You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@dlab.apache.org by my...@apache.org on 2019/12/09 11:28:29 UTC
[incubator-dlab] branch DLAB-1363 created (now 2aa79ef)
This is an automated email from the ASF dual-hosted git repository.
mykolabodnar pushed a change to branch DLAB-1363
in repository https://gitbox.apache.org/repos/asf/incubator-dlab.git.
at 2aa79ef [DLAB-1363] - SSO on Azure fixed
This branch includes the following new commits:
new 2aa79ef [DLAB-1363] - SSO on Azure fixed
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@dlab.apache.org
For additional commands, e-mail: commits-help@dlab.apache.org
[incubator-dlab] 01/01: [DLAB-1363] - SSO on Azure fixed
Posted by my...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
mykolabodnar pushed a commit to branch DLAB-1363
in repository https://gitbox.apache.org/repos/asf/incubator-dlab.git
commit 2aa79efaf3c2e23ce5305af270bdf8b42c0bac8c
Author: Mykola_Bodnar1 <bo...@gmail.com>
AuthorDate: Mon Dec 9 13:28:12 2019 +0200
[DLAB-1363] - SSO on Azure fixed
---
.../src/general/scripts/azure/edge_configure.py | 2 +-
.../src/general/scripts/azure/project_prepare.py | 58 +++++++++++++---------
2 files changed, 36 insertions(+), 24 deletions(-)
diff --git a/infrastructure-provisioning/src/general/scripts/azure/edge_configure.py b/infrastructure-provisioning/src/general/scripts/azure/edge_configure.py
index 9b734a3..0dc0904 100644
--- a/infrastructure-provisioning/src/general/scripts/azure/edge_configure.py
+++ b/infrastructure-provisioning/src/general/scripts/azure/edge_configure.py
@@ -274,7 +274,7 @@ if __name__ == "__main__":
.format(edge_conf['service_base_name'], os.environ['keycloak_auth_server_url'],
os.environ['keycloak_realm_name'], os.environ['keycloak_user'],
os.environ['keycloak_user_password'],
- keycloak_client_secret, instance_hostname, os.environ['project_name'])
+ keycloak_client_secret, edge_conf['edge_public_ip'], os.environ['project_name'])
try:
local("~/scripts/{}.py {}".format('configure_keycloak', keycloak_params))
except:
diff --git a/infrastructure-provisioning/src/general/scripts/azure/project_prepare.py b/infrastructure-provisioning/src/general/scripts/azure/project_prepare.py
index fca9b2f..a182de7 100644
--- a/infrastructure-provisioning/src/general/scripts/azure/project_prepare.py
+++ b/infrastructure-provisioning/src/general/scripts/azure/project_prepare.py
@@ -24,7 +24,7 @@
import json
from dlab.fab import *
from dlab.meta_lib import *
-import sys, time, os
+import sys, time, os, re
from dlab.actions_lib import *
import traceback
from Crypto.PublicKey import RSA
@@ -97,6 +97,7 @@ if __name__ == "__main__":
"endpoint_tag": project_conf['endpoint_tag'],
os.environ['conf_billing_tag_key']: os.environ['conf_billing_tag_value']}
project_conf['primary_disk_size'] = '32'
+ project_conf['keycloak_host'] = ''.join(re.findall(r"\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b", os.environ['keycloak_auth_server_url'])) + "/32"
# FUSE in case of absence of user's key
try:
@@ -227,9 +228,9 @@ if __name__ == "__main__":
"name": "out-4",
"protocol": "Tcp",
"source_port_range": "*",
- "destination_port_range": "8787",
+ "destination_port_range": "8080",
"source_address_prefix": "*",
- "destination_address_prefix": project_conf['private_subnet_cidr'],
+ "destination_address_prefix": project_conf['keycloak_host'],
"access": "Allow",
"priority": 130,
"direction": "Outbound"
@@ -238,7 +239,7 @@ if __name__ == "__main__":
"name": "out-5",
"protocol": "Tcp",
"source_port_range": "*",
- "destination_port_range": "6006",
+ "destination_port_range": "8787",
"source_address_prefix": "*",
"destination_address_prefix": project_conf['private_subnet_cidr'],
"access": "Allow",
@@ -249,7 +250,7 @@ if __name__ == "__main__":
"name": "out-6",
"protocol": "Tcp",
"source_port_range": "*",
- "destination_port_range": "20888",
+ "destination_port_range": "6006",
"source_address_prefix": "*",
"destination_address_prefix": project_conf['private_subnet_cidr'],
"access": "Allow",
@@ -260,7 +261,7 @@ if __name__ == "__main__":
