Re-enable the dev dashboard (#3477)

* Re-enable the dev dashboard PBENCH-1203 The shift to HTTPS and Keycloak has broken our dashboard local dev mode hack in two ways: 1. The axios.get call in the express mirror server needs to either load certificates or disable validation. This adds the CI private CA key. 2. Login requires that the Keycloak be configured with the address of the dashboard code, which in this mode is http://localhost:3000. This adds that redirect to the Keycloak configuration
distributed-system-analysis · Jul 3, 2023 · 75d4d91 · 75d4d91
1 parent d6b2ed9
commit 75d4d91
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 22 deletions.
diff --git a/dashboard/server/index.js b/dashboard/server/index.js
@@ -1,21 +1,28 @@
-const express = require('express');
-const axios = require('axios');
-require('dotenv').config()
+const express = require("express");
+const axios = require("axios");
+const https = require("https");
+const fs = require("fs");
+require("dotenv").config();
 
+const app = express();
+app.get("/api/v1/endpoints", (_req, res) => {
+  console.log("Mirror engaged: ", process.env.PBENCH_SERVER);
+  axios
+    .get(`${process.env.PBENCH_SERVER}/api/v1/endpoints`, {
+      headers: { Accept: "application/json" },
+      httpsAgent: new https.Agent({
+        ca: fs.readFileSync(
+          "../server/pbenchinacan/etc/pki/tls/certs/pbench_CA.crt"
+          )
+      }),
+    })
+    .then((endpoints) => {
+      res.setHeader("Content-Type", "application/json");
+      res.send(endpoints.data);
+    })
+    .catch((err) => {
+      console.log("Error: ", err.message);
+    });
+});
 
-const app = express()
-app.get('/api/v1/endpoints', (_req, res) => {
-    console.log('Mirror engaged: ', process.env.PBENCH_SERVER)
-    axios.get(
-            `${process.env.PBENCH_SERVER}/api/v1/endpoints`,
-            { headers: { 'Accept': 'application/json' } })
-        .then(endpoints => {
-            res.setHeader('Content-Type', 'application/json');
-            res.send(endpoints.data);
-        })
-        .catch(err => {
-            console.log('Error: ', err.message);
-        })
-})
-
-app.listen(3001, () => console.log('Mirror server running on localhost:3001'));
+app.listen(3001, () => console.log("Mirror server running on localhost:3001"));
diff --git a/server/pbenchinacan/load_keycloak.sh b/server/pbenchinacan/load_keycloak.sh
@@ -19,6 +19,7 @@
 
 KEYCLOAK_HOST_PORT=${KEYCLOAK_HOST_PORT:-"https://localhost:8090"}
 KEYCLOAK_REDIRECT_URI=${KEYCLOAK_REDIRECT_URI:-"https://localhost:8443/*"}
+KEYCLOAK_DEV_REDIRECT=${KEYCLOAK_DEV_REDIRECT:-"http://localhost:3000/*"}
 ADMIN_USERNAME=${ADMIN_USERNAME:-"admin"}
 ADMIN_PASSWORD=${ADMIN_PASSWORD:-"admin"}
 # These values must match the options "realm" and "client in the
@@ -106,7 +107,6 @@ curl -si -f -X POST \
       ]
     }'
 
-
 CLIENT_CONF=$(curl -si -f -X POST \
   "${KEYCLOAK_HOST_PORT}/admin/realms/${REALM}/clients" \
   -H "Authorization: Bearer ${ADMIN_TOKEN}" \
@@ -117,8 +117,8 @@ CLIENT_CONF=$(curl -si -f -X POST \
        "directAccessGrantsEnabled": true,
        "serviceAccountsEnabled": true,
        "enabled": true,
-       "attributes": {"post.logout.redirect.uris": "'${KEYCLOAK_REDIRECT_URI}'"},
-       "redirectUris": ["'${KEYCLOAK_REDIRECT_URI}'"]}')
+       "attributes": {"post.logout.redirect.uris": "+"},
+       "redirectUris": ["'${KEYCLOAK_REDIRECT_URI}'", "'${KEYCLOAK_DEV_REDIRECT}'"]}')
 
 CLIENT_ID=$(grep -o -e 'https://[^[:space:]]*' <<< ${CLIENT_CONF} | sed -e 's|.*/||')
 if [[ -z "${CLIENT_ID}" ]]; then