diff --git a/backend/.gitignore b/backend/.gitignore index 7e85607350..0404f87911 100644 --- a/backend/.gitignore +++ b/backend/.gitignore @@ -4,6 +4,7 @@ .idea config/* !config/config_template.yaml +!config/config_template.py .history **/__pycache__/ .vscode diff --git a/backend/config/config_template.py b/backend/config/config_template.py new file mode 100644 index 0000000000..0ca4c7b76e --- /dev/null +++ b/backend/config/config_template.py @@ -0,0 +1,172 @@ +# SPDX-FileCopyrightText: Copyright DB InfraGO AG and contributors +# SPDX-License-Identifier: Apache-2.0 + +import dataclasses +from typing import Dict + +import yaml + + +@dataclasses.dataclass +class DockerConfig: + registry: str = "k3d-myregistry.localhost:12345" + externalRegistry: str = "docker.io" + + +@dataclasses.dataclass +class K8sPodSecurityContext: + runAsUser: int = 1004370000 + runAsGroup: int = 1004370000 + fsGroup: int = 1004370000 + runAsNonRoot: bool = True + + +@dataclasses.dataclass +class K8sClusterConfig: + imagePullPolicy: str = "Always" + podSecurityContext: K8sPodSecurityContext = K8sPodSecurityContext + + +@dataclasses.dataclass +class K8sPromtailConfig: + lokiEnabled: bool = True + lokiUrl: str = "http://localhost:30001/loki/api/v1/push" + lokiUsername: str = "localLokiUser" + lokiPassword: str = "localLokiPassword" + serverPort: int = 3101 + + +# Only required when using operator k8s +@dataclasses.dataclass +class K8sConfig: + # Only required, if you'd like to use a local k3d environment + context: str = "k3d-collab-cluster" + namespace: str = "collab-sessions" + storageClassName: str = "local-path" + storageAccessMode: str = "ReadWriteOnce" + cluster: K8sClusterConfig = K8sClusterConfig + promtail: K8sPromtailConfig = K8sPromtailConfig + # Only required when no kubectl context is available + apiURL: str | None = None + token: str | None = None + + +@dataclasses.dataclass +class GeneralConfig: + host: str = "localhost" + port: int = 8000 + scheme: str = "http" + wildcardHost: bool = False + + +@dataclasses.dataclass +class ExtensionGuacamoleConfig: + baseURI: str = "http://localhost:8080/guacamole" + publicURI: str = "http://localhost:8080/guacamole" + username: str = "guacadmin" + password: str = "guacadmin" + + +@dataclasses.dataclass +class ExtensionJupyterConfig: + publicURI: str = "http://localhost:8080/jupyter" + + +@dataclasses.dataclass +class ExtensionsConfig: + guacamole: ExtensionGuacamoleConfig = ExtensionGuacamoleConfig + jupyter: ExtensionJupyterConfig = ExtensionJupyterConfig + + +@dataclasses.dataclass +class AuthOauthClientConfig: + id: str = "default" + secret: str | None = None + + +# Only required when using provider oauth +@dataclasses.dataclass +class AuthOathEndpointsConfig: + wellknown: str = ( + "http://localhost:8083/default/.well-known/openid-configuration" + ) + tokenIssuance: str | None = None + authorization: str | None = None + + +@dataclasses.dataclass +class AuthOauthConfig: + # Only required when using provider oauth + endpoints: AuthOathEndpointsConfig | None = None + audience: str = "default" + scopes: list[str] = dataclasses.field(default=lambda: ["openid"]) + client: AuthOauthClientConfig = AuthOauthClientConfig + redirectURI: str = "http://localhost:4200/oauth2/callback" + + +@dataclasses.dataclass +class AuthenticationConfig: + provider: str = "oauth" # oauth | azure + jwt: dict[str, str] = dataclasses.field( + default_factory={"usernameClaim": "sub"} + ) # preferred_username + oauth: AuthOauthConfig = AuthOauthConfig + + +@dataclasses.dataclass +class PipelineConfig: + timeout: int = 60 + + +@dataclasses.dataclass +class DatabaseConfig: + url: str = "postgresql://dev:dev@localhost:5432/dev" + + +@dataclasses.dataclass +class InitialConfig: + admin: str = "admin" + + +@dataclasses.dataclass +class LoggingConfig: + level: str = "DEBUG" + logPath: str = "logs/" + + +@dataclasses.dataclass +class RequestsConfig: + timeout: int = 2 + + +@dataclasses.dataclass +class PrometheusConfig: + url: str = "http://localhost:8080/prometheus/" + + +@dataclasses.dataclass +class AppConfig: + docker: DockerConfig = DockerConfig + k8s: K8sConfig = K8sConfig + general: GeneralConfig = GeneralConfig + extensions: ExtensionsConfig = ExtensionsConfig + authentication: AuthenticationConfig = AuthenticationConfig + pipelines: PipelineConfig = PipelineConfig + database: DatabaseConfig = DatabaseConfig + initial: InitialConfig = InitialConfig + logging: LoggingConfig = LoggingConfig + requests: RequestsConfig = RequestsConfig + prometheus: PrometheusConfig = PrometheusConfig + + +def generate_yaml_from_config_template(): + app_config = AppConfig() + config_dict = app_config.__dict__ + yaml_str = yaml.dump(config_dict, sort_keys=False) + + with open("config.yaml", "w", encoding="utf-8") as yaml_file: + yaml_file.write(yaml_str) + + +if __name__ == "__main__": + generate_yaml_from_config_template() diff --git a/backend/config/config_template.yaml b/backend/config/config_template.yaml deleted file mode 100644 index 6c89c3f91a..0000000000 --- a/backend/config/config_template.yaml +++ /dev/null @@ -1,102 +0,0 @@ -# SPDX-FileCopyrightText: Copyright DB InfraGO AG and contributors -# SPDX-License-Identifier: Apache-2.0 - -docker: - registry: k3d-myregistry.localhost:12345 - externalRegistry: docker.io - -k8s: - # Only required when using operator k8s - context: k3d-collab-cluster # Only required, if you'd like to use a local k3d environment - namespace: collab-sessions - - # apiURL: dummy # Only required when no kubectl context is available - # token: dummy # Only required when no kubectl context is available - - storageClassName: local-path - storageAccessMode: ReadWriteOnce - - cluster: - imagePullPolicy: Always - podSecurityContext: - runAsUser: 1004370000 - runAsGroup: 1004370000 - fsGroup: 1004370000 - runAsNonRoot: true - - promtail: - lokiEnabled: True - lokiUrl: http://localhost:30001/loki/api/v1/push - lokiUsername: localLokiUser - lokiPassword: localLokiPassword - serverPort: 3101 - -general: - host: localhost - port: 8000 - scheme: http - wildcardHost: False - -extensions: - guacamole: - baseURI: http://localhost:8080/guacamole - publicURI: http://localhost:8080/guacamole - - username: guacadmin - password: guacadmin - - jupyter: - publicURI: http://localhost:8080/jupyter - -authentication: - provider: oauth # oauth | azure - jwt: - usernameClaim: sub # preferred_username - - oauth: - # Only required when using provider oauth - endpoints: - wellKnown: http://localhost:8083/default/.well-known/openid-configuration - tokenIssuance: - authorization: - - audience: default - - scopes: - - openid - - client: - id: default - secret: - - redirectURI: http://localhost:4200/oauth2/callback - - # azure: - # # Only required when using provider azure - # authorizationEndpoint: http://tbd - - # client: - # id: tbd - # secret: tbd - - # audience: tbd - # redirectURI: http://localhost:4200/oauth2/callback - -pipelines: - timeout: 60 - -database: - url: postgresql://dev:dev@localhost:5432/dev - -initial: - admin: admin - -logging: - level: DEBUG - logPath: logs/ - -requests: - timeout: 2 - -prometheus: - url: http://localhost:8080/prometheus/