From 7fc26783bcd8845f2cba93e9da850502c187bc02 Mon Sep 17 00:00:00 2001 From: Andrey Sobolev Date: Fri, 25 Feb 2022 16:04:02 +0700 Subject: [PATCH] Fix server secret specification (#1054) Signed-off-by: Andrey Sobolev --- dev/docker-compose.yaml | 6 ++++++ pods/account/package.json | 3 ++- pods/account/src/index.ts | 8 ++++++++ server/front/src/__start.ts | 10 ++++++++++ server/server/package.json | 3 ++- server/server/src/__start.ts | 10 ++++++++++ server/tool/src/plugin.ts | 3 +-- tests/docker-compose.yaml | 3 +++ 8 files changed, 42 insertions(+), 4 deletions(-) diff --git a/dev/docker-compose.yaml b/dev/docker-compose.yaml index 0cf34f621d..88894a0b41 100644 --- a/dev/docker-compose.yaml +++ b/dev/docker-compose.yaml @@ -48,6 +48,8 @@ services: ports: - 3000:3000 environment: + - SERVER_PORT=3000 + - SERVER_SECRET=secret - MONGO_URL=mongodb://mongodb:27017 - TRANSACTOR_URL=ws://transactor:3333 - ENDPOINT_URL=ws://localhost:3333 @@ -64,6 +66,8 @@ services: ports: - 8081:8080 environment: + - SERVER_PORT=8080 + - SERVER_SECRET=secret - ACCOUNTS_URL=http://localhost:3000 - FRONT_URL=http://localhost:8081 - UPLOAD_URL=/files @@ -82,6 +86,8 @@ services: ports: - 3333:3333 environment: + - SERVER_PORT=3333 + - SERVER_SECRET=secret - ELASTIC_URL=http://elastic:9200 - MONGO_URL=mongodb://mongodb:27017 - METRICS_CONSOLE=true diff --git a/pods/account/package.json b/pods/account/package.json index ab6cebea7b..a6626f32af 100644 --- a/pods/account/package.json +++ b/pods/account/package.json @@ -47,6 +47,7 @@ "koa-router": "^10.1.1", "koa-bodyparser": "^4.3.0", "@koa/cors": "^3.1.0", - "@anticrm/server-tool": "~0.6.0" + "@anticrm/server-tool": "~0.6.0", + "@anticrm/server-token": "~0.6.0" } } diff --git a/pods/account/src/index.ts b/pods/account/src/index.ts index 7e3812af53..91a8ab7333 100644 --- a/pods/account/src/index.ts +++ b/pods/account/src/index.ts @@ -16,6 +16,7 @@ import { ACCOUNT_DB, methods } from '@anticrm/account' import toolPlugin from '@anticrm/server-tool' +import serverToken from '@anticrm/server-token' import platform, { Request, Response, serialize, setMetadata, Severity, Status } from '@anticrm/platform' import cors from '@koa/cors' import { IncomingHttpHeaders } from 'http' @@ -39,6 +40,13 @@ if (transactorUri === undefined) { const endpointUri = process.env.ENDPOINT_URL ?? transactorUri +const serverSecret = process.env.SERVER_SECRET +if (serverSecret === undefined) { + console.log('Please provide server secret') + process.exit(1) +} + +setMetadata(serverToken.metadata.Secret, serverSecret) setMetadata(toolPlugin.metadata.Endpoint, endpointUri) setMetadata(toolPlugin.metadata.Transactor, transactorUri) diff --git a/server/front/src/__start.ts b/server/front/src/__start.ts index 805f35ba65..ba90dbb127 100644 --- a/server/front/src/__start.ts +++ b/server/front/src/__start.ts @@ -15,6 +15,8 @@ // import { Client } from 'minio' +import { setMetadata } from '@anticrm/platform' +import serverToken from '@anticrm/server-token' import { start } from './app' const SERVER_PORT = parseInt(process.env.SERVER_PORT ?? '8080') @@ -75,6 +77,14 @@ if (modelVersion === undefined) { process.exit(1) } +const serverSecret = process.env.SERVER_SECRET +if (serverSecret === undefined) { + console.log('Please provide server secret') + process.exit(1) +} + +setMetadata(serverToken.metadata.Secret, serverSecret) + const config = { transactorEndpoint, elasticUrl, minio, accountsUrl, uploadUrl, modelVersion } console.log('Starting Front service with', config) const shutdown = start(config, SERVER_PORT) diff --git a/server/server/package.json b/server/server/package.json index fa0cfb19d9..bde4b74a35 100644 --- a/server/server/package.json +++ b/server/server/package.json @@ -60,6 +60,7 @@ "@anticrm/server-recruit": "~0.6.0", "@anticrm/server-recruit-resources": "~0.6.0", "@anticrm/server-task": "~0.6.0", - "@anticrm/server-task-resources": "~0.6.0" + "@anticrm/server-task-resources": "~0.6.0", + "@anticrm/server-token": "~0.6.0" } } diff --git a/server/server/src/__start.ts b/server/server/src/__start.ts index 57e63251da..dfc215ac68 100644 --- a/server/server/src/__start.ts +++ b/server/server/src/__start.ts @@ -15,6 +15,8 @@ // // Add this to the VERY top of the first file loaded in your app +import { setMetadata } from '@anticrm/platform' +import serverToken from '@anticrm/server-token' import { start } from '.' const serverPort = parseInt(process.env.SERVER_PORT ?? '3333') @@ -55,6 +57,14 @@ const minioConf = { secretKey: minioSecretKey } +const serverSecret = process.env.SERVER_SECRET +if (serverSecret === undefined) { + console.log('Please provide server secret') + process.exit(1) +} + +setMetadata(serverToken.metadata.Secret, serverSecret) + // eslint-disable-next-line @typescript-eslint/no-floating-promises console.log(`starting server on ${serverPort}`) const shutdown = start(url, elasticUrl, minioConf, serverPort) diff --git a/server/tool/src/plugin.ts b/server/tool/src/plugin.ts index d352c9c713..f66105529d 100644 --- a/server/tool/src/plugin.ts +++ b/server/tool/src/plugin.ts @@ -11,8 +11,7 @@ export const toolId = 'tool' as Plugin const toolPlugin = plugin(toolId, { metadata: { Endpoint: '' as Metadata, - Transactor: '' as Metadata, - Secret: '' as Metadata + Transactor: '' as Metadata } }) diff --git a/tests/docker-compose.yaml b/tests/docker-compose.yaml index fc46692104..3e83397232 100644 --- a/tests/docker-compose.yaml +++ b/tests/docker-compose.yaml @@ -44,6 +44,7 @@ services: - 3003:3003 environment: - ACCOUNT_PORT=3003 + - SERVER_SECRET=secret - MONGO_URL=mongodb://mongodb:27018 - TRANSACTOR_URL=ws://transactor:3334 - ENDPOINT_URL=ws://localhost:3334 @@ -62,6 +63,7 @@ services: - 8083:8083 environment: - SERVER_PORT=8083 + - SERVER_SECRET=secret - ACCOUNTS_URL=http://localhost:3003 - UPLOAD_URL=/files - TRANSACTOR_URL=ws://localhost:3334 @@ -79,6 +81,7 @@ services: - 3334:3334 environment: - SERVER_PORT=3334 + - SERVER_SECRET=secret - ELASTIC_URL=http://elastic:9200 - MONGO_URL=mongodb://mongodb:27018 - METRICS_CONSOLE=true