Merge pull request #4001 from cloudfoundry/master-sync-v2-master

Master sync with v2 master

CONTRIBUTING.md

@@ -6,10 +6,10 @@ There are two main forms of contribution: reporting issues and performing code c
 
 ## Reporting Issues
 
-If you find a problem with Stratos UI, report it using [GitHub issues](https://github.com/cloudfoundry-incubator/stratos/issues/new).
+If you find a problem with Stratos UI, report it using [GitHub issues](https://github.com/cloudfoundry/stratos/issues/new).
 
 Before reporting a new issue, please take a moment to check whether it has already been reported
-[here](https://github.com/cloudfoundry-incubator/stratos/issues). If this is the case, please:
+[here](https://github.com/cloudfoundry/stratos/issues). If this is the case, please:
 
 - Read all the comments to confirm that it's the same issue you're having.
 - Refrain from adding "same thing here" or "+1" comments. Just hit the

README.md

@@ -1,17 +1,17 @@
 # Stratos
 
-<a href="https://travis-ci.org/cloudfoundry-incubator/stratos/branches"><img src="https://travis-ci.org/cloudfoundry-incubator/stratos.svg?branch=master"></a>&nbsp;<a style="padding-left: 4px" href="https://codeclimate.com/github/cloudfoundry-incubator/stratos/maintainability"><img src="https://api.codeclimate.com/v1/badges/61af8b605f385e894632/maintainability" /></a>
-<a href="https://goreportcard.com/report/github.com/cloudfoundry-incubator/stratos"><img src="https://goreportcard.com/badge/github.com/cloudfoundry-incubator/stratos"/></a>
-<a href="https://codecov.io/gh/cloudfoundry-incubator/stratos/branch/master"><img src="https://codecov.io/gh/cloudfoundry-incubator/stratos/branch/graph/badge.svg"/></a>
-[![GitHub release](https://img.shields.io/github/release/cloudfoundry-incubator/stratos.svg)](https://github.com/cloudfoundry-incubator/stratos/releases/latest)
-[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://github.com/cloudfoundry-incubator/stratos/blob/master/LICENSE)
+<a href="https://travis-ci.org/cloudfoundry/stratos/branches"><img src="https://travis-ci.org/cloudfoundry/stratos.svg?branch=master"></a>&nbsp;<a style="padding-left: 4px" href="https://codeclimate.com/github/cloudfoundry/stratos/maintainability"><img src="https://api.codeclimate.com/v1/badges/61af8b605f385e894632/maintainability" /></a>
+<a href="https://goreportcard.com/report/github.com/cloudfoundry/stratos"><img src="https://goreportcard.com/badge/github.com/cloudfoundry-incubator/stratos"/></a>
+<a href="https://codecov.io/gh/cloudfoundry/stratos/branch/master"><img src="https://codecov.io/gh/cloudfoundry/stratos/branch/graph/badge.svg"/></a>
+[![GitHub release](https://img.shields.io/github/release/cloudfoundry/stratos.svg)](https://github.com/cloudfoundry/stratos/releases/latest)
+[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://github.com/cloudfoundry/stratos/blob/master/LICENSE)
 [![slack.cloudfoundry.org](https://slack.cloudfoundry.org/badge.svg)](https://cloudfoundry.slack.com/messages/C80EP4Y57/)
 
 Stratos is an Open Source Web-based UI (Console) for managing Cloud Foundry. It allows users and administrators to both manage applications running in the Cloud Foundry cluster and perform cluster management tasks.
 
 If you are looking for a version of Stratos, you can find ..
-- V1 in the [v1-master](https://github.com/cloudfoundry-incubator/stratos/tree/v1-master) branch.
-- V2 in the [v2-master](https://github.com/cloudfoundry-incubator/stratos/tree/v2-master) branch.
+- V1 in the [v1-master](https://github.com/cloudfoundry/stratos/tree/v1-master) branch.
+- V2 in the [v2-master](https://github.com/cloudfoundry/stratos/tree/v2-master) branch.
 
