From 06ff1c169ff3259aa9847c116ff48ec5e84b7dce Mon Sep 17 00:00:00 2001
From: Martin Weise <martin.weise@tuwien.ac.at>
Date: Wed, 13 Sep 2023 17:58:06 +0200
Subject: [PATCH] Added insecure search db config
---
Makefile | 24 +++++++-----
dbrepo-gateway-service/dbrepo.conf | 4 ++
dbrepo-log-dashboard/Dockerfile | 10 -----
dbrepo-log-dashboard/config.yml | 21 -----------
dbrepo-log-service/dashboard/Dockerfile | 6 +++
.../dashboard}/README.md | 0
.../dashboard}/opensearch_dashboards.yml | 3 +-
dbrepo-log-service/fluent.conf | 2 +-
dbrepo-search-db/Dockerfile | 3 ++
docker-compose.yml | 37 ++++++++++---------
10 files changed, 49 insertions(+), 61 deletions(-)
delete mode 100644 dbrepo-log-dashboard/Dockerfile
delete mode 100644 dbrepo-log-dashboard/config.yml
create mode 100644 dbrepo-log-service/dashboard/Dockerfile
rename {dbrepo-log-dashboard => dbrepo-log-service/dashboard}/README.md (100%)
rename {dbrepo-log-dashboard => dbrepo-log-service/dashboard}/opensearch_dashboards.yml (70%)
create mode 100644 dbrepo-search-db/Dockerfile
diff --git a/Makefile b/Makefile
index 90c68788d3..49bbdd6d32 100644
--- a/Makefile
+++ b/Makefile
@@ -24,7 +24,7 @@ build-analyse-service:
build-docker:
docker build -t dbrepo-metadata-service:build --target build dbrepo-metadata-service
docker build ./dbrepo-log-service -t dbrepo-log-service:latest
- docker build ./dbrepo-log-dashboard -t dbrepo-log-dashboard:latest
+ docker build ./dbrepo-log-service/dashboard -t dbrepo-log-service-dashboard:latest
docker compose build --parallel
build-frontend:
@@ -34,7 +34,7 @@ build-frontend:
build-clients:
bash ./.gitlab/swagger/generate.sh
-tag: tag-analyse-service tag-authentication-service tag-metadata-db tag-ui tag-broker-service tag-metadata-service tag-search-sync-agent tag-log-service tag-log-dashboard
+tag: tag-analyse-service tag-authentication-service tag-metadata-db tag-ui tag-broker-service tag-metadata-service tag-search-sync-agent tag-log-service tag-log-service-dashboard
tag-analyse-service:
docker tag dbrepo-analyse-service:latest "dbrepo/analyse-service:${TAG}"
@@ -72,11 +72,11 @@ tag-log-service:
docker tag dbrepo-log-service:latest "dbrepo/log-service:${TAG}"
docker tag dbrepo-log-service:latest "${AZURE_REPO}/dbrepo/log-service:${TAG}"
-tag-log-dashboard:
- docker tag dbrepo-log-dashboard:latest "dbrepo/log-dashboard:${TAG}"
- docker tag dbrepo-log-dashboard:latest "${AZURE_REPO}/dbrepo/log-dashboard:${TAG}"
+tag-log-service-dashboard:
+ docker tag dbrepo-log-service-dashboard:latest "dbrepo/log-service-dashboard:${TAG}"
+ docker tag dbrepo-log-service-dashboard:latest "${AZURE_REPO}/dbrepo/log-service-dashboard:${TAG}"
-release: build-docker tag release-analyse-service release-authentication-service release-metadata-db release-ui release-broker-service release-metadata-service release-search-sync-agent release-log-service release-log-dashboard
+release: build-docker tag release-analyse-service release-authentication-service release-metadata-db release-ui release-broker-service release-metadata-service release-search-sync-agent release-log-service release-search-db release-log-service-dashboard
release-analyse-service: tag-analyse-service
docker push "dbrepo/analyse-service:${TAG}"
@@ -102,6 +102,10 @@ release-broker-service: tag-broker-service
docker push "dbrepo/broker-service:${TAG}"
docker push "${AZURE_REPO}/dbrepo/broker-service:${TAG}"
+release-search-db: tag-search-db
