updated reverse proxy port from 9000 to 9001 (#47)

Updated port to 9001 and made port variables.

README.md

@@ -4,7 +4,7 @@
 [![Coverage Status](https://coveralls.io/repos/github/Nike-Inc/cerberus-management-service/badge.svg?branch=master)](https://coveralls.io/github/Nike-Inc/cerberus-management-service)
 [![][license img]][license]
 
-The Cerberus Management Service (CMS) is a core component of the Cerberus [REST API](http://engineering.nike.com/cerberus/docs/architecture/rest-api) 
+The Cerberus Management Service (CMS) is a core component of the Cerberus [REST API](http://engineering.nike.com/cerberus/docs/architecture/rest-api)
 that facilities user and AWS IAM role authentication and the management of Safe Deposit Boxes (SDBs), an abstraction on top of Hashicorp's Vault.
 
 To learn more about Cerberus, please visit the [Cerberus website](http://engineering.nike.com/cerberus/).
@@ -32,9 +32,9 @@ To get MySQL setup on OS X:
 You'll need to create a database and user for it.  Run the following SQL against your mysql database:
 
     CREATE DATABASE IF NOT EXISTS cms;
-    
+
     CREATE USER 'cms'@'localhost' IDENTIFIED BY '<YOUR DB PASSWORD HERE>';
-    
+
     GRANT ALL ON cms.* TO 'cms'@'localhost';
 
 **Vault** is required to run the application locally.
@@ -53,11 +53,11 @@ That will setup the default policy and generate a token for CMS and output:
     export VAULT_ADDR="http://localhost:8200"
     export VAULT_TOKEN="<token>"
 
-## Configuration 
+## Configuration
 
 ### Configurable Properties
 
-There are a few parameters that need to be configured for CMS to run properly, they are defined in this table. 
+There are a few parameters that need to be configured for CMS to run properly, they are defined in this table.
 
 property                                            | required | notes
 ---------------------------                         | -------- | ----------
@@ -92,9 +92,9 @@ For deployed environments they are configured via the CLI, which will generate a
     -P auth.connector.onelogin.client_id=$ONE_LOGIN_CLIENT_ID \
     -P auth.connector.onelogin.client_secret=$ONE_LOGIN_CLIENT_SECRET \
     -P auth.connector.onelogin.subdomain=nike
-    
+
 See [Creating an environment](http://engineering.nike.com/cerberus/docs/administration-guide/creating-an-environment) for more information.
-    
+
 CMS will download the props file at startup time and load the props into Guice.
 
 ### User Authentication
@@ -103,7 +103,7 @@ CMS will download the props file at startup time and load the props into Guice.
 
 The User authentication contract is defined by the [AuthConnector](https://github.com/Nike-Inc/cerberus-management-service/blob/master/src/main/java/com/nike/cerberus/auth/connector/AuthConnector.java) interface.  
 
-The only included implementation of this interface targets 
+The only included implementation of this interface targets
 OneLogin.  We expect to implement more connectors in the near future.
 
 ##### OneLogin Auth Connector
@@ -115,7 +115,7 @@ auth.connector.onelogin.api_region    | Yes      | `us` or `eu`
 auth.connector.onelogin.client_id     | Yes      | The OneLogin API client id
 auth.connector.onelogin.client_secret | Yes      | The OneLogin API client secret
 auth.connector.onelogin.subdomain     | Yes      | Your orgs OneLogin subdomain [xxxxx].onelogin.com
-    
+
 **Assumption: The current implementation looks up group membership for a user via the member_of field on the getUserById API response.**
 
 ##### Okta Auth Connector
@@ -143,9 +143,9 @@ auth.connector.okta.base_url          | Yes      | The Okta base url (e.g. `"htt
 First, a few properties must be configured in `src/main/resources/cms-local-overrides.conf`
 
