Loading .meepctl-repocfg.yaml +33 −11 Original line number Diff line number Diff line Loading @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. version: 1.5.9 version: 1.5.10 repo: name: AdvantEDGE Loading @@ -33,7 +33,7 @@ repo: # host name host: my-platform-fqdn # enable https only (redirect http requests to https port) https-only: true https-only: false # bind to host ports (true) or node ports (false) host-ports: true # http port number Loading @@ -47,15 +47,37 @@ repo: # authentication & authorization config auth: session: # session encryption key k8s secret (data: encryption-key) session-key-secret: meep-session # Github OAuth k8s secret (data: client-id, secret) github-secret: meep-oauth-github # Github OAuth k8s secret (data: client-id, secret) gitlab-secret: meep-oauth-gitlab key-secret: meep-session # maximum simultaneous sessions max-sessions: 10 # GitHub OAuth provider config github: # enable GitHub OAuth enabled: true # authorization url auth-url: https://github.com/login/oauth/authorize # access token url token-url: https://github.com/login/oauth/access_token # OAuth redirect URI redirect-uri: https://my-platform-fqdn/platform-ctrl/v1/authorize # OAuth k8s secret (data: client-id, secret) secret: meep-oauth-github # GitLab OAuth provider config gitlab: # enable GitLab OAuth enabled: true # authorization url auth-url: https://gitlab.com/oauth/authorize # access token url token-url: https://gitlab.com/oauth/token # OAuth redirect URI redirect-uri: https://my-platform-fqdn/platform-ctrl/v1/authorize # GitLab api url # api-url: https://gitlab.com # OAuth k8s secret (data: client-id, secret) secret: meep-oauth-gitlab #------------------------------ # Core Subsystem Loading charts/meep-platform-ctrl/values.yaml +9 −1 Original line number Diff line number Diff line Loading @@ -25,7 +25,15 @@ image: pullPolicy: Always env: MEEP_MAX_SESSIONS: "10" MEEP_OAUTH_REDIRECT_URI: "https://<my-platform-fqdn>/platform-ctrl/v1/authorize" MEEP_OAUTH_GITHUB_ENABLED: "false" MEEP_OAUTH_GITHUB_AUTH_URL: "" MEEP_OAUTH_GITHUB_TOKEN_URL: "" MEEP_OAUTH_GITHUB_REDIRECT_URI: "" MEEP_OAUTH_GITLAB_ENABLED: "false" MEEP_OAUTH_GITLAB_AUTH_URL: "" MEEP_OAUTH_GITLAB_TOKEN_URL: "" MEEP_OAUTH_GITLAB_REDIRECT_URI: "" MEEP_OAUTH_GITLAB_API_URL: "" envSecret: MEEP_SESSION_KEY: name: meep-session Loading go-apps/meep-platform-ctrl/go.mod +2 −0 Original line number Diff line number Diff line Loading @@ -7,6 +7,7 @@ require ( github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-data-key-mgr v0.0.0 github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-data-model v0.0.0 github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-logger v0.0.0 github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-metric-store v0.0.0 github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-model v0.0.0 github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-mq v0.0.0 github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-redis v0.0.0 Loading @@ -28,6 +29,7 @@ replace ( github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-data-key-mgr => ../../go-packages/meep-data-key-mgr github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-data-model => ../../go-packages/meep-data-model github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-logger => ../../go-packages/meep-logger github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-metric-store => ../../go-packages/meep-metric-store github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-model => ../../go-packages/meep-model github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-mq => ../../go-packages/meep-mq github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-redis => ../../go-packages/meep-redis Loading go-apps/meep-platform-ctrl/go.sum +2 −0 Original line number Diff line number Diff line Loading @@ -141,6 +141,8 @@ github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpO github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.8 h1:CGgOkSJeqMRmt0D9XLWExdT4m4F1vd3FV3VPt+0VxkQ= github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/influxdata/influxdb1-client v0.0.0-20190809212627-fc22c7df067e h1:txQltCyjXAqVVSZDArPEhUTg35hKwVIuXwtQo7eAMNQ= github.com/influxdata/influxdb1-client v0.0.0-20190809212627-fc22c7df067e/go.mod h1:qj24IKcXYK6Iy9ceXlo3Tc+vtHo9lIhSX5JddghvEPo= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= Loading go-apps/meep-platform-ctrl/server/platform-ctrl.go +8 −85 Original line number Diff line number Diff line Loading @@ -23,18 +23,16 @@ import ( "io/ioutil" "math/rand" "net/http" "os" "strconv" "time" "github.com/gorilla/mux" "github.com/roymx/viper" "golang.org/x/oauth2" couch "github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-couch" dkm "github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-data-key-mgr" dataModel "github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-data-model" log "github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-logger" ms "github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-metric-store" mod "github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-model" mq "github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-mq" redis "github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-redis" Loading @@ -58,6 +56,7 @@ type PlatformCtrl struct { sessionMgr *sm.SessionMgr sandboxStore *ss.SandboxStore userStore *users.Connector metricStore *ms.MetricStore mqGlobal *mq.MsgQueue maxSessions int uri string Loading Loading @@ -94,12 +93,6 @@ func Init() (err error) { // Create new Platform Controller pfmCtrl = new(PlatformCtrl) // Retrieve maximum session count from environment variable if maxSessions, err := strconv.ParseInt(os.Getenv("MEEP_MAX_SESSIONS"), 10, 0); err == nil { pfmCtrl.maxSessions = int(maxSessions) } log.Info("MEEP_MAX_SESSIONS: ", pfmCtrl.maxSessions) // Create message queue pfmCtrl.mqGlobal, err = mq.NewMsgQueue(mq.GetGlobalName(), moduleName, moduleNamespace, redisDBAddr) if err != nil { Loading Loading @@ -159,28 +152,12 @@ func Init() (err error) { } log.Info("Connected to Sandbox Store") // Connect to Session Manager pfmCtrl.sessionMgr, err = sm.NewSessionMgr(moduleName, "", redisDBAddr, redisDBAddr) if err != nil { log.Error("Failed connection to Session Manager: ", err.Error()) return err } log.Info("Connected to Session Manager") // Connect to User Store pfmCtrl.userStore, err = users.NewConnector(moduleName, postgisUser, postgisPwd, "", "") // Initialize OAuth err = initOAuth() if err != nil { log.Error("Failed connection to User Store: ", err.Error()) log.Error("Failed OAuth Init: ", err.Error()) return err } _ = pfmCtrl.userStore.CreateTables() log.Info("Connected to User Store") // Set endpoint authorization permissions setPermissions() // Initialize OAuth initOAuth() log.Info("Platform Controller initialized") return nil Loading @@ -189,10 +166,10 @@ func Init() (err error) { // Run Starts the Platform Controller func Run() (err error) { // Start Session Watchdog err = pfmCtrl.sessionMgr.StartSessionWatchdog(sessionTimeoutCb) // Start OAuth err = runOAuth() if err != nil { log.Error("Failed start Session Watchdog: ", err.Error()) log.Error("Failed to start OAuth: ", err.Error()) return err } Loading @@ -200,60 +177,6 @@ func Run() (err error) { return nil } func setPermissions() { // Flush old permissions ps := pfmCtrl.sessionMgr.GetPermissionStore() ps.Flush() // Read & apply API permissions from file permissionsFile := "/permissions.yaml" permissions := viper.New() permissions.SetConfigFile(permissionsFile) err := permissions.ReadInConfig() if err != nil { log.Warn("Failed to read permissions from file") log.Warn("Granting full API access for all roles by default") _ = ps.SetDefaultPermission(&sm.Permission{Mode: sm.ModeAllow}) return } // Loop through services for service := range permissions.GetStringMap(permissionsRoot) { // Default permissions if service == "default" { permissionsRoute := permissionsRoot + ".default" permission := new(sm.Permission) permission.Mode = permissions.GetString(permissionsRoute + ".mode") permission.RolePermissions = make(map[string]string) for role, access := range permissions.GetStringMapString(permissionsRoute + ".roles") { permission.RolePermissions[role] = access } _ = ps.SetDefaultPermission(permission) } else { // Service route names permissionsService := permissionsRoot + "." + service for name := range permissions.GetStringMap(permissionsService) { permissionsRoute := permissionsService + "." + name permission := new(sm.Permission) permission.Mode = permissions.GetString(permissionsRoute + ".mode") permission.RolePermissions = make(map[string]string) for role, access := range permissions.GetStringMapString(permissionsRoute + ".roles") { permission.RolePermissions[role] = access } _ = ps.Set(service, name, permission) } } } } func sessionTimeoutCb(session *sm.Session) { log.Info("Session timed out. ID[", session.ID, "] Username[", session.Username, "]") // Destroy session sandbox deleteSandbox(session.Sandbox) } // Create a new scenario in the scenario store // POST /scenario/{name} func pcCreateScenario(w http.ResponseWriter, r *http.Request) { Loading Loading
