diff --git a/backend/.gitignore b/backend/.gitignore index 7e85607350..d55f338df9 100644 --- a/backend/.gitignore +++ b/backend/.gitignore @@ -3,7 +3,6 @@ .idea config/* -!config/config_template.yaml .history **/__pycache__/ .vscode diff --git a/backend/capellacollab/config/config_template.py b/backend/capellacollab/config/config_template.py new file mode 100644 index 0000000000..62f3d40959 --- /dev/null +++ b/backend/capellacollab/config/config_template.py @@ -0,0 +1,154 @@ +# SPDX-FileCopyrightText: Copyright DB InfraGO AG and contributors +# SPDX-License-Identifier: Apache-2.0 + +import pydantic.dataclasses +import yaml + + +class DockerConfig(pydantic.BaseModel): + registry: str = "k3d-myregistry.localhost:12345" + externalRegistry: str = "docker.io" + + +class K8sPodSecurityContext(pydantic.BaseModel): + runAsUser: int = 1004370000 + runAsGroup: int = 1004370000 + fsGroup: int = 1004370000 + runAsNonRoot: bool = True + + +class K8sClusterConfig(pydantic.BaseModel): + imagePullPolicy: str = "Always" + podSecurityContext: K8sPodSecurityContext = K8sPodSecurityContext() + + +class K8sPromtailConfig(pydantic.BaseModel): + lokiEnabled: bool = True + lokiUrl: str = "http://localhost:30001/loki/api/v1/push" + lokiUsername: str = "localLokiUser" + lokiPassword: str = "localLokiPassword" + serverPort: int = 3101 + + +# Only required when using operator k8s + + +class K8sConfig(pydantic.BaseModel): + # Only required, if you'd like to use a local k3d environment + context: str = "k3d-collab-cluster" + namespace: str = "collab-sessions" + storageClassName: str = "local-path" + storageAccessMode: str = "ReadWriteOnce" + cluster: K8sClusterConfig = K8sClusterConfig() + promtail: K8sPromtailConfig = K8sPromtailConfig() + # Only required when no kubectl context is available + # apiURL: str | None = None + # token: str | None = None + + +class GeneralConfig(pydantic.BaseModel): + host: str = "localhost" + port: int = 8000 + scheme: str = "http" + wildcardHost: bool = False + + +class ExtensionGuacamoleConfig(pydantic.BaseModel): + baseURI: str = "http://localhost:8080/guacamole" + publicURI: str = "http://localhost:8080/guacamole" + username: str = "guacadmin" + password: str = "guacadmin" + + +class ExtensionJupyterConfig(pydantic.BaseModel): + publicURI: str = "http://localhost:8080/jupyter" + + +class ExtensionsConfig(pydantic.BaseModel): + guacamole: ExtensionGuacamoleConfig = ExtensionGuacamoleConfig() + jupyter: ExtensionJupyterConfig = ExtensionJupyterConfig() + + +class AuthOauthClientConfig(pydantic.BaseModel): + id: str = "default" + secret: str | None = None + + +# Only required when using provider oauth + + +class AuthOathEndpointsConfig(pydantic.BaseModel): + wellknown: str = ( + "http://localhost:8083/default/.well-known/openid-configuration" + ) + tokenIssuance: str | None = None + authorization: str | None = None + + +class AuthOauthConfig(pydantic.BaseModel): + # Only required when using provider oauth + endpoints: AuthOathEndpointsConfig = AuthOathEndpointsConfig() + audience: str = "default" + scopes: list[str] = ["openid"] + client: AuthOauthClientConfig = AuthOauthClientConfig() + redirectURI: str = "http://localhost:4200/oauth2/callback" + + +class AuthenticationConfig(pydantic.BaseModel): + provider: str = "oauth" # oauth | azure + jwt: dict[str, str] = pydantic.dataclasses.Field( + default_factory=lambda: {"usernameClaim": "sub"} + ) # preferred_username + oauth: AuthOauthConfig = AuthOauthConfig() + + +class PipelineConfig(pydantic.BaseModel): + timeout: int = 60 + + +class