samply/bridgehead
1
0
Fork 0
mirror of https://github.com/samply/bridgehead.git synced 2025-07-01 00:30:20 +02:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: samply:8b5c47174a024c673dd688b2fc9b2da8d0c25512
Branches Tags
samply:main samply:develop samply:feature/authentik samply:feature/remove-rstudio samply:feature/exporter-docu samply:transfair-cli samply:test/teiler-dashboard samply:feature/add-pscc samply:feature/teiler-for-ccp-and-bbmri samply:qr-bbmri-v2 samply:prototype/beamFile samply:test/exporter-no-python samply:cherry-pick-tmp-pr samply:test/obds2fhir-batch-import samply:ovis samply:test/airgapped-blaze samply:pr-secret-sync-gitlab-bbmri samply:feature/add-qb-to-cce samply:Threated-patch-1 samply:torbrenner-patch-1 samply:feat/routine-connector-minor-fixes samply:metadata_fb samply:feat/dnpm-dip samply:bugfix/test-old-blaze samply:dnpm-etl-rewrite samply:feature/qr-basic-auth samply:refactor/logging samply:feature/opal-client-for-new-token-manager samply:test/onkofdz samply:feature/addExporterAndTeilerToEric samply:set_env_variables_needed_for_fhir2sql samply:feature/externalize-versions samply:fix/kr-deactivate-landingpage samply:refactor/datashield-auth-config samply:refactor/independent-modules samply:feature/dnpm-extra-broker samply:revert-223-feat/add-dkfz-hector-ki-project samply:ehds2_develop samply:ehds2 samply:feature/auto-pr samply:qr_bbmri samply:feature/cBioPortal samply:feat/blaze-frontend samply:pro/lemedart samply:feature/feedback-agent samply:feature/component-moniotring samply:feature/cbioportal-datashield samply:documentation/blaze_resources samply:feat/cBioPortal samply:test-switch-branch samply:feature/nngm-rest samply:feature/opal samply:feature/snap samply:feature/accessTokenFromConfiguration
..
compare: samply:cherry-pick-tmp-pr
Branches Tags
samply:develop samply:feature/authentik samply:feature/remove-rstudio samply:feature/exporter-docu samply:transfair-cli samply:main samply:test/teiler-dashboard samply:feature/add-pscc samply:feature/teiler-for-ccp-and-bbmri samply:qr-bbmri-v2 samply:prototype/beamFile samply:test/exporter-no-python samply:cherry-pick-tmp-pr samply:test/obds2fhir-batch-import samply:ovis samply:test/airgapped-blaze samply:pr-secret-sync-gitlab-bbmri samply:feature/add-qb-to-cce samply:Threated-patch-1 samply:torbrenner-patch-1 samply:feat/routine-connector-minor-fixes samply:metadata_fb samply:feat/dnpm-dip samply:bugfix/test-old-blaze samply:dnpm-etl-rewrite samply:feature/qr-basic-auth samply:refactor/logging samply:feature/opal-client-for-new-token-manager samply:test/onkofdz samply:feature/addExporterAndTeilerToEric samply:set_env_variables_needed_for_fhir2sql samply:feature/externalize-versions samply:fix/kr-deactivate-landingpage samply:refactor/datashield-auth-config samply:refactor/independent-modules samply:feature/dnpm-extra-broker samply:revert-223-feat/add-dkfz-hector-ki-project samply:ehds2_develop samply:ehds2 samply:feature/auto-pr samply:qr_bbmri samply:feature/cBioPortal samply:feat/blaze-frontend samply:pro/lemedart samply:feature/feedback-agent samply:feature/component-moniotring samply:feature/cbioportal-datashield samply:documentation/blaze_resources samply:feat/cBioPortal samply:test-switch-branch samply:feature/nngm-rest samply:feature/opal samply:feature/snap samply:feature/accessTokenFromConfiguration

