PC-878: Moving oss_auth to ory_auth and clarify docs to show that skaffold can...

PC-878: Moving oss_auth to ory_auth and clarify docs to show that skaffold can run multiple profiles non-exclusively Summary: skaffold lets you run multiple profiles so adjusting that. And renaming the oss_auth stuff to ory_auth Test Plan: deployed dev and ory_auth and it worked as intended. Reviewers: vihang, michelle Reviewed By: vihang JIRA Issues: PC-878 Differential Revision: https://phab.corp.pixielabs.ai/D8477 GitOrigin-RevId: ea737d102c9433f681df04c1d3b5a3aeb2483011

PC-878: Moving oss_auth to ory_auth and clarify docs to show that skaffold can...
PC-878: Moving oss_auth to ory_auth and clarify docs to show that skaffold can run multiple profiles non-exclusively Summary: skaffold lets you run multiple profiles so adjusting that. And renaming the oss_auth stuff to ory_auth Test Plan: deployed dev and ory_auth and it worked as intended. Reviewers: vihang, michelle Reviewed By: vihang JIRA Issues: PC-878 Differential Revision: https://phab.corp.pixielabs.ai/D8477 GitOrigin-RevId: ea737d102c9433f681df04c1d3b5a3aeb2483011
2f2a2601 · Phillip Kuznetsov · Copybara · f4d36ed2 · 2f2a2601 · 2f2a2601
Unverified Commit 2f2a2601 authored 4 years ago by Phillip Kuznetsov Committed by Copybara 4 years ago
Hide whitespace changes
Inline Side-by-side

Showing

with 22 additions and 22 deletions
+22 -22
--- a/DEVELOPMENT.md
+++ b/DEVELOPMENT.md
@@ -30,16 +30,20 @@ make dev-env-start
    ```
    ./scripts/deploy_cloud_prereqs.sh plc-dev dev
    ```
-2. Deploy the Pixie Cloud services and deployments. Note to change the profile depending on whether you are deploying to minikube or another K8s environment.
+2. Deploy the Pixie Cloud services and deployments. Note to add profile flags for whether you're running a dev build, minikube env, or want to use ory_auth in place of auth0.

    ```
-    skaffold dev -f skaffold/skaffold_cloud.yaml -p (dev|minikube|oss_auth)
+    # note: Profile args are not exclusive.
+    # -p dev enables the dev profile
+    # -p minikube enables the minikube profile
+    # -p ory_auth enables the ory authentication deployment. Not including this uses auth0 by default.
+    skaffold dev -f skaffold/skaffold_cloud.yaml (-p dev) (-p minikube) (-p ory_auth)
    ```
 3. Load basic artifacts into the database.

    ```
-    # --load_oss_auth only works for skaffold cloud's started with `-p oss_auth`.
-    ./scripts/load_dev_db.sh plc-dev [--load_oss_auth]
+    # --load_ory_auth only works for skaffold cloud's started with `-p ory_auth`.
+    ./scripts/load_dev_db.sh plc-dev [--load_ory_auth]
    ```
 4. Update `/etc/hosts` so that it knows to point `dev.withpixie.dev` to your running dev cloud instance. The `dev_dns_updater` will do this process for you.

@@ -47,7 +51,7 @@ make dev-env-start
    bazel run //src/utils/dev_dns_updater:dev_dns_updater -- --domain-name "dev.withpixie.dev"
    ```

