diff --git a/.github/workflows/ci-actions.yml b/.github/workflows/ci-actions.yml index a9b2a4b9c0..1b043336ab 100644 --- a/.github/workflows/ci-actions.yml +++ b/.github/workflows/ci-actions.yml @@ -53,7 +53,7 @@ jobs: controls-db: image: postgres:13.1 ports: - - 5432:5432 + - 5433:5432 env: POSTGRES_USER: user POSTGRES_PASSWORD: password @@ -63,6 +63,19 @@ jobs: --health-interval 10s --health-timeout 5s --health-retries 5 + application-inventory-db: + image: postgres:13.1 + ports: + - 5434:5432 + env: + POSTGRES_USER: user + POSTGRES_PASSWORD: password + POSTGRES_DB: application_inventory_db + options: >- + --health-cmd pg_isready + --health-interval 10s + --health-timeout 5s + --health-retries 5 steps: - name: Checkout uses: actions/checkout@v2 @@ -75,7 +88,7 @@ jobs: kcadm: create realms -f konveyor-realm.json - name: Controls API run: | - docker run -d --name controls --network ${{ job.services.controls-db.network }} --network-alias controls -p 8080:8080 \ + docker run -d --name controls --network ${{ job.services.controls-db.network }} --network-alias controls -p 8081:8080 \ -e QUARKUS_HTTP_PORT=8080 \ -e QUARKUS_DATASOURCE_USERNAME=user \ -e QUARKUS_DATASOURCE_PASSWORD=password \ @@ -84,6 +97,17 @@ jobs: -e QUARKUS_OIDC_CLIENT_ID=controls-api \ -e QUARKUS_OIDC_CREDENTIALS_SECRET=secret quay.io/konveyor/tackle-controls:latest-native sleep 5s && docker logs controls + - name: Application inventory API + run: | + docker run -d --name application-inventory --network ${{ job.services.application-inventory-db.network }} --network-alias application-inventory -p 8082:8080 \ + -e QUARKUS_HTTP_PORT=8080 \ + -e QUARKUS_DATASOURCE_USERNAME=user \ + -e QUARKUS_DATASOURCE_PASSWORD=password \ + -e QUARKUS_DATASOURCE_JDBC_URL=jdbc:postgresql://application-inventory-db:5432/application_inventory_db \ + -e QUARKUS_OIDC_AUTH_SERVER_URL=http://keycloak:8080/auth/realms/konveyor \ + -e QUARKUS_OIDC_CLIENT_ID=application-inventory-api \ + -e QUARKUS_OIDC_CREDENTIALS_SECRET=secret quay.io/konveyor/tackle-application-inventory:latest-native + sleep 5s && docker logs application-inventory - name: Build run: | yarn install @@ -161,7 +185,7 @@ jobs: controls-db: image: postgres:13.1 ports: - - 5432:5432 + - 5433:5432 env: POSTGRES_USER: user POSTGRES_PASSWORD: password @@ -171,6 +195,19 @@ jobs: --health-interval 10s --health-timeout 5s --health-retries 5 + application-inventory-db: + image: postgres:13.1 + ports: + - 5434:5432 + env: + POSTGRES_USER: user + POSTGRES_PASSWORD: password + POSTGRES_DB: application_inventory_db + options: >- + --health-cmd pg_isready + --health-interval 10s + --health-timeout 5s + --health-retries 5 steps: - uses: actions/checkout@v2 - name: Keycloak Admin CLI @@ -182,7 +219,7 @@ jobs: kcadm: create realms -f konveyor-realm.json - name: Controls API run: | - docker run -d --name controls --network ${{ job.services.controls-db.network }} --network-alias controls -p 8080:8080 \ + docker run -d --name controls --network ${{ job.services.controls-db.network }} --network-alias controls -p 8081:8080 \ -e QUARKUS_HTTP_PORT=8080 \ -e QUARKUS_DATASOURCE_USERNAME=user \ -e QUARKUS_DATASOURCE_PASSWORD=password \ @@ -192,13 +229,26 @@ jobs: -e QUARKUS_OIDC_CREDENTIALS_SECRET=secret \ quay.io/konveyor/tackle-controls:latest-native sleep 5s && docker logs controls + - name: Application inventory API + run: | + docker run -d --name application-inventory --network ${{ job.services.application-inventory-db.network }} --network-alias application-inventory -p 8082:8080 \ + -e QUARKUS_HTTP_PORT=8080 \ + -e QUARKUS_DATASOURCE_USERNAME=user \ + -e QUARKUS_DATASOURCE_PASSWORD=password \ + -e QUARKUS_DATASOURCE_JDBC_URL=jdbc:postgresql://application-inventory-db:5432/application_inventory_db \ + -e QUARKUS_OIDC_AUTH_SERVER_URL=http://keycloak:8080/auth/realms/konveyor \ + -e QUARKUS_OIDC_CLIENT_ID=application-inventory-api \ + -e QUARKUS_OIDC_CREDENTIALS_SECRET=secret \ + quay.io/konveyor/tackle-application-inventory:latest-native + sleep 5s && docker