DatabaseConfig(pydantic.BaseModel): + url: str = "postgresql://dev:dev@localhost:5432/dev" + + +class InitialConfig(pydantic.BaseModel): + admin: str = "admin" + + +class LoggingConfig(pydantic.BaseModel): + level: str = "DEBUG" + logPath: str = "logs/" + + +class RequestsConfig(pydantic.BaseModel): + timeout: int = 2 + + +class PrometheusConfig(pydantic.BaseModel): + url: str = "http://localhost:8080/prometheus/" + + +class AppConfig(pydantic.BaseModel): + docker: DockerConfig = DockerConfig() + k8s: K8sConfig = K8sConfig() + general: GeneralConfig = GeneralConfig() + extensions: ExtensionsConfig = ExtensionsConfig() + authentication: AuthenticationConfig = AuthenticationConfig() + pipelines: PipelineConfig = PipelineConfig() + database: DatabaseConfig = DatabaseConfig() + initial: InitialConfig = InitialConfig() + logging: LoggingConfig = LoggingConfig() + requests: RequestsConfig = RequestsConfig() + prometheus: PrometheusConfig = PrometheusConfig() + + +def generate_yaml_from_config_template(): + app_config = AppConfig() + config_dict = app_config.model_dump() + yaml_str = yaml.dump(config_dict, sort_keys=False) + + with open("config.yaml", "w", encoding="utf-8") as yaml_file: + yaml_file.write(yaml_str) + + +if __name__ == "__main__": + generate_yaml_from_config_template() diff --git a/backend/config/config_template.yaml b/backend/config/config_template.yaml deleted file mode 100644 index 6c89c3f91a..0000000000 --- a/backend/config/config_template.yaml +++ /dev/null @@ -1,102 +0,0 @@ -# SPDX-FileCopyrightText: Copyright DB InfraGO AG and contributors -# SPDX-License-Identifier: Apache-2.0 - -docker: - registry: k3d-myregistry.localhost:12345 - externalRegistry: docker.io - -k8s: - # Only required when using operator k8s - context: k3d-collab-cluster # Only required, if you'd like to use a local k3d environment - namespace: collab-sessions - - # apiURL: dummy # Only required when no kubectl context is available - # token: dummy # Only required when no kubectl context is available - - storageClassName: local-path - storageAccessMode: ReadWriteOnce - - cluster: - imagePullPolicy: Always - podSecurityContext: - runAsUser: 1004370000 - runAsGroup: 1004370000 - fsGroup: 1004370000 - runAsNonRoot: true - - promtail: - lokiEnabled: True - lokiUrl: http://localhost:30001/loki/api/v1/push - lokiUsername: localLokiUser - lokiPassword: localLokiPassword - serverPort: 3101 - -general: - host: localhost - port: 8000 - scheme: http - wildcardHost: False - -extensions: - guacamole: - baseURI: http://localhost:8080/guacamole - publicURI: http://localhost:8080/guacamole - - username: guacadmin - password: guacadmin - - jupyter: - publicURI: http://localhost:8080/jupyter - -authentication: - provider: oauth # oauth | azure - jwt: - usernameClaim: sub # preferred_username - - oauth: - # Only required when using provider oauth - endpoints: - wellKnown: http://localhost:8083/default/.well-known/openid-configuration - tokenIssuance: - authorization: - - audience: default - - scopes: - - openid - - client: - id: default - secret: - - redirectURI: http://localhost:4200/oauth2/callback - - # azure: - # # Only required when using provider azure - # authorizationEndpoint: http://tbd - - # client: - # id: tbd - # secret: tbd - - # audience: tbd - # redirectURI: http://localhost:4200/oauth2/callback - -pipelines: - timeout: 60 - -database: - url: postgresql://dev:dev@localhost:5432/dev - -initial: - admin: admin - -logging: - level: DEBUG - logPath: logs/ - -requests: - timeout: 2 - -prometheus: - url: http://localhost:8080/prometheus/