Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Host should not be empty - Deployment Issue #188

Open
austinsonger opened this issue Feb 11, 2025 · 16 comments
Open

Host should not be empty - Deployment Issue #188

austinsonger opened this issue Feb 11, 2025 · 16 comments
Labels
Question Further information is requested

Comments

@austinsonger
Copy link

So I am supposed to follow this to get it going?

https://c-pat.readthedocs.io/en/main/source/install/installation.html

I'm just checking, because everytime I try on my Macbook it doesn't work I get errors and I tried in AWS and I get errors to and I'm at a lost now.
@crodriguez6497
Copy link
Collaborator

Would you mind sharing the errors that you are encountering or which step of the setup process you are hung up on?

@crodriguez6497 crodriguez6497 added the Question Further information is requested label Feb 11, 2025
@austinsonger
Copy link
Author 

{"date":"2025-02-11T20:50:17.058Z","level":3,"component":"index","type":"starting","data":{"version":"1.0.0-rc.6","env":{"NODE_VERSION":"22.13.0","CPAT_OIDC_PROVIDER":"http://127.0.0.1:8080/auth/realms/RMFTools","CPAT_DB_HOST":"127.0.0.1","CPAT_DB_PORT":"3306"},"dirname":"/home/node/app/api","cwd":"/home/node/app/api"}}
{"date":"2025-02-11T20:50:17.079Z","level":3,"component":"index","type":"configuration","data":{"version":"1.0.0-rc.6","settings":{"setClassification":"U","lastAccessResolution":60,"responseValidation":"none"},"client":{"authority":"http://127.0.0.1:8080/auth/realms/RMFTools","apiBase":"api","disabled":false,"directory":"../client/dist","refreshToken":{"disabled":false},"features":{"marketplaceDisabled":false}},"stigman":{"clientId":"stig-manager","apiUrl":"http://localhost:54000/api"},"tenable":{"enabled":true,"url":""},"docs":{"disabled":false,"docsDirectory":"../../docs/_build/html"},"http":{"address":"127.0.0.1","port":8086,"maxJsonBody":"52428800","maxUpload":"52428800","rateLimit":"1000"},"database":{"acquire":30000,"dialect":"mysql","host":"127.0.0.1","idle":10000,"port":"3306","schema":"cpat","maxConnections":25,"minConnections":0,"tls":{},"revert":false,"password":false},"swaggerUi":{"enabled":false,"authority":"http://127.0.0.1:8080/auth/realms/RMFTools","server":"http://localhost:8086/api","oauth2RedirectUrl":"http://localhost:8086/api-docs/oauth2-redirect.html"},"oauth":{"clientId":"c-pat","authority":"http://127.0.0.1:8080/auth/realms/RMFTools","claims":{"scope":"scope","username":"preferred_username","servicename":"clientId","fullname":"name","firstname":"given_name","lastname":"family_name","privileges":"['realm_access']?.['roles']","email":"email"}},"log":{"level":3,"mode":"combined"}}}
{"date":"2025-02-11T20:50:19.954Z","level":1,"component":"app","type":"uncaught","data":{"generatedMessage":false,"code":"ERR_ASSERTION","actual":"","expected":true,"operator":"==","name":"AssertionError","message":"Host should not be empty","stack":"AssertionError [ERR_ASSERTION]: Host should not be empty\n    at proxy (/home/node/app/api/node_modules/express-http-proxy/index.js:27:3)\n    at Object.<anonymous> (/home/node/app/api/index.js:105:29)\n    at Module._compile (node:internal/modules/cjs/loader:1562:14)\n    at Object..js (node:internal/modules/cjs/loader:1699:10)\n    at Module.load (node:internal/modules/cjs/loader:1313:32)\n    at Function._load (node:internal/modules/cjs/loader:1123:12)\n    at TracingChannel.traceSync (node:diagnostics_channel:322:14)\n    at wrapModuleLoad (node:internal/modules/cjs/loader:217:24)\n    at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:170:5)\n    at node:internal/main/run_main_module:36:49"}}
{"date":"2025-02-11T20:54:36.137Z","level":3,"component":"index","type":"starting","data":{"version":"1.0.0-rc.6","env":{"NODE_VERSION":"22.13.0","CPAT_OIDC_PROVIDER":"http://127.0.0.1:8080/auth/realms/RMFTools","CPAT_DB_HOST":"127.0.0.1","CPAT_DB_PORT":"3306"},"dirname":"/home/node/app/api","cwd":"/home/node/app/api"}}
{"date":"2025-02-11T20:54:36.149Z","level":3,"component":"index","type":"configuration","data":{"version":"1.0.0-rc.6","settings":{"setClassification":"U","lastAccessResolution":60,"responseValidation":"none"},"client":{"authority":"http://127.0.0.1:8080/auth/realms/RMFTools","apiBase":"api","disabled":false,"directory":"../client/dist","refreshToken":{"disabled":false},"features":{"marketplaceDisabled":false}},"stigman":{"clientId":"stig-manager","apiUrl":"http://localhost:54000/api"},"tenable":{"enabled":true,"url":""},"docs":{"disabled":false,"docsDirectory":"../../docs/_build/html"},"http":{"address":"127.0.0.1","port":8086,"maxJsonBody":"52428800","maxUpload":"52428800","rateLimit":"1000"},"database":{"acquire":30000,"dialect":"mysql","host":"127.0.0.1","idle":10000,"port":"3306","schema":"cpat","maxConnections":25,"minConnections":0,"tls":{},"revert":false,"password":false},"swaggerUi":{"enabled":false,"authority":"http://127.0.0.1:8080/auth/realms/RMFTools","server":"http://localhost:8086/api","oauth2RedirectUrl":"http://localhost:8086/api-docs/oauth2-redirect.html"},"oauth":{"clientId":"c-pat","authority":"http://127.0.0.1:8080/auth/realms/RMFTools","claims":{"scope":"scope","username":"preferred_username","servicename":"clientId","fullname":"name","firstname":"given_name","lastname":"family_name","privileges":"['realm_access']?.['roles']","email":"email"}},"log":{"level":3,"mode":"combined"}}}
{"date":"2025-02-11T20:54:38.227Z","level":1,"component":"app","type":"uncaught","data":{"generatedMessage":false,"code":"ERR_ASSERTION","actual":"","expected":true,"operator":"==","name":"AssertionError","message":"Host should not be empty","stack":"AssertionError [ERR_ASSERTION]: Host should not be empty\n    at proxy (/home/node/app/api/node_modules/express-http-proxy/index.js:27:3)\n    at Object.<anonymous> (/home/node/app/api/index.js:105:29)\n    at Module._compile (node:internal/modules/cjs/loader:1562:14)\n    at Object..js (node:internal/modules/cjs/loader:1699:10)\n    at Module.load (node:internal/modules/cjs/loader:1313:32)\n    at Function._load (node:internal/modules/cjs/loader:1123:12)\n    at TracingChannel.traceSync (node:diagnostics_channel:322:14)\n    at wrapModuleLoad (node:internal/modules/cjs/loader:217:24)\n    at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:170:5)\n    at node:internal/main/run_main_module:36:49"}}
{"date":"2025-02-11T20:57:02.371Z","level":3,"component":"index","type":"starting","data":{"version":"1.0.0-rc.6","env":{"NODE_VERSION":"22.13.0","CPAT_OIDC_PROVIDER":"http://127.0.0.1:8080/auth/realms/RMFTools","CPAT_DB_HOST":"127.0.0.1","CPAT_DB_PORT":"3306"},"dirname":"/home/node/app/api","cwd":"/home/node/app/api"}}
{"date":"2025-02-11T20:57:02.384Z","level":3,"component":"index","type":"configuration","data":{"version":"1.0.0-rc.6","settings":{"setClassification":"U","lastAccessResolution":60,"responseValidation":"none"},"client":{"authority":"http://127.0.0.1:8080/auth/realms/RMFTools","apiBase":"api","disabled":false,"directory":"../client/dist","refreshToken":{"disabled":false},"features":{"marketplaceDisabled":false}},"stigman":{"clientId":"stig-manager","apiUrl":"http://localhost:54000/api"},"tenable":{"enabled":true,"url":""},"docs":{"disabled":false,"docsDirectory":"../../docs/_build/html"},"http":{"address":"127.0.0.1","port":8086,"maxJsonBody":"52428800","maxUpload":"52428800","rateLimit":"1000"},"database":{"acquire":30000,"dialect":"mysql","host":"127.0.0.1","idle":10000,"port":"3306","schema":"cpat","maxConnections":25,"minConnections":0,"tls":{},"revert":false,"password":false},"swaggerUi":{"enabled":false,"authority":"http://127.0.0.1:8080/auth/realms/RMFTools","server":"http://localhost:8086/api","oauth2RedirectUrl":"http://localhost:8086/api-docs/oauth2-redirect.html"},"oauth":{"clientId":"c-pat","authority":"http://127.0.0.1:8080/auth/realms/RMFTools","claims":{"scope":"scope","username":"preferred_username","servicename":"clientId","fullname":"name","firstname":"given_name","lastname":"family_name","privileges":"['realm_access']?.['roles']","email":"email"}},"log":{"level":3,"mode":"combined"}}}
{"date":"2025-02-11T20:57:05.103Z","level":1,"component":"app","type":"uncaught","data":{"generatedMessage":false,"code":"ERR_ASSERTION","actual":"","expected":true,"operator":"==","name":"AssertionError","message":"Host should not be empty","stack":"AssertionError [ERR_ASSERTION]: Host should not be empty\n    at proxy (/home/node/app/api/node_modules/express-http-proxy/index.js:27:3)\n    at Object.<anonymous> (/home/node/app/api/index.js:105:29)\n    at Module._compile (node:internal/modules/cjs/loader:1562:14)\n    at Object..js (node:internal/modules/cjs/loader:1699:10)\n    at Module.load (node:internal/modules/cjs/loader:1313:32)\n    at Function._load (node:internal/modules/cjs/loader:1123:12)\n    at TracingChannel.traceSync (node:diagnostics_channel:322:14)\n    at wrapModuleLoad (node:internal/modules/cjs/loader:217:24)\n    at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:170:5)\n    at node:internal/main/run_main_module:36:49"}}

