mirror of
https://github.com/fhswf/aki_prj23_transparenzregister.git
synced 2025-04-24 17:12:34 +02:00
a51f271315
Bumps [pip-audit](https://github.com/pypa/pip-audit) from 2.6.2 to 2.6.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip-audit/releases">pip-audit's releases</a>.</em></p> <blockquote> <h2>v2.6.3</h2> <h2>What's Changed</h2> <ul> <li>build(deps): bump actions/upload-pages-artifact from 2.0.0 to 3.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/pypa/pip-audit/pull/713">pypa/pip-audit#713</a></li> <li>build(deps): bump actions/deploy-pages from 3.0.1 to 4.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/pypa/pip-audit/pull/712">pypa/pip-audit#712</a></li> <li>build(deps-dev): update ruff requirement from <0.1.9 to <0.1.10 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/pypa/pip-audit/pull/714">pypa/pip-audit#714</a></li> <li>Allow build with cyclonedx-python-lib 6.0.0+ by <a href="https://github.com/sunpoet"><code>@sunpoet</code></a> in <a href="https://redirect.github.com/pypa/pip-audit/pull/715">pypa/pip-audit#715</a></li> <li>build(deps): bump actions/deploy-pages from 4.0.0 to 4.0.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/pypa/pip-audit/pull/716">pypa/pip-audit#716</a></li> <li>build(deps-dev): update ruff requirement from <0.1.10 to <0.1.12 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/pypa/pip-audit/pull/717">pypa/pip-audit#717</a></li> <li>_cli: remove a misleading warning by <a href="https://github.com/woodruffw"><code>@woodruffw</code></a> in <a href="https://redirect.github.com/pypa/pip-audit/pull/719">pypa/pip-audit#719</a></li> <li>prep 2.6.3 by <a href="https://github.com/tetsuo-cpp"><code>@tetsuo-cpp</code></a> in <a href="https://redirect.github.com/pypa/pip-audit/pull/720">pypa/pip-audit#720</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/sunpoet"><code>@sunpoet</code></a> made their first contribution in <a href="https://redirect.github.com/pypa/pip-audit/pull/715">pypa/pip-audit#715</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/pypa/pip-audit/compare/v2.6.2...v2.6.3">https://github.com/pypa/pip-audit/compare/v2.6.2...v2.6.3</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip-audit/blob/main/CHANGELOG.md">pip-audit's changelog</a>.</em></p> <blockquote> <h2>[2.6.3]</h2> <h3>Fixed</h3> <ul> <li>Removed a misleading warning message that resulted in user confusion (<a href="https://redirect.github.com/pypa/pip-audit/pull/719">#719</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="c2f4bd7ce9"><code>c2f4bd7</code></a> prep 2.6.3 (<a href="https://redirect.github.com/pypa/pip-audit/issues/720">#720</a>)</li> <li><a href="f6cdd44381"><code>f6cdd44</code></a> _cli: remove a misleading warning (<a href="https://redirect.github.com/pypa/pip-audit/issues/719">#719</a>)</li> <li><a href="8b99913074"><code>8b99913</code></a> build(deps-dev): update ruff requirement from <0.1.10 to <0.1.12 (<a href="https://redirect.github.com/pypa/pip-audit/issues/717">#717</a>)</li> <li><a href="1fd67af065"><code>1fd67af</code></a> build(deps): bump actions/deploy-pages from 4.0.0 to 4.0.2 (<a href="https://redirect.github.com/pypa/pip-audit/issues/716">#716</a>)</li> <li><a href="edc93c3fb4"><code>edc93c3</code></a> Allow build with cyclonedx-python-lib 6.0.0+ (<a href="https://redirect.github.com/pypa/pip-audit/issues/715">#715</a>)</li> <li><a href="2dd185f9db"><code>2dd185f</code></a> build(deps-dev): update ruff requirement from <0.1.9 to <0.1.10 (<a href="https://redirect.github.com/pypa/pip-audit/issues/714">#714</a>)</li> <li><a href="e664426bc0"><code>e664426</code></a> build(deps): bump actions/deploy-pages from 3.0.1 to 4.0.0 (<a href="https://redirect.github.com/pypa/pip-audit/issues/712">#712</a>)</li> <li><a href="8b1d122ee7"><code>8b1d122</code></a> build(deps): bump actions/upload-pages-artifact from 2.0.0 to 3.0.0 (<a href="https://redirect.github.com/pypa/pip-audit/issues/713">#713</a>)</li> <li>See full diff in <a href="https://github.com/pypa/pip-audit/compare/v2.6.2...v2.6.3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
README.md of the aki_prj23_transparenzregister
Contributions
See the CONTRIBUTING.md about how code should be formatted and what kind of rules we set ourselves.
