Compare commits
3 Commits
938c271ff5
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
| 3a13bf754a | |||
| f4ef823f43 | |||
| ab7d31de2f |
2
.gitignore
vendored
2
.gitignore
vendored
@@ -11,6 +11,7 @@ target/
|
|||||||
# Configuration files (keep *.example.yaml)
|
# Configuration files (keep *.example.yaml)
|
||||||
config.yaml
|
config.yaml
|
||||||
config.*.yaml
|
config.*.yaml
|
||||||
|
!docker/distributable/config.docker.yaml
|
||||||
!config.example.yaml
|
!config.example.yaml
|
||||||
!config.development.yaml
|
!config.development.yaml
|
||||||
!config.test.yaml
|
!config.test.yaml
|
||||||
@@ -35,6 +36,7 @@ logs/
|
|||||||
# Build artifacts
|
# Build artifacts
|
||||||
dist/
|
dist/
|
||||||
build/
|
build/
|
||||||
|
artifacts/
|
||||||
|
|
||||||
# Testing
|
# Testing
|
||||||
coverage/
|
coverage/
|
||||||
|
|||||||
159
docker/distributable/config.docker.yaml
Normal file
159
docker/distributable/config.docker.yaml
Normal file
@@ -0,0 +1,159 @@
|
|||||||
|
# Attune Docker Environment Configuration
|
||||||
|
# This file overrides base config.yaml settings for Docker deployments
|
||||||
|
|
||||||
|
environment: docker
|
||||||
|
|
||||||
|
# Docker database (PostgreSQL container)
|
||||||
|
database:
|
||||||
|
url: postgresql://attune:attune@postgres:5432/attune
|
||||||
|
max_connections: 20
|
||||||
|
min_connections: 5
|
||||||
|
acquire_timeout: 30
|
||||||
|
idle_timeout: 600
|
||||||
|
max_lifetime: 1800
|
||||||
|
log_statements: false
|
||||||
|
schema: "attune"
|
||||||
|
|
||||||
|
# Docker message queue (RabbitMQ container)
|
||||||
|
message_queue:
|
||||||
|
url: amqp://attune:attune@rabbitmq:5672
|
||||||
|
connection_timeout: 30
|
||||||
|
heartbeat: 60
|
||||||
|
prefetch_count: 10
|
||||||
|
rabbitmq:
|
||||||
|
worker_queue_ttl_ms: 300000 # 5 minutes - expire unprocessed executions
|
||||||
|
dead_letter:
|
||||||
|
enabled: true
|
||||||
|
exchange: attune.dlx
|
||||||
|
ttl_ms: 86400000 # 24 hours - retain DLQ messages for debugging
|
||||||
|
|
||||||
|
# Docker cache (Redis container - optional)
|
||||||
|
cache:
|
||||||
|
enabled: true
|
||||||
|
url: redis://redis:6379
|
||||||
|
connection_timeout: 5
|
||||||
|
default_ttl: 3600
|
||||||
|
|
||||||
|
# API server configuration
|
||||||
|
server:
|
||||||
|
host: 0.0.0.0
|
||||||
|
port: 8080
|
||||||
|
cors_origins:
|
||||||
|
- http://localhost
|
||||||
|
- http://localhost:3000
|
||||||
|
- http://localhost:3001
|
||||||
|
- http://localhost:3002
|
||||||
|
- http://localhost:5173
|
||||||
|
- http://127.0.0.1:3000
|
||||||
|
- http://127.0.0.1:3001
|
||||||
|
- http://127.0.0.1:3002
|
||||||
|
- http://127.0.0.1:5173
|
||||||
|
- http://web
|
||||||
|
request_timeout: 60
|
||||||
|
max_request_size: 10485760 # 10MB
|
||||||
|
|
||||||
|
# Logging configuration
|
||||||
|
log:
|
||||||
|
level: info
|
||||||
|
format: json # Structured logs for container environments
|
||||||
|
console: true
|
||||||
|
|
||||||
|
# Security settings (MUST override via environment variables in production)
|
||||||
|
security:
|
||||||
|
jwt_secret: ${JWT_SECRET}
|
||||||
|
jwt_access_expiration: 3600 # 1 hour
|
||||||
|
jwt_refresh_expiration: 604800 # 7 days
|
||||||
|
encryption_key: ${ENCRYPTION_KEY}
|
||||||
|
enable_auth: true
|
||||||
|
allow_self_registration: false
|
||||||
|
login_page:
|
||||||
|
show_local_login: true
|
||||||
|
show_oidc_login: true
|
||||||
|
oidc:
|
||||||
|
# example local dev
|
||||||
|
enabled: false
|
||||||
|
discovery_url: https://my.sso.provider.com/.well-known/openid-configuration
|
||||||
|
client_id: 31d194737840d32bd3afe6474826976bae346d77247a158c4dc43887278eb605
|
||||||
|
client_secret: xL2C9WOC8shZ2QrZs9VFa10JK1Ob95xcMtZU3N86H1Pz0my5
|
||||||
|
provider_name: my-sso-provider
|
||||||
|
provider_label: My SSO Provider
|
||||||
|
provider_icon_url: https://my.sso.provider.com/favicon.ico
|
||||||
|
redirect_uri: http://localhost:3000/auth/callback
|
||||||
|
post_logout_redirect_uri: http://localhost:3000/login
|
||||||
|
scopes:
