From cd36ab455b1470218ba12336170e5e938dbf6020 Mon Sep 17 00:00:00 2001 From: janskiba Date: Tue, 12 Dec 2023 09:53:14 +0000 Subject: [PATCH] feat: Add token-manager to beam --- ccp/modules/datashield-compose.yml | 3 +++ ccp/modules/datashield-setup.sh | 1 + 2 files changed, 4 insertions(+) diff --git a/ccp/modules/datashield-compose.yml b/ccp/modules/datashield-compose.yml index 8ba104c..82f7aea 100644 --- a/ccp/modules/datashield-compose.yml +++ b/ccp/modules/datashield-compose.yml @@ -51,6 +51,8 @@ services: KEYCLOAK_ADMIN_GROUP: "${KEYCLOAK_ADMIN_GROUP}" TOKEN_MANAGER_PASSWORD: "${TOKEN_MANAGER_OPAL_PASSWORD}" EXPORTER_PASSWORD: "${EXPORTER_OPAL_PASSWORD}" + BEAM_APP_ID: token-manager.${PROXY_ID} + BEAM_SECRET: ${TOKEN_MANAGER_SECRET} secrets: - opal-cert.pem - opal-key.pem @@ -106,6 +108,7 @@ services: beam-proxy: environment: APP_datashield-connect_KEY: ${DATASHIELD_CONNECT_SECRET} + APP_token-manager_KEY: ${TOKEN_MANAGER_SECRET} secrets: opal-cert.pem: diff --git a/ccp/modules/datashield-setup.sh b/ccp/modules/datashield-setup.sh index 5262b6b..d9932c3 100644 --- a/ccp/modules/datashield-setup.sh +++ b/ccp/modules/datashield-setup.sh @@ -9,6 +9,7 @@ if [ "$ENABLE_DATASHIELD" == true ]; then OPAL_ADMIN_PASSWORD="$(generate_password \"admin password for Opal\")" RSTUDIO_ADMIN_PASSWORD="$(generate_password \"admin password for R-Studio\")" DATASHIELD_CONNECT_SECRET="$(echo \"This is a salt string to generate one consistent password as the DataShield Connect secret. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" + TOKEN_MANAGER_SECRET="$(echo \"This is a salt string to generate one consistent password as the Token Manger secret. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" if [ ! -e /tmp/bridgehead/opal-cert.pem ]; then mkdir -p /tmp/bridgehead/ chown -R bridgehead:docker /tmp/bridgehead/