Quick Start
10 minute read
This guide will:
- Ensure you have all prerequisites
- Set up your base Lapis server
- Set up Graphite and SPA
This guide assumes you are using Ubuntu and using the recommended setup by running the services with docker.
Windows Users
Windows will not be provided on new devices. It is strongly recommended that Ubuntu is used within Engineering.
If you are running Windows, please refer to the Windows Setup guide first, before proceeding.
Information
Connecting to other micro-services may require configuring your.env
file to point at shared AWS experimental services, or pulling micro-service containers locally and further configuring your local docker containers to talk to each other which is out of scope for this guide.
Some general technical onboarding information (software, online courses, etc.) can be found here.
Account access
Before beginning this guide, ensure you have access to the accounts listed in the self-signup info page.
1Password
After your first login to 1Password, contact IT support and request access to the engineering vaults.Setup script
intelliHR has a .dotfiles repo designed to automate most of this setup process. If you have your account access sorted, download / clone a copy of the repo into either ~/.dotfiles
or ~/dotfiles
and follow the instructions in the readme.
Prerequisites
1Password
Make sure that you have access to the intelliHR 1Password account. If you do not have access to this, please email it@intellihr.com.
Set up a SSH key
Generate a key for use when cloning via SSH
ssh-keygen -t ed25519 -C "<first>.<last>@intellihr.com"
ssh-add ~/.ssh/id_ed25519
cat ~/.ssh/id_ed25519.pub
You will see some output similar to the following
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAmlCEgfePcCM00y08gYokUUjHgl487IHVJynqMdwkUQ john.doe@intellihr.com
Copy all of this text and paste it into the form to add an SSH key to you GitLab account.
Optionally, if you also require access to GitHub you will need to add an SSH key to your GitHub account.
Important
This key is a replacement for your username and password. It is vitally important that you do not share this key with anyone.Global Git Config
Configure your installed Git to globally use the same username / email address so you don’t have to configure per repository:
git config --global user.name "<first> <last>"
git config --global user.email "<first>.<last>@intellihr.com"
intelliHR uses a rebase=true
pull strategy to avoid issues when submitting merge requests. You can read more about this strategy and why it’s more useful than a simple fast-forward strategy here. Configure your Git to globally use this strategy:
git config --global pull.rebase true
Since all engineers work in the same repositories, there are lots of branches created over time. Because of this, it is highly recommended that you also configure Git to prune dead branches on fetch/pull:
git config --global fetch.prune true
Docker
The intelliHR stack run on top of Docker and Docker Compose. Both of these will be needed to run the application locally during development.
Docker recently released a version of Docker Desktop for Linux. This is not recommended at this point in time due to slowdowns when running the application via Docker Desktop.
Instead it is recommended that the latest version of Docker is installed instead, via the apt repositories.
Once Docker has been installed, you will need to make sure that you can run Docker containers without sudo
access. You can follow the guide on the Docker site on how to Manage Docker as a non-root user, or run the following
sudo groupadd docker
sudo usermod -aG docker $USER
You will need to log out and log back in again. Once complete you should be able to run Docker containers without requiring `sudo
docker run hello-world
Docker compose (deprecated)
Docker Compose used to require its own installation, however, the latest versions of the Installing Docker Engine guide will make sure that docker-compose-plugin
is installed as part of the process.
Configuring local SSL certificates for HTTPS
When working locally you will be required to work on an HTTPS version of your site, similar to how the site is hosted in production. The standard Lapis containers support hosting an HTTPS version of the site, however, we will need to generate some SSL certificates and mount them into the container, along with the configuration file for it to work.
Follow the instructions in Local SSL Certificates for HTTPS in order to set this up.
GitLab Container Registry
Most of the main intelliHR Docker images are stored within GitLab Container Registries. In order to access these you must authenticate yourself with the Docker daemon.
