diff --git a/Makefile b/Makefile index 55984e60..a2712ff4 100644 --- a/Makefile +++ b/Makefile @@ -76,7 +76,7 @@ release: lint test BINARY=${BINARY} VERSION=${VERSION} ./dist.sh .PHONY: validate-go-version -validate-go-version: ## Validates the installed version of go against Mattermost's minimum requirement. +validate-go-version: @if [ $(GO_MAJOR_VERSION) -gt $(MINIMUM_SUPPORTED_GO_MAJOR_VERSION) ]; then \ exit 0 ;\ elif [ $(GO_MAJOR_VERSION) -lt $(MINIMUM_SUPPORTED_GO_MAJOR_VERSION) ]; then \ @@ -86,3 +86,8 @@ validate-go-version: ## Validates the installed version of go against Mattermost echo '$(GO_VERSION_VALIDATION_ERR_MSG)';\ exit 1; \ fi + +# local-env can be used to interact with the local development environment +.PHONY: local-env-% +local-env-%: + make -C contrib/local-environment $* diff --git a/contrib/local-environment/Makefile b/contrib/local-environment/Makefile new file mode 100644 index 00000000..3b26b68d --- /dev/null +++ b/contrib/local-environment/Makefile @@ -0,0 +1,7 @@ +.PHONY: up +up: + docker-compose up -d + +.PHONY: % +%: + docker-compose $* diff --git a/contrib/local-environment/dex.yaml b/contrib/local-environment/dex.yaml new file mode 100644 index 00000000..34946304 --- /dev/null +++ b/contrib/local-environment/dex.yaml @@ -0,0 +1,30 @@ +# This configuration is intended to be used with the docker-compose testing +# environment. +# This should configure Dex to run on port 4190 and provides a static login +issuer: http://dex.localhost:4190/dex +storage: + type: etcd + config: + endpoints: + - http://etcd:2379 + namespace: dex/ +web: + http: 0.0.0.0:4190 +oauth2: + skipApprovalScreen: true +expiry: + signingKeys: "4h" + idTokens: "1h" +staticClients: +- id: oauth2-proxy + redirectURIs: + - 'http://localhost:4180/oauth2/callback' + name: 'OAuth2 Proxy' + secret: b2F1dGgyLXByb3h5LWNsaWVudC1zZWNyZXQK +enablePasswordDB: true +staticPasswords: +- email: "admin@example.com" + # bcrypt hash of the string "password" + hash: "$2a$10$2b2cU8CPhOTaGrs1HRQuAueS7JTT5ZHsHSzYiFPm1leZck7Mc8T4W" + username: "admin" + userID: "08a8684b-db88-4b73-90a9-3cd1661f5466" diff --git a/contrib/local-environment/docker-compose.yaml b/contrib/local-environment/docker-compose.yaml new file mode 100644 index 00000000..6f57720a --- /dev/null +++ b/contrib/local-environment/docker-compose.yaml @@ -0,0 +1,64 @@ +# This docker-compose file can be used to bring up an example instance of oauth2-proxy +# for manual testing and exploration of features. +# Alongside OAuth2-Proxy, this file also starts Dex to act as the identity provider, +# etcd for storage for Dex and HTTPBin as an example upstream. +# +# This can either be created using docker-compose +# docker-compose -f docker-compose.yaml +# Or: +# make (eg. make up, make down) +# +# Access http://localhost:4180 to initiate a login cycle +version: '3.0' +services: + oauth2-proxy: + container_name: oauth2-proxy + image: quay.io/oauth2-proxy/oauth2-proxy:v5.1.1 + command: --config /oauth2-proxy.cfg + ports: + - 4180:4180/tcp + hostname: oauth2-proxy + volumes: + - "./oauth2-proxy.cfg:/oauth2-proxy.cfg" + restart: unless-stopped + networks: + dex: {} + httpbin: {} + depends_on: + - dex + - httpbin + dex: + container_name: dex + image: quay.io/dexidp/dex:v2.23.0 + command: serve /dex.yaml + ports: + - 4190:4190/tcp + hostname: dex + volumes: + - "./dex.yaml:/dex.yaml" + restart: unless-stopped + networks: + dex: + aliases: + - dex.localhost + etcd: {} + depends_on: + - etcd + httpbin: + container_name: httpbin + image: kennethreitz/httpbin + networks: + httpbin: {} + etcd: + container_name: etcd + image: gcr.io/etcd-development/etcd:v3.4.7 + entrypoint: /usr/local/bin/etcd + command: + - --listen-client-urls=http://0.0.0.0:2379 + - --advertise-client-urls=http://etcd:2379 + networks: + etcd: {} +networks: + dex: {} + etcd: {} + httpbin: {} diff --git a/contrib/local-environment/oauth2-proxy.cfg b/contrib/local-environment/oauth2-proxy.cfg new file mode 100644 index 00000000..beb8c900 --- /dev/null +++ b/contrib/local-environment/oauth2-proxy.cfg @@ -0,0 +1,10 @@ +http_address="0.0.0.0:4180" +redirect_url="http://localhost:4180/oauth2/callback" +cookie_secret="OQINaROshtE9TcZkNAm-5Zs2Pv3xaWytBmc5W7sPX7w=" +provider="oidc" +email_domains="example.com" +oidc_issuer_url="http://dex.localhost:4190/dex" +client_secret="b2F1dGgyLXByb3h5LWNsaWVudC1zZWNyZXQK" +client_id="oauth2-proxy" +cookie_secure="false" +upstreams="http://httpbin"