 ![Stratos Application view](docs/images/screenshots/app-summary.png)
 
@@ -40,7 +40,7 @@ Please see our [Troubleshooting](docs/troubleshooting) page.
 ## Project Planning
 We use [ZenHub](https://zenhub.com) for project planning. Feel free to head over to the [Boards](https://github.com/cloudfoundry-incubator/stratos#boards)
 tab and have a look through our pipelines and milestones. Please note in order to view the Github ZenHub Boards tab you will need the [ZenHub
-browser extension](https://www.zenhub.com/extension). Alternatively, to view the planning board without the extension visit our [ZenHub Project Page](https://app.zenhub.com/workspace/o/cloudfoundry-incubator/stratos/boards)
+browser extension](https://www.zenhub.com/extension). Alternatively, to view the planning board without the extension visit our [ZenHub Project Page](https://app.zenhub.com/workspace/o/cloudfoundry/stratos/boards)
 
 ## Further Reading
 
@@ -50,7 +50,7 @@ Get an [Overview](docs/overview.md) of Stratos, its components and the different
 
 Take a look at the [Development Roadmap](docs/roadmap.md) to see where we are heading. We update our status page each week to summarize what we are working on - see the [Status Page](docs/status_updates.md).
 
-Browse through features and issues in the project's [issues](https://github.com/cloudfoundry-incubator/stratos/issues) page or [Zenhub Board](https://github.com/cloudfoundry-incubator/stratos#boards).
+Browse through features and issues in the project's [issues](https://github.com/cloudfoundry/stratos/issues) page or [Zenhub Board](https://github.com/cloudfoundry-incubator/stratos#boards).
 
 What kind of code is in Stratos? We've integrated [Code Climate](https://codeclimate.com) for some code quality and maintainability metrics. Take a stroll around the [project page](https://codeclimate.com/github/cloudfoundry-incubator/stratos)
 

deploy/all-in-one/README.md

@@ -19,6 +19,16 @@ This can be done by adding the following to the docker run command shown in the
 ```
 -e SESSION_STORE_SECRET=<alphanumeric secret>
 ```
+## Configuring a local user account in place of a UAA
+
+By default the All-in-one image requires a UAA for user authentication. If this is not desired, the image can be configured to use a Stratos local user account. Edit the file ```deploy/all-in-one/config.all-in-one.properties``` and uncomment the following lines before building the container.
+
+```
+#AUTH_ENDPOINT_TYPE=local
+#LOCAL_USER=localuser
+#LOCAL_USER_PASSWORD=localuserpass
+#LOCAL_USER_SCOPE=stratos.admin
+```
 
 ## Building the container:
 
@@ -43,7 +53,7 @@ Stratos should now be accessible at the following URL:
 
 https://localhost:4443
 
-You will be presented with the Stratos Setup welcome screen - you will need to enter your UAA information to configure Stratos. Once complete, you will be able to login with your credentials.
+If using a UAA, you will be presented with the Stratos Setup welcome screen - you will need to enter your UAA information to configure Stratos. Once complete, you will be able to login with your credentials. If you have configured the container to use a local user account instead of a UAA, log in with the credentials specified in the configuration file.
 
 ## Persisting the Database
 
@@ -141,4 +151,4 @@ buildpack: unknown
 
 > Note: In this example we are pushing with the application name `stratos`
 
-> Note: By default the All-in-one image has SSL Validation disabled when authenticating with Cloud Foundry and the UAA - this allows it to work out of the box with environments like PCF Dev. If this is not the behavior you desire, edit the file `deploy/all-in-one/config.all-in-one.properties` and change the `SKIP_SSL_VALIDATION` as desired before building and publishing the image.
+> Note: By default the All-in-one image has SSL Validation disabled when authenticating with Cloud Foundry and the UAA - this allows it to work out of the box with environments like PCF Dev. If this is not the behavior you desire, edit the file `deploy/all-in-one/config.all-in-one.properties` and change the `SKIP_SSL_VALIDATION` as desired before building and publishing the image.

