Skip to content

Commit

Permalink
OHDSI#2916 - Improvements to Docker Configurability of Atlas Applicat…
Browse files Browse the repository at this point in the history 
…ion (OHDSI#2917)

* OHDSI#2916
- added configuration via environment variables to Dockerfile
- amended authors list on container metadata
- amended envsubst command to include all environment variables
- extended config-local.js to include the majority of configuration options available in app.js
- Added comment to app.js to remind future contributors to add configuration to Dockerfile and config-local.js

* OHDSI#2916
- amended variables that exist to match those on Broadsea implementation
  • Loading branch information
@qcaas-nhs-sjt
qcaas-nhs-sjt authored May 14, 2024
1 parent 44f02c7 commit b92ddbb
Show file tree
Hide file tree
Showing 5 changed files with 237 additions and 10 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/ci.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ jobs:
labels: |
${{ steps.docker_meta.outputs.labels }}
maintainer=Joris Borgdorff <[email protected]>, Lee Evans - www.ltscomputingllc.com
org.opencontainers.image.authors=Joris Borgdorff <[email protected]>, Lee Evans - www.ltscomputingllc.com
org.opencontainers.image.authors=Joris Borgdorff <[email protected]>, Lee Evans - www.ltscomputingllc.com, Shaun Turner <[email protected]>
org.opencontainers.image.vendor=OHDSI
# If the image was pushed, we need to pull it again to inspect it
Expand Down
104 changes: 101 additions & 3 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,16 +29,114 @@ RUN find . -type f "(" \
FROM docker.io/nginxinc/nginx-unprivileged:1.23.3-alpine@sha256:c748ba587e7436aaa8729b64d4e0412410a486f0c592f0eec100fb3804ff9afd

LABEL org.opencontainers.image.title="OHDSI-Atlas"
LABEL org.opencontainers.image.authors="Joris Borgdorff <[email protected]>, Lee Evans - www.ltscomputingllc.com"
LABEL org.opencontainers.image.authors="Joris Borgdorff <[email protected]>, Lee Evans - www.ltscomputingllc.com, Shaun Turner<[email protected]>"
LABEL org.opencontainers.image.description="ATLAS is an open source software tool for researchers to \
conduct scientific analyses on standardized observational data"
LABEL org.opencontainers.image.licenses="Apache-2.0"
LABEL org.opencontainers.image.vendor="OHDSI"
LABEL org.opencontainers.image.source="https://github.com/OHDSI/Atlas"

# URL where WebAPI can be queried by the client
ENV WEBAPI_URL=http://localhost:8080/WebAPI/ \
CONFIG_PATH=/etc/atlas/config-local.js
ENV USE_DYNAMIC_WEBAPI_URL="false"
ENV DYNAMIC_WEBAPI_SUFFIX="/WebAPI/"
ENV WEBAPI_URL="http://localhost:8080/WebAPI/"
ENV CONFIG_PATH="/etc/atlas/config-local.js"
ENV ATLAS_INSTANCE_NAME="OHDSI"
ENV ATLAS_COHORT_COMPARISON_RESULTS_ENABLED="false"
ENV ATLAS_USER_AUTH_ENABLED="false"
ENV ATLAS_PLP_RESULTS_ENABLED="false"
ENV ATLAS_CLEAR_LOCAL_STORAGE="false"
ENV ATLAS_DISABLE_BROWSER_CHECK="false"
ENV ATLAS_ENABLE_PERMISSIONS_MGMT="true"
ENV ATLAS_CACHE_SOURCES="false"
ENV ATLAS_POLL_INTERVAL="60000"
ENV ATLAS_SKIP_LOGIN="false"
ENV ATLAS_USE_EXECUTION_ENGINE="false"
ENV ATLAS_VIEW_PROFILE_DATES="false"
ENV ATLAS_ENABLE_COSTS="false"
ENV ATLAS_SUPPORT_URL="https://github.com/ohdsi/atlas/issues"
ENV ATLAS_SUPPORT_MAIL="[email protected]"
ENV ATLAS_FEEDBACK_CONTACTS="For access or questions concerning the Atlas application please contact:"
ENV ATLAS_FEEDBACK_HTML=""
ENV ATLAS_COMPANYINFO_HTML=""
ENV ATLAS_COMPANYINFO_SHOW="true"
ENV ATLAS_DEFAULT_LOCALE="en"

