-    * `sudo redwood/admin/bin/redwood token create -u [email protected] -s 'aws.upload aws.download'`, this give access to all programs.
+    * `sudo redwood/cli/bin/redwood token create -u [email protected] -s 'aws.upload aws.download'`, this give access to all programs.
     * you can also assign program scopes as well, for example
-        * `sudo redwood/admin/bin/redwood project create PROJECT`
-        * `sudo redwood/admin/bin/redwood token create -u [email protected] -s 'aws.PROJECT.upload aws.PROJECT.download'`
+        * `sudo redwood/cli/bin/redwood project create PROJECT`
+        * `sudo redwood/cli/bin/redwood token create -u [email protected] -s 'aws.PROJECT.upload aws.PROJECT.download'`
 * user log in via google, retrieve token
 * Get the reference data used by the RNASeq-CGL pipeline:
 *    Instructions for downloading reference data for RNASeq-CGL are located here: https://github.com/BD2KGenomics/toil-rnaseq/wiki/Pipeline-Inputs 
@@ -256,7 +257,7 @@ The `test/integration.sh` file also demonstrates normal core-client usage.
 
 Here is a sample command you can run from the `test` folder to do an upload:
 
-**NOTE:** Make sure you create an access token for yourself first. You can do so by running within `dcc-ops` the command `redwood/admin/bin/redwood token create -u [email protected] -s 'aws.upload aws.download'`. This will create a global token that you can use for testing for upload and download on any project. End users should only be given project-specific scopes like _aws.PROJECT.upload_.
+**NOTE:** Make sure you create an access token for yourself first. You can do so by running within `dcc-ops` the command `redwood/cli/bin/redwood token create -u [email protected] -s 'aws.upload aws.download'`. This will create a global token that you can use for testing for upload and download on any project. End users should only be given project-specific scopes like _aws.PROJECT.upload_.
 
 ```
 sudo docker run --rm -it -e ACCESS_TOKEN=<your_token> -e REDWOOD_ENDPOINT=<your_url.com> \
 
@@ -19,6 +19,7 @@ services:
       DOCKSTORE_TOKEN: "${dockstore_token}"
     volumes:
       - ~/dcc-action-service/logs:/home/ubuntu/logs
+      - ~/dcc-action-service/extra:/home/ubuntu/luigi_decider_runs/extra
     restart: always
     ports:
       - "8082"
 
@@ -2,7 +2,7 @@ version: '2'
 
 services:
   dcc-metadata-indexer:
-    image: quay.io/ucsc_cgl/metadata-indexer:2.0.2
+    image: quay.io/ucsc_cgl/metadata-indexer:2.0.4
     #build: dcc-metadata-indexer/v2
     environment:
       USER_GROUP: "${user_group}"
@@ -54,7 +54,7 @@ services:
       FLASK_APP: "/app/mapi.py"
       DCC_DASHBOARD_HOST: "${dcc_dashboard_host}"
       SECRET_KEY: "${secret_key}"
-    image: quay.io/ucsc_cgl/dashboard-service:1.0.2
+    image: quay.io/ucsc_cgl/dashboard-service:1.0.3
     volumes:
       - ~/dcc-dashboard-service/logs:/app/log
     #build: dcc-dashboard-service
@@ -75,7 +75,7 @@ services:
       - login-db
     restart: always
   dcc-dashboard:
-    image: quay.io/ucsc_cgl/dashboard:1.0.4
+    image: quay.io/ucsc_cgl/dashboard:1.0.5
     #build: dcc-dashboard
     ports:
       - "80"
 
@@ -452,7 +452,7 @@ while [[ "${run_redwood^^}" != 'Y' &&  "${run_redwood^^}" != 'N' ]] ; do
 
     if [ "${run_redwood^^}" = 'Y' ] ; then
 
-      #Read the config file if it exists and then show previous values...
+      # Read the config file if it exists and then show previous values...
