feat(install): auto create jwt_secret for chalice.

2021-05-19 20:47:15 +05:30 · 2021-05-19 20:47:15 +05:30 · 8aa2a4d6d8
commit 8aa2a4d6d8
parent c1ba6b4fcf
4 changed files with 24 additions and 4 deletions
--- a/scripts/helm/app/chalice.yaml
+++ b/scripts/helm/app/chalice.yaml
@ -56,7 +56,7 @@ env:
  EMAIL_FROM: OpenReplay<do-not-reply@openreplay.com>
  SITE_URL: ''
  announcement_url: ''
-  jwt_secret: SET A RANDOM STRING HERE
+  jwt_secret: "SetARandomStringHere"
  jwt_algorithm: HS512
  jwt_exp_delta_seconds: '2592000'
  # Override with your https://domain_name
--- a/scripts/helm/roles/openreplay/tasks/pre-check.yaml
+++ b/scripts/helm/roles/openreplay/tasks/pre-check.yaml
@ -34,6 +34,20 @@
          set_fact:
            minio_access_key: "{{ minio_secret_key_generated }}"
      when: minio_secret_key|length == 0
+    - name: Generating jwt secret key
+      block:
+        - name: Generating jwt access key
+          set_fact:
+            jwt_secret_key_generated: "{{ lookup('password', '/dev/null length=30 chars=ascii_letters') }}"
+        - name: Updating vars.yaml
+          lineinfile:
+            regexp: '^jwt_secret_key'
+            line: 'jwt_secret_key: "{{jwt_secret_key_generated}}"'
+            path: vars.yaml
+        - name: Generating jwt secret key
+          set_fact:
+            jwt_access_key: "{{ jwt_secret_key_generated }}"
+      when: jwt_secret_key|length == 0
  rescue:
    - name: Caught error
      debug:
--- a/scripts/helm/roles/openreplay/templates/chalice.yaml
+++ b/scripts/helm/roles/openreplay/templates/chalice.yaml
@ -13,3 +13,4 @@ env:
  sourcemaps_bucket_key: "{{ minio_access_key }}"
  sourcemaps_bucket_secret: "{{ minio_secret_key }}"
  S3_HOST: "https://{{ domain_name }}"
+  jwt_secret: "{{ jwt_secret_key }}"
--- a/scripts/helm/vars.yaml
+++ b/scripts/helm/vars.yaml
@ -7,7 +7,7 @@
 # Give absolute file path.
 # Use following command to get the full file path
 # `readlink -f <file>`
-kubeconfig_path: ""
+kubeconfig_path: /home/rajeshr/.kube/config

 ###################
 ## Optional Fields.
@ -21,8 +21,8 @@ image_tag: v1.0.0

 # This is an optional field. If you want to use proper ssl, then it's mandatory
 # Using which domain name, you'll be accessing OpenReplay
-# for exmample: domain_name: "openreplay.mycorp.org"
-domain_name: ""
+# for example: domain_name: "test.com" 
+domain_name: "" 

 # Nginx ssl certificates.
 # in cert format
@ -39,6 +39,11 @@ domain_name: ""
 nginx_ssl_cert_file_path: ""
 nginx_ssl_key_file_path: ""

+# This key is used to create password for chalice api requests.
+# Create a strong password.
+# By default, a default key will be generated and will update the value here.
+jwt_secret_key: ""
+
 # Enable monitoring
 # If set, monitoring stack will be installed
 # including, prometheus, grafana and other core components,