diff --git a/automation/auto_update_build_date.py b/automation/auto_update_build_date.py index 2acb8d6cd4f..bc05e70796c 100644 --- a/automation/auto_update_build_date.py +++ b/automation/auto_update_build_date.py @@ -48,7 +48,9 @@ def main(): update_image(image, "CN_SOURCE_URL", "CN_BUILD_DATE") if image == "docker-jans-config-api": update_image(image, "SCIM_PLUGIN_SOURCE_URL", "SCIM_PLUGIN_BUILD_DATE") - update_image(image, "ADMIN_UI_SOURCE_URL", "ADMIN_UI_PLUGIN_BUILD_DATE") + update_image(image, "ADMIN_UI_PLUGIN_SOURCE_URL", "ADMIN_UI_PLUGIN_BUILD_DATE") + update_image(image, "FIDO2_PLUGIN_SOURCE_URL", "FIDO2_PLUGIN_BUILD_DATE") + update_image(image, "USER_MGT_PLUGIN_SOURCE_URL", "USER_MGT_PLUGIN_BUILD_DATE") except KeyError: print(f'Docker image {image} does not contain any packages to update') continue diff --git a/docker-jans-config-api/Dockerfile b/docker-jans-config-api/Dockerfile index ec38bbd1185..b46acb0fa32 100644 --- a/docker-jans-config-api/Dockerfile +++ b/docker-jans-config-api/Dockerfile @@ -32,7 +32,7 @@ RUN wget -q https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-home/${JETTY_ # ========== ENV CN_VERSION=1.0.1-SNAPSHOT -ENV CN_BUILD_DATE='2022-06-06 08:16' +ENV CN_BUILD_DATE='2022-06-29 11:17' ENV CN_SOURCE_URL=https://jenkins.jans.io/maven/io/jans/jans-config-api-server/${CN_VERSION}/jans-config-api-server-${CN_VERSION}.war # Install Jans Config API @@ -63,13 +63,21 @@ RUN wget -q https://github.com/GluuFederation/gluu-snap/raw/${PYFACTER_VERSION}/ RUN mkdir -p /usr/share/java -ENV SCIM_PLUGIN_BUILD_DATE='2022-05-19 16:27' +ENV SCIM_PLUGIN_BUILD_DATE='2022-06-29 11:18' ENV SCIM_PLUGIN_SOURCE_URL=https://jenkins.jans.io/maven/io/jans/jans-config-api/plugins/scim-plugin/${CN_VERSION}/scim-plugin-${CN_VERSION}-distribution.jar RUN wget -q ${SCIM_PLUGIN_SOURCE_URL} -O /usr/share/java/scim-plugin.jar -ENV ADMIN_UI_PLUGIN_BUILD_DATE='2022-05-19 16:27' -ENV ADMIN_UI_SOURCE_URL=https://jenkins.jans.io/maven/io/jans/jans-config-api/plugins/admin-ui-plugin/${CN_VERSION}/admin-ui-plugin-${CN_VERSION}-distribution.jar -RUN wget -q ${ADMIN_UI_SOURCE_URL} -O /usr/share/java/admin-ui-plugin.jar +ENV ADMIN_UI_PLUGIN_BUILD_DATE='2022-06-29 11:18' +ENV ADMIN_UI_PLUGIN_SOURCE_URL=https://jenkins.jans.io/maven/io/jans/jans-config-api/plugins/admin-ui-plugin/${CN_VERSION}/admin-ui-plugin-${CN_VERSION}-distribution.jar +RUN wget -q ${ADMIN_UI_PLUGIN_SOURCE_URL} -O /usr/share/java/admin-ui-plugin.jar + +ENV FIDO2_PLUGIN_BUILD_DATE='2022-06-29 11:18' +ENV FIDO2_PLUGIN_SOURCE_URL=https://jenkins.jans.io/maven/io/jans/jans-config-api/plugins/fido2-plugin/${CN_VERSION}/fido2-plugin-${CN_VERSION}-distribution.jar +RUN wget -q ${FIDO2_PLUGIN_SOURCE_URL} -O /usr/share/java/fido2-plugin.jar + +ENV USER_MGT_PLUGIN_BUILD_DATE='2022-06-29 11:18' +ENV USER_MGT_PLUGIN_SOURCE_URL=https://jenkins.jans.io/maven/io/jans/jans-config-api/plugins/user-mgt-plugin/${CN_VERSION}/user-mgt-plugin-${CN_VERSION}-distribution.jar +RUN wget -q ${USER_MGT_PLUGIN_SOURCE_URL} -O /usr/share/java/user-mgt-plugin.jar # ====== # Python diff --git a/docker-jans-config-api/README.md b/docker-jans-config-api/README.md index d2d5dcd671e..56ab900e884 100644 --- a/docker-jans-config-api/README.md +++ b/docker-jans-config-api/README.md @@ -68,7 +68,7 @@ The following environment variables are supported by the container: - `CN_GOOGLE_SPANNER_INSTANCE_ID`: Google Spanner instance ID. - `CN_GOOGLE_SPANNER_DATABASE_ID`: Google Spanner database ID. - `CN_CONFIG_API_APP_LOGGERS`: Custom logging configuration in JSON-string format with hash type (see [Configure app loggers](#configure-app-loggers) section for details). -- `CN_CONFIG_API_PLUGINS`: Comma-separated plugin names that should be enabled (available plugins are `admin-ui` and `scim`). +- `CN_CONFIG_API_PLUGINS`: Comma-separated plugin names that should be enabled (available plugins are `admin-ui`, `scim`, `fido2`, and `user-mgt`). Note