feat: add openziti to ui

* update Dockerfile to include dumb-init * update dependency to bootstrap dev.27 * implement zero trust * add config overrides Signed-off-by: dovholuknf <46322585+dovholuknf@users.noreply.github.com>
edgexfoundry · Mar 21, 2024 · bbc822d · bbc822d
1 parent 76c7bda
commit bbc822d
Show file tree

Hide file tree

Showing 10 changed files with 932 additions and 51 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -45,6 +45,7 @@ FROM alpine:3.18
 
 # Ensure using latest versions of all installed packages to avoid any recent CVEs
 RUN apk --no-cache upgrade
+RUN apk add --update --no-cache dumb-init
 
 EXPOSE 4000
 

diff --git a/cmd/edgex-ui-server/res/configuration.yaml b/cmd/edgex-ui-server/res/configuration.yaml
@@ -8,31 +8,67 @@ Service:
     HealthCheckInterval: 10s
     MaxRequestSize: 0
     RequestTimeout: 5s
+    SecurityOptions:
+        Mode: ""
+        OpenZitiController: "openziti:1280"
+        OpenZitiServiceName: "edgex.ui"
+    CORSConfiguration:
+        EnableCORS: true
+        CORSAllowCredentials: false
+        CORSAllowedOrigin: "https://*.edgex.ziti"
+        CORSAllowedMethods: "GET, POST, PUT, PATCH, DELETE"
+        CORSAllowedHeaders: "Authorization, Accept, Accept-Language, Content-Language, Content-Type, X-Correlation-ID"
+        CORSExposeHeaders: "Cache-Control, Content-Language, Content-Length, Content-Type, Expires, Last-Modified, Pragma, X-Correlation-ID"
+        CORSMaxAge: 3600
 Clients:
     core-data:
         Protocol: http
         Host: localhost
         Port: 59880
+        SecurityOptions:
+            Mode: ""
+            OpenZitiController: "openziti:1280"
+            OpenZitiServiceName: "edgex.core-data"
     core-metadata:
         Protocol: http
         Host: localhost
         Port: 59881
+        SecurityOptions:
+            Mode: ""
+            OpenZitiController: "openziti:1280"
+            OpenZitiServiceName: "edgex.core-metadata"
     core-command:
         Protocol: http
         Host: localhost
         Port: 59882
+        SecurityOptions:
+            Mode: ""
+            OpenZitiController: "openziti:1280"
+            OpenZitiServiceName: "edgex.core-command"
     support-notifications:
         Protocol: http
         Host: localhost
         Port: 59860
+        SecurityOptions:
+            Mode: ""
+            OpenZitiController: "openziti:1280"
+            OpenZitiServiceName: "edgex.support-notifications"
     support-scheduler:
         Protocol: http
         Host: localhost
         Port: 59861
+        SecurityOptions:
+            Mode: ""
+            OpenZitiController: "openziti:1280"
+            OpenZitiServiceName: "edgex.support-scheduler"
     rules-engine:
         Protocol: http
         Host: localhost
         Port: 59720
+        SecurityOptions:
+            Mode: ""
+            OpenZitiController: "openziti:1280"
+            OpenZitiServiceName: "edgex.rules-engine"
 Registry:
     Host: localhost
     Port: 8500

diff --git a/cmd/edgex-ui-server/res/docker/configuration.yaml b/cmd/edgex-ui-server/res/docker/configuration.yaml
@@ -8,31 +8,59 @@ Service:
     StartupMsg: edgex-ui-go service started
     MaxRequestSize: 0
     RequestTimeout: 5s
+    SecurityOptions:
+        Mode: ""
+        OpenZitiController: "openziti:1280"
+        OpenZitiServiceName: "edgex.core-command"
 Clients:
     core-data:
         Protocol: http
         Host: edgex-core-data
         Port: 59880
+        SecurityOptions:
+            Mode: ""
+            OpenZitiController: "openziti:1280"
+            OpenZitiServiceName: "edgex.core-data"
     core-metadata:
         Protocol: http
         Host: edgex-core-metadata
         Port: 59881
+        SecurityOptions:
+            Mode: ""
+            OpenZitiController: "openziti:1280"
+            OpenZitiServiceName: "edgex.core-metadata"
     core-command:
         Protocol: http
         Host: edgex-core-command
         Port: 59882
+        SecurityOptions:
+            Mode: ""
+            OpenZitiController: "openziti:1280"
+            OpenZitiServiceName: "edgex.core-command"
     support-notifications:
         Protocol: http
         Host: edgex-support-notifications
         Port: 59860
+        SecurityOptions:
+            Mode: ""
+            OpenZitiController: "openziti:1280"
+            OpenZitiServiceName: "edgex.support-notifications"
     support-scheduler:
         Protocol: http
         Host: edgex-support-scheduler
         Port: 59861
+        SecurityOptions:
+            Mode: ""
+            OpenZitiController: "openziti:1280"
+            OpenZitiServiceName: "edgex.support-scheduler"
     rules-engine:
         Protocol: http
         Host: edgex-kuiper
         Port: 59720
+        SecurityOptions:
+            Mode: ""
+            OpenZitiController: "openziti:1280"
+            OpenZitiServiceName: "edgex.rules-engine"
 Registry:
     Host: edgex-core-consul
     Port: 8500