.meepctl-repocfg.yaml +33 −11 Original line number Diff line number Diff line Loading @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. version: 1.5.9 version: 1.5.10 repo: name: AdvantEDGE Loading @@ -33,7 +33,7 @@ repo: # host name host: my-platform-fqdn # enable https only (redirect http requests to https port) https-only: true https-only: false # bind to host ports (true) or node ports (false) host-ports: true # http port number Loading @@ -47,15 +47,37 @@ repo: # authentication & authorization config auth: session: # session encryption key k8s secret (data: encryption-key) session-key-secret: meep-session # Github OAuth k8s secret (data: client-id, secret) github-secret: meep-oauth-github # Github OAuth k8s secret (data: client-id, secret) gitlab-secret: meep-oauth-gitlab key-secret: meep-session # maximum simultaneous sessions max-sessions: 10 # GitHub OAuth provider config github: # enable GitHub OAuth enabled: true # authorization url auth-url: https://github.com/login/oauth/authorize # access token url token-url: https://github.com/login/oauth/access_token # OAuth redirect URI redirect-uri: https://my-platform-fqdn/platform-ctrl/v1/authorize # OAuth k8s secret (data: client-id, secret) secret: meep-oauth-github # GitLab OAuth provider config gitlab: # enable GitLab OAuth enabled: true # authorization url auth-url: https://gitlab.com/oauth/authorize # access token url token-url: https://gitlab.com/oauth/token # OAuth redirect URI redirect-uri: https://my-platform-fqdn/platform-ctrl/v1/authorize # GitLab api url # api-url: https://gitlab.com # OAuth k8s secret (data: client-id, secret) secret: meep-oauth-gitlab #------------------------------ # Core Subsystem Loading
charts/meep-platform-ctrl/values.yaml +9 −1 Original line number Diff line number Diff line Loading @@ -25,7 +25,15 @@ image: pullPolicy: Always env: MEEP_MAX_SESSIONS: "10" MEEP_OAUTH_REDIRECT_URI: "https://<my-platform-fqdn>/platform-ctrl/v1/authorize" MEEP_OAUTH_GITHUB_ENABLED: "false" MEEP_OAUTH_GITHUB_AUTH_URL: "" MEEP_OAUTH_GITHUB_TOKEN_URL: "" MEEP_OAUTH_GITHUB_REDIRECT_URI: "" MEEP_OAUTH_GITLAB_ENABLED: "false" MEEP_OAUTH_GITLAB_AUTH_URL: "" MEEP_OAUTH_GITLAB_TOKEN_URL: "" MEEP_OAUTH_GITLAB_REDIRECT_URI: "" MEEP_OAUTH_GITLAB_API_URL: "" envSecret: MEEP_SESSION_KEY: name: meep-session Loading
go-apps/meep-platform-ctrl/go.mod +2 −0 Original line number Diff line number Diff line Loading @@ -7,6 +7,7 @@ require ( github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-data-key-mgr v0.0.0 github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-data-model v0.0.0 github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-logger v0.0.0 github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-metric-store v0.0.0 github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-model v0.0.0 github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-mq v0.0.0 github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-redis v0.0.0 Loading @@ -28,6 +29,7 @@ replace ( github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-data-key-mgr => ../../go-packages/meep-data-key-mgr github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-data-model => ../../go-packages/meep-data-model github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-logger => ../../go-packages/meep-logger github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-metric-store => ../../go-packages/meep-metric-store github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-model => ../../go-packages/meep-model github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-mq => ../../go-packages/meep-mq github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-redis => ../../go-packages/meep-redis Loading
go-apps/meep-platform-ctrl/go.sum +2 −0 Original line number Diff line number Diff line Loading @@ -141,6 +141,8 @@ github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpO github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.8 h1:CGgOkSJeqMRmt0D9XLWExdT4m4F1vd3FV3VPt+0VxkQ= github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/influxdata/influxdb1-client v0.0.0-20190809212627-fc22c7df067e h1:txQltCyjXAqVVSZDArPEhUTg35hKwVIuXwtQo7eAMNQ= github.com/influxdata/influxdb1-client v0.0.0-20190809212627-fc22c7df067e/go.mod h1:qj24IKcXYK6Iy9ceXlo3Tc+vtHo9lIhSX5JddghvEPo= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= Loading