deploy/ci/automation/helmtest.sh

@@ -18,7 +18,7 @@ set -e
 
 NAME=stratos-test
 NAMESPACE=stratos-ns
-HELM_REPO=https://cloudfoundry-incubator.github.io/stratos
+HELM_REPO=https://cloudfoundry.github.io/stratos
 HELM_REPO_NAME=cfstratos
 
 DEV_IMAGE_VERSION=2.0.0-dev

deploy/cloud-foundry/README.md

@@ -73,7 +73,7 @@ and binding a database service instance to Stratos - for more information see [h
 To do so, `clone` the **stratos** repository, `cd` into the newly cloned repository and `push` to Cloud Foundry. This can be done with:
 
 ```
-git clone https://github.com/cloudfoundry-incubator/stratos
+git clone https://github.com/cloudfoundry/stratos
 cd stratos
 git checkout tags/stable -b stable
 ./build/store-git-metadata.sh
@@ -91,7 +91,7 @@ If you wish to enable AOT or reduce the push time, you can pre-build the UI befo
 This can be done with:
 
 ```
-git clone https://github.com/cloudfoundry-incubator/stratos
+git clone https://github.com/cloudfoundry/stratos
 cd stratos
 npm install
 npm run prebuild-ui
@@ -289,7 +289,7 @@ applications:
   disk_quota: 256M
   host: console
   timeout: 180
-  buildpack: https://github.com/cloudfoundry-incubator/stratos-buildpack
+  buildpack: https://github.com/cloudfoundry/stratos-buildpack
   health-check-type: port
   env:
     CF_API_URL: https://<<CLOUD FOUNDRY API ENDPOINT>>>
@@ -306,7 +306,7 @@ applications:
   disk_quota: 256M
   host: console
   timeout: 180
-  buildpack: https://github.com/cloudfoundry-incubator/stratos-buildpack
+  buildpack: https://github.com/cloudfoundry/stratos-buildpack
   health-check-type: port
   env:
     CF_API_FORCE_SECURE: true

deploy/kubernetes/README.md

@@ -18,6 +18,7 @@ The following guide details how to deploy Stratos in Kubernetes.
   * [Specifying an External IP](#specifying-an-external-ip)
   * [Upgrading your deployment](#upgrading-your-deployment)
   * [Specifying UAA configuration](#specifying-uaa-configuration)
+  * [Configuring a local user account](#configuring-a-local-user-account)
   * [Specifying a custom Storage Class](#specifying-a-custom-storage-class)
     + [Providing Storage Class override](#providing-storage-class-override)
     + [Create a default Storage Class](#create-a-default-storage-class)
@@ -75,11 +76,13 @@ You can deploy Stratos from one of three different sources:
 1. Using an archive file containing a given release of our Helm chart
 1. Using the latest Helm chart directly from out GitHub repository
 
+> **Note**: By default each deployment method deploys Stratos with its default user authentication mechanism - which requires a UAA. If you wish to use Stratos without the requirement for a UAA component, use the deployment commands from the following section below: [Configuring a local user account](#configuring-a-local-user-account). All other steps for each deployment method remain the same, as detailed in the following sections.
+
 ### Deploy using the Helm repository
 
 Add the Helm repository to your helm installation
 ```
-helm repo add stratos https://cloudfoundry-incubator.github.io/stratos
+helm repo add stratos https://cloudfoundry.github.io/stratos
 ```
 Check the repository was successfully added by searching for the `console`
 ```
@@ -102,7 +105,7 @@ After the install, you should be able to access the Console in a web browser by
 
 ### Deploy using an archive of the Helm Chart
 
-Helm chart archives are available for Stratos releases from our GitHub repository, under releases - see https://github.com/cloudfoundry-incubator/stratos/releases.
+Helm chart archives are available for Stratos releases from our GitHub repository, under releases - see https://github.com/cloudfoundry/stratos/releases.
 
 Download the appropriate release `console-helm-chart.X.Y.Z.tgz` from the GitHub repository and unpack the archive to a local folder. The Helm Chart will be extracted to a sub-folder named `console`.
 
@@ -119,7 +122,7 @@ helm install console --namespace=console --name my-console
 Clone the Stratos GitHub repository:
 