ENV ATLAS_SECURITY_WIN_PROVIDER_ENABLED="false"
ENV ATLAS_SECURITY_WIN_PROVIDER_NAME="Windows"
ENV ATLAS_SECURITY_WIN_PROVIDER_URL="user/login/windows"
ENV ATLAS_SECURITY_WIN_PROVIDER_AJAX="true"
ENV ATLAS_SECURITY_WIN_PROVIDER_ICON="fab fa-windows"

ENV ATLAS_SECURITY_KERB_PROVIDER_ENABLED="false"
ENV ATLAS_SECURITY_KERB_PROVIDER_NAME="Kerberos"
ENV ATLAS_SECURITY_KERB_PROVIDER_URL="user/login/kerberos"
ENV ATLAS_SECURITY_KERB_PROVIDER_AJAX="true"
ENV ATLAS_SECURITY_KERB_PROVIDER_ICON="fab fa-windows"

ENV ATLAS_SECURITY_OID_PROVIDER_ENABLED="false"
ENV ATLAS_SECURITY_OID_PROVIDER_NAME="OpenID Connect"
ENV ATLAS_SECURITY_OID_PROVIDER_URL="user/login/openid"
ENV ATLAS_SECURITY_OID_PROVIDER_AJAX="false"
ENV ATLAS_SECURITY_OID_PROVIDER_ICON="fa fa-openid"

ENV ATLAS_SECURITY_GGL_PROVIDER_ENABLED="false"
ENV ATLAS_SECURITY_GGL_PROVIDER_NAME="Google"
ENV ATLAS_SECURITY_GGL_PROVIDER_URL="user/oauth/google"
ENV ATLAS_SECURITY_GGL_PROVIDER_AJAX="false"
ENV ATLAS_SECURITY_GGL_PROVIDER_ICON="fab fa-google"

ENV ATLAS_SECURITY_FB_PROVIDER_ENABLED="false"
ENV ATLAS_SECURITY_FB_PROVIDER_NAME="Facebook"
ENV ATLAS_SECURITY_FB_PROVIDER_URL="user/oauth/facebook"
ENV ATLAS_SECURITY_FB_PROVIDER_AJAX="false"
ENV ATLAS_SECURITY_FB_PROVIDER_ICON="fab fa-facebook-f"

ENV ATLAS_SECURITY_GH_PROVIDER_ENABLED="false"
ENV ATLAS_SECURITY_GH_PROVIDER_NAME="Github"
ENV ATLAS_SECURITY_GH_PROVIDER_URL="user/oauth/github"
ENV ATLAS_SECURITY_GH_PROVIDER_AJAX="false"
ENV ATLAS_SECURITY_GH_PROVIDER_ICON="fab fa-github"

ENV ATLAS_SECURITY_DB_PROVIDER_ENABLED="false"
ENV ATLAS_SECURITY_DB_PROVIDER_NAME="DB"
ENV ATLAS_SECURITY_DB_PROVIDER_URL="user/login/db"
ENV ATLAS_SECURITY_DB_PROVIDER_AJAX="true"
ENV ATLAS_SECURITY_DB_PROVIDER_ICON="fa fa-database"
ENV ATLAS_SECURITY_DB_PROVIDER_CREDFORM="true"