Defined entrypoints
The project has currently the following entrypoint available:
- data-transformation > Transfers all the data from the mongodb into the sql db to make it available as production data.
- data-processing > Processes the data using NLP methods and transfers matched data into the SQL table ready for use.
- reset-sql > Resets all sql tables in the connected db.
- copy-sql > Copys the content of a db to another db.
- webserver > Starts the webserver showing the analysis results.
- find-missing-companies > Retrieves meta information of companies referenced by others but not yet part of the dataset.
- ingest > Scheduled data ingestion of news articles as well as missing companies and financial data.
All entrypoints support the -h argument that shows a short help text.
Applikation startup
Central Build
The packages / container built by GitHub are accessible for users that are logged into the GitHub Container Registry (GHCR) with a Personal Access token via Docker.
Run docker login ghcr.io to start that process. The complete docs on logging in can be found here.
The application can than be simply started with docker compose up --pull.
Please note that some configuration with a .env is necessary.
Local Build
The application can be locally build by starting the rebuild-and-start.bat, if poetry and docker-compose is installed.
This will build a current *.whl and build the Docker container locally.
The configuration that start like this is the local-docker-compose.yaml.
Please note that some configuration with a .env is necessary.
Application Settings
Docker configuration / Environmental-Variables
The current design of this application suggests that it is started inside a docker-compose configuration.
For docker-compose this is commonly done by providing a .env file in the root folder.
To use the environmental configuration start an application part with the ENV argument (webserver ENV).
# Defines the container registry used. Default: "ghcr.io/fhswf/aki_prj23_transparenzregister"
CR=ghcr.io/fhswf/aki_prj23_transparenzregister
# main is the tag the main branch is taged with and is currently in use
TAG=latest
# Configures the access port for the webserver.
# Default: "80" (local only)
HTTP_PORT: 8888
# configures where the application root is based. Default: "/"
DASH_URL_BASE_PATHNAME=/transparenzregister/
# Enables basic auth for the application.
# Diabled when one is empty. Default: Disabled
PYTHON_DASH_LOGIN_USERNAME=some-login-to-webgui
PYTHON_DASH_LOGIN_PW=some-pw-to-login-to-webgui
# How often data should be ingested in houres, Default: "4"
PYTHON_INGEST_SCHEDULE=12
# Settings for NER Service
# possible values: "spacy", "company_list", "transformer", Default: "transformer"
PYTHON_NER_METHOD=transformer
# possible values: "text", "title", Default: "text"
PYTHON_NER_DOC=text
# Settings for Sentiment Service
# possible values: "spacy", "transformer", Default: "transformer"
PYTHON_SENTIMENT_METHOD=transformer
# possible values: "text", "title", Default: "text"
PYTHON_SENTIMENT_DOC=text
# Acces to the mongo db
PYTHON_MONGO_USERNAME=username
PYTHON_MONGO_HOST=mongodb
PYTHON_MONGO_PASSWORD=password
PYTHON_MONGO_PORT=27017
PYTHON_MONGO_DATABASE=transparenzregister
# Acces to the postress sql db
PYTHON_POSTGRES_USERNAME=username
PYTHON_POSTGRES_PASSWORD=password
PYTHON_POSTGRES_HOST=postgres-host
PYTHON_POSTGRES_DATABASE=db-name
PYTHON_POSTGRES_PORT=5432
# An overwrite path to an sqlite db, overwrites the POSTGRES section
PYTHON_SQLITE_PATH=PathToSQLite3.db
Local execution / config file
Create a *.json in the root of this repo with the following structure
(values to be replaces by desired config):
Please note that an sqlite entry overwrites the postgres entry.
To use the *.json use the path to it as an argument when using an entrypoint (webserver secrets.json).
{
"sqlite": "path-to-sqlite.db",
"postgres": {
"username": "username",
"password": "password",
"host": "localhost",
"database": "db-name",
"port": 5432
},
"mongo": {
"username": "username",
"password": "password",
"host": "localhost",
"database": "transparenzregister",
"port": 27017
}
}
sqlite vs. postgres
We support both sqlite and postgres because a local db is filled in about 10% of the time the remote db needs to be completed.
Even tough we use the sqlite for testing the connection can't manage multithreading or multiprocessing.
This clashes with the webserver. For production mode use the postgres-db.
Re-Enable Actions & Dependabot
After the project is over all computation using parts should be turned off.
To enable all the features please enable the GitHub Actions first. The following image shows where the buttons to enable the actions can be found.
Additionally, it is recommended to enable Dependabot.
Please note that patches are currently only demanded for critical security fixes.
Use poetry update prior to restarting the project to update all the python dependencies.
Note that both security updates and alerts should be enabled.