       if [ -f redwood_launcher_config/redwood.config ] ; then
         source <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" redwood_launcher_config/redwood.config)
       fi
@@ -511,20 +511,66 @@ while [[ "${run_redwood^^}" != 'Y' &&  "${run_redwood^^}" != 'N' ]] ; do
 
       sed -ie '/\[redwood_install\]/,+3d' ~/.aws/credentials
 
-      echo "generating redwood-auth-db postgresql superuser (postgres) password"
-      auth_db_postgres_password="$(generate_password)"
-      #ask_question "What is your auth DB password?" "$AUTH_DB_PASSWORD" "auth DB password" $auth_db_password
-
-      echo "generating redwood-auth-db auth-server postgresql user (dcc_auth) password"
-      auth_db_dcc_password="$(generate_password)"
-      #ask_question "What is your auth DB password?" "$AUTH_DB_PASSWORD" "auth DB password" $auth_db_dcc_password
-
-      echo "generating redwood-metadata-db metadata db password"
-      metadata_db_password="$(generate_password)"
-      #ask_question "What is your metadata db password?" "$METADATA_DB_PASSWORD" "metadata db password" $metadata_db_password
-
-      echo "generating random auth-server admin password"
-      auth_admin_pass="$(generate_password)"
+      # use external redwood dbs or compose db containers here
+      external_redwood_dbs=''
+      while [[ "${external_redwood_dbs^^}" != 'Y' && "${external_redwood_dbs^^}" != 'N' ]] ; do
+          echo "Would you like to use external redwood databases? [Y/N]"
+          read external_redwood_dbs
+
+          if [ "${external_redwood_dbs^^}" = 'Y' ] ; then
+              # metadata db
+              redwood_metadata_db_host='redwood_metadata_db_host'
+              ask_question "Enter your (mongodb) redwood metadata db host. You can include port number." "$REDWOOD_METADATA_DB_HOST" "redwood metadata db host" $redwood_metadata_db_host
+              redwood_metadata_db='redwood_metadata_db'
+              ask_question "Enter your (mongodb) redwood metadata db database name" "$REDWOOD_METADATA_DB" "redwood metadata db database name" $redwood_metadata_db
+              redwood_metadata_db_username='redwood_metadata_db_username'
+              ask_question "Enter your (mongodb) redwood metadata db username" "$REDWOOD_METADATA_DB_USERNAME" "redwood metadata db username" $redwood_metadata_db_username
+              redwood_metadata_db_password='redwood_metadata_db_password'
+              ask_question "Enter your (mongodb) redwood metadata db password" "$REDWOOD_METADATA_DB_PASSWORD" "redwood metadata db password" $redwood_metadata_db_password
+
+              # auth db
+              redwood_auth_db_host='redwood_auth_db_host'
+              ask_question "Enter your (mongodb) redwood auth db host. You can include port number." "$REDWOOD_AUTH_DB_HOST" "redwood auth db host" $redwood_auth_db_host
+              redwood_auth_db='redwood_auth_db'
+              ask_question "Enter your (mongodb) redwood auth db database name" "$REDWOOD_AUTH_DB" "redwood auth db database name" $redwood_auth_db
+              redwood_auth_db_username='redwood_auth_db_username'
+              ask_question "Enter your (mongodb) redwood auth db username" "$REDWOOD_AUTH_DB_USERNAME" "redwood auth db username" $redwood_auth_db_username
+              redwood_auth_db_password='redwood_auth_db_password'
+              ask_question "Enter your (mongodb) redwood auth db password" "$REDWOOD_AUTH_DB_PASSWORD" "redwood auth db password" $redwood_auth_db_password
+
+          elif [ "${external_redwood_dbs^^}" = 'N' ]; then
+              # metadata db
+              echo "using local mongodb redwood-metadata-db container"
+              redwood_metadata_db_host="redwood-metadata-db"
+              redwood_metadata_db="dcc-metadata"
+              redwood_metadata_db_username="metadata"
+              redwood_metadata_db_password="password"
+
+              echo "generating redwood-metadata-db metadata db password"
+              redwood_metadata_db_password="$(generate_password)"
+
+              echo "generating redwood-metadata-db admin password"
+              redwood_metadata_db_admin_password="$(generate_password)"
+
+              # auth db
+              echo "using local mongodb redwood-auth-db container"
+              redwood_auth_db_host="redwood-auth-db"
+              redwood_auth_db="dcc"
+              redwood_auth_db_username="dcc_auth"
+
+              echo "generating redwood-auth-db postgresql superuser (postgres) password"
+              redwood_auth_db_admin_password="$(generate_password)"
+
+              echo "generating redwood-auth-db user (dcc_auth) password"
