From e69d8ea8ec9db7cbb21cfcf7de0ef423ea5ea177 Mon Sep 17 00:00:00 2001 From: Fabian Mastenbroek Date: Thu, 17 Feb 2022 15:00:33 +0100 Subject: fix(web/runner): Support custom audience in web runner This change adds support for custom audience values in the web runner. If the audience used by the user is different from the default value (https://api.opendc.org/v2/), then the runner fails to obtain a valid access token for the API. --- .../src/main/kotlin/org/opendc/web/runner/Main.kt | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/opendc-web/opendc-web-runner/src/main/kotlin/org/opendc/web/runner/Main.kt b/opendc-web/opendc-web-runner/src/main/kotlin/org/opendc/web/runner/Main.kt index 8f4e9d6d..94ef8f8e 100644 --- a/opendc-web/opendc-web-runner/src/main/kotlin/org/opendc/web/runner/Main.kt +++ b/opendc-web/opendc-web-runner/src/main/kotlin/org/opendc/web/runner/Main.kt @@ -81,6 +81,16 @@ class RunnerCli : CliktCommand(name = "runner") { ) .required() + /** + * The auth domain to use. + */ + private val authAudience by option( + "--auth-audience", + help = "auth audience of the OpenDC API", + envvar = "AUTH0_AUDIENCE" + ) + .required() + /** * The auth client ID to use. */ @@ -231,7 +241,7 @@ class RunnerCli : CliktCommand(name = "runner") { override fun run(): Unit = runBlocking(Dispatchers.Default) { logger.info { "Starting OpenDC web runner" } - val client = ApiClient(baseUrl = apiUrl, AuthConfiguration(authDomain, authClientId, authClientSecret)) + val client = ApiClient(baseUrl = apiUrl, AuthConfiguration(authDomain, authClientId, authClientSecret), authAudience) val manager = ScenarioManager(client) logger.info { "Watching for queued scenarios" } -- cgit v1.2.3 From 7f1ce8b1929674a73487290abab9540803f87af7 Mon Sep 17 00:00:00 2001 From: Fabian Mastenbroek Date: Thu, 17 Feb 2022 15:19:34 +0100 Subject: ci: Fix API deployment using Docker Compose This change updates the Docker Compose configuration to properly deploy the API server, by passing the necessary Auth0 information to it. --- database/Dockerfile | 4 ++-- docker-compose.override.yml | 3 +-- docker-compose.yml | 8 ++++++-- opendc-web/opendc-web-api/requirements.txt | 1 - 4 files changed, 9 insertions(+), 7 deletions(-) diff --git a/database/Dockerfile b/database/Dockerfile index af3a8382..e4978da6 100644 --- a/database/Dockerfile +++ b/database/Dockerfile @@ -1,5 +1,5 @@ -FROM mongo:4.2.8 -MAINTAINER Jacob Burley +FROM mongo:5.0 +MAINTAINER OpenDC Maintainers # Import init scripts ADD mongo-init-opendc-db.sh /docker-entrypoint-initdb.d diff --git a/docker-compose.override.yml b/docker-compose.override.yml index 6202e299..5d104557 100644 --- a/docker-compose.override.yml +++ b/docker-compose.override.yml @@ -35,5 +35,4 @@ services: ports: - "8082:8081" environment: - ME_CONFIG_MONGODB_ADMINUSERNAME: "${MONGO_INITDB_ROOT_USERNAME}" - ME_CONFIG_MONGODB_ADMINPASSWORD: "${MONGO_INITDB_ROOT_PASSWORD}" + ME_CONFIG_MONGODB_URL: "mongodb://${MONGO_INITDB_ROOT_USERNAME}:${MONGO_INITDB_ROOT_PASSWORD}@mongo:27017/" diff --git a/docker-compose.yml b/docker-compose.yml index 18847736..52209a5b 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -5,6 +5,8 @@ services: restart: on-failure networks: - backend + depends_on: + - api environment: NEXT_PUBLIC_AUTH0_DOMAIN: ${OPENDC_AUTH0_DOMAIN} NEXT_PUBLIC_AUTH0_CLIENT_ID: ${OPENDC_AUTH0_CLIENT_ID} @@ -27,7 +29,9 @@ services: - OPENDC_DB_PASSWORD - OPENDC_DB_HOST=mongo - OPENDC_FLASK_SECRET - - OPENDC_OAUTH_CLIENT_ID + - AUTH0_DOMAIN=${OPENDC_AUTH0_DOMAIN} + - AUTH0_AUDIENCE=${OPENDC_AUTH0_AUDIENCE} + - AUTH0_DOCS_CLIENT_ID=${OPENDC_AUTH0_DOCS_CLIENT_ID} - SENTRY_DSN=${OPENDC_API_SENTRY_DSN-} - SENTRY_ENVIRONMENT @@ -37,7 +41,7 @@ services: networks: - backend depends_on: - - mongo + - api volumes: - type: bind source: ./traces diff --git a/opendc-web/opendc-web-api/requirements.txt b/opendc-web/opendc-web-api/requirements.txt index 45eae12b..6f3b42aa 100644 --- a/opendc-web/opendc-web-api/requirements.txt +++ b/opendc-web/opendc-web-api/requirements.txt @@ -11,7 +11,6 @@ Flask-Cors==3.0.9 Flask-SocketIO==4.3.1 flask-swagger-ui==3.36.0 Flask-Restful==0.3.8 -greenlet==0.4.17 