5 Commits
8b5c47174a ... cherry-pic

Author SHA1 Message Date
Tim Schumacher
ec2c61b308 Martin's change 2025-05-09 09:23:20 +02:00
Tim Schumacher
0cdd5f371b Use temp directory for secret sync cache 2025-05-09 09:21:40 +02:00
Jan
cd38957dd7 Merge pull request #289 from samply/develop 
Merge develop into main
 2025-04-15 10:17:11 +02:00
Jan
4ef585bfc5 Merge pull request #281 from samply/develop 
Merge develop into main
 2025-03-17 10:02:58 +01:00
Torben Brenner
6ca67ca082 Merge pull request #270 from samply/develop 2025-02-20 15:46:40 +01:00
8 changed files with 4 additions and 35 deletions
Expand all files Collapse all files

4
bbmri/modules/eric-setup.sh
View File

@ -10,10 +10,6 @@ if [ "${ENABLE_ERIC}" == "true" ]; then
export ERIC_BROKER_ID=broker.bbmri.samply.de export ERIC_BROKER_ID=broker.bbmri.samply.de
export ERIC_ROOT_CERT=eric export ERIC_ROOT_CERT=eric
;; ;;
"acceptance")
export ERIC_BROKER_ID=broker-acc.bbmri-acc.samply.de
export ERIC_ROOT_CERT=eric.acc
;;
"test") "test")
export ERIC_BROKER_ID=broker-test.bbmri-test.samply.de export ERIC_BROKER_ID=broker-test.bbmri-test.samply.de
export ERIC_ROOT_CERT=eric.test export ERIC_ROOT_CERT=eric.test

20
bbmri/modules/eric.acc.root.crt.pem
View File

@ -1,20 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIDNTCCAh2gAwIBAgIUE/wu6FmI+KSMOalI65b+lI3HI4cwDQYJKoZIhvcNAQEL
BQAwFjEUMBIGA1UEAxMLQnJva2VyLVJvb3QwHhcNMjQwOTE2MTUyMzU0WhcNMzQw
OTE0MTUyNDI0WjAWMRQwEgYDVQQDEwtCcm9rZXItUm9vdDCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAOt1I1FQt2bI4Nnjtg8JBYid29cBIkDT4MMb45Jr
ays24y4R3WO7VJK9UjNduSq/A1jlA0W0A/szDf8Ojq6bBtg+uL92PTDjYH1QXwX0
c7eMo2tvvyyrs/cb2/ovDBQ1lpibcxVmVAv042ASmil3SdqKKXpv3ATnF9I7V4cv
fwB56FChaGIov5EK+9JOMjTx6oMlBEgUFR6qq/lSqM9my0HYwUFbX2W+nT9EKEIP
9UP1eyfRZR3E/+oticnm/cS20BGCbjoYrNgLthXKyaASuhGoElKs8EZ3h9MiI+u0
DpR0KpePhAkMLugBrgYWqkMwwD1684LfC4YVQrsLwzo5OW8CAwEAAaN7MHkwDgYD
VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFPbXs3g3lMjH
1JMe0a5aVbN7lB92MB8GA1UdIwQYMBaAFPbXs3g3lMjH1JMe0a5aVbN7lB92MBYG
A1UdEQQPMA2CC0Jyb2tlci1Sb290MA0GCSqGSIb3DQEBCwUAA4IBAQBM5RsXb2HN
FpC1mYfocXAn20Zu4d603qmc/IqkiOWbp36pWo+jk1AxejyRS9hEpQalgSnvcRPQ
1hPEhGU+wvI0WWVi/01iNjVbXmJNPQEouXQWAT17dyp9vqQkPw8LNzpSV/qdPgbT
Z9o3sZrjUsSLsK7A7Q5ky4ePkiJBaMsHeAD+wqGwpiJ4D2Xhp8e1v36TWM0qt2EA
gySx9isx/jeGGPBmDqYB9BCal5lrihPN56jd+5pCkyXeZqKWiiXFJKXwcwxctYZc
ADHIiTLLPXE8LHTUJAO51it1NAZ1S24aMzax4eWDXcWO7/ybbx5pkYkMd6EqlKHd
8riQJIhY4huX
-----END CERTIFICATE-----

