Provide Keycloak Environment Variables to session #168

* adjust templates with additional environment variables * add additional operator arguments * replace placeholders in template with values from arguments
eclipse-theia · May 4, 2023 · ab961ea · ab961ea
1 parent 6d6f339
commit ab961ea
Show file tree

Hide file tree

Showing 4 changed files with 71 additions and 1 deletion.
diff --git a/...ia.cloud.operator/src/main/java/org/eclipse/theia/cloud/operator/TheiaCloudArguments.java b/...ia.cloud.operator/src/main/java/org/eclipse/theia/cloud/operator/TheiaCloudArguments.java
@@ -82,6 +82,18 @@ public enum BandwidthLimiter {
 	    "--requestedStorage" }, description = "Amount of storage requested for persistent workspace volume claims.", required = false)
     private String requestedStorage;
 
+    @Option(names = {
+	    "--keycloakURL" }, description = "The URL of the keycloak instance, if keycloak is enabled.", required = false)
+    private String keycloakURL;
+
+    @Option(names = {
+	    "--keycloakRealm" }, description = "The authentication realm, if keycloak is enabled.", required = false)
+    private String keycloakRealm;
+
+    @Option(names = {
+	    "--keycloakClientId" }, description = "The client id of the auth application, if keycloak is enabled", required = false)
+    private String keycloakClientId;
+
     public boolean isUseKeycloak() {
 	return useKeycloak;
     }
@@ -142,6 +154,18 @@ public String getRequestedStorage() {
 	return requestedStorage;
     }
 
+    public String getKeycloakURL() {
+	return keycloakURL;
+    }
+
+    public String getKeycloakRealm() {
+	return keycloakRealm;
+    }
+
+    public String getKeycloakClientId() {
+	return keycloakClientId;
+    }
+
     @Override
     public int hashCode() {
 	final int prime = 31;
@@ -153,6 +177,9 @@ public int hashCode() {
 	result = prime * result + (enableActivityTracker ? 1231 : 1237);
 	result = prime * result + (enableMonitor ? 1231 : 1237);
 	result = prime * result + ((instancesPath == null) ? 0 : instancesPath.hashCode());
+	result = prime * result + ((keycloakClientId == null) ? 0 : keycloakClientId.hashCode());
+	result = prime * result + ((keycloakRealm == null) ? 0 : keycloakRealm.hashCode());
+	result = prime * result + ((keycloakURL == null) ? 0 : keycloakURL.hashCode());
 	result = prime * result + ((monitorInterval == null) ? 0 : monitorInterval.hashCode());
 	result = prime * result + ((requestedStorage == null) ? 0 : requestedStorage.hashCode());
 	result = prime * result + ((serviceUrl == null) ? 0 : serviceUrl.hashCode());
@@ -193,6 +220,21 @@ public boolean equals(Object obj) {
 		return false;
 	} else if (!instancesPath.equals(other.instancesPath))
 	    return false;
+	if (keycloakClientId == null) {
+	    if (other.keycloakClientId != null)
+		return false;
+	} else if (!keycloakClientId.equals(other.keycloakClientId))
+	    return false;
+	if (keycloakRealm == null) {
+	    if (other.keycloakRealm != null)
+		return false;
+	} else if (!keycloakRealm.equals(other.keycloakRealm))
+	    return false;
+	if (keycloakURL == null) {
+	    if (other.keycloakURL != null)
+		return false;
+	} else if (!keycloakURL.equals(other.keycloakURL))
+	    return false;
 	if (monitorInterval == null) {
 	    if (other.monitorInterval != null)
 		return false;
@@ -237,7 +279,8 @@ public String toString() {
 		+ monitorInterval + ", cloudProvider=" + cloudProvider + ", bandwidthLimiter=" + bandwidthLimiter
 		+ ", wondershaperImage=" + wondershaperImage + ", serviceUrl=" + serviceUrl + ", sessionsPerUser="
 		+ sessionsPerUser + ", appId=" + appId + ", usePaths=" + usePaths + ", instancesPath=" + instancesPath
-		+ ", storageClassName=" + storageClassName + ", requestedStorage=" + requestedStorage + "]";
+		+ ", storageClassName=" + storageClassName + ", requestedStorage=" + requestedStorage + ", keycloakURL="
+		+ keycloakURL + ", keycloakRealm=" + keycloakRealm + ", keycloakClientId=" + keycloakClientId + "]";
     }
 
