From dc9f38184302e8cc86fd02a9ac0add2b2ee2011c Mon Sep 17 00:00:00 2001 From: Jason Sherman Date: Mon, 15 Jan 2024 15:08:07 -0800 Subject: [PATCH] provide sample config files. update readme to include configuration steps for keycloak SSO Signed-off-by: Jason Sherman --- .devcontainer/README.md | 17 +++++++++++++ .../{local.json => local.json.sample} | 0 ...m-export.json => realm-export.json.sample} | 1 + .devcontainer/devcontainer.json | 9 ++----- .devcontainer/post-install.sh | 25 +++++++++++-------- .gitignore | 1 + 6 files changed, 36 insertions(+), 17 deletions(-) rename .devcontainer/chefs_local/{local.json => local.json.sample} (100%) rename .devcontainer/chefs_local/{realm-export.json => realm-export.json.sample} (99%) diff --git a/.devcontainer/README.md b/.devcontainer/README.md index 3798827b1..19f22a74e 100644 --- a/.devcontainer/README.md +++ b/.devcontainer/README.md @@ -30,6 +30,19 @@ Keycloak and Postgresql will be launched using docker compose. These will run in CHEFS API and Frontend are running as node applications on the devcontainer - again, ports are forwarded to the host. +### Configuring CHEFS locally +When the devcontainer is built, it copies `.devcontainer/chefs_local/local.json.sample` and `.devcontainer/chefs_local/realm-export.json.sample` to `.devcontainer/chefs_local/local.json` and `.devcontainer/chefs_local/realm-export.json` respectively. These copies are not checked in and allow the developer to make changes and tweaks without impacting other developers or accidentially sharing passwords. + +### Authorization Prerequisites +1. An IDIR account is required to access CHEFS. +2. Request an SSO Integration from the Common Hosted Single Sign-on (CSS) page in order to obtain a resource and secret that will be used for authentication when building CHEFS. View the [detailed documentation](https://bcdevex.atlassian.net/wiki/spaces/CCP/pages/961675282) about requesting the Pathfinder SSO integration. +3. Open realm-export.json located at chefs_build/docker/imports/keycloak and search for `XXXXXXXXXXXX`. This value must match the `clientSecret` value in `local.json` so that the CHEFS API can connect to your Keycloak instance. By default, these are set to be equal and don’t need to be altered. +4. Navigate to the CSS page, login with your IDIR, and download the ‘Development’ Installation JSON from your SSO Integration. +5. Back in the `realm-export.json` file, search for all instances of `YYYYYYYYYYYY` and replace it with the `resource` you obtained from the downloaded JSON file. Search for all instances of `ZZZZZZZZZZZZ` and replace it with the `secret`. + +Note that `CHEFS Frontend` launch configuration is using the `chefs-frontend-local` client in Keycloak, not `chefs-frontend-local` as we do in production. + +### Run/Debug 1. start Keycloak and Postgresql. Many ways to start... - right click on `.devcontainer/chefs_local/docker-compose.yml` and select `Compose up` - or use command palette `Docker: Compose Up` then select `.devcontainer/chefs_local/docker-compose.yml` @@ -38,6 +51,10 @@ CHEFS API and Frontend are running as node applications on the devcontainer - ag - Run and Debug, select 'CHEFS' which will start both the API and the frontend. 3. debug Frontend with Chrome - Run and Debug, select 'CHEFS Frontend - chrome' which will start a Chrome browser against the frontend, will allow breakpoints in `/app/frontend/src` +4. stop Keycloak and Postgresql. Many ways to stop... + - right click on `.devcontainer/chefs_local/docker-compose.yml` and select `Compose down` + - or use command palette `Docker: Compose Down` then select `.devcontainer/chefs_local/docker-compose.yml` + - or `Terminal | Run Task...