ENV ATLAS_SECURITY_LDAP_PROVIDER_ENABLED="false"
ENV ATLAS_SECURITY_LDAP_PROVIDER_NAME="LDAP"
ENV ATLAS_SECURITY_LDAP_PROVIDER_URL="user/login/ldap"
ENV ATLAS_SECURITY_LDAP_PROVIDER_AJAX="true"
ENV ATLAS_SECURITY_LDAP_PROVIDER_ICON="fa fa-cubes"
ENV ATLAS_SECURITY_LDAP_PROVIDER_CREDFORM="true"

ENV ATLAS_SECURITY_SAML_PROVIDER_ENABLED="false"
ENV ATLAS_SECURITY_SAML_PROVIDER_NAME="SAML"
ENV ATLAS_SECURITY_SAML_PROVIDER_URL="user/login/saml"
ENV ATLAS_SECURITY_SAML_PROVIDER_AJAX="false"
ENV ATLAS_SECURITY_SAML_PROVIDER_ICON="fab fa-openid"

ENV ATLAS_SECURITY_AD_PROVIDER_ENABLED="false"
ENV ATLAS_SECURITY_AD_PROVIDER_NAME="Active Directory LDAP"
ENV ATLAS_SECURITY_AD_PROVIDER_URL="user/login/ad"
ENV ATLAS_SECURITY_AD_PROVIDER_AJAX="true"
ENV ATLAS_SECURITY_AD_PROVIDER_ICON="fa fa-cubes"
ENV ATLAS_SECURITY_AD_PROVIDER_CREDFORM="true"

# for existing broadsea implementations
ENV ATLAS_SECURITY_PROVIDER_ENABLED="true"
ENV ATLAS_SECURITY_PROVIDER_NAME="none"
ENV ATLAS_SECURITY_PROVIDER_TYPE="none"
ENV ATLAS_SECURITY_USE_AJAX="false"
ENV ATLAS_SECURITY_PROVIDER_ICON="fa-cubes"
ENV ATLAS_SECURITY_USE_FORM="false"

ENV ATLAS_ENABLE_TANDCS="true"
ENV ATLAS_ENABLE_PERSONCOUNT="true"
ENV ATLAS_ENABLE_TAGGING_SECTION="false"
ENV ATLAS_REFRESH_TOKEN_THRESHOLD="240"

# Configure webserver
COPY ./docker/nginx-default.conf /etc/nginx/conf.d/default.conf
Expand Down
2 changes: 1 addition & 1 deletion docker/30-atlas-env-subst.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ if [ -n "${WEBAPI_URL}" ]; then
TFILE=`mktemp`
trap "rm -f $TFILE" 0 1 2 3 15
# Don't copy but rewrite so that permissions are not changed.
envsubst '$WEBAPI_URL' < "$CONFIG_TARGET_PATH" > "$TFILE"
envsubst < "$CONFIG_TARGET_PATH" > "$TFILE"
cat "$TFILE" > "$CONFIG_TARGET_PATH"
rm -f "$TFILE"
fi
136 changes: 131 additions & 5 deletions docker/config-local.js
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,141 @@
define([], function () {
var configLocal = {};

if ("${ATLAS_CLEAR_LOCAL_STORAGE}" == "true") {
localStorage.clear();
}

var webapi_url = "${WEBAPI_URL}";

if ("${USE_DYNAMIC_WEBAPI_URL}" == "true") {
var getUrl = window.location;
webapi_url = getUrl.protocol + "//" + getUrl.hostname + "${DYNAMIC_WEBAPI_SUFFIX}";
}

// WebAPI
configLocal.api = {
name: 'OHDSI',
url: '${WEBAPI_URL}'
name: '${ATLAS_INSTANCE_NAME}',
url: webapi_url
};