@austinsonger austinsonger changed the title Deployment Issue Host should not be empty - Deployment Issue Feb 11, 2025
@austinsonger
Copy link
Author

austinsonger commented Feb 11, 2025
edited
Loading 

~ via 🐍 on ☁️  (us-east-1) 
❯ docker run --name c-pat-new -d \
  -p 8086:8086 \
  -e CPAT_DB_HOST=127.0.0.1 \
  -e CPAT_DB_PORT=3306 \
  -e CPAT_DB_USER=cpat_user \
  -e CPAT_DB_PASSWORD=cpat_pass \
  -e CPAT_OIDC_PROVIDER=http://127.0.0.1:8080/auth/realms/RMFTools \
  nswccrane/c-pat

48058a08bc8766b775eeec7ff266230ae80c8ca05f2af3d4013c597af034fc4d

~ via 🐍 on ☁️  (us-east-1) 
❯ docker logs -f c-pat-new

{"date":"2025-02-11T21:03:51.741Z","level":3,"component":"index","type":"starting","data":{"version":"1.0.0-rc.6","env":{"NODE_VERSION":"22.13.0","CPAT_OIDC_PROVIDER":"http://127.0.0.1:8080/auth/realms/RMFTools","CPAT_DB_PASSWORD":"*","CPAT_DB_HOST":"127.0.0.1","CPAT_DB_USER":"cpat_user","CPAT_DB_PORT":"3306"},"dirname":"/home/node/app/api","cwd":"/home/node/app/api"}}
{"date":"2025-02-11T21:03:51.751Z","level":3,"component":"index","type":"configuration","data":{"version":"1.0.0-rc.6","settings":{"setClassification":"U","lastAccessResolution":60,"responseValidation":"none"},"client":{"authority":"http://127.0.0.1:8080/auth/realms/RMFTools","apiBase":"api","disabled":false,"directory":"../client/dist","refreshToken":{"disabled":false},"features":{"marketplaceDisabled":false}},"stigman":{"clientId":"stig-manager","apiUrl":"http://localhost:54000/api"},"tenable":{"enabled":true,"url":""},"docs":{"disabled":false,"docsDirectory":"../../docs/_build/html"},"http":{"address":"127.0.0.1","port":8086,"maxJsonBody":"52428800","maxUpload":"52428800","rateLimit":"1000"},"database":{"acquire":30000,"dialect":"mysql","host":"127.0.0.1","idle":10000,"port":"3306","schema":"cpat","username":"cpat_user","maxConnections":25,"minConnections":0,"tls":{},"revert":false,"password":true},"swaggerUi":{"enabled":false,"authority":"http://127.0.0.1:8080/auth/realms/RMFTools","server":"http://localhost:8086/api","oauth2RedirectUrl":"http://localhost:8086/api-docs/oauth2-redirect.html"},"oauth":{"clientId":"c-pat","authority":"http://127.0.0.1:8080/auth/realms/RMFTools","claims":{"scope":"scope","username":"preferred_username","servicename":"clientId","fullname":"name","firstname":"given_name","lastname":"family_name","privileges":"['realm_access']?.['roles']","email":"email"}},"log":{"level":3,"mode":"combined"}}}
{"date":"2025-02-11T21:03:53.295Z","level":1,"component":"app","type":"uncaught","data":{"generatedMessage":false,"code":"ERR_ASSERTION","actual":"","expected":true,"operator":"==","name":"AssertionError","message":"Host should not be empty","stack":"AssertionError [ERR_ASSERTION]: Host should not be empty\n    at proxy (/home/node/app/api/node_modules/express-http-proxy/index.js:27:3)\n    at Object.<anonymous> (/home/node/app/api/index.js:105:29)\n    at Module._compile (node:internal/modules/cjs/loader:1562:14)\n    at Object..js (node:internal/modules/cjs/loader:1699:10)\n    at Module.load (node:internal/modules/cjs/loader:1313:32)\n    at Function._load (node:internal/modules/cjs/loader:1123:12)\n    at TracingChannel.traceSync (node:diagnostics_channel:322:14)\n    at wrapModuleLoad (node:internal/modules/cjs/loader:217:24)\n    at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:170:5)\n    at node:internal/main/run_main_module:36:49"}}

~ via 🐍 on ☁️  (us-east-1) 
❯ docker exec -it c-pat-new env

Error response from daemon: container 48058a08bc8766b775eeec7ff266230ae80c8ca05f2af3d4013c597af034fc4d is not running

