-
Notifications
You must be signed in to change notification settings - Fork 148
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WG529 Auth styling and flags improvements #1624
Conversation
@foot Hey Simon! Got one issue here which seems to have to do with the proxy but not sure how to fix. If you log in with OIDC, you start with |
Can you change to |
Yup sorry I left 9001 in the example, I am testing with |
9ec32c8
to
ce0230d
Compare
ce0230d
to
aa9bd5f
Compare
There were quite a few conflicts, but many of them were very easy to resolve: anything related to acceptance tests has been deleted, lots of import conflicts, conficts in generated files, and some things that don't have a common ancestor and yet have almost the same content which makes git twitchy. There were a few more significant conflicts I've dealt with manually: * There's 2 independent implementations of https listeners (#1537, #1483). This also means it's been implemented in two places, `gitops run ui` and `gitops-server`. Keep the rate limiting from the main one, but otherwise mostly stick to the v2 one - it's been written to only work in docker. This means no more certificate generation code: v2 expects you to mount your certificates into the pod. TODO this deletes all gitops-server tests because they're all incompatible * The auth system in main has grown a username, which isn't present in v2. Add it to relevant files. * gitops profile upgrade is new. I've not really investigated how it works or if it still works, I've just adapted the API to the kind of changes we've done and checked that the tests pass. * There's been a lot of tilt rewrites in both branches. Since what you need to deploy the app and what it needs has changed in v2, I've mostly ignored main. * v2 and main disagreed on how to embed many svg images - v2 imported the images via filesystem path where they reside, while main imported them through images.ts. I've followed the v2 pattern. * Commit "Get auth working" (fdd15fb) in v2 rewrote how feature flags work, while main continued developing the old API. I've ported the new main code to the v2 API. * UserSettings had conflicts introduced in "Fix proxy port and user settings styling" (84bdc98) vs "WG529 Auth styling and flags improvements (#1624)" (f7098fb), I've tried to merge those. * Both main and v2 have turned a bunch of hard-coded auth secret name strings into constants. They've placed those constants in different places and given them different values. I gave up on trying to make this good and sensible and decided to just make everything compile and pass tests and start, and am looking forward to someone asking themselves "who would do this!?"
There were quite a few conflicts, but many of them were very easy to resolve: anything related to acceptance tests has been deleted, lots of import conflicts, conficts in generated files, and some things that don't have a common ancestor and yet have almost the same content which makes git twitchy. There were a few more significant conflicts I've dealt with manually: * There's 2 independent implementations of https listeners (#1537, #1483). This also means it's been implemented in two places, `gitops run ui` and `gitops-server`. Keep the rate limiting from the main one, but otherwise mostly stick to the v2 one - it's been written to only work in docker. This means no more certificate generation code: v2 expects you to mount your certificates into the pod. * The auth system in main has grown a username, which isn't present in v2. Add it to relevant files. * gitops profile upgrade is new. I've not really investigated how it works or if it still works, I've just adapted the API to the kind of changes we've done and checked that the tests pass. * There's been a lot of tilt rewrites in both branches. Since what you need to deploy the app and what it needs has changed in v2, I've mostly ignored main. * v2 and main disagreed on how to embed many svg images - v2 imported the images via filesystem path where they reside, while main imported them through images.ts. I've followed the v2 pattern. * Commit "Get auth working" (fdd15fb) in v2 rewrote how feature flags work, while main continued developing the old API. I've ported the new main code to the v2 API. * UserSettings had conflicts introduced in "Fix proxy port and user settings styling" (84bdc98) vs "WG529 Auth styling and flags improvements (#1624)" (f7098fb), I've tried to merge those. * Both main and v2 have turned a bunch of hard-coded auth secret name strings into constants. They've placed those constants in different places and given them different values. I gave up on trying to make this good and sensible and decided to just make everything compile and pass tests and start.
