fix image name when running k8s example without skaffold (#1139)

* fix image name

* Change gateway port to 8081.
Add microk8s support to skaffold.

CONTRIBUTING.md

@@ -44,9 +44,9 @@
    ```
 
 2. Yarn start
-3. Go to http://localhost:8080/login and use basic auth with (user: admin-app, password: 8v/iUG0vTH4BtVgkSn3Tng==)
+3. Go to http://localhost:8081/login and use basic auth with (user: admin-app, password: 8v/iUG0vTH4BtVgkSn3Tng==)
 
-Access Tweek gateway using localhost:8080.
+Access Tweek gateway using localhost:8081.
 Tweek gateway route all traffic to other resources based on: https://github.com/Soluto/tweek/blob/master/services/gateway/settings/settings.json
 The root path redirect to Tweek Editor UI
 
@@ -64,7 +64,6 @@ After installing Skaffold, use `skaffold dev --port-forward=false`
 
 ### Debug
 
-- if you haven't pulled or built the environment, run `npm run docker-compose pull tweek-git tweek-management tweek-api`
 - run `npm run start:full-env`
 
 ### Unit Tests

README.md

@@ -56,7 +56,7 @@ After setting up our environment, we're going to create our first key.
 Keys in tweek are the most basic building blocks and they represent a container for dynamic value that affect feature behaviors.
 Our first key, will be a key that is responsible for the color of a "sign up" button.
 
-- Open http://localhost:8080/login in browser.
+- Open http://localhost:8081/login in browser.
 - Login
   - User Basic auth (user: admin-app, password: 8v/iUG0vTH4BtVgkSn3Tng==)
   - Can also use OIDC mock server login button for testing OIDC (user: User, password: pwd)
@@ -77,9 +77,9 @@ More on [keys and paths](https://docs.tweek.fm/concepts/keys/keys-ands-paths)
 
 Use curl/postman/chrome to fire GET Request:
 
-- http://localhost:8080/api/v2/values/my_app/sign_button/color -> expected to be "red"
-- http://localhost:8080/api/v2/values/my_app/sign_button/color?user.Country=canada -> expected to be "blue"
-- http://localhost:8080/api/v2/values/my_app/sign_button/_?user.Country=canada -> expected to be {"color":"blue"}
+- http://localhost:8081/api/v2/values/my_app/sign_button/color -> expected to be "red"
+- http://localhost:8081/api/v2/values/my_app/sign_button/color?user.Country=canada -> expected to be "blue"
+- http://localhost:8081/api/v2/values/my_app/sign_button/_?user.Country=canada -> expected to be {"color":"blue"}
 
 Using the rest api, an application can query Tweek for getting the right set of values for each specific user.
 More on Tweek [Rest api](https://docs.tweek.fm/api/rest-api).
@@ -96,11 +96,11 @@ Tweek provide UI and rest api for editing context.
 
 After that, we can query Tweek API with:
 
-- http://localhost:8080/api/v2/values/my_app/sign_button/color?user=john -> expected to be "blue"
+- http://localhost:8081/api/v2/values/my_app/sign_button/color?user=john -> expected to be "blue"
 
 You can also use the api for updating Tweek context:
 
-- curl -X POST http://localhost:8080/api/v2/context/user/john \
+- curl -X POST http://localhost:8081/api/v2/context/user/john \
   -H 'content-type: application/json' \
   -H 'x-client-id: admin-app' \
   -H 'x-client-secret: 8v/iUG0vTH4BtVgkSn3Tng==' \
@@ -116,10 +116,10 @@ Create new key in the editor "my_app/sign_button/is_enabled" with value type "bo
 Add new rule, remove all conditions, set the the rule value to gradual release with 50%.
 Try querying configuration with different users and You'll have different results.
 