~ via 🐍 v3.10.13 on ☁️  (us-east-1) 
❯ docker rm -f c-pat-new
docker run --name c-pat-new -d \
  -p 8086:8086 \
  -e CPAT_DB_HOST=127.0.0.1 \
  -e CPAT_DB_PORT=3306 \
  -e CPAT_DB_USER=cpat_user \
  -e CPAT_DB_PASSWORD=cpat_pass \
  -e CPAT_OIDC_PROVIDER=http://127.0.0.1:8080/auth/realms/RMFTools \
  -e CPAT_API_HOST=http://127.0.0.1:8086 \
  nswccrane/c-pat

c-pat-new
1f3df76fed13f9d71925083eadd0121e5258c13afa3b6240f1a7bc999464f5ce

~ via 🐍 v3.10.13 on ☁️  (us-east-1) 
❯ docker logs -f c-pat-new

{"date":"2025-02-11T21:05:20.853Z","level":3,"component":"index","type":"starting","data":{"version":"1.0.0-rc.6","env":{"NODE_VERSION":"22.13.0","CPAT_OIDC_PROVIDER":"http://127.0.0.1:8080/auth/realms/RMFTools","CPAT_DB_PASSWORD":"*","CPAT_DB_HOST":"127.0.0.1","CPAT_DB_USER":"cpat_user","CPAT_API_HOST":"http://127.0.0.1:8086","CPAT_DB_PORT":"3306"},"dirname":"/home/node/app/api","cwd":"/home/node/app/api"}}
{"date":"2025-02-11T21:05:20.864Z","level":3,"component":"index","type":"configuration","data":{"version":"1.0.0-rc.6","settings":{"setClassification":"U","lastAccessResolution":60,"responseValidation":"none"},"client":{"authority":"http://127.0.0.1:8080/auth/realms/RMFTools","apiBase":"api","disabled":false,"directory":"../client/dist","refreshToken":{"disabled":false},"features":{"marketplaceDisabled":false}},"stigman":{"clientId":"stig-manager","apiUrl":"http://localhost:54000/api"},"tenable":{"enabled":true,"url":""},"docs":{"disabled":false,"docsDirectory":"../../docs/_build/html"},"http":{"address":"127.0.0.1","port":8086,"maxJsonBody":"52428800","maxUpload":"52428800","rateLimit":"1000"},"database":{"acquire":30000,"dialect":"mysql","host":"127.0.0.1","idle":10000,"port":"3306","schema":"cpat","username":"cpat_user","maxConnections":25,"minConnections":0,"tls":{},"revert":false,"password":true},"swaggerUi":{"enabled":false,"authority":"http://127.0.0.1:8080/auth/realms/RMFTools","server":"http://localhost:8086/api","oauth2RedirectUrl":"http://localhost:8086/api-docs/oauth2-redirect.html"},"oauth":{"clientId":"c-pat","authority":"http://127.0.0.1:8080/auth/realms/RMFTools","claims":{"scope":"scope","username":"preferred_username","servicename":"clientId","fullname":"name","firstname":"given_name","lastname":"family_name","privileges":"['realm_access']?.['roles']","email":"email"}},"log":{"level":3,"mode":"combined"}}}
{"date":"2025-02-11T21:05:22.692Z","level":1,"component":"app","type":"uncaught","data":{"generatedMessage":false,"code":"ERR_ASSERTION","actual":"","expected":true,"operator":"==","name":"AssertionError","message":"Host should not be empty","stack":"AssertionError [ERR_ASSERTION]: Host should not be empty\n    at proxy (/home/node/app/api/node_modules/express-http-proxy/index.js:27:3)\n    at Object.<anonymous> (/home/node/app/api/index.js:105:29)\n    at Module._compile (node:internal/modules/cjs/loader:1562:14)\n    at Object..js (node:internal/modules/cjs/loader:1699:10)\n    at Module.load (node:internal/modules/cjs/loader:1313:32)\n    at Function._load (node:internal/modules/cjs/loader:1123:12)\n    at TracingChannel.traceSync (node:diagnostics_channel:322:14)\n    at wrapModuleLoad (node:internal/modules/cjs/loader:217:24)\n    at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:170:5)\n    at node:internal/main/run_main_module:36:49"}}

~ via 🐍 v3.10.13 on ☁️  (us-east-1) 
❯ docker exec -it c-pat-new ls /home/node/app/api

Error response from daemon: container 1f3df76fed13f9d71925083eadd0121e5258c13afa3b6240f1a7bc999464f5ce is not running

~ via 🐍 v3.10.13 on ☁️  (us-east-1) 
❯ docker rm -f c-pat-new
docker run --name c-pat-new -d \
  -p 8086:8086 \
  -e CPAT_DB_HOST=127.0.0.1 \
  -e CPAT_DB_PORT=3306 \
  -e CPAT_DB_USER=cpat_user \
  -e CPAT_DB_PASSWORD=cpat_pass \
  -e CPAT_OIDC_PROVIDER=http://127.0.0.1:8080/auth/realms/RMFTools \
  -e CPAT_API_HOST=http://127.0.0.1:8086 \
  -e STIGMAN_API_URL=http://127.0.0.1:54000/api \
  -e TENABLE_URL=http://127.0.0.1:55000 \
  nswccrane/c-pat

c-pat-new
101cc1b0eb1a32d33cd2919abd811b5d7783e5d5dc865ef850fe2b3be21b1a2c

~ via 🐍 on ☁️  (us-east-1) 
❯ docker exec -it c-pat-new env | grep CPAT
docker exec -it c-pat-new env | grep STIGMAN
docker exec -it c-pat-new env | grep TENABLE

CPAT_DB_HOST=127.0.0.1
CPAT_DB_PORT=3306
CPAT_DB_USER=cpat_user
CPAT_DB_PASSWORD=cpat_pass
CPAT_OIDC_PROVIDER=http://127.0.0.1:8080/auth/realms/RMFTools
CPAT_API_HOST=http://127.0.0.1:8086
STIGMAN_API_URL=http://127.0.0.1:54000/api
TENABLE_URL=http://127.0.0.1:55000

~ via 🐍 on ☁️  (us-east-1) 
❯ 


~ via 🐍 on ☁️  (us-east-1) 
❯ docker exec -it c-pat-new sh

~/app/api $ cd /home/node/app/api
~/app/api $ cat index.js | nl | grep 105 -A 5 -B 5
   100	        next(e)
   101	    }
   102	})
   103	
   104	if (config.tenable.enabled) {
   105	    app.use('/api/tenable', proxy(config.tenable.url, {
   106	        proxyReqPathResolver: function (req) {
   107	            const baseUrl = config.tenable.url.endsWith('/')
   108	                ? config.tenable.url.slice(0, -1)
   109	                : config.tenable.url;
   110	            const path = '/rest' + req.url.replace('/api/tenable', '');
~/app/api $ %                                                                                                                                             
~ via 🐍 v3.10.13 on ☁️  (us-east-1) took 15s 
❯

