From 139134f1f32c18cdc805a83fcb4767f8a6ef695a Mon Sep 17 00:00:00 2001 From: Kevin McAnoy Date: Mon, 7 Oct 2019 15:27:45 -0700 Subject: [PATCH 1/6] pull plugin jar from latest release --- example/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/example/Dockerfile b/example/Dockerfile index 5cf9f31..2371ff8 100644 --- a/example/Dockerfile +++ b/example/Dockerfile @@ -10,7 +10,7 @@ RUN cp -a /opt/sonarqube/data /opt/sonarqube/data-init && \ chown root:root /opt/sonarqube && chmod -R gu+rwX /opt/sonarqube ADD plugins.sh /opt/sonarqube/bin/plugins.sh RUN /opt/sonarqube/bin/plugins.sh $sonar_plugins -ADD sonar-auth-openshift-plugin-1.1.0.jar /opt/sonarqube/extensions-init/plugins/sonar-auth-openshift-plugin-1.1.0.jar +ADD https://github.com/rht-labs/sonar-auth-openshift/releases/latest/download/sonar-auth-openshift-plugin.jar /opt/sonarqube/extensions-init/plugins/sonar-auth-openshift-plugin-1.1.0.jar RUN chown root:root /opt/sonarqube -R; \ chmod 6775 /opt/sonarqube -R USER 1001 From dd90950f484178d7fbbd043468ed69731604d7ad Mon Sep 17 00:00:00 2001 From: Kevin McAnoy Date: Wed, 9 Oct 2019 07:56:33 -0700 Subject: [PATCH 2/6] up to 7.9.1 --- example/inventory/group_vars/all.yml | 6 +++--- example/sonar.properties | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/example/inventory/group_vars/all.yml b/example/inventory/group_vars/all.yml index 25ac9fb..11b6482 100755 --- a/example/inventory/group_vars/all.yml +++ b/example/inventory/group_vars/all.yml @@ -5,11 +5,11 @@ sonarqube_name: sonarqube sonarqube: build: NAME: "{{ sonarqube_name }}" - SOURCE_REPOSITORY_URL: "https://github.com/rht-labs/sonar-auth-openshift.git" - SOURCE_REPOSITORY_REF: "master" + SOURCE_REPOSITORY_URL: "https://github.com/mcanoy/sonar-auth-openshift.git" + SOURCE_REPOSITORY_REF: "sonar7.9.1" SOURCE_CONTEXT_DIR: example FROM_DOCKER_IMAGE: sonarqube - FROM_DOCKER_TAG: "7.7-community" + FROM_DOCKER_TAG: "7.9.1-community" FROM_DOCKER_IMAGE_REGISTRY_URL: "docker.io/sonarqube" postgresql: POSTGRESQL_DATABASE: sonar diff --git a/example/sonar.properties b/example/sonar.properties index 85df06d..b440207 100644 --- a/example/sonar.properties +++ b/example/sonar.properties @@ -15,4 +15,4 @@ sonar.auth.openshift.button.color=#000000 sonar.auth.openshift.sar.groups=sonarqube_admin=sonar-administrators,sonarqube_user=sonar-users ignore.certs=false #oauth.cert=/opt/sonarqube/conf/oauth.crt - +sonar.search.javaAdditionalOpts=-Dnode.store.allow_mmapfs=false From a96a166a2768d2e4b63faafe5cdcad12f30d9a3e Mon Sep 17 00:00:00 2001 From: Kevin McAnoy Date: Sun, 13 Oct 2019 23:29:20 -0700 Subject: [PATCH 3/6] Ability to change name the route something other than sonarqube --- README.md | 12 ++++++++++++ example/sonar.properties | 1 + example/templates/sonarqube-deploy.yml | 12 ++++++------ .../auth/openshift/OpenShiftConfiguration.java | 3 ++- 4 files changed, 21 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index ec08256..2658f6f 100644 --- a/README.md +++ b/README.md @@ -85,6 +85,18 @@ kubernetes.service=https://${env:KUBERNETES_SERVICE_HOST}:${env:KUBERNETES_SERVI See the example set up using the [OpenShift Applier](https://github.com/redhat-cop/openshift-applier) [here](example/README.md) +### Configuration