mirror of
https://github.com/zitadel/zitadel.git
synced 2025-01-11 15:53:39 +00:00
73d37459bb
* feat: label policy proto extension * feat: label policy and activate event * feat: label policy asset events * feat: label policy asset commands * feat: add storage key * feat: storage key validation * feat: label policy asset tests * feat: label policy query side * feat: avatar * feat: avatar event * feat: human avatar * feat: avatar read side * feat: font on iam label policy * feat: label policy font * feat: possiblity to create bucket on put file * uplaoder * login policy logo * set bucket prefix * feat: avatar upload * feat: avatar upload * feat: use assets on command side * feat: fix human avatar removed event * feat: remove human avatar * feat: mock asset storage * feat: remove human avatar * fix(operator): add configuration of asset storage to zitadel operator * feat(console): private labeling policy (#1697) * private labeling component, routing, preview * font, colors, upload, i18n * show logo * fix: uniqueness (#1710) * fix: uniqueconstraint to lower * feat: change org * feat: org change test * feat: change org * fix: tests * fix: handle domain claims correctly * feat: update org Co-authored-by: fabi <fabienne.gerschwiler@gmail.com> * fix: handle domain claimed event correctly for service users (#1711) * fix: handle domain claimed event correctly on user view * fix: ignore domain claimed events for email notifications * fix: change org * handle org changed in read models correctly * fix: change org in user grant handler Co-authored-by: fabi <fabienne.gerschwiler@gmail.com> * fix: correct value (#1695) * docs(api): correct link (#1712) * upload service Co-authored-by: Livio Amstutz <livio.a@gmail.com> Co-authored-by: fabi <fabienne.gerschwiler@gmail.com> Co-authored-by: Florian Forster <florian@caos.ch> * feat: fix tests, * feat: remove assets from label policy * fix npm, set environment * lint ts * remove stylelinting * fix(operator): add mapping for console with changed unit tests * fix(operator): add secrets as env variables to pod * feat: remove human avatar * fix(operator): add secrets as env variables to pod * feat: map label policy * feat: labelpolicy, admin, mgmt, adv settings (#1715) * fetch label policy, mgmt, admin service * feat: advanced beh, links, add, update * lint ts * feat: watermark * feat: remove human avatar * feat: remove human avatar * feat: remove human avatar * feat: remove human avatar * feat: remove human avatar * feat: remove human avatar * feat: remove human avatar * feat: custom css * css * css * css * css * css * getobject * feat: dynamic handler * feat: varibale css * content info * css overwrite * feat: variablen css * feat: generate css file * feat: dark mode * feat: dark mode * fix logo css * feat: upload logos * dark mode with cookie * feat: handle images in login * avatar css and begin font * feat: avatar * feat: user avatar * caching of static assets in login * add avatar.js to main.html * feat: header dont show logo if no url * feat: label policy colors * feat: mock asset storage * feat: mock asset storage * feat: fix tests * feat: user avatar * feat: header logo * avatar * avatar * make it compatible with go 1.15 * feat: remove unused logos * fix handler * fix: styling error handling * fonts * fix: download func * switch to mux * fix: change upload api to assets * fix build * fix: download avatar * fix: download logos * fix: my avatar * font * fix: remove error msg popup possibility * fix: docs * fix: svalidate colors * rem msg popup from frontend * fix: email with private labeling * fix: tests * fix: email templates * fix: change migration version * fix: fix duplicate imports * fix(console): assets, service url, upload, policy current and preview (#1781) * upload endpoint, layout * fetch current, preview, fix upload * cleanup private labeling * fix linting * begin generated asset handler * generate asset api in dockerfile * features for label policy * features for label policy * features * flag for asset generator * change asset generator flag * fix label policy view in grpc * fix: layout, activate policy (#1786) * theme switcher up on top * change layout * activate policy * feat(console): label policy back color, layout (#1788) * theme switcher up on top * change layout * activate policy * fix overwrite value fc * reset policy, reset service * autosave policy, preview desc, layout impv * layout, i18n * background colors, inject material styles * load images * clean, lint * fix layout * set custom hex * fix content size conversion * remove font format in generated css * fix features for assets * fix(console): label policy colors, image downloads, preview (#1804) * load images * colors, images binding * lint * refresh emitter * lint * propagate font colors * upload error handling * label policy feature check * add blob in csp for console * log * fix: feature edits for label policy, refresh state on upload (#1807) * show error on load image, stop spinner * fix merge * fix migration versions * fix assets * fix csp * fix background color * scss * fix build * lint scss * fix statik for console * fix features check for label policy * cleanup * lint * public links * fix notifications * public links * feat: merge main * feat: fix translation files * fix migration * set api domain * fix logo in email * font face in email * font face in email * validate assets on upload * cleanup * add missing translations * add missing translations Co-authored-by: Livio Amstutz <livio.a@gmail.com> Co-authored-by: Stefan Benz <stefan@caos.ch> Co-authored-by: Max Peintner <max@caos.ch> Co-authored-by: Florian Forster <florian@caos.ch>
232 lines
8.0 KiB
Plaintext
232 lines
8.0 KiB
Plaintext
ARG GO_VERSION=1.15.8
|
|
ARG NODE_VERSION=14.17.0
|
|
ARG ENV=prod
|
|
|
|
#######################
|
|
## These steps set platform / arch type specific variables
|
|
#######################
|
|
FROM alpine AS arm64-base
|
|
ENV PROTOC_ARCH aarch_64
|
|
|
|
FROM alpine AS amd64-base
|
|
ENV PROTOC_ARCH x86_64
|
|
|
|
|
|
#######################
|
|
## This step sets up the folder structure,
|
|
## initalices go mods,
|
|
## downloads the protofiles,
|
|
## protoc and protoc-gen-grpc-web for later use
|
|
#######################
|
|
FROM ${BUILDARCH}-base AS base
|
|
ARG PROTOC_VERSION=3.13.0
|
|
ARG PROTOC_ZIP=protoc-${PROTOC_VERSION}-linux-${PROTOC_ARCH}.zip
|
|
ARG GRPC_WEB_VERSION=1.2.1
|
|
# no arm specific version available and x86 works fine at the moment:
|
|
ARG GRPC_WEB=protoc-gen-grpc-web-${GRPC_WEB_VERSION}-linux-x86_64
|
|
|
|
RUN apk add tar curl
|
|
WORKDIR /proto
|
|
|
|
#protoc
|
|
RUN curl -OL https://github.com/protocolbuffers/protobuf/releases/download/v${PROTOC_VERSION}/$PROTOC_ZIP \
|
|
&& unzip -o $PROTOC_ZIP -d /usr/local bin/protoc \
|
|
&& unzip -o $PROTOC_ZIP -d /proto include/* \
|
|
&& rm -f $PROTOC_ZIP
|
|
|
|
#grpc web
|
|
RUN curl -OL https://github.com/grpc/grpc-web/releases/download/${GRPC_WEB_VERSION}/${GRPC_WEB} \
|
|
&& mv ${GRPC_WEB} /usr/local/bin/protoc-gen-grpc-web \
|
|
&& chmod +x /usr/local/bin/protoc-gen-grpc-web
|
|
|
|
#proto dependencies
|
|
RUN curl https://raw.githubusercontent.com/envoyproxy/protoc-gen-validate/v0.4.1/validate/validate.proto --create-dirs -o include/validate/validate.proto \
|
|
&& curl https://raw.githubusercontent.com/grpc-ecosystem/grpc-gateway/v2.2.0/protoc-gen-openapiv2/options/annotations.proto --create-dirs -o include/protoc-gen-openapiv2/options/annotations.proto \
|
|
&& curl https://raw.githubusercontent.com/grpc-ecosystem/grpc-gateway/v2.2.0/protoc-gen-openapiv2/options/openapiv2.proto --create-dirs -o include/protoc-gen-openapiv2/options/openapiv2.proto \
|
|
&& curl https://raw.githubusercontent.com/googleapis/googleapis/master/google/api/annotations.proto --create-dirs -o include/google/api/annotations.proto \
|
|
&& curl https://raw.githubusercontent.com/googleapis/googleapis/master/google/api/http.proto --create-dirs -o include/google/api/http.proto \
|
|
&& curl https://raw.githubusercontent.com/googleapis/googleapis/master/google/api/field_behavior.proto --create-dirs -o include/google/api/field_behavior.proto
|
|
|
|
#zitadel protos
|
|
COPY proto/ include/.