+ docker push "dbrepo/search-db:${TAG}"
+ docker push "${AZURE_REPO}/dbrepo/search-db:${TAG}"
+
release-metadata-service: tag-metadata-service
docker push "dbrepo/metadata-service:${TAG}"
docker push "${AZURE_REPO}/dbrepo/metadata-service:${TAG}"
@@ -110,9 +114,9 @@ release-log-service: tag-log-service
docker push "dbrepo/log-service:${TAG}"
docker push "${AZURE_REPO}/dbrepo/log-service:${TAG}"
-release-log-dashboard: tag-log-dashboard
- docker push "dbrepo/log-dashboard:${TAG}"
- docker push "${AZURE_REPO}/dbrepo/log-dashboard:${TAG}"
+release-log-service-dashboard: tag-log-service-dashboard
+ docker push "dbrepo/log-service-dashboard:${TAG}"
+ docker push "${AZURE_REPO}/dbrepo/log-service-dashboard:${TAG}"
test-backend: test-metadata-service test-analyse-service test-search-sync-agent
@@ -125,7 +129,7 @@ test-metadata-service: build-metadata-service
test-analyse-service: build-analyse-service
bash ./dbrepo-analyse-service/test.sh
-scan: scan-analyse-service scan-authentication-service scan-broker-service scan-gateway-service scan-metadata-db scan-metadata-service scan-search-db scan-ui scan-search-sync-agent scan-data-service
+scan: scan-analyse-service scan-authentication-service scan-broker-service scan-gateway-service scan-metadata-db scan-metadata-service scan-search-db scan-ui scan-search-sync-agent
scan-analyse-service:
trivy image --insecure --exit-code 0 --format template --template "@.trivy/gitlab.tpl" -o ./.trivy/trivy-analyse-service-report.json dbrepo-analyse-service:latest
diff --git a/dbrepo-gateway-service/dbrepo.conf b/dbrepo-gateway-service/dbrepo.conf
index 2e91b3ac4e..21bf03a934 100644
--- a/dbrepo-gateway-service/dbrepo.conf
+++ b/dbrepo-gateway-service/dbrepo.conf
@@ -30,6 +30,10 @@ upstream upload {
server upload-service:1080;
}
+upstream log-dashboard {
+ server log-dashboard:5601;
+}
+
server {
listen 80 default_server;
server_name _;
diff --git a/dbrepo-log-dashboard/Dockerfile b/dbrepo-log-dashboard/Dockerfile
deleted file mode 100644
index dd4c529afa..0000000000
--- a/dbrepo-log-dashboard/Dockerfile
+++ /dev/null
@@ -1,10 +0,0 @@
-FROM opensearchproject/opensearch-dashboards:2.8.0
-MAINTAINER Martin Weise <martin.weise@tuwien.ac.at>
-
-RUN /usr/share/opensearch-dashboards/bin/opensearch-dashboards-plugin remove securityDashboards
-
-COPY --chown=opensearch-dashboards:opensearch-dashboards ./opensearch_dashboards.yml /usr/share/opensearch-dashboards/config/
-
-COPY ./config.yml /usr/share/opensearch-dashboards/config/opensearch-security/config.yml
-
-EXPOSE 5601
\ No newline at end of file
diff --git a/dbrepo-log-dashboard/config.yml b/dbrepo-log-dashboard/config.yml
deleted file mode 100644
index 88759ca74b..0000000000
--- a/dbrepo-log-dashboard/config.yml
+++ /dev/null
@@ -1,21 +0,0 @@
-config:
- dynamic:
- http:
- anonymous_auth_enabled: true
- authc:
- basic_internal_auth_domain:
- description: "Authenticate using HTTP basic against the internal users database"
- http_enabled: true
- transport_enabled: true
- order: 1
- http_authenticator:
- type: basic
- challenge: true
- authentication_backend:
- type: internal
- authz:
- noop:
- http_enabled: true
- transport_enabled: true
- authorization_backend:
- type: noop
\ No newline at end of file
diff --git a/dbrepo-log-service/dashboard/Dockerfile b/dbrepo-log-service/dashboard/Dockerfile
new file mode 100644
index 0000000000..2d31f2be81
--- /dev/null
