diff --git a/spring-cloud-dataflow-server-core/src/main/java/org/springframework/cloud/dataflow/server/config/DataflowOAuthSecurityConfiguration.java b/spring-cloud-dataflow-server-core/src/main/java/org/springframework/cloud/dataflow/server/config/DataflowOAuthSecurityConfiguration.java index 8038459f8e..d27ab9533f 100644 --- a/spring-cloud-dataflow-server-core/src/main/java/org/springframework/cloud/dataflow/server/config/DataflowOAuthSecurityConfiguration.java +++ b/spring-cloud-dataflow-server-core/src/main/java/org/springframework/cloud/dataflow/server/config/DataflowOAuthSecurityConfiguration.java @@ -164,6 +164,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { auth.userInfoEndpoint(customizer -> { customizer.userService(plainOauth2UserService).oidcUserService(oidcUserService); }); + auth.defaultSuccessUrl(authorizationProperties.getDashboardUrl()); }); http.oauth2ResourceServer(resourceserver -> { diff --git a/spring-cloud-dataflow-server/src/test/java/org/springframework/cloud/dataflow/unit/test/DataFlowAuthenticationTests.java b/spring-cloud-dataflow-server/src/test/java/org/springframework/cloud/dataflow/unit/test/DataFlowAuthenticationTests.java deleted file mode 100644 index 54c16cda49..0000000000 --- a/spring-cloud-dataflow-server/src/test/java/org/springframework/cloud/dataflow/unit/test/DataFlowAuthenticationTests.java +++ /dev/null @@ -1,96 +0,0 @@ -package org.springframework.cloud.dataflow.unit.test; - -import java.util.concurrent.atomic.AtomicBoolean; - -import dasniko.testcontainers.keycloak.KeycloakContainer; -import org.awaitility.Awaitility; -import org.junit.jupiter.api.Disabled; -import org.junit.jupiter.api.Test; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.testcontainers.junit.jupiter.Container; -import org.testcontainers.junit.jupiter.Testcontainers; - -import org.springframework.boot.CommandLineRunner; -import org.springframework.boot.SpringApplication; -import org.springframework.boot.autoconfigure.ImportAutoConfiguration; -import org.springframework.boot.autoconfigure.SpringBootApplication; -import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.cloud.dataflow.rest.client.DataFlowOperations; -import org.springframework.cloud.dataflow.rest.client.config.DataFlowClientAutoConfiguration; -import org.springframework.cloud.dataflow.rest.resource.about.AboutResource; -import org.springframework.cloud.dataflow.server.single.DataFlowServerApplication; -import org.springframework.context.ConfigurableApplicationContext; -import org.springframework.test.context.ActiveProfiles; -import org.springframework.test.context.DynamicPropertyRegistry; -import org.springframework.test.context.DynamicPropertySource; - -import static org.assertj.core.api.Assertions.assertThat; - -@ActiveProfiles("keycloak") -@SpringBootTest(classes = { DataFlowServerApplication.class }, - webEnvironment = SpringBootTest.WebEnvironment.DEFINED_PORT) -@Testcontainers -@Disabled("Determine how to run app and test client in different contexts") -public class DataFlowAuthenticationTests { - - private static final Logger logger = LoggerFactory.getLogger(DataFlowAuthenticationTests.class); - - @Container - static KeycloakContainer keycloakContainer = new KeycloakContainer("keycloak/keycloak:25.0") - .withRealmImportFiles("/dataflow-realm.json", "/dataflow-users-0.json") - .withAdminUsername("admin") - .withAdminPassword("admin") - .withExposedPorts(8080, 9000) - .withLogConsumer(outputFrame -> { - switch (outputFrame.getType()) { - case STDERR: - logger.error(outputFrame.getUtf8StringWithoutLineEnding()); - break; - default: - logger.info(outputFrame.getUtf8StringWithoutLineEnding()); - } - }); - - @DynamicPropertySource - static void configureProperties(DynamicPropertyRegistry registry) { - registry.add("keycloak.url", keycloakContainer::getAuthServerUrl); - } - - @Test - void testAuthentication() throws Exception { - try (ConfigurableApplicationContext applicationContext = SpringApplication.run(CommandLineApp.class, - "--spring.profiles.active=keycloak-client", - "--spring.cloud.dataflow.client.authentication.basic.username=joe", - "--spring.cloud.dataflow.client.authentication.basic.password=password", - "--keycloak.url=" + keycloakContainer.getAuthServerUrl(), - "--spring.cloud.dataflow.client.authentication.token-uri=" + keycloakContainer.getAuthServerUrl() - + "/realms/dataflow/protocol/openid-connect/token")) { - DataFlowOperations dataFlowOperations = applicationContext.getBean(DataFlowOperations.class); - assertThat(dataFlowOperations).isNotNull(); - AboutResource aboutResource = dataFlowOperations.aboutOperation().get(); - assertThat(aboutResource).isNotNull(); - assertThat(aboutResource.getSecurityInfo()).isNotNull(); - assertThat(aboutResource.getSecurityInfo().isAuthenticated()).isTrue(); - assertThat(aboutResource.getSecurityInfo().getUsername()).isEqualTo("joe"); - CommandLineApp.completed.set(true); - } - finally { - CommandLineApp.completed.set(true); - } - } - - @SpringBootApplication - @ImportAutoConfiguration(DataFlowClientAutoConfiguration.class) - public static class CommandLineApp implements CommandLineRunner { - - public static AtomicBoolean completed = new AtomicBoolean(false); - - @Override - public void run(String... args) throws Exception { - Awaitility.await().until(() -> completed.get()); - } - - } - -} diff --git a/spring-cloud-dataflow-server/src/test/resources/application-keycloak-client.yaml b/spring-cloud-dataflow-server/src/test/resources/application-keycloak-client.yaml index 8534516c1b..f8b7c9c868 100644 --- a/spring-cloud-dataflow-server/src/test/resources/application-keycloak-client.yaml +++ b/spring-cloud-dataflow-server/src/test/resources/application-keycloak-client.yaml @@ -40,7 +40,6 @@ spring: client-secret: '090RucamvekrMLyGHMr4lkHX9xhAlsqK' provider: 'keycloak' authorization-grant-type: 'authorization_code' -# client-authentication-method: # unsure of value scope: - openid - roles diff --git a/spring-cloud-dataflow-server/src/test/resources/application-keycloak.yaml b/spring-cloud-dataflow-server/src/test/resources/application-keycloak.yaml index 6b55019ed5..08d2cfb63a 100644 --- a/spring-cloud-dataflow-server/src/test/resources/application-keycloak.yaml +++ b/spring-cloud-dataflow-server/src/test/resources/application-keycloak.yaml @@ -43,7 +43,6 @@ spring: client-secret: '090RucamvekrMLyGHMr4lkHX9xhAlsqK' provider: 'keycloak' authorization-grant-type: 'authorization_code' -# client-authentication-method: # unsure of value scope: - openid - roles diff --git a/src/carvel/config/values/values.yml b/src/carvel/config/values/values.yml index 3a32e4d1ab..e5cfcb8487 100644 --- a/src/carvel/config/values/values.yml +++ b/src/carvel/config/values/values.yml @@ -112,5 +112,5 @@ scdf: enabled: false image: repository: micrometermetrics/prometheus-rsocket-proxy - tag: 1.5.3 + tag: 2.0.0-M2 digest: "" diff --git a/src/carvel/docs/configuration-options.adoc b/src/carvel/docs/configuration-options.adoc index acaa986280..4b84059e6f 100644 --- a/src/carvel/docs/configuration-options.adoc +++ b/src/carvel/docs/configuration-options.adoc @@ -597,7 +597,7 @@ No Type::: String Default Value::: -1.5.3 +2.0.0-M2 [[configuration-options-scdf.feature.monitoring.prometheusRsocketProxy.image.digest]]`scdf.feature.monitoring.prometheusRsocketProxy.image.digest`:: Description::: diff --git a/src/deploy/carvel/load-images.sh b/src/deploy/carvel/load-images.sh index 466d6c2e40..30cbfdd723 100755 --- a/src/deploy/carvel/load-images.sh +++ b/src/deploy/carvel/load-images.sh @@ -67,7 +67,7 @@ else sh "$K8S/load-image.sh" "springcloud/spring-cloud-dataflow-server" "$DATAFLOW_VERSION" true fi if [ "$PROMETHEUS" = "true" ]; then - sh "$K8S/load-image.sh" "micrometermetrics/prometheus-rsocket-proxy" "1.5.3" false + sh "$K8S/load-image.sh" "micrometermetrics/prometheus-rsocket-proxy" "2.0.0-M2" false fi if [ "$REGISTRY" = "" ]; then REGISTRY=springcloud diff --git a/src/deploy/images/pull-prometheus-rsocket-proxy.sh b/src/deploy/images/pull-prometheus-rsocket-proxy.sh index 1fb0f84c5f..65dac2970a 100755 --- a/src/deploy/images/pull-prometheus-rsocket-proxy.sh +++ b/src/deploy/images/pull-prometheus-rsocket-proxy.sh @@ -1,2 +1,2 @@ #!