Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New docker image, dockerfile and cie integration #55

Merged
merged 101 commits into from
Jan 31, 2023
Merged

New docker image, dockerfile and cie integration #55

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
101 commits
Select commit Hold shift + click to select a range
47d60e1
CIE Auth example
MdreW Mar 30, 2022
4905227
Aggiunto test metadata CIE
MdreW Mar 30, 2022
8a2e1fd
Agginugto backend cie nella configurazione di default
MdreW Mar 30, 2022
a2e6b88
Aggiunta descrizione CIE e sostituito br con margine via CSS
MdreW Mar 30, 2022
c6bf884
Aggiunto test metadata ficep
MdreW Mar 30, 2022
e23ee16
Config with enviroments and added utility script
MdreW May 9, 2022
aca34eb
added "SATOSA_" prefix for proxy_conf.yaml
MdreW May 9, 2022
3ee22b7
Merge branch 'italia:master' into master
MdreW May 19, 2022
c2fcc5b
Merge branch 'master' of github.com:IDEM-GARR-AAI/Satosa-Saml2Spid
MdreW May 19, 2022
00224fa
Fix name variable
MdreW May 19, 2022
8e70fd7
Changed delimiter for not skip slash
MdreW May 19, 2022
2b9eea4
Aggiunta directory con Satosa-Saml2Spid Docker (Image e Compose) para…
scolagreco May 26, 2022
8ee0734
All configuration for public entity from env
MdreW May 30, 2022
eec4b44
Aggiornato con le ultime modifiche fatte.
scolagreco Jun 13, 2022
3c0ca44
Merge pull request #1 from IDEM-GARR-AAI/docker
MdreW Jun 13, 2022
a928ff0
Configurazioni senza ENV
MdreW Jun 13, 2022
c3e47b4
installazione yq
MdreW Jun 13, 2022
f89ee5d
configurazioni con variabili tramite docker-run
MdreW Jun 15, 2022
60e7772
fix comment
MdreW Jun 15, 2022
156adac
In Satosa-Saml2Spid-Docker: Aggiornato Dockerfile e modificati file i…
scolagreco Jun 17, 2022
f7331bf
now update saml2_frontend.yaml with env
MdreW Jun 20, 2022
a82072b
now update saml2_frontend.yaml with env
MdreW Jun 20, 2022
36fee25
fixed yaml indentation
MdreW Jun 20, 2022
4c81f65
Merge branch 'master' of github.com:IDEM-GARR-AAI/Satosa-Saml2Spid
MdreW Jun 20, 2022
7800a7c
Aggiornato demo run in compose
MdreW Jun 20, 2022
f58049e
default logger su console
MdreW Jun 21, 2022
f4508ad
docker su http (nginx farà da proxy)
MdreW Jun 21, 2022
c1ec01f
Aggiunte variabili $SATOSA_MONGOBD_USERNAME e $SATOSA_MONGODB_PASSWOR…
MdreW Jun 21, 2022
36ffe33
Unificate le chiavi per encryptio_key e salt tramite variabile
MdreW Jun 22, 2022
cec7019
Rimossi file obsoleti, Configurazione spostata in demo-run.sh
MdreW Jun 22, 2022
8b4de2d
demo-run.sh spostato in example e generalizzato per chi non utilizza …
MdreW Jun 24, 2022
fbf2914
Aggiunta variabile SATOSA_BY_SOCKER per eseguire soltanto satosa in http
MdreW Jun 24, 2022
3920408
demo configurazione nginx
MdreW Jun 24, 2022
76f7db2
Corretto test per funzione di sostituzione
MdreW Jun 24, 2022
a024684
Rinominato demo-run.sh in run.sh. Modificate righe update_yaml per va…
scolagreco Jun 24, 2022
0bcc285
Nel Dockerfile si parte dall'immagine ufficiale e si configura Europe…
scolagreco Jun 27, 2022
eb5eb9a
Spostato e rinominato vhost.conf. Usata la struttura di vhost.conf co…
scolagreco Jun 28, 2022