-- http://localhost:8080/api/v2/values/my_app/sign_button/is_enabled?user=barny
-- http://localhost:8080/api/v2/values/my_app/sign_button/is_enabled?user=robin
-- http://localhost:8080/api/v2/values/my_app/sign_button/is_enabled?user=ted
-- http://localhost:8080/api/v2/values/my_app/sign_button/is_enabled?user=lily
+- http://localhost:8081/api/v2/values/my_app/sign_button/is_enabled?user=barny
+- http://localhost:8081/api/v2/values/my_app/sign_button/is_enabled?user=robin
+- http://localhost:8081/api/v2/values/my_app/sign_button/is_enabled?user=ted
+- http://localhost:8081/api/v2/values/my_app/sign_button/is_enabled?user=lily
 - etc...
 
 More on how multi-variant keys work in Tweek. (link)

deployments/dev/docker-compose.e2e.yml

@@ -37,10 +37,6 @@ services:
       - CONFIGOR_ENV=test
 
   oidc-server-mock:
-    container_name: oidc-server-mock
-    image: soluto/oidc-server-mock
-    ports:
-      - "8081:80"
     environment:
       - REDIRECT_URIS=http://gateway/auth-result/oidc
 
@@ -50,6 +46,7 @@ services:
     shm_size: 2g
     volumes:
       - ../../e2e/ui:/src
+      - /src/node_modules
     depends_on:
       - gateway
       - editor
@@ -64,6 +61,7 @@ services:
     container_name: e2e-integration
     volumes:
       - ../../e2e/integration:/opt/app
+      - /opt/app/node_modules
     depends_on: 
       - gateway
     environment:

deployments/dev/docker-compose.override.yml

@@ -114,16 +114,16 @@ services:
     container_name: oidc-server-mock
     image: soluto/oidc-server-mock
     ports:
-      - "8081:80"
+      - "8082:80"
     environment:
       - ASPNETCORE_ENVIRONMENT=Development
       - CLIENT_ID=tweek-openid-mock-client
-      - REDIRECT_URIS=http://localhost:8080/auth-result/oidc
+      - REDIRECT_URIS=http://localhost:8081/auth-result/oidc
       - TEST_USER={"SubjectId":"user","Username":"user","Password":"pwd"}
 
   gateway:
     ports:
-      - "8080:80"
+      - "8081:80"
     depends_on:
       - minio
       - nats
@@ -141,7 +141,7 @@ services:
       - TWEEKGATEWAY_SECURITY_POLICYSTORAGE_MINIOSECURE=false
       - TWEEKGATEWAY_SECURITY_POLICYSTORAGE_NATSENDPOINT=nats://nats:4222
       - TWEEKGATEWAY_SECURITY_TWEEKSECRETKEY_PATH=/run/secrets/tweek_ssh_private_key
-      - TWEEKGATEWAY_SECURITY_AUTH_BASICAUTH_REDIRECTURLS=['http://localhost:8080', 'http://localhost:3000']
+      - TWEEKGATEWAY_SECURITY_AUTH_BASICAUTH_REDIRECTURLS=['http://localhost:8081', 'http://localhost:3000']
       - TWEEKGATEWAY_CONFIGFILEPATH=/config/gateway.json
     volumes:
       - ./gateway/config:/config

deployments/dev/gateway/config/gateway.json

@@ -10,8 +10,8 @@
       "providers": {
         "mock": {
           "name": "Mock OpenId Connect server",
-          "issuer": "http://localhost:8081",
-          "authority": "http://localhost:8081",
+          "issuer": "http://localhost:8082",
+          "authority": "http://localhost:8082",
           "jwks_uri": "http://oidc-server-mock/.well-known/openid-configuration/jwks",
           "client_id": "tweek-openid-mock-client",
           "login_info": {

deployments/dev/gateway/config/gateway.local.json

@@ -9,9 +9,9 @@
       "providers": {
         "mock": {
           "name": "Mock OpenId Connect server",
-          "issuer": "http://localhost:8081",
-          "authority": "http://localhost:8081",
-          "jwks_uri": "http://localhost:8081/.well-known/openid-configuration/jwks",
+          "issuer": "http://localhost:8082",
+          "authority": "http://localhost:8082",
+          "jwks_uri": "http://localhost:8082/.well-known/openid-configuration/jwks",
           "client_id": "tweek-openid-mock-client",
           "login_info": {
             "login_type": "oidc",
@@ -43,6 +43,6 @@
     }
   },
   "server": {
-    "ports": [3000, 8080]
+    "ports": [8081]
   }
 }

