Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adjust getting started documentation #897

Merged
merged 1 commit into from
Sep 8, 2023
Merged

Adjust getting started documentation #897

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -210,7 +210,7 @@ First, you'll need to enroll your first provider. Before doing this, make sure t
and fill in the appropriate settings in your `config.yaml` file.

You may create an OAuth2 application [here](https://github.com/settings/developers). Select
`New OAuth App` and fill in the details. The callback URL should be `http://localhost:8080/api/v1/auth/callback/github/cli`.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice! I now realised I forgot to flag that too when I encountered it myself 😃

`New OAuth App` and fill in the details. The callback URL should be `http://localhost:8080/api/v1/auth/callback/github`.
Create a new client secret and fill in the `client_id` and `client_secret` in your `config.yaml` file.

Once the Application is registered and the configuration is set, you can enroll the provider:
Expand Down
22 changes: 7 additions & 15 deletions docs/docs/policy_engine/manage_policies.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -137,13 +137,13 @@ by using those defaults without having to create a new policy from scratch.

Before creating a policy, we need to ensure that all rule types exist in mediator.

A rule type can be created by pointing to a file containing the rule type definition:
A rule type can be created by pointing to a directory (or file) containing the rule type definition:

```bash
medic rule_type create -f ./examples/github/rule-types/secret_scanning.yaml
medic rule_type create -f ./examples/github/rule-types
```

Where `secret_scanning.yaml` may look as the example above.
Where the yaml files in the directory `rule-types` may look as the example above.

Once all the relevant rule types are available for our group, we may take them into use
by creating a policy.
Expand All @@ -160,7 +160,7 @@ The policy can be created by using the provided defaults, or by providing a new
For creating based on a file:

```bash
medic policy create --provider github -f ./examples/github/policies/policy.yaml
medic policy create -f ./examples/github/policies/policy.yaml
```

Where `policy.yaml` may look as the example above.
Expand All @@ -183,22 +183,14 @@ Policy status will inform about:
- status: [success, failure]
- last updated: time when this status was updated

Policy status can be checked at different levels:

1. Globally per provider and group, listing all related policy status:

```bash
medic policy_status list --provider github --group-id 1
```

2. For an specific policy:
Policy status can be checked using the following commands

```bash
medic policy_status list --policy-id 1
medic policy_status list --policy 1
```

or

```bash
medic policy get --id 1 --status --output yaml
medic policy get --id 1 --output yaml
```
2 changes: 1 addition & 1 deletion docs/docs/run_mediator_server/config_oauth.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ Mediator uses OAuth2 to authenticate users. This means that you will need to con
5. Enter the following details:
- Application Name: `Mediator`
- Homepage URL: `http://localhost:8080`
- Authorization callback URL: `http://localhost:8080/api/v1/auth/callback/github/cli`
- Authorization callback URL: `http://localhost:8080/api/v1/auth/callback/github`
6. Select "Register Application"
7. Generate a client secret
7. Copy the "Client ID" , "Client Secret" and "Authorization callback URL" values
Expand Down
10 changes: 9 additions & 1 deletion docs/docs/run_mediator_server/run_the_server.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,17 +94,25 @@ mediator-server migrate up

## Create encryption keys

The default configuration expects these keys to be in a directory named `.ssh`, relative to where you run the `mediator-server` binary.
Start by creating the `.ssh` directory.

```bash
mkdir .ssh && cd .ssh
```

Encryption keys are used to encrypt JWT tokens. You can create these using the `openssl` CLI tool.

```bash
# First generate an RSA key pair
ssh-keygen -t rsa -b 2048 -m PEM -f access_token_rsa
ssh-keygen -t rsa -b 2048 -m PEM -f refresh_token_rsa
# For passwordless keys, run the following:
openssl rsa -in access_token_rsa -pubout -outform PEM -out access_token_rsa.pub
openssl rsa -in access_token_rsa -pubout -outform PEM -out access_token_rsa.pub
```

These keys should be placed in the `.ssh` directory, relative to where you run the `mediator-server` binary. Alternatively, you can specify the location of the keys in the `config.yaml` file.
If your keys live in a directory other than `.ssh`, you can specify the location of the keys in the `config.yaml` file.

```yaml
auth:
Expand Down