diff --git a/go.mod b/go.mod
@@ -3,35 +3,57 @@ module github.com/edgexfoundry/edgex-ui-go
 go 1.21
 
 require (
-	github.com/edgexfoundry/go-mod-bootstrap/v3 v3.2.0-dev.22
+	github.com/edgexfoundry/go-mod-bootstrap/v3 v3.2.0-dev.27
 	github.com/edgexfoundry/go-mod-configuration/v3 v3.2.0-dev.3
-	github.com/edgexfoundry/go-mod-core-contracts/v3 v3.2.0-dev.8
+	github.com/edgexfoundry/go-mod-core-contracts/v3 v3.2.0-dev.13
 	github.com/edgexfoundry/go-mod-registry/v3 v3.2.0-dev.3
 	github.com/gorilla/mux v1.8.1
+	github.com/openziti/sdk-golang v0.23.13
 	gopkg.in/yaml.v3 v3.0.1
 )
 
 require (
 	github.com/Microsoft/go-winio v0.6.1 // indirect
 	github.com/armon/go-metrics v0.4.1 // indirect
+	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
 	github.com/cenkalti/backoff v2.2.1+incompatible // indirect
+	github.com/cenkalti/backoff/v4 v4.2.1 // indirect
 	github.com/eclipse/paho.mqtt.golang v1.4.3 // indirect
-	github.com/edgexfoundry/go-mod-messaging/v3 v3.2.0-dev.12 // indirect
+	github.com/edgexfoundry/go-mod-messaging/v3 v3.2.0-dev.14 // indirect
 	github.com/edgexfoundry/go-mod-secrets/v3 v3.2.0-dev.5 // indirect
 	github.com/fatih/color v1.14.1 // indirect
+	github.com/fsnotify/fsnotify v1.7.0 // indirect
+	github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa // indirect
 	github.com/fxamacker/cbor/v2 v2.6.0 // indirect
 	github.com/gabriel-vasile/mimetype v1.4.3 // indirect
 	github.com/go-jose/go-jose/v3 v3.0.3 // indirect
 	github.com/go-kit/log v0.2.1 // indirect
 	github.com/go-logfmt/logfmt v0.5.1 // indirect
+	github.com/go-logr/logr v1.4.1 // indirect
+	github.com/go-logr/stdr v1.2.2 // indirect
+	github.com/go-ole/go-ole v1.2.6 // indirect
+	github.com/go-openapi/analysis v0.23.0 // indirect
+	github.com/go-openapi/errors v0.22.0 // indirect
+	github.com/go-openapi/jsonpointer v0.21.0 // indirect
+	github.com/go-openapi/jsonreference v0.21.0 // indirect
+	github.com/go-openapi/loads v0.22.0 // indirect
+	github.com/go-openapi/runtime v0.28.0 // indirect
+	github.com/go-openapi/spec v0.21.0 // indirect
+	github.com/go-openapi/strfmt v0.23.0 // indirect
+	github.com/go-openapi/swag v0.23.0 // indirect
+	github.com/go-openapi/validate v0.24.0 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
-	github.com/go-playground/validator/v10 v10.18.0 // indirect
+	github.com/go-playground/validator/v10 v10.19.0 // indirect
 	github.com/go-redis/redis/v7 v7.3.0 // indirect
+	github.com/go-resty/resty/v2 v2.12.0 // indirect
 	github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
+	github.com/golang-jwt/jwt/v5 v5.2.0 // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
 	github.com/google/uuid v1.6.0 // indirect
-	github.com/gorilla/websocket v1.5.0 // indirect
+	github.com/gorilla/schema v1.2.0 // indirect
+	github.com/gorilla/securecookie v1.1.1 // indirect
+	github.com/gorilla/websocket v1.5.1 // indirect
 	github.com/hashicorp/consul/api v1.27.0 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
@@ -41,36 +63,78 @@ require (
 	github.com/hashicorp/go-rootcerts v1.0.2 // indirect
 	github.com/hashicorp/golang-lru v0.5.4 // indirect
 	github.com/hashicorp/serf v0.10.1 // indirect
+	github.com/josharian/intern v1.0.0 // indirect
+	github.com/kataras/go-events v0.0.3 // indirect
 	github.com/klauspost/compress v1.17.2 // indirect
 	github.com/labstack/echo/v4 v4.11.4 // indirect
 	github.com/labstack/gommon v0.4.2 // indirect
 	github.com/leodido/go-urn v1.4.0 // indirect
+	github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