configLocal.cohortComparisonResultsEnabled = false;
configLocal.userAuthenticationEnabled = false;
configLocal.plpResultsEnabled = false;
configLocal.cohortComparisonResultsEnabled = ("${ATLAS_COHORT_COMPARISON_RESULTS_ENABLED}" == "true");
configLocal.plpResultsEnabled = ("${ATLAS_PLP_RESULTS_ENABLED}" === "true");
configLocal.userAuthenticationEnabled = ("${ATLAS_USER_AUTH_ENABLED}" === "true");
configLocal.authProviders = [];
configLocal.disableBrowserCheck = ("${ATLAS_DISABLE_BROWSER_CHECK}" === "true");
configLocal.enablePermissionManagement = ("${ATLAS_ENABLE_PERMISSIONS_MGMT}" === "true");
configLocal.cacheSources = ("${ATLAS_CACHE_SOURCES}" === "true");
configLocal.enableSkipLogin = ("${ATLAS_SKIP_LOGIN}" === "true"); // automatically opens login window when user is not authenticated
configLocal.useExecutionEngine = ("${ATLAS_USE_EXECUTION_ENGINE}" === "true");
configLocal.viewProfileDates = ("${ATLAS_VIEW_PROFILE_DATES}" === "true");
configLocal.enableCosts = ("${ATLAS_ENABLE_COSTS}" === "true");
configLocal.supportUrl = "${ATLAS_SUPPORT_URL}";
configLocal.supportMail = "${ATLAS_SUPPORT_MAIL}";
configLocal.feedbackContacts = "${ATLAS_FEEDBACK_CONTACTS}";
configLocal.feedbackCustomHtmlTemplate = "${ATLAS_FEEDBACK_HTML}";
configLocal.companyInfoCustomHtmlTemplate = "${ATLAS_COMPANYINFO_HTML}";
configLocal.showCompanyInfo = ("${ATLAS_COMPANYINFO_SHOW}" === "true");
configLocal.defaultLocale = "${ATLAS_DEFAULT_LOCALE}";
configLocal.pollInterval = parseInt("${ATLAS_POLL_INTERVAL}");


if ("${ATLAS_SECURITY_WIN_PROVIDER_ENABLED}" === "true") {
configLocal.authProviders.push(openIdProvider = {
name: "${ATLAS_SECURITY_WIN_PROVIDER_NAME}",
url: "${ATLAS_SECURITY_WIN_PROVIDER_URL}",
ajax: ("${ATLAS_SECURITY_WIN_PROVIDER_AJAX}" === "true"),
icon: "${ATLAS_SECURITY_WIN_PROVIDER_ICON}",
});
}

if ("${ATLAS_SECURITY_KERB_PROVIDER_ENABLED}" === "true") {
configLocal.authProviders.push(openIdProvider = {
name: "${ATLAS_SECURITY_KERB_PROVIDER_NAME}",
url: "${ATLAS_SECURITY_KERB_PROVIDER_URL}",
ajax: ("${ATLAS_SECURITY_KERB_PROVIDER_AJAX}" === "true"),
icon: "${ATLAS_SECURITY_KERB_PROVIDER_ICON}",
});
}

if ("${ATLAS_SECURITY_OID_PROVIDER_ENABLED}" === "true") {
configLocal.authProviders.push(openIdProvider = {
name: "${ATLAS_SECURITY_OID_PROVIDER_NAME}",
url: "${ATLAS_SECURITY_OID_PROVIDER_URL}",
ajax: ("${ATLAS_SECURITY_OID_PROVIDER_AJAX}" === "true"),
icon: "${ATLAS_SECURITY_OID_PROVIDER_ICON}",
});
}

if ("${ATLAS_SECURITY_GGL_PROVIDER_ENABLED}" === "true") {
configLocal.authProviders.push(openIdProvider = {
name: "${ATLAS_SECURITY_GGL_PROVIDER_NAME}",
url: "${ATLAS_SECURITY_GGL_PROVIDER_URL}",
ajax: ("${ATLAS_SECURITY_GGL_PROVIDER_AJAX}" === "true"),
icon: "${ATLAS_SECURITY_GGL_PROVIDER_ICON}",
});
}

