Skip to content

Commit

Permalink
feat: ✨ rio tinto specific changes
Browse files Browse the repository at this point in the history
  • Loading branch information
nitinkr0411 committed Oct 9, 2024
1 parent 3f89258 commit 92f8d6b
Show file tree
Hide file tree
Showing 12 changed files with 84 additions and 3 deletions.
66 changes: 66 additions & 0 deletions .github/workflows/release-aws-ecr.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
name: Release to AWS MLPoC ECR

on:
workflow_dispatch:
inputs:
source_docker_tag:
description: 'Source Image Tag'
required: true
default: 'latest'
destination_docker_tag:
description: 'Destination Image Tag'
required: true
default: 'latest'
account_id:
description: 'AWS Account ID'
region:
description: 'AWS Region'
role_to_assume:
description: 'AWS Role ARN'

jobs:
release:
runs-on: ubuntu-latest
environment:
name: aws-ecr
url: https://aws.amazon.com/ecr/
permissions:
id-token: write
steps:
- name: 👨‍💻 Checkout repository
uses: actions/checkout@v4
- name: 'Login to GitHub Container Registry'
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{github.actor}}
password: ${{secrets.DOCKER_CONTAINER_REGISTRY_TOKEN}}
- name: 🐳 Pull Image
run: |
docker pull ghcr.io/rio-tinto/open-webui:${{ github.event.inputs.source_docker_tag }}
- name: ☁️ Set AWS Role ARN
id: set-role-arn
run: |
if [[ "${{ github.event.inputs.role_to_assume }}" == "scdev" ]]; then
echo "role_arn=${{ vars.AWS_GH_ROLE_ARN }}" >> $GITHUB_OUTPUT
elif [[ "${{ github.event.inputs.role_to_assume }}" == "scprod" ]]; then
echo "role_arn=${{ vars.AWS_GH_ROLE_ARN_PROD }}" >> $GITHUB_OUTPUT
elif [[ "${{ github.event.inputs.role_to_assume }}" == "mlpoc" ]]; then
echo "role_arn=${{ vars.MLPOC_BRUKER_GH_ROLE_ARN }}" >> $GITHUB_OUTPUT
else
echo "Invalid role specified"
exit 1
fi
- name: ☁️ Authenticate To AWS
uses: aws-actions/configure-aws-credentials@v1
with:
role-to-assume: ${{ steps.set-role-arn.outputs.role_arn }}
role-session-name: DNA-Automation-Github-Actions-Session
aws-region: ap-southeast-2
- name: ☁️ Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: 🐳 Tag and push docker image to Amazon ECR
run: |
docker tag ghcr.io/rio-tinto/open-webui:${{ github.event.inputs.source_docker_tag }} ${{ github.event.inputs.account_id }}.dkr.ecr.${{ github.event.inputs.region }}.amazonaws.com/open-webui:${{ github.event.inputs.destination_docker_tag }}
docker push ${{ github.event.inputs.account_id }}.dkr.ecr.${{ github.event.inputs.region }}.amazonaws.com/open-webui:${{ github.event.inputs.destination_docker_tag }}
6 changes: 5 additions & 1 deletion backend/open_webui/apps/webui/routers/auths.py
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@
get_admin_user,
get_current_user,
get_password_hash,
decode_token_from_alb,
)
from open_webui.utils.webhook import post_webhook

Expand Down Expand Up @@ -120,8 +121,11 @@ async def signin(request: Request, response: Response, form_data: SigninForm):
if WEBUI_AUTH_TRUSTED_EMAIL_HEADER not in request.headers:
raise HTTPException(400, detail=ERROR_MESSAGES.INVALID_TRUSTED_HEADER)

trusted_email = request.headers[WEBUI_AUTH_TRUSTED_EMAIL_HEADER].lower()
jwt = request.headers[WEBUI_AUTH_TRUSTED_EMAIL_HEADER]
trusted_email = decode_token_from_alb(jwt)["email"]
trusted_email = trusted_email.lower()
trusted_name = trusted_email

if WEBUI_AUTH_TRUSTED_NAME_HEADER:
trusted_name = request.headers.get(
WEBUI_AUTH_TRUSTED_NAME_HEADER, trusted_email
Expand Down
4 changes: 2 additions & 2 deletions backend/open_webui/env.py
Original file line number Diff line number Diff line change
Expand Up @@ -100,8 +100,8 @@


WEBUI_NAME = os.environ.get("WEBUI_NAME", "Open WebUI")
if WEBUI_NAME != "Open WebUI":
WEBUI_NAME += " (Open WebUI)"
# if WEBUI_NAME != "Open WebUI":
# WEBUI_NAME += " (Open WebUI)"

WEBUI_URL = os.environ.get("WEBUI_URL", "http://localhost:3000")

Expand Down
Binary file modified backend/open_webui/static/favicon.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified backend/open_webui/static/logo.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified backend/open_webui/static/splash.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified backend/open_webui/utils/logo.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
11 changes: 11 additions & 0 deletions backend/open_webui/utils/utils.py
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,17 @@ def decode_token(token: str) -> Optional[dict]:
return None


def decode_token_from_alb(token: str) -> Optional[dict]:
try:
payload = jwt.decode(token, options={"verify_signature": False})
logging.info(payload)
return payload
except Exception as e:
print(e)
logging.info(e)
return None


def extract_token_from_auth_header(auth_header: str):
return auth_header[len("Bearer ") :]

Expand Down
Binary file modified static/favicon.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified static/static/favicon.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified static/static/splash-dark.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified static/static/splash.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.

0 comments on commit 92f8d6b

Please sign in to comment.