@crodriguez6497
Copy link
Collaborator 

{"date":"2025-02-11T20:50:17.058Z","level":3,"component":"index","type":"starting","data":{"version":"1.0.0-rc.6","env":{"NODE_VERSION":"22.13.0","CPAT_OIDC_PROVIDER":"http://127.0.0.1:8080/auth/realms/RMFTools","CPAT_DB_HOST":"127.0.0.1","CPAT_DB_PORT":"3306"},"dirname":"/home/node/app/api","cwd":"/home/node/app/api"}}
{"date":"2025-02-11T20:50:17.079Z","level":3,"component":"index","type":"configuration","data":{"version":"1.0.0-rc.6","settings":{"setClassification":"U","lastAccessResolution":60,"responseValidation":"none"},"client":{"authority":"http://127.0.0.1:8080/auth/realms/RMFTools","apiBase":"api","disabled":false,"directory":"../client/dist","refreshToken":{"disabled":false},"features":{"marketplaceDisabled":false}},"stigman":{"clientId":"stig-manager","apiUrl":"http://localhost:54000/api"},"tenable":{"enabled":true,"url":""},"docs":{"disabled":false,"docsDirectory":"../../docs/_build/html"},"http":{"address":"127.0.0.1","port":8086,"maxJsonBody":"52428800","maxUpload":"52428800","rateLimit":"1000"},"database":{"acquire":30000,"dialect":"mysql","host":"127.0.0.1","idle":10000,"port":"3306","schema":"cpat","maxConnections":25,"minConnections":0,"tls":{},"revert":false,"password":false},"swaggerUi":{"enabled":false,"authority":"http://127.0.0.1:8080/auth/realms/RMFTools","server":"http://localhost:8086/api","oauth2RedirectUrl":"http://localhost:8086/api-docs/oauth2-redirect.html"},"oauth":{"clientId":"c-pat","authority":"http://127.0.0.1:8080/auth/realms/RMFTools","claims":{"scope":"scope","username":"preferred_username","servicename":"clientId","fullname":"name","firstname":"given_name","lastname":"family_name","privileges":"['realm_access']?.['roles']","email":"email"}},"log":{"level":3,"mode":"combined"}}}
{"date":"2025-02-11T20:50:19.954Z","level":1,"component":"app","type":"uncaught","data":{"generatedMessage":false,"code":"ERR_ASSERTION","actual":"","expected":true,"operator":"==","name":"AssertionError","message":"Host should not be empty","stack":"AssertionError [ERR_ASSERTION]: Host should not be empty\n    at proxy (/home/node/app/api/node_modules/express-http-proxy/index.js:27:3)\n    at Object.<anonymous> (/home/node/app/api/index.js:105:29)\n    at Module._compile (node:internal/modules/cjs/loader:1562:14)\n    at Object..js (node:internal/modules/cjs/loader:1699:10)\n    at Module.load (node:internal/modules/cjs/loader:1313:32)\n    at Function._load (node:internal/modules/cjs/loader:1123:12)\n    at TracingChannel.traceSync (node:diagnostics_channel:322:14)\n    at wrapModuleLoad (node:internal/modules/cjs/loader:217:24)\n    at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:170:5)\n    at node:internal/main/run_main_module:36:49"}}
{"date":"2025-02-11T20:54:36.137Z","level":3,"component":"index","type":"starting","data":{"version":"1.0.0-rc.6","env":{"NODE_VERSION":"22.13.0","CPAT_OIDC_PROVIDER":"http://127.0.0.1:8080/auth/realms/RMFTools","CPAT_DB_HOST":"127.0.0.1","CPAT_DB_PORT":"3306"},"dirname":"/home/node/app/api","cwd":"/home/node/app/api"}}
{"date":"2025-02-11T20:54:36.149Z","level":3,"component":"index","type":"configuration","data":{"version":"1.0.0-rc.6","settings":{"setClassification":"U","lastAccessResolution":60,"responseValidation":"none"},"client":{"authority":"http://127.0.0.1:8080/auth/realms/RMFTools","apiBase":"api","disabled":false,"directory":"../client/dist","refreshToken":{"disabled":false},"features":{"marketplaceDisabled":false}},"stigman":{"clientId":"stig-manager","apiUrl":"http://localhost:54000/api"},"tenable":{"enabled":true,"url":""},"docs":{"disabled":false,"docsDirectory":"../../docs/_build/html"},"http":{"address":"127.0.0.1","port":8086,"maxJsonBody":"52428800","maxUpload":"52428800","rateLimit":"1000"},"database":{"acquire":30000,"dialect":"mysql","host":"127.0.0.1","idle":10000,"port":"3306","schema":"cpat","maxConnections":25,"minConnections":0,"tls":{},"revert":false,"password":false},"swaggerUi":{"enabled":false,"authority":"http://127.0.0.1:8080/auth/realms/RMFTools","server":"http://localhost:8086/api","oauth2RedirectUrl":"http://localhost:8086/api-docs/oauth2-redirect.html"},"oauth":{"clientId":"c-pat","authority":"http://127.0.0.1:8080/auth/realms/RMFTools","claims":{"scope":"scope","username":"preferred_username","servicename":"clientId","fullname":"name","firstname":"given_name","lastname":"family_name","privileges":"['realm_access']?.['roles']","email":"email"}},"log":{"level":3,"mode":"combined"}}}
{"date":"2025-02-11T20:54:38.227Z","level":1,"component":"app","type":"uncaught","data":{"generatedMessage":false,"code":"ERR_ASSERTION","actual":"","expected":true,"operator":"==","name":"AssertionError","message":"Host should not be empty","stack":"AssertionError [ERR_ASSERTION]: Host should not be empty\n    at proxy (/home/node/app/api/node_modules/express-http-proxy/index.js:27:3)\n    at Object.<anonymous> (/home/node/app/api/index.js:105:29)\n    at Module._compile (node:internal/modules/cjs/loader:1562:14)\n    at Object..js (node:internal/modules/cjs/loader:1699:10)\n    at Module.load (node:internal/modules/cjs/loader:1313:32)\n    at Function._load (node:internal/modules/cjs/loader:1123:12)\n    at TracingChannel.traceSync (node:diagnostics_channel:322:14)\n    at wrapModuleLoad (node:internal/modules/cjs/loader:217:24)\n    at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:170:5)\n    at node:internal/main/run_main_module:36:49"}}
{"date":"2025-02-11T20:57:02.371Z","level":3,"component":"index","type":"starting","data":{"version":"1.0.0-rc.6","env":{"NODE_VERSION":"22.13.0","CPAT_OIDC_PROVIDER":"http://127.0.0.1:8080/auth/realms/RMFTools","CPAT_DB_HOST":"127.0.0.1","CPAT_DB_PORT":"3306"},"dirname":"/home/node/app/api","cwd":"/home/node/app/api"}}
{"date":"2025-02-11T20:57:02.384Z","level":3,"component":"index","type":"configuration","data":{"version":"1.0.0-rc.6","settings":{"setClassification":"U","lastAccessResolution":60,"responseValidation":"none"},"client":{"authority":"http://127.0.0.1:8080/auth/realms/RMFTools","apiBase":"api","disabled":false,"directory":"../client/dist","refreshToken":{"disabled":false},"features":{"marketplaceDisabled":false}},"stigman":{"clientId":"stig-manager","apiUrl":"http://localhost:54000/api"},"tenable":{"enabled":true,"url":""},"docs":{"disabled":false,"docsDirectory":"../../docs/_build/html"},"http":{"address":"127.0.0.1","port":8086,"maxJsonBody":"52428800","maxUpload":"52428800","rateLimit":"1000"},"database":{"acquire":30000,"dialect":"mysql","host":"127.0.0.1","idle":10000,"port":"3306","schema":"cpat","maxConnections":25,"minConnections":0,"tls":{},"revert":false,"password":false},"swaggerUi":{"enabled":false,"authority":"http://127.0.0.1:8080/auth/realms/RMFTools","server":"http://localhost:8086/api","oauth2RedirectUrl":"http://localhost:8086/api-docs/oauth2-redirect.html"},"oauth":{"clientId":"c-pat","authority":"http://127.0.0.1:8080/auth/realms/RMFTools","claims":{"scope":"scope","username":"preferred_username","servicename":"clientId","fullname":"name","firstname":"given_name","lastname":"family_name","privileges":"['realm_access']?.['roles']","email":"email"}},"log":{"level":3,"mode":"combined"}}}
{"date":"2025-02-11T20:57:05.103Z","level":1,"component":"app","type":"uncaught","data":{"generatedMessage":false,"code":"ERR_ASSERTION","actual":"","expected":true,"operator":"==","name":"AssertionError","message":"Host should not be empty","stack":"AssertionError [ERR_ASSERTION]: Host should not be empty\n    at proxy (/home/node/app/api/node_modules/express-http-proxy/index.js:27:3)\n    at Object.<anonymous> (/home/node/app/api/index.js:105:29)\n    at Module._compile (node:internal/modules/cjs/loader:1562:14)\n    at Object..js (node:internal/modules/cjs/loader:1699:10)\n    at Module.load (node:internal/modules/cjs/loader:1313:32)\n    at Function._load (node:internal/modules/cjs/loader:1123:12)\n    at TracingChannel.traceSync (node:diagnostics_channel:322:14)\n    at wrapModuleLoad (node:internal/modules/cjs/loader:217:24)\n    at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:170:5)\n    at node:internal/main/run_main_module:36:49"}}

