Deployment package for PennDOT - ARA-Trans/iAM GitHub Wiki
In iAM/Deployment, there is a powershell script, deploy.ps1, which automates most of the process of creating deployment packages for PennDOT and iAM-Deploy.
Before ever using the deployment script, you will need to fill in each of the iAM/Deployment/configurations subfolders (configurations/bams, configurations/bamsdev, configurations/bamssyst, configurations/iam-deploy) with an appropriate esec.config file for that configuration. Since these files will contain the client secret, they cannot be kept on the repo.
Before each time the deployment script is run, you will need to publish the C# app from within Visual Studio. Once that is done, launch the script from a powershell window where the current working directory is iAM/Deployment. (Right-clicking the script from file explorer and selecting "Run with PowerShell" will launch using the correct working directory.)
The script will ask you to confirm that you've published the C# app, then a name for the deployment package can be input, and the script will run for a few minutes. When it is done, you will find a folder with the name of the deployment in the iAM/Deployment/Deployment_Packages folder. Inside, there will be a .zip archive for each configuration. The archive will contain all 3 fully-configured apps.
The script creates the iAM-deploy package first, and will probably produce the .zip archive for iAM-deploy long before the script finishes running. As soon as the .zip archive is created, it is ready to deploy.
If the deployment script fails, here is how to manually create the deployments:
- Publish the BridgeCare application
- In the
publishfolder, go to 'bin' folder and delete 'PCI.dll' and 'PCI.pdb', if they exist. (These will not be generated any more after the PCI refactoring, but they may linger in your file system from older builds.) - If PennDOT is deploying the C# application with PCI dlls, the website is not working. So, delete those from the
binfolder. - We send 3 different packages of the C# application. For Dev, Syst (Staging) and Prod. They are the same package, just create 3 copies and name them accordingly.
- Don't worry about the connection string. PennDOT take cares of that.
- PennDOT will need an esec.config file with the following information:
<ESECConfig>
<add key="ESECBaseAddress" value=""/>
<add key="ESECClientID" value=""/>
<add key="ESECClientSecret" value=""/>
<add key="ESECRedirect" value=""/>
</ESECConfig>
The client secret has been omitted for security. It can be found in the ESEC metadata sent by Vijay. The client ID will be:
For DEV and TEST: a56bb9d5-190d-4873-afea-0767d82dd91c
For PROD: 37db8371-3f80-45d4-a4bd-48c080b2865a
The redirect URI will be one of the following:
For DEV: https://www.bamsdev.penndot.gov/Authentication/
For TEST: https://www.bamssyst.penndot.gov/Authentication/
For PROD: https://www.bams.penndot.gov/Authentication/
The base address will be:
For DEV and TEST: https://oidcservicessyst.penndot.gov/affwebservices/CASSO/oidc/BAMS/
For PROD: https://oidcservices.penndot.gov/affwebservices/CASSO/oidc/BAMS
- Take out
.vscodeand 'node_module' folder. - For the DEV and SYST builds, ensure that the contents of the file authorization/authorizationConfig.js are:
esecPublicKey: {
"kty": "RSA",
"e": "AQAB",
"use": "sig",
"kid": "6b0dd418-def7-48cf-96d2-673bb0b0244f",
"n": "47FA3w2IWeIyh7IPr0NS7OeTpC94BtMLF8JMnqUWMLmWCud26lCb6-6L45BRoALPpksNwLfeRtf_jFE8kaoiiixJPP8jhL8oAVK9vE7X4KetUNT_HKtjzkp49Rvp0tpz-UKiv0F_u5XC54PdisfgQrstRMOHKUMeQEFjpF-pg9U"
},
issuer: 'https://oidcservicessyst.penndot.gov/affwebservices/CASSO/oidc/BAMS',
clientId: 'a56bb9d5-190d-4873-afea-0767d82dd91c'
- For the PROD build, replace the authorizationConfig with:
esecPublicKey: {
"kty": "RSA",
"e": "AQAB",
"use": "sig",
"kid": "6b00ffec-d51c-435b-867f-7c870ee6945c",
"n": "sVBdiGSCsAXigGHn1KZej4aqnjZrgimUIRtL7VWx6VzEJ9fu8JsDiwx_cGkRuettINdYM9U4_akuJqITwSsTIv_VhJRYprVZJChlwObKVPLmPEs4oa4Wuk6Iy81P4jg2-7GV37ScOyD4rxxhff4F-Kh5MflYZpPUYjjJkaJcJVs"
},
issuer: 'https://oidcservices.penndot.gov/affwebservices/CASSO/oidc/BAMS',
clientId: '37db8371-3f80-45d4-a4bd-48c080b2865a'
- Send the rest of the package to PennDOT.