Table + +| Config | Purpose | +| ------------- |-------------| +| sonar.auth.openshift.sar.groups | A map converting OpenShift groups to Sonarqube roles | +| sonar.auth.openshift.route.name | The name of the route. Must also be defined in the service account (See example template) | +| oauth.cert | File system location of the certificate | +| ignore.certs | Option to ignore certificates. Not recommended for production | +| kubernetes.service | The url of the api server with port if necessary | +| sonar.auth.openshift.isEnabled | Ability to control whether to user this plugin | +| sonar.auth.openshift.button.color | The hex color of the login button (#666666) | + ### License Licensed under the [Apache License](http://www.apache.org/licenses/LICENSE-2.0.txt) diff --git a/example/sonar.properties b/example/sonar.properties index b440207..a89f271 100644 --- a/example/sonar.properties +++ b/example/sonar.properties @@ -16,3 +16,4 @@ sonar.auth.openshift.sar.groups=sonarqube_admin=sonar-administrators,sonarqube_u ignore.certs=false #oauth.cert=/opt/sonarqube/conf/oauth.crt sonar.search.javaAdditionalOpts=-Dnode.store.allow_mmapfs=false +#sonar.auth.openshift.route.name=customname diff --git a/example/templates/sonarqube-deploy.yml b/example/templates/sonarqube-deploy.yml index d27baf4..6b807a4 100644 --- a/example/templates/sonarqube-deploy.yml +++ b/example/templates/sonarqube-deploy.yml @@ -7,7 +7,7 @@ objects: kind: ServiceAccount metadata: annotations: - serviceaccounts.openshift.io/oauth-redirectreference.sonarqube: '{"kind":"OAuthRedirectReference","apiVersion":"v1","reference":{"kind":"Route","name":"sonarqube"}}' + serviceaccounts.openshift.io/oauth-redirectreference.sonarqube: '{"kind":"OAuthRedirectReference","apiVersion":"v1","reference":{"kind":"Route","name":"${ROUTE_NAME}"}}' name: sonarqube - apiVersion: v1 kind: RoleBinding @@ -145,7 +145,7 @@ objects: metadata: labels: app: sonarqube - name: sonarqube + name: "${ROUTE_NAME}" spec: port: targetPort: 9000-tcp @@ -183,10 +183,10 @@ parameters: displayName: SonarQube Storage Space Size required: true value: 5Gi - - name: SONAR_AUTH_REALM - value: '' - description: The type of authentication that SonarQube should be using (None or LDAP) (Ref - https://docs.sonarqube.org/display/PLUG/LDAP+Plugin) - displayName: SonarQube Authentication Realm + - name: ROUTE_NAME + value: sonarqube + description: The name of the route for sonarqube + displayName: SonarQube Route Name - name: SONAR_AUTOCREATE_USERS value: 'false' description: When using an external authentication system, should SonarQube automatically create accounts for users? diff --git a/src/main/java/com/rhc/sonarqube/auth/openshift/OpenShiftConfiguration.java b/src/main/java/com/rhc/sonarqube/auth/openshift/OpenShiftConfiguration.java index c96c043..f6ffc57 100644 --- a/src/main/java/com/rhc/sonarqube/auth/openshift/OpenShiftConfiguration.java +++ b/src/main/java/com/rhc/sonarqube/auth/openshift/OpenShiftConfiguration.java @@ -38,6 +38,7 @@ public class OpenShiftConfiguration { private static final String SUBCATEGORY = "Authentication"; private static final String OPENSHIFT_GROUP_MAPPING = "sonar.auth.openshift.sar.groups"; + private