Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add path prefixed gitlab-ce instance #905

Closed
wants to merge 21 commits into from
Closed

Add path prefixed gitlab-ce instance #905

wants to merge 21 commits into from

Conversation

aryanpingle
Copy link
Contributor

@aryanpingle aryanpingle commented Sep 11, 2024
edited by prasadtalasila
Loading

PR to address #892 and #899

prasadtalasila
prasadtalasila reviewed Sep 11, 2024
View reviewed changes
Copy link
Contributor

@prasadtalasila prasadtalasila left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@aryanpingle thanks for the PR. Please check the comments. Given that this compose file is only useful with a properly working OAuth setup, please include those changes in this PR as well.

deploy/config/client/env.js Outdated Show resolved Hide resolved
deploy/services/gitlab/docker-compose.yml Outdated Show resolved Hide resolved
deploy/services/gitlab/.env Outdated Show resolved Hide resolved
deploy/services/gitlab/docker-compose.yml Outdated Show resolved Hide resolved
prasadtalasila
prasadtalasila reviewed Sep 17, 2024
View reviewed changes
Copy link
Contributor

@prasadtalasila prasadtalasila left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@aryanpingle Thanks for the PR. Please see the comments.

deploy/services/gitlab/.env Outdated Show resolved Hide resolved
deploy/services/gitlab/.env Outdated Show resolved Hide resolved
deploy/services/gitlab/docker-compose.yml Outdated Show resolved Hide resolved
prasadtalasila
prasadtalasila reviewed Sep 17, 2024
View reviewed changes
deploy/config/client/env.js Outdated Show resolved Hide resolved
deploy/docker/.env.server Outdated Show resolved Hide resolved
@aryanpingle
Refactor gitlab compose
41b3256 
* Make https url scheme mandatory for gitlab instance (due to react-oidc)
* Hardcode gitlab image for consistency with tests
@aryanpingle
Revert server env file modifications
53a6db4
@aryanpingle
Add README to gitlab directory
b9c1bdc
@prasadtalasila
Copy link
Contributor

@aryanpingle

Please add INTEGRATION.md detailing the steps required for integrating gitlab with the rest of DTaaS installation. It is a three step process

  1. Bring up DTaaS with unchanged OAUTH information in env.js, .env.server and conf.server.
  2. Bring up and configure /gitlab (the current README.md)
  3. Create OAUTH apps in the new gitlab
  4. Update OAUTH information in env.js, .env.server and conf.server.

@prasadtalasila prasadtalasila mentioned this pull request Sep 19, 2024
Closed
@prasadtalasila
Copy link
Contributor

@aryanpingle
Another important explanation is with regards to self-signed / invalid TLS certificates. The OAuth2 server authorization fails if either self-signed or invalid certificates are used. So a clear emphasis needs to be made saying that the gitlab integration is only possible with a valid TLS certificate.
Please do verify the existence of this problem before tomorrow's meeting. Thanks.

@aryanpingle
Copy link
Contributor Author

aryanpingle commented Sep 20, 2024
edited
Loading

Can confirm, authorization fails with a self-signed/invalid certificate (OAuth2 redirect results in Service unavailable). I'll update the docs to mention this.

@prasadtalasila prasadtalasila added this to the Release v0.6.0 milestone Sep 20, 2024
prasadtalasila
prasadtalasila reviewed Sep 23, 2024
View reviewed changes
deploy/services/gitlab/INTEGRATION.md
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@aryanpingle
In step-1, the DTaaS without any valid OAuth applications. In step-3, these OAuth applications are created on https://foo.com/gitlab. This instance is used to create valid OAuth applications. New step-4 configures DTaaS application again with valid OAuth applications.
In addition, the post-install instructions seem wrong. Please check.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah right, I'll correct the steps. Which post-install instruction are you referring to sir?

codeclimate[bot]
codeclimate bot reviewed Sep 23, 2024
View reviewed changes
deploy/services/gitlab/INTEGRATION.md
> The section "Add TLS Certificates (Optional)" should be treated as
> mandatory for now, to ensure `react-oidc-context` correctly redirects users
> for authorization.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Blank line inside blockquote

codeclimate[bot]
codeclimate bot reviewed Sep 25, 2024
View reviewed changes
deploy/services/gitlab/INTEGRATION.md
will be available on the DTaaS server within the directory:
_deploy/services/gitlab_.
1. Traefik Forward Auth will use the path-prefixed GitLab instance for
authorization on the multi-user installation scenario i.e. `foo.com` (but not on `localhost`).
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Line length

aryanpingle
aryanpingle commented Sep 25, 2024
View reviewed changes
deploy/docker/compose.local.secure.yml
- "443:443"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "${DTAAS_DIR}/deploy/docker/dynamic/tls.local.yml:/etc/traefik/dynamic/tls.yml"
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@prasadtalasila Since we've removed forward auth from the localhost setup, I believe we don't need to supply a TLS certificate to run the application over https.

I've verified this by removing this line and deleting the certificates on my machine, and it works fine. Should I remove this line along with the certificates directory and tls.local.yml?

@codeclimate CodeClimate
Copy link

codeclimate bot commented Oct 2, 2024

Code Climate has analyzed commit 7ac6581 and detected 3 issues on this pull request.

Here's the issue category breakdown:

Category Count
Style 3

View more on Code Climate.

@prasadtalasila prasadtalasila mentioned this pull request Oct 8, 2024
Merged
@prasadtalasila
Copy link
Contributor

merged via #961. Thanks @aryanpingle for the contribution.

@prasadtalasila prasadtalasila mentioned this pull request Oct 8, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@codeclimate codeclimate[bot] codeclimate[bot] left review comments

@prasadtalasila prasadtalasila prasadtalasila left review comments

Assignees

@aryanpingle aryanpingle

Labels
None yet
Projects
Digital Twin as a Service
Archived in project
Milestone
Release v0.6.0
Development

Successfully merging this pull request may close these issues.
2 participants
@aryanpingle @prasadtalasila