- For nodejs also, we will create 3 different folders with different names but all these will have the same code.
- Go to .env.production file of the Vuejs app
- Change the urls to
VUE_APP_URL = https://www.bamsdev.penndot.gov/apis
VUE_APP_NODE_URL = https://www.bamsdev.penndot.gov/node
VUE_APP_SOCKET_PATH = /node/socket.io
- Go to the src/oidc-config.ts file of the Vuejs app
- Change lines 2, 3, and 4 to:
authorizationEndpoint: 'https://oidcservicessyst.penndot.gov/affwebservices/CASSO/oidc/BAMS/authorize',
clientId: 'a56bb9d5-190d-4873-afea-0767d82dd91c',
redirectUri: 'https://www.bamsdev.penndot.gov/Authentication/'
- Run
npm run build-prod - This will be the vuejs app for PennDOT Dev server
- Now, change the urls to
VUE_APP_URL = https://www.bamssyst.penndot.gov/apis
VUE_APP_NODE_URL = https://www.bamssyst.penndot.gov/node
VUE_APP_SOCKET_PATH = /node/socket.io
- Lines 2, 3, and 4 of oidc-config.js to:
authorizationEndpoint: 'https://oidcservicessyst.penndot.gov/affwebservices/CASSO/oidc/BAMS/authorize',
clientId: 'a56bb9d5-190d-4873-afea-0767d82dd91c',
redirectUri: 'https://www.bamssyst.penndot.gov/Authentication/'
- Run
npm run build-prodagain - This will create a package for PennDOT
Test (SysT)server - Change the urls again to
VUE_APP_URL = https://www.bams.penndot.gov/apis
VUE_APP_NODE_URL = https://www.bams.penndot.gov/node
VUE_APP_SOCKET_PATH = /node/socket.io
- Lines 2, 3, and 4 of oidc-config.js to:
authorizationEndpoint: 'https://oidcservices.penndot.gov/affwebservices/CASSO/oidc/BAMS/authorize',
clientId: '37db8371-3f80-45d4-a4bd-48c080b2865a',
redirectUri: 'https://www.bams.penndot.gov/Authentication/'
- Run
npm run build-prod - This will create a package for PennDOT production server.
VUE_APP_URL = https://apis.iam-deploy.com/
VUE_APP_NODE_URL = https://node-apis.iam-deploy.com
VUE_APP_SOCKET_PATH = /socket.io
- Lines 2, 3, and 4 of oidc-config.js should be:
authorizationEndpoint: 'https://oidcservicessyst.penndot.gov/affwebservices/CASSO/oidc/BAMS/authorize',
clientId: 'a56bb9d5-190d-4873-afea-0767d82dd91c',
redirectUri: 'https://iam-deploy.com/Authentication/'
- This is the required host for our iam-deploy site when we deploy to our demo server
-
If no page is working correctly and PennDOT is getting 'Network Error'
-
Potential solution - Check the
binfolder. Make surePCIdlls are not there -
If none of the APIs are working
-
Potential solution: Check the API calls from Dev tools. Make sure they are trying to connect to the correct urls
-
Means if PennDOT is running application in Dev server, the API should contain
devin them
- In order to create a MongoDB backup, open cmd as an Admin
- Go to: 'Program Files\MongoDB\Server\4.0\bin'
- run to command 'mongodump'
- This will create a
dumpfolder insidebinfolder - Inside
dumpfolder, we are interested in onlyBridgeCaredatabase. - So delete any other database mostly there will be
admindb, delete that folder - Now, on PennDOT server, run
mongodump - This will be backup of their database. Ask them to take 'dump'folder out of
binand save it somewhere - Send the
dumpfolder which we have created on our server to PennDOT and ask them to copy it insideProgram Files\MongoDB\Server\4.0\bin - On PennDOT machine open
cmdas an Admin, navigate toProgram Files\MongoDB\Server\4.0\bin - In that path run
mongorestorecommand - It will restore the database.
- Important note: This restore will append the data, it will not delete the existing data.
- So, before restore, we can ask PennDOT to
remove all documentsfrom theBridgeCaredatabase - We already have the backup of their data. So, there is no risk of loosing it
- After restoring the MongoDB, empty
networkscollection andscenarioscollection. - We will load them by clicking the buttons on the UI of scenario page. This way we will get the latest network and scenarios from MS SQL