Skip to content

Commit

Permalink
Merge branch 'master' into merge-master-develop
Browse files Browse the repository at this point in the history
  • Loading branch information
restjohn committed Mar 5, 2024
2 parents 017ae1e + 09c0b79 commit d842f8b
Show file tree
Hide file tree
Showing 139 changed files with 31,348 additions and 35,243 deletions.
61 changes: 0 additions & 61 deletions .eslintrc.js

This file was deleted.

4 changes: 4 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -15,3 +15,7 @@ pnpm-debug.log
scratch/
*.scratch/
*.scratch.*
/docker/auth-idp/ldap/config/*
/docker/auth-idp/ldap/db/*
# this line must be last
!.gitkeep
23 changes: 22 additions & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -30,9 +30,30 @@ MAGE adheres to [Semantic Versioning](http://semver.org/).

## [6.2.10](https://github.com/ngageoint/mage-server/releases/tag/6.2.10) (unreleased)

#### Database Migrations
* [SAML settings](./service/src/migrations/030-saml-settings.js)
This migration modifies documents in the `authenticationconfigurations` collection
by moving all entries from `settings.options` into `settings` and removing
the `options` entry. See the related bug fix below.

#### Features
* Admins can now configure different placename search services in settings.
* Layer file download - The _Layer_ admin web page now includes a button to
download layer files when applicable. This currently works only for
GeoPackage layers.

- Easily download file-based layers, i.e. GeoPackages, with a new button on the _Layers_ admin page.
#### Bug Fixes
* The web app and service incorrectly used a `settings.options` sub-document on
SAML configurations to read and write some entries that should be in the
`settings` entry.
* Admin user search could crash the server when sending certain characters.
* Feed item timestamps appeared as epoch milliseconds rather than formatted dates.
* Many third-party dependencies were quite outdated or superfluous.
* Fortify static code analysis had findings that were addressed.
* GeoPackage and CSV exports had several null reference bugs.
* Some TypeScript DTS files for plain JS files were incorrect or incomplete.
* The ready event for app startup was emitting before the HTTP server was actually listening.
* The service configuration did not allow a port value of `0`, which prompts the HTTP server to pick a random open port. This helps with testing.

## [6.2.9](https://github.com/ngageoint/mage-server/releases/tag/6.2.9)

Expand Down
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -283,7 +283,7 @@ npm run build
After building the core packages, install them as dependencies in the `instance` package.
```bash
cd instance
npm i --omit=dev ../service ../web-app ../plugins/nga-msi
npm i --omit dev ../service ../web-app ../plugins/nga-msi
```
The project's root [`package.json`](./package.json) provides some convenience script entries to install, build, and run
the MAGE server components, however, those are deprecated and will likely go away after migrating to NPM 7+'s
Expand Down
33 changes: 13 additions & 20 deletions docker/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,29 +4,22 @@

The MAGE Server image contains the the core MAGE server Node app that consists
of the ReST web service and the MAGE web app. By default, the image also
includes plugins maintained in the [MAGE server repository](../plugins/). To
build the image, you will need the NPM package tarballs for the MAGE server
packages - `@ngageoint/mage.service`, `@ngageoint/mage.web-app`, and any
available plugin packages. You can obtain the tarballs by building the
packages locally and using the `npm pack` command in each package directory,
download the tarballs from a GitHub [actions workflow run](https://github.com/ngageoint/mage-server/actions),
or from a GitHub [release](https://github.com/ngageoint/mage-server/releases).
The server [Dockerfile](server/Dockerfile) expects the tarballs to be
siblings of the Dockerfile, so move them into the `server` directory. Then,
starting the top level of the MAGE server repository:
includes plugins maintained in the [MAGE server repository](../plugins/). By
default, the server [Dockerfile](./server/Dockerfile) pulls the latest tagged
versions from the NPM registry. You can override the version using Docker's
`--build-arg` CLI switch to set the package versions you want in the image.
If you are building on Apple Silicon hardware, use `--platform linux/amd64` so
the built image platform matches the base image platform. Here's an example of
building the image with an explicit service version.
```bash
$ cd ./docker/server
$ docker build -t mage-server:<version>
$ docker build --platform linux/amd64 --build-arg service_version=6.2.10 -t mage-server:<version> .
```
If you are building from a release and have [GitHub CLI](https://cli.github.com/)
installed, you can also use the [`build_release.sh`](server/build_release.sh)
utility script.
```bash
$ cd ./docker/server
$ ./build_release.sh 6.2.0
```
The script assumes that you have an [authenticated](https://cli.github.com/manual/gh_auth_login)
GitHub CLI session.

