Skip to content
This repository has been archived by the owner on Dec 24, 2023. It is now read-only.

Commit

Permalink
Bump lua-resty-oidc to 1.7.6-3 and kong-plugin-oidc to 1.3.1-1
Browse files Browse the repository at this point in the history
  • Loading branch information
Cristian Chiru committed Mar 26, 2023
1 parent f18a769 commit 4f6e449
Show file tree
Hide file tree
Showing 5 changed files with 22 additions and 13 deletions.
9 changes: 5 additions & 4 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ LABEL authors="Cristian Chiru <cristian.chiru@revomatico.com>"

ENV PACKAGES="openssl-devel kernel-headers gcc git openssh" \
LUA_BASE_DIR="/usr/local/share/lua/5.1" \
KONG_PLUGIN_OIDC_VER="1.3.0-3" \
KONG_PLUGIN_OIDC_VER="1.3.1-1" \
KONG_PLUGIN_COOKIES_TO_HEADERS_VER="1.2.0-1" \
LUA_RESTY_OIDC_VER="1.7.5-1" \
LUA_RESTY_OIDC_VER="1.7.6-3" \
NGX_DISTRIBUTED_SHM_VER="1.0.7"

RUN set -ex \
Expand Down Expand Up @@ -37,8 +37,9 @@ RUN set -ex \
# Patch nginx_kong.lua for kong-oidc session_secret
&& TPL=${LUA_BASE_DIR}/kong/templates/nginx_kong.lua \
# May cause side effects when using another nginx under this kong, unless set to the same value
&& sed -i "/server_name kong;/a\ \n\
set_decode_base64 \$session_secret '\${{X_SESSION_SECRET}}';\n" "$TPL" \
&& sed -i '/server_name kong;/a\ \n\
set_decode_base64 \$session_secret "\${{X_SESSION_SECRET}}";\n\
' "$TPL" \
# Patch nginx_kong.lua to set dictionaries
&& sed -i -E '/^lua_shared_dict kong\s+.+$/i\ \n\
variables_hash_max_size 2048;\n\
Expand Down
4 changes: 3 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@
- See: <https://github.com/nokia/kong-oidc/issues/1>
- To enable the plugins, set the env variable for the container with comma separated plugin values:
- `KONG_PLUGINS=bundled,oidc`
- A common default session_secret must be defined by setting env `KONG_X_SESSION_SECRET` to a base64 encoded string
- A common default session_secret must be defined by setting env `KONG_X_SESSION_SECRET` to a base64 encoded string to avoid Kong 500 server error: set_decode_base64: invalid value
- `KONG_X_SESSION_NAME=oidc_session`

## Releases
Expand Down Expand Up @@ -110,6 +110,8 @@
- Kong v2.0.2: [Dockerfile](https://github.com/revomatico/docker-kong-oidc/blob/2.0.2-1/Dockerfile)

## Release notes
- 2023-03-26 [3.2.2-3]
- Bump lua-resty-oidc to 1.7.6-3 and kong-plugin-oidc to 1.3.1-1. Based on https://github.com/zmartzone/lua-resty-openidc/issues/463, will fix https://github.com/revomatico/docker-kong-oidc/issues/37
- 2023-03-24 [3.2.2-2]
- Qote X_SESSION_SECRET in an attempt to prevent 500 internal error when it is not set
- 2023-03-21 [3.2.2-1]
Expand Down
2 changes: 1 addition & 1 deletion common.sh
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

# Common script used by all others to define variables and stay DRY
DOCKER_CONTAINER='docker-kong-oidc'
DOCKER_IMAGE="local/$DOCKER_CONTAINER:3.2.2-2"
DOCKER_IMAGE="local/$DOCKER_CONTAINER:3.2.2-3"
KONG_LOCAL_HTTP_PORT=${KONG_LOCAL_HTTP_PORT:-18000}
KONG_LOCAL_HTTPS_PORT=${KONG_LOCAL_HTTPS_PORT:-14443}
KONG_LOCAL_ADMIN_PORT=${KONG_LOCAL_ADMIN_PORT:-18001}
3 changes: 2 additions & 1 deletion run.sh
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ set -x
docker run -d -it \
--name $DOCKER_CONTAINER \
--hostname $DOCKER_CONTAINER \
-e KONG_LOG_LEVEL=info \
-e KONG_LOG_LEVEL=${KONG_LOG_LEVEL:-info} \
-e KONG_ADMIN_ACCESS_LOG=/dev/stdout \
-e KONG_ADMIN_ERROR_LOG=/dev/stderr \
-e KONG_ADMIN_GUI_ACCESS_LOG=/dev/stdout \
Expand All @@ -27,6 +27,7 @@ docker run -d -it \
-e KONG_PROXY_LISTEN='0.0.0.0:8000, 0.0.0.0:8443 http2 ssl' \
-e KONG_STATUS_LISTEN='0.0.0.0:8100' \
-e KONG_NGINX_DAEMON='off' \
-e KONG_X_SESSION_SECRET='eW91Z290bWVoYWNrZXIh' \
-e KONG_X_SESSION_MEMCACHE_PORT="'1234'" \
-e KONG_X_SESSION_COMPRESSOR=zlib \
-v $PWD/test:/kong_dbless \
Expand Down
17 changes: 11 additions & 6 deletions test.sh
Original file line number Diff line number Diff line change
Expand Up @@ -23,15 +23,20 @@ else
fi
{ set +x; } 2>/dev/null

RESP=$(set -x; curl -sS localhost:$KONG_LOCAL_HTTP_PORT/request.php)
RESP=$(set -x; curl -sSv localhost:$KONG_LOCAL_HTTP_PORT/request.php 2>&1)
RET=$?

## Cleanup
if [[ $RET -eq 0 ]]; then
HTTP_RESP=$(grep -oP '(?<=HTTP\/1.1 )[0-9]+' <<< \"$RESP\")
if [[ "$HTTP_RESP" != "200" ]]; then
docker logs $DOCKER_CONTAINER
echo "-----------------------------------------------------------------------------------------"
echo "$RESP"
echo "-----------------------------------------------------------------------------------------"
echo "!!!!!FAILED with ret code $RET / http code $HTTP_RESP!!!!!"
exit $RET
else
echo "$RESP" | grep -oP '(?<=<li>)[^<]+'
echo ""
echo "Success!!!"
else
echo "!!!!!FAILED with code $RET!!!!!"
docker logs $DOCKER_CONTAINER
exit $RET
fi

0 comments on commit 4f6e449

Please sign in to comment.