This is an automated email from the ASF dual-hosted git repository.
mykolabodnar pushed a commit to branch DLAB-1363
in repository https://gitbox.apache.org/repos/asf/incubator-dlab.git
commit 2aa79efaf3c2e23ce5305af270bdf8b42c0bac8c
Author: Mykola_Bodnar1 <bodnarmyk...@gmail.com>
AuthorDate: Mon Dec 9 13:28:12 2019 +0200
[DLAB-1363] - SSO on Azure fixed
---
.../src/general/scripts/azure/edge_configure.py | 2 +-
.../src/general/scripts/azure/project_prepare.py | 58 +++++++++++++---------
2 files changed, 36 insertions(+), 24 deletions(-)
diff --git
a/infrastructure-provisioning/src/general/scripts/azure/edge_configure.py
b/infrastructure-provisioning/src/general/scripts/azure/edge_configure.py
index 9b734a3..0dc0904 100644
--- a/infrastructure-provisioning/src/general/scripts/azure/edge_configure.py
+++ b/infrastructure-provisioning/src/general/scripts/azure/edge_configure.py
@@ -274,7 +274,7 @@ if __name__ == "__main__":
.format(edge_conf['service_base_name'],
os.environ['keycloak_auth_server_url'],
os.environ['keycloak_realm_name'],
os.environ['keycloak_user'],
os.environ['keycloak_user_password'],
- keycloak_client_secret, instance_hostname,
os.environ['project_name'])
+ keycloak_client_secret, edge_conf['edge_public_ip'],
os.environ['project_name'])
try:
local("~/scripts/{}.py {}".format('configure_keycloak',
keycloak_params))
except:
diff --git
a/infrastructure-provisioning/src/general/scripts/azure/project_prepare.py
b/infrastructure-provisioning/src/general/scripts/azure/project_prepare.py
index fca9b2f..a182de7 100644
--- a/infrastructure-provisioning/src/general/scripts/azure/project_prepare.py
+++ b/infrastructure-provisioning/src/general/scripts/azure/project_prepare.py
@@ -24,7 +24,7 @@
import json
from dlab.fab import *
from dlab.meta_lib import *
-import sys, time, os
+import sys, time, os, re
from dlab.actions_lib import *
import traceback
from Crypto.PublicKey import RSA
@@ -97,6 +97,7 @@ if __name__ == "__main__":
"endpoint_tag":
project_conf['endpoint_tag'],
os.environ['conf_billing_tag_key']: os.environ['conf_billing_tag_value']}
project_conf['primary_disk_size'] = '32'
+ project_conf['keycloak_host'] =
''.join(re.findall(r"\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b",
os.environ['keycloak_auth_server_url'])) + "/32"
# FUSE in case of absence of user's key
try:
@@ -227,9 +228,9 @@ if __name__ == "__main__":
"name": "out-4",
"protocol": "Tcp",
"source_port_range": "*",
- "destination_port_range": "8787",
+ "destination_port_range": "8080",
"source_address_prefix": "*",
- "destination_address_prefix":
project_conf['private_subnet_cidr'],
+ "destination_address_prefix": project_conf['keycloak_host'],
"access": "Allow",
"priority": 130,
"direction": "Outbound"
@@ -238,7 +239,7 @@ if __name__ == "__main__":
"name": "out-5",
"protocol": "Tcp",
"source_port_range": "*",
- "destination_port_range": "6006",
+ "destination_port_range": "8787",
"source_address_prefix": "*",
"destination_address_prefix":
project_conf['private_subnet_cidr'],
"access": "Allow",
@@ -249,7 +250,7 @@ if __name__ == "__main__":
"name": "out-6",
"protocol": "Tcp",
"source_port_range": "*",
- "destination_port_range": "20888",
+ "destination_port_range": "6006",
"source_address_prefix": "*",
"destination_address_prefix":
project_conf['private_subnet_cidr'],
"access": "Allow",
@@ -260,7 +261,7 @@ if __name__ == "__main__":
"name": "out-7",
"protocol": "Tcp",
"source_port_range": "*",
- "destination_port_range": "8088",
+ "destination_port_range": "20888",
"source_address_prefix": "*",
"destination_address_prefix":
project_conf['private_subnet_cidr'],
"access": "Allow",
@@ -271,7 +272,7 @@ if __name__ == "__main__":
"name": "out-8",
"protocol": "Tcp",
