WIP

Signed-off-by: Martin Weise <martin.weise@tuwien.ac.at>

WIP
1fc439a3 · Martin Weise · 9715320a · 1fc439a3 · 1fc439a3 · 1fc439a3
Verified Commit 1fc439a3 authored 4 months ago by Martin Weise
--- a/dbrepo-auth-service/listeners/target/create-event-listener.jar
+++ b/dbrepo-auth-service/listeners/target/create-event-listener.jar
--- a/dbrepo-ui/nuxt.config.ts
+++ b/dbrepo-ui/nuxt.config.ts
@@ -14,9 +14,8 @@ if (process.env.NODE_ENV === 'development') {
      '^/pid': '/pid'
    }
  }
+  process.env.VERSION = 'bun-dev'
  process.env.NUXT_PUBLIC_API_SERVER = api
-  process.env.NUXT_OIDC_PROVIDERS_KEYCLOAK_REDIRECT_URI = api + ':3001/auth/keycloak/callback'
-  process.env.NUXT_OIDC_PROVIDERS_KEYCLOAK_LOGOUT_REDIRECT_URI = api + ':3001'
 }
 /**
@@ -114,7 +113,7 @@ export default defineNuxtConfig({
    providers: {
      keycloak: {
        clientId: '',
-        clientSecret: '', // inject on runtime
+        clientSecret: '',
        authorizationUrl: '',
        userInfoUrl: '',
        tokenUrl: '',

--- a/dbrepo-ui/package.json
+++ b/dbrepo-ui/package.json
@@ -4,7 +4,7 @@
  "type": "module",
  "scripts": {
    "build": "nuxt build",
-    "dev": "VERSION=bun-dev NUXT_OIDC_PROVIDERS_KEYCLOAK_CLIENT_SECRET=MUwRc7yfXSJwX8AdRMWaQC3Nep1VjwgG NODE_ENV=development nuxt dev",
+    "dev": "NODE_ENV=development nuxt dev",
    "generate": "nuxt generate",
    "preview": "nuxt preview",
    "postinstall": "nuxt prepare",

--- a/dbrepo-ui/pages/database/[database_id]/persist/index.vue
+++ b/dbrepo-ui/pages/database/[database_id]/persist/index.vue
@@ -44,6 +44,12 @@ export default {
    cacheUser () {
      return this.cacheStore.getUser
    },
+    roles () {
+      return this.cacheStore.getRoles
+    },
+    access () {
+      return this.cacheStore.getAccess
+    },
    isOwner () {
      if (!this.database || !this.cacheUser) {
        return false

--- a/helm/dbrepo/files/create-event-listener.jar
+++ b/helm/dbrepo/files/create-event-listener.jar
--- a/helm/dbrepo/templates/auth-configmap.yaml
+++ b/helm/dbrepo/templates/auth-configmap.yaml
@@ -4,6 +4,9 @@ kind: ConfigMap
 metadata:
  name: auth-service-config
  namespace: {{ include "common.names.namespace" . | quote }}
+binaryData:
+  create-event-listener.jar: |-
+    {{ .Files.Get "files/create-event-listener.jar" | b64enc }}
 data:
  dbrepo-realm.json: |-
    {

--- a/helm/dbrepo/templates/auth-secret.yaml
+++ b/helm/dbrepo/templates/auth-secret.yaml
@@ -11,6 +11,8 @@ stringData:
  AUTH_SERVICE_ENDPOINT: "{{ .Values.authservice.endpoint }}"
  METADATA_DB: "{{ .Values.metadatadb.db.name }}"
  METADATA_DB_PASSWORD: "{{ .Values.metadatadb.rootUser.password }}"
+  METADATA_SERVICE_ENDPOINT: "{{ .Values.metadataservice.endpoint }}/api/user"
  METADATA_USERNAME: "{{ .Values.metadatadb.rootUser.user }}"
  SYSTEM_USERNAME: "{{ .Values.identityservice.users }}"
+  SYSTEM_PASSWORD: "{{ .Values.identityservice.userPasswords }}"
 {{- end }}
--- a/helm/dbrepo/templates/gateway-configmap.yaml
+++ b/helm/dbrepo/templates/gateway-configmap.yaml
@@ -44,7 +44,7 @@ data:
            proxy_set_header        X-Real-IP $remote_addr;
            proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header        X-Forwarded-Proto $scheme;
-            proxy_pass              http://auth-service;
+            proxy_pass              https://auth-service;
            proxy_read_timeout      90;
        }
@@ -53,7 +53,7 @@ data:
            proxy_set_header        X-Real-IP $remote_addr;
            proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header        X-Forwarded-Proto $scheme;
-            proxy_pass              http://auth-service;
+            proxy_pass              https://auth-service;
            proxy_read_timeout      90;
        }

--- a/helm/dbrepo/values.yaml
+++ b/helm/dbrepo/values.yaml
@@ -87,6 +87,7 @@ authservice:
    fullnameOverride: auth-db
    auth:
      postgresPassword: postgres
+  production: true
  ## @param authservice.resourcesPreset The container resource presets
  resourcesPreset: "small"
  jwt:
@@ -127,8 +128,8 @@ authservice:
    ##   limits:
    ##     cpu: 500m
    ##     memory: 1024Mi
-  ## @skip authservice.extraEnvVarsCM
+  ## @skip authservice.extraEnvVarsSecret
-  extraEnvVarsCM: auth-service-config
+  extraEnvVarsSecret: auth-service-secret
  ## @skip authservice.extraVolumes
  extraVolumes:
    - name: config-map
@@ -140,7 +141,14 @@ authservice:
  ## @skip authservice.extraVolumeMounts
  extraVolumeMounts:
    - name: config-map
-      mountPath: /opt/keycloak/data/import
+      mountPath: /opt/keycloak/data/import/dbrepo-realm.json
+      subPath: dbrepo-realm.json
+    - name: config-map
+      mountPath: /opt/keycloak/data/import/master-realm.json
+      subPath: master-realm.json
+    - name: config-map
+      mountPath: /opt/bitnami/keycloak/providers/create-event-listener.jar
+      subPath: create-event-listener.jar
    - name: cache
      mountPath: /bitnami/keycloak/
  ## @skip authservice.replicaCount The number of replicas.