Change TENABLE_ENABLED to false and CPAT_CLIENT_DIRECTORY to ../client/dist/browser

If you still encounter issues after these changes, can you provide updated logs?

@austinsonger
Copy link
Author

So I made this script so I can eventually get it so I don't have to keep forgetting what I've tried.

#!/bin/bash

# Define network and IP addresses
NETWORK_NAME="cpat_network"
SUBNET="192.168.1.0/24"
MYSQL_CONTAINER="c-pat-mysql"
KEYCLOAK_CONTAINER="keycloak"
CPAT_CONTAINER="c-pat"

# Directory to store logs
LOG_DIR="./container_logs"
mkdir -p "$LOG_DIR"

# Function to check if a container is running
is_container_running() {
    docker inspect -f '{{.State.Running}}' "$1" 2>/dev/null | grep -q "true"
}

# Function to export container logs
export_logs() {
    local container_name=$1
    local log_file="$LOG_DIR/${container_name}_logs.txt"
    echo "Exporting logs for $container_name to $log_file..."
    docker logs "$container_name" > "$log_file" 2>&1
}

# Function to wait for MySQL to be ready
wait_for_mysql() {
    local host=$1
    local port=$2
    local max_retries=30
    local count=0

    echo "Waiting for MySQL at $host:$port to be ready..."
    while ! docker exec "$MYSQL_CONTAINER" mysqladmin ping -h"$host" -P"$port" --silent; do
        sleep 2
        count=$((count + 1))
        if [[ $count -ge $max_retries ]]; then
            echo "❌ ERROR: MySQL at $host:$port is not ready after $max_retries attempts. Check logs!"
            export_logs "$MYSQL_CONTAINER"
            exit 1
        fi
        echo "Attempt $count: MySQL not ready yet. Retrying in 2 seconds..."
    done
    echo "✅ MySQL at $host:$port is ready!"
}

# Function to wait for Keycloak to be ready
wait_for_keycloak() {
    local host=$1
    local port=$2
    local max_retries=60  # Increased retries for Keycloak
    local count=0

    echo "Waiting for Keycloak at $host:$port to be ready..."
    while ! curl -s "http://$host:$port" >/dev/null; do
        sleep 2
        count=$((count + 1))
        if [[ $count -ge $max_retries ]]; then
            echo "❌ ERROR: Keycloak at $host:$port is not ready after $max_retries attempts. Check logs!"
            export_logs "$KEYCLOAK_CONTAINER"
            exit 1
        fi
        echo "Attempt $count: Keycloak not ready yet. Retrying in 2 seconds..."
    done
    echo "✅ Keycloak at $host:$port is ready!"
}

# Function to wait for CPAT to be ready
wait_for_service() {
    local host=$1
    local port=$2
    local max_retries=30
    local count=0

    echo "Waiting for $host:$port to be ready..."
    while ! nc -z "$host" "$port"; do
        sleep 2
        count=$((count + 1))
        if [[ $count -ge $max_retries ]]; then
            echo "❌ ERROR: $host:$port is not ready after $max_retries attempts. Check logs!"
            export_logs "$CPAT_CONTAINER"
            exit 1
        fi
        echo "Attempt $count: $host:$port not ready yet. Retrying in 2 seconds..."
    done
    echo "✅ $host:$port is ready!"
}

# Step 1: Create Docker network if it doesn't exist
if ! docker network inspect "$NETWORK_NAME" &>/dev/null; then
    echo "Creating Docker network $NETWORK_NAME..."
    docker network create --subnet "$SUBNET" "$NETWORK_NAME"
else
    echo "✅ Docker network $NETWORK_NAME already exists."
fi

# Step 2: Pull required images
echo "Pulling latest Docker images..."
docker pull nswccrane/c-pat:latest
docker pull mysql:latest
docker pull quay.io/keycloak/keycloak:latest

# Step 3: Start MySQL
if is_container_running "$MYSQL_CONTAINER"; then
    echo "✅ MySQL is already running."
else
    if docker ps -a --format "{{.Names}}" | grep -q "^$MYSQL_CONTAINER$"; then
        echo "Starting existing MySQL container..."
        docker start "$MYSQL_CONTAINER"
    else
        echo "Creating and starting new MySQL container..."
        docker run --name "$MYSQL_CONTAINER" -d \
            --network "$NETWORK_NAME" \
            -e MYSQL_ROOT_PASSWORD=root \
            -e MYSQL_DATABASE=cpat \
            -e MYSQL_USER=cpat_user \
            -e MYSQL_PASSWORD=cpat_pass \
            -p 3306:3306 \
            mysql:latest
    fi
    wait_for_mysql "$MYSQL_CONTAINER" 3306

    # Grant necessary privileges to cpat_user
    echo "Granting privileges to cpat_user..."
    docker exec "$MYSQL_CONTAINER" mysql -uroot -proot -e "GRANT SUPER, SYSTEM_VARIABLES_ADMIN, SESSION_VARIABLES_ADMIN ON *.* TO 'cpat_user'@'%'; FLUSH PRIVILEGES;"
fi

# Step 4: Start Keycloak
if is_container_running "$KEYCLOAK_CONTAINER"; then
    echo "✅ Keycloak is already running."
else
    if docker ps -a --format "{{.Names}}" | grep -q "^$KEYCLOAK_CONTAINER$"; then
        echo "Starting existing Keycloak container..."
        docker start "$KEYCLOAK_CONTAINER"
    else
        echo "Creating and starting new Keycloak container..."
        docker run --name "$KEYCLOAK_CONTAINER" -d \
            --network "$NETWORK_NAME" \
            -p 8080:8080 \
            -e KEYCLOAK_ADMIN=admin \
            -e KEYCLOAK_ADMIN_PASSWORD=admin \
            quay.io/keycloak/keycloak:latest start-dev
    fi
    wait_for_keycloak "$KEYCLOAK_CONTAINER" 8080
fi

# Step 5: Configure Keycloak Realm
echo "Configuring Keycloak Realm 'RMFTools'..."
echo "Please manually configure the 'RMFTools' realm in Keycloak at http://localhost:8080/admin/"
echo "1. Log in with username 'admin' and password 'admin'."
echo "2. Create a new realm named 'RMFTools'."
echo "3. Configure the realm as required by CPAT."
read -p "Press Enter to continue after configuring the realm..."

