This is an automated email from the ASF dual-hosted git repository.
lahirujayathilake pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/airavata-custos.git
The following commit(s) were added to refs/heads/master by this push:
new ebf38917b update installation instructions (#414)
ebf38917b is described below
commit ebf38917b85dafeb34606be5c8492f635bd07b85
Author: Ganning Xu <[email protected]>
AuthorDate: Fri Feb 28 13:27:11 2025 -0500
update installation instructions (#414)
* update installation instructions
* added initialization of super tenant to TenantManagementController
* fixed formatting issues, readme changes from review, and git clone command
---
README.md | 89 +++++++---------------
.../api/tenant/TenantManagementController.java | 52 ++++++++++---
2 files changed, 70 insertions(+), 71 deletions(-)
diff --git a/README.md b/README.md
index 9d50b270f..bca87e246 100644
--- a/README.md
+++ b/README.md
@@ -48,70 +48,35 @@ Following diagram illustrate the architecture of the Custos
Software.
* Maven 3.6.x
#### Clone the repository
- ```
- git clone -b develop https://github.com/apache/airavata-custos.git
-
- ```
-
-#### Build source code
-
- Following command builds the Custos source code and create two docker
images of custos_core_server and custos_integration_server
-
- ```
- cd airavata-custos
- mvn clean install
- ```
-
-#### Run Custos on docker
-
-Following command starts Custos main services and its depend services. All
services are listed below and you should be able to
-access them locally if all services are correctly started.
-
- - Dependent Services
- * Keycloak (http://localhost:8080/auth/)
- * MySQL (0.0.0.0:3306)
- * HashiCorp Vault (http://localhost:8201/)
- * CILogon (Not available for local development)
-
- - Custos Services
- * Custos Core Service (0.0.0.0:7001 (grpc port))
- * Custos Integration Service (0.0.0.0:7000 (grpc port))
- * Custos Rest Proxy (http://localhost:10000(envoy proxy)
-
- ```
- cd custos-utilities/ide-integration/src/main/containers
- docker-compose up
- ```
-
-#### Bootstrapping Custos Super Tenant
-
-If all services were successfully ran. Custos bootstrap service needs to be
run to create a Super tenant to launch Custos Portal
- ```
- cd custos-utilities/custos-bootstrap-service/
- mvn spring-boot:run
- ```
-The above command should create the super tenant and it outputs super tenant
credentials. Copy those credentials to configure
-Custos Portal.
-
-```
-Note: Make sure to clean up old databases for fresh start.
+```sh
+git clone https://github.com/apache/airavata-custos.git
```
-#### Install Custos Portal Locally
+#### Start Docker Containers (to run a development environment)
+Navigate to `/compose`, and start the following containers:
+- Keycloack (http://localhost:8080)
+- Custos DB (MySQL, http://localhost:3306)
+- Vault (http://localhost:8200)
+- Adminer (http://localhost:18080)
-Follow the following link to access portal deployment instructions
+```sh
+docker compose up -d
+```
-[Custos
Portal](https://github.com/apache/airavata-custos-portal/blob/master/README.md)
+#### Configure Vault
+1. Go to the Vault's exposed port (http://localhost:8200) and walk through the
configuration process.
+ 2. You'll need to save your initial root token and unsealed key.
+2. Place your root token in `/application/src/main/resources/application.yml`,
under `spring.cloud.vault.token`
-You have to configure following properties in the .env file
+3. Install all dependencies through maven.
+ 4. `mvn clean install`
+4. Run the CustosApplication class to bring up the backend.
+ 5. `mvn spring-boot:run`
+5. Make a POST request to
http://127.0.0.1:8081/api/v1/tenant-management/initialize (no headers, no body)
+6. Grab the client id and client secret from output on the backend.
-```
-CUSTOS_CLIENT_ID="SUPERT TENANT ID CREATED FROM ABOVE STEP"
-CUSTOS_CLIENT_SEC="SUPERT TENANT CREDENTIAL CREATED FROM ABOVE STEP"
-CUSTOS_API_URL="http://localhost:10000";
-CUSTOS_SUPER_CLIENT_ID="SUPERT TENANT ID CREATED FROM ABOVE STEP"
-UNDER_MAINTENANCE=False
-```
+#### You're all set!
+You can now make requests to Custos.
## Custos Integration With External Applications
Custos can be integrated with external applications using Custos REST
Endpoints, Python SDK, or Java SDK.
@@ -120,10 +85,11 @@ Custos can be integrated with external applications using
Custos REST Endpoints,
In order to perform this operation you need to have a already activated tenant
in either Custos Managed Services or Your own deployment.
Following instructions are given for locally deployed custos setup which can
be extended to any deployment,
-####Initializing Custos Java SDK
+#### Initializing Custos Java SDK
* Add maven dependency to your project
-```<dependency>
+```
+<dependency>
<groupId>org.apache.custos</groupId>
<artifactId>custos-java-sdk</artifactId>
<version>1.1-SNAPSHOT</version>
@@ -201,4 +167,5 @@ series = {PEARC '22}
We are thankfull to National Science Foundation(NSF) for funding this project.
