-
Notifications
You must be signed in to change notification settings - Fork 7.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add private gitlab storage #493
Comments
Happy to look at PR to add it. |
References to 'gitlab.com' are in the following files:
You could for example modify the current Dockerfile like this: FROM frekele/ant:1.10.3-jdk8 as BUILD
ARG GITLAB_DOMAIN=https://gitlab.com/
ENV DEBIAN_FRONTEND=noninteractive
# Download the latest draw.io release from GitHub
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN apt-get update \
&& apt-get install jq -y --no-install-recommends \
&& mkdir /usr/build \
&& curl -fsSL -o drawio.tar.gz --compressed "$(curl -fsSL --compressed "https://api.github.com/repos/jgraph/drawio/releases/latest" | jq -r ".tarball_url")" \
&& tar xzf drawio.tar.gz -C /usr/build --strip-components=1
# Replace all references to gitlab.com
WORKDIR /usr/build
RUN grep -rl 'https://gitlab.com/' | xargs sed -i "s|https://gitlab.com/|$GITLAB_DOMAIN|g"
# Continue to build like the official release
WORKDIR /usr/build/etc/build/
RUN ant war
FROM tomcat:9.0 as TARGET
COPY --from=BUILD /usr/build/build/draw.war /usr/local/tomcat/webapps/
EXPOSE 8080
CMD ["catalina.sh", "run"] Then build the Dockerfile with your custom URL: docker build \
--build-arg GITLAB_DOMAIN=https://gitlab.example.fr/ \
-t drawio-custom-gitlab \
. Maybe not the nicest solution, but it should work. 😉 |
@fhemberger we did the first tries to do the same on Friday but weren't able to finish our testing. Therefore many thanks for your great summary - we will test it next week for our on-premises installation too. 🤗 |
@m4r10k Haven't tested it yet with our GitLab instance (maybe next week), just a quick idea I came up with. It should do the trick … looking forward for your feedback! |
@fhemberger ... sure! Such ideas are great to exchange - you are some steps ahead. I just hacked this stuff quick and dirty into the draw.io Docker image directly for testing 🤣 The problem that we have is, that I know were to put the Client ID - but I am not sure about the Secret (from the Gitlab Applications...) |
Refreshing to see some constructive solutions in issues, but this one is a lot easier for us to deal with :). With 11.1.2 you can add a URL parameter "gitlab=yourURL" to set the path to your custom instance. |
@davidjgraph Awesome, thanks! |
@davidjgraph Many many thanks! |
A stupid question: where should I add this parameter? |
@stepkh |
When I put url like http://my.drawio.local/?gitlab=http://my.gitlab.local I get "Save diagram to:" window, the same if I put drawio url without parameters. |
This url works: http://my.drawio.local/?mode=gitlab&gitlab=http://my.gitlab.local. But when I authorize in gitlab, I get an error "Client authentication failed due to unkown client, no client authentication included, or unsupported authentication method". The same error was got by me when I manually changed 'gitlab.com' to 'my.gitlab.local' in previous version 11.1.1. |
OK, the main question is can anyone get this to work with the URL parameter? I don't have a local gitlab instance. If yes, authorizing in gitlab sounds off-topic for draw.io. If no, we need to debug. |
Hi, |
If it will help to debug, i glad to provide a couple test public containers with self-hosted draw.io and gitlab. |
Actually, I assumed with the above script that someone had this working, but probably not, reading it again. I should have explained the client ID. At the top of GitLabClient.js there's a client ID. That's the ID for our application in Gitlab. It has custom redirect URLs for the authenication, so it won't work on your local URL. I can tell you the setup using gitlab.com, I hope it's similiar on a local install. Under user settings there's an application option: The redirect URI needs to point to the gitlab.html file in the root of the draw.io installation and you need to select the following scopes: btw, if anyone can find a set of working scopes that doesn't include "API", please let us know. When the app is saved, you need to swap out the clientID mentioned, but we'll add a URL parameter for that in a minute. |
As I wrote in #493 (comment) , there is a setting for the ClientID in GitLabClient.js . You can generate this ID by creating an Application in the GitLab Admin Settings under "Applications" - but I have currently no idea where to put the Secret that is also provided by GitLab during Application creation :-) |
@davidjgraph ups, ninja'd :) |
Added as d6c66c4 URL parameter is "gitlab-id" Note that if you can inject these global variables in the docker image: window.DRAWIO_GITLAB_URL you don't have to use the URL parameters |
In your example I think it shouldn't be MyGitlabPath but MyDrawIOPath. When I entered this url with the client-ID given : The url sent is the following, the id doesn't seem to be used ? |
That won't work, because we haven't deployed this to the production version at draw.io yet... |
That is a good reason :D |
Try the github pages version of this project for testing, https://jgraph.github.io/drawio/src/main/webapp/ |
Still don't work, still a different id, I imagine that the client_id should be similar to the gitlab-id I indicate in the url, is it ? |
Ah, sorry my bad, it's not built. https://jgraph.github.io/drawio/src/main/webapp/?dev=1 , you need dev=1 in the URL parameters |