There were quite a few conflicts, but many of them were very easy to resolve: anything related to acceptance tests has been deleted, lots of import conflicts, conficts in generated files (which I've just re-generated and ignored), and some things that don't have a common ancestor and yet have almost the same content which makes git twitchy. There were a few more significant conflicts I've dealt with manually: * There's 2 independent implementations of https listeners (#1537, #1483). This also means it's been implemented in two places, `gitops run ui` and `gitops-server`. Keep the rate limiting from the main one, but otherwise mostly stick to the v2 one - it's been written to only work in docker. This means no more certificate generation code: v2 expects you to mount your certificates into the pod. * The auth system in main has grown a username, which isn't present in v2. Add it to relevant files. * gitops profile upgrade is new. I've not really investigated how it works or if it still works, I've just adapted the API to the kind of changes we've done and checked that the tests pass. * There's been a lot of tilt rewrites in both branches. Since what you need to deploy the app and what it needs has changed in v2, I've mostly ignored main. * v2 and main disagreed on how to embed many svg images - v2 imported the images via filesystem path where they reside, while main imported them through images.ts. I've followed the v2 pattern. * Commit "Get auth working" (fdd15fb) in v2 rewrote how feature flags work, while main continued developing the old API. I've ported the new main code to the v2 API. * UserSettings had conflicts introduced in "Fix proxy port and user settings styling" (84bdc98) vs "WG529 Auth styling and flags improvements (#1624)" (f7098fb), I've tried to merge those. * Both main and v2 have turned a bunch of hard-coded auth secret name strings into constants. They've placed those constants in different places and given them different values. I gave up on trying to make this good and sensible and decided to just make everything compile and pass tests and start.
There were quite a few conflicts, but many of them were very easy to resolve: anything related to acceptance tests has been deleted, lots of import conflicts, conficts in generated files (which I've just re-generated and ignored), and some things that don't have a common ancestor and yet have almost the same content which makes git twitchy. There were a few more significant conflicts I've dealt with manually: * There's 2 independent implementations of https listeners (#1537, #1483). This also means it's been implemented in two places, `gitops run ui` and `gitops-server`. Keep the rate limiting from the main one, but otherwise mostly stick to the v2 one - it's been written to only work in docker. This means no more certificate generation code: v2 expects you to mount your certificates into the pod. * The auth system in main has grown a username, which isn't present in v2. Add it to relevant files. * gitops profile upgrade is new. I've not really investigated how it works or if it still works, I've just adapted the API to the kind of changes we've done and checked that the tests pass. * There's been a lot of tilt rewrites in both branches. Since what you need to deploy the app and what it needs has changed in v2, I've mostly ignored main. * v2 and main disagreed on how to embed many svg images - v2 imported the images via filesystem path where they reside, while main imported them through images.ts. I've followed the v2 pattern. * Commit "Get auth working" (fdd15fb) in v2 rewrote how feature flags work, while main continued developing the old API. I've ported the new main code to the v2 API. * UserSettings had conflicts introduced in "Fix proxy port and user settings styling" (84bdc98) vs "WG529 Auth styling and flags improvements (#1624)" (f7098fb), I've tried to merge those. * Both main and v2 have turned a bunch of hard-coded auth secret name strings into constants. They've placed those constants in different places and given them different values. I gave up on trying to make this good and sensible and decided to just make everything compile and pass tests and start.
Closes:
What changed?
sign_in
route redirects to applications page if auth flag is not switched onDocumentation Changes
Added in: #1599
Use to log in with username/password (admin/my-secret-password):
Use to log in with OIDC (if this is not added to the cluster you can pass the CLI params in e.g:
--oidc-issuer-url https://dex-01.wge.dev.weave.works/ --oidc-client-id weave-gitops --oidc-client-secret ZXhhbXBsZS1hcHAtc2VjcmV0 --oidc-redirect-url https://localhost:4567/oauth2/callback
):