httplib2==0.19.0 isort==4.3.21 itsdangerous==1.1.0 -- cgit v1.2.3 From c05ee92f265185ee2e574dddd99d7d96cc2b7642 Mon Sep 17 00:00:00 2001 From: Fabian Mastenbroek Date: Thu, 17 Feb 2022 15:30:46 +0100 Subject: docs: Actualize deployment guide This change updates the deployment guide for the recent change of the simulator runner which now communicates via the API instead of directly with the Mongo database. See 6752b6d50faab447b3edc13bddf14f53401392f1 for more information. --- docs/deploy.md | 23 ++++++++++++++++------- 1 file changed, 16 insertions(+), 7 deletions(-) diff --git a/docs/deploy.md b/docs/deploy.md index f68705cf..da622571 100644 --- a/docs/deploy.md +++ b/docs/deploy.md @@ -18,18 +18,25 @@ Identity Provider with good software support and a free tier for users to experi To deploy OpenDC yourself, you need to have an [Auth0 tenant](https://auth0.com/docs/get-started/learn-the-basics) and create: -1. **A Single Page Application (SPA)** +1. **An API** + You need to define the OpenDC API server in Auth0. Please refer to the [following guide](https://auth0.com/docs/quickstart/backend/python/01-authorization#create-an-api) + on how to define an API in Auth0. + + Remember the identifier you created the API with, as we need it in the next steps (as `OPENDC_AUTH0_AUDIENCE`). +2. **A Single Page Application (SPA)** You need to define the OpenDC frontend application in Auth0. Please see the [following guide](https://auth0.com/docs/quickstart/spa/react#configure-auth0) on how you can define an SPA in Auth0. Make sure you have added the necessary URLs to the _Allowed Callback URLs_: for a local deployment, you should add at least `http://localhost:3000, http://localhost:8080`. Once your application has been created, you should have a _Domain_ and _Client ID_ which we need to pass to the frontend application (as `OPENDC_AUTH0_DOMAIN` and `OPENDC_AUTH0_CLIENT_ID` respectively). -2. **An API** - You need to define the OpenDC API server in Auth0. Please refer to the [following guide](https://auth0.com/docs/quickstart/backend/python/01-authorization#create-an-api) - on how to define an API in Auth0. - - Remember the identifier you created the API with, as we need it in the next steps (as `OPENDC_AUTH0_AUDIENCE`). +3. **A Machine to Machine Application (M2M)** + You need to define a Machine to Machine application in Auth0 so that the simulator can communicate with the OpenDC API. + Please refer to the [following guide](https://auth0.com/docs/get-started/auth0-overview/create-applications/machine-to-machine-apps) + on how to create such an application. + + Once your application has been created, you should have a _Client ID_ and _Client Secret_ which we need to pass to the + simulator (as `OPENDC_AUTH0_CLIENT_ID_RUNNER` and `OPENDC_AUTH0_CLIENT_SECRET_RUNNER` respectively). ## Installing Docker @@ -64,7 +71,9 @@ OPENDC_FLASK_SECRET="This is a secret flask key, please change" OPENDC_AUTH0_DOMAIN=your-auth0-domain OPENDC_AUTH0_CLIENT_ID=your-auth0-client-id OPENDC_AUTH0_AUDIENCE=your-auth0-api-identifier -OPENDC_API_BASE_URL=http://localhost:8081 +OPENDC_AUTH0_CLIENT_ID_RUNNER=your-auth0-client-id-for-runner +OPENDC_AUTH0_CLIENT_SECRET_RUNNER=your-auth0-client-secret-for-runner +OPENDC_API_BASE_URL=http://web ``` We provide a set of default traces for you to experiment with. If you want to add others, place them in the `traces` -- cgit v1.2.3 From 49c9f371f19e4f13c45861922b7da33da24ecf49 Mon Sep 17 00:00:00 2001 From: Fabian Mastenbroek Date: Thu, 17 Feb 2022 15:38:57 +0100 Subject: build(docker): Update to OpenJDK 17 This change updates the base image of the simulator to OpenJDK 17. --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index bb9a0d0d..771ed2ed 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM openjdk:16-slim +FROM openjdk:17-slim MAINTAINER OpenDC Maintainers # Obtain (cache) Gradle wrapper @@ -11,7 +11,7 @@ RUN ./gradlew --version COPY ./ /app/ RUN ./gradlew --no-daemon :installDist -FROM openjdk:16-slim +FROM openjdk:17-slim COPY --from=0 /app/build/install /opt/ COPY --from=0 /app/traces /opt/opendc/traces WORKDIR /opt/opendc -- cgit v1.2.3