From 8aa2a4d6d8070e1992bc799cf0603cfcddbee2c3 Mon Sep 17 00:00:00 2001 From: Rajesh Rajendran Date: Wed, 19 May 2021 20:47:15 +0530 Subject: [PATCH] feat(install): auto create jwt_secret for chalice. --- scripts/helm/app/chalice.yaml | 2 +- scripts/helm/roles/openreplay/tasks/pre-check.yaml | 14 ++++++++++++++ .../helm/roles/openreplay/templates/chalice.yaml | 1 + scripts/helm/vars.yaml | 11 ++++++++--- 4 files changed, 24 insertions(+), 4 deletions(-) diff --git a/scripts/helm/app/chalice.yaml b/scripts/helm/app/chalice.yaml index 9a02adfaa..0c2b42251 100644 --- a/scripts/helm/app/chalice.yaml +++ b/scripts/helm/app/chalice.yaml @@ -56,7 +56,7 @@ env: EMAIL_FROM: OpenReplay SITE_URL: '' announcement_url: '' - jwt_secret: SET A RANDOM STRING HERE + jwt_secret: "SetARandomStringHere" jwt_algorithm: HS512 jwt_exp_delta_seconds: '2592000' # Override with your https://domain_name diff --git a/scripts/helm/roles/openreplay/tasks/pre-check.yaml b/scripts/helm/roles/openreplay/tasks/pre-check.yaml index 21625f63f..abd701b5a 100644 --- a/scripts/helm/roles/openreplay/tasks/pre-check.yaml +++ b/scripts/helm/roles/openreplay/tasks/pre-check.yaml @@ -34,6 +34,20 @@ set_fact: minio_access_key: "{{ minio_secret_key_generated }}" when: minio_secret_key|length == 0 + - name: Generating jwt secret key + block: + - name: Generating jwt access key + set_fact: + jwt_secret_key_generated: "{{ lookup('password', '/dev/null length=30 chars=ascii_letters') }}" + - name: Updating vars.yaml + lineinfile: + regexp: '^jwt_secret_key' + line: 'jwt_secret_key: "{{jwt_secret_key_generated}}"' + path: vars.yaml + - name: Generating jwt secret key + set_fact: + jwt_access_key: "{{ jwt_secret_key_generated }}" + when: jwt_secret_key|length == 0 rescue: - name: Caught error debug: diff --git a/scripts/helm/roles/openreplay/templates/chalice.yaml b/scripts/helm/roles/openreplay/templates/chalice.yaml index 90b6de579..5b757ef65 100644 --- a/scripts/helm/roles/openreplay/templates/chalice.yaml +++ b/scripts/helm/roles/openreplay/templates/chalice.yaml @@ -13,3 +13,4 @@ env: sourcemaps_bucket_key: "{{ minio_access_key }}" sourcemaps_bucket_secret: "{{ minio_secret_key }}" S3_HOST: "https://{{ domain_name }}" + jwt_secret: "{{ jwt_secret_key }}" diff --git a/scripts/helm/vars.yaml b/scripts/helm/vars.yaml index 0cc8f28fc..57baea4a1 100644 --- a/scripts/helm/vars.yaml +++ b/scripts/helm/vars.yaml @@ -7,7 +7,7 @@ # Give absolute file path. # Use following command to get the full file path # `readlink -f ` -kubeconfig_path: "" +kubeconfig_path: /home/rajeshr/.kube/config ################### ## Optional Fields. @@ -21,8 +21,8 @@ image_tag: v1.0.0 # This is an optional field. If you want to use proper ssl, then it's mandatory # Using which domain name, you'll be accessing OpenReplay -# for exmample: domain_name: "openreplay.mycorp.org" -domain_name: "" +# for example: domain_name: "test.com" +domain_name: "" # Nginx ssl certificates. # in cert format @@ -39,6 +39,11 @@ domain_name: "" nginx_ssl_cert_file_path: "" nginx_ssl_key_file_path: "" +# This key is used to create password for chalice api requests. +# Create a strong password. +# By default, a default key will be generated and will update the value here. +jwt_secret_key: "" + # Enable monitoring # If set, monitoring stack will be installed # including, prometheus, grafana and other core components,