6b0c3c9
Nel Dockerfile messa ENV SATOSA_DISCO_SRV con il solito valore di def…
scolagreco Jul 1, 2022
b897fcd
In docker-compose.yml modificata SATOSA_UNKNOW_ERROR_REDIRECT_PAGE e …
scolagreco Jul 1, 2022
05608a1
Riportate nei file della rirectory example le modifiche fatte ai file…
scolagreco Jul 1, 2022
5bdc78a
Aggiornato run.sh in Satosa-Saml2Spid-Docker/example e example con le…
scolagreco Jul 1, 2022
6e30a18
Spostati Dockerfile (agginti i copy dei singoli file), directory exam…
scolagreco Jul 4, 2022
f73a96d
Controllata presenza di tutte gli enviroments, reinseriti in ordine a…
MdreW Jul 4, 2022
2da54c7
Nel docker-compose.yml, nel servizio satosa-nginx ho messo come defau…
scolagreco Jul 29, 2022
584aa08
Caricati crt e key di default (Certificato self-signed per localhost.…
scolagreco Aug 1, 2022
3445466
Aggiornate label al nuovo formato.
scolagreco Aug 2, 2022
45fc252
Ripulito da docker-compose e Dockerfile precedenti e non più utilizzati.
scolagreco Aug 2, 2022
1eace38
Removed unused ENV
MdreW Oct 3, 2022
8d29e8e
fixed some example value
MdreW Oct 3, 2022
459ccbc
fixed telephone example value
MdreW Oct 3, 2022
49f32e3
Merge branch 'italia:master' into master
MdreW Oct 4, 2022
7bc22b1
unambiguous telephone_number
MdreW Oct 4, 2022
ac2707a
Removed unused fix
MdreW Oct 10, 2022
5cd0699
Corretto errore nel path per sostituzione valori.
scolagreco Oct 11, 2022
47caa9b
Test variabili uniche mongodb e loro effettiva sostituzione.
scolagreco Oct 11, 2022
d712c17
add enviroments to readme
MdreW Oct 12, 2022
5814de6
updated enviroments
MdreW Oct 12, 2022
e9e8232
fixed default value
MdreW Oct 12, 2022
46ad8b1
Rinominato mongodb.env in .env, in questo modo le varibili vengono ut…
scolagreco Oct 12, 2022
68af8b9
Modificati nomi env generiche di mongo per non incorrere nel seguente…
scolagreco Oct 17, 2022
d038c2a
Corretto il link al README di mongo.
scolagreco Oct 17, 2022
9abcf71
Start docker image istruction
MdreW Oct 17, 2022
c0db095
Update README
MdreW Oct 17, 2022
e5c6b2d
Update README
MdreW Oct 17, 2022
52bbaa5
Modificato init-mongo, cambiato da .js a .sh e modificato per utilizz…
scolagreco Oct 17, 2022
70e2129
Merge branch 'master' of github.com:IDEM-GARR-AAI/Satosa-Saml2Spid
scolagreco Oct 17, 2022
2345768
Utilizzate le variabili MONGO_DBUSER e MONGO_DBPASSWORD anche nell'en…
scolagreco Oct 17, 2022
d37af83
Update README.mongo.md
scolagreco Oct 17, 2022
8af63c9
Merge pull request #2 from isprambiente/cie
MdreW Nov 7, 2022
d8b1bdf
metadata updated, added TeamSystem S.p.A
MdreW Nov 7, 2022
a986948
cie and spid/teamsystem to touting
MdreW Nov 7, 2022
5071c7a
removed ISPRA reference
MdreW Nov 10, 2022
5f2505c
fixed FICEP URL
MdreW Nov 10, 2022
a6b3c5a
try to upgrade actions
MdreW Nov 10, 2022
125833b
test with all active python version
MdreW Nov 10, 2022
4bf8886
update button with current spid logos
MdreW Nov 10, 2022
da4e130
updated discovery page with new SPID, CIE and IDEM
MdreW Nov 14, 2022
65bab33
Added MDQ server for SAML / IDEM
MdreW Nov 14, 2022
d131a52
CIE Updated by ENV
MdreW Nov 14, 2022
b51f201