|chefs_local down` ## Troubleshooting All development machines are unique and here we will document problems that have been encountered and how to fix them. diff --git a/.devcontainer/chefs_local/local.json b/.devcontainer/chefs_local/local.json.sample similarity index 100% rename from .devcontainer/chefs_local/local.json rename to .devcontainer/chefs_local/local.json.sample diff --git a/.devcontainer/chefs_local/realm-export.json b/.devcontainer/chefs_local/realm-export.json.sample similarity index 99% rename from .devcontainer/chefs_local/realm-export.json rename to .devcontainer/chefs_local/realm-export.json.sample index 8f50d3cdc..7fb1d86fe 100644 --- a/.devcontainer/chefs_local/realm-export.json +++ b/.devcontainer/chefs_local/realm-export.json.sample @@ -1083,6 +1083,7 @@ "http://localhost:8080/*", "http://localhost:8083/*", "http://localhost:8082/*", + "http://localhost:5173/*", "https://logon7.gov.bc.ca/clp-cgi/logoff.cgi?retnow=1&returl=https%3A%2F%2Fbcgov.github.io%2Fkeycloak-example-apps" ], "webOrigins": [ diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 22d881d99..84375ad6d 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -10,12 +10,7 @@ } }, - "features": { - // "ghcr.io/devcontainers/features/docker-outside-of-docker:1": { - // "version": "20.10", - // "enableNonRootDocker": "true", - // "moby": "true" - // } + "features": { "ghcr.io/devcontainers/features/docker-in-docker:2": {} }, @@ -28,7 +23,7 @@ "forwardPorts": [8082, 8081, 8080, 5432, 5173], // Use 'postCreateCommand' to run commands after the container is created. - "postCreateCommand": "bash ./.devcontainer/post-install.sh", + "postCreateCommand": "bash ./.devcontainer/post-install.sh", // Configure tool-specific properties. // "customizations": {}, diff --git a/.devcontainer/post-install.sh b/.devcontainer/post-install.sh index 98a7dda28..c6d2ea823 100644 --- a/.devcontainer/post-install.sh +++ b/.devcontainer/post-install.sh @@ -5,19 +5,9 @@ set -ex WORKSPACE_DIR=$(pwd) CHEFS_LOCAL_DIR=${WORKSPACE_DIR}/.devcontainer/chefs_local -# fire up keycloak and postgres... we want to seed the db -docker compose -f ${CHEFS_LOCAL_DIR}/docker-compose.yml up --wait - # install app libraries, prepare for app development and debugging... cd app npm install -# run an initial migration for the db and seed it... -export NODE_CONFIG_DIR=${CHEFS_LOCAL_DIR} # need this to connect to the running postgres instance. -npm run migrate -npm run seed:run - -# take down keycloak and postgres, do not need them running all the time. -docker compose -f ${CHEFS_LOCAL_DIR}/docker-compose.yml down # install frontend libraries, prepare for ux development and debugging... cd frontend @@ -27,3 +17,18 @@ npm install npm run build:formio npm run deploy:formio +# copy over the sample files to the image... +cp -u ${CHEFS_LOCAL_DIR}/local.json.sample ${CHEFS_LOCAL_DIR}/local.json +cp -u ${CHEFS_LOCAL_DIR}/realm-export.json.sample ${CHEFS_LOCAL_DIR}/realm-export.json + +# fire up keycloak and postgres... we want to seed the db +docker compose -f ${CHEFS_LOCAL_DIR}/docker-compose.yml up --wait +# run an initial migration for the db and seed it... +export NODE_CONFIG_DIR=${CHEFS_LOCAL_DIR} # need this to connect to the running postgres instance. +cd .. # back to app dir +npm run migrate +# npm run seed:run + +# take down keycloak and postgres, do not need them running all the time. +docker compose -f ${CHEFS_LOCAL_DIR}/docker-compose.yml down + diff --git a/.gitignore b/.gitignore index a16553265..309b351e0 100644 --- a/.gitignore +++ b/.gitignore @@ -46,6 +46,7 @@ yarn-error.log* !.vscode/README.md # devcontainer files +!.devcontainer/chefs_local/*.sample !.devcontainer/chefs_local/local.json # temp office files