logs application-inventory - name: Tackle UI run: | - docker run -d --name tackle-ui --network ${{ job.services.controls-db.network }} --network-alias tackle-ui -p 3000:8080 \ + docker run -d --name tackle-ui --network ${{ job.services.keycloak.network }} --network-alias tackle-ui -p 3000:8080 \ -e SSO_REALM=konveyor \ -e SSO_CLIENT_ID=tackle-ui \ -e SSO_SERVER_URL=http://keycloak:8080/auth \ -e CONTROLS_API_URL=http://controls:8080/controls \ + -e APPLICATION_INVENTORY_API_URL=http://application-inventory:8080/application-inventory \ quay.io/konveyor/tackle-ui:main sleep 5s && docker logs tackle-ui - name: Cypress run @@ -212,7 +262,8 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} CYPRESS_auth_base_url: http://localhost:3000/auth - CYPRESS_controls_base_url: http://localhost:8080/controls + CYPRESS_controls_base_url: http://localhost:8081/controls + CYPRESS_application_inventory_base_url: http://localhost:8082/application-inventory - uses: actions/upload-artifact@v1 if: failure() with: diff --git a/.storybook/theme.js b/.storybook/theme.js index 4583d3227d..58444cf488 100644 --- a/.storybook/theme.js +++ b/.storybook/theme.js @@ -2,7 +2,7 @@ import { create } from '@storybook/theming/create'; export default create({ base: 'light', - brandTitle: 'Controls', + brandTitle: 'Tackle', brandUrl: 'https://github.com/konveyor/tackle-ui', brandImage: 'https://raw.githubusercontent.com/konveyor/tackle-ui/main/public/logo192.png', }); diff --git a/cypress.json b/cypress.json index 9106e282e3..59eaa650fc 100644 --- a/cypress.json +++ b/cypress.json @@ -4,7 +4,8 @@ "auth_base_url": "http://localhost:8180/auth", "auth_realm": "konveyor", "auth_client_id": "tackle-ui", - "controls_base_url": "http://localhost:8080/controls" + "controls_base_url": "http://localhost:8081/controls", + "application_inventory_base_url": "http://localhost:8082/application-inventory" }, "viewportWidth": 1225, "viewportHeight": 886, diff --git a/docker-compose.yml b/docker-compose.yml index e962d76d00..b12239ae32 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -21,7 +21,7 @@ services: controls-db: image: postgres:13.1 ports: - - 5432:5432 + - 5433:5432 environment: POSTGRES_DB: controls_db POSTGRES_USER: user @@ -35,7 +35,7 @@ services: controls: image: quay.io/konveyor/tackle-controls:latest-native ports: - - 8080:8080 + - 8081:8080 environment: QUARKUS_HTTP_PORT: 8080 QUARKUS_DATASOURCE_USERNAME: user @@ -55,4 +55,41 @@ services: controls-db: condition: service_healthy + application-inventory-db: + image: postgres:13.1 + ports: + - 5434:5432 + environment: + POSTGRES_DB: application_inventory_db + POSTGRES_USER: user + POSTGRES_PASSWORD: password + healthcheck: + test: ["CMD-SHELL", "pg_isready -U user -d application_inventory_db"] + interval: 10s + timeout: 5s + retries: 5 + + application-inventory: + image: quay.io/konveyor/tackle-application-inventory:latest-native + ports: + - 8082:8080 + environment: + QUARKUS_HTTP_PORT: 8080 + QUARKUS_DATASOURCE_USERNAME: user + QUARKUS_DATASOURCE_PASSWORD: password + QUARKUS_DATASOURCE_JDBC_URL: jdbc:postgresql://application-inventory-db:5432/application_inventory_db + QUARKUS_OIDC_AUTH_SERVER_URL: http://keycloak:8080/auth/realms/konveyor + QUARKUS_OIDC_CLIENT_ID: application-inventory-api + QUARKUS_OIDC_CREDENTIALS_SECRET: secret + healthcheck: + test: ["CMD", "curl", "-f", "http://localhost:8080/application-inventory/q/health"] + interval: 10s + timeout: 5s + retries: 5 + depends_on: + keycloak: + condition: service_healthy + application-inventory-db: + condition: service_healthy + \ No newline at end of file diff --git a/konveyor-realm.json b/konveyor-realm.json index 187e308bdf..39d817e73f 100644 --- a/konveyor-realm.json +++ b/konveyor-realm.json @@ -837,8 +837,7 @@ "standardFlowEnabled": true, "implicitFlowEnabled": false, "directAccessGrantsEnabled": true, - "serviceAccountsEnabled": true, - "authorizationServicesEnabled": true, + "serviceAccountsEnabled": false, "publicClient": false, "frontchannelLogout": false, "protocol": "openid-connect", @@ -847,9 +846,12 @@ "saml.force.post.binding": "false", "saml.multivalued.roles": "false", "saml.encrypt": "false", + "backchannel.logout.revoke.offline.tokens": "false", "saml.server.signature": "false", "saml.server.signature.keyinfo.ext": "false", "exclude.session.state.from.auth.response": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", "saml.client.signature": "false", "tls.client.certificate.bound.access.tokens": "false", @@ -860,50 +862,68 @@ "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": true, "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "3f282184-c2a5-435d-833e-e6246ba5b03e", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "29d86f78-0ae8-44da-a7c0-30d490bf72f1", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientId", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientId", - "jsonType.label": "String" - } - }, - { - "id": "b4a1d1e4-15bd-4158-ad2f-c88949a25e0e", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - } + "defaultClientScopes": [ + "web-origins", + "role_list", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ], + "access": { + "view": true, + "configure": true, + "manage": true + } + }, + { + "id": "065c4bcf-379e-4a83-99d7-5491176185e2", + "clientId": "application-inventory-api", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "secret", + "redirectUris": [ + "/*" ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "exclude.session.state.from.auth.response": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, "defaultClientScopes": [ "web-origins", "role_list", @@ -917,77 +937,10 @@ "offline_access", "microprofile-jwt" ], - "authorizationSettings": { - "allowRemoteResourceManagement": true, - "policyEnforcementMode": "ENFORCING", - "resources": [ - { - "name": "Administration resource", - "ownerManagedAccess": false, - "attributes": {}, - "_id": "8cd6f99d-8b98-4d4c-9e8a-8411ccaac46c", - "uris": [ - "/organizations/*" - ] - }, - { - "name": "User resources", - "ownerManagedAccess": false, - "attributes": {}, - "_id": "15afecd7-f0cb-4cc9-9fc0-5526e5679110", - "uris": [ - "/user/*" - ] - } - ], - "policies": [ - { - "id": "24062286-2edc-40b6-a2cb-c62866b011ed", - "name": "Only administrators", - "description": "Only administrators can access", - "type": "role", - "logic": "POSITIVE", - "decisionStrategy": "UNANIMOUS", - "config": { - "roles": "[{\"id\":\"admin\",\"required\":false}]" - } - }, - { - "id": "79b7be85-68b2-4d23-8247-629e18910305", - "name": "Only users", - "description": "Only users can access", - "type": "role", - "logic": "POSITIVE", - "decisionStrategy": "UNANIMOUS", - "config": { - "roles": "[{\"id\":\"user\",\"required\":false}]" - } - }, - { - "id": "230ede88-dfd6-4ab3-8332-83460a89f8ba", - "name": "Administration Resource Permission", - "type": "resource", - "logic": "POSITIVE", - "decisionStrategy": "UNANIMOUS", - "config": { - "resources": "[\"Administration resource\"]", - "applyPolicies": "[\"Only administrators\"]" - } - }, - { - "id": "334d8378-498c-4895-b8d2-ec27957a4bcd", - "name": "User Resource Permission", - "type": "resource", - "logic": "POSITIVE", - "decisionStrategy": "UNANIMOUS", - "config": { - "resources": "[\"User resources\"]", - "applyPolicies": "[\"Only users\"]" - } - } - ], - "scopes": [], - "decisionStrategy": "UNANIMOUS" + "access": { + "view": true, + "configure": true, + "manage": true } }, { diff --git a/src/setupProxy.js b/src/setupProxy.js index f465866a11..9afb97677a 100644 --- a/src/setupProxy.js +++ b/src/setupProxy.js @@ -4,11 +4,22 @@ module.exports = function (app) { app.use( "/api/controls", createProxyMiddleware({ - target: "http://localhost:8080", + target: "http://localhost:8081", changeOrigin: true, pathRewrite: { "^/api/controls": "/controls", }, }) ); + + app.use( + "/api/application-inventory", + createProxyMiddleware({ + target: "http://localhost:8082", + changeOrigin: true, + pathRewrite: { + "^/api/application-inventory": "/application-inventory", + }, + }) + ); };