+              redwood_auth_db_password="$(generate_password)"
+
+              echo "generating random auth-server admin password"
+              redwood_auth_server_admin_pass="$(generate_password)"
+          else
+              echo "ERROR: bad input: ${external_redwood_dbs}"
+              external_redwood_dbs=''
+          fi
+      done
 
       echo "generating random metadata-server oauth client secret"
       metadata_client_secret="$(generate_password)"
@@ -549,10 +595,17 @@ while [[ "${run_redwood^^}" != 'Y' &&  "${run_redwood^^}" != 'N' ]] ; do
 "S3_BUCKET_BACKUP":"${s3_bucket_backup}",
 "S3_ENDPOINT":"${s3_endpoint}",
 "KMS_KEY":"${kms_key}",
-"AUTH_DB_POSTGRES_PASSWORD":"${auth_db_postgres_password}",
-"AUTH_DB_DCC_PASSWORD":"${auth_db_dcc_password}",
-"METADATA_DB_PASSWORD":"${metadata_db_password}",
-"AUTH_ADMIN_PASSWORD":"${auth_admin_pass}",
+"METADATA_DB_HOST":"${redwood_metadata_db_host}",
+"METADATA_DB":"${redwood_metadata_db}",
+"METADATA_DB_USERNAME":"${redwood_metadata_db_username}",
+"METADATA_DB_PASSWORD":"${redwood_metadata_db_password}",
+"METADATA_DB_ADMIN_PASSWORD":"${redwood_metadata_db_admin_password}",
+"AUTH_DB_HOST":"${redwood_auth_db_host}",
+"AUTH_DB":"${redwood_auth_db}",
+"AUTH_DB_USERNAME":"${redwood_auth_db_username}",
+"AUTH_DB_PASSWORD":"${redwood_auth_db_password}",
+"AUTH_DB_ADMIN_PASSWORD":"${redwood_auth_db_admin_password}",
+"AUTH_SERVER_ADMIN_PASSWORD":"${redwood_auth_server_admin_pass}",
 "METADATA_CLIENT_SECRET":"${metadata_client_secret}",
 "STORAGE_CLIENT_SECRET":"${storage_client_secret}",
 "MGMT_CLIENT_SECRET":"${mgmt_client_secret}"
@@ -570,54 +623,55 @@ CONFIG
 
               # remove old redwood instance and data volumes if they exist
               echo "Removing old redwood containers, volumes, etc. if they exist"
-              sudo admin/bin/redwood down
+              sudo cli/bin/redwood down
               redwood_data_volumes=$(sudo docker volume ls | grep 'redwood_redwood-.*-data' | awk '{print $2}')
               if [[ ! -z ${redwood_data_volumes} ]]; then
                   sudo docker volume rm ${redwood_data_volumes}
               fi
 
               # start redwood
               echo "Starting redwood"
-              sudo admin/bin/redwood up
-
+              sudo cli/bin/redwood up
               cd ..
-          elif [[ "${launch_redwood^^}" = 'N' ]]; then
-              echo "You can start redwood later with: $ $(pwd)/redwood/admin/bin/redwood up"
-          fi
-      done
 
-      recover_metadata=-1
-      read -ep $'Do you want to recover metadata from a backup? [Y/N]\n' recover_metadata_response
-      while [[ "${recover_metadata}" = "-1" ]]; do
-          if [[ "${recover_metadata_response^^}" =~ ^(Y|YES)$ ]]; then
-              recover_metadata=1
-          elif [[ "${recover_metadata_response^^}" =~ ^(N|NO)$ ]]; then
-              recover_metadata=0
-          else
-              echo "bad input: ${recover_metadata_response}"
+              # optionally recover backup and run migrations
               recover_metadata=-1
-          fi
-      done
-      if [[ ${recover_metadata} -eq 1 ]]; then # run recovery and (optionally) migrations
-          read -ep $'Enter the path to your metdata-backup (.tar.gz) file.\n' metadata_backup_file
-          sudo redwood/admin/bin/redwood recover metadata "${metadata_backup_file}"
-
-          migrate=-1
-          while [[ "${migrate}" = "-1" ]]; do # suggest migrations
-              case ${yes} in
-                  0) migrate_response=no ;;
-                  1) migrate_response=yes ;;
-                  *) read -rep $'Do you want to perform any migrations? [Y\N]\n' migrate_response ;;
-              esac
-              if [[ "${migrate_response^^}" =~ ^(Y|YES)$ ]]; then
-                  migrate=1
-                  sudo redwood/admin/bin/redwood migrate metadata "${metadata_backup_file}"
-              elif [[ "${migrate_response^^}" =~ ^(N|NO)$ ]]; then migrate=0
-              else echo "bad input: ${migrate_response}"
+              read -ep $'Do you want to recover metadata from a backup? [Y/N]\n' recover_metadata_response
+              while [[ "${recover_metadata}" = "-1" ]]; do
+                  if [[ "${recover_metadata_response^^}" =~ ^(Y|YES)$ ]]; then
+                      recover_metadata=1
+                  elif [[ "${recover_metadata_response^^}" =~ ^(N|NO)$ ]]; then
+                      recover_metadata=0
+                  else
+                      echo "bad input: ${recover_metadata_response}"
+                      recover_metadata=-1
+                  fi
+              done
