A FastAPI backend for blog with OpenTelemtry and Jaeger

fike, updated 🕥 2023-01-13 00:35:27

# A FastAPI sample It's a FastAPI implementation as the backend for a blog system. This project's a funny goal to apply things that I'm learning. Things that you see here like telemetry using open source projects, CRUD using REST, and GraphQL (I hope that I have time to do that). ## Dependencies * Poetry * SQLAlmechy * Alembic for migrations * OpenTelemtry for instrumentation * Docker * Docker-Compose * Jaeger * Next.js * React * Make ## How to use Use make command to run inside a docker container, it'll expose the port 8000 and access using URL: `http://localhost:8000`. I'm not sure if a makefile runs in the Powershell, probably yes but I suggest using [WSL2](https://docs.microsoft.com/windows/wsl/install-win10). The frontend is in the early stage but you can see access: `http://localhost:3000/`. **Up and run**: ```bash make dev-up ``` !["Screenshot with REST backend endpoints"](/assets/fastapi_blog_endpoints.png) This repo is instrumented by OpenTelemtry and export metric to Jaeger that starts together with the app by Docker-Compose, to access: `http://localhost:16686/` ### Tests To run tests will up a PostgreSQL container and expose 5433 port to populate. The report will write in `htmlcov` dir. ```bash make test-app ``` ### Run and watch on the Jaeger things breaking The FastAPI code here was OpenTelemetry instrumented and to export Traces to Jaeger. If you want to see a break simulation, follow the steps below. #### Install dependencies ```bash python -m venv .venv pip install poetry poetry install ``` #### Start FastAPI, PostgreSQL and Jaeger ```bash make dev-up ``` [![asciicast](https://asciinema.org/a/395681.svg)](https://asciinema.org/a/395681) #### Open another shell session and run `populate_posts.py` to create users and posts samples. ```bash opentelemetry-instrument tests/populate_posts.py ``` [![asciicast](https://asciinema.org/a/395680.svg)](https://asciinema.org/a/395680) #### Break things Open a third shell session to stop Postgres, this will break the FastAPI app. You'll see error messages in the log and the script client on the console. Stop Postgres, wait some seconds or a minute, start Postgres again. ```bash make dev-db-kill sleep 30 make dev-db-start ``` [![asciicast](https://asciinema.org/a/395681.svg)](https://asciinema.org/a/395681) #### Stop populate script Stop the `populate_posts.py` scritpt (`ctrl+c`), go to Jaeger UI (http://localhost:16686/). If everything fine (or fail... 😁), you'll see on Jaeger like screenshots below. * **FastAPI errors exported by OpenTelemetry to Jaeger** !["jaeger traces errors"](/assets/jaeger_traces.png) * **An error detail from the client request and server**. !["an example of errors in the jaeger"](/assets/jaeger_trace_error.png) ## Known issues * Some Opentelemetry warnings will show when tests ran. ## TODO * ~~Pagination~~ * CORS * Token authentication * GraphQL * Improve Token * SAML/Oauth2 * Run tests in container * ~~Autentication~~ * Implement UI (React) * Helm Chart * Improvement tests with tox * ~~Implement a default path (**/**)~~ * Custom Limit and Offset * ~~Add script to ingest samples~~ * ~~CI tests~~

Issues

Bump actions/setup-python from 4.1.0 to 4.5.0

opened on 2023-01-13 00:35:22 by dependabot[bot]

Bumps actions/setup-python from 4.1.0 to 4.5.0.

Release notes

Sourced from actions/setup-python's releases.

Fix cache issue for Poetry projects located in subfolders

In scope of this release we fixed cache issue for Poetry projects located in subfolders (actions/setup-python#446). Besides that we updated json5 version from 2.2.0 to 2.2.3 (actions/setup-python#579).

Add support to install multiple python versions

In scope of this release we added support to install multiple python versions. For this you can try to use this snippet:
    - uses: actions/[email protected]
      with:
        python-version: |
            3.8
            3.9
            3.10
Besides, we changed logic with throwing the error for GHES if cache is unavailable to warn (actions/setup-python#566).

Improve error handling and messages

In scope of this release we added improved error message to put operating system and its version in the logs (actions/setup-python#559). Besides, the release

fixes issue about specifying architecture for pypy-nightly on Windows with related pull request.

improves error handling for Http Errors (actions/setup-python#511).

updates minimatch (actions/setup-python#558).

v4.3.0

Update @actions/core to 1.10.0 version #517

Update @actions/cache to 3.0.4 version #499

Only use github.token on github.com #443

Improvement of documentation #477 #479 #491 #492

Add check-latest input and bug fixes

In scope of this release we add the check-latest input. If check-latest is set to true, the action first checks if the cached version is the latest one. If the locally cached version is not the most up-to-date, the version will then be downloaded from python-versions repository. By default check-latest is set to false. For PyPy it will to try to reach https://downloads.python.org/pypy/versions.json