The Iron Bank [Dockerfile](./server/Dockerfile.ironbank) uses a different,
hardened [base image](https://ironbank.dso.mil/repomap/details;registry1Path=opensource%252Fnodejs%252Fdebian%252Fnodejs)
from US DoD's [Iron Bank](https://ironbank.dso.mil/about) repository. The
Dockerfile builds exactly the same as the standard Dockerfile.

## Docker Compose

Expand Down
54 changes: 54 additions & 0 deletions docker/auth-idp/docker-compose.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
services:

mage-idp-saml:
container_name: mage-idp-saml
image: kristophjunge/test-saml-idp
environment:
- "SIMPLESAMLPHP_SP_ENTITY_ID=http://localhost:4242"
- "SIMPLESAMLPHP_SP_ASSERTION_CONSUMER_SERVICE=http://localhost:4242/auth/saml/callback"
- "SIMPLESAMLPHP_SP_SINGLE_LOGOUT_SERVICE=http://localhost:8080/simplesaml/module.php/saml/sp/saml2-logout.php/test-sp"
ports:
- 8080:8080
- 8443:8443
volumes:
- type: bind
source: ./saml/authsources.php
target: /var/www/simplesamlphp/config/authsources.php

mage-idp-ldap:
container_name: mage-idp-ldap
image: osixia/openldap:1.5.0
environment:
- "LDAP_ORGANISATION=World's Greatest Detectives Inc."
- "LDAP_DOMAIN=wgd.com"
- "LDAP_ADMIN_PASSWORD=i found something"
ports:
- 389:389
- 636:636
volumes:
- type: bind
source: ./ldap/db
target: /var/lib/ldap
- type: bind
source: ./ldap/config
target: /etc/ldap/slapd.d
networks:
- ldap.mage.net

mage-idp-ldap-ui:
container_name: mage-idp-ldap-ui
image: osixia/phpldapadmin:latest
depends_on:
- mage-idp-ldap
environment:
- PHPLDAPADMIN_LDAP_HOSTS=mage-idp-ldap
ports:
- 6480:80
- 6443:443
networks:
- ldap.mage.net

networks:
ldap.mage.net:
driver: bridge

Empty file.
Empty file.
23 changes: 23 additions & 0 deletions docker/auth-idp/saml/authsources.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
<?php

$config = array(

'admin' => array(
'core:AdminPassword',
),

'example-userpass' => array(
'exampleauth:UserPass',
'saml.user1:user1pass' => array(
'uid' => array('1'),
'eduPersonAffiliation' => array('group1'),
'email' => '[email protected]',
),
'saml.user2:user2pass' => array(
'uid' => array('2'),
'eduPersonAffiliation' => array('group2'),
'email' => '[email protected]',
),
),

);
1 change: 1 addition & 0 deletions docker/docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ services:
# dockerfile: Dockerfile-debug
args:
MAGE_VERSION: "${MAGE_VERSION:-6.2.0}"
platform: linux/amd64
volumes:
- ./server/resources:/var/lib/mage
# Comment the ports block to disallow connections directly to the node
Expand Down
8 changes: 2 additions & 6 deletions docker/server/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -7,13 +7,9 @@ ARG msi_version=latest

LABEL author="NGA"

WORKDIR /root/building
USER root

RUN apt-get update && apt-get -y install \
curl \
git \
sudo \
unzip
RUN apt-get update

RUN groupadd -r mage \
&& useradd -m -r -s /bin/bash -g mage mage \
Expand Down
32 changes: 32 additions & 0 deletions docker/server/Dockerfile.ironbank
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
FROM registry1.dso.mil/ironbank/opensource/nodejs/debian/nodejs:18.19.1

ARG service_version=latest
ARG web_version=${service_version}
ARG image_version=latest
ARG msi_version=latest

LABEL author="NGA"

USER root

RUN apt-get update

RUN groupadd -r mage \
&& useradd -m -r -s /bin/bash -g mage mage \
&& mkdir -p /var/lib/mage \
&& chown mage:mage /var/lib/mage

USER mage
ENV MAGE_HOME /home/mage/instance
WORKDIR ${MAGE_HOME}
RUN ls -l \
&& npm i --omit dev @ngageoint/mage.service@${service_version} \
&& npm i --omit dev @ngageoint/mage.web-app@${web_version} \
&& npm i --omit dev @ngageoint/mage.image.service@${image_version} \
&& npm i --omit dev @ngageoint/mage.nga-msi@${msi_version} \
&& ln -s ./node_modules/.bin/mage.service

VOLUME /var/lib/mage
EXPOSE 4242

ENTRYPOINT [ "./mage.service", "--plugin", "@ngageoint/mage.image.service", "--plugin", "@ngageoint/mage.nga-msi" ]
27 changes: 0 additions & 27 deletions docker/server/build_release.sh

This file was deleted.

Loading

0 comments on commit d842f8b

Please sign in to comment.