ENV CONFIG for CIE
MdreW Nov 14, 2022
46e5438
fixed mdq syntax
MdreW Nov 14, 2022
620f6c3
realistic example data for test
MdreW Nov 14, 2022
e5a8fb8
Rinominato djangosaml2_sp in djangosaml2_sp.xml . Aggiunto .dockerign…
scolagreco Nov 14, 2022
19ba7a9
Corretto errore inserito nell'ultimo commit.
scolagreco Nov 14, 2022
ab569d2
Updated cert expired
MdreW Nov 19, 2022
938ff7a
Merge branch 'master' of github.com:italia/Satosa-Saml2Spid
MdreW Nov 22, 2022
961c735
Eliminati file doppioni usati nella composizione. Fatto script per la…
scolagreco Nov 22, 2022
2a6f369
Usato anche per i certificati di nginx il volume creato al primo avvio.
scolagreco Dec 5, 2022
ffd8648
Creata funzione per la creazione dei volumi in compose-Satosa-Saml2Sp…
scolagreco Dec 5, 2022
e78d015
Tolte le vecchie istruzioni che erano commentate in compose-Satosa-Sa…
scolagreco Dec 5, 2022
5202bf1
Creata funzione per la cancellazione dei volumi in compose-Satosa-Sam…
scolagreco Dec 14, 2022
60a2110
compose-Satosa-Saml2Spid/README.md - Ancora da completare e rivedere.
scolagreco Dec 19, 2022
3ec928c
Update README.md
MdreW Jan 9, 2023
5f5b67c
Update README.md
MdreW Jan 9, 2023
00d432b
impostato indirizzo wayf per IDEM
MdreW Jan 19, 2023
b6529a5
Merge branch 'master' of github.com:IDEM-GARR-AAI/Satosa-Saml2Spid
MdreW Jan 19, 2023
6838a99
fix some typo errors
MdreW Jan 19, 2023
b70b650
removed duplicated key
MdreW Jan 19, 2023
d3db2d6
Modifiche fatte. Ottimizzazione ssl ed aggiornamento immagine Docker.
scolagreco Jan 31, 2023
9b26830
Merge branch 'master' of github.com:italia/Satosa-Saml2Spid into ital…
MdreW Jan 31, 2023
3e224c0
Merge branch 'italia-master'
MdreW Jan 31, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions .dockerignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
# By default, ignore everything
*
# Add exception for the directories you actually want to include in the context
!example
!requirements.txt
!oids.conf
!build_spid_certs.sh
9 changes: 4 additions & 5 deletions .github/workflows/python-app.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,11 +72,10 @@ jobs:
cd example
spid_sp_test --idp-metadata > metadata/idp/spid-sp-test.xml
spid_sp_test --metadata-url https://localhost:10000/spidSaml2/metadata --authn-url "http://localhost:8000/saml2/login/?idp=https://localhost:10000/Saml2IDP/metadata&next=/saml2/echo_attributes&idphint=https%253A%252F%252Flocalhost%253A8080" -ap spid_sp_test.plugins.authn_request.SatosaSaml2Spid --extra --debug ERROR -tr
# TODO - PR WiP for CIE id integration
# - name: spid-sp-test CIE id metadata
# run: |
# cd example
# spid_sp_test --profile cie-sp-public --metadata-url https://localhost:10000/cieSaml2/metadata
- name: spid-sp-test CIE id metadata
run: |
cd example
spid_sp_test --profile cie-sp-public --metadata-url https://localhost:10000/cieSaml2/metadata
- name: spid-sp-test eIDAS FiCEP metadata
run: |
cd example
Expand Down
74 changes: 44 additions & 30 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,19 +1,6 @@
FROM alpine:3.12.3
MAINTAINER Giuseppe De Marco <demarcog83@gmail.com>