deployments/kubernetes/README.md

@@ -19,14 +19,17 @@ Install [Skaffold](https://github.com/GoogleContainerTools/skaffold/releases).
 First of all, run the skaffold.
 
 ```
-skaffold dev -f ./deployments/kubernetes/skaffold.yaml
+skaffold dev
+
+# add profile flag if using microk8s:
+skaffold dev -p microk8s
 ```
 
-If using Minikube create port forwarding:
+If using Minikube/Microk8s create port forwarding:
 
 ```bash
-kubectl port-forward deployment/gateway 8080:80
-kubectl port-forward deployment/oidc-server-mock 8081:80
+kubectl port-forward deployment/gateway 8081:80
+kubectl port-forward deployment/oidc-server-mock 8082:80
 ```
 
-Finally, open in browser [http://localhost:8080](http://localhost:8080).
+Finally, open in browser [http://localhost:8081](http://localhost:8081).

deployments/kubernetes/gateway.yaml

@@ -78,5 +78,5 @@ spec:
   selector:
     app: gateway
   ports:
-    - port: 8080
+    - port: 8081
       targetPort: 80

deployments/kubernetes/git.yaml

@@ -11,7 +11,7 @@ spec:
     spec:
       containers:
       - name: tweek-bare-repo
-        image: soluto/tweek-git
+        image: soluto/tweek-bare-repo
         imagePullPolicy: IfNotPresent
         ports:
         - containerPort: 22

deployments/kubernetes/infra/gateway-config.yaml

@@ -16,9 +16,9 @@ data:
                 "providers": {
                     "mock": {
                         "name": "Mock OpenId Connect server",
-                        "issuer": "http://localhost:8081",
-                        "authority": "http://localhost:8081",
-                        "jwks_uri": "http://oidc-server-mock:8081/.well-known/openid-configuration/jwks",
+                        "issuer": "http://localhost:8082",
+                        "authority": "http://localhost:8082",
+                        "jwks_uri": "http://oidc-server-mock:8082/.well-known/openid-configuration/jwks",
                         "client_id": "tweek-openid-mock-client",
                         "login_info": {
                             "login_type": "oidc",
@@ -29,7 +29,7 @@ data:
                 },
                 "basic_auth": {
                     "redirect_urls": [
-                        "http://localhost:8080"
+                        "http://localhost:8081"
                     ]
                 }
             }

deployments/kubernetes/infra/oidc-server-mock.yaml

@@ -18,7 +18,7 @@ spec:
         - name: CLIENT_ID
           value: tweek-openid-mock-client
         - name: REDIRECT_URIS
-          value: http://localhost:8080/auth-result/oidc
+          value: http://localhost:8081/auth-result/oidc
         - name: TEST_USER
           value: '{"SubjectId":"user","Username":"user","Password":"pwd"}'
         ports:
@@ -33,6 +33,6 @@ spec:
   selector:
     app: oidc-server-mock
   ports:
-    - port: 8081
+    - port: 8082
       targetPort: 80
 ---

docs/pages/1.getting-started/02.using-tweek.md

@@ -10,7 +10,7 @@ After setting up our environment, we're going to create our first key.
 Keys in tweek are the most basic building blocks and they represent a container for dynamic value that affect feature behaviors.
 Our first key, will be a key that is responsible for the color of a "sign up" button.
 