+	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d // indirect
+	github.com/michaelquigley/pfxlog v0.6.10 // indirect
+	github.com/miekg/pkcs11 v1.1.1 // indirect
 	github.com/mitchellh/consulstructure v0.0.0-20190329231841-56fdc4d2da54 // indirect
 	github.com/mitchellh/copystructure v1.2.0 // indirect
 	github.com/mitchellh/go-homedir v1.1.0 // indirect
+	github.com/mitchellh/go-ps v1.0.0 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/mitchellh/reflectwalk v1.0.2 // indirect
+	github.com/muhlemmer/gu v0.3.1 // indirect
 	github.com/nats-io/nats.go v1.33.1 // indirect
 	github.com/nats-io/nkeys v0.4.7 // indirect
 	github.com/nats-io/nuid v1.0.1 // indirect
+	github.com/oklog/ulid v1.3.1 // indirect
+	github.com/opentracing/opentracing-go v1.2.0 // indirect
+	github.com/openziti/channel/v2 v2.0.121 // indirect
+	github.com/openziti/edge-api v0.26.13 // indirect
+	github.com/openziti/foundation/v2 v2.0.39 // indirect
+	github.com/openziti/identity v1.0.72 // indirect
+	github.com/openziti/metrics v1.2.47 // indirect
+	github.com/openziti/secretstream v0.1.17 // indirect
+	github.com/openziti/transport/v2 v2.0.124 // indirect
+	github.com/orcaman/concurrent-map/v2 v2.0.1 // indirect
+	github.com/parallaxsecond/parsec-client-go v0.0.0-20221025095442-f0a77d263cf9 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
+	github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
 	github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 // indirect
+	github.com/shirou/gopsutil/v3 v3.24.1 // indirect
+	github.com/shoenig/go-m1cpu v0.1.6 // indirect
+	github.com/sirupsen/logrus v1.9.3 // indirect
+	github.com/speps/go-hashids v2.0.0+incompatible // indirect
 	github.com/spiffe/go-spiffe/v2 v2.1.7 // indirect
+	github.com/tklauser/go-sysconf v0.3.12 // indirect
+	github.com/tklauser/numcpus v0.6.1 // indirect
 	github.com/valyala/bytebufferpool v1.0.0 // indirect
 	github.com/valyala/fasttemplate v1.2.2 // indirect
 	github.com/x448/float16 v0.8.4 // indirect
+	github.com/yusufpapurcu/wmi v1.2.3 // indirect
 	github.com/zeebo/errs v1.3.0 // indirect
-	golang.org/x/crypto v0.19.0 // indirect
+	github.com/zitadel/oidc/v2 v2.12.0 // indirect
+	go.mongodb.org/mongo-driver v1.14.0 // indirect
+	go.mozilla.org/pkcs7 v0.0.0-20200128120323-432b2356ecb1 // indirect
+	go.opentelemetry.io/otel v1.24.0 // indirect
+	go.opentelemetry.io/otel/metric v1.24.0 // indirect
+	go.opentelemetry.io/otel/trace v1.24.0 // indirect
+	golang.org/x/crypto v0.21.0 // indirect
 	golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63 // indirect
 	golang.org/x/mod v0.12.0 // indirect
-	golang.org/x/net v0.21.0 // indirect
-	golang.org/x/sync v0.4.0 // indirect
-	golang.org/x/sys v0.17.0 // indirect
+	golang.org/x/net v0.22.0 // indirect
+	golang.org/x/oauth2 v0.16.0 // indirect
+	golang.org/x/sync v0.6.0 // indirect
+	golang.org/x/sys v0.18.0 // indirect
+	golang.org/x/term v0.18.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	golang.org/x/time v0.5.0 // indirect
 	golang.org/x/tools v0.12.1-0.20230815132531-74c255bcf846 // indirect
+	google.golang.org/appengine v1.6.8 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20231016165738-49dd2c1f3d0b // indirect
 	google.golang.org/grpc v1.60.1 // indirect
 	google.golang.org/protobuf v1.33.0 // indirect
+	gopkg.in/square/go-jose.v2 v2.6.0 // indirect
+	nhooyr.io/websocket v1.8.10 // indirect
 )
+
+replace github.com/edgexfoundry/go-mod-bootstrap/v3 => github.com/edgexfoundry/go-mod-bootstrap/v3 v3.2.0-dev.27