RUN apk update
RUN apk add xmlsec libffi-dev libressl-dev python3 py3-pip python3-dev procps git openssl build-base gcc wget bash
FROM alpine:3.13.5

ENV BASEDIR="/satosa_proxy"
COPY example/ $BASEDIR/
COPY requirements.txt $BASEDIR/

# demo certificates
RUN mkdir $BASEDIR/pki/
COPY oids.conf $BASEDIR/pki/
COPY build_spid_certs.sh $BASEDIR/pki/
WORKDIR $BASEDIR/pki/
RUN chmod 755 $BASEDIR/pki/build_spid_certs.sh

ENV COMMON_NAME="SPID example proxy"
ENV LOCALITY_NAME="Roma"
Expand All @@ -24,24 +11,51 @@ ENV SPID_SECTOR="public"
ENV URI="https://spid.proxy.example.org"
ENV DAYS="7300"

RUN $BASEDIR/pki/build_spid_certs.sh
ENV SATOSA_DISCO_SRV="https://localhost:9999/disco.html"

WORKDIR $BASEDIR/
RUN pip3 install -r requirements.txt --ignore-installed
RUN apk add --update --no-cache tzdata \
&& cp /usr/share/zoneinfo/Europe/Rome /etc/localtime \
&& echo "Europe/Rome" > /etc/timezone \
&& apk del tzdata

# Metadata
RUN mkdir -p metadata/idp
RUN mkdir -p metadata/sp
COPY example/ $BASEDIR/
COPY requirements.txt $BASEDIR/
COPY oids.conf $BASEDIR/pki/
COPY build_spid_certs.sh $BASEDIR/pki/
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

deprecated, we should use spid-compliant-certificates for this

build_spid_certs.sh should be removed from this repository


# COPY Metadata
ARG SP_METADATA_URL
ARG IDP_METADATA_URL
RUN wget $SP_METADATA_URL -O metadata/sp/my-sp.xml --no-check-certificate
RUN wget $IDP_METADATA_URL -O metadata/idp/my-idp.xml --no-check-certificate
RUN wget https://registry.spid.gov.it/metadata/idp/spid-entities-idps.xml -O metadata/idp/spid-entities-idps.xml
RUN apk add --update xmlsec libffi-dev libressl-dev python3 py3-pip python3-dev procps git openssl build-base gcc wget bash jq \
&& cd $BASEDIR/pki/ \
&& chmod 755 $BASEDIR/pki/build_spid_certs.sh \
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

here spid-compliant-certificates insteadl of build_spid_certs

&& $BASEDIR/pki/build_spid_certs.sh \
&& cd $BASEDIR/ \
&& pip3 install --upgrade pip \
&& pip3 install yq \
&& pip3 install -r requirements.txt --ignore-installed \
&& wget https://registry.spid.gov.it/metadata/idp/spid-entities-idps.xml -O metadata/idp/spid-entities-idps.xml \
&& adduser --disabled-password wert \
&& chown -R wert . \
&& chmod +x run.sh

USER wert

RUN adduser --disabled-password wert
RUN chown -R wert .
WORKDIR $BASEDIR/

COPY demo-run.sh .
CMD bash demo-run.sh
CMD bash run.sh

# Metadata params
ARG BUILD_DATE
ARG VERSION
ARG VCS_URL="https://github.com/italia/Satosa-Saml2Spid.git"
ARG VCS_REF
ARG AUTHORS
ARG VENDOR

# Metadata : https://github.com/opencontainers/image-spec/blob/main/annotations.md
LABEL org.opencontainers.image.authors=$AUTHORS \
org.opencontainers.image.vendor=$VENDOR \
org.opencontainers.image.title="Satosa-Saml2Spid" \
org.opencontainers.image.created=$BUILD_DATE \
org.opencontainers.image.version=$VERSION \
org.opencontainers.image.source=$VCS_URL \
org.opencontainers.image.revision=$VCS_REF \
org.opencontainers.image.description="Docker Image di Satosa-Saml2Spid."
Loading