 ```
-git clone https://github.com/cloudfoundry-incubator/stratos.git
+git clone https://github.com/cloudfoundry/stratos.git
 ```
 
 Open a terminal and cd to the `deploy/kubernetes` directory:
@@ -248,6 +251,30 @@ To install Stratos with the above specified configuration:
 $ helm install stratos/console -f uaa-config.yaml
 ```
 
+### Configuring a local user account
+
+This allows for deployment without a UAA. To enable the local user account, supply a password for the local user in the deployment command, as follows. All other steps for each deployment method should be followed as in the preceding sections above.
+
+To deploy using our Helm repository:
+
+```
+helm install stratos/console --namespace=console --name my-console --set console.localAdminPassword=<password>
+```
+
+To deploy using an archive file containing a given release of our Helm chart
+
+```
+helm install console --namespace=console --name my-console --set console.localAdminPassword=<password>
+```
+
+To deploy using the latest Helm chart directly from out GitHub repository
+
+```
+$ helm install console --namespace console --name my-console --set console.localAdminPassword=<password>
+```
+
+For console access via the local user account see: [*Accessing the Console*](#accessing-the-console)
+
 ### Specifying a custom Storage Class 
 
 If no default storage class has been defined in the Kubernetes cluster. The Stratos helm chart will fail to deploy successfully. To check if a `default` storage class exists, you can list your configured storage classes with `kubectl`. If no storage class has `(default)` after it, then you need to either specify a storage class override or declare a default storage class for your Kubernetes cluster.

deploy/tools/generate_cert.sh

@@ -1,18 +1,48 @@
 #!/bin/bash
 
+DIRPATH="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+
+# Make sure we add extensions to be compatible with https://support.apple.com/en-us/HT210176
+
 # Settings
 devcerts_path=${CERTS_PATH:-portal-proxy-output/dev-certs}
 domain=${DEV_CERTS_DOMAIN:-pproxy}
-commonname=127.0.0.1
-country=UK
-state=Bristol
-locality=Bristol
-organization=SUSE
-organizationalunit=CAP
-email=SUSE
+
+CERT_CONFIG_FILE=${DIRPATH}/stratos_certgen.config
+
+cat <<EOF > ${CERT_CONFIG_FILE}
+[ req ]
+prompt = no
+default_bits        = 2048
+distinguished_name  = subject
+req_extensions      = v3_req
+x509_extensions     = v3_req
+
+[ subject ]
+countryName          = GB
+stateOrProvinceName  = Bristol
+organizationName     = StratosDeveloper
+commonName           = 1.2.3.4
+
+[ v3_req ]
+authorityKeyIdentifier=keyid,issuer
+basicConstraints = CA:FALSE
+keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
+extendedKeyUsage = serverAuth, clientAuth
+subjectAltName = @alt_names
+nsCertType = server
+
+[ alt_names ]
+DNS.0 = 1.2.3.4
+DNS.1 = 1.2.3.4
+EOF
 
 # Generate a key and cert
 echo "Generating key and cert for $domain"
 mkdir -p ${devcerts_path}
-openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ${devcerts_path}/$domain.key -out ${devcerts_path}/$domain.crt \
-  -subj "/C=$country/ST=$state/L=$locality/O=$organization/OU=$organizationalunit/CN=$commonname/emailAddress=$email"
+
+openssl req -config ${CERT_CONFIG_FILE} -new -x509 -nodes -days 365 -newkey rsa:2048 -sha256 -keyout ${devcerts_path}/$domain.key -out ${devcerts_path}/$domain.crt
+
+rm -f ${CERT_CONFIG_FILE}
+
+echo "Certificate generated"

docs/access.md

@@ -1,6 +1,6 @@
 # Accessing Stratos
 
-Depending on the deployment mode, you may require access to an UAA.
+Depending on the deployment mode, you may require access to an UAA. Stratos also has the option to configure a local user account which removes the need for a UAA in non-Cloud Foundry deployments.
 