static final String ROUTE_NAME = "sonar.auth.openshift.route.name"; private static final String OAUTH_CERT = "oauth.cert"; private static final String IGNORE_CERTS = "ignore.certs"; private static final String WEB_URL = "sonar.auth.openshift.webUrl"; @@ -130,7 +131,7 @@ public String getButtonColor() { } public String getRouteURL(String namespace) { - return String.format(ROUTE_URI, getApiURL(), namespace, "sonarqube"); + return String.format(ROUTE_URI, getApiURL(), namespace, config.get(ROUTE_NAME).orElse("sonarqube")); } public static List definitions() { From eea7bfa743fe2150cbc887b8440a08593a118a5a Mon Sep 17 00:00:00 2001 From: Kevin McAnoy Date: Sun, 13 Oct 2019 23:37:51 -0700 Subject: [PATCH 4/6] Docker plugin location --- example/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/example/Dockerfile b/example/Dockerfile index 2371ff8..3e1cb3e 100644 --- a/example/Dockerfile +++ b/example/Dockerfile @@ -10,7 +10,7 @@ RUN cp -a /opt/sonarqube/data /opt/sonarqube/data-init && \ chown root:root /opt/sonarqube && chmod -R gu+rwX /opt/sonarqube ADD plugins.sh /opt/sonarqube/bin/plugins.sh RUN /opt/sonarqube/bin/plugins.sh $sonar_plugins -ADD https://github.com/rht-labs/sonar-auth-openshift/releases/latest/download/sonar-auth-openshift-plugin.jar /opt/sonarqube/extensions-init/plugins/sonar-auth-openshift-plugin-1.1.0.jar +ADD https://github.com/rht-labs/sonar-auth-openshift/releases/latest/download/sonar-auth-openshift-plugin.jar /opt/sonarqube/extensions-init/plugins/ RUN chown root:root /opt/sonarqube -R; \ chmod 6775 /opt/sonarqube -R USER 1001 From e836364eaaf8175ea7179f25d44695e26e59131e Mon Sep 17 00:00:00 2001 From: Kevin McAnoy Date: Sun, 13 Oct 2019 23:41:14 -0700 Subject: [PATCH 5/6] fix build git to master --- example/inventory/group_vars/all.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/example/inventory/group_vars/all.yml b/example/inventory/group_vars/all.yml index 11b6482..aa290aa 100755 --- a/example/inventory/group_vars/all.yml +++ b/example/inventory/group_vars/all.yml @@ -5,8 +5,8 @@ sonarqube_name: sonarqube sonarqube: build: NAME: "{{ sonarqube_name }}" - SOURCE_REPOSITORY_URL: "https://github.com/mcanoy/sonar-auth-openshift.git" - SOURCE_REPOSITORY_REF: "sonar7.9.1" + SOURCE_REPOSITORY_URL: "https://github.com/rht-labs/sonar-auth-openshift.git" + SOURCE_REPOSITORY_REF: "master"" SOURCE_CONTEXT_DIR: example FROM_DOCKER_IMAGE: sonarqube FROM_DOCKER_TAG: "7.9.1-community" From a98a2d145ab40f541aecc0d43f9e498bcf5d4516 Mon Sep 17 00:00:00 2001 From: Kevin McAnoy Date: Sun, 13 Oct 2019 23:41:51 -0700 Subject: [PATCH 6/6] fix build git to master --- example/inventory/group_vars/all.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/example/inventory/group_vars/all.yml b/example/inventory/group_vars/all.yml index aa290aa..f9974b9 100755 --- a/example/inventory/group_vars/all.yml +++ b/example/inventory/group_vars/all.yml @@ -6,7 +6,7 @@ sonarqube: build: NAME: "{{ sonarqube_name }}" SOURCE_REPOSITORY_URL: "https://github.com/rht-labs/sonar-auth-openshift.git" - SOURCE_REPOSITORY_REF: "master"" + SOURCE_REPOSITORY_REF: "master" SOURCE_CONTEXT_DIR: example FROM_DOCKER_IMAGE: sonarqube FROM_DOCKER_TAG: "7.9.1-community"