# Step 6: Start CPAT
if is_container_running "$CPAT_CONTAINER"; then
    echo "✅ CPAT is already running."
else
    if docker ps -a --format "{{.Names}}" | grep -q "^$CPAT_CONTAINER$"; then
        echo "Starting existing CPAT container..."
        docker start "$CPAT_CONTAINER"
    else
        echo "Creating and starting new CPAT container..."
        docker run --name "$CPAT_CONTAINER" -d \
            --network "$NETWORK_NAME" \
            -p 8086:8086 \
            -e CPAT_DB_HOST="$MYSQL_CONTAINER" \
            -e CPAT_DB_PORT=3306 \
            -e CPAT_DB_USER=cpat_user \
            -e CPAT_DB_PASSWORD=cpat_pass \
            -e CPAT_OIDC_PROVIDER="http://$KEYCLOAK_CONTAINER:8080/auth/realms/RMFTools" \
            -e CPAT_API_HOST="http://$CPAT_CONTAINER:8086" \
            -e STIGMAN_API_URL=http://127.0.0.1:54000/api \
            -e TENABLE_ENABLED=false \
            -e CPAT_CLIENT_DIRECTORY="../client/dist/browser" \
            nswccrane/c-pat
    fi
    wait_for_service "$CPAT_CONTAINER" 8086
fi

# Final verification
echo "Verifying running services..."
docker ps | grep -E "$MYSQL_CONTAINER|$KEYCLOAK_CONTAINER|$CPAT_CONTAINER"

# Export logs for all containers
export_logs "$MYSQL_CONTAINER"
export_logs "$KEYCLOAK_CONTAINER"
export_logs "$CPAT_CONTAINER"

echo "✅ Setup complete! CPAT is now running. 🚀"
echo "Container logs have been exported to $LOG_DIR/"

Script Output

❯ bash /Users/austin-songer/Downloads/cpat-source.sh 
✅ Docker network cpat_network already exists.
Pulling latest Docker images...
latest: Pulling from nswccrane/c-pat
Digest: sha256:0317aed67b2c6663a9cf523c0a752ae44410d020e5ec6bd5fde61a5c9f5ddffe
Status: Image is up to date for nswccrane/c-pat:latest
docker.io/nswccrane/c-pat:latest
latest: Pulling from library/mysql
Digest: sha256:b842a59bfaf81ea435b65be7e041c280416df8d295457f64c7c1445484464123
Status: Image is up to date for mysql:latest
docker.io/library/mysql:latest
latest: Pulling from keycloak/keycloak
Digest: sha256:b6283921ddaf76da5bde3a0b980ceef476ac105d7eec8d200914c5432279a27c
Status: Image is up to date for quay.io/keycloak/keycloak:latest
quay.io/keycloak/keycloak:latest
Creating and starting new MySQL container...
71ccd70462770d1508a9db6a9526567542b9caf9c96149ca65ca9a3e4ac211c2
Waiting for MySQL at c-pat-mysql:3306 to be ready...
Attempt 1: MySQL not ready yet. Retrying in 2 seconds...
Attempt 2: MySQL not ready yet. Retrying in 2 seconds...
Attempt 3: MySQL not ready yet. Retrying in 2 seconds...
Attempt 4: MySQL not ready yet. Retrying in 2 seconds...
Attempt 5: MySQL not ready yet. Retrying in 2 seconds...
Attempt 6: MySQL not ready yet. Retrying in 2 seconds...
✅ MySQL at c-pat-mysql:3306 is ready!
Granting privileges to cpat_user...
mysql: [Warning] Using a password on the command line interface can be insecure.
Creating and starting new Keycloak container...
428be52f15802499b16f10ba1b71efd3dac0f37ce804867217e4d33535d77b36
Waiting for Keycloak at keycloak:8080 to be ready...
Attempt 1: Keycloak not ready yet. Retrying in 2 seconds...

MySql Logs

❯ docker logs -f c-pat-mysql
2025-02-11 23:39:42+00:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 9.2.0-1.el9 started.
2025-02-11 23:39:43+00:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
2025-02-11 23:39:43+00:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 9.2.0-1.el9 started.
2025-02-11 23:39:43+00:00 [Note] [Entrypoint]: Initializing database files
2025-02-11T23:39:43.442081Z 0 [System] [MY-015017] [Server] MySQL Server Initialization - start.
2025-02-11T23:39:43.444336Z 0 [System] [MY-013169] [Server] /usr/sbin/mysqld (mysqld 9.2.0) initializing of server in progress as process 86
2025-02-11T23:39:43.455414Z 1 [System] [MY-013576] [InnoDB] InnoDB initialization has started.
2025-02-11T23:39:43.740328Z 1 [System] [MY-013577] [InnoDB] InnoDB initialization has ended.
2025-02-11T23:39:45.297511Z 6 [Warning] [MY-010453] [Server] root@localhost is created with an empty password ! Please consider switching off the --initialize-insecure option.
2025-02-11T23:39:47.605122Z 0 [System] [MY-015018] [Server] MySQL Server Initialization - end.
2025-02-11 23:39:47+00:00 [Note] [Entrypoint]: Database files initialized
2025-02-11 23:39:47+00:00 [Note] [Entrypoint]: Starting temporary server
2025-02-11T23:39:47.651721Z 0 [System] [MY-015015] [Server] MySQL Server - start.
2025-02-11T23:39:47.860525Z 0 [System] [MY-010116] [Server] /usr/sbin/mysqld (mysqld 9.2.0) starting as process 143
2025-02-11T23:39:47.878395Z 1 [System] [MY-013576] [InnoDB] InnoDB initialization has started.
2025-02-11T23:39:48.261424Z 1 [System] [MY-013577] [InnoDB] InnoDB initialization has ended.
2025-02-11T23:39:48.743071Z 0 [Warning] [MY-010068] [Server] CA certificate ca.pem is self signed.
2025-02-11T23:39:48.743205Z 0 [System] [MY-013602] [Server] Channel mysql_main configured to support TLS. Encrypted connections are now supported for this channel.
2025-02-11T23:39:48.747640Z 0 [Warning] [MY-011810] [Server] Insecure configuration for --pid-file: Location '/var/run/mysqld' in the path is accessible to all OS users. Consider choosing a different directory.
2025-02-11T23:39:48.782905Z 0 [System] [MY-011323] [Server] X Plugin ready for connections. Socket: /var/run/mysqld/mysqlx.sock
2025-02-11T23:39:48.783046Z 0 [System] [MY-010931] [Server] /usr/sbin/mysqld: ready for connections. Version: '9.2.0'  socket: '/var/run/mysqld/mysqld.sock'  port: 0  MySQL Community Server - GPL.
2025-02-11 23:39:48+00:00 [Note] [Entrypoint]: Temporary server started.
'/var/lib/mysql/mysql.sock' -> '/var/run/mysqld/mysqld.sock'
Warning: Unable to load '/usr/share/zoneinfo/iso3166.tab' as time zone. Skipping it.
Warning: Unable to load '/usr/share/zoneinfo/leap-seconds.list' as time zone. Skipping it.
Warning: Unable to load '/usr/share/zoneinfo/leapseconds' as time zone. Skipping it.
Warning: Unable to load '/usr/share/zoneinfo/tzdata.zi' as time zone. Skipping it.
Warning: Unable to load '/usr/share/zoneinfo/zone.tab' as time zone. Skipping it.
Warning: Unable to load '/usr/share/zoneinfo/zone1970.tab' as time zone. Skipping it.
2025-02-11 23:39:53+00:00 [Note] [Entrypoint]: Creating database cpat
2025-02-11 23:39:53+00:00 [Note] [Entrypoint]: Creating user cpat_user
2025-02-11 23:39:53+00:00 [Note] [Entrypoint]: Giving user cpat_user access to schema cpat

2025-02-11 23:39:53+00:00 [Note] [Entrypoint]: Stopping temporary server
2025-02-11T23:39:53.255785Z 14 [System] [MY-013172] [Server] Received SHUTDOWN from user root. Shutting down mysqld (Version: 9.2.0).
2025-02-11T23:39:53.989216Z 0 [System] [MY-010910] [Server] /usr/sbin/mysqld: Shutdown complete (mysqld 9.2.0)  MySQL Community Server - GPL.
2025-02-11T23:39:53.989269Z 0 [System] [MY-015016] [Server] MySQL Server - end.
2025-02-11 23:39:54+00:00 [Note] [Entrypoint]: Temporary server stopped

2025-02-11 23:39:54+00:00 [Note] [Entrypoint]: MySQL init process done. Ready for start up.