|
||||||
|
- groups
|
||||||
|
|
||||||
|
# Packs directory (mounted volume in containers)
|
||||||
|
packs_base_dir: /opt/attune/packs
|
||||||
|
|
||||||
|
# Runtime environments directory (isolated envs like virtualenvs, node_modules).
|
||||||
|
# Kept separate from packs so pack directories remain clean and read-only.
|
||||||
|
# Pattern: {runtime_envs_dir}/{pack_ref}/{runtime_name}
|
||||||
|
runtime_envs_dir: /opt/attune/runtime_envs
|
||||||
|
|
||||||
|
# Artifacts directory (shared volume for file-based artifact storage).
|
||||||
|
# File-type artifacts are written here by execution processes and served by the API.
|
||||||
|
# Pattern: {artifacts_dir}/{ref_slug}/v{version}.{ext}
|
||||||
|
artifacts_dir: /opt/attune/artifacts
|
||||||
|
|
||||||
|
# Executor service configuration
|
||||||
|
executor:
|
||||||
|
service_name: attune-executor
|
||||||
|
max_concurrent_executions: 50
|
||||||
|
heartbeat_interval: 30
|
||||||
|
task_timeout: 300
|
||||||
|
cleanup_interval: 120
|
||||||
|
scheduling_interval: 5
|
||||||
|
retry_max_attempts: 3
|
||||||
|
retry_backoff_multiplier: 2.0
|
||||||
|
retry_backoff_max: 300
|
||||||
|
scheduled_timeout: 300 # 5 minutes - fail executions stuck in SCHEDULED
|
||||||
|
timeout_check_interval: 60 # Check every minute for stale executions
|
||||||
|
enable_timeout_monitor: true
|
||||||
|
|
||||||
|
# Worker service configuration
|
||||||
|
worker:
|
||||||
|
service_name: attune-worker
|
||||||
|
worker_type: container
|
||||||
|
max_concurrent_tasks: 20
|
||||||
|
heartbeat_interval: 10 # Reduced from 30s for faster stale detection (staleness = 30s)
|
||||||
|
task_timeout: 300
|
||||||
|
cleanup_interval: 120
|
||||||
|
work_dir: /tmp/attune-worker
|
||||||
|
python:
|
||||||
|
executable: python3
|
||||||
|
venv_dir: /tmp/attune-worker/venvs
|
||||||
|
requirements_timeout: 300
|
||||||
|
nodejs:
|
||||||
|
executable: node
|
||||||
|
npm_executable: npm
|
||||||
|
modules_dir: /tmp/attune-worker/node_modules
|
||||||
|
install_timeout: 300
|
||||||
|
shell:
|
||||||
|
executable: /bin/bash
|
||||||
|
allowed_shells:
|
||||||
|
- /bin/bash
|
||||||
|
- /bin/sh
|
||||||
|
|
||||||
|
# Sensor service configuration
|
||||||
|
sensor:
|
||||||
|
service_name: attune-sensor
|
||||||
|
heartbeat_interval: 10 # Reduced from 30s for faster stale detection
|
||||||
|
max_concurrent_sensors: 50
|
||||||
|
sensor_timeout: 300
|
||||||
|
polling_interval: 10
|
||||||
|
cleanup_interval: 120
|
||||||
|
|
||||||
|
# Notifier service configuration
|
||||||
|
notifier:
|
||||||
|
service_name: attune-notifier
|
||||||
|
websocket_host: 0.0.0.0
|
||||||
|
websocket_port: 8081
|
||||||
|
heartbeat_interval: 30
|
||||||
|
connection_timeout: 60
|
||||||
|
max_connections: 1000
|
||||||
|
message_buffer_size: 10000
|
||||||
|
|
||||||
|
# Agent binary distribution (serves the agent binary via API for remote downloads)
|
||||||
|
agent:
|
||||||
|
binary_dir: /opt/attune/agent
|
||||||
@@ -7,6 +7,9 @@ bundle_dir="${1:-${repo_root}/docker/distributable}"
|
|||||||
archive_path="${2:-${repo_root}/artifacts/attune-docker-dist.tar.gz}"
|
archive_path="${2:-${repo_root}/artifacts/attune-docker-dist.tar.gz}"
|
||||||
|
|
||||||
template_dir="${repo_root}/docker/distributable"
|
template_dir="${repo_root}/docker/distributable"
|
||||||
|
bundle_dir="$(realpath -m "${bundle_dir}")"
|
||||||
|
archive_path="$(realpath -m "${archive_path}")"
|
||||||
|
template_dir="$(realpath -m "${template_dir}")"
|
||||||
|
|
||||||
mkdir -p "${bundle_dir}/docker" "${bundle_dir}/migrations" "${bundle_dir}/packs" "${bundle_dir}/scripts"
|
mkdir -p "${bundle_dir}/docker" "${bundle_dir}/migrations" "${bundle_dir}/packs" "${bundle_dir}/scripts"
|
||||||
mkdir -p "$(dirname "${archive_path}")"
|
mkdir -p "$(dirname "${archive_path}")"
|
||||||
@@ -18,13 +21,13 @@ copy_file() {
|
|||||||
cp "${src}" "${dst}"
|
cp "${src}" "${dst}"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Keep the distributable compose file and README as the maintained templates.