-
Generate a token with your GitLab profile that has
Read registry
permissions and copy the token to the clipboard -
Register your username and token with the Docker daemon
docker login \ -u="<gitlab.username>" \ -p="<gitlab.token>" \ registry.gitlab.com
Quay.io Container Registry (optional)
There are some containers that remain on our Quay.io container registry. You should only need to do this if your team say that it is required, otherwise you can skip this step.
-
Log in to Quay.io
-
Go to Account Settings -> Docker CLI Password -> Generate encrypted password
-
Copy the full login details from the “Docker” tab on the left hand side
-
Register your username and token with the Docker daemon by pasting the command into your terminal
docker login \ -u="<quay.username>" \ -p="<quay.token>" \ quay.io
For UI Components (optional)
These steps will only be needed if you plan on making changes to the ui-components
repository. Unless your team tells you that this is needed, you can skip these steps.
Install Node.js 18
curl -fsSL "https://deb.nodesource.com/setup_18.x" | sudo -E bash -
sudo apt update
sudo apt autoremove
sudo apt install -y nodejs
If you have an issue in upgrading node, you can uninstall old NodeJS completely by using the following commands.
sudo apt-get purge nodejs
sudo apt-get autoremove
Install yarn 1.x
curl -sS "https://dl.yarnpkg.com/debian/pubkey.gpg" | sudo apt-key add -
echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
sudo apt update
sudo apt install yarn
Extras
VSCode users may want to check out Useful VSCode Extensions.
Setting up the Lapis service
This will set up the core Lapis service and legacy Blade/React frontend.
-
Create a folder locally to store your code by running
mkdir ~/Workspace
-
Inside the new folder we will clone the Lapis repository
cd ~/Workspace git clone git@gitlab.com:intellihr/engineering/lapis.git
-
Navigate to the
lapis
folder created by this clonecd ~/Workspace/lapis
-
Copy the example environment file to
.env
cp .env.example .env
-
Open up the
.env
file for editing and update theAPP_URL
setting so that it includes your name before thelocal
part, for exampleAPP_URL="http://john.doe.local.internihr.ninja"
-
Copy the example Docker Compose override file to
docker-compose.override.yml
cp docker-compose.override.yml.example docker-compose.override.yml
-
In the new
docker-compose.override.yml
file you will need to configure your local tenant names for thelocal
servicelocal: networks: gateway: aliases: - master-large-demo.john.doe.local.internihr.ninja - master-intellihr.john.doe.local.internihr.ninja - qa-intellihr.john.doe.local.internihr.ninja federation: environment: - FEDERATION_LAPIS_ENDPOINT=http://master-intellihr.john.doe.local.internihr.ninja/graphql micro: environment: - GRAPHITE_LAPIS_ENDPOINT=http://<tenant>.john.doe.local.internihr.ninja
NPM Registry Configuration
-
Create a
.npmrc
file in the rootlapis
directory with the following contents@fortawesome:registry=https://npm.fontawesome.com/ //npm.fontawesome.com/:_authToken=<AUTH_TOKEN_HERE> @humanforce:registry=https://npm.pkg.github.com //npm.pkg.github.com/:_authToken=<HF_GITHUB_NPM_TOKEN>
-
Replace
<AUTH_TOKEN_HERE>
with the Font Awesome Pro auth token which can be found in 1Password. This npm configutation file will allow you to retrieve thefontawesome-pro
package from a private registry -
Replace
<HF_GITHUB_NPM_TOKEN>
with a classic access token from github that has theread:packages
scope. You will need access to the Humanforce repositories in github. If you need to create a new token, be sure click on the [Configure SSO] button and follow the prompts to authorise they key
-
-
To install the latest packages, and fetch the latest containers, there is a helper script inside the
lapis
repository./bin/fetch-containers.sh
-
Start the Lapis application containers. The terminal will start a real-time tail of the logs from the containers listed
docker compose up local lapis postgres
-
You should now be able to connect to the application in your browser using the default tenant and your local domain, for example http://master-large-demo.john.doe.local.internihr.ninja
-
The local
master-large-demo
tenant is cloned exactly from the tenant in the dev stack. You can log in usinglyanna
(the system administrator) details from 1Password
Setting up GraphQL
-
GraphQL should be hosted in a container called
federation
when starting up lapis. Try runningdocker compose up local lapis postgres micro federation
-
You should see a log message with
Federation ready at http://localhost:4001/graphql
. You can access this URL to use the GraphQL playground and start sending queries -
To test it works, open the GraphQL playground, setup the HTTP header, and then perform a login auth request and see if graphite is able to contact Lapis
HTTP Header
{ "X-Tenant": "master_large_demo" }
GraphQL Request
mutation { auth { login(input: { username: "lyanna" password: "<refer to 1Password>" }) { accessToken } } }
Setting up SPA
This will set up the single page React app using Graphite, giving you the full stack.