2025-02-11T23:39:54.285848Z 0 [System] [MY-015015] [Server] MySQL Server - start.
2025-02-11T23:39:54.484601Z 0 [System] [MY-010116] [Server] /usr/sbin/mysqld (mysqld 9.2.0) starting as process 1
2025-02-11T23:39:54.492927Z 1 [System] [MY-013576] [InnoDB] InnoDB initialization has started.
2025-02-11T23:39:54.754939Z 1 [System] [MY-013577] [InnoDB] InnoDB initialization has ended.
2025-02-11T23:39:55.043436Z 0 [Warning] [MY-010068] [Server] CA certificate ca.pem is self signed.
2025-02-11T23:39:55.043514Z 0 [System] [MY-013602] [Server] Channel mysql_main configured to support TLS. Encrypted connections are now supported for this channel.
2025-02-11T23:39:55.046915Z 0 [Warning] [MY-011810] [Server] Insecure configuration for --pid-file: Location '/var/run/mysqld' in the path is accessible to all OS users. Consider choosing a different directory.
2025-02-11T23:39:55.078887Z 0 [System] [MY-011323] [Server] X Plugin ready for connections. Bind-address: '::' port: 33060, socket: /var/run/mysqld/mysqlx.sock
2025-02-11T23:39:55.079291Z 0 [System] [MY-010931] [Server] /usr/sbin/mysqld: ready for connections. Version: '9.2.0'  socket: '/var/run/mysqld/mysqld.sock'  port: 3306  MySQL Community Server - GPL.

Keycloak


❯ docker logs -f keycloak
Updating the configuration and installing your custom providers, if any. Please wait.
2025-02-11 23:40:01,183 WARN  [io.qua.config] (build-39) Unrecognized configuration key "quarkus.smallrye-health.extensions.enabled" was provided; it will be ignored; verify that the dependency extension for this configuration is set or that you did not make a typo
2025-02-11 23:40:03,003 INFO  [io.qua.hib.orm.dep.HibernateOrmProcessor] (build-3) Persistence unit 'keycloak-default': Enforcing Quarkus defaults for dialect 'org.hibernate.dialect.H2Dialect' by automatically setting 'jakarta.persistence.database-product-version=2.3.230'.
2025-02-11 23:40:03,008 INFO  [io.qua.hib.orm.dep.HibernateOrmProcessor] (build-3) A legacy persistence.xml file is present in the classpath. This file will be used to configure JPA/Hibernate ORM persistence units, and any configuration of the Hibernate ORM extension will be ignored. To ignore persistence.xml files instead, set the configuration property 'quarkus.hibernate-orm.persistence-xml.ignore' to 'true'.
2025-02-11 23:40:09,910 INFO  [io.qua.dep.QuarkusAugmentor] (main) Quarkus augmentation completed in 10510ms
Running the server in development mode. DO NOT use this configuration in production.
2025-02-11 23:40:12,206 WARN  [io.quarkus.config] (main) Unrecognized configuration key "quarkus.smallrye-health.extensions.enabled" was provided; it will be ignored; verify that the dependency extension for this configuration is set or that you did not make a typo
2025-02-11 23:40:17,334 INFO  [org.keycloak.quarkus.runtime.storage.infinispan.CacheManagerFactory] (ForkJoinPool.commonPool-worker-1) Starting Infinispan embedded cache manager
2025-02-11 23:40:17,467 INFO  [io.agroal.pool] (JPA Startup Thread) Datasource '<default>': Initial size smaller than min. Connections will be created when necessary
2025-02-11 23:40:17,573 INFO  [org.infinispan.CONTAINER] (ForkJoinPool.commonPool-worker-1) Virtual threads support enabled
2025-02-11 23:40:17,923 INFO  [org.infinispan.CONTAINER] (ForkJoinPool.commonPool-worker-1) ISPN000556: Starting user marshaller 'org.infinispan.commons.marshall.ImmutableProtoStreamMarshaller'
2025-02-11 23:40:18,522 INFO  [org.infinispan.transaction.lookup.JBossStandaloneJTAManagerLookup] (ForkJoinPool.commonPool-worker-1) ISPN000107: Retrieving transaction manager Transaction: unknown
2025-02-11 23:40:20,736 INFO  [org.keycloak.quarkus.runtime.storage.database.liquibase.QuarkusJpaUpdaterProvider] (main) Initializing database schema. Using changelog META-INF/jpa-changelog-master.xml
2025-02-11 23:40:25,527 WARN  [io.agroal.pool] (main) Datasource '<default>': JDBC resources leaked: 1 ResultSet(s) and 0 Statement(s)
2025-02-11 23:40:26,184 INFO  [org.keycloak.connections.infinispan.DefaultInfinispanConnectionProviderFactory] (main) Node name: node_679677, Site name: null
2025-02-11 23:40:26,490 INFO  [org.keycloak.broker.provider.AbstractIdentityProviderMapper] (main) Registering class org.keycloak.broker.provider.mappersync.ConfigSyncEventListener
2025-02-11 23:40:26,606 INFO  [org.keycloak.services] (main) KC-SERVICES0050: Initializing master realm
2025-02-11 23:40:29,808 WARN  [org.keycloak.services] (main) KC-SERVICES0110: Environment variable 'KEYCLOAK_ADMIN' is deprecated, use 'KC_BOOTSTRAP_ADMIN_USERNAME' instead
2025-02-11 23:40:29,808 WARN  [org.keycloak.services] (main) KC-SERVICES0110: Environment variable 'KEYCLOAK_ADMIN_PASSWORD' is deprecated, use 'KC_BOOTSTRAP_ADMIN_PASSWORD' instead
2025-02-11 23:40:30,114 INFO  [org.keycloak.services] (main) KC-SERVICES0077: Created temporary admin user with username admin
2025-02-11 23:40:30,207 WARN  [io.agroal.pool] (main) Datasource '<default>': JDBC resources leaked: 1 ResultSet(s) and 0 Statement(s)
2025-02-11 23:40:30,399 INFO  [io.quarkus] (main) Keycloak 26.1.2 on JVM (powered by Quarkus 3.15.3) started in 20.239s. Listening on: http://0.0.0.0:8080
2025-02-11 23:40:30,400 INFO  [io.quarkus] (main) Profile dev activated. 
2025-02-11 23:40:30,400 INFO  [io.quarkus] (main) Installed features: [agroal, cdi, hibernate-orm, jdbc-h2, keycloak, narayana-jta, opentelemetry, reactive-routes, rest, rest-jackson, smallrye-context-propagation, vertx]

@austinsonger
Copy link
Author

Just checking back in @crodriguez6497

@crodriguez6497
Copy link
Collaborator

Just checking back in @crodriguez6497

Your script output terminates at waiting for keycloak. It appears from the individual outputs that MySQL and keycloak are initialized but the logs don't show the holistic flow where keycloak initialization finishes and C-PAT is started? Is there another issue you're encountering now?

