From ab961eaf5618c03d478d7fabd73ef898e70c54ca Mon Sep 17 00:00:00 2001 From: Johannes Faltermeier Date: Mon, 24 Apr 2023 14:56:56 +0200 Subject: [PATCH] Provide Keycloak Environment Variables to session #168 * adjust templates with additional environment variables * add additional operator arguments * replace placeholders in template with values from arguments --- .../cloud/operator/TheiaCloudArguments.java | 45 ++++++++++++++++++- ...DefaultDeploymentTemplateReplacements.java | 15 +++++++ .../main/resources/templateDeployment.yaml | 6 +++ .../templateDeploymentWithoutOAuthProxy.yaml | 6 +++ 4 files changed, 71 insertions(+), 1 deletion(-) diff --git a/java/operator/org.eclipse.theia.cloud.operator/src/main/java/org/eclipse/theia/cloud/operator/TheiaCloudArguments.java b/java/operator/org.eclipse.theia.cloud.operator/src/main/java/org/eclipse/theia/cloud/operator/TheiaCloudArguments.java index 6b8a466f..1cd884c2 100644 --- a/java/operator/org.eclipse.theia.cloud.operator/src/main/java/org/eclipse/theia/cloud/operator/TheiaCloudArguments.java +++ b/java/operator/org.eclipse.theia.cloud.operator/src/main/java/org/eclipse/theia/cloud/operator/TheiaCloudArguments.java @@ -82,6 +82,18 @@ public enum BandwidthLimiter { "--requestedStorage" }, description = "Amount of storage requested for persistent workspace volume claims.", required = false) private String requestedStorage; + @Option(names = { + "--keycloakURL" }, description = "The URL of the keycloak instance, if keycloak is enabled.", required = false) + private String keycloakURL; + + @Option(names = { + "--keycloakRealm" }, description = "The authentication realm, if keycloak is enabled.", required = false) + private String keycloakRealm; + + @Option(names = { + "--keycloakClientId" }, description = "The client id of the auth application, if keycloak is enabled", required = false) + private String keycloakClientId; + public boolean isUseKeycloak() { return useKeycloak; } @@ -142,6 +154,18 @@ public String getRequestedStorage() { return requestedStorage; } + public String getKeycloakURL() { + return keycloakURL; + } + + public String getKeycloakRealm() { + return keycloakRealm; + } + + public String getKeycloakClientId() { + return keycloakClientId; + } + @Override public int hashCode() { final int prime = 31; @@ -153,6 +177,9 @@ public int hashCode() { result = prime * result + (enableActivityTracker ? 1231 : 1237); result = prime * result + (enableMonitor ? 1231 : 1237); result = prime * result + ((instancesPath == null) ? 0 : instancesPath.hashCode()); + result = prime * result + ((keycloakClientId == null) ? 0 : keycloakClientId.hashCode()); + result = prime * result + ((keycloakRealm == null) ? 0 : keycloakRealm.hashCode()); + result = prime * result + ((keycloakURL == null) ? 0 : keycloakURL.hashCode()); result = prime * result + ((monitorInterval == null) ? 0 : monitorInterval.hashCode()); result = prime * result + ((requestedStorage == null) ? 0 : requestedStorage.hashCode()); result = prime * result + ((serviceUrl == null) ? 0 : serviceUrl.hashCode()); @@ -193,6 +220,21 @@ public boolean equals(Object obj) { return false; } else if (!instancesPath.equals(other.instancesPath)) return false; + if (keycloakClientId == null) { + if (other.keycloakClientId != null) + return false; + } else if (!keycloakClientId.equals(other.keycloakClientId)) + return false; + if (keycloakRealm == null) { + if (other.keycloakRealm != null) + return false; + } else if (!keycloakRealm.equals(other.keycloakRealm)) + return false; + if (keycloakURL == null) { + if (other.keycloakURL != null) + return false; + } else if (!keycloakURL.equals(other.keycloakURL)) + return false; if (monitorInterval == null) { if (other.monitorInterval != null) return false; @@ -237,7 +279,8 @@ public String toString() { + monitorInterval + ", cloudProvider=" + cloudProvider + ", bandwidthLimiter=" + bandwidthLimiter + ", wondershaperImage=" + wondershaperImage + ", serviceUrl=" + serviceUrl + ", sessionsPerUser=" + sessionsPerUser + ", appId=" + appId + ", usePaths=" + usePaths + ", instancesPath=" + instancesPath - + ", storageClassName=" + storageClassName + ", requestedStorage=" + requestedStorage + "]"; + + ", storageClassName=" + storageClassName + ", requestedStorage=" + requestedStorage + ", keycloakURL=" + + keycloakURL + ", keycloakRealm=" + keycloakRealm + ", keycloakClientId=" + keycloakClientId + "]"; } } diff --git a/java/operator/org.eclipse.theia.cloud.operator/src/main/java/org/eclipse/theia/cloud/operator/handler/impl/DefaultDeploymentTemplateReplacements.java b/java/operator/org.eclipse.theia.cloud.operator/src/main/java/org/eclipse/theia/cloud/operator/handler/impl/DefaultDeploymentTemplateReplacements.java index ca820a03..39918410 100644 --- a/java/operator/org.eclipse.theia.cloud.operator/src/main/java/org/eclipse/theia/cloud/operator/handler/impl/DefaultDeploymentTemplateReplacements.java +++ b/java/operator/org.eclipse.theia.cloud.operator/src/main/java/org/eclipse/theia/cloud/operator/handler/impl/DefaultDeploymentTemplateReplacements.java @@ -57,6 +57,9 @@ public class DefaultDeploymentTemplateReplacements implements DeploymentTemplate public static final String PLACEHOLDER_ENV_SESSION_USER = "placeholder-env-session-user"; public static final String PLACEHOLDER_ENV_SESSION_URL = "placeholder-env-session-url"; public static final String PLACEHOLDER_ENV_SESSION_SECRET = "placeholder-env-session-secret"; + public static final String PLACEHOLDER_ENV_SESSION_KEYCLOAK_URL = "placeholder-keycloak-env-url"; + public static final String PLACEHOLDER_ENV_SESSION_KEYCLOAK_REALM = "placeholder-keycloak-env-realm"; + public static final String PLACEHOLDER_ENV_SESSION_KEYCLOAK_CLIENT_ID = "placeholder-keycloak-env-clientid"; public static final String PLACEHOLDER_MONITOR_PORT = "placeholder-monitor-port"; public static final String PLACEHOLDER_MONITOR_PORT_ENV = "placeholder-monitor-env-port"; @@ -128,6 +131,18 @@ protected Map getEnvironmentVariables(AppDefinition appDefinitio environmentVariables.put(PLACEHOLDER_ENV_SESSION_USER, session.map(s -> s.getSpec().getUser()).orElse("")); environmentVariables.put(PLACEHOLDER_ENV_SESSION_SECRET, session.map(s -> s.getSpec().getSessionSecret()).orElse("")); + + if (arguments.isUseKeycloak()) { + environmentVariables.put(PLACEHOLDER_ENV_SESSION_KEYCLOAK_URL, orEmpty(arguments.getKeycloakURL())); + environmentVariables.put(PLACEHOLDER_ENV_SESSION_KEYCLOAK_REALM, orEmpty(arguments.getKeycloakRealm())); + environmentVariables.put(PLACEHOLDER_ENV_SESSION_KEYCLOAK_CLIENT_ID, + orEmpty(arguments.getKeycloakClientId())); + } else { + environmentVariables.put(PLACEHOLDER_ENV_SESSION_KEYCLOAK_URL, ""); + environmentVariables.put(PLACEHOLDER_ENV_SESSION_KEYCLOAK_REALM, ""); + environmentVariables.put(PLACEHOLDER_ENV_SESSION_KEYCLOAK_CLIENT_ID, ""); + } + if (arguments.isEnableMonitor()) { if (appDefinition.getSpec().getMonitor() != null && appDefinition.getSpec().getMonitor().getPort() > 0) { String port = String.valueOf(appDefinition.getSpec().getMonitor().getPort()); diff --git a/java/operator/org.eclipse.theia.cloud.operator/src/main/resources/templateDeployment.yaml b/java/operator/org.eclipse.theia.cloud.operator/src/main/resources/templateDeployment.yaml index 92d36ee8..f02e947c 100644 --- a/java/operator/org.eclipse.theia.cloud.operator/src/main/resources/templateDeployment.yaml +++ b/java/operator/org.eclipse.theia.cloud.operator/src/main/resources/templateDeployment.yaml @@ -72,6 +72,12 @@ spec: value: placeholder-enable-activity-tracker - name: THEIACLOUD_MONITOR_PORT value: placeholder-monitor-env-port + - name: THEIACLOUD_KEYCLOAK_URL + value: placeholder-keycloak-env-url + - name: THEIACLOUD_KEYCLOAK_REALM + value: placeholder-keycloak-env-realm + - name: THEIACLOUD_KEYCLOAK_CLIENT_ID + value: placeholder-keycloak-env-clientid securityContext: runAsUser: placeholder-uid runAsGroup: placeholder-uid diff --git a/java/operator/org.eclipse.theia.cloud.operator/src/main/resources/templateDeploymentWithoutOAuthProxy.yaml b/java/operator/org.eclipse.theia.cloud.operator/src/main/resources/templateDeploymentWithoutOAuthProxy.yaml index c9708455..d78c2222 100644 --- a/java/operator/org.eclipse.theia.cloud.operator/src/main/resources/templateDeploymentWithoutOAuthProxy.yaml +++ b/java/operator/org.eclipse.theia.cloud.operator/src/main/resources/templateDeploymentWithoutOAuthProxy.yaml @@ -60,3 +60,9 @@ spec: value: placeholder-enable-activity-tracker - name: THEIACLOUD_MONITOR_PORT value: placeholder-monitor-env-port + - name: THEIACLOUD_KEYCLOAK_URL + value: placeholder-keycloak-env-url + - name: THEIACLOUD_KEYCLOAK_REALM + value: placeholder-keycloak-env-realm + - name: THEIACLOUD_KEYCLOAK_CLIENT_ID + value: placeholder-keycloak-env-clientid