diff --git a/.gitignore b/.gitignore index 96a94304..da66a84c 100644 --- a/.gitignore +++ b/.gitignore @@ -45,3 +45,5 @@ src/services/gcp/tmp/_output/ src/services/namespace/vendor src/services/namespace/namespace src/services/namespace/tmp/_output/ +infrabox/local-dev/.env +infrabox/test/api/test.json diff --git a/infrabox/local-dev/.env.example b/infrabox/local-dev/.env.example new file mode 100644 index 00000000..e5c597fb --- /dev/null +++ b/infrabox/local-dev/.env.example @@ -0,0 +1 @@ +INFRABOX_DB_PASSWORD=changeme diff --git a/infrabox/local-dev/Makefile b/infrabox/local-dev/Makefile new file mode 100644 index 00000000..d45611a1 --- /dev/null +++ b/infrabox/local-dev/Makefile @@ -0,0 +1,20 @@ +COMPOSE = DOCKER_BUILDKIT=0 COMPOSE_DOCKER_CLI_BUILD=0 \ + docker compose -f $(CURDIR)/docker-compose.yml +ROOT = $(CURDIR)/../.. + +.PHONY: start stop logs frontend + +start: + @if [ ! -f .env ]; then cp .env.example .env; echo "Created .env from .env.example — edit the password before retrying."; exit 1; fi + $(COMPOSE) up -d + +stop: + $(COMPOSE) down + +logs: + $(COMPOSE) logs -f api + +frontend: + cd $(ROOT)/src/dashboard-client && \ + npm install --ignore-scripts && \ + npm run dev diff --git a/infrabox/local-dev/README.md b/infrabox/local-dev/README.md new file mode 100644 index 00000000..4c33ff85 --- /dev/null +++ b/infrabox/local-dev/README.md @@ -0,0 +1,61 @@ +# InfraBox Local Dev Stack + +A Docker Compose environment for running the full backend stack locally, +including PostgreSQL, MinIO, OPA, and the API server. + +## Quick Start + +```bash +cd infrabox/local-dev + +# 1. Create your local config (only needed once) +cp .env.example .env +# Edit .env and set INFRABOX_DB_PASSWORD to any value you like. + +# 2. Start the backend stack +make start + +# 3. Start the frontend dev server (separate terminal) +make frontend +``` + +Open http://localhost:8081 (increments automatically if 8080 is taken). + +**Default credentials** (created by `seed.sql` on first run): + +| Email | Password | Role | Project access | +|-------|----------|------|----------------| +| admin@local.dev | admin123 | admin | — | +| alice@local.dev | password123 | user | Owner: project-alpha, Developer: project-beta | +| bob@local.dev | password123 | user | none | + +Log in with the **email** address, not the username. + +## Other Commands + +```bash +make logs # tail API logs +make stop # tear down all containers +``` + +## How It Works + +- `seed.sql` is mounted into the postgres container and runs on first startup. + It inserts the required `cluster` row and the default admin user. +- The API is exposed on host port `8090` (container port `8080`). +- API requests from the frontend dev server are proxied to `http://localhost:8090` + via the webpack `proxyTable` — no manual CORS configuration needed. +- RSA keys are reused from `infrabox/test/utils/id_rsa[.pub]` — local dev only. +- OPA and API are built from source to pick up the latest policies and handlers. + +## Adding More Users + +```bash +# Generate a bcrypt hash for any password +python3 -c "import bcrypt; print(bcrypt.hashpw(b'yourpassword', bcrypt.gensalt()).decode())" + +docker exec local-dev-postgres-1 psql -U postgres -c " + INSERT INTO \"user\" (username, email, password, role) + VALUES ('alice', 'alice@example.com', '', 'user'); +" +``` diff --git a/infrabox/local-dev/docker-compose.yml b/infrabox/local-dev/docker-compose.yml new file mode 100644 index 00000000..28600e82 --- /dev/null +++ b/infrabox/local-dev/docker-compose.yml @@ -0,0 +1,87 @@ +version: "3.2" + +services: + postgres: + build: + context: ../../ + dockerfile: ./src/postgres/Dockerfile + environment: + - POSTGRES_USER=postgres + - POSTGRES_PASSWORD=${INFRABOX_DB_PASSWORD} + - POSTGRES_DB=postgres + - POSTGRES_HOST_AUTH_METHOD=trust + volumes: + - ./seed.sql:/docker-entrypoint-initdb.d/99_seed.sql + ports: + - "5432:5432" + + minio: + image: minio/minio + command: server /data + environment: + - MINIO_ACCESS_KEY=AKIAIOSFODNN7EXAMPLE + - MINIO_SECRET_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY + ports: + - "9000:9000" + + opa: + build: + context: ../../ + dockerfile: ./src/openpolicyagent/Dockerfile + ports: + - "8181:8181" + + api: + build: + context: ../../ + dockerfile: ./src/api/Dockerfile + args: + INFRABOX_BUILD_NUMBER: "3091" + environment: + - INFRABOX_VERSION=local-dev + - INFRABOX_DATABASE_HOST=postgres + - INFRABOX_DATABASE_USER=postgres + - INFRABOX_DATABASE_PASSWORD=${INFRABOX_DB_PASSWORD} + - INFRABOX_DATABASE_PORT=5432 + - INFRABOX_DATABASE_DB=postgres + - INFRABOX_GENERAL_REPORT_ISSUE_URL=https://github.com/SAP/InfraBox/issues + - INFRABOX_STORAGE_GCS_ENABLED=false + - INFRABOX_STORAGE_AZURE_ENABLED=false + - INFRABOX_STORAGE_SWIFT_ENABLED=false + - INFRABOX_STORAGE_S3_ENABLED=true + - INFRABOX_STORAGE_S3_BUCKET=infrabox + - INFRABOX_STORAGE_S3_REGION=us-east-1 + - INFRABOX_STORAGE_S3_SECURE=false + - INFRABOX_STORAGE_S3_ACCESS_KEY=AKIAIOSFODNN7EXAMPLE + - INFRABOX_STORAGE_S3_SECRET_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY + - INFRABOX_STORAGE_S3_ENDPOINT=minio + - INFRABOX_STORAGE_S3_PORT=9000 + - GOOGLE_APPLICATION_CREDENTIALS= + - INFRABOX_ROOT_URL=http://localhost:8090 + - INFRABOX_CLUSTER_NAME=master + - INFRABOX_HA_ENABLED=false + - INFRABOX_OPA_HOST=opa + - INFRABOX_OPA_PORT=8181 + - INFRABOX_OPA_PUSH_INTERVAL=30 + - INFRABOX_ACCOUNT_SIGNUP_ENABLED=true + - INFRABOX_ACCOUNT_LDAP_ENABLED=false + - INFRABOX_ACCOUNT_SAML_ENABLED=false + - INFRABOX_LEGAL_PRIVACY_URL= + - INFRABOX_LEGAL_TERMS_OF_USE_URL= + - INFRABOX_GITHUB_ENABLED=false + - INFRABOX_GITHUB_LOGIN_ENABLED=false + - INFRABOX_GERRIT_ENABLED=false + - INFRABOX_LOG_LEVEL=debug + volumes: + - ../test/utils/id_rsa:/var/run/secrets/infrabox.net/rsa/id_rsa:ro + - ../test/utils/id_rsa.pub:/var/run/secrets/infrabox.net/rsa/id_rsa.pub:ro + ports: + - "8090:8080" + links: + - postgres + - minio + - opa + depends_on: + - postgres + - minio + - opa diff --git a/infrabox/local-dev/seed.sql b/infrabox/local-dev/seed.sql new file mode 100644 index 00000000..ec86f3f1 --- /dev/null +++ b/infrabox/local-dev/seed.sql @@ -0,0 +1,22 @@ +INSERT INTO cluster (name, active, labels, root_url, nodes, cpu_capacity, memory_capacity) +VALUES ('master', true, '{master,default}', 'http://localhost:8090', 1, 10, 10000); + +-- Default admin user: admin@local.dev / admin123 +INSERT INTO "user" (username, email, password, role) +VALUES ('admin', 'admin@local.dev', '$2b$12$QxG47fCe3dqJQCjx6Z5vy./jM7/o8cZFeudhTTfcoII0IE0PmY10m', 'admin'); + +-- Regular users: password123 +INSERT INTO "user" (id, username, email, password, role) VALUES + ('aaaaaaaa-0001-0001-0001-aaaaaaaaaaaa', 'alice', 'alice@local.dev', '$2b$12$oi46ZRkcmGP4A8klhxe0reHN0FBn8.N7dupNhcjP.2S6nZjlpauzq', 'user'), + ('aaaaaaaa-0002-0002-0002-aaaaaaaaaaaa', 'bob', 'bob@local.dev', '$2b$12$oi46ZRkcmGP4A8klhxe0reHN0FBn8.N7dupNhcjP.2S6nZjlpauzq', 'user'); + +-- Sample projects +INSERT INTO project (id, name, type) VALUES + ('bbbbbbbb-0001-0001-0001-bbbbbbbbbbbb', 'project-alpha', 'upload'), + ('bbbbbbbb-0002-0002-0002-bbbbbbbbbbbb', 'project-beta', 'upload'), + ('bbbbbbbb-0003-0003-0003-bbbbbbbbbbbb', 'project-gamma', 'upload'); + +-- alice: Owner on alpha, Developer on beta; no access to gamma +INSERT INTO collaborator (user_id, project_id, role) VALUES + ('aaaaaaaa-0001-0001-0001-aaaaaaaaaaaa', 'bbbbbbbb-0001-0001-0001-bbbbbbbbbbbb', 'Owner'), + ('aaaaaaaa-0001-0001-0001-aaaaaaaaaaaa', 'bbbbbbbb-0002-0002-0002-bbbbbbbbbbbb', 'Developer'); diff --git a/infrabox/test/api/docker-compose.override.yml b/infrabox/test/api/docker-compose.override.yml new file mode 100644 index 00000000..06589520 --- /dev/null +++ b/infrabox/test/api/docker-compose.override.yml @@ -0,0 +1,16 @@ +version: "3.2" + +services: + postgres: + environment: + - POSTGRES_USER=postgres + - POSTGRES_PASSWORD=postgres + - POSTGRES_DB=postgres + - POSTGRES_HOST_AUTH_METHOD=trust + + test: + build: + args: + INFRABOX_BUILD_NUMBER: "3091" + volumes: + - ../../../:/infrabox/context