"name": "out-7",
"protocol": "Tcp",
"source_port_range": "*",
- "destination_port_range": "8088",
+ "destination_port_range": "20888",
"source_address_prefix": "*",
"destination_address_prefix": project_conf['private_subnet_cidr'],
"access": "Allow",
@@ -271,7 +272,7 @@ if __name__ == "__main__":
"name": "out-8",
"protocol": "Tcp",
"source_port_range": "*",
- "destination_port_range": "18080",
+ "destination_port_range": "8088",
"source_address_prefix": "*",
"destination_address_prefix": project_conf['private_subnet_cidr'],
"access": "Allow",
@@ -282,7 +283,7 @@ if __name__ == "__main__":
"name": "out-9",
"protocol": "Tcp",
"source_port_range": "*",
- "destination_port_range": "50070",
+ "destination_port_range": "18080",
"source_address_prefix": "*",
"destination_address_prefix": project_conf['private_subnet_cidr'],
"access": "Allow",
@@ -293,7 +294,7 @@ if __name__ == "__main__":
"name": "out-10",
"protocol": "Tcp",
"source_port_range": "*",
- "destination_port_range": "8085",
+ "destination_port_range": "50070",
"source_address_prefix": "*",
"destination_address_prefix": project_conf['private_subnet_cidr'],
"access": "Allow",
@@ -304,7 +305,7 @@ if __name__ == "__main__":
"name": "out-11",
"protocol": "Tcp",
"source_port_range": "*",
- "destination_port_range": "8081",
+ "destination_port_range": "8085",
"source_address_prefix": "*",
"destination_address_prefix": project_conf['private_subnet_cidr'],
"access": "Allow",
@@ -315,7 +316,7 @@ if __name__ == "__main__":
"name": "out-12",
"protocol": "Tcp",
"source_port_range": "*",
- "destination_port_range": "4040-4140",
+ "destination_port_range": "8081",
"source_address_prefix": "*",
"destination_address_prefix": project_conf['private_subnet_cidr'],
"access": "Allow",
@@ -324,20 +325,20 @@ if __name__ == "__main__":
},
{
"name": "out-13",
- "protocol": "Udp",
+ "protocol": "Tcp",
"source_port_range": "*",
- "destination_port_range": "53",
- "source_address_prefix": '*',
- "destination_address_prefix": "*",
+ "destination_port_range": "4040-4140",
+ "source_address_prefix": "*",
+ "destination_address_prefix": project_conf['private_subnet_cidr'],
"access": "Allow",
"priority": 220,
"direction": "Outbound"
},
{
"name": "out-14",
- "protocol": "Tcp",
+ "protocol": "Udp",
"source_port_range": "*",
- "destination_port_range": "80",
+ "destination_port_range": "53",
"source_address_prefix": '*',
"destination_address_prefix": "*",
"access": "Allow",
@@ -348,7 +349,7 @@ if __name__ == "__main__":
"name": "out-15",
"protocol": "Tcp",
"source_port_range": "*",
- "destination_port_range": "443",
+ "destination_port_range": "80",
"source_address_prefix": '*',
"destination_address_prefix": "*",
"access": "Allow",
@@ -359,7 +360,7 @@ if __name__ == "__main__":
"name": "out-16",
"protocol": "Tcp",
"source_port_range": "*",
- "destination_port_range": "389",
+ "destination_port_range": "443",
"source_address_prefix": '*',
"destination_address_prefix": "*",
"access": "Allow",
@@ -370,26 +371,37 @@ if __name__ == "__main__":
"name": "out-17",
"protocol": "Tcp",
"source_port_range": "*",
+ "destination_port_range": "389",
+ "source_address_prefix": '*',
+ "destination_address_prefix": "*",
+ "access": "Allow",
+ "priority": 260,
+ "direction": "Outbound"
+ },
+ {
+ "name": "out-18",
+ "protocol": "Tcp",
+ "source_port_range": "*",
"destination_port_range": "8042",
"source_address_prefix": "*",
"destination_address_prefix": project_conf['private_subnet_cidr'],
"access": "Allow",
- "priority": 260,
+ "priority": 270,
"direction": "Outbound"
},
{
- "name": "out-18",
+ "name": "out-19",
"protocol": "Udp",
"source_port_range": "*",
"destination_port_range": "123",
"source_address_prefix": "*",
"destination_address_prefix": "*",
"access": "Allow",
- "priority": 270,
+ "priority": 280,
"direction": "Outbound"
},
{
- "name": "out-19",
+ "name": "out-20",
"protocol": "*",
"source_port_range": "*",
"destination_port_range": "*",
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@dlab.apache.org
For additional commands, e-mail: commits-help@dlab.apache.org