|
# Keep the distributable compose file, README, and config as the maintained templates.
|
||||||
if [ "${bundle_dir}" != "${template_dir}" ]; then
|
if [ "${bundle_dir}" != "${template_dir}" ]; then
|
||||||
copy_file "${template_dir}/docker-compose.yaml" "${bundle_dir}/docker-compose.yaml"
|
copy_file "${template_dir}/docker-compose.yaml" "${bundle_dir}/docker-compose.yaml"
|
||||||
copy_file "${template_dir}/README.md" "${bundle_dir}/README.md"
|
copy_file "${template_dir}/README.md" "${bundle_dir}/README.md"
|
||||||
|
copy_file "${template_dir}/config.docker.yaml" "${bundle_dir}/config.docker.yaml"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
copy_file "${repo_root}/config.docker.yaml" "${bundle_dir}/config.docker.yaml"
|
|
||||||
copy_file "${repo_root}/docker/run-migrations.sh" "${bundle_dir}/docker/run-migrations.sh"
|
copy_file "${repo_root}/docker/run-migrations.sh" "${bundle_dir}/docker/run-migrations.sh"
|
||||||
copy_file "${repo_root}/docker/init-user.sh" "${bundle_dir}/docker/init-user.sh"
|
copy_file "${repo_root}/docker/init-user.sh" "${bundle_dir}/docker/init-user.sh"
|
||||||
copy_file "${repo_root}/docker/init-packs.sh" "${bundle_dir}/docker/init-packs.sh"
|
copy_file "${repo_root}/docker/init-packs.sh" "${bundle_dir}/docker/init-packs.sh"
|
||||||
|
|||||||
18
web/package-lock.json
generated
18
web/package-lock.json
generated
@@ -3655,9 +3655,9 @@
|
|||||||
"license": "ISC"
|
"license": "ISC"
|
||||||
},
|
},
|
||||||
"node_modules/picomatch": {
|
"node_modules/picomatch": {
|
||||||
"version": "2.3.1",
|
"version": "2.3.2",
|
||||||
"resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz",
|
"resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.2.tgz",
|
||||||
"integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==",
|
"integrity": "sha512-V7+vQEJ06Z+c5tSye8S+nHUfI51xoXIXjHQ99cQtKUkQqqO1kO/KCJUfZXuB47h/YBlDhah2H3hdUGXn8ie0oA==",
|
||||||
"dev": true,
|
"dev": true,
|
||||||
"license": "MIT",
|
"license": "MIT",
|
||||||
"engines": {
|
"engines": {
|
||||||
@@ -4337,9 +4337,9 @@
|
|||||||
}
|
}
|
||||||
},
|
},
|
||||||
"node_modules/tinyglobby/node_modules/picomatch": {
|
"node_modules/tinyglobby/node_modules/picomatch": {
|
||||||
"version": "4.0.3",
|
"version": "4.0.4",
|
||||||
"resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz",
|
"resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.4.tgz",
|
||||||
"integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==",
|
"integrity": "sha512-QP88BAKvMam/3NxH6vj2o21R6MjxZUAd6nlwAS/pnGvN9IVLocLHxGYIzFhg6fUQ+5th6P4dv4eW9jX3DSIj7A==",
|
||||||
"dev": true,
|
"dev": true,
|
||||||
"license": "MIT",
|
"license": "MIT",
|
||||||
"peer": true,
|
"peer": true,
|
||||||
@@ -4609,9 +4609,9 @@
|
|||||||
}
|
}
|
||||||
},
|
},
|
||||||
"node_modules/vite/node_modules/picomatch": {
|
"node_modules/vite/node_modules/picomatch": {
|
||||||
"version": "4.0.3",
|
"version": "4.0.4",
|
||||||
"resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz",
|
"resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.4.tgz",
|
||||||
"integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==",
|
"integrity": "sha512-QP88BAKvMam/3NxH6vj2o21R6MjxZUAd6nlwAS/pnGvN9IVLocLHxGYIzFhg6fUQ+5th6P4dv4eW9jX3DSIj7A==",
|
||||||
"dev": true,
|
"dev": true,
|
||||||
"license": "MIT",
|
"license": "MIT",
|
||||||
"peer": true,
|
"peer": true,
|
||||||
|
|||||||
Reference in New Issue
Block a user