/bin/bash -docker pull "micrometermetrics/prometheus-rsocket-proxy:1.5.3" +docker pull "micrometermetrics/prometheus-rsocket-proxy:2.0.0-M2" diff --git a/src/deploy/k8s/deploy-scdf.sh b/src/deploy/k8s/deploy-scdf.sh index 36561ca0f2..c587aee20f 100755 --- a/src/deploy/k8s/deploy-scdf.sh +++ b/src/deploy/k8s/deploy-scdf.sh @@ -171,7 +171,7 @@ if [ "$PROMETHEUS" = "true" ] || [ "$METRICS" = "prometheus" ]; then if [ "$K8S_DRIVER" != "tmc" ] && [ "$K8S_DRIVER" != "gke" ]; then sh "$SCDIR/load-image.sh" "springcloud/spring-cloud-dataflow-grafana-prometheus:$DATAFLOW_VERSION" false sh "$SCDIR/load-image.sh" "prom/prometheus:v2.37.8" - sh "$SCDIR/load-image.sh" "micrometermetrics/prometheus-rsocket-proxy:1.5.3" + sh "$SCDIR/load-image.sh" "micrometermetrics/prometheus-rsocket-proxy:2.0.0-M2" fi set +e kubectl create --namespace "$NS" serviceaccount prometheus-rsocket-proxy diff --git a/src/docker-compose/docker-compose-prometheus.yml b/src/docker-compose/docker-compose-prometheus.yml index 21b22696d7..67f7ff4430 100644 --- a/src/docker-compose/docker-compose-prometheus.yml +++ b/src/docker-compose/docker-compose-prometheus.yml @@ -20,7 +20,7 @@ services: #- SPRING_APPLICATION_JSON={"spring.jpa.properties.hibernate.generate_statistics":true} prometheus-rsocket-proxy: - image: micrometermetrics/prometheus-rsocket-proxy:1.5.3 + image: micrometermetrics/prometheus-rsocket-proxy:2.0.0-M2 container_name: prometheus-rsocket-proxy expose: - '9096' diff --git a/src/kubernetes/prometheus-proxy/prometheus-proxy-deployment.yaml b/src/kubernetes/prometheus-proxy/prometheus-proxy-deployment.yaml index 0f6c28ac95..5420441724 100644 --- a/src/kubernetes/prometheus-proxy/prometheus-proxy-deployment.yaml +++ b/src/kubernetes/prometheus-proxy/prometheus-proxy-deployment.yaml @@ -17,7 +17,7 @@ spec: serviceAccountName: prometheus-rsocket-proxy containers: - name: prometheus-rsocket-proxy - image: micrometermetrics/prometheus-rsocket-proxy:1.5.3 + image: micrometermetrics/prometheus-rsocket-proxy:2.0.0-M2 imagePullPolicy: IfNotPresent ports: - name: scrape diff --git a/src/local/application-dataflow-keycloak.yaml b/src/local/application-dataflow-keycloak.yaml index aa387d6540..f207ab5c59 100644 --- a/src/local/application-dataflow-keycloak.yaml +++ b/src/local/application-dataflow-keycloak.yaml @@ -34,7 +34,6 @@ spring: client-secret: '090RucamvekrMLyGHMr4lkHX9xhAlsqK' provider: 'keycloak' authorization-grant-type: 'authorization_code' -# client-authentication-method: # unsure of value scope: - openid - roles diff --git a/src/local/application-skipper-keycloak.yaml b/src/local/application-skipper-keycloak.yaml index e792631b9f..9d2b936371 100644 --- a/src/local/application-skipper-keycloak.yaml +++ b/src/local/application-skipper-keycloak.yaml @@ -34,7 +34,6 @@ spring: client-secret: '090RucamvekrMLyGHMr4lkHX9xhAlsqK' provider: 'keycloak' authorization-grant-type: 'authorization_code' - # client-authentication-method: '' scope: - openid - roles diff --git a/src/templates/docker-compose/docker-compose-prometheus.yml b/src/templates/docker-compose/docker-compose-prometheus.yml index 1a922ee568..7c00b77dab 100644 --- a/src/templates/docker-compose/docker-compose-prometheus.yml +++ b/src/templates/docker-compose/docker-compose-prometheus.yml @@ -22,7 +22,7 @@ services: #- SPRING_APPLICATION_JSON={"spring.jpa.properties.hibernate.generate_statistics":true} prometheus-rsocket-proxy: - image: micrometermetrics/prometheus-rsocket-proxy:1.5.3 + image: micrometermetrics/prometheus-rsocket-proxy:2.0.0-M3 container_name: prometheus-rsocket-proxy expose: - '9096' diff --git a/src/templates/kubernetes/prometheus-proxy/prometheus-proxy-deployment.yaml b/src/templates/kubernetes/prometheus-proxy/prometheus-proxy-deployment.yaml index 2a36712424..5bdfe0bb8d 100644 --- a/src/templates/kubernetes/prometheus-proxy/prometheus-proxy-deployment.yaml +++ b/src/templates/kubernetes/prometheus-proxy/prometheus-proxy-deployment.yaml @@ -17,7 +17,7 @@ spec: serviceAccountName: prometheus-rsocket-proxy containers: - name: prometheus-rsocket-proxy - image: micrometermetrics/prometheus-rsocket-proxy:1.5.3 + image: micrometermetrics/prometheus-rsocket-proxy:2.0.0-M2 imagePullPolicy: IfNotPresent ports: - name: scrape