Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add AppConfig #167

Merged
merged 2 commits into from
Mar 28, 2024
Merged

add AppConfig #167

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
7f4d810
pull config from AppConfig if APP_ID is not empty
briskt Mar 27, 2024
b366ae2
set execute bit on run.sh
briskt Mar 27, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 4 additions & 1 deletion Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,4 +19,7 @@ COPY application/ /data/
RUN chown -R www-data:www-data \
console/runtime/

CMD ["/data/yii", "batch/full"]
ADD https://github.com/silinternational/config-shim/releases/latest/download/config-shim.gz config-shim.gz
RUN gzip -d config-shim.gz && chmod 755 config-shim && mv config-shim /usr/local/bin

CMD ["/data/run.sh"]
22 changes: 20 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,26 @@
# IdP ID Sync
Tool to synchronize user records between the ID Broker and an ID Store

## Configuration files
Copy ```local.env.dist``` to ```local.env``` and supply any necessary values.
## Configuration
By default, configuration is read from environment variables documented in the `local.env.dist`
file. Copy this file to `local.env` and supply any necessary values.

Optionally, you can define configuration in AWS AppConfig. To do this, set the following
environment variables to point to the configuration in AWS:

* `AWS_REGION` - the AWS region in use
* `APP_ID` - the application ID or name
* `CONFIG_ID` - the configuration profile ID or name
* `ENV_ID` - the environment ID or name

In addition, the AWS API requires authentication. It is best to use an access role
such as an [ECS Task Role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html).
If that is not an option, you can specify an access token using the `AWS_ACCESS_KEY_ID` and
`AWS_SECRET_ACCESS_KEY` variables.

The content of the configuration profile takes the form of a typical .env file, using
`#` for comments and `=` for variable assignment. Any variables read from AppConfig
will overwrite variables set in the execution environment.

## Testing

Expand Down
7 changes: 7 additions & 0 deletions application/run.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
#!/usr/bin/env bash

if [[ -z "${APP_ID}" ]]; then
/data/yii batch/full
else
config-shim --app $APP_ID --config $CONFIG_ID --env $ENV_ID /data/yii batch/full
fi
15 changes: 15 additions & 0 deletions local.env.dist
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,21 @@ ID_STORE_ADAPTER=

### Optional ENV vars ###

# === AWS AppConfig (optional) ===

# The AWS region in use
#AWS_REGION=

# The AppConfig Application ID (or name)
#APP_ID=

# The AppConfig Configuration Profile ID (or name)
#CONFIG_ID=

# The AppConfig Environment ID (or name)
#ENV_ID=


# Where to email error logs.
#ALERTS_EMAIL=

Expand Down