-5. (`oss_auth` only) Create the admin user and get link to update password
+5. (`ory_auth` only) Create the admin user and get link to update password
    ```
    skaffold dev -f skaffold/skaffold_cloud.yaml -p create_admin_job
    ```
@@ -56,7 +60,7 @@ make dev-env-start
    ...
    [create-admin-job-hssrl create-admin-job] time="2021-04-19T19:35:56Z" level=info msg="Please go to 'https://work.dev.withpixie.dev/oauth/kratos/self-service/recovery/methods/link?flow=31e0cef8-43ad-4a7a-b2e8-1d59a1101527&token=RRwpPGtJXzuNFjffxize1HZppp7oS3e3' to set password for 'admin@default.com'" func=main.main file="src/cloud/jobs/create_admin_user/main.go:100"
    ```
-6. (`oss_auth` only) Create Hydra OAuth Client
+6. (`ory_auth` only) Create Hydra OAuth Client
   ```
    $ export HYDRA_POD=$(kubectl get pods -nplc-dev -l name=hydra --template '{{range .items}}{{.metadata.name}}{{end}}')
    $ export HYDRA_SECRET=<your secret here>

--- a/k8s/cloud/oss_auth/job/create_admin_job.yaml
+++ b/k8s/cloud/oss_auth/job/create_admin_job.yaml
--- a/k8s/cloud/oss_auth/job/kustomization.yaml
+++ b/k8s/cloud/oss_auth/job/kustomization.yaml
--- a/k8s/cloud/oss_auth/kustomization.yaml
+++ b/k8s/cloud/oss_auth/kustomization.yaml
--- a/k8s/cloud/oss_auth/oauth_config.yaml
+++ b/k8s/cloud/oss_auth/oauth_config.yaml
--- a/k8s/cloud/oss_auth/service_config.yaml
+++ b/k8s/cloud/oss_auth/service_config.yaml
--- a/scripts/load_dev_db.sh
+++ b/scripts/load_dev_db.sh
@@ -21,11 +21,11 @@ function usage() {
  # Disable the printing on each echo.
  set +x
  echo "Usage:"
-  echo "$0 namespace [--load_oss_auth] --help"
+  echo "$0 namespace [--load_ory_auth] --help"
  echo ""
  echo "    namespace             The namespace where we want to load the db"
  echo "                              Required."
-  echo "    --load_oss_auth       Whether to load the oss auth database or not."
+  echo "    --load_ory_auth       Whether to load the oss auth database or not."
  echo "                              Optional."
  echo ""
  exit 1
@@ -37,7 +37,7 @@ if [ $# -lt 1 ]; then
 fi

 namespace=""
-load_oss_auth=0
+load_ory_auth=0
 repo_path=$(pwd)
 versions_file="$(pwd)/src/utils/artifacts/artifact_db_updater/VERSIONS.json"
 certs_path=$(pwd)/credentials/certs
@@ -45,8 +45,8 @@ while true; do
    if [[ "$1" == "--help" ]]; then
        usage
        exit 1
-    elif [[ "$1" == "--load_oss_auth" ]]; then
-        load_oss_auth=1
+    elif [[ "$1" == "--load_ory_auth" ]]; then
+        load_ory_auth=1
    else
        namespace=$1
    fi
@@ -82,7 +82,7 @@ bazel run -c opt //src/cloud/dnsmgr/load_certs:load_certs -- \
    --certs_path "${certs_path}" --postgres_db "pl"

 # Run the kratos and hydra migrate jobs.
-if [[ $load_oss_auth -ne 0 ]]; then
+if [[ $load_ory_auth -ne 0 ]]; then
    kubectl apply -n "${namespace}" -f "${repo_path}/k8s/cloud/base/kratos/kratos_migrate.yaml"
    kubectl apply -n "${namespace}" -f "${repo_path}/k8s/cloud/base/hydra/hydra_migrate.yaml"
 fi

--- a/skaffold/skaffold_cloud.yaml
+++ b/skaffold/skaffold_cloud.yaml
@@ -71,15 +71,11 @@ profiles:
    - --compilation_mode=dbg
  activation:
  - command: dev
- name: oss_auth
+- name: ory_auth
  patches:
-  - op: add
-    path: /build/artifacts/context=./bazel/args
-    value:
-    - --compilation_mode=dbg
  - op: replace
    path: /deploy/kustomize/paths
-    value: [k8s/cloud/oss_auth]
+    value: [k8s/cloud/ory_auth]
 - name: nightly
  patches:
  - op: add
@@ -112,7 +108,7 @@ profiles:
    - --compilation_mode=dbg
  - op: replace
    path: /deploy/kustomize/paths
-    value: [k8s/cloud/oss_auth/job]
+    value: [k8s/cloud/ory_auth/job]
 - name: staging
  patches:
  - op: add

--- a/src/ui/webpack.config.js
+++ b/src/ui/webpack.config.js
@@ -236,11 +236,11 @@ module.exports = (env, argv) => {
  let credentialsEnv = process.env.PL_BUILD_TYPE;

  // Users can specify the OAUTH environment. Usually this just means
-  // setting to "oss_auth", otherwise will default to `environment`.
+  // setting to "ory_auth", otherwise will default to `environment`.
  const oauthConfigEnv = process.env.PL_OAUTH_CONFIG_ENV;
  let oauthYAML = utils.readYAMLFile(join(topLevelDir, 'credentials', 'k8s', credentialsEnv, 'configs', 'oauth_config.yaml'), true);
-  // Special case for oss_auth where we read from the unecrypted file.
-  if (oauthConfigEnv === 'oss_auth') {
+  // Special case for ory_auth where we read from the unecrypted file.
+  if (oauthConfigEnv === 'ory_auth') {
    oauthYAML = utils.readYAMLFile( join(topLevelDir, 'k8s', 'cloud', oauthConfigEnv, 'oauth_config.yaml'), false);
  }