 You'll need a few pieces of information before you can run the application:
- 
+
 - The DB password you setup earlier
-- The group that identifies which users are administrators 
+- The group that identifies which users are administrators
 - The root user ARN for your AWS account
 - The AWS IAM role ARN that represents administrators and CMS instances
 - The authentication connector class that is used to authenticate users and get their group membership
@@ -155,15 +155,15 @@ You'll need a few pieces of information before you can run the application:
     JDBC.url="jdbc:mysql://localhost:3306/cms?useUnicode=true&characterEncoding=utf8&useLegacyDatetimeCode=false&serverTimezone=UTC&useSSL=false"
     JDBC.username="cms"
     JDBC.password="<YOUR DB PASSWORD HERE>"
-    
+
     # Group that user can be identified by to get admin privileges.
     cms.admin.group="<YOUR ADMIN GROUP>"
-    
+
     # AWS ARNs used when setting up KMS keys for IAM role authentication.
     root.user.arn="arn:aws:iam::<YOUR AWS ACCOUNT ID>:root"
     admin.role.arn="arn:aws:iam::<YOUR AWS ACCOUNT ID>:role/<YOUR IAM ROLE FOR ADMINS>"
     cms.role.arn="arn:aws:iam::<YOUR AWS ACCOUNT ID>:role/<YOUR IAM ROLE FOR CMS>"
-    
+
     # Auth Connector
     cms.auth.connector=<YOUR AUTH CONNECTOR CLASS>
 ```
@@ -175,7 +175,7 @@ If you wish to use embedded Vault, MySQL and run the Dashboard with reverse prox
  - `gradlew runVaultAndMySQL`
     - Works on Windows, Mac, Unix
     - Downloads and configures embedded MySQL.
-    - Downloads configures and runs Vault, 
+    - Downloads configures and runs Vault,
     - You can control Vault version with `vaultVersion` in `gradle/develop.gradle`
     - This task needs to be run as Admin in Windows, ensure that you start the IDE or Terminals as Admin
  - `gradlew runCMS`
@@ -186,14 +186,14 @@ If you wish to use embedded Vault, MySQL and run the Dashboard with reverse prox
  - `gradlew runDashboardAndReverseProxy`
     - OPTIONAL TASK, Works on Windows, Mac, Unix
     - Runs the dashboard and reverse into interact with CMS, sometimes better than curling or using postman.
-    - Downloads the dashboard from GitHub releases and runs an express server and reverse proxy to expose `http://localhost:9000/dashboard/`
+    - Downloads the dashboard from GitHub releases and runs an express server and reverse proxy to expose `http://localhost:9001/dashboard/`
     - You can change dashboard version with `dashboardRelease` in `gradle/develop.gradle`
  - `gradlew bootstrapData`
     - OPTIONAL TASK, Adds some data test data to Cerberus since `runVaultAndMySQL` is ephemeral and deletes everything when the process ends.
 
 ### From the IDE
 
-With Vault and MySQL running 
+With Vault and MySQL running
 Simply run `com.nike.cerberus.Main`.  The following VM arguments should be set:
 
     -D@appId=cms -D@environment=local -Dvault.addr=http://localhost:8200 -Dvault.token=<token>
@@ -203,9 +203,9 @@ Simply run `com.nike.cerberus.Main`.  The following VM arguments should be set:
 With Vault and MySQL running
 
     ./gradlew clean build
-    
+
     ./debugShadowJar.sh -Dvault.addr=http://localhost:8200 -Dvault.token=<token>
-    
+
 
 ## Setting up your IDE
 
@@ -224,4 +224,3 @@ Cerberus Management Service is released under the [Apache License, Version 2.0](
 
 [license]:LICENSE.txt
 [license img]:https://img.shields.io/badge/License-Apache%202-blue.svg
-

gradle/develop.gradle

@@ -18,8 +18,14 @@ import org.apache.tools.ant.taskdefs.condition.Os
 import groovyx.net.http.RESTClient
 import static groovyx.net.http.ContentType.*
 
-def dashboardRelease = 'v1.0.0'
-def vaultVersion = "0.7.0"
+def dashboardRelease = 'v1.3.0'
+def vaultVersion = "0.7.3"
+
+def reverseProxyPort = 9001
+def nodeServerPort = 8000
+def cmsPort = 8080
+def vaultPort = 8200
+def cmsRemoteDebugPort = 5005
 
 buildscript {
     apply from: file('gradle/buildscript.gradle'), to: buildscript
@@ -35,7 +41,7 @@ task start() {
 
 task startProxyAndDashboardInBackground(type: SpawnProcessTask) {
     command "${project.getRootDir().absolutePath}${File.separator}gradlew runDashboardAndReverseProxy --stacktrace"
-    ready 'express server listing on port 8000'
+    ready "express server listing on port $nodeServerPort"
     pidLockFileName '.proxy-dash.pid.lock'
 
     finalizedBy 'startVaultAndMySQLInBackground'
@@ -219,7 +225,7 @@ task runCMS(dependsOn: [antReplace, assemble], ) {
         javaexec {
             classpath = sourceSets.main.runtimeClasspath
             main = 'com.nike.cerberus.Main'
-            systemProperty 'vault.addr', 'http://127.0.0.1:8200'
+            systemProperty 'vault.addr', "http://127.0.0.1:$vaultPort"
             systemProperty 'vault.token', getTokenFromVaultLog()
             systemProperty '@appId', 'cms'
             systemProperty '@environment', 'local'
@@ -234,7 +240,7 @@ task runCMS(dependsOn: [antReplace, assemble], ) {
                 systemProperty secretKey, System.getProperty(secretKey)
             }
 
-            jvmArgs '-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005'
+            jvmArgs "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=$cmsRemoteDebugPort"
         }
     }
 }
@@ -258,8 +264,8 @@ task bootstrapData() {
             ' MySQL are running in seperate threads'
     doLast {
         def rootToken = getTokenFromVaultLog()
-        def cms = new RESTClient('http://127.0.0.1:8080', JSON)
-        def vault = new RESTClient('http://127.0.0.1:8200', JSON)
+        def cms = new RESTClient("http://127.0.0.1:$cmsPort", JSON)
+        def vault = new RESTClient("http://127.0.0.1:$vaultPort", JSON)
 
         def cats = cms.get([
                 path: '/v1/category',

reverse_proxy/server.js

@@ -16,11 +16,16 @@
 
 var path = require('path');
 
+var reverseProxyPort = 9001
+var nodeServerPort = 8000
+var cmsPort = 8080
+var vaultPort = 8200
+
 // https://www.npmjs.com/package/redwire
 var RedWire = require('redwire');
 var redwire = new RedWire({
     http: {
-        port: 9000,
+        port: reverseProxyPort,
         websockets: true
     }
 });
@@ -29,24 +34,24 @@ var redwire = new RedWire({
  * Cerberus is a couple services behind a router so we can simulate that locally
  */
 // redirect /secret to Hashicoorp Vault
-redwire.http('http://localhost:9000/v1/secret', '127.0.0.1:8200/v1/secret');
-redwire.http('http://127.0.0.1:9000/v1/secret', '127.0.0.1:8200/v1/secret');
+redwire.http('http://localhost:' + reverseProxyPort + '/v1/secret', '127.0.0.1:' + vaultPort + '/v1/secret')
+redwire.http('http://127.0.0.1:' + reverseProxyPort + '/v1/secret', '127.0.0.1:' + vaultPort + '/v1/secret')
 // redirect dashboard to the Cerberus Management Dashboard
-redwire.http('http://localhost:9000/dashboard', '127.0.0.1:8000');
-redwire.http('http://127.0.0.1:9000/dashboard', '127.0.0.1:8000');
+redwire.http('http://localhost:' + reverseProxyPort + '/dashboard', '127.0.0.1:' + nodeServerPort)
+redwire.http('http://127.0.0.1:' + reverseProxyPort + '/dashboard', '127.0.0.1:' + nodeServerPort)
 // redirect rule for Cerberus Management Service
-redwire.http('http://localhost:9000/v1', '127.0.0.1:8080/v1');
-redwire.http('http://127.0.0.1:9000/v1', '127.0.0.1:8080/v1');
-redwire.http('http://localhost:9000/v2', '127.0.0.1:8080/v2');
-redwire.http('http://127.0.0.1:9000/v2', '127.0.0.1:8080/v2');
+redwire.http('http://localhost:' + reverseProxyPort + '/v1', '127.0.0.1:' + cmsPort + '/v1')
+redwire.http('http://127.0.0.1:' + reverseProxyPort + '/v1', '127.0.0.1:' + cmsPort + '/v1')
+redwire.http('http://localhost:' + reverseProxyPort + '/v2', '127.0.0.1:' + cmsPort + '/v2')
+redwire.http('http://127.0.0.1:' + reverseProxyPort + '/v2', '127.0.0.1:' + cmsPort + '/v2')
 
 var express = require('express')
 var app = express()
 
 app.use(express.static(__dirname + '/../build/dashboard'))
 
-app.listen(8000, function () {
-    console.log('express server listing on port 8000')
+app.listen(nodeServerPort, function () {
+    console.log('express server listing on port ' + nodeServerPort)
 })
 
-console.log('Cerberus reverse proxy up and running on http://localhost:9000')
+console.log('Cerberus reverse proxy up and running on http://localhost:' + reverseProxyPort)