"source_port_range": "*",
- "destination_port_range": "18080",
+ "destination_port_range": "8088",
"source_address_prefix": "*",
"destination_address_prefix":
project_conf['private_subnet_cidr'],
"access": "Allow",
@@ -282,7 +283,7 @@ if __name__ == "__main__":
"name": "out-9",
"protocol": "Tcp",
"source_port_range": "*",
- "destination_port_range": "50070",
+ "destination_port_range": "18080",
"source_address_prefix": "*",
"destination_address_prefix":
project_conf['private_subnet_cidr'],
"access": "Allow",
@@ -293,7 +294,7 @@ if __name__ == "__main__":
"name": "out-10",
"protocol": "Tcp",
"source_port_range": "*",
- "destination_port_range": "8085",
+ "destination_port_range": "50070",
"source_address_prefix": "*",
"destination_address_prefix":
project_conf['private_subnet_cidr'],
"access": "Allow",
@@ -304,7 +305,7 @@ if __name__ == "__main__":
"name": "out-11",
"protocol": "Tcp",
"source_port_range": "*",
- "destination_port_range": "8081",
+ "destination_port_range": "8085",
"source_address_prefix": "*",
"destination_address_prefix":
project_conf['private_subnet_cidr'],
"access": "Allow",
@@ -315,7 +316,7 @@ if __name__ == "__main__":
"name": "out-12",
"protocol": "Tcp",
"source_port_range": "*",
- "destination_port_range": "4040-4140",
+ "destination_port_range": "8081",
"source_address_prefix": "*",
"destination_address_prefix":
project_conf['private_subnet_cidr'],
"access": "Allow",
@@ -324,20 +325,20 @@ if __name__ == "__main__":
},
{
"name": "out-13",
- "protocol": "Udp",
+ "protocol": "Tcp",
"source_port_range": "*",
- "destination_port_range": "53",
- "source_address_prefix": '*',
- "destination_address_prefix": "*",
+ "destination_port_range": "4040-4140",
+ "source_address_prefix": "*",
+ "destination_address_prefix":
project_conf['private_subnet_cidr'],
"access": "Allow",
"priority": 220,
"direction": "Outbound"
},
{
"name": "out-14",
- "protocol": "Tcp",
+ "protocol": "Udp",
"source_port_range": "*",
- "destination_port_range": "80",
+ "destination_port_range": "53",
"source_address_prefix": '*',
"destination_address_prefix": "*",
"access": "Allow",
@@ -348,7 +349,7 @@ if __name__ == "__main__":
"name": "out-15",
"protocol": "Tcp",
"source_port_range": "*",
- "destination_port_range": "443",
+ "destination_port_range": "80",
"source_address_prefix": '*',
"destination_address_prefix": "*",
"access": "Allow",
@@ -359,7 +360,7 @@ if __name__ == "__main__":
"name": "out-16",
"protocol": "Tcp",
"source_port_range": "*",
- "destination_port_range": "389",
+ "destination_port_range": "443",
"source_address_prefix": '*',
"destination_address_prefix": "*",
"access": "Allow",
@@ -370,26 +371,37 @@ if __name__ == "__main__":
"name": "out-17",
"protocol": "Tcp",
"source_port_range": "*",
+ "destination_port_range": "389",
+ "source_address_prefix": '*',
+ "destination_address_prefix": "*",
+ "access": "Allow",
+ "priority": 260,
+ "direction": "Outbound"
+ },
+ {
+ "name": "out-18",
+ "protocol": "Tcp",
+ "source_port_range": "*",
"destination_port_range": "8042",
"source_address_prefix": "*",
"destination_address_prefix":
project_conf['private_subnet_cidr'],
"access": "Allow",
- "priority": 260,
+ "priority": 270,
"direction": "Outbound"
},
{
- "name": "out-18",
+ "name": "out-19",
"protocol": "Udp",
"source_port_range": "*",
"destination_port_range": "123",
"source_address_prefix": "*",
"destination_address_prefix": "*",
"access": "Allow",
- "priority": 270,
+ "priority": 280,
"direction": "Outbound"
},
{
- "name": "out-19",
+ "name": "out-20",
"protocol": "*",
"source_port_range": "*",
"destination_port_range": "*",
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@dlab.apache.org
For additional commands, e-mail: commits-h...@dlab.apache.org
