From 0bd620d68ed8e1efbf1b2a9cdcad5402d7794735 Mon Sep 17 00:00:00 2001 From: Tobias Kunze Date: Mon, 26 May 2025 09:15:53 +0200 Subject: [PATCH] Add system checks --- README.md | 1 + src/servala/core/apps.py | 3 ++ src/servala/core/checks.py | 86 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 90 insertions(+) create mode 100644 src/servala/core/checks.py diff --git a/README.md b/README.md index df8d74c..7241854 100644 --- a/README.md +++ b/README.md @@ -129,6 +129,7 @@ uv run --env-file=.env src/manage.py COMMAND Useful commands: - ``migrate``: Make sure database migrations are applied. +- ``check --deploy``: Runs checks, e.g. for missing or mismatched configuration, including custom servala configuration. - ``showmigrations``: Show current database migrations status. Good for debugging. - ``runserver``: Run development server - ``clearsessions``: Clear away expired user sessions. Recommended to run regularly, e.g. weekly or monthly (doesn’t diff --git a/src/servala/core/apps.py b/src/servala/core/apps.py index ad73de8..f7cbde2 100644 --- a/src/servala/core/apps.py +++ b/src/servala/core/apps.py @@ -4,3 +4,6 @@ from django.apps import AppConfig class CoreConfig(AppConfig): default_auto_field = "django.db.models.BigAutoField" name = "servala.core" + + def ready(self): + import servala.core.checks # noqa diff --git a/src/servala/core/checks.py b/src/servala/core/checks.py new file mode 100644 index 0000000..d1bb708 --- /dev/null +++ b/src/servala/core/checks.py @@ -0,0 +1,86 @@ +from django.conf import settings +from django.core.checks import ERROR, WARNING, CheckMessage, register + + +@register() +def check_servala_settings(app_configs, **kwargs): + """Checks all settings that should be present in all environments.""" + if app_configs: + # Don’t run if we’re meant to only test individual apps + return [] + + errors = [] + required_fields = ("URL", "DB", "USERNAME", "PASSWORD") + missing_fields = [ + field for field in required_fields if not settings.ODOO.get(field) + ] + if missing_fields: + fields = ", ".join(missing_fields) + errors.append( + CheckMessage( + level=WARNING if settings.DEBUG else ERROR, + msg=f"Missing Odoo config: {fields}", + hint="Make sure you set the required SERVALA_ODOO_* settings.", + id="servala.E001", + ) + ) + oidc_config = settings.SOCIALACCOUNT_PROVIDERS["openid_connect"]["APPS"][0] + missing_fields = [ + field for field in ("client_id", "secret") if not oidc_config.get(field) + ] + if not oidc_config["settings"]["server_url"]: + missing_fields.append("server_url") + if missing_fields: + fields = ", ".join( + [f"SERVALA_KEYCLOAK_{field.upper()}" for field in missing_fields] + ) + errors.append( + CheckMessage( + level=WARNING if settings.DEBUG else ERROR, + msg=f"Missing Keycloak config: {fields}", + id="servala.E002", + ) + ) + + if settings.SERVALA_ENVIRONMENT not in ("development", "staging", "production"): + errors.append( + CheckMessage( + level=ERROR, + msg=f"Invalid environment {settings.SERVALA_ENVIRONMENT}", + hint="Must be one of development, staging, production.", + id="servala.E003", + ) + ) + + return errors + + +@register(deploy=True) +def check_servala_production_settings(app_configs, **kwargs): + if app_configs: + # Don’t run if we’re meant to only test individual apps + return [] + + errors = [] + if settings.SERVALA_ENVIRONMENT == "development": + errors.append( + CheckMessage( + level=ERROR, + msg="Environment is set to 'development'.", + id="servala.E004", + ) + ) + if "insecure" in settings.SECRET_KEY: + errors.append( + CheckMessage( + level=ERROR, msg="Secret key contains 'insecure'.", id="servala.E005" + ) + ) + if settings.EMAIL_USE_SSL and settings.EMAIL_USE_TLS: + errors.append( + CheckMessage( + level=WARNING, + msg="Use either SSL or TLS in email config, not both!", + id="servala.W001", + ) + )