 }
diff --git a/.../org/eclipse/theia/cloud/operator/handler/impl/DefaultDeploymentTemplateReplacements.java b/.../org/eclipse/theia/cloud/operator/handler/impl/DefaultDeploymentTemplateReplacements.java
@@ -57,6 +57,9 @@ public class DefaultDeploymentTemplateReplacements implements DeploymentTemplate
     public static final String PLACEHOLDER_ENV_SESSION_USER = "placeholder-env-session-user";
     public static final String PLACEHOLDER_ENV_SESSION_URL = "placeholder-env-session-url";
     public static final String PLACEHOLDER_ENV_SESSION_SECRET = "placeholder-env-session-secret";
+    public static final String PLACEHOLDER_ENV_SESSION_KEYCLOAK_URL = "placeholder-keycloak-env-url";
+    public static final String PLACEHOLDER_ENV_SESSION_KEYCLOAK_REALM = "placeholder-keycloak-env-realm";
+    public static final String PLACEHOLDER_ENV_SESSION_KEYCLOAK_CLIENT_ID = "placeholder-keycloak-env-clientid";
 
     public static final String PLACEHOLDER_MONITOR_PORT = "placeholder-monitor-port";
     public static final String PLACEHOLDER_MONITOR_PORT_ENV = "placeholder-monitor-env-port";
@@ -128,6 +131,18 @@ protected Map<String, String> getEnvironmentVariables(AppDefinition appDefinitio
 	environmentVariables.put(PLACEHOLDER_ENV_SESSION_USER, session.map(s -> s.getSpec().getUser()).orElse(""));
 	environmentVariables.put(PLACEHOLDER_ENV_SESSION_SECRET,
 		session.map(s -> s.getSpec().getSessionSecret()).orElse(""));
+
+	if (arguments.isUseKeycloak()) {
+	    environmentVariables.put(PLACEHOLDER_ENV_SESSION_KEYCLOAK_URL, orEmpty(arguments.getKeycloakURL()));
+	    environmentVariables.put(PLACEHOLDER_ENV_SESSION_KEYCLOAK_REALM, orEmpty(arguments.getKeycloakRealm()));
+	    environmentVariables.put(PLACEHOLDER_ENV_SESSION_KEYCLOAK_CLIENT_ID,
+		    orEmpty(arguments.getKeycloakClientId()));
+	} else {
+	    environmentVariables.put(PLACEHOLDER_ENV_SESSION_KEYCLOAK_URL, "");
+	    environmentVariables.put(PLACEHOLDER_ENV_SESSION_KEYCLOAK_REALM, "");
+	    environmentVariables.put(PLACEHOLDER_ENV_SESSION_KEYCLOAK_CLIENT_ID, "");
+	}
+
 	if (arguments.isEnableMonitor()) {
 	    if (appDefinition.getSpec().getMonitor() != null && appDefinition.getSpec().getMonitor().getPort() > 0) {
 		String port = String.valueOf(appDefinition.getSpec().getMonitor().getPort());

diff --git a/java/operator/org.eclipse.theia.cloud.operator/src/main/resources/templateDeployment.yaml b/java/operator/org.eclipse.theia.cloud.operator/src/main/resources/templateDeployment.yaml
@@ -72,6 +72,12 @@ spec:
             value: placeholder-enable-activity-tracker
           - name: THEIACLOUD_MONITOR_PORT
             value: placeholder-monitor-env-port
+          - name: THEIACLOUD_KEYCLOAK_URL
+            value: placeholder-keycloak-env-url
+          - name: THEIACLOUD_KEYCLOAK_REALM
+            value: placeholder-keycloak-env-realm
+          - name: THEIACLOUD_KEYCLOAK_CLIENT_ID
+            value: placeholder-keycloak-env-clientid
           securityContext:
             runAsUser: placeholder-uid
             runAsGroup: placeholder-uid

diff --git a/....eclipse.theia.cloud.operator/src/main/resources/templateDeploymentWithoutOAuthProxy.yaml b/....eclipse.theia.cloud.operator/src/main/resources/templateDeploymentWithoutOAuthProxy.yaml
@@ -60,3 +60,9 @@ spec:
             value: placeholder-enable-activity-tracker
           - name: THEIACLOUD_MONITOR_PORT
             value: placeholder-monitor-env-port
+          - name: THEIACLOUD_KEYCLOAK_URL
+            value: placeholder-keycloak-env-url
+          - name: THEIACLOUD_KEYCLOAK_REALM
+            value: placeholder-keycloak-env-realm
+          - name: THEIACLOUD_KEYCLOAK_CLIENT_ID
+            value: placeholder-keycloak-env-clientid