 ## Cloud Foundry deployment
 
@@ -9,7 +9,15 @@ Therefore, the login credentials will be the CF credentials for the user. A Clou
 
 ## Kubernetes deployment
 
-In a Kubernetes deployment using Helm, no UAA instance is deployed. Therefore users need to provide their own UAA to against.
+In a Kubernetes deployment using Helm, no UAA instance is deployed. Users have the choice to either provide their own UAA to authenticate against, or alternatively Stratos may be configured at deployment, to use a local user account.
+
+## Docker, single container deployment
+
+The single container deployment does not contain a UAA. The instructions specified for a Kubernetes deployment apply to this, including the local user account option.
+
+## Console Login
+
+### Log in to Stratos With UAA
 
 The Console will start in a setup mode and users will be need to provide the following to complete the setup:
 1. UAA Endpoint
@@ -19,11 +27,17 @@ The Console will start in a setup mode and users will be need to provide the fol
 
 Once the user provides this information, the user will be able to select the scope which should be used to identify a Console admin.
 
-# Docker, single container deployment
+### Log in to Stratos with local user account
+
+**Helm deployment**
+
+With local user account configured, the console will present the login screen on startup. Log in with username: ```admin```, and the password you configured in the Stratos deployment command. The local user account has admin permissions.
+
+**Docker, single container deployment**
 
-The single container deployment does not contain a UAA, and all the instructions specified for a Kubernetes deployment apply to this.
+Log in to the console using the local user credentials you configured when building/deploying the container.
 
-# Quickly setting up a UAA for development
+### Quickly setting up a UAA for development
 
 1. We will setup two containers that are linked to each other
 ```

docs/cf-api-v2-usage.md

@@ -772,7 +772,7 @@ Endpoint | Inline Relations | Notes
 
 #### Others
 The include-relations property is populated by walking our relationship tree, so for a complete and exhaustive list of all possible
-relations please see the [`entity-factory.ts`](https://github.com/cloudfoundry-incubator/stratos/blob/master/src/frontend/app/store/helpers/entity-factory.ts).
+relations please see the [`entity-factory.ts`](https://github.com/cloudfoundry/stratos/blob/master/src/frontend/app/store/helpers/entity-factory.ts).
 
 In terms of api requests we also make use of...
 

docs/cf-api-v3.md

@@ -120,13 +120,13 @@ Then Stratos should either ..
   - To do this ...
     - Query params need to be converted when making v3 requests
     - v3 responses need to be converted into v2 format (entity/metadata, `<x>_url`, etc).
-- Update application deploy/lifecycle process to match new v3 process (https://github.com/cloudfoundry-incubator/stratos/issues/3150)
-- Support new 'processes' concept (https://github.com/cloudfoundry-incubator/stratos/issues/3154), including updating how
+- Update application deploy/lifecycle process to match new v3 process (https://github.com/cloudfoundry/stratos/issues/3150)
+- Support new 'processes' concept (https://github.com/cloudfoundry/stratos/issues/3154), including updating how
   we determine application state
 - Fully investigate non `get` methods (create an application, delete a space, etc)
 - Related Issues
-  - https://github.com/cloudfoundry-incubator/stratos/issues/2922
-  - https://github.com/cloudfoundry-incubator/stratos/issues/3149 (Container issue for related v3 api process changes)
+  - https://github.com/cloudfoundry/stratos/issues/2922
+  - https://github.com/cloudfoundry/stratos/issues/3149 (Container issue for related v3 api process changes)
 
 ### Questions
 - ~~Will `include` cover children of children? For instance `app` --> `route` --> `domain`~~

docs/contributing.md

@@ -3,7 +3,7 @@
 ## Reporting issues
 
 Before reporting an issue, please check whether it has already been reported
-[here](https://github.com/cloudfoundry-incubator/stratos/issues). If this is the case, please:
+[here](https://github.com/cloudfoundry/stratos/issues). If this is the case, please:
 
 - Read all the comments to confirm that it's the same issue you're having.
 - Refrain from adding "same thing here" or "+1" comments. Just hit the