go-apps/meep-platform-ctrl/server/platform-ctrl.go +8 −85 Original line number Diff line number Diff line Loading @@ -23,18 +23,16 @@ import ( "io/ioutil" "math/rand" "net/http" "os" "strconv" "time" "github.com/gorilla/mux" "github.com/roymx/viper" "golang.org/x/oauth2" couch "github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-couch" dkm "github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-data-key-mgr" dataModel "github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-data-model" log "github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-logger" ms "github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-metric-store" mod "github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-model" mq "github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-mq" redis "github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-redis" Loading @@ -58,6 +56,7 @@ type PlatformCtrl struct { sessionMgr *sm.SessionMgr sandboxStore *ss.SandboxStore userStore *users.Connector metricStore *ms.MetricStore mqGlobal *mq.MsgQueue maxSessions int uri string Loading Loading @@ -94,12 +93,6 @@ func Init() (err error) { // Create new Platform Controller pfmCtrl = new(PlatformCtrl) // Retrieve maximum session count from environment variable if maxSessions, err := strconv.ParseInt(os.Getenv("MEEP_MAX_SESSIONS"), 10, 0); err == nil { pfmCtrl.maxSessions = int(maxSessions) } log.Info("MEEP_MAX_SESSIONS: ", pfmCtrl.maxSessions) // Create message queue pfmCtrl.mqGlobal, err = mq.NewMsgQueue(mq.GetGlobalName(), moduleName, moduleNamespace, redisDBAddr) if err != nil { Loading Loading @@ -159,28 +152,12 @@ func Init() (err error) { } log.Info("Connected to Sandbox Store") // Connect to Session Manager pfmCtrl.sessionMgr, err = sm.NewSessionMgr(moduleName, "", redisDBAddr, redisDBAddr) if err != nil { log.Error("Failed connection to Session Manager: ", err.Error()) return err } log.Info("Connected to Session Manager") // Connect to User Store pfmCtrl.userStore, err = users.NewConnector(moduleName, postgisUser, postgisPwd, "", "") // Initialize OAuth err = initOAuth() if err != nil { log.Error("Failed connection to User Store: ", err.Error()) log.Error("Failed OAuth Init: ", err.Error()) return err } _ = pfmCtrl.userStore.CreateTables() log.Info("Connected to User Store") // Set endpoint authorization permissions setPermissions() // Initialize OAuth initOAuth() log.Info("Platform Controller initialized") return nil Loading @@ -189,10 +166,10 @@ func Init() (err error) { // Run Starts the Platform Controller func Run() (err error) { // Start Session Watchdog err = pfmCtrl.sessionMgr.StartSessionWatchdog(sessionTimeoutCb) // Start OAuth err = runOAuth() if err != nil { log.Error("Failed start Session Watchdog: ", err.Error()) log.Error("Failed to start OAuth: ", err.Error()) return err } Loading @@ -200,60 +177,6 @@ func Run() (err error) { return nil } func setPermissions() { // Flush old permissions ps := pfmCtrl.sessionMgr.GetPermissionStore() ps.Flush() // Read & apply API permissions from file permissionsFile := "/permissions.yaml" permissions := viper.New() permissions.SetConfigFile(permissionsFile) err := permissions.ReadInConfig() if err != nil { log.Warn("Failed to read permissions from file") log.Warn("Granting full API access for all roles by default") _ = ps.SetDefaultPermission(&sm.Permission{Mode: sm.ModeAllow}) return } // Loop through services for service := range permissions.GetStringMap(permissionsRoot) { // Default permissions if service == "default" { permissionsRoute := permissionsRoot + ".default" permission := new(sm.Permission) permission.Mode = permissions.GetString(permissionsRoute + ".mode") permission.RolePermissions = make(map[string]string) for role, access := range permissions.GetStringMapString(permissionsRoute + ".roles") { permission.RolePermissions[role] = access } _ = ps.SetDefaultPermission(permission) } else { // Service route names permissionsService := permissionsRoot + "." + service for name := range permissions.GetStringMap(permissionsService) { permissionsRoute := permissionsService + "." + name permission := new(sm.Permission) permission.Mode = permissions.GetString(permissionsRoute + ".mode") permission.RolePermissions = make(map[string]string) for role, access := range permissions.GetStringMapString(permissionsRoute + ".roles") { permission.RolePermissions[role] = access } _ = ps.Set(service, name, permission) } } } } func sessionTimeoutCb(session *sm.Session) { log.Info("Session timed out. ID[", session.ID, "] Username[", session.Username, "]") // Destroy session sandbox deleteSandbox(session.Sandbox) } // Create a new scenario in the scenario store // POST /scenario/{name} func pcCreateScenario(w http.ResponseWriter, r *http.Request) { Loading
