diff --git a/.dockerignore b/.dockerignore index f786193304f3..33702691e10e 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1 +1,3 @@ frontend/node_modules +frontend/public/dist +bin/ \ No newline at end of file diff --git a/build-frontend.sh b/build-frontend.sh index f0cf8bb66aca..1b39f8284bc9 100755 --- a/build-frontend.sh +++ b/build-frontend.sh @@ -3,6 +3,6 @@ set -e pushd frontend -yarn install +yarn install --registry=https://registry.npmmirror.com yarn run build popd diff --git a/examples/console-deployment.yaml b/examples/console-deployment.yaml new file mode 100644 index 000000000000..80fdc24869f8 --- /dev/null +++ b/examples/console-deployment.yaml @@ -0,0 +1,72 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: console + namespace: openshift-operators + annotations: + config.openshift.io/inject-proxy: console-operator + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + capability.openshift.io/name: Console +spec: + replicas: 1 + selector: + matchLabels: + name: console + template: + metadata: + annotations: + labels: + name: console + spec: + containers: + - name: console + securityContext: + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + image: stringang/console:latest-20240409 + ports: + - containerPort: 9000 + name: http + command: + - /opt/bridge/bin/bridge + args: + - "--listen=http://0.0.0.0:9000" + - "--k8s-auth=bearer-token" + - "--k8s-mode=off-cluster" + - "--k8s-mode-off-cluster-endpoint=https://kubernetes.default.svc" + - "--k8s-mode-off-cluster-skip-verify-tls=true" + - "--public-dir=/opt/bridge/static" + - "--user-auth=disabled" + - "--k8s-auth-bearer-token=eyJhbGciOiJSUzI1NiIsImtpZCI6IjhLUWZxcXo3UjNyejJjOVNHNFlrVldBN2JWXzUwOTByeU9namNRQU5QLTQifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJkZWZhdWx0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImRlZmF1bHQtdG9rZW4tbnQybm0iLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGVmYXVsdCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImQ0MDJkMTFiLWE4NmUtNGQ3Yi1iYTc2LTQyNTgxYjM0NDJlNSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDpkZWZhdWx0OmRlZmF1bHQifQ.am-jsAALyXMGjxZJ7Sh5302EI4a061ekUfY_CcRD3f8y7JLdOTpKB-SqxaPRexFKZQ3RbM3egZnoz5iTa2NXwkQGvmd5c66Er57rrEKZOU7OenKGcnBuVej-F5VdIpYfM93Zdz7FKUFx07L_PlHTw-taA8y4PRfsHn14aOnUB8pma3sv1ri8O3SGiEga7489XbyMQmbM1FdyfFol5aO13JqGn2o_avFtFH7fGgfoL5BgW6aaMoPGiAPn86qDnKqEHvqNWsCfQMEo7c5LukK1Fr2xc8qTHqCy4I2suGtOwf5GMLhnmvdxkQXNgHljjPZ9Z2YnLNNrl8xDqOPzgAywYw" + imagePullPolicy: IfNotPresent + env: + - name: KUBERNETES_SERVICE_HOST + value: 10.255.0.50 + - name: KUBERNETES_SERVICE_PORT + value: "6443" + resources: + requests: + memory: "100Mi" + cpu: "10m" + livenessProbe: + httpGet: + path: /health + port: http + scheme: HTTP + +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: default-console +subjects: + - kind: ServiceAccount + name: default + namespace: openshift-operators +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin diff --git a/examples/run-bridge.sh b/examples/run-bridge.sh index 4f7fe240c88a..efd4936fab39 100755 --- a/examples/run-bridge.sh +++ b/examples/run-bridge.sh @@ -3,18 +3,12 @@ set -exuo pipefail ./bin/bridge \ + --listen=http://0.0.0.0:9000 \ --base-address=http://localhost:9000 \ - --ca-file=examples/ca.crt \ - --k8s-auth=openshift \ + --public-dir=./frontend/public/dist \ + --k8s-auth=bearer-token \ --k8s-mode=off-cluster \ - --k8s-mode-off-cluster-endpoint="$(oc whoami --show-server)" \ + --k8s-mode-off-cluster-endpoint="https://kubernetes.default.svc:443" \ --k8s-mode-off-cluster-skip-verify-tls=true \ - --listen=http://127.0.0.1:9000 \ - --public-dir=./frontend/public/dist \ - --user-auth=openshift \ - --user-auth-oidc-client-id=console-oauth-client \ - --user-auth-oidc-client-secret-file=examples/console-client-secret \ - --user-auth-oidc-ca-file=examples/ca.crt \ - --k8s-mode-off-cluster-alertmanager="$(oc -n openshift-config-managed get configmap monitoring-shared-config -o jsonpath='{.data.alertmanagerPublicURL}')" \ - --k8s-mode-off-cluster-thanos="$(oc -n openshift-config-managed get configmap monitoring-shared-config -o jsonpath='{.data.thanosPublicURL}')" \ - $@ + --user-auth=disabled \ + --k8s-auth-bearer-token=eyJhbGciOiJSUzI1NiIsImtpZCI6IjhLUWZxcXo3UjNyejJjOVNHNFlrVldBN2JWXzUwOTByeU9namNRQU5QLTQifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkZWZhdWx0LXRva2VuLWI0ZzJuIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImRlZmF1bHQiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiIyODdmYWIwYy0zNjc5LTRmZjYtYjViYi0xNTFlN2FiMGQxZDgiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06ZGVmYXVsdCJ9.W2nWiKuR_O2pfnvalP7EOh9tHo_rC0aYFchfJTF7uIZ2Cfmhi52QY-q837iZQLn1-3D4EavFXDqnnRUedoDkXVUSKd_tHai1qqKXqZFvsqtNq1tnMyLbqf_FPXVTf3V8386wmPclH3lUYoOlngfwiFSiH5FMiTLP01rekKhXF5QfrIXCSlD-mMrSv8NgBAXNJNgaV1ujOdWMtje6L4yof634aorb3JR7k3IXfwwb0UXHpbZD8rkyXNXz-UY-ylOJxBUhVIW8rhVdKcmTYScdNF1M7BwfUtZpB2ZuiaCxspjUNBq1busbZdrQTNj1LB-zjL6cWPm3i-nsngixkc45xg