Example of usage:
steps:
  - uses: actions/[email protected]
  - uses: actions/[email protected]
    with:
      python-version: '3.9'
      check-latest: true
  - run: python --version
Besides, it includes such changes as

Resolved logs for python-version and file inputs: actions/setup-python#465

Added linux os release info to primary key: actions/setup-python#467

Added fix to change Python versions for poetry: actions/setup-python#445

Fix Tool Path handling for self-hosted runners: actions/setup-python#466

Commits

d27e3f3 Fix outdated ref to actions/[email protected] in doc (#581)
dec86ec Bump json5 from 2.2.0 to 2.2.3 (#579)
4dcd676 Update CODEOWNERS (#576)
8b89ef0 Use correct Poetry config when collecting Poetry projects (#447)
5ccb29d Install multiple python versions (#567)
c3e0339 Update action to use reusable workflows (#569)
206e984 refactor: Use early return pattern to avoid nested conditions (#566)
2c3dd9e Add OS info to the error message (#559)
76bbdfa Update minimatch (#558)
1aafadc Caching projects that use setup.py (#549)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bump json5 from 2.2.0 to 2.2.3 in /frontend

opened on 2023-01-07 05:59:24 by dependabot[bot]

Bumps json5 from 2.2.0 to 2.2.3.

Release notes

Sourced from json5's releases.

v2.2.3

Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

Changelog

Sourced from json5's changelog.

v2.2.3 [code, diff]

Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

Commits

c3a7524 2.2.3
94fd06d docs: update CHANGELOG for v2.2.3
3b8cebf docs(security): use GitHub security advisories
f0fd9e1 docs: publish a security policy
6a91a05 docs(template): bug -> bug report
14f8cb1 2.2.2
10cc7ca docs: update CHANGELOG for v2.2.2
7774c10 fix: add proto to objects and arrays
edde30a Readme: slight tweak to intro
97286f8 Improve example in readme
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

Bump certifi from 2021.10.8 to 2022.12.7 in /backend

opened on 2022-12-08 14:03:37 by dependabot[bot]

Bumps certifi from 2021.10.8 to 2022.12.7.

Commits

9e9e840 2022.12.07
b81bdb2 2022.09.24
939a28f 2022.09.14
aca828a 2022.06.15.2
de0eae1 Only use importlib.resources's new files() / Traversable API on Python ≥3.11 ...
b8eb5e9 2022.06.15.1
47fb7ab Fix deprecation warning on Python 3.11 (#199)
b0b48e0 fixes #198 -- update link in license
9d514b4 2022.06.15
4151e88 Add py.typed to MANIFEST.in to package in sdist (#196)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

Bump protobuf from 3.19.4 to 3.19.5 in /backend

opened on 2022-09-23 22:10:20 by dependabot[bot]

Bumps protobuf from 3.19.4 to 3.19.5.

Release notes

Sourced from protobuf's releases.

Protocol Buffers v3.19.5

C++

Reduce memory consumption of MessageSet parsing

This release addresses a Security Advisory for C++ and Python users

Commits

b464cfb Updating changelog
40859fb Updating version.json and repo version numbers to: 19.5
3b175f1 Merge pull request #10543 from deannagarcia/3.19.x
c05b5f3 Add missing includes
0299c03 Apply patch
0a722f1 Update version.json with "lts": true (#10533)
d5eb60a Merge pull request #10530 from protocolbuffers/deannagarcia-patch-6
6cf1f78 Update version.json
97fc844 Merge pull request #10504 from deannagarcia/3.19.x
29d60a2 Add version file
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

Bump mako from 1.2.0 to 1.2.2 in /backend

opened on 2022-09-16 19:08:06 by dependabot[bot]

Bumps mako from 1.2.0 to 1.2.2.

Release notes

Sourced from mako's releases.

1.2.2

Released: Mon Aug 29 2022

bug

[bug] [lexer] Fixed issue in lexer where the regexp used to match tags would not correctly interpret quoted sections individually. While this parsing issue still produced the same expected tag structure later on, the mis-handling of quoted sections was also subject to a regexp crash if a tag had a large number of quotes within its quoted sections.

References: #366

1.2.1

Released: Thu Jun 30 2022

bug

[bug] [tests] Various fixes to the test suite in the area of exception message rendering to accommodate for variability in Python versions as well as Pygments.

References: #360

misc

[performance] Optimized some codepaths within the lexer/Python code generation process, improving performance for generation of templates prior to their being cached. Pull request courtesy Takuto Ikuta.

References: #361

Commits

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

Releases

Initial release 2021-03-02 12:57:55

Fernando ike

GitHub Repository

fastapi jaeger opentelemetry sqlalchemy pytest docker nextjs react psotgresql instrumentation