diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..cccb9c3 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,43 @@ +### STAGE 1: Build ### + +# We label our stage as 'builder' +FROM node:16.19.0 as builder +WORKDIR /app + +COPY ./package.json ./ +COPY ./package-lock.json ./ + +## installing necessary libraries +RUN npm install + +COPY ./scripts/start.sh ./ + +COPY . . + +## Build the angular app in production mode +RUN npm run build + +### STAGE 2: Setup ### + +FROM nginx:1.23.3-alpine +ARG version="latest" + +LABEL io.arlas.wui-iam.version=${version} +LABEL vendor="Gisaïa" +LABEL description="This container build and serve the ARLAS-wui-iam app" + +RUN apk add --update bash jq netcat-openbsd curl && rm -rf /var/cache/apk/* + +## Copy our default nginx config +COPY nginx/default.conf /etc/nginx/conf.d/ + +## Remove default nginx website +RUN rm -rf /usr/share/nginx/html/* + +## From 'builder' stage copy over the artifacts in dist folder to default nginx public folder +COPY --from=builder /app/dist/arlas-wui-iam /usr/share/nginx/html +COPY --from=builder /app/start.sh /usr/share/nginx/ + +HEALTHCHECK CMD curl --fail http://localhost:80/ || exit 1 + +CMD /usr/share/nginx/start.sh diff --git a/angular.json b/angular.json index 7fdbb2d..45bf014 100644 --- a/angular.json +++ b/angular.json @@ -64,6 +64,15 @@ "with": "src/environments/environment.prod.ts" } ], + "assets": [ + { + "input": "src/environments/prod/", + "output": "/", + "glob": "*.yaml" + }, + "src/assets", + "src/favicon.ico" + ], "outputHashing": "all" }, "development": { diff --git a/nginx/default.conf b/nginx/default.conf new file mode 100644 index 0000000..a5be55a --- /dev/null +++ b/nginx/default.conf @@ -0,0 +1,56 @@ +server { + + listen 80; + + sendfile on; + + default_type application/octet-stream; + + port_in_redirect on; + + gzip on; + gzip_http_version 1.1; + gzip_disable "MSIE [1-6]\."; + gzip_min_length 256; + gzip_vary on; + gzip_proxied any; + gzip_types + application/atom+xml + application/javascript + application/json + application/ld+json + application/manifest+json + application/rss+xml + application/vnd.geo+json + application/vnd.ms-fontobject + application/x-font-ttf + application/x-web-app-manifest+json + application/xhtml+xml + application/xml + font/opentype + image/bmp + image/svg+xml + image/x-icon + text/cache-manifest + text/css + text/plain + text/vcard + text/vnd.rim.location.xloc + text/vtt + text/x-component + text/x-cross-domain-policy; + + gzip_comp_level 5; + + root /usr/share/nginx/html; + + location ~ ^${ARLAS_WUI_IAM_APP_PATH}(?.+\.(?:css|js|woff2|png))$ { + expires 30d; + add_header Cache-Control public; + try_files /$subpath =404; + } + + location ~ ^${ARLAS_WUI_IAM_APP_PATH}(?.*)$ { + try_files /$subpath /$subpath/ /index.html =404; + } +} diff --git a/package.json b/package.json index e28b226..8598c56 100644 --- a/package.json +++ b/package.json @@ -4,7 +4,7 @@ "scripts": { "ng": "ng", "start": "ng serve", - "build": "ng build", + "build": "ng build --configuration production --base-href='$ARLAS_WUI_IAM_BASE_HREF/'", "watch": "ng build --watch --configuration development", "test": "ng test", "lint": "ng lint", diff --git a/scripts/start.sh b/scripts/start.sh new file mode 100755 index 0000000..ff33af3 --- /dev/null +++ b/scripts/start.sh @@ -0,0 +1,83 @@ +fetchSettings(){ + echo "Download settings file from \"${ARLAS_IAM_SETTINGS_URL}\" ..." + curl ${ARLAS_IAM_SETTINGS_URL} -o /usr/share/nginx/html/settings.yaml && echo "settings.yaml file downloaded with success." || (echo "Failed to download the settings.yaml file."; exit 1) +} + +### URL to SETTINGS +if [ -z "${ARLAS_IAM_SETTINGS_URL}" ]; then + echo "The default settings.yaml file is used" +else + fetchSettings; +fi + + +# Set App base path +if [ -z "${ARLAS_WUI_IAM_APP_PATH}" ]; then + ARLAS_WUI_IAM_APP_PATH="" + export ARLAS_WUI_IAM_APP_PATH + echo "No specific path for the app" +else + echo ${ARLAS_WUI_IAM_APP_PATH} "is used as app base path " +fi + +envsubst '$ARLAS_WUI_IAM_APP_PATH' < /etc/nginx/conf.d/default.conf > /etc/nginx/conf.d/default.conf.tmp +mv /etc/nginx/conf.d/default.conf.tmp /etc/nginx/conf.d/default.conf + +# Set App base href +if [ -z "${ARLAS_WUI_IAM_BASE_HREF}" ]; then + ARLAS_WUI_IAM_BASE_HREF="" + export ARLAS_WUI_IAM_BASE_HREF + echo "No specific base href for the app" +else + echo ${ARLAS_WUI_IAM_BASE_HREF} "is used as app base href " +fi + +envsubst '$ARLAS_WUI_IAM_BASE_HREF' < /usr/share/nginx/html/index.html > /usr/share/nginx/html/index.html.tmp +mv /usr/share/nginx/html/index.html.tmp /usr/share/nginx/html/index.html + +## AUTHENTICATION +### ARLAS_USE_AUTHENT +if [ -z "${ARLAS_USE_AUTHENT}" ]; then + ARLAS_USE_AUTHENT=false + export ARLAS_USE_AUTHENT + echo "No Authentication variable is set" +else + echo ${ARLAS_USE_AUTHENT} "is used for 'authentication.use_authent'. Default value is 'false'" +fi +envsubst '$ARLAS_USE_AUTHENT' < /usr/share/nginx/html/settings.yaml > /usr/share/nginx/html/settings.yaml.tmp +mv /usr/share/nginx/html/settings.yaml.tmp /usr/share/nginx/html/settings.yaml + +### ARLAS_AUTHENT_MODE +if [ -z "${ARLAS_AUTHENT_MODE}" ]; then + ARLAS_AUTHENT_MODE='iam' + export ARLAS_AUTHENT_MODE + echo "Default auth.mod: 'iam' " +else + echo ${ARLAS_AUTHENT_MODE} "is used for 'authentication.auth_mode'. Default value is 'iam'" +fi +envsubst '$ARLAS_AUTHENT_MODE' < /usr/share/nginx/html/settings.yaml > /usr/share/nginx/html/settings.yaml.tmp +mv /usr/share/nginx/html/settings.yaml.tmp /usr/share/nginx/html/settings.yaml + +### THRESHOLD +if [ -z "${ARLAS_AUTHENT_THRESHOLD}" ]; then + ARLAS_AUTHENT_THRESHOLD=60000 + export ARLAS_AUTHENT_THRESHOLD + echo "Default threshold: 60000" +else + echo ${ARLAS_AUTHENT_THRESHOLD} "is used for 'authentication.threshold'. Default value is '60000'" +fi +envsubst '$ARLAS_AUTHENT_THRESHOLD' < /usr/share/nginx/html/settings.yaml > /usr/share/nginx/html/settings.yaml.tmp +mv /usr/share/nginx/html/settings.yaml.tmp /usr/share/nginx/html/settings.yaml + +### ARLAS_IAM_SERVER_URL +if [ -z "${ARLAS_IAM_SERVER_URL}" ]; then + ARLAS_IAM_SERVER_URL="http://localhost:9997" + export ARLAS_IAM_SERVER_URL + echo "Default url : http://localhost:9997" +else + echo ${ARLAS_IAM_SERVER_URL} "is used for 'authentication.url'." +fi +envsubst '$ARLAS_IAM_SERVER_URL' < /usr/share/nginx/html/settings.yaml > /usr/share/nginx/html/settings.yaml.tmp +mv /usr/share/nginx/html/settings.yaml.tmp /usr/share/nginx/html/settings.yaml + +nginx -g "daemon off;" diff --git a/src/environments/prod/settings.yaml b/src/environments/prod/settings.yaml new file mode 100644 index 0000000..629a23d --- /dev/null +++ b/src/environments/prod/settings.yaml @@ -0,0 +1,7 @@ +authentication: + use_authent: ${ARLAS_USE_AUTHENT} + auth_mode: ${ARLAS_AUTHENT_MODE} + force_connect: false + use_discovery: false + threshold: ${ARLAS_AUTHENT_THRESHOLD} + url: ${ARLAS_IAM_SERVER_URL}