-
As with Lapis and Graphite, clone the SPA repository into your
Workspace
foldercd ~/Workspace git clone git@gitlab.com:intellihr/engineering/spa.git
-
Copy the example environment file to
.env
cp .env.example .env
-
Copy the
.npmrc
file from your Lapis folder into the SPA foldercp ~/Workspace/lapis/.npmrc ~/Workspace/spa/.npmrc
-
Double check that your .npmrc file contains all expected repositories across all repositories (e.g.
@fortawesome
and@humanforce
) -
Start the SPA service. When the service is started, the NPM packages will be automatically installed
docker compose up local
-
Once the React build has completed, and service has started, you should be able to access SPA pages when browsing through the intelliHR site. As an example, try visiting the Settings page after logging in as Lyanna
Troubleshooting
401 or 403 errors when building npm/yarn packages
Double check that your .npmrc file contains all expected repositories across all repositories (e.g. @fortawesome
and @humanforce
)
Network gateway declared as external, but could not be found
Our system requires a docker network called gateway
to exist prior to being run. Follow the directions given with the error to make this network.
“ERROR: unauthorized: access to the requested resource is not authorized” when running docker commands
You require access to registry.gitlab.com
or quay.io
in order to pull docker containers.
Follow the instructions to set up GitLab Container Registry access or Quay.io Container Registry access as required.
“Unable to send lapis request: Tenant could not be determined” when running GraphQL queries
Graphite requires an X-Tenant
header or an Authorisation
header to be provided when making Lapis requests. Add an X-Tenant
header (in the HTTP headers section in GraphQL Playground) with the tenant (usually master_large_demo
).
{
"X-Tenant": "master_large_demo"
}
“request to https://master-large-demo.local.internihr.ninja/api/batch failed, reason: connect ECONNREFUSED” error when running GraphQL queries
Your Graphite GRAPHITE_LAPIS_ENDPOINT
env is pointing to https
instead of http
. Update it to use http
instead.
When running docker compose up local
: ERROR: for postgres Cannot start service postgres: driver failed programming external connectivity on endpoint lapis_postgres_1 (<SOME_HASH>): Error starting userland proxy: listen tcp 0.0.0.0:5432: bind: address already in use
When a local instance of Postgres is configured to boot on startup of your machine (potentially toggled automatically when updating Ubuntu versions), Lapis won’t be able to start the Postgres service and will crash. To fix this first stop the local Postgres server and disable the option to launch it on startup:
sudo service postgresql stop
sudo update-rc.d postgresql disable
When running git clone
: Host key verification failed. fatal: Could not read from remote repository
When connecting via the SSH protocol, every host has a key. Clients remember the host key associated with a particular address and refuse other connections. To fix this, add github to the list of known hosts:
ssh-keyscan -t rsa gitlab.com >> ~/.ssh/known_hosts
ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts
When attempting to run docker compose --rm yarn
on lapis: EACCES: permission denied error
When your user ID is not 1000 you will receive this error. Specifically mkdir /app/node_modules
. In order to fix:
- Check your ID by running
id <your_username>
- If your ID is not
1000
, open a support ticket requesting an Ubuntu ID change