Skip to content

Commit

Permalink
chore(cloud-native): sync assets for OCI images (#8778)
Browse files Browse the repository at this point in the history 
* chore(docker-jans-config-api): validation for default auth method

Signed-off-by: iromli <isman.firmansyah@gmail.com>

* chore(docker-jans-scim): apply password validation

Signed-off-by: iromli <isman.firmansyah@gmail.com>

---------

Signed-off-by: iromli <isman.firmansyah@gmail.com>
Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com>
  • Loading branch information
@iromli @moabu
iromli and moabu committed Jun 25, 2024
1 parent 47d69ba commit 9b1e7f5
Show file tree
Hide file tree
Showing 4 changed files with 51 additions and 4 deletions.
4 changes: 2 additions & 2 deletions docker-jans-config-api/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ RUN wget -q https://maven.jans.io/maven/io/jans/jython-installer/${JYTHON_VERSIO
# ==========

ENV CN_VERSION=1.1.3-SNAPSHOT
ENV CN_BUILD_DATE='2024-06-07 15:53'
ENV CN_BUILD_DATE='2024-06-24 12:02'

ENV CN_SOURCE_URL=https://jenkins.jans.io/maven/io/jans/jans-config-api-server/${CN_VERSION}/jans-config-api-server-${CN_VERSION}.war

Expand Down Expand Up @@ -78,7 +78,7 @@ RUN mkdir -p ${JETTY_BASE}/jans-config-api/_plugins \
# Assets sync
# ===========

ENV JANS_SOURCE_VERSION=a24c0b95a3ee892bccc1882e4f328bab5f35645a
ENV JANS_SOURCE_VERSION=7eb36ec8ea84e22ec7cd0ee7b1d1c74329090293
ARG JANS_SETUP_DIR=jans-linux-setup/jans_setup
ARG JANS_CONFIG_API_RESOURCES=jans-config-api/server/src/main/resources

Expand Down
1 change: 1 addition & 0 deletions docker-jans-config-api/scripts/upgrade.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,7 @@ def _transform_api_dynamic_config(conf):
("disableAuditLogger", False),
("assetMgtConfiguration", {}),
("maxCount", 200),
("acrValidationEnabled", True),
]:
if missing_key not in conf:
conf[missing_key] = value
Expand Down
4 changes: 2 additions & 2 deletions docker-jans-scim/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ RUN wget -q https://maven.jans.io/maven/io/jans/jython-installer/${JYTHON_VERSIO
# ====

ENV CN_VERSION=1.1.3-SNAPSHOT
ENV CN_BUILD_DATE='2024-06-07 15:49'
ENV CN_BUILD_DATE='2024-06-24 11:57'

ENV CN_SOURCE_URL=https://jenkins.jans.io/maven/io/jans/jans-scim-server/${CN_VERSION}/jans-scim-server-${CN_VERSION}.war

Expand All @@ -60,7 +60,7 @@ RUN mkdir -p ${JETTY_BASE}/jans-scim/webapps \
# Assets sync
# ===========

ENV JANS_SOURCE_VERSION=a24c0b95a3ee892bccc1882e4f328bab5f35645a
ENV JANS_SOURCE_VERSION=232a6eb59fefd919275f01a3e6f8978fa66cfe56
ARG JANS_SETUP_DIR=jans-linux-setup/jans_setup
ARG JANS_SCIM_RESOURCE_DIR=jans-scim/server/src/main/resources

Expand Down
46 changes: 46 additions & 0 deletions docker-jans-scim/scripts/upgrade.py
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
import contextlib
import json
import logging.config
import os
Expand Down Expand Up @@ -208,6 +209,7 @@ def __init__(self, manager):
def invoke(self):
logger.info("Running upgrade process (if required)")
self.update_client_scopes()
self.update_scim_dynamic_config()

def get_all_scopes(self):
if self.backend.type in ("sql", "spanner"):
Expand Down Expand Up @@ -279,6 +281,35 @@ def update_client_scopes(self):
entry.attrs["jansScope"] = client_scopes + diff
self.backend.modify_entry(entry.id, entry.attrs, **kwargs)

def update_scim_dynamic_config(self):
kwargs = {}
id_ = "ou=jans-scim,ou=configuration,o=jans"

if self.backend.type in ("sql", "spanner"):
kwargs = {"table_name": "jansAppConf"}
id_ = doc_id_from_dn(id_)
elif self.backend.type == "couchbase":
kwargs = {"bucket": os.environ.get("CN_COUCHBASE_BUCKET_PREFIX", "jans")}
id_ = id_from_dn(id_)

entry = self.backend.get_entry(id_, **kwargs)

if not entry:
return

if self.backend.type != "couchbase":
with contextlib.suppress(json.decoder.JSONDecodeError):
entry.attrs["jansConfDyn"] = json.loads(entry.attrs["jansConfDyn"])

conf, should_update = _transform_scim_dynamic_config(entry.attrs["jansConfDyn"])

if should_update:
if self.backend.type != "couchbase":
entry.attrs["jansConfDyn"] = json.dumps(conf)

entry.attrs["jansRevision"] += 1
self.backend.modify_entry(entry.id, entry.attrs, **kwargs)


def main():
manager = get_manager()
Expand All @@ -288,5 +319,20 @@ def main():
upgrade.invoke()


def _transform_scim_dynamic_config(conf):
should_update = False

# top-level config that need to be added (if missing)
for missing_key, value in [
("skipDefinedPasswordValidation", False),
]:
if missing_key not in conf:
conf[missing_key] = value
should_update = True

# finalized conf and flag to determine update process
return conf, should_update


if __name__ == "__main__":
main()

0 comments on commit 9b1e7f5

Please sign in to comment.