@austinsonger
Copy link
Author

I got past the initial issue and now I'm hung up at this place where MySQL starts fine and then Keycloak starts, but hangs and never finishes. I have the script so it goes

          MySQL > Keycloak > C-PAT

For Each Container, One Doesn't Start Until the Previous One Finishes

@austinsonger
Copy link
Author

All I'm trying to do is test this thing out.

@crodriguez6497
Copy link
Collaborator

I got past the initial issue and now I'm hung up at this place where MySQL starts fine and then Keycloak starts, but hangs and never finishes. I have the script so it goes

          MySQL > Keycloak > C-PAT

For Each Container, One Doesn't Start Until the Previous One Finishes

The logs look like keycloak is started. In my experience, starting them at the same time or running sequentially should work fine. C-PAT will retry if keycloak is not available right away. And I apologize but I may have led you in the wrong direction with the client dir, in RC.6 client/dist is still the appropriate structure.

I'm out of the office until next week but if you aren't able to resolve it today feel free to send me an email (top of the API spec) and I can coordinate a time to hop on a call next week and assist with setup if you would like. Alternatively, feel free to continue posting logs or issues here.

@crodriguez6497
Copy link
Collaborator

@austinsonger

Just wanted to follow up and see if you were able to get this resolved?

@austinsonger
Copy link
Author

Nah. I have not.

@austinsonger
Copy link
Author

What are the steps you do to make it work?

@crodriguez6497
Copy link
Collaborator

crodriguez6497 commented Feb 24, 2025
edited
Loading

@austinsonger

https://streamable.com/omio5p

I made a short video that may be of assistance. This was recorded on a fresh windows VM. Of note, I am not running mysql containerized.

Going step-by-step:

  1. Create the 'cpat' and 'stigman' database schema.
CREATE SCHEMA `cpat` ;
CREATE SCHEMA `stigman` ;
  1. Update docker-compose with IP instead of localhost. (This requirement may vary by deployment type. For containers in Hyper-V this was a requirement)

docker-compose.yml

services:
  stig-manager:
    image: nuwcdivnpt/stig-manager:latest
    container_name: stig-manager
    ports:
      - "54000:54000"
    environment:
      STIGMAN_DB_HOST: {YOUR IP HERE}
      STIGMAN_DB_PORT: 3306
      STIGMAN_DB_USER: root
      STIGMAN_DB_PASSWORD: root
      STIGMAN_OIDC_PROVIDER: http://{YOUR IP HERE}:8080/realms/RMFTools
      STIGMAN_API_ADDRESS: 127.0.0.1
      STIGMAN_SWAGGER_ENABLED: true
      STIGMAN_EXPERIMENTAL_APPDATA: true
    restart: unless-stopped
  cpat:
    image: nswccrane/c-pat:1.0.0-rc.8
    container_name: c-pat
    ports:
      - "8086:8086"
    environment:
      CPAT_DB_USER: root
      CPAT_DB_PASSWORD: root
      TENABLE_ENABLED: false
      CPAT_OIDC_PROVIDER: http://{YOUR IP HERE}:8080/realms/RMFTools
      CPAT_DB_HOST: {YOUR IP HERE}
    restart: unless-stopped
  c-pat-auth:
    image: nswccrane/c-pat-auth:latest
    container_name: c-pat-auth
    ports:
      - "8080:8080"
    restart: unless-stopped
  1. Pull, build, and run containers.
cd {path/to/docker-compose}
docker-compose up -d

  1. Wait for keycloak to start. As you can see in the video, this takes 10-15 seconds. Subsequently, navigate to localhost:8080.

  2. (Optional) You can use the default users that are deployed with the sample RMF Tools realm, however, I opted to create a new user. First, navigate to the RMFTools realm.
    5.1. Under the 'Users' tab, click 'Add User'
    5.2. Enter the user details and click 'Create'
    5.3. Under the 'Credentials' tab of the newly created user, click 'Set Password'.
    5.4. Enter desired password. For demo purposes, toggle 'Temporary' off.
    5.5. Under the 'Role Mapping' tab of the newly created user, click 'Assign role'.
    5.6. Toggle the dropdown in the top left that is labeled 'Filter by clients' and select 'Filter by realm roles'.
    5.7. Select 'admin', 'cpat_write', 'create_collection', and 'user'. Click 'Assign'.

  3. (OPTIONAL) I opted to import some sample data into STIG Manager. If you would like to do the same, sample data can be downloaded from the STIG Manager repo.
    6.1. Navigate to localhost:54000
    6.2. Expand the 'Application Management' section and select 'Export/Import Data'
    6.3. Click 'Replace Application Data' and import the sample data. Refresh once complete.
    6.4. Within the Users component under 'Application Management', select your user and assign permissions as appropriate.

  4. Navigate to C-PAT at localhost:8086

  5. Select the Admin Portal button from the sidebar on the left side of the page, or navigate to localhost:8086/admin-processing

  6. (OPTIONAL) If you opted to import sample data into STIG Manager, you can first navigate to the STIG Manager tab and import some sample collections.

  7. Navigate to the User Management tab and select your user profile. Set the 'Account Status' to 'Active'. If you imported sample data, you can also navigate to the 'Collection Permissions' section and assign permissions as necessary.

  8. Save your user. If you have collection permissions, you can now navigate to a collection.

NOTE: You MUST sign in with an admin user or you will receive a status message that your account is not activated.

@austinsonger
Copy link
Author

Just getting a lot of the same.

What would the docker-compose file look like if I used a database in AWS lightsail

@crodriguez6497
Copy link
Collaborator

crodriguez6497 commented Feb 26, 2025
edited
Loading

Just getting a lot of the same.

What would the docker-compose file look like if I used a database in AWS lightsail

cpat:
  image: nswccrane/c-pat:1.0.0-rc.8
  container_name: c-pat
  ports:
    - "8086:8086"
  environment:
    CPAT_API_ADDRESS: "0.0.0.0"
    CPAT_DB_HOST: {mysql.amazonaws.com}
    CPAT_DB_PORT: 3306
    CPAT_DB_USER: {mysql-username}
    CPAT_DB_PASSWORD: {mysql-password}
    CPAT_DB_SCHEMA: cpat
    CPAT_OIDC_PROVIDER: http://{YOUR IP HERE}:8080/realms/RMFTools
    TENABLE_ENABLED: false
  restart: unless-stopped

If your Lightsail instance uses SSL/TLS, you may also need to configure these environment variables:

CPAT_DB_TLS_CA_FILE: {location of ca.pem}
CPAT_DB_TLS_CERT_FILE: {location of client-cert.pem}
CPAT_DB_TLS_KEY_FILE: {location of client-key.pem}

You could try setting CPAT_API_ADDRESS: "0.0.0.0" and STIGMAN_API_ADDRESS: "0.0.0.0" for each respective service. Otherwise, I am at a loss here. I have tried in a few different environments and I can't seem to recreate these issues. My offer still stands, if you want to send me an email to plan out a time, I would be happy to hop on a call and help troubleshoot these issues to get you up and running with a test instance.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@austinsonger @crodriguez6497