+++ b/dbrepo-log-service/dashboard/Dockerfile
@@ -0,0 +1,6 @@
+FROM opensearchproject/opensearch-dashboards:2.8.0
+MAINTAINER Martin Weise <martin.weise@tuwien.ac.at>
+
+RUN /usr/share/opensearch-dashboards/bin/opensearch-dashboards-plugin remove securityDashboards
+
+EXPOSE 5601
\ No newline at end of file
diff --git a/dbrepo-log-dashboard/README.md b/dbrepo-log-service/dashboard/README.md
similarity index 100%
rename from dbrepo-log-dashboard/README.md
rename to dbrepo-log-service/dashboard/README.md
diff --git a/dbrepo-log-dashboard/opensearch_dashboards.yml b/dbrepo-log-service/dashboard/opensearch_dashboards.yml
similarity index 70%
rename from dbrepo-log-dashboard/opensearch_dashboards.yml
rename to dbrepo-log-service/dashboard/opensearch_dashboards.yml
index c6ce86e2cf..08eb760fa6 100644
--- a/dbrepo-log-dashboard/opensearch_dashboards.yml
+++ b/dbrepo-log-service/dashboard/opensearch_dashboards.yml
@@ -1,4 +1,5 @@
----
+server.basePath: "/admin/log"
+server.rewriteBasePath: true
server.name: log-dashboard
server.host: "0.0.0.0"
opensearch.hosts: http://search-db:9200
diff --git a/dbrepo-log-service/fluent.conf b/dbrepo-log-service/fluent.conf
index 331d1e2250..4c2e0411e5 100644
--- a/dbrepo-log-service/fluent.conf
+++ b/dbrepo-log-service/fluent.conf
@@ -13,7 +13,7 @@
port 9200
user admin
password admin
- index_name fluentd.${tag}
+ index_name dbrepo-logs
logstash_format true
logstash_prefix fluentd
logstash_dateformat %Y%m%d
diff --git a/dbrepo-search-db/Dockerfile b/dbrepo-search-db/Dockerfile
new file mode 100644
index 0000000000..2ebe067473
--- /dev/null
+++ b/dbrepo-search-db/Dockerfile
@@ -0,0 +1,3 @@
+FROM opensearchproject/opensearch:2.8.0 as runtime
+RUN /usr/share/opensearch/bin/opensearch-plugin remove opensearch-security
+
diff --git a/docker-compose.yml b/docker-compose.yml
index 1efeee6b06..01cebe7422 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -62,6 +62,7 @@ services:
retries: 12
logging:
driver: json-file
+
dbrepo-data-db:
restart: "no"
container_name: dbrepo-data-db
@@ -221,7 +222,8 @@ services:
restart: "no"
container_name: dbrepo-search-db
hostname: search-db
- image: opensearchproject/opensearch:2.8.0
+ build: ./dbrepo-search-db
+ image: dbrepo-search-db
networks:
core:
ports:
@@ -238,7 +240,6 @@ services:
discovery.type: "single-node"
ES_JAVA_OPTS: "-Xms4g -Xmx4g"
logger.level: "WARN"
- DISABLE_SECURITY_PLUGIN: "true"
deploy:
resources:
limits:
@@ -313,19 +314,19 @@ services:
# dbrepo-search-db:
# condition: service_healthy
#
-# dbrepo-log-dashboard:
-# restart: "no"
-# container_name: dbrepo-log-dashboard
-# hostname: log-dashboard
-# build: ./dbrepo-log-dashboard
-# image: dbrepo-log-dashboard:latest
-# networks:
-# core:
-# public:
-# volumes:
-# - ./dbrepo-log-dashboard/config.yml:/usr/share/opensearch-dashboards/config/opensearch-security/config.yml
-# ports:
-# - "5601:5601"
-# depends_on:
-# dbrepo-search-db:
-# condition: service_healthy
+ dbrepo-log-service-dashboard:
+ restart: "no"
+ container_name: dbrepo-log-service-dashboard
+ hostname: log-service-dashboard
+ build: ./dbrepo-log-service/dashboard
+ image: dbrepo-log-service-dashboard:latest
+ networks:
+ core:
+ public:
+ volumes:
+ - ./dbrepo-log-service/dashboard/opensearch_dashboards.yml:/usr/share/opensearch-dashboards/config/opensearch_dashboards.yml
+ ports:
+ - "5601:5601"
+ depends_on:
+ dbrepo-search-db:
+ condition: service_healthy
--
GitLab