|
|
|
|
|
|
#######################
|
|
## With this step we prepare all node_modules, this helps caching the build
|
|
## Speed up this step by mounting your local node_modules directory
|
|
#######################
|
|
FROM node:${NODE_VERSION} as npm-base
|
|
WORKDIR /console
|
|
|
|
COPY console/package.json console/package-lock.json ./
|
|
RUN npm install
|
|
|
|
COPY console .
|
|
COPY --from=base /proto /proto
|
|
COPY --from=base /usr/local/bin /usr/local/bin/.
|
|
COPY build/console build/console/
|
|
RUN build/console/generate-grpc.sh
|
|
|
|
|
|
#######################
|
|
## copy for local dev
|
|
#######################
|
|
FROM scratch as npm-copy
|
|
COPY --from=npm-base /console/src/app/proto/generated ./console/src/app/proto/generated
|
|
|
|
|
|
#######################
|
|
## angular dev build
|
|
#######################
|
|
FROM npm-base as dev-angular-build
|
|
RUN npm install -g @angular/cli
|
|
|
|
|
|
#######################
|
|
## angular lint workspace and prod build
|
|
#######################
|
|
FROM npm-base as prod-angular-build
|
|
RUN npm run lint
|
|
RUN npm run prodbuild
|
|
|
|
|
|
#######################
|
|
## Go dependencies
|
|
## Speed up this step by mounting your local go mod pkg directory
|
|
#######################
|
|
FROM golang:${GO_VERSION} as go-dep
|
|
RUN mkdir -p src/github.com/caos/zitadel
|
|
WORKDIR /go/src/github.com/caos/zitadel
|
|
|
|
#download modules
|
|
COPY ./go.* .
|
|
RUN go mod download
|
|
|
|
# install tools
|
|
COPY tools ./tools
|
|
RUN ./tools/install.sh
|
|
|
|
|
|
#######################
|
|
## generates static files
|
|
#######################
|
|
FROM go-dep AS go-static
|
|
COPY internal/ui/login/static internal/ui/login/static
|
|
COPY internal/ui/login/statik internal/ui/login/statik
|
|
COPY internal/notification/static internal/notification/static
|
|
COPY internal/notification/statik internal/notification/statik
|
|
COPY internal/static internal/static
|
|
COPY internal/statik internal/statik
|
|
|
|
RUN go generate internal/ui/login/statik/generate.go \
|
|
&& go generate internal/ui/login/static/generate.go \
|
|
&& go generate internal/notification/statik/generate.go \
|
|
&& go generate internal/statik/generate.go
|
|
|
|
|
|
#######################
|
|
## generates grpc stub
|
|
#######################
|
|
FROM go-static AS go-stub
|
|
COPY --from=base /proto /proto
|
|
COPY --from=base /usr/local/bin /usr/local/bin/.
|
|
|
|
COPY build/zitadel/generate-grpc.sh build/zitadel/generate-grpc.sh
|
|
COPY internal/protoc internal/protoc
|
|
COPY openapi/statik openapi/statik
|
|
COPY internal/api/assets/generator internal/api/assets/generator
|
|
COPY internal/config internal/config
|
|
COPY internal/errors internal/errors
|
|
|
|
RUN build/zitadel/generate-grpc.sh \
|
|
&& go generate openapi/statik/generate.go \
|
|
&& go run internal/api/assets/generator/asset_generator.go -directory=internal/api/assets/generator/
|
|
|
|
|
|
#######################
|
|
## Go base build
|
|
#######################
|
|
FROM go-stub as go-base
|
|
# copy remaining zitadel files
|
|
COPY . .
|
|
|
|
|
|
#######################
|
|
## copy for local dev
|
|
#######################
|
|
FROM scratch as go-copy
|
|
COPY --from=go-stub /go/src/github.com/caos/zitadel/internal/ui/login/statik/statik.go internal/ui/login/statik/statik.go
|
|
COPY --from=go-stub /go/src/github.com/caos/zitadel/internal/notification/statik/statik.go internal/notification/statik/statik.go
|
|
COPY --from=go-stub /go/src/github.com/caos/zitadel/internal/statik/statik.go internal/statik/statik.go
|
|
COPY --from=go-stub /go/src/github.com/caos/zitadel/openapi/statik/statik.go openapi/statik/statik.go
|
|
|
|
COPY --from=go-stub /go/src/github.com/caos/zitadel/pkg/grpc pkg/grpc
|
|
COPY --from=go-stub /go/src/github.com/caos/zitadel/openapi/v2/zitadel openapi/v2/zitadel
|
|
COPY --from=go-stub /go/src/github.com/caos/zitadel/openapi/statik/statik.go openapi/statik/statik.go
|
|
COPY --from=go-stub /go/src/github.com/caos/zitadel/internal/protoc/protoc-gen-authoption/templates.gen.go internal/protoc/protoc-gen-authoption/templates.gen.go
|
|
COPY --from=go-stub /go/src/github.com/caos/zitadel/internal/protoc/protoc-gen-authoption/authoption/options.pb.go internal/protoc/protoc-gen-authoption/authoption/options.pb.go
|
|
COPY --from=go-stub /go/src/github.com/caos/zitadel/docs/apis/proto docs/docs/apis/proto
|
|
|
|
COPY --from=go-stub /go/src/github.com/caos/zitadel/internal/api/assets/authz.go ./internal/api/assets/authz.go
|
|
COPY --from=go-stub /go/src/github.com/caos/zitadel/internal/api/assets/router.go ./internal/api/assets/router.go
|
|
|
|
|
|
#######################
|
|
## Go test
|
|
#######################
|
|
FROM go-base as go-test
|
|
|
|
# Migrations for cockroach-secure
|
|
RUN go install github.com/rakyll/statik
|
|
RUN ./build/operator/prebuild.sh ./migrations
|
|
|
|
RUN go test -race -v -coverprofile=profile.cov $(go list ./... | grep -v /operator/)
|
|
|
|
#######################
|
|
## Go test results
|
|
#######################
|
|
FROM scratch as go-codecov
|
|
COPY --from=go-test /go/src/github.com/caos/zitadel/profile.cov profile.cov
|
|
|
|
|
|
#######################
|
|
## Go prod build
|
|
#######################
|
|
FROM go-test as prod-go-build
|
|
ARG BUILDARCH
|
|
|
|
#generate statik code for console
|
|
COPY --from=prod-angular-build console/dist/console console/dist/console/
|
|
RUN go generate internal/ui/console/statik/generate.go
|
|
|
|
RUN CGO_ENABLED=0 GOOS=linux GOARCH=${BUILDARCH} go build -a -installsuffix cgo -ldflags '-extldflags "-static"' -o zitadel-linux-${BUILDARCH} cmd/zitadel/main.go
|
|
|
|
|
|
#######################
|
|
## Go dev build
|
|
#######################
|
|
FROM go-base as dev-go-build
|
|
ENTRYPOINT [ "go", "run", "cmd/zitadel/main.go" ]
|
|
|
|
#######################
|
|
## Final Production Image
|
|
#######################
|
|
FROM alpine:latest as artifact
|
|
ARG BUILDARCH
|
|
RUN adduser -D zitadel
|
|
COPY cmd/zitadel/*.yaml /app/
|
|
COPY --from=prod-go-build /go/src/github.com/caos/zitadel/zitadel-linux-${BUILDARCH} /app/zitadel
|
|
RUN chmod a+x /app/zitadel
|
|
RUN ls -la /
|
|
|
|
|
|
#######################
|
|
## Scratch Image
|
|
#######################
|
|
FROM scratch as final
|
|
COPY --from=artifact /etc/passwd /etc/passwd
|
|
COPY --from=artifact /etc/ssl/certs /etc/ssl/certs
|
|
COPY --from=artifact /app /
|
|
USER zitadel
|
|
HEALTHCHECK NONE
|
|
ENTRYPOINT ["/zitadel"] |