We are thankfull to Trusted CI (https://www.trustedci.org/) for conducting the
-First Principles Vulnerability Assesment(FPVA)
(https://dl.acm.org/doi/10.1145/1866835.1866852) for this software and
providing the above architecture diagram and security improvements.
\ No newline at end of file
+First Principles Vulnerability Assesment(FPVA)
(https://dl.acm.org/doi/10.1145/1866835.1866852) for this software and
providing the above architecture diagram and security improvements.
+`
diff --git
a/api/src/main/java/org/apache/custos/api/tenant/TenantManagementController.java
b/api/src/main/java/org/apache/custos/api/tenant/TenantManagementController.java
index 05691ada1..2a0402d81 100644
---
a/api/src/main/java/org/apache/custos/api/tenant/TenantManagementController.java
+++
b/api/src/main/java/org/apache/custos/api/tenant/TenantManagementController.java
@@ -19,6 +19,7 @@
package org.apache.custos.api.tenant;
+import org.apache.custos.core.constants.Constants;
import org.apache.custos.core.credential.store.api.CredentialMetadata;
import org.apache.custos.core.exception.UnauthorizedException;
import
org.apache.custos.core.federated.authentication.api.CacheManipulationRequest;
@@ -37,16 +38,7 @@ import
org.apache.custos.core.tenant.management.api.DeleteTenantRequest;
import org.apache.custos.core.tenant.management.api.GetTenantRequest;
import org.apache.custos.core.tenant.management.api.TenantValidationRequest;
import org.apache.custos.core.tenant.management.api.UpdateTenantRequest;
-import org.apache.custos.core.tenant.profile.api.GetAllTenantsForUserRequest;
-import org.apache.custos.core.tenant.profile.api.GetAllTenantsForUserResponse;
-import org.apache.custos.core.tenant.profile.api.GetAllTenantsResponse;
-import
org.apache.custos.core.tenant.profile.api.GetAttributeUpdateAuditTrailResponse;
-import org.apache.custos.core.tenant.profile.api.GetAuditTrailRequest;
-import
org.apache.custos.core.tenant.profile.api.GetStatusUpdateAuditTrailResponse;
-import org.apache.custos.core.tenant.profile.api.GetTenantsRequest;
-import org.apache.custos.core.tenant.profile.api.Tenant;
-import org.apache.custos.core.tenant.profile.api.UpdateStatusRequest;
-import org.apache.custos.core.tenant.profile.api.UpdateStatusResponse;
+import org.apache.custos.core.tenant.profile.api.*;
import org.apache.custos.service.auth.AuthClaim;
import org.apache.custos.service.auth.TokenAuthorizer;
import org.apache.custos.service.management.TenantManagementService;
@@ -401,6 +393,46 @@ public class TenantManagementController {
return ResponseEntity.ok(response);
}
+ @PostMapping("/initialize")
+ @Hidden
+ public ResponseEntity<CreateTenantResponse> initSuperTenant() {
+ // TODO - add validation for exactly one execution for (to deprecate)
+ // Will streamline this -- this function will be run at most once on
application start
+ Tenant tenant = Tenant.newBuilder()
+ .setClientName("Custos Super Tenant")
+ .setRequesterEmail("[email protected]")
+ .setAdminFirstName("CUSTOS")
+ .setAdminLastName("ADMIN")
+ .setAdminEmail("[email protected]")
+ .setAdminUsername("custosadmin")
+ .setAdminPassword("custos@887")
+ .addAllContacts(List.of("[email protected]"))
+ .addAllRedirectUris(List.of("http://localhost:8080/";,
"http://localhost:5173/callback/";,
+ "http://127.0.0.1:5173/callback/";,
"http://127.0.0.1:8081/swagger-ui/oauth2-redirect.html";,
+
"http://localhost:8081/swagger-ui/oauth2-redirect.html";,
+ "http://localhost:3000/login/generic_oauth";,
"http://localhost:8000/hub/oauth_callback";))
+ .setClientUri("http://localhost:8080/";)
+ .setScope("openid email profile cilogon")
+ .setDomain("localhost")
+ .setLogoUri("http://localhost:8080/";)
+ .setComment("Custos bootstrapping Tenant")
+ .setApplicationType("web")
+ .build();
+
+ CreateTenantResponse response =
tenantManagementService.createTenant(tenant);
+ UpdateStatusRequest request = UpdateStatusRequest
+ .newBuilder()
+ .setClientId(response.getClientId())
+ .setStatus(TenantStatus.ACTIVE)
+ .setSuperTenant(true)
+ .setUpdatedBy(Constants.SYSTEM)
+ .build();
+ UpdateStatusResponse updateStatusResponse =
tenantManagementService.updateTenantStatus(request);
+ System.out.println("Client Id :" + response.getClientId() + " Client
Secret :" + response.getClientSecret());
+ System.out.println(updateStatusResponse);
+ return ResponseEntity.ok().build();
+ }
+
private Credentials getCredentials(AuthClaim claim) {
return Credentials.newBuilder()