+              if [[ ${recover_metadata} -eq 1 ]]; then # run recovery and (optionally) migrations
+                  read -ep $'Enter the path to your metdata-backup (.tar.gz) file.\n' metadata_backup_file
+                  sudo redwood/cli/bin/redwood recover metadata "${metadata_backup_file}"
+
+                  migrate=-1
+                  while [[ "${migrate}" = "-1" ]]; do # suggest migrations
+                      case ${yes} in
+                          0) migrate_response=no ;;
+                          1) migrate_response=yes ;;
+                          *) read -rep $'Do you want to perform any migrations? [Y\N]\n' migrate_response ;;
+                      esac
+                      if [[ "${migrate_response^^}" =~ ^(Y|YES)$ ]]; then
+                          migrate=1
+                          sudo redwood/cli/bin/redwood migrate metadata "${metadata_backup_file}"
+                      elif [[ "${migrate_response^^}" =~ ^(N|NO)$ ]]; then migrate=0
+                      else echo "bad input: ${migrate_response}"
+                      fi
+                  done
+
               fi
-          done
 
-      fi
+          elif [[ "${launch_redwood^^}" = 'N' ]]; then
+              echo "You can start redwood later with: $ $(pwd)/redwood/cli/bin/redwood up"
+          fi
+      done
 
     elif [ "${run_redwood^^}" = 'N' ] ; then
       echo "You can run this script at another time to run the redwood installer"
@@ -667,15 +721,15 @@ while [[ "${run_boardwalk^^}" != 'Y' &&  "${run_boardwalk^^}" != 'N' ]] ; do
     read run_boardwalk
 
     if [ "${run_boardwalk^^}" = 'Y' ] ; then
-      #echo "Carlos needs to dockerize"
       #Per ES specifications to run their docker image on production:
       #Set vm.max_map_count to 262144
       #Set the default elasticsearch1 service name
       es_service=elasticsearch1
       dcc_dashboard_protocol=https
       dcc_dashboard_port=8080
+      echo "Setting max VM for ElasticSearch"
       sudo sysctl -w vm.max_map_count=262144
-      #USER_GROUP=$(stat -c '%u:%g' $HOME)
+      sudo echo "vm.max_map_count=262144" >> /etc/sysctl.conf
 
       if [ -f boardwalk_launcher_config/boardwalk.config ] ; then
         	source <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" boardwalk_launcher_config/boardwalk.config)
@@ -732,7 +786,7 @@ while [[ "${run_boardwalk^^}" != 'Y' &&  "${run_boardwalk^^}" != 'N' ]] ; do
       #ask_question "What is your Redwood auth-server Admin Port?" "$REDWOOD_ADMIN_PORT" "Redwood Admin Port" $redwood_admin_port
 
       # generate redwood access token
-      redwood_access_token=$(sudo redwood/admin/bin/redwood token create -u indexer -s 'aws.upload aws.download')
+      redwood_access_token=$(sudo redwood/cli/bin/redwood token create -u indexer -s 'aws.upload aws.download')
       #ask_question "What is your Redwood Access Token?" "$REDWOOD_ACCESS_TOKEN" "Redwood Access Token" $redwood_access_token
 
       #dcc_dashboard_host='dcc_dashboard_host'
@@ -840,7 +894,8 @@ while [[ "${run_boardwalk^^}" != 'Y' &&  "${run_boardwalk^^}" != 'N' ]] ; do
       echo "generating SECRET_KEY for login"
       secret_key="$(generate_password)"
 
-      core_client_version='1.1.0-alpha'
+      #TODO: The script should snoop the .env file and check if it has a password assigned already and use that. Otherwise, generate a random password.
+      core_client_version='1.1.0'
       # Now write a config for this file.
       [[ -f boardwalk_launcher_config/boardwalk.config ]] || mkdir -p boardwalk_launcher_config
 
@@ -888,7 +943,7 @@ CONFIG
 
       cd boardwalk
       #Bringing stuff down in case there are some cached containers
-      echo "Bringing down any Boardwalk existing container"
+      echo "Bringing down any existing Boardwalk container and volumes"
       sudo docker-compose -f ${boardwalk_mode}.yml down -v
       echo "Creating Boardwalk associated containers"
       sudo docker-compose -f ${boardwalk_mode}.yml up -d
@@ -951,8 +1006,8 @@ while [[ "${run_action^^}" != 'Y' &&  "${run_action^^}" != 'N' ]] ; do
 
       # generate redwood access token
       redwood_access_token='redwood_access_token'
-      if [ -f redwood/admin/bin/redwood ] ; then
-           redwood_access_token=$(sudo redwood/admin/bin/redwood token create -u action_service -s 'aws.upload aws.download')
+      if [ -f redwood/cli/bin/redwood ] ; then
+           redwood_access_token=$(sudo redwood/cli/bin/redwood token create -u action_service -s 'aws.upload aws.download')
       else
           ask_question "What is your Redwood Access Token?" "$STORAGE_ACCESS_TOKEN" "Redwood Access Token" $redwood_access_token
       fi