-- Open http://localhost:8080/login in browser.
+- Open http://localhost:8081/login in browser.
 - Login
   - User Basic auth (user: admin-app, password: 8v/iUG0vTH4BtVgkSn3Tng==)
   - Can also use OIDC mock server login button for testing OIDC (user: User, password: pwd)
@@ -31,9 +31,9 @@ More on [keys and paths](https://docs.tweek.fm/concepts/keys/keys-ands-paths)
 
 Use curl/postman/chrome to fire GET Request:
 
-- http://localhost:8080/api/v2/values/my_app/sign_button/color -> expected to be "red"
-- http://localhost:8080/api/v2/values/my_app/sign_button/color?user.Country=canada -> expected to be "blue"
-- http://localhost:8080/api/v2/values/my_app/sign_button/_?user.Country=canada -> expected to be {"color":"blue"}
+- http://localhost:8081/api/v2/values/my_app/sign_button/color -> expected to be "red"
+- http://localhost:8081/api/v2/values/my_app/sign_button/color?user.Country=canada -> expected to be "blue"
+- http://localhost:8081/api/v2/values/my_app/sign_button/_?user.Country=canada -> expected to be {"color":"blue"}
 
 Using the rest api, an application can query Tweek for getting the right set of values for each specific user.
 More on Tweek [Rest api](https://docs.tweek.fm/api/rest-api).
@@ -50,11 +50,11 @@ Tweek provide UI and rest api for editing context.
 
 After that, we can query Tweek API with:
 
-- http://localhost:8080/api/v2/values/my_app/sign_button/color?user=john -> expected to be "blue"
+- http://localhost:8081/api/v2/values/my_app/sign_button/color?user=john -> expected to be "blue"
 
 You can also use the api for updating Tweek context:
 
-- curl -X POST http://localhost:8080/api/v2/context/user/john \
+- curl -X POST http://localhost:8081/api/v2/context/user/john \
   -H 'content-type: application/json' \
   -H 'x-client-id: admin-app' \
   -H 'x-client-secret: 8v/iUG0vTH4BtVgkSn3Tng==' \
@@ -70,10 +70,10 @@ Create new key in the editor "my_app/sign_button/is_enabled" with value type "bo
 Add new rule, remove all conditions, set the the rule value to gradual release with 50%.
 Try querying configuration with different users and You'll have different results.
 
-- http://localhost:8080/api/v2/values/my_app/sign_button/is_enabled?user=barny
-- http://localhost:8080/api/v2/values/my_app/sign_button/is_enabled?user=robin
-- http://localhost:8080/api/v2/values/my_app/sign_button/is_enabled?user=ted
-- http://localhost:8080/api/v2/values/my_app/sign_button/is_enabled?user=lily
+- http://localhost:8081/api/v2/values/my_app/sign_button/is_enabled?user=barny
+- http://localhost:8081/api/v2/values/my_app/sign_button/is_enabled?user=robin
+- http://localhost:8081/api/v2/values/my_app/sign_button/is_enabled?user=ted
+- http://localhost:8081/api/v2/values/my_app/sign_button/is_enabled?user=lily
 - etc...
 
 More on how multi-variant keys work in Tweek. (link)

docs/pages/2.concepts/02.context/intro-to-context.md

@@ -19,8 +19,8 @@ For example, assuming we have a key `is_allowed_to_drive` with rule:
 If we send these requests to Tweek:
 
 ```
-GET http://localhost:8080/api/v2/values/is_allowed_to_drive -> false
-GET http://localhost:8080/api/v2/values/is_allowed_to_drive?User.Age=20 -> true
+GET http://localhost:8081/api/v2/values/is_allowed_to_drive -> false
+GET http://localhost:8081/api/v2/values/is_allowed_to_drive?User.Age=20 -> true
 ```
 
 In order to get the right values from Tweek, we need to provide Tweek the relevant context for the request.
@@ -31,13 +31,13 @@ While we can always pass context parameters in url, a different approach is to s
 For example:
 
 ```
-GET http://localhost:8080/api/v2/values/is_allowed_to_drive?User=john -> false
+GET http://localhost:8081/api/v2/values/is_allowed_to_drive?User=john -> false
 ```
 