that unknown plugin name will be ignored. - `CN_TOKEN_SERVER_CERT_FILE`: Path to token server certificate (default to `/etc/certs/token_server.crt`). - `CN_ADMIN_UI_PLUGIN_LOGGERS`: Custom logging configuration for AdminUI plugin in JSON-string format with hash type (see [Configure plugin loggers](#configure-plugin-loggers) section for details). - `CN_PROMETHEUS_PORT`: Port used by Prometheus JMX agent (default to empty string). To enable Prometheus JMX agent, set the value to a number. See [Exposing metrics](#exposing-metrics) for details. diff --git a/docker-jans-config-api/scripts/bootstrap.py b/docker-jans-config-api/scripts/bootstrap.py index 11a113f20c1..eeeaf339356 100644 --- a/docker-jans-config-api/scripts/bootstrap.py +++ b/docker-jans-config-api/scripts/bootstrap.py @@ -88,6 +88,7 @@ def main(): configure_logging() plugins = discover_plugins() + logger.info(f"Loaded config-api plugins: {', '.join(plugins)}") modify_config_api_xml(plugins) if "admin-ui" in plugins: diff --git a/docker-jans-config-api/scripts/entrypoint.sh b/docker-jans-config-api/scripts/entrypoint.sh index b409d14e64d..880c7fc0ff0 100644 --- a/docker-jans-config-api/scripts/entrypoint.sh +++ b/docker-jans-config-api/scripts/entrypoint.sh @@ -2,16 +2,6 @@ set -e -copy_builtin_plugins() { - if [ ! -f /opt/jans/jetty/jans-config-api/custom/libs/scim-plugin.jar ]; then - cp /usr/share/java/scim-plugin.jar /opt/jans/jetty/jans-config-api/custom/libs/ - fi - - if [ ! -f /opt/jans/jetty/jans-config-api/custom/libs/admin-ui-plugin.jar ]; then - cp /usr/share/java/admin-ui-plugin.jar /opt/jans/jetty/jans-config-api/custom/libs/ - fi -} - get_logging_files() { logs="resources/log4j2.xml" @@ -33,9 +23,6 @@ get_prometheus_opt() { } python3 /app/scripts/wait.py - -copy_builtin_plugins - python3 /app/scripts/bootstrap.py # run config-api diff --git a/docker-jans-config-api/scripts/mod_context.py b/docker-jans-config-api/scripts/mod_context.py deleted file mode 100644 index 1329eb81de8..00000000000 --- a/docker-jans-config-api/scripts/mod_context.py +++ /dev/null @@ -1,21 +0,0 @@ -import glob - - -def modify_config_api_xml(): - fn = "/opt/jans/jetty/jans-config-api/webapps/jans-config-api.xml" - - with open(fn) as f: - txt = f.read() - - with open(fn, "w") as f: - ctx = { - "extra_classpath": ",".join([ - j.replace("/opt/jans/jetty/jans-config-api", ".") - for j in glob.iglob("/opt/jans/jetty/jans-config-api/custom/libs/*.jar") - ]) - } - f.write(txt % ctx) - - -if __name__ == "__main__": - modify_config_api_xml() diff --git a/docker-jans-config-api/scripts/plugins.py b/docker-jans-config-api/scripts/plugins.py index d4f4cf81fb0..bf7a5db2199 100644 --- a/docker-jans-config-api/scripts/plugins.py +++ b/docker-jans-config-api/scripts/plugins.py @@ -1,5 +1,6 @@ import logging.config import os +import shutil import sys from jans.pycloudlib.utils import cert_to_truststore @@ -9,22 +10,41 @@ logging.config.dictConfig(LOGGING_CONFIG) logger = logging.getLogger("plugins") +SUPPORTED_PLUGINS = ( + "admin-ui", + "scim", + "fido2", + "user-mgt", +) -def discover_plugins(): + +def discover_plugins() -> list[str]: + """Discover enabled plugins. + + The plugin JAR file will be copied to ``/opt/jans/jetty/jans-config-api/custom/libs`` directory. + """ loaded_plugins = [] - plugins = [ + user_plugins = [ plugin.strip() for plugin in os.environ.get("CN_CONFIG_API_PLUGINS", "").strip().split(",") if plugin.strip() ] - for plugin in plugins: - plugin_jar = f"/opt/jans/jetty/jans-config-api/custom/libs/{plugin}-plugin.jar" + for plugin in set(user_plugins): + if plugin not in SUPPORTED_PLUGINS: + continue + + src = f"/usr/share/java/{plugin}-plugin.jar" + dst = f"/opt/jans/jetty/jans-config-api/custom/libs/{plugin}-plugin.jar" - if not os.path.isfile(plugin_jar): + if not os.path.isfile(src): continue + + shutil.copyfile(src, dst) loaded_plugins.append(plugin) + + # a list of loaded plugins return loaded_plugins