if ("${ATLAS_SECURITY_FB_PROVIDER_ENABLED}" === "true") {
configLocal.authProviders.push(openIdProvider = {
name: "${ATLAS_SECURITY_FB_PROVIDER_NAME}",
url: "${ATLAS_SECURITY_FB_PROVIDER_URL}",
ajax: ("${ATLAS_SECURITY_FB_PROVIDER_AJAX}" === "true"),
icon: "${ATLAS_SECURITY_FB_PROVIDER_ICON}",
});
}

if ("${ATLAS_SECURITY_GH_PROVIDER_ENABLED}" === "true") {
configLocal.authProviders.push(openIdProvider = {
name: "${ATLAS_SECURITY_GH_PROVIDER_NAME}",
url: "${ATLAS_SECURITY_GH_PROVIDER_URL}",
ajax: ("${ATLAS_SECURITY_GH_PROVIDER_AJAX}" === "true"),
icon: "${ATLAS_SECURITY_GH_PROVIDER_ICON}",
});
}

if ("${ATLAS_SECURITY_DB_PROVIDER_ENABLED}" === "true") {
configLocal.authProviders.push(openIdProvider = {
name: "${ATLAS_SECURITY_DB_PROVIDER_NAME}",
url: "${ATLAS_SECURITY_DB_PROVIDER_URL}",
ajax: ("${ATLAS_SECURITY_DB_PROVIDER_AJAX}" === "true"),
icon: "${ATLAS_SECURITY_DB_PROVIDER_ICON}",
isUseCredentialsForm: ("${ATLAS_SECURITY_DB_PROVIDER_CREDFORM}" === "true")
});
}

if ("${ATLAS_SECURITY_LDAP_PROVIDER_ENABLED}" === "true") {
configLocal.authProviders.push(openIdProvider = {
name: "${ATLAS_SECURITY_LDAP_PROVIDER_NAME}",
url: "${ATLAS_SECURITY_LDAP_PROVIDER_URL}",
ajax: ("${ATLAS_SECURITY_LDAP_PROVIDER_AJAX}" === "true"),
icon: "${ATLAS_SECURITY_LDAP_PROVIDER_ICON}",
isUseCredentialsForm: ("${ATLAS_SECURITY_LDAP_PROVIDER_CREDFORM}" === "true")
});
}

if ("${ATLAS_SECURITY_SAML_PROVIDER_ENABLED}" === "true") {
configLocal.authProviders.push(openIdProvider = {
name: "${ATLAS_SECURITY_SAML_PROVIDER_NAME}",
url: "${ATLAS_SECURITY_SAML_PROVIDER_URL}",
ajax: ("${ATLAS_SECURITY_SAML_PROVIDER_AJAX}" === "true"),
icon: "${ATLAS_SECURITY_SAML_PROVIDER_ICON}",
});
}

// For existing broadsea implementations
if ("${ATLAS_SECURITY_PROVIDER_ENABLED}" === "true") {
configLocal.authProviders.push(openIdProvider = {
name: "${ATLAS_SECURITY_PROVIDER_NAME}",
url: "user/login/${ATLAS_SECURITY_PROVIDER_TYPE}",
ajax: ("${ATLAS_SECURITY_PROVIDER_AJAX}" === "true"),
icon: "${ATLAS_SECURITY_PROVIDER_ICON}",
});
}

configLocal.enableTermsAndConditions = ("${ATLAS_ENABLE_TANDCS}" === "true");
configLocal.enablePersonCount = ("${ATLAS_ENABLE_PERSONCOUNT}" === "true");
configLocal.enableTaggingSection = ("${ATLAS_ENABLE_TAGGING_SECTION}" === "true");
configLocal.refreshTokenThreshold = 1000 * 60 * parseInt("${ATLAS_REFRESH_TOKEN_THRESHOLD}");

return configLocal;
});
3 changes: 3 additions & 0 deletions js/config/app.js
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
// Please remember to update the environmental variables in the Dockerfile and the docker config-local.js to reflect
// any new settings introduced here

define(function () {
var appConfig = {};

Expand Down

0 comments on commit b92ddbb

Please sign in to comment.