 We've asked for the value of "is_allowed_to_drive" for user John, but Tweek doesn't know any facts about him, let's change it:
 
 ```
-POST http://localhost:8080/api/v2/context/user/john
+POST http://localhost:8081/api/v2/context/user/john
 {
     "Age": 20
 }
@@ -46,15 +46,15 @@ POST http://localhost:8080/api/v2/context/user/john
 After adding the data, let's retry our first request:
 
 ```
-GET http://localhost:8080/api/v2/keys/is_allowed_to_drive?User=john -> true
+GET http://localhost:8081/api/v2/keys/is_allowed_to_drive?User=john -> true
 ```
 
 ## Identities & Properties
 
 You've noticed that we used "User.Age" and not simply "Age", the reason is that Tweek treat facts as properties on top of identities, for example:
 
 ```
-GET http://localhost:8080/api/v2/keys/path/to/key?User=john&User.Country=england
+GET http://localhost:8081/api/v2/keys/path/to/key?User=john&User.Country=england
 ```
 
 1. Tweek understands that it need to get the values for identity user "john".

e2e/integration/utils/client.js

@@ -26,7 +26,7 @@ nconf
   .argv()
   .env()
   .defaults({
-    GATEWAY_URL: 'http://localhost:8080',
+    GATEWAY_URL: 'http://localhost:8081',
     CLIENT_ID: 'admin-app',
     CLIENT_SECRET: '8v/iUG0vTH4BtVgkSn3Tng==',
 

e2e/ui/utils/constants.js

@@ -4,8 +4,8 @@ nconf
   .argv()
   .env()
   .defaults({
-    GATEWAY_URL: 'http://localhost:8080',
-    EDITOR_URL: 'http://localhost:8080/',
+    GATEWAY_URL: 'http://localhost:8081',
+    EDITOR_URL: 'http://localhost:8081/',
   });
 
 const trimEnd = (str) => str.replace(/\/+$/, '');

services/editor/Dockerfile

@@ -1,5 +1,5 @@
 # ---- Deps ----
-FROM node:10.15.0-alpine AS dependencies
+FROM node:10.15.3-alpine AS dependencies
 WORKDIR /opt/app/
 COPY package.json yarn.lock ./
 RUN yarn --production

services/editor/debug.Dockerfile

@@ -4,5 +4,5 @@ WORKDIR /app
 COPY package.json yarn.lock ./
 RUN yarn
 COPY . /app
-RUN yarn test 
+RUN CI=true yarn test 
 CMD [ "yarn", "start" ]

services/editor/package.json

@@ -11,12 +11,12 @@
   "scripts": {
     "start": "npm-run-all -l build:less -p -r start:watch:*",
     "start:watch:less": "node-less-chokidar src/ -o src/ --watch --recursive",
-    "start:watch:app": "REACT_APP_GATEWAY_URL=http://localhost:8080 react-app-rewired start",
+    "start:watch:app": "REACT_APP_GATEWAY_URL= react-app-rewired start",
     "start:full-env": "yarn docker-compose up -d gateway publishing && yarn start",
     "build": "run-s -l build:*",
     "build:less": "node-less-chokidar src/",
     "build:app": "react-app-rewired build",
-    "test": "react-scripts test",
+    "test": "react-scripts test --no-watchman --watch=false --watchAll=false",
     "test:e2e": "cd ../../ && yarn start:e2e gateway && EDITOR_URL=http://localhost:3000 yarn test:local:ui",
     "eject": "react-scripts eject",
     "teardown": "yarn docker-compose down --remove-orphans",

services/git-service/BareRepository/source/security/subject_extraction_rules.rego

@@ -3,7 +3,7 @@ package rules
 default subject = { "user": null, "group": null }
 
 subject = { "user": "admin-app", "group": "externalapps"} {
-    input.iss = "http://localhost:8081"
+    startswith(input.iss, "http://localhost:")
     input.aud = "tweek-openid-mock-client"
 } else = { "user": input.sub, "group": "default" } {
     true