5
bridgehead
View File

@ -69,7 +69,7 @@ loadVars() {
if [ "$(git rev-parse --abbrev-ref HEAD)" == "main" ]; then if [ "$(git rev-parse --abbrev-ref HEAD)" == "main" ]; then
ENVIRONMENT="production" ENVIRONMENT="production"
else else
ENVIRONMENT="test" # we have acceptance environment in BBMRI ERIC and it would be more appropriate to default to that one in case the data they have in BH is real, but I'm gonna leave it as is for backward compatibility ENVIRONMENT="test"
fi fi
fi fi
# Source the versions of the images components # Source the versions of the images components
@ -80,9 +80,6 @@ loadVars() {
"test") "test")
source ./versions/test source ./versions/test
;; ;;
"acceptance")
source ./versions/acceptance
;;
*) *)
report_error 7 "Environment \"$ENVIRONMENT\" is unknown. Assuming production. FIX THIS!" report_error 7 "Environment \"$ENVIRONMENT\" is unknown. Assuming production. FIX THIS!"
source ./versions/prod source ./versions/prod

2
lib/functions.sh
View File

@ -348,7 +348,7 @@ function secret_sync_gitlab_token() {
fi fi
# Create a temporary directory for Secret Sync that is valid per boot # Create a temporary directory for Secret Sync that is valid per boot
secret_sync_tempdir="/tmp/secret-sync.boot-$(cat /proc/sys/kernel/random/boot_id)" secret_sync_tempdir="/tmp/bridgehead/secret-sync.boot-$(cat /proc/sys/kernel/random/boot_id)"
mkdir -p $secret_sync_tempdir mkdir -p $secret_sync_tempdir
# Use Secret Sync to validate the GitLab token in $secret_sync_tempdir/cache. # Use Secret Sync to validate the GitLab token in $secret_sync_tempdir/cache.

2
lib/gitlab-token-helper.sh
View File

@ -2,7 +2,7 @@
[ "$1" = "get" ] || exit [ "$1" = "get" ] || exit
source "/tmp/secret-sync.boot-$(cat /proc/sys/kernel/random/boot_id)/gitlab-token" source "/tmp/bridgehead/secret-sync.boot-$(cat /proc/sys/kernel/random/boot_id)/gitlab-token"
# Any non-empty username works, only the token matters # Any non-empty username works, only the token matters
cat << EOF cat << EOF

2
modules/ssh-tunnel-setup.sh
View File

@ -2,5 +2,5 @@
if [ -n "$ENABLE_SSH_TUNNEL" ]; then if [ -n "$ENABLE_SSH_TUNNEL" ]; then
log INFO "SSH Tunnel setup detected -- will start SSH Tunnel." log INFO "SSH Tunnel setup detected -- will start SSH Tunnel."
OVERRIDE+=" -f ./modules/ssh-tunnel-compose.yml" OVERRIDE+=" -f ./$PROJECT/modules/ssh-tunnel-compose.yml"
fi fi

1
modules/transfair-compose.yml
View File

@ -22,7 +22,6 @@ services:
- DATABASE_URL=sqlite://transfair/data_requests.sql?mode=rwc - DATABASE_URL=sqlite://transfair/data_requests.sql?mode=rwc
- RUST_LOG=${RUST_LOG:-info} - RUST_LOG=${RUST_LOG:-info}
- TLS_CA_CERTIFICATES_DIR=/conf/trusted-ca-certs - TLS_CA_CERTIFICATES_DIR=/conf/trusted-ca-certs
- TLS_DISABLE=${TRANSFAIR_TLS_DISABLE:-false}
volumes: volumes:
- /var/cache/bridgehead/${PROJECT}/transfair:/transfair - /var/cache/bridgehead/${PROJECT}/transfair:/transfair
- /etc/bridgehead/trusted-ca-certs:/conf/trusted-ca-certs:ro - /etc/bridgehead/trusted-ca-certs:/conf/trusted-ca-certs:ro

3
versions/acceptance
View File

@ -1,3 +0,0 @@
FOCUS_TAG=develop
BEAM_TAG=develop
BLAZE_TAG=main