your url result as "Page could not be loaded" |
I think window.EXPORT_URL is a browser parameter not for docker container enviroment variable Probally we need support read from enviroment variable? |
@rickywu Thanks. Yeah, it doesn't seem to be as easy as changing the URL and client ID. @agaget That 404 is due to the draw.io domain not being on the jgraph.github.io root. Let's try again with https://gitlab-test-dot-drawdotio.appspot.com/ . It's the github version, but the redirect will be at https://gitlab-test-dot-drawdotio.appspot.com/gitlab.html |
We don't use environment variables in our deployment. You're welcome to submit a PR, but it must work on Google App Engine, where our production draw.io runs. |
@agaget can you open that as a new issue please? I'll close this one if the basics work. |
@davidjgraph done #510 |
I am facing the same kind of issues but it's hard to understand what setup is finally working. Could someone summarize the solution please ? |
I can try.. As it seems that it's not in production yet I will use the https://gitlab-test-dot-drawdotio.appspot.com url. The redirect URI needs to point to the gitlab.html file in the root of the draw.io installation and you need to select the following scopes:
Then it will give you an Application-id paste it. Use It should work. |
The latest version add PreConfig.js to let you config DRAWIO_GITLAB_URL and DRAWIO_GITLAB_ID before compile or before start docker container
|
Thanks, I still get the : "The redirect URI included is not valid." after authorization. My draw.io docker is not served on a root url i.e. https://myapps.mycomp.com/draw could that be a problem ? My redirection does point to https://myapps.myconm.com/draw/gitlab.html Also, I can see a 404ed request to the gitlab: I can't tell if my problem is on the draw.io side or on the gitlab side :(. |
You have to modify this line
change window.location.origin to DRAWIO_GITLAB_URL see #515 |
We'll change that to:
in the next release. |
In 12.2.1 |
I am unable to get a self hosted Draw.io and GitLab to work. I have tried all the suggestions I have seen and @agaget's instructions. I have gone in to my gitlab > created new application > Named it > Set redirect uri to " I then went to It opens up draw.io and gives me the option to create new or open existing. I create new > Blank > Click on "Authorize" > (GitLab window opens) and all I get is an error in GitLab that says "The redirect URI included is not valid." I have tried doing everything fresh (deleted both containers for Draw.io and Gitlab) and deleted the config folder for GitLab (it does not seem that Draw.io has one for the unraid version at least) and started as fresh as I could to reach the same place. Any help to get this working would be appreciated. |
What is the redirect URL used that is invalid? Is your custom application ID being used? How did you set it? |
Yes.
I have tried both doing it by going through the menu that first pops up > selecting GitLab > and clicking on the |
We came upon the same error as @LilTrublMakr, and the error is from the redirect URL that draw.io generates. When opening local instance by opening URL from browser Gitlab URL that is generated from draw.io when clicking And it should be: draw.io was installed from the dockerhub image I have used the same sign-up process (create a gitlab application with the scope api, read_repository, write_repository). After fixing the URL I can add an app, edit diagrams from repositories and create new diagrams. |
URL parameters must be URL encoded, the specification states this. Encode your parameters and it should work. |
Right, thank you for the reply, after testing the opening instance by entering a URL
I can confirm that integration works properly. |
Im not sure if this should be a new issue but it seems similar. Description: Steps I took:
Troubleshooting:
|
@eremyja It's probably a problem with CSP (Content Security Policy) which was introduced in drawio since 13.1.7 (29-MAY-2020). The CSP forbids the browser to make HTTP-Requests to other domains. The allowed domains are defined in src/main/webapp/js/diagramly/Devel.js To define your custom allowed domain list for CSP you can use the Docker environment variable Here an example for setting the environment variable in
In this example, the most sources are restricted to same origin except images, media and fonts. But the browser is also allowed to invoke requests to https://git.example.com by scripts. |
That was it! Thank you! Is there some documentation for these kinds of things? This ticket is the only place I could find any relevant information about setting up a self hosted instance. |
Hi, Is this feature was included on the public instance app.diagrams.net/ ? Cause when I use: I got the redirection URI error. I can't change nothing on this instance and I don't really want to install and manage my own instance. Any idea ? Do i reopen the issue ? |
Hi,
Thanks for the gitlab storage feature,
Is there a way to use a private gitlab ? When I click on "Authorize" it goes to "gitlab.com" but I would like it to store on my gitlab company (https://gitlab.example.fr/) ?
If not, can it be integrated ?
Thanks
The text was updated successfully, but these errors were encountered: