diff --git a/CHANGELOG.md b/CHANGELOG.md index 28c78369b..04c917d17 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,13 @@ # Release Notes +## Version 0.66.1 +**Release Date**: 13th December 2024 +### Features +### Bug Fixes +1. Update main README to de-emphasise Docker (Issue: #733) + + ## Version 0.66.0 **Release Date**: 30th November 2024 ### Features diff --git a/Dockerfile b/Dockerfile index 3beec8ebe..04839d967 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,7 @@ FROM oraclelinux:8 ARG BRANCH=master LABEL "provider"="Oracle" \ "issues"="https://github.com/oracle/oci-designer-toolkit/issues" \ - "version"="0.66.0" \ + "version"="0.66.1" \ "description"="OKIT Web Server Container." \ "copyright"="Copyright (c) 2020, 2024, Oracle and/or its affiliates." # SHELL ["/bin/bash", "-c"] diff --git a/README.md b/README.md index 3c4f5233e..80b8b97bc 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,9 @@ [![License: UPL](https://img.shields.io/badge/license-UPL-green)](https://img.shields.io/badge/license-UPL-green) [![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=oracle_oci-designer-toolkit&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=oracle_oci-designer-toolkit) -# Oracle Cloud Infrastructure Designer and Visualisation Toolkit [0.66.0](CHANGELOG.md#version-0.66.0) +# Oracle Cloud Infrastructure Designer and Visualisation Toolkit [0.66.1](CHANGELOG.md#version-0.66.1) -Full Release Details Can Found [0.66.0 Release](https://github.com/oracle/oci-designer-toolkit/releases/tag/v0.66.0). +Full Release Details Can Found [0.66.1 Release](https://github.com/oracle/oci-designer-toolkit/releases/tag/v0.66.1). -**OKIT - Open Cloud Designer** Public Beta is now Available see [0.66.0 Release](https://github.com/oracle/oci-designer-toolkit/releases/tag/v0.66.0) for details. +**OKIT - Open Cloud Designer** Public Beta is now Available see [0.66.1 Release](https://github.com/oracle/oci-designer-toolkit/releases/tag/v0.66.1) for details. _____ OCI designer and visualisation toolKIT (OKIT) is a browser based tool that allows the user to [design](https://www.ateam-oracle.com/introduction-to-okit-the-oci-designer-toolkit), @@ -38,7 +38,7 @@ OCI environments through a graphical web based interface. ## Changes -[Changes for the current release (0.66.0) are documented here.](CHANGELOG.md#version-0.66.0) +[Changes for the current release (0.66.1) are documented here.](CHANGELOG.md#version-0.66.1) ## Releases @@ -54,46 +54,26 @@ See [Releases](https://github.com/oracle/oci-designer-toolkit/releases) ## Installation +### OKIT-Web Detailed OKIT Installation steps can be found in the [OCI Designer Toolkit Installation Guide](documentation/Installation.md). +1. [MacOS](documentation/Installation.md#macos) +2. [Windows 10 / WSL (Ubuntu)](documentation/Installation.md#windows-10--wsl-ubuntu) +3. [Oracle Linux](documentation/Installation.md#oracle-linux-ol8) +### OKIT-Ocd +OKIT-Ocd is the next iteration of OKIT and is currently available as a Beta release. The native installables can be found in the Assets section +on the [0.66.1 Release](https://github.com/oracle/oci-designer-toolkit/releases/tag/v0.66.1). +1. MacOS + 1. [Arm dmg](https://github.com/oracle/oci-designer-toolkit/releases/download/v0.66.1/ocd-0.2.6-arm64.dmg) + 2. [x64 dmg](https://github.com/oracle/oci-designer-toolkit/releases/download/v0.66.1/ocd-0.2.6-x64.dmg) +2. Windows + 1. [Setup](https://github.com/oracle/oci-designer-toolkit/releases/download/v0.66.1/ocd-0.2.6-Setup.exe) +3. Linux + 1. [rpm](https://github.com/oracle/oci-designer-toolkit/releases/download/v0.66.1/ocd-0.2.6-1.x86_64.rpm) + 2. [deb](https://github.com/oracle/oci-designer-toolkit/releases/download/v0.66.1/ocd_0.2.6_amd64.deb) -_Note:_ [For instructions on installing OKIT on an OCI Instance follow the instructions within the Installation guide.](documentation/Installation.md#install-on-oci-instance) -### Runtime Quick Start -[Docker](https://www.docker.com/products/docker-desktop) is the recommended runtime container for OKIT. The project contains a top-level Dockerfile to facilitate direct -building, of the runtime environment, from the docker command line. - -#### Prerequisites -Before building / running OKIT you will need to install [Docker / Docker Desktop](https://www.docker.com/products/docker-desktop). - -#### Build Docker Container -```bash -docker build --tag okit --no-cache --force-rm https://github.com/oracle/oci-designer-toolkit.git -``` -_Note:_ [If you are running on Windows and see issues please follow the docker clone/build from source instructions.](documentation/Installation.md#build-from-source) - -#### Create / Generate Connection Information -If you already have the OCI sdk/cli installed on you machine you can use the previously generated pem key and config file -we will assume that this exists in <USER HOME DIR>/.oci - -##### Key File - -If you do not have a previously generated private key you will need to create a private/public key pair for use with OKIT and OCI. -These keys can be generated using the following commands as defined in [Required Keys and OCIDs](https://docs.cloud.oracle.com/en-us/iaas/Content/API/Concepts/apisigningkey.htm). - -```bash -openssl genrsa -out /.oci/oci_api_key.pem 2048 -openssl rsa -pubout -in /.oci/oci_api_key.pem -out /.oci/oci_api_key_public.pem -``` - -Upload the generated __oci_api_key_public.pem__ to OCI through the [console](https://docs.cloud.oracle.com/en-us/iaas/Content/API/Concepts/apisigningkey.htm) and record the associated fingerprint following upload. - -###### Get Fingerprint -```bash -openssl rsa -pubout -outform DER -in ~/.oci/oci_api_key.pem | openssl md5 -c -``` - -##### OCI Config File +### OCI Config File Create the OCI cli __config__ file in the directory __<USER HOME DIR>/.oci__ with contents similar to that below. The __*key_file*__ is a fixed value because the contents of the __<USER HOME DIR>/.oci__ will be mounted to the @@ -108,7 +88,13 @@ tenancy=ocid1.tenancy.oc1..aaaaaaaawpqblfem........ region=us-phoenix-1 ``` -##### GIT Settings File +If connecting to a PCA or C3 machine that requires a cert bundle then an additional entry will need to be added to the config file entry specifying +the location of the cert bundle similar to the following. +```properties +cert-bundle=~/.oci/certs/certbundle.cert +``` + +### GIT Settings File If Git integration is required you will need to create a __git_repositories__ file within the directory __<USER HOME DIR>/.oci__ with contents similar to that below. @@ -137,25 +123,6 @@ Host github.com ``` -#### Run Container - -##### Simple -```bash -docker run -d --rm -p 80:80 --volume /.oci:/root/.oci --volume /.ssh:/root/.ssh --name okit okit -``` - -##### Mount User Templates and Git Directories -```bash -docker run -d --rm -p 80:80 --volume /.oci:/root/.oci --volume /.ssh:/root/.ssh --volume :/okit/instance/templates/user --volume :/okit/instance/git --volume :/okit/instance/local --name okit okit -``` - -__Note:__ Occasionally Docker Container may have clock drift and this can cause authentication issues this can be resolved by executing. -```bash -docker run --rm --privileged okit hwclock -s -``` - -Once started the Designer BUI can be accessed on [http://localhost/okit/designer](http://localhost/okit/designer) - ## Usage / Examples The OKIT User / Usage Guide and worked examples can be found in the [OCI Designer Toolkit Usage Guide](documentation/Usage.md) diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md index aa272dc86..132fcab6e 100644 --- a/RELEASE_NOTES.md +++ b/RELEASE_NOTES.md @@ -1,7 +1,8 @@ [![License: UPL](https://img.shields.io/badge/license-UPL-green)](https://img.shields.io/badge/license-UPL-green) [![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=oracle_oci-designer-toolkit&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=oracle_oci-designer-toolkit) -# November 2024 Release (Version 0.66.0) +# November 2024 Release (Version 0.66.1) ____ -**Update 0.66.0**: This update addresses the following issues. +**Update 0.66.1**: This update addresses the following issues. +1. Update main README to de-emphasise Docker ____ Welcome to the November 2024 release of OKIT. This release switches the exiat Create React App based build format to Vite and Electron Forge. diff --git a/containers/docker/Dockerfile b/containers/docker/Dockerfile index 3807bddf9..c297d25fb 100644 --- a/containers/docker/Dockerfile +++ b/containers/docker/Dockerfile @@ -5,7 +5,7 @@ FROM oraclelinux:8 LABEL "provider"="Oracle" \ "issues"="https://github.com/oracle/oci-designer-toolkit/issues" \ - "version"="0.66.0" \ + "version"="0.66.1" \ "description"="OKIT Web Server Container." \ "copyright"="Copyright (c) 2020, 2024, Oracle and/or its affiliates." # SHELL ["/bin/bash", "-c"] diff --git a/documentation/Build.md b/documentation/Build.md new file mode 100644 index 000000000..358ae5dae --- /dev/null +++ b/documentation/Build.md @@ -0,0 +1,34 @@ +# OCI Designer Toolkit Installation Guide +## Build from Source + +### OKIT Repository +Before the building either the Docker or Vagrant Images the project will need to be cloned, or downloaded, from the GitHub +Repository. + +#### Clone +The command shows how this can be cloned to the local machine. + +```bash +git clone -c core.autocrlf=input git@github.com:oracle/oci-designer-toolkit.git +``` + +or + +```bash +git clone -c core.autocrlf=input https://github.com/oracle/oci-designer-toolkit.git +``` + +#### Update +If you have previously cloned the GitHub Repository you can update to the latest release by pulling it from the repository +with the following command. + +```bash +cd oci-designer-toolkit +git pull +``` + +#### Download +If you do not have git installed locally the current release of OKIT can be retrieved by downloading it as a zip file from +[https://github.com/oracle/oci-designer-toolkit/archive/master.zip](https://github.com/oracle/oci-designer-toolkit/archive/master.zip) + + diff --git a/documentation/Installation.md b/documentation/Installation.md index d258ae43b..bcb56279e 100644 --- a/documentation/Installation.md +++ b/documentation/Installation.md @@ -1,11 +1,5 @@ # OCI Designer Toolkit Installation Guide -Although OKIT can simply be downloaded and the command line executed it is recommended that it be executed within a -docker container that can be built using the Dockerfile within this repository. This will guarantee that all the required -python modules are installed and in addition provide a simple flask server that will present the web based application on -[http://localhost/okit/designer](http://localhost/okit/designer). - - ## Table of Contents 1. [OCI Connection Information](#oci-connection-information) @@ -13,27 +7,14 @@ python modules are installed and in addition provide a simple flask server that 2. [Config File](#config-file) 2. [Git Connection](#git-connection) 1. [GIT Repositories File](#git-repository-file) -3. [Quick Start Runtime](#quick-start-runtime) -4. [Container](#container) +3. [MacOS](#macos) +4. [Windows 10 / WSL (Ubuntu)](#windows-10--wsl-ubuntu) +5. [Oracle Linux](#oracle-linux-ol8) +6. [Container](#container) 1. [Docker](#docker) 2. [Lima (MacOS)](#lima-macos) 3. [Vagrant / VirtualBox](#vagrant--virtualbox) -5. [Native](#native) - 1. [Oracle Linux](#oracle-linux-ol8) - 2. [MacOS](#macos) - 3. [Windows 10 / WSL (Ubuntu)](#windows-10--wsl-ubuntu) -3. [Build From Source](#build-from-source) - 1. [OKIT Repository](#okit-repository) - 2. [Create Container](#create-container) - 1. [Docker Compose](#docker-compose) - 2. [Docker](#docker) - 3. [Vagrant](#vagrant) -4. [Install on OCI Instance](#install-on-oci-instance) - 1. [OpenID Connect Configuration for IDCS](#openid-connect-configuration-for-idcs) - 2. [Dynamic Group](#dynamic-group) - 3. [Policies](#policies) - 4. [SSH Tunnel](#ssh-tunnel) -5. [Install on Oracle Linux](#install-on-oracle-linux) + @@ -94,7 +75,11 @@ If Git integration is required you will need to create a __git_repositories__ fi __<USER HOME DIR>/.oci__ with contents similar to that below. ```properties -[OKIT Community] +[OKIT Community Templates] +branch=main +url=git@github.com:username/okit-community-templates.git + +[Example Repo] branch = master url = git@url1.git @@ -116,158 +101,106 @@ defines the key/url mapping. +## MacOS -## Quick Start Runtime - -Docker is the recommended runtime container for OKIT and the project contains a top-level Dockerfile to facilitate direct -building, of the runtime environment, from the docker command line. - -### Build Docker Container -```bash -docker build --tag okit --no-cache --force-rm https://github.com/oracle/oci-designer-toolkit.git -``` - -### Run Container - -```bash -docker run -d --rm -p 80:80 --volume /okit/user/templates:/okit/templates --volume /.oci:/root/.oci --volume /.ssh:/root/.ssh --name okit okit -``` - -Once started the Designer BUI can be accessed on [http://localhost/okit/designer](http://localhost/okit/designer) - - - - - - - - - - -## Container - -### Docker - -The docker image can be built and started using the scripts in the docker sub directory. -It should be noted that the current Docker script is designed for development purposes and mounts the source directories -at runtime. - -#### Prerequisites -- Install [Docker Desktop](https://www.docker.com/products/docker-desktop). -- Create local directory __~/okit/user/templates__ for storage of custom templates. -- [Copy Config & Key Files](#copy-config--key-files) - -#### Docker Build -```bash -cd oci-designer-toolkit -docker build --tag okit --file ./containers/docker/Dockerfile --force-rm . -``` - -#### Docker Update -```bash -cd oci-designer-toolkit -docker rmi okit -docker build --tag okit --no-cache --file ./Dockerfile --force-rm . -``` - -#### Start Docker Container -```bash -cd oci-designer-toolkit -docker run -d --rm -p 80:80 - --name okit \ - --hostname okit \ - --volume /.oci:/root/.oci \ - --volume /.ssh:/root/.ssh \ - --volume :/okit/instance/templates/user \ - --volume :/okit/instance/git \ - --volume :/okit/instance/local \ - okit -``` - -### Lima (MacOS) - -[Lima](https://github.com/lima-vm/lima) is an alternative option to Docker Desktop to run a container based OKIT installation on MacOS. -It will build a container based on the existing Dockerfile without any modifications. - -Install Lima using Homebrew +### Package Install +Install the following packages using [Homebrew](https://brew.sh/) ```bash -brew install lima +brew install git +brew install python3 +brew install libmagic ``` -Lima runs a Linux VM in the background that is used for running the containers, to start the Lima VM service run +### Install ```bash -limactl start +export OKIT_DIR=${HOME}/okit +export OKIT_GITHUB_DIR=${HOME}/okit_github +export OKIT_BRANCH='master' +mkdir -p ${OKIT_DIR} +mkdir -p ${OKIT_GITHUB_DIR} +# Create Python Virtual Environment +python3 -m venv ${OKIT_DIR}/.venv +# Activate Virtual Environment +source ${OKIT_DIR}/.venv/bin/activate +# Update python modules +python3 -m pip install -U pip +python3 -m pip install -U setuptools +# Clone OKIT +git clone -b ${OKIT_BRANCH} https://github.com/oracle/oci-designer-toolkit.git ${OKIT_GITHUB_DIR}/oci-designer-toolkit +# Install OKIT Required python modules +python3 -m pip install --no-cache-dir -r ${OKIT_GITHUB_DIR}/oci-designer-toolkit/requirements.txt +# Create OKIT Required Directories +mkdir -p ${OKIT_DIR}/{log,instance/git,instance/local,instance/templates/user,workspace,ssl} +# Link Directories +ln -sv ${OKIT_GITHUB_DIR}/oci-designer-toolkit/config ${OKIT_DIR}/config +ln -sv ${OKIT_GITHUB_DIR}/oci-designer-toolkit/okitweb ${OKIT_DIR}/okitweb +ln -sv ${OKIT_GITHUB_DIR}/oci-designer-toolkit/visualiser ${OKIT_DIR}/visualiser +ln -sv ${OKIT_GITHUB_DIR}/oci-designer-toolkit/okitweb/static/okit/templates/reference_architecture ${OKIT_DIR}/instance/templates/reference_architecture ``` -Lima uses containerd as its container run-time and nertctl as the Docker-compatible CLI for containerd. -As containerd is running in the VM, not on the Mac directly the lima command passes the nerdctl commands to the VM. -For most docker commands the equivalent is to run lima nerdctl - -With Lima installed and running we need to build the OKIT container, replacing the regular docker build with +### Run ```bash -cd oci-designer-toolkit -lima nerdctl rmi okit -lima nerdctl build --tag okit --no-cache --file ./Dockerfile . +export OKIT_DIR=${HOME}/okit +export OKIT_LOGFILE=${OKIT_DIR}/log/okit.log +export PYTHONPATH=:${OKIT_DIR}/visualiser:${OKIT_DIR}/okitweb:${OKIT_DIR} +# Activate Virtual Environment +source ${OKIT_DIR}/.venv/bin/activate +# Run Server +${OKIT_DIR}/.venv/bin/gunicorn okitweb.wsgi:app --config ${OKIT_DIR}/config/gunicorn_http.py ``` -Run OKIT using the container run command, adjust or add additional required volume mounts as required -```bash -lima nerdctl run --rm -p 80:80 \ - --name okit \ - --hostname okit \ - --volume /.oci:/root/.oci \ - --volume /.ssh:/root/.ssh \ - --volume :/okit/instance/templates/user \ - --volume :/okit/instance/git \ - --volume :/okit/instance/local \ - okit -``` +## Windows 10 / WSL (Ubuntu) +This installation procedure assumes you have previously installed Windows Subsystem for Linux 2. -To stop the OKIT container +### Package Install ```bash -lima nerdctl stop okit +sudo apt install git +sudo apt install python3 +sudo apt install libmagic-dev +sudo apt install python3-venv ``` -To stop the Lima service VM +### Install ```bash -limactl stop +export OKIT_DIR=${HOME}/okit +export OKIT_GITHUB_DIR=${HOME}/okit_github +export OKIT_BRANCH='master' +mkdir -p ${OKIT_DIR} +mkdir -p ${OKIT_GITHUB_DIR} +# Create Python Virtual Environment +python3 -m venv ${OKIT_DIR}/.venv +# Activate Virtual Environment +source ${OKIT_DIR}/.venv/bin/activate +# Update python modules +python3 -m pip install -U pip +python3 -m pip install -U setuptools +# Clone OKIT +git clone -b ${OKIT_BRANCH} https://github.com/oracle/oci-designer-toolkit.git ${OKIT_GITHUB_DIR}/oci-designer-toolkit +# Install OKIT Required python modules +python3 -m pip install --no-cache-dir -r ${OKIT_GITHUB_DIR}/oci-designer-toolkit/requirements.txt +# Create OKIT Required Directories +mkdir -p ${OKIT_DIR}/{git,local,log,instance/git,instance/local,instance/templates/user,workspace,ssl} +# Link Directories +ln -sv ${OKIT_GITHUB_DIR}/oci-designer-toolkit/config ${OKIT_DIR}/config +ln -sv ${OKIT_GITHUB_DIR}/oci-designer-toolkit/okitweb ${OKIT_DIR}/okitweb +ln -sv ${OKIT_GITHUB_DIR}/oci-designer-toolkit/visualiser ${OKIT_DIR}/visualiser +ln -sv ${OKIT_GITHUB_DIR}/oci-designer-toolkit/okitweb/static/okit/templates/reference_architecture ${OKIT_DIR}/instance/templates/reference_architecture ``` -### Vagrant / VirtualBox - -#### Prerequisites -- Install [Oracle VM VirtualBox](https://www.virtualbox.org/wiki/Downloads) -- Install [Vagrant](https://vagrantup.com/) -- Create local directory __~/okit/user/templates__ for storage of custom templates. -- [Copy Config & Key Files](#copy-config--key-files) - -#### Vagrant Build - -##### MacOS / Linux +### Run ```bash -cd oci-designer-toolkit/containers/vagrant -vagrant up; vagrant reload; vagrant ssh -``` -##### Windows -```bash -cd oci-designer-toolkit\containers\vagrant -vagrant up & vagrant reload & vagrant ssh +export OKIT_DIR=${HOME}/okit +export OKIT_LOGFILE=${OKIT_DIR}/log/okit.log +export PYTHONPATH=:${OKIT_DIR}/visualiser:${OKIT_DIR}/okitweb:${OKIT_DIR} +# Activate Virtual Environment +source ${OKIT_DIR}/.venv/bin/activate +# Run Server +${OKIT_DIR}/.venv/bin/gunicorn okitweb.wsgi:app --config ${OKIT_DIR}/config/gunicorn_http.py ``` -**NOTE**: This step takes about 30 minutes on my mac when you build the VM, a little longer the first time as the Vbox image -is downloaded from github. Once the VM is built the vagrant up should just take a few seconds. - - - - - +__Note:__ You may need to replace "localhost" in the OKIT URL with the IP Address of you WSL2 Virtual Machine. - - - -## Native - -### Oracle Linux (OL8) +## Oracle Linux (OL8) If you have a Linux machine and would like to install OKIT directly without the need for Docker or Vagrant then this can be achieved using the following simple instructions. We assume that you have already created the appropriate OCI SDK config @@ -338,104 +271,14 @@ sudo systemctl start gunicorn.service sudo systemctl status gunicorn.service ``` -### MacOS -#### Package Install -Install the following packages using [Homebrew](https://brew.sh/) -```bash -brew install git -brew install python3 -brew install libmagic -``` -#### Install -```bash -export OKIT_DIR=${HOME}/okit -export OKIT_GITHUB_DIR=${HOME}/okit_github -export OKIT_BRANCH='master' -mkdir -p ${OKIT_DIR} -mkdir -p ${OKIT_GITHUB_DIR} -# Create Python Virtual Environment -python3 -m venv ${OKIT_DIR}/.venv -# Activate Virtual Environment -source ${OKIT_DIR}/.venv/bin/activate -# Update python modules -python3 -m pip install -U pip -python3 -m pip install -U setuptools -# Clone OKIT -git clone -b ${OKIT_BRANCH} https://github.com/oracle/oci-designer-toolkit.git ${OKIT_GITHUB_DIR}/oci-designer-toolkit -# Install OKIT Required python modules -python3 -m pip install --no-cache-dir -r ${OKIT_GITHUB_DIR}/oci-designer-toolkit/requirements.txt -# Create OKIT Required Directories -mkdir -p ${OKIT_DIR}/{log,instance/git,instance/local,instance/templates/user,workspace,ssl} -# Link Directories -ln -sv ${OKIT_GITHUB_DIR}/oci-designer-toolkit/config ${OKIT_DIR}/config -ln -sv ${OKIT_GITHUB_DIR}/oci-designer-toolkit/okitweb ${OKIT_DIR}/okitweb -ln -sv ${OKIT_GITHUB_DIR}/oci-designer-toolkit/visualiser ${OKIT_DIR}/visualiser -ln -sv ${OKIT_GITHUB_DIR}/oci-designer-toolkit/okitweb/static/okit/templates/reference_architecture ${OKIT_DIR}/instance/templates/reference_architecture -``` -#### Run -```bash -export OKIT_DIR=${HOME}/okit -export OKIT_LOGFILE=${OKIT_DIR}/log/okit.log -export PYTHONPATH=:${OKIT_DIR}/visualiser:${OKIT_DIR}/okitweb:${OKIT_DIR} -# Activate Virtual Environment -source ${OKIT_DIR}/.venv/bin/activate -# Run Server -${OKIT_DIR}/.venv/bin/gunicorn okitweb.wsgi:app --config ${OKIT_DIR}/config/gunicorn_http.py -``` -### Windows 10 / WSL (Ubuntu) -This installation procedure assumes you have previously installed Windows Subsystem for Linux 2. -#### Package Install -```bash -sudo apt install git -sudo apt install python3 -sudo apt install libmagic-dev -sudo apt install python3-venv -``` -#### Install -```bash -export OKIT_DIR=${HOME}/okit -export OKIT_GITHUB_DIR=${HOME}/okit_github -export OKIT_BRANCH='master' -mkdir -p ${OKIT_DIR} -mkdir -p ${OKIT_GITHUB_DIR} -# Create Python Virtual Environment -python3 -m venv ${OKIT_DIR}/.venv -# Activate Virtual Environment -source ${OKIT_DIR}/.venv/bin/activate -# Update python modules -python3 -m pip install -U pip -python3 -m pip install -U setuptools -# Clone OKIT -git clone -b ${OKIT_BRANCH} https://github.com/oracle/oci-designer-toolkit.git ${OKIT_GITHUB_DIR}/oci-designer-toolkit -# Install OKIT Required python modules -python3 -m pip install --no-cache-dir -r ${OKIT_GITHUB_DIR}/oci-designer-toolkit/requirements.txt -# Create OKIT Required Directories -mkdir -p ${OKIT_DIR}/{git,local,log,instance/git,instance/local,instance/templates/user,workspace,ssl} -# Link Directories -ln -sv ${OKIT_GITHUB_DIR}/oci-designer-toolkit/config ${OKIT_DIR}/config -ln -sv ${OKIT_GITHUB_DIR}/oci-designer-toolkit/okitweb ${OKIT_DIR}/okitweb -ln -sv ${OKIT_GITHUB_DIR}/oci-designer-toolkit/visualiser ${OKIT_DIR}/visualiser -ln -sv ${OKIT_GITHUB_DIR}/oci-designer-toolkit/okitweb/static/okit/templates/reference_architecture ${OKIT_DIR}/instance/templates/reference_architecture -``` -#### Run -```bash -export OKIT_DIR=${HOME}/okit -export OKIT_LOGFILE=${OKIT_DIR}/log/okit.log -export PYTHONPATH=:${OKIT_DIR}/visualiser:${OKIT_DIR}/okitweb:${OKIT_DIR} -# Activate Virtual Environment -source ${OKIT_DIR}/.venv/bin/activate -# Run Server -${OKIT_DIR}/.venv/bin/gunicorn okitweb.wsgi:app --config ${OKIT_DIR}/config/gunicorn_http.py -``` -__Note:__ You may need to replace "localhost" in the OKIT URL with the IP Address of you WSL2 Virtual Machine. @@ -444,227 +287,144 @@ __Note:__ You may need to replace "localhost" in the OKIT URL with the IP Addres -## Build from Source -### OKIT Repository -Before the building either the Docker or Vagrant Images the project will need to be cloned, or downloaded, from the GitHub -Repository. -#### Clone -The command shows how this can be cloned to the local machine. -```bash -git clone -c core.autocrlf=input git@github.com:oracle/oci-designer-toolkit.git -``` -or +## Container + +### Docker / Rancher Desktop +The docker image can be built and started using the scripts in the docker sub directory. +It should be noted that the current Docker script is designed for development purposes and mounts the source directories +at runtime. + +#### Prerequisites +- Install [Docker Desktop](https://www.docker.com/products/docker-desktop) or Rancher Desktop. +- Create local directory __~/okit/user/templates__ for storage of custom templates. +- [Copy Config & Key Files](#copy-config--key-files) + +#### Docker Build ```bash -git clone -c core.autocrlf=input https://github.com/oracle/oci-designer-toolkit.git +cd oci-designer-toolkit +docker build --tag okit --file ./containers/docker/Dockerfile --force-rm . ``` -#### Update -If you have previously cloned the GitHub Repository you can update to the latest release by pulling it from the repository -with the following command. - +#### Docker Update ```bash cd oci-designer-toolkit -git pull +docker rmi okit +docker build --tag okit --no-cache --file ./Dockerfile --force-rm . ``` -#### Download -If you do not have git installed locally the current release of OKIT can be retrieved by downloading it as a zip file from -[https://github.com/oracle/oci-designer-toolkit/archive/master.zip](https://github.com/oracle/oci-designer-toolkit/archive/master.zip) +#### Start Docker Container +```bash +cd oci-designer-toolkit +docker run -d --rm -p 80:80 + --name okit \ + --hostname okit \ + --volume /.oci:/root/.oci \ + --volume /.ssh:/root/.ssh \ + --volume :/okit/instance/templates/user \ + --volume :/okit/instance/git \ + --volume :/okit/instance/local \ + okit +``` +### Quick Start Runtime -### Create Container +Docker is the recommended runtime container for OKIT and the project contains a top-level Dockerfile to facilitate direct +building, of the runtime environment, from the docker command line. -#### Copy Config & Key Files -Before building/rebuilding your chosen container you will need to copy the contents of [<USER HOME DIR>/.oci](#config-file) -to the __oci-designer-toolkit/containers/oci__ directory. +#### Build Docker Container +```bash +docker build --tag okit --no-cache --force-rm https://github.com/oracle/oci-designer-toolkit.git +``` -#### Create Git Repository Properties File & Copy SSH Keys -If you decide to use Git as a repository for your templates you will need to create the Git Repository properties file -[__oci-designer-toolkit/containers/oci/git_repositories__](#git-repositories-file). Once this has been done the contents of -__<USER HOME DIR>/.ssh__ will need to be copied to __oci-designer-toolkit/containers/ssh__ +#### Run Container +```bash +docker run -d --rm -p 80:80 --volume /okit/user/templates:/okit/templates --volume /.oci:/root/.oci --volume /.ssh:/root/.ssh --name okit okit +``` +Once started the Designer BUI can be accessed on [http://localhost/okit/designer](http://localhost/okit/designer) -#### Docker Compose -The docker image is the recommended runtime server OKIT provides a simple Docker Compose script to build and start the container. +### Lima (MacOS) -##### Prerequisites -- Install [Docker Desktop](https://www.docker.com/products/docker-desktop). -- Create local directory __~/okit/user/templates__ for storage of custom templates. -- [Copy Config & Key Files](#copy-config--key-files) +[Lima](https://github.com/lima-vm/lima) is an alternative option to Docker Desktop to run a container based OKIT installation on MacOS. +It will build a container based on the existing Dockerfile without any modifications. -##### Docker Compose Build +Install Lima using Homebrew ```bash -cd oci-designer-toolkit/containers/docker -docker-compose up --detach +brew install lima ``` -##### Docker Compose Update +Lima runs a Linux VM in the background that is used for running the containers, to start the Lima VM service run ```bash -cd oci-designer-toolkit/containers/docker -docker-compose stop -docker-compose build +limactl start ``` -#### Docker - - - +Lima uses containerd as its container run-time and nertctl as the Docker-compatible CLI for containerd. +As containerd is running in the VM, not on the Mac directly the lima command passes the nerdctl commands to the VM. +For most docker commands the equivalent is to run lima nerdctl +With Lima installed and running we need to build the OKIT container, replacing the regular docker build with +```bash +cd oci-designer-toolkit +lima nerdctl rmi okit +lima nerdctl build --tag okit --no-cache --file ./Dockerfile . +``` +Run OKIT using the container run command, adjust or add additional required volume mounts as required +```bash +lima nerdctl run --rm -p 80:80 \ + --name okit \ + --hostname okit \ + --volume /.oci:/root/.oci \ + --volume /.ssh:/root/.ssh \ + --volume :/okit/instance/templates/user \ + --volume :/okit/instance/git \ + --volume :/okit/instance/local \ + okit +``` +To stop the OKIT container +```bash +lima nerdctl stop okit +``` +To stop the Lima service VM +```bash +limactl stop +``` +### Vagrant / VirtualBox +#### Prerequisites +- Install [Oracle VM VirtualBox](https://www.virtualbox.org/wiki/Downloads) +- Install [Vagrant](https://vagrantup.com/) +- Create local directory __~/okit/user/templates__ for storage of custom templates. +- [Copy Config & Key Files](#copy-config--key-files) +#### Vagrant Build -## Install on OCI Instance -```diff -- THIS IS NOT RECOMMENDED BUT THESE NOTES ARE FOR THOSE WHO INSIST ON TRYING THIS -- THE FOLLOWING WILL SHOW HOW TO CONFIGURE OKIT WITH INSTANCE PRINCIPAL FUNCTIONALITY. -- -- IF YOU INSTALL OKIT WITH PUBLIC ACCESS THEN THE INSTANCE WILL POTENTIALLY HAVE COMPLETE ACCESS -- TO YOUR TENANCY ALLOWING FOR INTERROGATION AND CREATION OF OCI RESOURCES. +##### MacOS / Linux +```bash +cd oci-designer-toolkit/containers/vagrant +vagrant up; vagrant reload; vagrant ssh ``` -To install OKIT and run it within an OCI instance you will need to configure [Instance Principal](https://docs.cloud.oracle.com/en-us/iaas/Content/Identity/Tasks/callingservicesfrominstances.htm) -functionality within your Tenancy to allow the OKIT Instance to access OCI API and Query the Tenancy / Access Resource Manager. - -When creating the Instance it is recommended the Instance is within its own Virtual Cloud Network / Subnet. The Subnet should -be secured with a Security List that __only__ allows TCP/22 and TCP/443 port access to the Instance to allow the configuration of a [SSH Tunnel](#ssh-tunnel) -to restrict access to the Instance to authorised users or https authenticated using the OCI console login. - -Once the Instance has been created the following commands will install OKIT and create the service to run the WebServer. +##### Windows ```bash -# Install Required Packages -sudo bash -c "yum install -y git" -sudo bash -c "yum install -y openssl" -sudo bash -c "yum install -y oci-utils" -# This is not required for OL8 -sudo bash -c "yum install -y python-oci-cli" -# Update -sudo bash -c "yum update -y" -# Update Python Modules -sudo bash -c "python3 -m pip install -U pip" -sudo bash -c "python3 -m pip install -U setuptools" -# Clone OKIT -sudo bash -c "mkdir -p /github" -sudo bash -c "git clone -b master https://github.com/oracle/oci-designer-toolkit.git /github/oci-designer-toolkit" -sudo bash -c "mkdir -p /okit/{git,local,log,instance/git,instance/local,instance/templates/user,workspace,ssl}" -# Install OKIT Required python modules -sudo bash -c "python3 -m pip install --no-cache-dir -r /github/oci-designer-toolkit/requirements.txt" -# Link Directories -sudo bash -c "ln -sv /github/oci-designer-toolkit/config /okit/config" -sudo bash -c "ln -sv /github/oci-designer-toolkit/okitweb /okit/okitweb" -sudo bash -c "ln -sv /github/oci-designer-toolkit/visualiser /okit/visualiser" -sudo bash -c "ln -sv /github/oci-designer-toolkit/okitweb/static/okit/templates/reference_architecture /okit/instance/templates/reference_architecture" -# Copy Config -sudo bash -c "cp -v /github/oci-designer-toolkit/instance/config.py /okit/instance" -# Add additional environment information -sudo bash -c "echo 'export PATH=$PATH:/usr/local/bin' >> /etc/bashrc" -sudo bash -c "echo 'export PYTHONPATH=:/okit/visualiser:/okit/okitweb:/okit' >> /etc/bashrc" -sudo bash -c "echo 'export OCI_CLI_AUTH=instance_principal' >> /etc/bashrc" -sudo bash -c "echo 'export OKIT_VM_COMPARTMENT=`oci-metadata -g compartmentID --value-only`' >> /etc/bashrc" -sudo bash -c "echo 'export OKIT_VM_REGION=`oci-metadata -g region --value-only`' >> /etc/bashrc" -# Generate ssl Self Sign Key -sudo bash -c "openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /okit/ssl/okit.key -out /okit/ssl/okit.crt -subj '/C=GB/ST=Berkshire/L=Reading/O=Oracle/OU=OKIT/CN=www.oci_okit.com'" -# Copy GUnicorn Service File -# sudo bash -c 'sed "s/{COMPARTMENT_OCID}/`oci-metadata -g compartmentID --value-only`/" /okit/containers/services/gunicorn.oci.service > /etc/systemd/system/gunicorn.service' -sudo bash -c 'sed "s/{COMPARTMENT_OCID}/`oci-metadata -g compartmentID --value-only`/" /github/oci-designer-toolkit/containers/services/gunicorn.oci.service > /etc/systemd/system/gunicorn.service' -sudo bash -c 'sed -i "s/{REGION_IDENTIFIER}/`oci-metadata -g region --value-only`/" /etc/systemd/system/gunicorn.service' -sudo bash -c 'sed -i "s//`oci-metadata -g region --value-only`/" /okit/instance/config.py' -##################################################################################### -### Edit /okit/instance/config.py as described in OKIT Configuration File section ### -##################################################################################### -# Enable Gunicorn Service -sudo systemctl enable gunicorn.service -sudo systemctl start gunicorn.service -# Open Firewall -sudo firewall-offline-cmd --add-port=443/tcp -sudo systemctl restart firewalld +cd oci-designer-toolkit\containers\vagrant +vagrant up & vagrant reload & vagrant ssh ``` +**NOTE**: This step takes about 30 minutes on my mac when you build the VM, a little longer the first time as the Vbox image +is downloaded from github. Once the VM is built the vagrant up should just take a few seconds. + + + -### OpenID Connect Configuration for IDCS - -To use OpenID Connect with IDCS two configurations are required. - -#### Setup of IDCS -Ask your administrator to update the primary (default) IDCS instance of your tenancy. This instance is often labled as OracleIdentityCloudService in the OCI Console login screen drop down. - -In the steps we use . The format is protocol://fully.qualified.host.name. - -Configuration steps: -1. Select Identity -> Federation from the OCI Console Hamburger Menu. ![Identity Federation](images/Identity_Federation.png?raw=true "Identity Federation") -1. From the Cloud Provider Select the "Oracle Identity Cloud Service Console" url. ![Cloud Provider](images/Identity_Cloud_Provider.png?raw=true "Cloud Provider") -1. Log into IDCS admin console (e.g. https://idcs-aabbccddee6677889900ddhhaa.identity.oraclecloud.com/ui/v1/adminconsole) -1. From the hamburger menu on the upper left, select Applications. -1. Click 'Add' ![Identity Application](images/Identity_Application.png?raw=true "Identity Application") -1. In the 'Add Application' window select 'Confidential Application'![Confidential Application](images/Identity_Confidential_App.png?raw=true "Confidential Application") - 1. In 'App Details' enter - 1. A unique 'Name' - 1. For 'Custom Logout URL' enter /okit/postlogout - 1. Click 'Next' -1. In the Client step select 'Configure this application as a client now' - 1. In the Authorization section: - 1. Select the 'Grant Types': Client Credentials, JWT Assertion, Refresh Token, and Authorization Code - 1. Set the 'Redirect URL' to /okit/postlogin - 1. Set the 'Logout URL' to /okit/logout - 1. Set the 'Post Logout URL' to /okit/postlogout -1. Click 'Next' until the 'Finish' button can be selected. -1. Click 'Finish' -1. An 'Application Added' window shows the values for Client ID and Client Secret. Copy both values for later use. Click on 'Close' to close the window. -1. Click 'Activate' to enable the configuration. -1. From the hamburger menu on the upper left, select Settings. -1. Click 'Default' ![Identity Application](images/Idcs_Defaults.png?raw=true "Identity Application") -1. Turn on "Access Signing Certificate" - -#### OKIT Configuration File - -OKIT has one configuration file that must be updated. It requires these values: -* home_region - Get this value from your Oracle Cloud Infrastructure admin -* tenant_name - Get this value from your Oracle Cloud Infrastructure admin -* client_id - Get this value from the IDCS Confidential Application configuration (see above) -* client_secret - Get this value from the IDCS Confidential Application configuration (see above) -* idcs_instance_id - The IDCS instance id is part of the IDCS URL, e.g., the URL is https://idcs-aabbccddee6677889900ddhhaa.identity.oraclecloud.com and the value is aabbccddee6677889900ddhhaa -* server_base_url - The OKIT fully qualified server base URL. The value you used during the IDCS configuration. The format is protocol://fully.qualified.host.name. - -The OKIT configuration file is located in the directory 'instance'. -* config.py - Replace the values for , , , and with the respective values. - -### Dynamic Group -A Tenancy level Dynamic Group will need to be created to enable Instance Principal access for the instance. - -#### OKITInstanceGroup -Create the OKITInstanceGroup Dynamic Group and add a single Rule relating to the OKIT Instance. -![OKIT Dynamic Group](images/DynamicGroup.png?raw=true "OKIT Dynamic Group") - -### Policies -Tenancy level policies will need to be created for the Dynamic Group and depending on the required level of access either -the Query or Resource Manager level policies defined below should be specified. -#### Query -```text -Allow dynamic-group OKITInstanceGroup to read all-resources in tenancy -Allow dynamic-group OKITInstanceGroup to use instances in tenancy -``` -#### Resource Manager -```text -Allow dynamic-group OKITInstanceGroup to manage orm-stacks in tenancy -Allow dynamic-group OKITInstanceGroup to manage orm-jobs in tenancy -Allow dynamic-group OKITInstanceGroup to manage all-resources in tenancy -``` -#### OKITInstancePrincipal -Create the OKITInstancePrincipal Policy and add either the Query or Resource Manager Policies. -![OKIT Dynamic Group Policies](images/DynamicGroupPolicies.png?raw=true "OKIT Dynamic Group Policies") -### SSH Tunnel -```bash -ssh -oStrictHostKeyChecking=no -oUserKnownHostsFile=/dev/null -N -L 8080:127.0.0.1:80 opc@ -i -``` -Once the tunnel has been created the OKIT Designer BUI can be accessed on [http://localhost:8080/okit/designer](http://localhost:8080/okit/designer). diff --git a/documentation/OCIVmInstallation.md b/documentation/OCIVmInstallation.md new file mode 100644 index 000000000..9ff29474e --- /dev/null +++ b/documentation/OCIVmInstallation.md @@ -0,0 +1,145 @@ +# OCI Designer Toolkit Installation Guide for OCI Instance +```diff +- THIS IS NOT RECOMMENDED BUT THESE NOTES ARE FOR THOSE WHO INSIST ON TRYING THIS +- THE FOLLOWING WILL SHOW HOW TO CONFIGURE OKIT WITH INSTANCE PRINCIPAL FUNCTIONALITY. +- +- IF YOU INSTALL OKIT WITH PUBLIC ACCESS THEN THE INSTANCE WILL POTENTIALLY HAVE COMPLETE ACCESS +- TO YOUR TENANCY ALLOWING FOR INTERROGATION AND CREATION OF OCI RESOURCES. +``` +To install OKIT and run it within an OCI instance you will need to configure [Instance Principal](https://docs.cloud.oracle.com/en-us/iaas/Content/Identity/Tasks/callingservicesfrominstances.htm) +functionality within your Tenancy to allow the OKIT Instance to access OCI API and Query the Tenancy / Access Resource Manager. + +When creating the Instance it is recommended the Instance is within its own Virtual Cloud Network / Subnet. The Subnet should +be secured with a Security List that __only__ allows TCP/22 and TCP/443 port access to the Instance to allow the configuration of a [SSH Tunnel](#ssh-tunnel) +to restrict access to the Instance to authorised users or https authenticated using the OCI console login. + +Once the Instance has been created the following commands will install OKIT and create the service to run the WebServer. +```bash +# Install Required Packages +sudo bash -c "yum install -y git" +sudo bash -c "yum install -y openssl" +sudo bash -c "yum install -y oci-utils" +# This is not required for OL8 +sudo bash -c "yum install -y python-oci-cli" +# Update +sudo bash -c "yum update -y" +# Update Python Modules +sudo bash -c "python3 -m pip install -U pip" +sudo bash -c "python3 -m pip install -U setuptools" +# Clone OKIT +sudo bash -c "mkdir -p /github" +sudo bash -c "git clone -b master https://github.com/oracle/oci-designer-toolkit.git /github/oci-designer-toolkit" +sudo bash -c "mkdir -p /okit/{git,local,log,instance/git,instance/local,instance/templates/user,workspace,ssl}" +# Install OKIT Required python modules +sudo bash -c "python3 -m pip install --no-cache-dir -r /github/oci-designer-toolkit/requirements.txt" +# Link Directories +sudo bash -c "ln -sv /github/oci-designer-toolkit/config /okit/config" +sudo bash -c "ln -sv /github/oci-designer-toolkit/okitweb /okit/okitweb" +sudo bash -c "ln -sv /github/oci-designer-toolkit/visualiser /okit/visualiser" +sudo bash -c "ln -sv /github/oci-designer-toolkit/okitweb/static/okit/templates/reference_architecture /okit/instance/templates/reference_architecture" +# Copy Config +sudo bash -c "cp -v /github/oci-designer-toolkit/instance/config.py /okit/instance" +# Add additional environment information +sudo bash -c "echo 'export PATH=$PATH:/usr/local/bin' >> /etc/bashrc" +sudo bash -c "echo 'export PYTHONPATH=:/okit/visualiser:/okit/okitweb:/okit' >> /etc/bashrc" +sudo bash -c "echo 'export OCI_CLI_AUTH=instance_principal' >> /etc/bashrc" +sudo bash -c "echo 'export OKIT_VM_COMPARTMENT=`oci-metadata -g compartmentID --value-only`' >> /etc/bashrc" +sudo bash -c "echo 'export OKIT_VM_REGION=`oci-metadata -g region --value-only`' >> /etc/bashrc" +# Generate ssl Self Sign Key +sudo bash -c "openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /okit/ssl/okit.key -out /okit/ssl/okit.crt -subj '/C=GB/ST=Berkshire/L=Reading/O=Oracle/OU=OKIT/CN=www.oci_okit.com'" +# Copy GUnicorn Service File +# sudo bash -c 'sed "s/{COMPARTMENT_OCID}/`oci-metadata -g compartmentID --value-only`/" /okit/containers/services/gunicorn.oci.service > /etc/systemd/system/gunicorn.service' +sudo bash -c 'sed "s/{COMPARTMENT_OCID}/`oci-metadata -g compartmentID --value-only`/" /github/oci-designer-toolkit/containers/services/gunicorn.oci.service > /etc/systemd/system/gunicorn.service' +sudo bash -c 'sed -i "s/{REGION_IDENTIFIER}/`oci-metadata -g region --value-only`/" /etc/systemd/system/gunicorn.service' +sudo bash -c 'sed -i "s//`oci-metadata -g region --value-only`/" /okit/instance/config.py' +##################################################################################### +### Edit /okit/instance/config.py as described in OKIT Configuration File section ### +##################################################################################### +# Enable Gunicorn Service +sudo systemctl enable gunicorn.service +sudo systemctl start gunicorn.service +# Open Firewall +sudo firewall-offline-cmd --add-port=443/tcp +sudo systemctl restart firewalld +``` + +## OpenID Connect Configuration for IDCS + +To use OpenID Connect with IDCS two configurations are required. + +### Setup of IDCS +Ask your administrator to update the primary (default) IDCS instance of your tenancy. This instance is often labled as OracleIdentityCloudService in the OCI Console login screen drop down. + +In the steps we use . The format is protocol://fully.qualified.host.name. + +Configuration steps: +1. Select Identity -> Federation from the OCI Console Hamburger Menu. ![Identity Federation](images/Identity_Federation.png?raw=true "Identity Federation") +1. From the Cloud Provider Select the "Oracle Identity Cloud Service Console" url. ![Cloud Provider](images/Identity_Cloud_Provider.png?raw=true "Cloud Provider") +1. Log into IDCS admin console (e.g. https://idcs-aabbccddee6677889900ddhhaa.identity.oraclecloud.com/ui/v1/adminconsole) +1. From the hamburger menu on the upper left, select Applications. +1. Click 'Add' ![Identity Application](images/Identity_Application.png?raw=true "Identity Application") +1. In the 'Add Application' window select 'Confidential Application'![Confidential Application](images/Identity_Confidential_App.png?raw=true "Confidential Application") + 1. In 'App Details' enter + 1. A unique 'Name' + 1. For 'Custom Logout URL' enter /okit/postlogout + 1. Click 'Next' +1. In the Client step select 'Configure this application as a client now' + 1. In the Authorization section: + 1. Select the 'Grant Types': Client Credentials, JWT Assertion, Refresh Token, and Authorization Code + 1. Set the 'Redirect URL' to /okit/postlogin + 1. Set the 'Logout URL' to /okit/logout + 1. Set the 'Post Logout URL' to /okit/postlogout +1. Click 'Next' until the 'Finish' button can be selected. +1. Click 'Finish' +1. An 'Application Added' window shows the values for Client ID and Client Secret. Copy both values for later use. Click on 'Close' to close the window. +1. Click 'Activate' to enable the configuration. +1. From the hamburger menu on the upper left, select Settings. +1. Click 'Default' ![Identity Application](images/Idcs_Defaults.png?raw=true "Identity Application") +1. Turn on "Access Signing Certificate" + +### OKIT Configuration File + +OKIT has one configuration file that must be updated. It requires these values: +* home_region - Get this value from your Oracle Cloud Infrastructure admin +* tenant_name - Get this value from your Oracle Cloud Infrastructure admin +* client_id - Get this value from the IDCS Confidential Application configuration (see above) +* client_secret - Get this value from the IDCS Confidential Application configuration (see above) +* idcs_instance_id - The IDCS instance id is part of the IDCS URL, e.g., the URL is https://idcs-aabbccddee6677889900ddhhaa.identity.oraclecloud.com and the value is aabbccddee6677889900ddhhaa +* server_base_url - The OKIT fully qualified server base URL. The value you used during the IDCS configuration. The format is protocol://fully.qualified.host.name. + +The OKIT configuration file is located in the directory 'instance'. +* config.py - Replace the values for , , , and with the respective values. + +## Dynamic Group +A Tenancy level Dynamic Group will need to be created to enable Instance Principal access for the instance. + +### OKITInstanceGroup +Create the OKITInstanceGroup Dynamic Group and add a single Rule relating to the OKIT Instance. +![OKIT Dynamic Group](images/DynamicGroup.png?raw=true "OKIT Dynamic Group") + +## Policies +Tenancy level policies will need to be created for the Dynamic Group and depending on the required level of access either +the Query or Resource Manager level policies defined below should be specified. +### Query +```text +Allow dynamic-group OKITInstanceGroup to read all-resources in tenancy +Allow dynamic-group OKITInstanceGroup to use instances in tenancy +``` +### Resource Manager +```text +Allow dynamic-group OKITInstanceGroup to manage orm-stacks in tenancy +Allow dynamic-group OKITInstanceGroup to manage orm-jobs in tenancy +Allow dynamic-group OKITInstanceGroup to manage all-resources in tenancy +``` +### OKITInstancePrincipal +Create the OKITInstancePrincipal Policy and add either the Query or Resource Manager Policies. +![OKIT Dynamic Group Policies](images/DynamicGroupPolicies.png?raw=true "OKIT Dynamic Group Policies") + +## SSH Tunnel +```bash +ssh -oStrictHostKeyChecking=no -oUserKnownHostsFile=/dev/null -N -L 8080:127.0.0.1:80 opc@ -i +``` + +Once the tunnel has been created the OKIT Designer BUI can be accessed on [http://localhost:8080/okit/designer](http://localhost:8080/okit/designer). + + diff --git a/documentation/README.md b/documentation/README.md index 0e193b67d..ede8e0388 100644 --- a/documentation/README.md +++ b/documentation/README.md @@ -3,5 +3,4 @@ 1. [Installation Guide](Installation.md) 2. [User Guide](Usage.md) 3. [Development Guide](Development.md) -4. [OKIT Cli](okit-cli.md) diff --git a/ocd/packages/react/src/data/OcdReleaseNotes.ts b/ocd/packages/react/src/data/OcdReleaseNotes.ts index 97a5c17e9..bfaf15f1a 100644 --- a/ocd/packages/react/src/data/OcdReleaseNotes.ts +++ b/ocd/packages/react/src/data/OcdReleaseNotes.ts @@ -4,9 +4,10 @@ */ export const releaseNotes = `[![License: UPL](https://img.shields.io/badge/license-UPL-green)](https://img.shields.io/badge/license-UPL-green) [![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=oracle_oci-designer-toolkit&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=oracle_oci-designer-toolkit) -# November 2024 Release (Version 0.66.0) +# November 2024 Release (Version 0.66.1) ____ -**Update 0.66.0**: This update addresses the following issues. +**Update 0.66.1**: This update addresses the following issues. +1. Update main README to de-emphasise Docker ____ Welcome to the November 2024 release of OKIT. This release switches the exiat Create React App based build format to Vite and Electron Forge. diff --git a/okitweb/static/okit/js/okit_console.js b/okitweb/static/okit/js/okit_console.js index 229fbf7ed..a16d8e476 100644 --- a/okitweb/static/okit/js/okit_console.js +++ b/okitweb/static/okit/js/okit_console.js @@ -5,7 +5,7 @@ console.debug('Loaded Console Javascript'); -const okitVersion = '0.66.0'; +const okitVersion = '0.66.1'; const okitReleaseDate = '30th Novermber 2024'; // const okitReleaseDate = 'Nightly'; diff --git a/okitweb/static/okit/json/release.json b/okitweb/static/okit/json/release.json index d300532f6..8e375c33c 100644 --- a/okitweb/static/okit/json/release.json +++ b/okitweb/static/okit/json/release.json @@ -1,5 +1,5 @@ { - "release": "0.66.0", - "tag": "v0.66.0", - "title": "November 2024 Release" + "release": "0.66.1", + "tag": "v0.66.1", + "title": "November 2024 Patch" } \ No newline at end of file diff --git a/visualiser/facades/ociConnection.py b/visualiser/facades/ociConnection.py index eeda40c8e..1b1916782 100644 --- a/visualiser/facades/ociConnection.py +++ b/visualiser/facades/ociConnection.py @@ -25,7 +25,7 @@ class OCIConnection(object): PAGINATION_LIMIT = 1000 - OKIT_VERSION = 'v0.66.0' + OKIT_VERSION = 'v0.66.1' def __init__(self, config=None, configfile=None, profile=None, region=None, signer=None): self.tenancy_ocid = '' diff --git a/visualiser/generators/okitGenerator.py b/visualiser/generators/okitGenerator.py index 3eb93a477..7b43bcb0b 100644 --- a/visualiser/generators/okitGenerator.py +++ b/visualiser/generators/okitGenerator.py @@ -27,7 +27,7 @@ logger = getLogger() class OCIGenerator(object): - OKIT_VERSION = "0.66.0" + OKIT_VERSION = "0.66.1" def __init__(self, template_dir, output_dir, visualiser_json, use_vars=False, add_provider=True): # Initialise generator output data variables self.rendered_resources = {}